typedef enum {
STC_FIREWALL_CHAIN_TARGET_NONE,
STC_FIREWALL_CHAIN_TARGET_INPUT,
- STC_FIREWALL_CHAIN_TARGET_OUTPUT
+ STC_FIREWALL_CHAIN_TARGET_OUTPUT,
+ STC_FIREWALL_CHAIN_TARGET_MAX
} stc_firewall_chain_target_e;
/**
STC_FIREWALL_RULE_TARGET_ACCEPT,
STC_FIREWALL_RULE_TARGET_DROP,
STC_FIREWALL_RULE_TARGET_LOG,
+ STC_FIREWALL_RULE_TARGET_NFLOG,
+ STC_FIREWALL_RULE_TARGET_MAX,
} stc_firewall_rule_target_e;
/**
int stc_firewall_rule_set_target(stc_firewall_rule_h rule_h,
stc_firewall_rule_target_e target);
+/**
+ * @brief Sets log level to rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[in] level The level
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_get_log_level()
+ */
+int stc_firewall_rule_set_log_level(stc_firewall_rule_h rule_h,
+ unsigned char level);
+
+/**
+ * @brief Sets log prefix to rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[in] prefix The prefix
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_get_log_prefix()
+ */
+int stc_firewall_rule_set_log_prefix(stc_firewall_rule_h rule_h,
+ char *prefix);
+
+/**
+ * @brief Sets nflog group to rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[in] group The group
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_get_nflog_group()
+ */
+int stc_firewall_rule_set_nflog_group(stc_firewall_rule_h rule_h,
+ unsigned int group);
+
+/**
+ * @brief Sets nflog prefix to rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[in] prefix The prefix
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_get_nflog_prefix()
+ */
+int stc_firewall_rule_set_nflog_prefix(stc_firewall_rule_h rule_h,
+ char *prefix);
+
+/**
+ * @brief Sets nflog range to rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[in] range The range
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_get_nflog_range()
+ */
+int stc_firewall_rule_set_nflog_range(stc_firewall_rule_h rule_h,
+ unsigned int range);
+
+/**
+ * @brief Sets nflog threshold to rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[in] threshold The threshold
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_get_nflog_threshold()
+ */
+int stc_firewall_rule_set_nflog_threshold(stc_firewall_rule_h rule_h,
+ unsigned int threshold);
+
/**
* @brief Gets the chain name from rule.
* @since_tizen 5.0
int stc_firewall_rule_get_target(stc_firewall_rule_h rule_h,
stc_firewall_rule_target_e *target);
+/**
+ * @brief Gets log level from rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[out] level The level
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_set_log_level()
+ */
+int stc_firewall_rule_get_log_level(stc_firewall_rule_h rule_h,
+ unsigned char *level);
+
+int stc_firewall_rule_get_log_prefix(stc_firewall_rule_h rule_h,
+ char **prefix);
+
+/**
+ * @brief Gets nflog group from rule.
+ * @since_tizen 5.0
+ *
+ * @param[in] rule The firewall rule handle
+ * @param[out] group The group
+ *
+ * @return 0 on success, otherwise a negative error value
+ * @retval #STC_ERROR_NONE Successful
+ * @retval #STC_ERROR_OPERATION_FAILED General error
+ * @retval #STC_ERROR_OUT_OF_MEMORY Out of memory
+ * @retval #STC_ERROR_INVALID_PARAMETER Invalid parameter
+ * @retval #STC_ERROR_INVALID_OPERATION Invalid operation
+ * @retval #STC_ERROR_NOT_INITIALIZED Not initialized
+ * @retval #STC_ERROR_NOT_SUPPORTED Not supported
+ * @retval #STC_ERROR_PERMISSION_DENIED Permission denied
+ *
+ * @see #stc_firewall_rule_h
+ * @see stc_firewall_rule_create()
+ * @see stc_firewall_rule_destroy()
+ * @see stc_firewall_rule_set_nflog_group()
+ */
+int stc_firewall_rule_get_nflog_group(stc_firewall_rule_h rule_h,
+ unsigned int *group);
+
+int stc_firewall_rule_get_nflog_prefix(stc_firewall_rule_h rule_h,
+ char **prefix);
+
+int stc_firewall_rule_get_nflog_range(stc_firewall_rule_h rule_h,
+ unsigned int *range);
+
+int stc_firewall_rule_get_nflog_threshold(stc_firewall_rule_h rule_h,
+ unsigned int *threshold);
+
/**
* @brief Adds the rule.
* @since_tizen 5.0
stc_fw_rule_s *origin = (stc_fw_rule_s *)a;
stc_fw_rule_s *cloned = (stc_fw_rule_s *)b;
+ FREE(cloned->chain);
cloned->chain = g_strdup(origin->chain);
cloned->direction = origin->direction;
cloned->s_ip_type = origin->s_ip_type;
cloned->d_port_type = origin->d_port_type;
cloned->protocol = origin->protocol;
cloned->family = origin->family;
+ FREE(cloned->s_ip1);
+ FREE(cloned->s_ip2);
+ FREE(cloned->d_ip1);
+ FREE(cloned->d_ip2);
cloned->s_ip1 = g_strdup(origin->s_ip1);
cloned->s_ip2 = g_strdup(origin->s_ip2);
cloned->d_ip1 = g_strdup(origin->d_ip1);
cloned->s_port2 = origin->s_port2;
cloned->d_port1 = origin->d_port1;
cloned->d_port2 = origin->d_port2;
+ FREE(cloned->ifname);
cloned->ifname = g_strdup(origin->ifname);
cloned->target = origin->target;
+ cloned->log_level = origin->log_level;
+ FREE(cloned->log_prefix);
+ cloned->log_prefix = g_strdup(origin->log_prefix);
+ cloned->nflog_group = origin->nflog_group;
+ FREE(cloned->nflog_prefix);
+ cloned->nflog_prefix = g_strdup(origin->nflog_prefix);
+ cloned->nflog_range = origin->nflog_range;
+ cloned->nflog_threshold = origin->nflog_threshold;
+ FREE(cloned->identifier);
cloned->identifier = g_strdup(origin->identifier);
cloned->key = origin->key;
}
FREE(rule->d_ip1);
FREE(rule->d_ip2);
FREE(rule->ifname);
+ FREE(rule->log_prefix);
+ FREE(rule->nflog_prefix);
FREE(rule->identifier);
FREE(rule);
rule = NULL;
STC_FW_RULE_TARGET,
g_variant_new_uint16(rule->target));
+ if (rule->log_level)
+ g_variant_builder_add(builder, "{sv}",
+ STC_FW_RULE_LOG_LEVEL,
+ g_variant_new_uint16(rule->log_level));
+
+ if (rule->log_prefix)
+ g_variant_builder_add(builder, "{sv}",
+ STC_FW_RULE_LOG_PREFIX,
+ g_variant_new_string(rule->log_prefix));
+
+ if (rule->nflog_group)
+ g_variant_builder_add(builder, "{sv}",
+ STC_FW_RULE_NFLOG_GROUP,
+ g_variant_new_uint16(rule->nflog_group));
+
+ if (rule->nflog_prefix)
+ g_variant_builder_add(builder, "{sv}",
+ STC_FW_RULE_NFLOG_PREFIX,
+ g_variant_new_string(rule->nflog_prefix));
+
+ if (rule->nflog_range)
+ g_variant_builder_add(builder, "{sv}",
+ STC_FW_RULE_NFLOG_RANGE,
+ g_variant_new_uint16(rule->nflog_range));
+
+ if (rule->nflog_threshold)
+ g_variant_builder_add(builder, "{sv}",
+ STC_FW_RULE_NFLOG_THRESHOLD,
+ g_variant_new_uint16(rule->nflog_threshold));
+
if (rule->identifier)
g_variant_builder_add(builder, "{sv}",
STC_FW_RULE_IDENTIFIER,
} else if (!g_strcmp0(key, STC_FW_RULE_TARGET)) {
rule->target = g_variant_get_uint16(value);
+ } else if (!g_strcmp0(key, STC_FW_RULE_LOG_LEVEL)) {
+ rule->log_level = g_variant_get_uint16(value);
+
+ } else if (!g_strcmp0(key, STC_FW_RULE_LOG_PREFIX)) {
+ guint str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ rule->log_prefix = g_strdup(str);
+
+ } else if (!g_strcmp0(key, STC_FW_RULE_NFLOG_GROUP)) {
+ rule->nflog_group = g_variant_get_uint16(value);
+
+ } else if (!g_strcmp0(key, STC_FW_RULE_NFLOG_PREFIX)) {
+ guint str_length;
+ const gchar *str = g_variant_get_string(value, &str_length);
+ rule->nflog_prefix = g_strdup(str);
+
+ } else if (!g_strcmp0(key, STC_FW_RULE_NFLOG_RANGE)) {
+ rule->nflog_range = g_variant_get_uint16(value);
+
+ } else if (!g_strcmp0(key, STC_FW_RULE_NFLOG_THRESHOLD)) {
+ rule->nflog_threshold = g_variant_get_uint16(value);
+
} else if (!g_strcmp0(key, STC_FW_RULE_IDENTIFIER)) {
guint str_length;
const gchar *str = g_variant_get_string(value, &str_length);
STC_LOGD(STC_HR_SINGLE);
- STC_LOGD("Chain: [%s]", (chain->chain) ? chain->chain : "");
- STC_LOGD("Target: [%s]", _stc_convert_fw_chain_target_to_string(chain->target));
- STC_LOGD("Priority: [%u]", chain->priority);
+ STC_LOGD("[%s][%s][%u]", (chain->chain) ? chain->chain : "",
+ _stc_convert_fw_chain_target_to_string(chain->target),
+ chain->priority);
STC_LOGD(STC_HR_SINGLE);
}
STC_LOGD(STC_HR_SINGLE);
- STC_LOGD("[%s][%s][%s][%s][%s][%s][%s][%s]"
- "[%s][%s][%s][%s][%d][%d][%s][%d][%d][%s]",
+ STC_LOGD("[%s][%s][%s][%s][%s][%s][%s][%s][%s][%s]",
(rule->chain) ? rule->chain : "",
_stc_convert_fw_direction_to_string(rule->direction),
(rule->ifname) ? rule->ifname : "",
(rule->s_ip2) ? rule->s_ip2 : "",
_stc_convert_fw_ip_type_to_string(rule->d_ip_type),
(rule->d_ip1) ? rule->d_ip1 : "",
- (rule->d_ip2) ? rule->d_ip2 : "",
+ (rule->d_ip2) ? rule->d_ip2 : "");
+
+ STC_LOGD("[%s][%s][%d][%d][%s][%d][%d][%s][%d][%s][%d][%s][%d][%d]",
_stc_convert_fw_protocol_type_to_string(rule->protocol),
_stc_convert_fw_port_type_to_string(rule->s_port_type),
rule->s_port1,
_stc_convert_fw_port_type_to_string(rule->d_port_type),
rule->d_port1,
rule->d_port2,
- _stc_convert_fw_rule_target_to_string(rule->target)
- );
+ _stc_convert_fw_rule_target_to_string(rule->target),
+ rule->log_level,
+ rule->log_prefix,
+ rule->nflog_group,
+ rule->nflog_prefix,
+ rule->nflog_range,
+ rule->nflog_threshold);
STC_LOGD(STC_HR_SINGLE);
}
return STC_ERROR_NONE;
}
+EXPORT_API int stc_firewall_rule_set_log_level(stc_firewall_rule_h rule_h,
+ unsigned char level)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ fw_rule->log_level = level;
+
+ STC_LOGI("Log level [%u]", fw_rule->log_level);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_set_log_prefix(stc_firewall_rule_h rule_h,
+ char *prefix)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ FREE(fw_rule->log_prefix);
+ fw_rule->log_prefix = g_strdup(prefix);
+
+ STC_LOGI("Log prefix [%s]", fw_rule->log_prefix);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_set_nflog_group(stc_firewall_rule_h rule_h,
+ unsigned int group)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ fw_rule->nflog_group = group;
+
+ STC_LOGI("Nflog group [%d]", fw_rule->nflog_group);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_set_nflog_prefix(stc_firewall_rule_h rule_h,
+ char *prefix)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ FREE(fw_rule->nflog_prefix);
+ fw_rule->nflog_prefix = g_strdup(prefix);
+
+ STC_LOGI("Nflog prefix [%s]", fw_rule->nflog_prefix);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_set_nflog_range(stc_firewall_rule_h rule_h,
+ unsigned int range)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ fw_rule->nflog_range = range;
+
+ STC_LOGI("Nflog range [%d]", fw_rule->nflog_range);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_set_nflog_threshold(stc_firewall_rule_h rule_h,
+ unsigned int threshold)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ fw_rule->nflog_threshold = threshold;
+
+ STC_LOGI("Nflog threshold [%d]", fw_rule->nflog_threshold);
+
+ return STC_ERROR_NONE;
+}
+
EXPORT_API int stc_firewall_rule_get_chain(stc_firewall_rule_h rule_h, char **chain)
{
CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
return STC_ERROR_NONE;
}
+EXPORT_API int stc_firewall_rule_get_log_level(stc_firewall_rule_h rule_h,
+ unsigned char *level)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (!level) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ *level = fw_rule->log_level;
+
+ STC_LOGI("Log level [%u]", *level);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_get_log_prefix(stc_firewall_rule_h rule_h,
+ char **prefix)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (!prefix) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ *prefix = g_strdup(fw_rule->log_prefix);
+
+ STC_LOGI("Log prefix [%s]", *prefix);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_get_nflog_group(stc_firewall_rule_h rule_h,
+ unsigned int *group)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (!group) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ *group = fw_rule->nflog_group;
+
+ STC_LOGI("Nflog group [%d]", *group);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_get_nflog_prefix(stc_firewall_rule_h rule_h,
+ char **prefix)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (!prefix) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ *prefix = g_strdup(fw_rule->nflog_prefix);
+
+ STC_LOGI("Nflog prefix [%s]", *prefix);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_get_nflog_range(stc_firewall_rule_h rule_h,
+ unsigned int *range)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (!range) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ *range = fw_rule->nflog_range;
+
+ STC_LOGI("Nflog range [%d]", *range);
+
+ return STC_ERROR_NONE;
+}
+
+EXPORT_API int stc_firewall_rule_get_nflog_threshold(stc_firewall_rule_h rule_h,
+ unsigned int *threshold)
+{
+ CHECK_FEATURE_SUPPORTED(TIZEN_FEATURE_STC_FW);
+
+ if (__stc_fw_check_rule_validity(rule_h) == false) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ if (!threshold) {
+ STC_LOGE("Invalid parameter");
+ return STC_ERROR_INVALID_PARAMETER;
+ }
+
+ stc_fw_rule_s *fw_rule = (stc_fw_rule_s *)rule_h;
+
+ *threshold = fw_rule->nflog_threshold;
+
+ STC_LOGI("Nflog threshold [%d]", *threshold);
+
+ return STC_ERROR_NONE;
+}
+
EXPORT_API int stc_firewall_rule_add(stc_firewall_rule_h rule_h)
{
int ret = STC_ERROR_NONE;
static char g_rule_family[MENU_DATA_SIZE] = "1";
static char g_rule_ifname[MENU_DATA_SIZE] = "seth_w0";
static char g_rule_target[MENU_DATA_SIZE] = "1";
+static char g_rule_log_level[MENU_DATA_SIZE] = "4";
+static char g_rule_log_prefix[MENU_DATA_SIZE] = "STC_LOG:";
+static char g_rule_nflog_group[MENU_DATA_SIZE] = "0";
+static char g_rule_nflog_prefix[MENU_DATA_SIZE] = "STC_NFLOG:";
+static char g_rule_nflog_range[MENU_DATA_SIZE] = "0";
+static char g_rule_nflog_threshold[MENU_DATA_SIZE] = "0";
static char g_rule_index[MENU_DATA_SIZE] = "0";
extern stc_h g_stc;
unsigned int s_port2 = 0;
unsigned int d_port1 = 0;
unsigned int d_port2 = 0;
+ unsigned int log_level = 0;
+ unsigned int nflog_group = 0;
+ unsigned int nflog_range = 0;
+ unsigned int nflog_threshold = 0;
char *ifname = NULL;
+ char *log_prefix = NULL;
+ char *nflog_prefix = NULL;
stc_firewall_rule_target_e target = STC_FIREWALL_RULE_TARGET_NONE;
ret = stc_firewall_rule_get_chain(rule_h, &chain);
if (ret == STC_ERROR_NONE) {
- msg("Chain: " LOG_CYAN "[%s]" LOG_END, chain);
+ msg("Chain: " LOG_CYAN "[%s]" LOG_END, chain);
FREE(chain);
}
- ret = stc_firewall_rule_get_direction(rule_h, &direction);
- if (ret == STC_ERROR_NONE)
- msg("Direction: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_direction_to_string(direction));
+ if (direction > STC_FIREWALL_DIRECTION_NONE &&
+ direction <= STC_FIREWALL_DIRECTION_OUT) {
+ ret = stc_firewall_rule_get_direction(rule_h, &direction);
+ if (ret == STC_ERROR_NONE)
+ msg("Direction: " LOG_CYAN "[%s]" LOG_END,
+ test_stc_convert_fw_direction_to_string(direction));
+ }
ret = stc_firewall_rule_get_ifname(rule_h, &ifname);
if (ret == STC_ERROR_NONE) {
- msg("Ifname: " LOG_CYAN "[%s]" LOG_END, ifname);
+ if (ifname)
+ msg("Ifname: " LOG_CYAN "[%s]" LOG_END, ifname);
+
FREE(ifname);
}
ret = stc_firewall_rule_get_family_type(rule_h, &family);
if (ret == STC_ERROR_NONE)
- msg("Family: " LOG_CYAN "[%s]" LOG_END,
+ msg("Family: " LOG_CYAN "[%s]" LOG_END,
test_stc_convert_fw_family_type_to_string(family));
ret = stc_firewall_rule_get_src_ip_type(rule_h, &s_ip_type);
if (ret == STC_ERROR_NONE)
- msg("SrcIPtype: " LOG_CYAN "[%s]" LOG_END,
+ msg("SrcIPtype: " LOG_CYAN "[%s]" LOG_END,
test_stc_convert_fw_ip_type_to_string(s_ip_type));
ret = stc_firewall_rule_get_src_ip(rule_h, &s_ip1, &s_ip2);
if (ret == STC_ERROR_NONE) {
if (s_ip1 || s_ip2)
- msg("SrcIP: " LOG_CYAN "[%s:%s]" LOG_END, s_ip1, s_ip2);
+ msg("SrcIP: " LOG_CYAN "[%s:%s]" LOG_END, s_ip1, s_ip2);
FREE(s_ip1);
FREE(s_ip2);
}
- ret = stc_firewall_rule_get_dst_ip_type(rule_h, &d_ip_type);
- if (ret == STC_ERROR_NONE)
- msg("DstIPtype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_ip_type_to_string(d_ip_type));
+ if (d_ip_type > STC_FIREWALL_IP_NONE &&
+ d_ip_type <= STC_FIREWALL_IP_RANGE) {
+ ret = stc_firewall_rule_get_dst_ip_type(rule_h, &d_ip_type);
+ if (ret == STC_ERROR_NONE)
+ msg("DstIPtype: " LOG_CYAN "[%s]" LOG_END,
+ test_stc_convert_fw_ip_type_to_string(d_ip_type));
+ }
ret = stc_firewall_rule_get_dst_ip(rule_h, &d_ip1, &d_ip2);
if (ret == STC_ERROR_NONE) {
if (d_ip1 || d_ip2)
- msg("DstIP: " LOG_CYAN "[%s:%s]" LOG_END, d_ip1, d_ip2);
+ msg("DstIP: " LOG_CYAN "[%s:%s]" LOG_END, d_ip1, d_ip2);
FREE(d_ip1);
FREE(d_ip2);
ret = stc_firewall_rule_get_protocol_type(rule_h, &protocol);
if (ret == STC_ERROR_NONE)
- msg("Protocol: " LOG_CYAN "[%s]" LOG_END,
+ msg("Protocol: " LOG_CYAN "[%s]" LOG_END,
test_stc_convert_fw_protocol_type_to_string(protocol));
ret = stc_firewall_rule_get_src_port_type(rule_h, &s_port_type);
if (ret == STC_ERROR_NONE)
- msg("SrcPorttype: " LOG_CYAN "[%s]" LOG_END,
+ msg("SrcPorttype: " LOG_CYAN "[%s]" LOG_END,
test_stc_convert_fw_port_type_to_string(s_port_type));
ret = stc_firewall_rule_get_src_port(rule_h, &s_port1, &s_port2);
if (ret == STC_ERROR_NONE) {
if (s_port1 || s_port2)
- msg("SrcPort: " LOG_CYAN "[%u:%u]" LOG_END, s_port1, s_port2);
+ msg("SrcPort: " LOG_CYAN "[%u:%u]" LOG_END, s_port1, s_port2);
}
ret = stc_firewall_rule_get_dst_port_type(rule_h, &d_port_type);
if (ret == STC_ERROR_NONE)
- msg("DstPorttype: " LOG_CYAN "[%s]" LOG_END,
+ msg("DstPorttype: " LOG_CYAN "[%s]" LOG_END,
test_stc_convert_fw_port_type_to_string(d_port_type));
ret = stc_firewall_rule_get_dst_port(rule_h, &d_port1, &d_port2);
if (ret == STC_ERROR_NONE) {
if (d_port1 || d_port2)
- msg("DstPort: " LOG_CYAN "[%u:%u]" LOG_END, d_port1, d_port2);
+ msg("DstPort: " LOG_CYAN "[%u:%u]" LOG_END, d_port1, d_port2);
}
ret = stc_firewall_rule_get_target(rule_h, &target);
if (ret == STC_ERROR_NONE)
- msg("Target: " LOG_CYAN "[%s]" LOG_END,
+ msg("Target: " LOG_CYAN "[%s]" LOG_END,
test_stc_convert_fw_rule_target_to_string(target));
+
+ if (target == STC_FIREWALL_RULE_TARGET_LOG) {
+ ret = stc_firewall_rule_get_log_level(rule_h, &log_level);
+ if (ret == STC_ERROR_NONE)
+ msg("Log level: " LOG_CYAN "[%u]" LOG_END, log_level);
+
+ ret = stc_firewall_rule_get_log_prefix(rule_h, &log_prefix);
+ if (ret == STC_ERROR_NONE) {
+ if (log_prefix)
+ msg("Log prefix: " LOG_CYAN "[%s]" LOG_END, log_prefix);
+
+ FREE(log_prefix);
+ }
+ }
+
+ if (target == STC_FIREWALL_RULE_TARGET_NFLOG) {
+ ret = stc_firewall_rule_get_nflog_group(rule_h, &nflog_group);
+ if (ret == STC_ERROR_NONE)
+ msg("Nflog group: " LOG_CYAN "[%u]" LOG_END, nflog_group);
+
+ ret = stc_firewall_rule_get_nflog_prefix(rule_h, &nflog_prefix);
+ if (ret == STC_ERROR_NONE) {
+ if (nflog_prefix)
+ msg("Nflog prefix: " LOG_CYAN "[%s]" LOG_END, nflog_prefix);
+
+ FREE(nflog_prefix);
+ }
+
+ ret = stc_firewall_rule_get_nflog_range(rule_h, &nflog_range);
+ if (ret == STC_ERROR_NONE)
+ msg("Nflog range: " LOG_CYAN "[%u]" LOG_END, nflog_range);
+
+ ret = stc_firewall_rule_get_nflog_threshold(rule_h, &nflog_threshold);
+ if (ret == STC_ERROR_NONE)
+ msg("Nflog threshold: " LOG_CYAN "[%u]" LOG_END, nflog_threshold);
+ }
}
static int __test_stc_fw_print_all_rule(MManager *mm, struct menu_data *menu)
for (list = g_rule_list; list; list = list->next) {
stc_firewall_rule_h rule_h = (stc_firewall_rule_h)list->data;
msg(HR_SINGLE);
- msg("Index: " LOG_CYAN "[%u]" LOG_END, index);
+ msg("Index: " LOG_CYAN "[%u]" LOG_END, index);
__test_stc_fw_print_rule(rule_h);
++index;
}
(unsigned int)strtol(g_rule_d_port1, NULL, 10);
unsigned int d_port2 =
(unsigned int)strtol(g_rule_d_port2, NULL, 10);
- char *chain = NULL;
- char *s_ip1 = NULL;
- char *s_ip2 = NULL;
- char *d_ip1 = NULL;
- char *d_ip2 = NULL;
- char *ifname = NULL;
+ unsigned int log_level =
+ (unsigned int)strtol(g_rule_log_level, NULL, 10);
+ unsigned int nflog_group =
+ (unsigned int)strtol(g_rule_nflog_group, NULL, 10);
+ unsigned int nflog_range =
+ (unsigned int)strtol(g_rule_nflog_range, NULL, 10);
+ unsigned int nflog_threshold =
+ (unsigned int)strtol(g_rule_nflog_threshold, NULL, 10);
int ret = STC_ERROR_NONE;
if (strlen(g_rule_chain) == 0) {
test_stc_convert_error_type_to_string(ret));
if (target > STC_FIREWALL_RULE_TARGET_NONE &&
- target <= STC_FIREWALL_RULE_TARGET_LOG) {
+ target < STC_FIREWALL_RULE_TARGET_MAX) {
ret = stc_firewall_rule_set_target(g_fw_rule_h, target);
if (ret == STC_ERROR_NONE)
msg(LOG_GREEN "Success to set target of rule" LOG_END);
test_stc_convert_error_type_to_string(ret));
}
- msg(HR_SINGLE);
-
- ret = stc_firewall_rule_get_chain(g_fw_rule_h, &chain);
- if (ret == STC_ERROR_NONE) {
- msg("Chain: " LOG_CYAN "[%s]" LOG_END, chain);
- FREE(chain);
- }
-
- if (direction > STC_FIREWALL_DIRECTION_NONE &&
- direction <= STC_FIREWALL_DIRECTION_OUT) {
- ret = stc_firewall_rule_get_direction(g_fw_rule_h, &direction);
- if (ret == STC_ERROR_NONE)
- msg("Direction: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_direction_to_string(direction));
- }
-
- ret = stc_firewall_rule_get_ifname(g_fw_rule_h, &ifname);
- if (ret == STC_ERROR_NONE) {
- if (ifname)
- msg("Ifname: " LOG_CYAN "[%s]" LOG_END, ifname);
-
- FREE(ifname);
- }
-
- ret = stc_firewall_rule_get_family_type(g_fw_rule_h, &family);
+ ret = stc_firewall_rule_set_log_level(g_fw_rule_h, log_level);
if (ret == STC_ERROR_NONE)
- msg("Family: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_family_type_to_string(family));
+ msg(LOG_GREEN "Success to set log level of rule" LOG_END);
+ else
+ msg("Fail to set log level of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_src_ip_type(g_fw_rule_h, &s_ip_type);
+ ret = stc_firewall_rule_set_log_prefix(g_fw_rule_h, g_rule_log_prefix);
if (ret == STC_ERROR_NONE)
- msg("SrcIPtype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_ip_type_to_string(s_ip_type));
-
- ret = stc_firewall_rule_get_src_ip(g_fw_rule_h, &s_ip1, &s_ip2);
- if (ret == STC_ERROR_NONE) {
- if (s_ip1 || s_ip2)
- msg("SrcIP: " LOG_CYAN "[%s:%s]" LOG_END, s_ip1, s_ip2);
-
- FREE(s_ip1);
- FREE(s_ip2);
- }
-
- if (d_ip_type > STC_FIREWALL_IP_NONE &&
- d_ip_type <= STC_FIREWALL_IP_RANGE) {
- ret = stc_firewall_rule_get_dst_ip_type(g_fw_rule_h, &d_ip_type);
- if (ret == STC_ERROR_NONE)
- msg("DstIPtype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_ip_type_to_string(d_ip_type));
- }
-
- ret = stc_firewall_rule_get_dst_ip(g_fw_rule_h, &d_ip1, &d_ip2);
- if (ret == STC_ERROR_NONE) {
- if (d_ip1 || d_ip2)
- msg("DstIP: " LOG_CYAN "[%s:%s]" LOG_END, d_ip1, d_ip2);
-
- FREE(d_ip1);
- FREE(d_ip2);
- }
+ msg(LOG_GREEN "Success to set log prefix of rule" LOG_END);
+ else
+ msg("Fail to set log prefix of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_protocol_type(g_fw_rule_h, &protocol);
+ ret = stc_firewall_rule_set_nflog_group(g_fw_rule_h, nflog_group);
if (ret == STC_ERROR_NONE)
- msg("Protocol: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_protocol_type_to_string(protocol));
+ msg(LOG_GREEN "Success to set nflog group of rule" LOG_END);
+ else
+ msg("Fail to set nflog group of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_src_port_type(g_fw_rule_h, &s_port_type);
+ ret = stc_firewall_rule_set_nflog_prefix(g_fw_rule_h, g_rule_nflog_prefix);
if (ret == STC_ERROR_NONE)
- msg("SrcPorttype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_port_type_to_string(s_port_type));
+ msg(LOG_GREEN "Success to set nflog prefix of rule" LOG_END);
+ else
+ msg("Fail to set nflog prefix of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_src_port(g_fw_rule_h, &s_port1, &s_port2);
- if (ret == STC_ERROR_NONE) {
- if (s_port1 || s_port2)
- msg("SrcPort: " LOG_CYAN "[%u:%u]" LOG_END, s_port1, s_port2);
- }
+ ret = stc_firewall_rule_set_nflog_range(g_fw_rule_h, nflog_range);
+ if (ret == STC_ERROR_NONE)
+ msg(LOG_GREEN "Success to set nflog range of rule" LOG_END);
+ else
+ msg("Fail to set nflog range of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_dst_port_type(g_fw_rule_h, &d_port_type);
+ ret = stc_firewall_rule_set_nflog_threshold(g_fw_rule_h, nflog_threshold);
if (ret == STC_ERROR_NONE)
- msg("DstPorttype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_port_type_to_string(d_port_type));
+ msg(LOG_GREEN "Success to set nflog threshold of rule" LOG_END);
+ else
+ msg("Fail to set nflog threshold of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_dst_port(g_fw_rule_h, &d_port1, &d_port2);
- if (ret == STC_ERROR_NONE) {
- if (d_port1 || d_port2)
- msg("DstPort: " LOG_CYAN "[%u:%u]" LOG_END, d_port1, d_port2);
- }
+ msg(HR_SINGLE);
- ret = stc_firewall_rule_get_target(g_fw_rule_h, &target);
- if (ret == STC_ERROR_NONE)
- msg("Target: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_rule_target_to_string(target));
+ __test_stc_fw_print_rule(g_fw_rule_h);
msg(HR_SINGLE);
(unsigned int)strtol(g_rule_d_port1, NULL, 10);
unsigned int d_port2 =
(unsigned int)strtol(g_rule_d_port2, NULL, 10);
- char *chain = NULL;
- char *s_ip1 = NULL;
- char *s_ip2 = NULL;
- char *d_ip1 = NULL;
- char *d_ip2 = NULL;
- char *ifname = NULL;
+ unsigned int log_level =
+ (unsigned int)strtol(g_rule_log_level, NULL, 10);
+ unsigned int nflog_group =
+ (unsigned int)strtol(g_rule_nflog_group, NULL, 10);
+ unsigned int nflog_range =
+ (unsigned int)strtol(g_rule_nflog_range, NULL, 10);
+ unsigned int nflog_threshold =
+ (unsigned int)strtol(g_rule_nflog_threshold, NULL, 10);
int ret = STC_ERROR_NONE;
if (direction > STC_FIREWALL_DIRECTION_NONE &&
test_stc_convert_error_type_to_string(ret));
if (target > STC_FIREWALL_RULE_TARGET_NONE &&
- target <= STC_FIREWALL_RULE_TARGET_LOG) {
+ target < STC_FIREWALL_RULE_TARGET_MAX) {
ret = stc_firewall_rule_set_target(rule_h, target);
if (ret == STC_ERROR_NONE)
msg(LOG_GREEN "Success to set target of rule" LOG_END);
test_stc_convert_error_type_to_string(ret));
}
- msg(HR_SINGLE);
-
- ret = stc_firewall_rule_get_chain(rule_h, &chain);
- if (ret == STC_ERROR_NONE) {
- msg("Chain: " LOG_CYAN "[%s]" LOG_END, chain);
- FREE(chain);
- }
-
- if (direction > STC_FIREWALL_DIRECTION_NONE &&
- direction <= STC_FIREWALL_DIRECTION_OUT) {
- ret = stc_firewall_rule_get_direction(rule_h, &direction);
- if (ret == STC_ERROR_NONE)
- msg("Direction: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_direction_to_string(direction));
- }
-
- ret = stc_firewall_rule_get_ifname(rule_h, &ifname);
- if (ret == STC_ERROR_NONE) {
- if (ifname)
- msg("Ifname: " LOG_CYAN "[%s]" LOG_END, ifname);
-
- FREE(ifname);
- }
-
- ret = stc_firewall_rule_get_family_type(rule_h, &family);
+ ret = stc_firewall_rule_set_log_level(rule_h, log_level);
if (ret == STC_ERROR_NONE)
- msg("Family: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_family_type_to_string(family));
+ msg(LOG_GREEN "Success to set log level of rule" LOG_END);
+ else
+ msg("Fail to set log level of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_src_ip_type(rule_h, &s_ip_type);
+ ret = stc_firewall_rule_set_log_prefix(rule_h, g_rule_log_prefix);
if (ret == STC_ERROR_NONE)
- msg("SrcIPtype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_ip_type_to_string(s_ip_type));
-
- ret = stc_firewall_rule_get_src_ip(rule_h, &s_ip1, &s_ip2);
- if (ret == STC_ERROR_NONE) {
- if (s_ip1 || s_ip2)
- msg("SrcIP: " LOG_CYAN "[%s:%s]" LOG_END, s_ip1, s_ip2);
-
- FREE(s_ip1);
- FREE(s_ip2);
- }
-
- if (d_ip_type > STC_FIREWALL_IP_NONE &&
- d_ip_type <= STC_FIREWALL_IP_RANGE) {
- ret = stc_firewall_rule_get_dst_ip_type(rule_h, &d_ip_type);
- if (ret == STC_ERROR_NONE)
- msg("DstIPtype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_ip_type_to_string(d_ip_type));
- }
-
- ret = stc_firewall_rule_get_dst_ip(rule_h, &d_ip1, &d_ip2);
- if (ret == STC_ERROR_NONE) {
- if (d_ip1 || d_ip2)
- msg("DstIP: " LOG_CYAN "[%s:%s]" LOG_END, d_ip1, d_ip2);
-
- FREE(d_ip1);
- FREE(d_ip2);
- }
+ msg(LOG_GREEN "Success to set log prefix of rule" LOG_END);
+ else
+ msg("Fail to set log prefix of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_protocol_type(rule_h, &protocol);
+ ret = stc_firewall_rule_set_nflog_group(rule_h, nflog_group);
if (ret == STC_ERROR_NONE)
- msg("Protocol: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_protocol_type_to_string(protocol));
+ msg(LOG_GREEN "Success to set nflog group of rule" LOG_END);
+ else
+ msg("Fail to set nflog group of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_src_port_type(rule_h, &s_port_type);
+ ret = stc_firewall_rule_set_nflog_prefix(rule_h, g_rule_nflog_prefix);
if (ret == STC_ERROR_NONE)
- msg("SrcPorttype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_port_type_to_string(s_port_type));
+ msg(LOG_GREEN "Success to set nflog prefix of rule" LOG_END);
+ else
+ msg("Fail to set nflog prefix of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_src_port(rule_h, &s_port1, &s_port2);
- if (ret == STC_ERROR_NONE) {
- if (s_port1 || s_port2)
- msg("SrcPort: " LOG_CYAN "[%u:%u]" LOG_END, s_port1, s_port2);
- }
+ ret = stc_firewall_rule_set_nflog_range(rule_h, nflog_range);
+ if (ret == STC_ERROR_NONE)
+ msg(LOG_GREEN "Success to set nflog range of rule" LOG_END);
+ else
+ msg("Fail to set nflog range of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_dst_port_type(rule_h, &d_port_type);
+ ret = stc_firewall_rule_set_nflog_threshold(rule_h, nflog_threshold);
if (ret == STC_ERROR_NONE)
- msg("DstPorttype: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_port_type_to_string(d_port_type));
+ msg(LOG_GREEN "Success to set nflog threshold of rule" LOG_END);
+ else
+ msg("Fail to set nflog threshold of rule " LOG_RED "[%s]" LOG_END,
+ test_stc_convert_error_type_to_string(ret));
- ret = stc_firewall_rule_get_dst_port(rule_h, &d_port1, &d_port2);
- if (ret == STC_ERROR_NONE) {
- if (d_port1 || d_port2)
- msg("DstPort: " LOG_CYAN "[%u:%u]" LOG_END, d_port1, d_port2);
- }
+ msg(HR_SINGLE);
- ret = stc_firewall_rule_get_target(rule_h, &target);
- if (ret == STC_ERROR_NONE)
- msg("Target: " LOG_CYAN "[%s]" LOG_END,
- test_stc_convert_fw_rule_target_to_string(target));
+ __test_stc_fw_print_rule(rule_h);
msg(HR_SINGLE);
return STC_ERROR_INVALID_PARAMETER;
}
- if (target > STC_FIREWALL_CHAIN_TARGET_OUTPUT) {
+ if (target >= STC_FIREWALL_CHAIN_TARGET_MAX) {
msg(LOG_RED "Invalid target parameter" LOG_END);
return STC_ERROR_INVALID_PARAMETER;
}
{ "7", "Protocol type(0.None/1.TCP/2.UDP/3.ICMP/4.ALL)", NULL, NULL, g_rule_protocol},
{ "8", "Family(0.None/1.IPv4/2.IPv6)", NULL, NULL, g_rule_family},
{ "9", "Interface name", NULL, NULL, g_rule_ifname},
- { "0", "Target(0.None/1.ACCEPT/2.DROP/3.LOG)", NULL, NULL, g_rule_target},
+ { "0", "Target(0.None/1.ACCEPT/2.DROP/3.LOG/4.NFLOG)", NULL, NULL, g_rule_target},
+ { "01", "Log level", NULL, NULL, g_rule_log_level},
+ { "02", "Log Prefix", NULL, NULL, g_rule_log_prefix},
+ { "03", "Nflog Group", NULL, NULL, g_rule_nflog_group},
+ { "04", "Nflog Prefix", NULL, NULL, g_rule_nflog_prefix},
+ { "05", "Nflog Range", NULL, NULL, g_rule_nflog_range},
+ { "06", "Nflog Threshold", NULL, NULL, g_rule_nflog_threshold},
{ "a", LOG_LIGHTBLUE "[Add]" LOG_END " rule", NULL, _test_stc_fw_add_rule, NULL},
{ NULL, NULL, },
};
{ "7", "Protocol type(0.None/1.TCP/2.UDP/3.ICMP/4.ALL)", NULL, NULL, g_rule_protocol},
{ "8", "Family(0.None/1.IPv4/2.IPv6)", NULL, NULL, g_rule_family},
{ "9", "Interface name", NULL, NULL, g_rule_ifname},
- { "0", "Target(0.None/1.ACCEPT/2.DROP/3.LOG)", NULL, NULL, g_rule_target},
+ { "0", "Target(0.None/1.ACCEPT/2.DROP/3.LOG/4.NFLOG)", NULL, NULL, g_rule_target},
+ { "01", "Log level", NULL, NULL, g_rule_log_level},
+ { "02", "Log Prefix", NULL, NULL, g_rule_log_prefix},
+ { "03", "Nflog Group", NULL, NULL, g_rule_nflog_group},
+ { "04", "Nflog Prefix", NULL, NULL, g_rule_nflog_prefix},
+ { "05", "Nflog Range", NULL, NULL, g_rule_nflog_range},
+ { "06", "Nflog Threshold", NULL, NULL, g_rule_nflog_threshold},
{ "u", LOG_LIGHTBLUE "[Update]" LOG_END " rule", NULL, _test_stc_fw_update_rule, NULL},
{ NULL, NULL, },
};
projects / platform / core / api / smart-traffic-control.git / commitdiff