* need help with libiptc
@ 2007-02-21 20:00 Hal Moroff
0 siblings, 0 replies; 2+ messages in thread
From: Hal Moroff @ 2007-02-21 20:00 UTC (permalink / raw)
To: netfilter
I'm writing an application that needs to dynamically add & remove iptables
rules at runtime. I'm trying to use libiptc and finding it quite hard
to fathom. I
can create/destroy chains, but there's no real documentation on
iptc_insert_entry.
I find it hard to believe that this isn't more commonly done. Aren't there any
other apps out there that do this?
About the only doc I can find on libiptc is Leonardo Balliache's "Querying
libiptc HOWTO". It's good, but far from complete. In particular he says
little/nothing on how to construct the ipt_entry struct that you must pass to
iptc_insert_entry. He extracts the structure definition from the
header file, but
there's much more to it than that.
Looking at the iptables.c source I can see that in order to insert an entry
the ipt_entry struct must contain a list of current targets, but I can't find
how to create that list.
Can anybody offer any help at all on dynamically adding rules to iptables
by calls into libiptc? If there's a better / simpler way to do this I'm open to
that as well.
^ permalink raw reply [flat|nested] 2+ messages in thread
* Need help with libiptc
@ 2010-06-23 15:39 Pete Kay
0 siblings, 0 replies; 2+ messages in thread
From: Pete Kay @ 2010-06-23 15:39 UTC (permalink / raw)
To: netfilter
Hi,
I am trying to compile a very simple libiptc test program, but I am getting:
[root@test netfilter]# gcc -Wall -Wunused -I/usr/include
-DNETFILTER_VERSION=\"1.4.7\" -rdynamic -lip4tc -o test_iptc
test_iptc.c
test_iptc.c: In function ‘main’:
test_iptc.c:21: error: storage size of ‘h’ isn’t known
test_iptc.c:21: warning: unused variable ‘h’
It is the sample program I adopted from the how-to documentation.
Could someone please give me some help?
Thank you in advance for your kind help.
My test program is :
#include <getopt.h>
#include <sys/errno.h>
#include <stdio.h>
#include <fcntl.h>
#include <stdlib.h>
#include <string.h>
#include <dlfcn.h>
#include <time.h>
#include "libiptc/libiptc.h"
#include "iptables.h"
int main(void)
{
struct iptc_handle_t h ;
const char *chain = NULL;
const char *tablename = "filter";
// char * program_name = "p1";
// char * program_version = NETFILTER_VERSION;
h = iptc_init(tablename);
if ( !h ) {
printf("Error initializing: %s\n", iptc_strerror(errno));
exit(errno);
}
for (chain = iptc_first_chain(&h); chain; chain = iptc_next_chain(&h)) {
printf("%s\n", chain);
}
exit(0);
} /* main */
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2010-06-23 15:39 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2007-02-21 20:00 need help with libiptc Hal Moroff
-- strict thread matches above, loose matches on Subject: below --
2010-06-23 15:39 Need " Pete Kay
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.