Struct seccompiler::SeccompRule [−][src]
pub struct SeccompRule { /* fields omitted */ }
Expand description
Rule that a filter attempts to match for a syscall.
If all conditions match then rule gets matched.
A syscall can have many rules associated. If either of them matches, the match_action
of the
SeccompFilter
is triggered.
Implementations
Creates a new rule. Rules with 0 conditions are not allowed.
Arguments
conditions
- Vector ofSeccompCondition
s that the syscall must match.
Example
use seccompiler::{SeccompCondition, SeccompCmpArgLen, SeccompCmpOp, SeccompRule};
let rule = SeccompRule::new(vec![
SeccompCondition::new(0, SeccompCmpArgLen::Dword, SeccompCmpOp::Eq, 1).unwrap(),
SeccompCondition::new(1, SeccompCmpArgLen::Dword, SeccompCmpOp::Eq, 1).unwrap(),
]).unwrap();
Trait Implementations
Performs the conversion.
This method tests for self
and other
values to be equal, and is used
by ==
. Read more
This method tests for !=
.
Auto Trait Implementations
impl RefUnwindSafe for SeccompRule
impl Send for SeccompRule
impl Sync for SeccompRule
impl Unpin for SeccompRule
impl UnwindSafe for SeccompRule
Blanket Implementations
Mutably borrows from an owned value. Read more