add ability to filter rule by output interface

author: HimbeerserverDE <himbeerserverde@gmail.com> 2023-03-21 19:46:26 +0100
committer: HimbeerserverDE <himbeerserverde@gmail.com> 2023-03-21 19:46:26 +0100
commit: e6b6175b27180c87335a6ded5a8b4603c7a168b2 (patch)
tree: e0af8eb9122aea9c55929adaec13d5575a5f446d
parent: 715d9f9662cbe4c16a1d394dd1b605ee32498c47 (diff)
2 files changed, 21 insertions, 2 deletions
diff --git a/src/rule_methods.rs b/src/rule_methods.rs
index dff9bf6..4ee3a16 100644
--- a/src/rule_methods.rs
+++ b/src/rule_methods.rs
@@ -172,6 +172,26 @@ impl Rule {
         self.add_expr(Cmp::new(CmpOp::Eq, iface_vec));
         Ok(self)
     }
+    /// Matches packets leaving through `oface_index`. Interface indexes can be queried with
+    /// `iface_index()`.
+    pub fn oface_id(mut self, oface_index: libc::c_uint) -> Self {
+        self.add_expr(Meta::new(MetaType::Oif));
+        self.add_expr(Cmp::new(CmpOp::Eq, oface_index.to_be_bytes()));
+        self
+    }
+    /// Matches packets leaving through `oface_name`, an interface name, as in "wlan0" or "lo"
+    pub fn oface(mut self, oface_name: &str) -> Result<Self, BuilderError> {
+        if oface_name.len() >= libc::IFNAMSIZ {
+            return Err(BuilderError::InterfaceNameTooLong);
+        }
+        let mut oface_vec = oface_name.as_bytes().to_vec();
+        // null terminator
+        oface_vec.push(0u8);
+
+        self.add_expr(Meta::new(MetaType::OifName));
+        self.add_expr(Cmp::new(CmpOp::Eq, oface_vec));
+        Ok(self)
+    }
     /// Matches packets whose source IP address is `saddr`.
     pub fn saddr(self, ip: IpAddr) -> Self {
         self.match_ip(ip, true)
diff --git a/src/table.rs b/src/table.rs
index 1d19abe..9aa5c76 100644
--- a/src/table.rs
+++ b/src/table.rs
@@ -5,8 +5,7 @@ use rustables_macros::nfnetlink_struct;
 use crate::error::QueryError;
 use crate::nlmsg::NfNetlinkObject;
 use crate::sys::{
-    NFTA_TABLE_FLAGS, NFTA_TABLE_NAME, NFT_MSG_DELTABLE, NFT_MSG_GETTABLE,
-    NFT_MSG_NEWTABLE,
+    NFTA_TABLE_FLAGS, NFTA_TABLE_NAME, NFT_MSG_DELTABLE, NFT_MSG_GETTABLE, NFT_MSG_NEWTABLE,
 };
 use crate::{Batch, ProtocolFamily};
author	HimbeerserverDE <himbeerserverde@gmail.com>	2023-03-21 19:46:26 +0100
committer	HimbeerserverDE <himbeerserverde@gmail.com>	2023-03-21 19:46:26 +0100
commit	e6b6175b27180c87335a6ded5a8b4603c7a168b2 (patch)
tree	e0af8eb9122aea9c55929adaec13d5575a5f446d
parent	715d9f9662cbe4c16a1d394dd1b605ee32498c47 (diff)