Libiptc库（一）

1.     Iptc_init

函数原型：struct iptc_handle *iptc_init(const char*tablename);

描述：tablename是表名iptables内置支持的表名有：filter,mangle，nat函数返回一个初始化后的struct iptc_handle指针，大多数libiptc库函数都要依赖此指针。

2. iptc_first_chain，iptc_next_chain

  函数原型：const  char * iptc_first_chain(structiptc_handle *handle);

           const char *iptc_next_chain(struct iptc_handle *handle);

  描述：iptc_first_chain函数返回表中第一个链名。handle是由iptc_init初始化的。

iptc_next_chain函数返回表中下一个链名。handle是由iptc_init初始化的。

要先调用iptc_first_chain然后再调用iptc_next_chain才行。

3. iptc_get_policy

函数原型：const char*iptc_get_policy(const char *chain,struct ipt_counters *counter,

                                struct iptc_handle *handle);

描述：函数有两个返回值counter返回通过该规则包的数量和字节数，函数返回值是策略名称。

4. iptc_first_rule，

函数原型：const structipt_entry *iptc_first_rule(const char *chain,

                                   structiptc_handle *handle);

const struct ipt_entry *iptc_next_rule(const struct ipt_entry *prev,

                                struct iptc_handle *handle);

描述：函数返回相应链中的规则。

例子：

#include <stdio.h>

#include <errno.h>

#include "libiptc/libiptc.h"

#include <netdb.h>

#include <sys/types.h>

#include <sys/socket.h>

#include <arpa/inet.h>

int main( int argc ,char* argv[] )

{

       char*tables = "filter";

 

       if(argc > 2 )

       {

              printf("toomany argument\n");

              return-1;

       }

 

       if(argc == 2 )

       {

              tables= argv[1];

       }

 

       structiptc_handle *handle;

       constchar *error = NULL;

       constchar * chain = NULL;

       structipt_counters counters;

       constchar *pol = NULL;

       conststruct ipt_entry* rule;

 

       handle= iptc_init( tables );

 

       intret = 0;

 

       ret= xtables_init_all(&iptables_globals, NFPROTO_IPV4);

       if(ret < 0 )

       {

              printf("initerror\n");

              return-1;

       }

 

 

       if(handle == NULL )

       {

              error= iptc_strerror(errno);

              printf("iptc_initerror:%s\n",error);

              return-1;

       }

 

       for(chain = iptc_first_chain(handle); chain; chain = iptc_next_chain(handle) )

       {

              printf("%s\t",chain);

              pol= iptc_get_policy(chain,&counters,handle);

              printf("%s\t",pol);

              printf("%llu\t",counters.pcnt);//经过该链的包的数量

              printf("%llu\n",counters.bcnt);//经过该链的字节数

 

              for(rule = iptc_first_rule(chain,handle); rule; rule = iptc_next_rule(rule,handle))

              {

                     constchar *target = NULL;

                     target= iptc_get_target(rule,handle);

                     printf("%s\t",target);

                     printf("%llu\t",rule->counters.pcnt);//命中该规则的包数

                     printf("%llu\t",rule->counters.bcnt);//命中该规则的字节数

                     structprotoent *pro = NULL;

                     pro= getprotobynumber(rule->ip.proto);

 

                     if(pro != NULL )

                     {

                            printf("%s\t",pro->p_name);

                     }

 

                     if(rule->ip.iniface[0] == '\0' )//输入网络接口默认不指定可以通过-i指定如 –I ehh0

                            printf("any\t");

                     else

                            printf("%s\t",rule->ip.iniface);

 

                     if(rule->ip.outiface[0] == '\0' )//输出网络接口默认不指定可以通过-o 指定

                            printf("any\t");

                     else

                            printf("%s\t",rule->ip.outiface);

 

                     charaddr[32] = {0};

                     printf("%s\t",inet_ntop(AF_INET,&(rule->ip.src),addr,sizeof(addr)));

                     printf("%s\t",inet_ntop(AF_INET,&(rule->ip.dst),addr,sizeof(addr)));

}

}

}