use nftnl::{nft_set, set::Set, Batch, FinalizedBatch, ProtoFamily, Table}; use std::{ffi::CString, io::*, net::Ipv4Addr}; fn main() -> std::result::Result<(), Error> { let mut batch = Batch::new(); let table = Table::new(&CString::new("aa").unwrap(), ProtoFamily::Inet); let mut set: Set = nft_set!( &CString::new("blacklist").unwrap(), 1, &table, ProtoFamily::Inet ); let toadd = "9.9.9.8".parse::().unwrap(); set.add(&toadd); println!("2"); batch.add(&set, nftnl::MsgType::Add); let finalized_batch = batch.finalize(); send_and_process(&finalized_batch)?; Ok(()) } fn send_and_process(batch: &FinalizedBatch) -> std::result::Result<(), Error> { let socket = mnl::Socket::new(mnl::Bus::Netfilter)?; socket.send_all(batch)?; let portid = socket.portid(); let mut buffer = vec![0; nftnl::nft_nlmsg_maxsize() as usize]; let very_unclear_what_this_is_for = 2; while let Some(message) = socket_recv(&socket, &mut buffer[..])? { match mnl::cb_run(message, very_unclear_what_this_is_for, portid)? { mnl::CbResult::Stop => { break; } mnl::CbResult::Ok => (), } } Ok(()) } fn socket_recv<'a>( socket: &mnl::Socket, buf: &'a mut [u8], ) -> std::result::Result, Error> { let ret = socket.recv(buf)?; if ret > 0 { Ok(Some(&buf[..ret])) } else { Ok(None) } }