diff options
| author | lafleur <lafleur@boum.org> | 2021-11-09 20:36:51 +0100 |
|---|---|---|
| committer | lafleur <lafleur@boum.org> | 2021-11-09 20:39:38 +0100 |
| commit | 880ec583d3a5d1750806961298d88d028c1980d3 (patch) | |
| tree | 37c7e81485539cb00a79f9d55b64ee9ca369245e /src | |
| parent | 5264331441e625d26bedd6ce9b5995713e4b5c57 (diff) | |
fix iface(), docs
Diffstat (limited to 'src')
| -rw-r--r-- | src/chain_methods.rs | 6 | ||||
| -rw-r--r-- | src/rule_methods.rs | 24 |
2 files changed, 16 insertions, 14 deletions
diff --git a/src/chain_methods.rs b/src/chain_methods.rs index 8259d13..c41e085 100644 --- a/src/chain_methods.rs +++ b/src/chain_methods.rs @@ -3,12 +3,12 @@ use std::ffi::CString; use std::rc::Rc; -/// A helper trait over [`rustables::Chain`]. +/// A helper trait over [`crate::Chain`]. pub trait ChainMethods { - /// Create a new Chain instance from a [`rustables::Hook`] over a [`rustables::Table`]. + /// Create a new Chain instance from a [`crate::Hook`] over a [`crate::Table`]. fn from_hook(hook: Hook, table: Rc<Table>) -> Self where Self: std::marker::Sized; - /// Add a [`rustables::Policy`] to the current Chain. + /// Add a [`crate::Policy`] to the current Chain. fn verdict(self, policy: Policy) -> Self; fn add_to_batch(self, batch: &mut Batch) -> Self; } diff --git a/src/rule_methods.rs b/src/rule_methods.rs index 91b2c8a..9a8ef58 100644 --- a/src/rule_methods.rs +++ b/src/rule_methods.rs @@ -31,25 +31,23 @@ pub enum Protocol { UDP } -/// A RuleMethods trait over [`rustables::Rule`], to make it match some criteria, and give it a +/// A RuleMethods trait over [`crate::Rule`], to make it match some criteria, and give it a /// verdict. Mostly adapted from [talpid-core's /// firewall](https://github.com/mullvad/mullvadvpn-app/blob/d92376b4d1df9b547930c68aa9bae9640ff2a022/talpid-core/src/firewall/linux.rs). /// All methods return the rule itself, allowing them to be chained. Usage example : /// ```rust -/// use rustables::{Batch, Chain, Protocol, ProtoFamily, Rule, RuleMethods, Table, MsgType, Hook}; +/// use rustables::{Batch, Chain, ChainMethods, Protocol, ProtoFamily, Rule, RuleMethods, Table, MsgType, Hook}; /// use std::ffi::CString; /// use std::rc::Rc; /// let table = Rc::new(Table::new(&CString::new("main_table").unwrap(), ProtoFamily::Inet)); /// let mut batch = Batch::new(); /// batch.add(&table, MsgType::Add); -/// let mut inbound = Chain::new(&CString::new("inbound").unwrap(), table); -/// inbound.set_hook(Hook::In, 0); -/// let inbound = Rc::new(inbound); -/// batch.add(&inbound, MsgType::Add); +/// let inbound = Rc::new(Chain::from_hook(Hook::In, Rc::clone(&table)) +/// .add_to_batch(&mut batch)); /// let rule = Rule::new(inbound) /// .dport("80", &Protocol::TCP).unwrap() -/// .accept(); -/// batch.add(&rule, MsgType::Add); +/// .accept() +/// .add_to_batch(&mut batch); /// ``` pub trait RuleMethods { /// Match ICMP packets. @@ -86,7 +84,7 @@ pub trait RuleMethods { fn add_to_batch(self, batch: &mut Batch) -> Self; } -/// A trait to add helper functions to match some criterium over `rustables::Rule`. +/// A trait to add helper functions to match some criterium over `crate::Rule`. impl RuleMethods for Rule { fn icmp(mut self) -> Self { self.add_expr(&nft_expr!(meta l4proto)); @@ -141,12 +139,16 @@ impl RuleMethods for Rule { Ok(self) } fn iface(mut self, iface_name: &str) -> Result<Self, Error> { - if iface_name.len() > libc::IFNAMSIZ { + if iface_name.len() >= libc::IFNAMSIZ { return Err(Error::NameTooLong); } + let mut name_arr = [0u8; libc::IFNAMSIZ]; + for (pos, i) in iface_name.bytes().enumerate() { + name_arr[pos] = i; + } self.add_expr(&nft_expr!(meta iifname)); - self.add_expr(&nft_expr!(cmp == CString::new(iface_name)?.as_bytes())); + self.add_expr(&nft_expr!(cmp == name_arr.as_ref())); Ok(self) } fn saddr(mut self, ip: IpAddr) -> Self { |