51 lines
1.5 KiB
Rust
51 lines
1.5 KiB
Rust
|
use ipnet::Ipv4Net;
|
||
|
use nftnl::{nft_set, set::Set, Batch, FinalizedBatch, ProtoFamily, Table};
|
||
|
use std::{ffi::CString, io::*, net::Ipv4Addr};
|
||
|
|
||
|
fn main() -> std::result::Result<(), Error> {
|
||
|
let mut batch = Batch::new();
|
||
|
let table = Table::new(&CString::new("aa").unwrap(), ProtoFamily::Inet);
|
||
|
let mut set: Set<Ipv4Addr> = nft_set!(
|
||
|
&CString::new("blacklist").unwrap(),
|
||
|
1,
|
||
|
&table,
|
||
|
ProtoFamily::Inet
|
||
|
);
|
||
|
let toadd = "9.9.9.8".parse::<Ipv4Addr>().unwrap();
|
||
|
set.add(&toadd);
|
||
|
println!("2");
|
||
|
batch.add(&set, nftnl::MsgType::Add);
|
||
|
let finalized_batch = batch.finalize();
|
||
|
send_and_process(&finalized_batch)?;
|
||
|
Ok(())
|
||
|
}
|
||
|
|
||
|
fn send_and_process(batch: &FinalizedBatch) -> std::result::Result<(), Error> {
|
||
|
let socket = mnl::Socket::new(mnl::Bus::Netfilter)?;
|
||
|
socket.send_all(batch)?;
|
||
|
let portid = socket.portid();
|
||
|
let mut buffer = vec![0; nftnl::nft_nlmsg_maxsize() as usize];
|
||
|
let very_unclear_what_this_is_for = 2;
|
||
|
while let Some(message) = socket_recv(&socket, &mut buffer[..])? {
|
||
|
match mnl::cb_run(message, very_unclear_what_this_is_for, portid)? {
|
||
|
mnl::CbResult::Stop => {
|
||
|
break;
|
||
|
}
|
||
|
mnl::CbResult::Ok => (),
|
||
|
}
|
||
|
}
|
||
|
Ok(())
|
||
|
}
|
||
|
|
||
|
fn socket_recv<'a>(
|
||
|
socket: &mnl::Socket,
|
||
|
buf: &'a mut [u8],
|
||
|
) -> std::result::Result<Option<&'a [u8]>, Error> {
|
||
|
let ret = socket.recv(buf)?;
|
||
|
if ret > 0 {
|
||
|
Ok(Some(&buf[..ret]))
|
||
|
} else {
|
||
|
Ok(None)
|
||
|
}
|
||
|
}
|