diff options
| author | Arturo Borrero <arturo.borrero.glez@gmail.com> | 2014-04-15 20:12:58 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-04-26 14:06:49 +0200 |
| commit | 612698d4cedb3fbc2a02480c05b9a9d8cb13d3a8 (patch) | |
| tree | ec29b7eaf18bacfee5a0cd850d15a115b9730d7a | |
| parent | 4e92a484c00a8c2e18d4e2b8a1912ac1b86b4089 (diff) | |
src: add flag to add event wrapping in output functions
This patch uses the flag option of each output function to print an
event wrapper string in each object.
In order to use this functionality, the caller must pass the
corresponding flags: NFT_OF_EVENT_NEW / NFT_OF_EVENT_DEL.
(I have slightly refactorized the original code to add the xml/json
header and footer --pablo).
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | include/libnftnl/common.h | 6 | ||||
| -rw-r--r-- | src/chain.c | 24 | ||||
| -rw-r--r-- | src/common.c | 77 | ||||
| -rw-r--r-- | src/internal.h | 6 | ||||
| -rw-r--r-- | src/rule.c | 30 | ||||
| -rw-r--r-- | src/ruleset.c | 38 | ||||
| -rw-r--r-- | src/set.c | 30 | ||||
| -rw-r--r-- | src/set_elem.c | 24 | ||||
| -rw-r--r-- | src/table.c | 23 |
9 files changed, 224 insertions, 34 deletions
diff --git a/include/libnftnl/common.h b/include/libnftnl/common.h index f0c20f0..04d2906 100644 --- a/include/libnftnl/common.h +++ b/include/libnftnl/common.h @@ -15,6 +15,12 @@ enum nft_output_type { NFT_OUTPUT_JSON, }; +enum nft_output_flags { + NFT_OF_EVENT_NEW = (1 << 0), + NFT_OF_EVENT_DEL = (1 << 1), + NFT_OF_EVENT_ANY = (NFT_OF_EVENT_NEW | NFT_OF_EVENT_DEL), +}; + enum nft_parse_type { NFT_PARSE_NONE = 0, NFT_PARSE_XML, diff --git a/src/chain.c b/src/chain.c index 472203e..5311af6 100644 --- a/src/chain.c +++ b/src/chain.c @@ -924,17 +924,31 @@ static int nft_chain_snprintf_default(char *buf, size_t size, int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c, uint32_t type, uint32_t flags) { + int ret, len = size, offset = 0; + + ret = nft_event_header_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + switch(type) { case NFT_OUTPUT_DEFAULT: - return nft_chain_snprintf_default(buf, size, c); + ret = nft_chain_snprintf_default(buf+offset, len, c); + break; case NFT_OUTPUT_XML: - return nft_chain_snprintf_xml(buf, size, c); + ret = nft_chain_snprintf_xml(buf+offset, len, c); + break; case NFT_OUTPUT_JSON: - return nft_chain_snprintf_json(buf, size, c); - default: + ret = nft_chain_snprintf_json(buf+offset, len, c); break; + default: + return -1; } - return -1; + + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = nft_event_footer_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; } EXPORT_SYMBOL(nft_chain_snprintf); diff --git a/src/common.c b/src/common.c index 336d2b4..929f25d 100644 --- a/src/common.c +++ b/src/common.c @@ -66,3 +66,80 @@ int nft_parse_perror(const char *str, struct nft_parse_err *err) } } EXPORT_SYMBOL(nft_parse_perror); + +int nft_event_header_snprintf(char *buf, size_t size, uint32_t type, + uint32_t flags) +{ + int ret = 0; + + switch (type) { + case NFT_OUTPUT_XML: + if (flags & NFT_OF_EVENT_NEW) { + ret = snprintf(buf, size, "<event><type>new</type>"); + } else if (flags & NFT_OF_EVENT_DEL) { + ret = snprintf(buf, size, + "<event><type>delete</type>"); + } else { + ret = snprintf(buf, size, + "<event><type>unknown</type>"); + } + break; + case NFT_OUTPUT_JSON: + if (flags & NFT_OF_EVENT_NEW) { + ret = snprintf(buf, size, "{event:{type:\"new\",{\""); + } else if (flags & NFT_OF_EVENT_DEL) { + ret = snprintf(buf, size, + "{event:{type:\"delete\",{\""); + } else { + ret = snprintf(buf, size, + "{event:{type:\"unknown\",{\""); + } + break; + default: + if (flags & NFT_OF_EVENT_NEW) { + ret = snprintf(buf, size, "%9s", "[NEW] "); + } else if (flags & NFT_OF_EVENT_DEL) { + ret = snprintf(buf, size, "%9s", "[DELETE] "); + } else { + ret = snprintf(buf, size, "%9s", "[unknown] "); + } + break; + } + return ret; +} + +int nft_event_header_fprintf(FILE *fp, uint32_t type, uint32_t flags) +{ + char buf[64]; /* enough for the maximum string length above */ + + nft_event_header_snprintf(buf, sizeof(buf), type, flags); + buf[sizeof(buf) - 1] = '\0'; + + return fprintf(fp, "%s", buf); +} + +int nft_event_footer_snprintf(char *buf, size_t size, uint32_t type, + uint32_t flags) +{ + if (!(flags & NFT_OF_EVENT_ANY)) + return 0; + + switch (type) { + case NFT_OUTPUT_XML: + return snprintf(buf, size, "</event>"); + case NFT_OUTPUT_JSON: + return snprintf(buf, size, "}}}"); + default: + return 0; + } +} + +int nft_event_footer_fprintf(FILE *fp, uint32_t type, uint32_t flags) +{ + char buf[32]; /* enough for the maximum string length above */ + + nft_event_footer_snprintf(buf, sizeof(buf), type, flags); + buf[sizeof(buf) - 1] = '\0'; + + return fprintf(fp, "%s", buf); +} diff --git a/src/internal.h b/src/internal.h index ba994c8..6595e70 100644 --- a/src/internal.h +++ b/src/internal.h @@ -136,6 +136,12 @@ int nft_get_value(enum nft_type type, void *val, void *out); #include <stdio.h> int nft_fprintf(FILE *fp, void *obj, uint32_t type, uint32_t flags, int (*snprintf_cb)(char *buf, size_t bufsiz, void *obj, uint32_t type, uint32_t flags)); +int nft_event_header_snprintf(char *buf, size_t bufsize, + uint32_t format, uint32_t flags); +int nft_event_header_fprintf(FILE *fp, uint32_t format, uint32_t flags); +int nft_event_footer_snprintf(char *buf, size_t bufsize, + uint32_t format, uint32_t flags); +int nft_event_footer_fprintf(FILE *fp, uint32_t format, uint32_t flags); void xfree(const void *ptr); @@ -967,17 +967,37 @@ static int nft_rule_snprintf_default(char *buf, size_t size, struct nft_rule *r, int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *r, uint32_t type, uint32_t flags) { + int ret, len = size, offset = 0; + uint32_t inner_flags = flags; + + inner_flags &= ~NFT_OF_EVENT_ANY; + + ret = nft_event_header_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + switch(type) { case NFT_OUTPUT_DEFAULT: - return nft_rule_snprintf_default(buf, size, r, type, flags); + ret = nft_rule_snprintf_default(buf+offset, len, r, type, + inner_flags); + break; case NFT_OUTPUT_XML: - return nft_rule_snprintf_xml(buf, size, r, type, flags); + ret = nft_rule_snprintf_xml(buf+offset, len, r, type, + inner_flags); + break; case NFT_OUTPUT_JSON: - return nft_rule_snprintf_json(buf, size, r, type, flags); - default: + ret = nft_rule_snprintf_json(buf+offset, len, r, type, + inner_flags); break; + default: + return -1; } - return -1; + + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = nft_event_footer_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; } EXPORT_SYMBOL(nft_rule_snprintf); diff --git a/src/ruleset.c b/src/ruleset.c index 3cbec09..98c4367 100644 --- a/src/ruleset.c +++ b/src/ruleset.c @@ -765,14 +765,21 @@ nft_ruleset_do_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, { int ret, len = size, offset = 0; void *prev = NULL; + uint32_t inner_flags = flags; - ret = snprintf(buf+offset, size, "%s", nft_ruleset_o_opentag(type)); + /* dont pass events flags to child calls of _snprintf() */ + inner_flags &= ~NFT_OF_EVENT_ANY; + + ret = nft_event_header_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = snprintf(buf+offset, len, "%s", nft_ruleset_o_opentag(type)); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (nft_ruleset_attr_is_set(rs, NFT_RULESET_ATTR_TABLELIST) && (!nft_table_list_is_empty(rs->table_list))) { ret = nft_ruleset_snprintf_table(buf+offset, len, rs, - type, flags); + type, inner_flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (ret > 0) @@ -786,7 +793,7 @@ nft_ruleset_do_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_ruleset_snprintf_chain(buf+offset, len, rs, - type, flags); + type, inner_flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (ret > 0) @@ -800,7 +807,7 @@ nft_ruleset_do_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_ruleset_snprintf_set(buf+offset, len, rs, - type, flags); + type, inner_flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (ret > 0) @@ -814,13 +821,16 @@ nft_ruleset_do_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_ruleset_snprintf_rule(buf+offset, len, rs, - type, flags); + type, inner_flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } ret = snprintf(buf+offset, size, "%s", nft_ruleset_o_closetag(type)); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + ret = nft_event_footer_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + return offset; } @@ -989,13 +999,20 @@ int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, { int len = 0, ret = 0; void *prev = NULL; + uint32_t inner_flags = flags; + + /* dont pass events flags to child calls of _snprintf() */ + inner_flags &= ~NFT_OF_EVENT_ANY; + + ret = nft_event_header_fprintf(fp, type, flags); + NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); ret = fprintf(fp, "%s", nft_ruleset_o_opentag(type)); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); if ((nft_ruleset_attr_is_set(rs, NFT_RULESET_ATTR_TABLELIST)) && (!nft_table_list_is_empty(rs->table_list))) { - ret = nft_ruleset_fprintf_tables(fp, rs, type, flags); + ret = nft_ruleset_fprintf_tables(fp, rs, type, inner_flags); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); if (ret > 0) @@ -1007,7 +1024,7 @@ int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, ret = fprintf(fp, "%s", nft_ruleset_o_separator(prev, type)); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); - ret = nft_ruleset_fprintf_chains(fp, rs, type, flags); + ret = nft_ruleset_fprintf_chains(fp, rs, type, inner_flags); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); if (ret > 0) @@ -1019,7 +1036,7 @@ int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, ret = fprintf(fp, "%s", nft_ruleset_o_separator(prev, type)); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); - ret = nft_ruleset_fprintf_sets(fp, rs, type, flags); + ret = nft_ruleset_fprintf_sets(fp, rs, type, inner_flags); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); if (ret > 0) @@ -1031,13 +1048,16 @@ int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, ret = fprintf(fp, "%s", nft_ruleset_o_separator(prev, type)); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); - ret = nft_ruleset_fprintf_rules(fp, rs, type, flags); + ret = nft_ruleset_fprintf_rules(fp, rs, type, inner_flags); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); } ret = fprintf(fp, "%s", nft_ruleset_o_closetag(type)); NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); + ret = nft_event_footer_fprintf(fp, type, flags); + NFT_FPRINTF_RETURN_OR_FIXLEN(ret, len); + return len; } EXPORT_SYMBOL(nft_ruleset_fprintf); @@ -704,17 +704,37 @@ static int nft_set_snprintf_xml(char *buf, size_t size, struct nft_set *s, int nft_set_snprintf(char *buf, size_t size, struct nft_set *s, uint32_t type, uint32_t flags) { + int ret, len = size, offset = 0; + uint32_t inner_flags = flags; + + /* prevent set_elems to print as events */ + inner_flags &= ~NFT_OF_EVENT_ANY; + + ret = nft_event_header_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + switch(type) { case NFT_OUTPUT_DEFAULT: - return nft_set_snprintf_default(buf, size, s, type, flags); + ret = nft_set_snprintf_default(buf+offset, len, s, type, + inner_flags); + break; case NFT_OUTPUT_XML: - return nft_set_snprintf_xml(buf, size, s, flags); + ret = nft_set_snprintf_xml(buf+offset, len, s, inner_flags); + break; case NFT_OUTPUT_JSON: - return nft_set_snprintf_json(buf, size, s, type, flags); - default: + ret = nft_set_snprintf_json(buf+offset, len, s, type, + inner_flags); break; + default: + return -1; } - return -1; + + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = nft_event_footer_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; } EXPORT_SYMBOL(nft_set_snprintf); diff --git a/src/set_elem.c b/src/set_elem.c index 05fd08b..1eddce2 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -597,17 +597,31 @@ static int nft_set_elem_snprintf_xml(char *buf, size_t size, int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e, uint32_t type, uint32_t flags) { + int ret, len = size, offset = 0; + + ret = nft_event_header_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + switch(type) { case NFT_OUTPUT_DEFAULT: - return nft_set_elem_snprintf_default(buf, size, e); + ret = nft_set_elem_snprintf_default(buf+offset, len, e); + break; case NFT_OUTPUT_XML: - return nft_set_elem_snprintf_xml(buf, size, e, flags); + ret = nft_set_elem_snprintf_xml(buf+offset, len, e, flags); + break; case NFT_OUTPUT_JSON: - return nft_set_elem_snprintf_json(buf, size, e, flags); - default: + ret = nft_set_elem_snprintf_json(buf+offset, len, e, flags); break; + default: + return -1; } - return -1; + + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = nft_event_footer_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; } EXPORT_SYMBOL(nft_set_elem_snprintf); diff --git a/src/table.c b/src/table.c index 44e9a7b..b4d1663 100644 --- a/src/table.c +++ b/src/table.c @@ -441,17 +441,30 @@ static int nft_table_snprintf_default(char *buf, size_t size, struct nft_table * int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, uint32_t type, uint32_t flags) { + int ret, len = size, offset = 0; + + ret = nft_event_header_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + switch(type) { case NFT_OUTPUT_DEFAULT: - return nft_table_snprintf_default(buf, size, t); + ret = nft_table_snprintf_default(buf+offset, len, t); + break; case NFT_OUTPUT_XML: - return nft_table_snprintf_xml(buf, size, t); + ret = nft_table_snprintf_xml(buf+offset, len, t); + break; case NFT_OUTPUT_JSON: - return nft_table_snprintf_json(buf, size, t); - default: + ret = nft_table_snprintf_json(buf+offset, len, t); break; + default: + return -1; } - return -1; + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = nft_event_footer_snprintf(buf+offset, len, type, flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; } EXPORT_SYMBOL(nft_table_snprintf); |