use rustables::*; use rustables::{expr::*, Chain, Rule, Table}; use std::{io::*, net::*}; const TABLE_NAME: &str = "ipblc4"; const CHAIN_NAME: &str = "ipblc"; fn main() -> Result<()> { /*let name = "blabla"; let mut batch = Batch::new(); let table = Table::new(ProtocolFamily::Ipv4).with_name(name); batch.add(&table, MsgType::Add); let mut chain = Chain::new(&table).with_name(name); batch.add(&chain, MsgType::Add); let toadd1: Ipv4Addr = "9.9.9.8".parse().unwrap(); let toadd2: Ipv4Addr = "9.9.9.1".parse().unwrap(); let mut setbuilder: SetBuilder = SetBuilder::new("s1", &table).unwrap(); setbuilder.add(&toadd1); setbuilder.add(&toadd2); let (mut set, setelem) = setbuilder.finish(); batch.add(&setelem, MsgType::Add); //batch.add(&set, MsgType::Add); set.family = ProtocolFamily::Ipv4; set.id = Some(5); set.flags = Some(0); set.userdata = Some("test".into()); println!("{:?}", setelem);*/ let get_table = || -> Result> { let tables = list_tables().unwrap(); for table in tables { if let Some(name) = table.get_name() { println!("Found table {}", name); if name == TABLE_NAME { return Ok(Some(table)); } } } Ok(None) }; let get_chain = |table: &Table| -> Result> { let chains = list_chains_for_table(table).unwrap(); for chain in chains { if let Some(name) = chain.get_name() { println!("Found chain {}", name); if name == CHAIN_NAME { return Ok(Some(chain)); } } } Ok(None) }; let table = get_table().unwrap().expect("no table?"); let chain = get_chain(&table).unwrap().expect("no chain?"); let ip: IpAddr = "184.73.167.217".parse().unwrap(); let cmprule = Rule::new(&chain).unwrap().saddr(ip).drop(); println!("{:?}", cmprule); let mut gexpr = RawExpression::default(); for e in cmprule.get_expressions().unwrap().iter() { if let Some(ExpressionVariant::Cmp(_)) = e.get_data() { gexpr = e.clone(); } } let rules = list_rules_for_chain(&chain).unwrap(); for rule in rules { let handle = rule.get_handle().unwrap(); println!("handle {}", handle); let exprs = rule.get_expressions().unwrap(); for expr in exprs.iter() { if let Some(ExpressionVariant::Cmp(_)) = expr.get_data() { if expr.clone() == gexpr { println!("{:?}", expr.get_data()); println!("test"); break; } } //if expr.get_data() //if expr. } } //let mut set: Set = nft_set!( // &CString::new("blabla").unwrap(), // 32, // &table, // ProtoFamily::Ipv4 //ProtoFamily::Ipv4; // //[&toadd1,&toadd2,] //); ////println!("{:?}", set.0); //set.add(&toadd1); //set.add(&toadd2); //batch.add(&set, MsgType::Add); //let mut rule = Rule::new(&chain) // .unwrap() // .with_expr( // HighLevelPayload::Network(NetworkHeaderField::IPv4(IPv4HeaderField::Saddr)).build(), // ) // .with_expr(Lookup::new(&set).unwrap()) // .with_expr(Immediate::new_verdict(VerdictKind::Accept)); //println!("{:?}", rule); //batch.add(&rule, rustables::MsgType::Add); //match batch.send() { // Ok(o) => {} // Err(e) => { // println!("{e}"); // } //} //rule.add_expr(&nft_expr!(payload ipv4 saddr)); //#[rustfmt::skip] //rule.add_expr(&nft_expr!(lookup &set)); //rule.add_expr(&nft_expr!(ct state)); //rule.add_expr(&nft_expr!(verdict drop)); //batch.add(&rule, MsgType::Add); //let finalized_batch = batch.finalize(); //send_and_process(&finalized_batch)?; Ok(()) } #[allow(dead_code)] #[derive(Debug)] struct Error(String); impl From for Error { fn from(error: T) -> Self { Error(error.to_string()) } }