Collaboration diagram for Run nftables commands:
|
Functions | |
| int | nft_run_command_from_buffer (struct nft_ctx *nft, char *buf, size_t buflen) |
| int | nft_run_command_from_filename (struct nft_ctx *nft, const char *filename) |
Detailed Description
Once a nftables context has been initialized with nft_context_new() it is possible to run nftables commands via the following functions:
- nft_run_command_from_buffer(): run command from a buffer
- nft_run_command_from_filename(): run commands contained in a filename
It is also possible to run multiple commands via Batch support
Function Documentation
◆ nft_run_command_from_buffer()
| int nft_run_command_from_buffer | ( | struct nft_ctx * | nft, |
| char * | buf, | ||
| size_t | buflen | ||
| ) |
Run nftables command contained in provided buffer
This function accept nft command with the same syntax as nft in interactive mode. For instance, this is a valid command if your ruleset has a filter output chain:
char ADD[] = "add rule filter output counter drop";
- Parameters
-
nft a pointer to a initialized struct nft_ctx buf buffer containing the command to execute buflen the length of the buffer
- Returns
- NFT_EXIT_SUCCESS if success NFT_EXIT_FAILURE if not
Definition at line 237 of file libnftables.c.
◆ nft_run_command_from_filename()
| int nft_run_command_from_filename | ( | struct nft_ctx * | nft, |
| const char * | filename | ||
| ) |
Run all nftables commands contained in a file
This function provides away to programmatically get an equivalent of the -f option of nft. For instance For instance, this is a valid content for a file if your ruleset has a filter output chain:
table filter {
chain output {
counter drop
}
}
- Parameters
-
nft a pointer to a initialized struct nft_ctx filename path to the file containing nft rules
- Returns
- NFT_EXIT_SUCCESS if success NFT_EXIT_FAILURE if not
Definition at line 276 of file libnftables.c.
