Hello,
Here is the support for match extension into iptables-test.
So you will be able to do something like:
./iptables-test -N test
./iptables-test -t filter -A test -m addrtype --dst-type UNICAST -j DROP
However, it only supprt appending/inserting such match rule. I will not
implementing atomic deletion on that one for 1 reason:
- current need of match support is only for session, and since each session
owns its own chain, it's easier to just flush the chain totally
if not convicing enough I have other reasons ;)
I will prepare the same patchset for connman's core iptables API.
Please review,
Tomasz Bursztyka (14):
tools: code preparation about option handling in iptables-test
tools: moving target options merge in prepare_target in iptables_test
tools: refactored matches preparation into iptables_test
tools: adding matches rule list loading support into iptables_test
tools: target and matches preparation function moves in iptables_test
tools: adding x6_options target handling in iptables_test
tools: adding x6_options target handling in iptables_test
tools: adding extensions options parsing for target into
iptables_test
tools: finalizing target extensions setup into iptables_test
tools: adding extensions options parsing for matches
tools: finalizing matches extensions setup into iptables_test
tools: added support for rule matches list in iptables_test
tools: inhibiting getopt unknown option display on iptables_test
tools: invert statement is unique per option in iptables_test
tools/iptables-test.c | 262 +++++++++++++++++++++++++++++++++----------------
1 files changed, 175 insertions(+), 87 deletions(-)
--
1.7.7
_______________________________________________
connman mailing list
[email protected]
http://lists.connman.net/listinfo/connman
