* How to programmatically implement a firewall rule
@ 2017-01-05 10:56 Khawar Shehzad
2017-01-05 11:03 ` Arturo Borrero Gonzalez
[not found] ` <1483635760.877444.838416369.2C081B0B@webmail.messagingengine.com>
0 siblings, 2 replies; 3+ messages in thread
From: Khawar Shehzad @ 2017-01-05 10:56 UTC (permalink / raw)
To: netfilter
HI,
I hope all are fine, and happy new year.
I want to implement a rule using libnftnl in C programming. This rule
specifies that a packet with a specific source address and a specific
destination address SHOULD be allowed. All other packet which does not
have that source and destination address MUST be dropped.
Just a little hint would suffice. I need to implement it. Any
direction would be much appreciated.
Thanks,
Khawar
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: How to programmatically implement a firewall rule
2017-01-05 10:56 How to programmatically implement a firewall rule Khawar Shehzad
@ 2017-01-05 11:03 ` Arturo Borrero Gonzalez
[not found] ` <1483635760.877444.838416369.2C081B0B@webmail.messagingengine.com>
1 sibling, 0 replies; 3+ messages in thread
From: Arturo Borrero Gonzalez @ 2017-01-05 11:03 UTC (permalink / raw)
To: Khawar Shehzad; +Cc: Netfilter Users Mailing list
On 5 January 2017 at 11:56, Khawar Shehzad <shehzad.khawar@gmail.com> wrote:
> HI,
> I hope all are fine, and happy new year.
>
>
> I want to implement a rule using libnftnl in C programming. This rule
> specifies that a packet with a specific source address and a specific
> destination address SHOULD be allowed. All other packet which does not
> have that source and destination address MUST be dropped.
>
>
> Just a little hint would suffice. I need to implement it. Any
> direction would be much appreciated.
Take a look at libnftnl examples. In nft-rule-add.c [0] a rule that
does 'tcp dport 22 counter' is added.
[0] http://git.netfilter.org/libnftnl/tree/examples/nft-rule-add.c
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: How to programmatically implement a firewall rule
[not found] ` <1483635760.877444.838416369.2C081B0B@webmail.messagingengine.com>
@ 2017-01-05 17:44 ` Khawar Shehzad
0 siblings, 0 replies; 3+ messages in thread
From: Khawar Shehzad @ 2017-01-05 17:44 UTC (permalink / raw)
To: Jehan Tremback; +Cc: netfilter
On Thu, Jan 5, 2017 at 5:02 PM, Jehan Tremback <jehan@altheamesh.com> wrote:
> altheamesh.com
Performance. In my case the rules get updated very often, and a lot of
rules get configured per second. So it all boils down to performance
for me.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2017-01-05 17:44 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-01-05 10:56 How to programmatically implement a firewall rule Khawar Shehzad
2017-01-05 11:03 ` Arturo Borrero Gonzalez
[not found] ` <1483635760.877444.838416369.2C081B0B@webmail.messagingengine.com>
2017-01-05 17:44 ` Khawar Shehzad
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.