From: Peter Gordon <peter@pg-consultants.com>
To: netfilter-devel@vger.kernel.org
Subject: Modifying ebtables to read the commands from a file
Date: Sun, 28 Mar 2010 13:07:57 +0300 [thread overview]
Message-ID: <1269770877.2563.9.camel@qed> (raw)
I need to add a number of rules to the ebtables and I cannot afford the
fork overhead for each line. So what I want to do is to read each line
from a file and have the program iterate over the file.
ebtables-save and ebtables-restore is not good enough for my
application, because I can't add rules incrementally. ebtables-restore
doesn't add add rules, but replaces all existing rules.
I have changed ebtables-standalone.c:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "include/ebtables_u.h"
static struct ebt_u_replace replace;
void ebt_early_init_once();
#define MAX_TOKENS 100
int main(int argc, char *argv[])
{
ebt_silent = 0;
ebt_early_init_once();
char *tok ;
char **myArgv ;
char *delim = " " ;
char *p ;
FILE *fp ;
char line[1000] ;
int myArgc = 0 ;
int i ;
myArgv = malloc(MAX_TOKENS * sizeof(char *)) ;
for (i=0 ; i<MAX_TOKENS ; i++) {
myArgv[i] = NULL ;
}
if (argc == 3 && strcmp(argv[1],"-f") == 0) {
myArgv[0] = "ebtables" ;
myArgc = 1 ;
fp = fopen(argv[2],"r") ;
if (fp == NULL) {
fprintf(stderr,"Can't open file %s\n",argv[2]) ;
exit(1);
}
while(fgets(line,sizeof(line),fp)) {
/* Ignore comments */
if (*line == '#' || *line == '\n') {
continue ;
}
*strchr(line, '\n') = '\0';
p = line ;
while(1) {
tok = strtok(p,delim) ;
if (tok == NULL) {
break ;
}
p = NULL ;
/* printf("Token %s\n",tok) ; */
if (myArgc >= MAX_TOKENS) {
fprintf(stderr,"Too many tokens on line %s\n",line) ;
exit(1) ;
}
/* printf("TOKEN: number: %d name: %s\n",myArgc,tok) ;*/
myArgv[myArgc++] = tok ;
}
memset(&replace,0,sizeof(replace)) ;
strcpy(replace.name, "filter");
do_command(myArgc, myArgv, EXEC_STYLE_PRG, &replace);
myArgc = 1 ;
}
return 0;
}
strcpy(replace.name, "filter");
do_command(argc, argv, EXEC_STYLE_PRG, &replace);
return 0;
}
I have also added some extra initialization to ebtables.c - the extra
code added is the three for loops:
opterr = 0;
ebt_modprobe = NULL;
for (m = ebt_matches; m; m = m->next) {
m->used = 0 ;
m->flags = 0 ;
}
for (t = ebt_targets; t; t = t->next) {
t->used = 0 ;
t->flags = 0 ;
}
for (w = ebt_watchers; w; w = w->next) {
w->used = 0 ;
w->flags = 0 ;
}
replace = replace_;
/* The daemon doesn't use the environment variable */
if (exec_style == EXEC_STYLE_PRG) {
I am still missing some initializations - I am getting leftover
information from previous rules.
The essential problem is to allow do_command to be called more than
once.
Can anyone tell me how to correctly initialize all the structures in the
do_command.
Thanks,
Peter
next reply other threads:[~2010-03-28 11:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-28 10:07 Peter Gordon [this message]
2010-03-28 13:00 ` Modifying ebtables to read the commands from a file Jan Engelhardt
2010-03-28 15:43 ` Bart De Schuymer
2010-03-31 7:23 ` Peter Gordon
2010-03-31 11:45 ` Bart De Schuymer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1269770877.2563.9.camel@qed \
--to=peter@pg-consultants.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.