diff options
| author | Samuel Ortiz <sameo@linux.intel.com> | 2010-10-30 00:21:24 +0200 |
|---|---|---|
| committer | Samuel Ortiz <sameo@linux.intel.com> | 2010-10-30 00:22:22 +0200 |
| commit | 82998a7dcabc6434ab38914904ce78f31ceadc6a (patch) | |
| tree | 89a568d647e3c37f53687249a08c89c842d1f651 /tools | |
| parent | e6e46384e7459fbcfc84a89930c3ca66fe0a1c5f (diff) | |
| download | connman-82998a7dcabc6434ab38914904ce78f31ceadc6a.tar.gz connman-82998a7dcabc6434ab38914904ce78f31ceadc6a.tar.bz2 connman-82998a7dcabc6434ab38914904ce78f31ceadc6a.zip | |
iptables-test: Support for chain deletion
Diffstat (limited to 'tools')
| -rw-r--r-- | tools/iptables-test.c | 59 |
1 files changed, 56 insertions, 3 deletions
diff --git a/tools/iptables-test.c b/tools/iptables-test.c index a979cba9..60313aff 100644 --- a/tools/iptables-test.c +++ b/tools/iptables-test.c @@ -345,6 +345,39 @@ static int connman_add_entry(struct connman_iptables *table, return 0; } +static int connman_iptables_delete_chain(struct connman_iptables *table, + char *name) +{ + GList *chain_head, *chain_tail, *list, *next; + struct connman_iptables_entry *entry; + + chain_head = find_chain_head(table, name); + if (chain_head == NULL) + return -EINVAL; + + chain_tail = find_chain_tail(table, name); + if (chain_head == NULL) + return -EINVAL; + + list = chain_head; + + while (list != chain_tail) { + entry = list->data; + next = g_list_next(list); + + table->num_entries--; + table->size -= entry->entry->next_offset; + + table->entries = g_list_remove(table->entries, list->data); + + list = next; + } + + update_offsets(table); + + return 0; +} + static int connman_iptables_add_chain(struct connman_iptables *table, char *name) { @@ -819,6 +852,7 @@ static struct option connman_iptables_opts[] = { {.name = "append", .has_arg = 1, .val = 'A'}, {.name = "list", .has_arg = 2, .val = 'L'}, {.name = "new-chain", .has_arg = 1, .val = 'N'}, + {.name = "delete-chain", .has_arg = 1, .val = 'X'}, {.name = "in-interface", .has_arg = 1, .val = 'i'}, {.name = "jump", .has_arg = 1, .val = 'j'}, {.name = "match", .has_arg = 1, .val = 'm'}, @@ -839,34 +873,42 @@ int main(int argc, char *argv[]) struct xtables_match *xt_m; struct xtables_target *xt_t; char *table_name, *chain, *new_chain, *match_name, *target_name; + char *delete_chain; int c; size_t size; - gboolean dump, invert; + gboolean dump, invert, delete; xtables_init_all(&connman_iptables_globals, NFPROTO_IPV4); dump = FALSE; invert = FALSE; + delete = FALSE; table_name = chain = new_chain = match_name = target_name = NULL; + delete_chain = NULL; table = NULL; xt_m = NULL; xt_t = NULL; while ((c = getopt_long(argc, argv, - "-A:L::N:j:i:m:o:t:", connman_iptables_globals.opts, NULL)) != -1) { + "-A:L::N:X:j:i:m:o:t:", connman_iptables_globals.opts, NULL)) != -1) { switch (c) { case 'A': chain = optarg; break; case 'L': - dump = TRUE; + dump = true; break; case 'N': new_chain = optarg; break; + case 'X': + delete = true; + delete_chain = optarg; + break; + case 'j': target_name = optarg; xt_t = xtables_find_target(target_name, XTF_TRY_LOAD); @@ -963,6 +1005,17 @@ int main(int argc, char *argv[]) if (table == NULL) return -1; + if (delete) { + if (delete_chain == NULL) + goto out; + + printf("Delete chain %s\n", delete_chain); + + connman_iptables_delete_chain(table, delete_chain); + + goto commit; + } + if (dump) { connman_iptables_dump(table); |