Smart Home firewall
Profile-based Smart Home firewall
rule_utils.h
Go to the documentation of this file.
1 
10 #ifndef _IOTFIREWALL_RULE_UTILS_
11 #define _IOTFIREWALL_RULE_UTILS_
12 
13 #include <stdlib.h>
14 #include <stdio.h>
15 #include <stdint.h>
16 #include <stdbool.h>
17 #include <string.h>
18 #include <sys/time.h>
19 #include <errno.h>
20 #include <nftables/libnftables.h>
21 
22 #define INET_MIN_ADDRSTRLEN 1
23 #define INET6_MIN_ADDRSTRLEN 2
24 
25 // Counter type
26 typedef enum {
27  PACKETS = 1,
28  BYTES = 2
29 } counter_type_t;
30 
31 // Packet count value
32 typedef struct {
33  bool is_initialized;
34  uint16_t value;
36 
37 // Initial value for duration counter
38 typedef struct {
39  bool is_initialized;
40  uint64_t microseconds;
42 
43 // Initial counters values
44 typedef struct {
45  packet_count_t packet_count;
46  duration_init_t duration;
47 } counters_t;
48 
49 // Periodic policy data
50 typedef struct {
51  bool is_initialized;
52  char *cmd;
53  int16_t handle;
55 
56 // Aliases for libnftables
57 typedef struct nft_ctx nft_ctx_t;
58 
59 
65 uint64_t counter_read_microseconds();
66 
73 
80 bool exec_nft_cmd(char *cmd);
81 
90 char *exec_nft_cmd_verbose(char *cmd);
91 
98 int16_t get_nft_handle(char *buf);
99 
108 bool delete_nft_rule_by_handle(char *nft_table, char *nft_chain, int16_t handle);
109 
118 bool delete_nft_rule(char *nft_table, char *nft_chain, char *nft_rule);
119 
127 int32_t counter_read_packets(char *table_name, char *counter_name);
128 
136 int32_t counter_read_bytes(char *table_name, char *counter_name);
137 
138 
139 #endif
duration_init_t counter_duration_init()
Initialize the values of a duration_t structure.
Definition: rule_utils.c:35
char * exec_nft_cmd_verbose(char *cmd)
Execute an nftables command and return its output.
Definition: rule_utils.c:77
uint64_t counter_read_microseconds()
Read the current microseconds value.
Definition: rule_utils.c:18
bool delete_nft_rule_by_handle(char *nft_table, char *nft_chain, int16_t handle)
Delete an nftables rule, by specifying its handle.
Definition: rule_utils.c:154
bool delete_nft_rule(char *nft_table, char *nft_chain, char *nft_rule)
Delete an nftables rule.
Definition: rule_utils.c:191
int32_t counter_read_bytes(char *table_name, char *counter_name)
Read the bytes value of an nftables counter.
Definition: rule_utils.c:306
int16_t get_nft_handle(char *buf)
Get an nftables handle from a command output.
Definition: rule_utils.c:124
bool exec_nft_cmd(char *cmd)
Execute an nftables command.
Definition: rule_utils.c:48
int32_t counter_read_packets(char *table_name, char *counter_name)
Read the packet count value of an nftables counter.
Definition: rule_utils.c:294
Definition: rule_utils.h:44
Definition: rule_utils.h:38
Definition: rule_utils.h:32
Definition: rule_utils.h:50