From: Peter Gordon <peter@pg-consultants.com>
To: netfilter-devel@vger.kernel.org
Subject: Modifying ebtables to read the commands from a file
Date: Sun, 28 Mar 2010 13:07:57 +0300 [thread overview]
Message-ID: <1269770877.2563.9.camel@qed> (raw)
I need to add a number of rules to the ebtables and I cannot afford the
fork overhead for each line. So what I want to do is to read each line
from a file and have the program iterate over the file.
ebtables-save and ebtables-restore is not good enough for my
application, because I can't add rules incrementally. ebtables-restore
doesn't add add rules, but replaces all existing rules.
I have changed ebtables-standalone.c:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include "include/ebtables_u.h"
static struct ebt_u_replace replace;
void ebt_early_init_once();
#define MAX_TOKENS 100
int main(int argc, char *argv[])
{
ebt_silent = 0;
ebt_early_init_once();
char *tok ;
char **myArgv ;
char *delim = " " ;
char *p ;
FILE *fp ;
char line[1000] ;
int myArgc = 0 ;
int i ;
myArgv = malloc(MAX_TOKENS * sizeof(char *)) ;
for (i=0 ; i<MAX_TOKENS ; i++) {
myArgv[i] = NULL ;
}
if (argc == 3 && strcmp(argv[1],"-f") == 0) {
myArgv[0] = "ebtables" ;
myArgc = 1 ;
fp = fopen(argv[2],"r") ;
if (fp == NULL) {
fprintf(stderr,"Can't open file %s\n",argv[2]) ;
exit(1);
}
while(fgets(line,sizeof(line),fp)) {
/* Ignore comments */
if (*line == '#' || *line == '\n') {
continue ;
}
*strchr(line, '\n') = '\0';
p = line ;
while(1) {
tok = strtok(p,delim) ;
if (tok == NULL) {
break ;
}
p = NULL ;
/* printf("Token %s\n",tok) ; */
if (myArgc >= MAX_TOKENS) {
fprintf(stderr,"Too many tokens on line %s\n",line) ;
exit(1) ;
}
/* printf("TOKEN: number: %d name: %s\n",myArgc,tok) ;*/
myArgv[myArgc++] = tok ;
}
memset(&replace,0,sizeof(replace)) ;
strcpy(replace.name, "filter");
do_command(myArgc, myArgv, EXEC_STYLE_PRG, &replace);
myArgc = 1 ;
}
return 0;
}
strcpy(replace.name, "filter");
do_command(argc, argv, EXEC_STYLE_PRG, &replace);
return 0;
}
I have also added some extra initialization to ebtables.c - the extra
code added is the three for loops:
opterr = 0;
ebt_modprobe = NULL;
for (m = ebt_matches; m; m = m->next) {
m->used = 0 ;
m->flags = 0 ;
}
for (t = ebt_targets; t; t = t->next) {
t->used = 0 ;
t->flags = 0 ;
}
for (w = ebt_watchers; w; w = w->next) {
w->used = 0 ;
w->flags = 0 ;
}
replace = replace_;
/* The daemon doesn't use the environment variable */
if (exec_style == EXEC_STYLE_PRG) {
I am still missing some initializations - I am getting leftover
information from previous rules.
The essential problem is to allow do_command to be called more than
once.
Can anyone tell me how to correctly initialize all the structures in the
do_command.
Thanks,
Peter
next reply other threads:[~2010-03-28 11:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-03-28 10:07 Peter Gordon [this message]
2010-03-28 13:00 ` Modifying ebtables to read the commands from a file Jan Engelhardt
2010-03-28 15:43 ` Bart De Schuymer
2010-03-31 7:23 ` Peter Gordon
2010-03-31 11:45 ` Bart De Schuymer
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1269770877.2563.9.camel@qed \
--to=peter@pg-consultants.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).