pub fn parse_ipt_entries<P: PhysicalMemoryProvider>(
reader: &ObjectReader<P>,
data_vaddr: u64,
data_len: u64,
table_name: &str,
) -> Result<Vec<NetfilterRuleInfo>>Expand description
Parse a flat region of ipt_entry structures from raw memory.
data_vaddr is the virtual address of the first entry; data_len is the
byte length of the region. Entries are walked via next_offset until it
is 0 or the end of the region is reached.
ipt_entry field offsets (kernel ABI, x86-64):
0x00: src_ip (u32)
0x04: dst_ip (u32)
0x10: protocol (u16)
0x58: target_offset (u16) — offset within entry to ipt_entry_target
0x5A: next_offset (u16) — stride to next entry; 0 = end of table
ipt_entry_target at entry_base + target_offset:
+0: name (29 bytes, null-terminated ASCII)