mirrors/opensnitch
1
0
Fork 0
mirror of https://github.com/evilsocket/opensnitch.git synced 2025-03-04 08:34:40 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

fw: fixed adding 'counter' obj to rules

Browse source 
https://wiki.nftables.org/wiki-nftables/index.php/Quick_reference-nftables_in_10_minutes#Counter
This commit is contained in:
Gustavo Iñiguez Goia 2024-07-03 14:26:11 +02:00
parent c89b4908ce
commit f882cf428b
Failed to generate hash of commit
1 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

19
daemon/firewall/nftables/parser.go
View file

@ -168,9 +168,14 @@ func (n *Nft) parseExpression(table, chain, family string, expression *config.Ex
exprList = append(exprList, *exprs.NewNoTrack()...)
case exprs.NFT_COUNTER:
tbl := n.GetTable(table, family)
if tbl == nil {
log.Warning("%s Error getting table counter: %s, %s, %s", logTag, table, chain, family)
return nil
}
defaultCounterName := "opensnitch"
counterObj := &nftables.CounterObj{
Table: &nftables.Table{Name: table, Family: nftables.TableFamilyIPv4},
Table: tbl,
Name: defaultCounterName,
Bytes: 0,
Packets: 0,
@ -187,7 +192,17 @@ func (n *Nft) parseExpression(table, chain, family string, expression *config.Ex
counterObj.Packets = 1
}
}
n.Conn.AddObj(counterObj)
cntObj := n.Conn.AddObj(counterObj)
if cntObj == nil {
log.Warning("Error adding counter %s", defaultCounterName)
return nil
}
if !n.Commit() {
log.Warning("Error creating counter %s", defaultCounterName)
return nil
}
log.Debug("%s counter %s created (%s, %s, %s)", logTag, defaultCounterName, table, chain, family)
exprList = append(exprList, *exprs.NewExprCounter(defaultCounterName)...)
}