summaryrefslogtreecommitdiffstats
path: root/src/ruleset.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/ruleset.c')
-rw-r--r--src/ruleset.c200
1 files changed, 74 insertions, 126 deletions
diff --git a/src/ruleset.c b/src/ruleset.c
index 2468bd4..185aa48 100644
--- a/src/ruleset.c
+++ b/src/ruleset.c
@@ -305,51 +305,15 @@ int nftnl_ruleset_parse_file(struct nftnl_ruleset *rs, enum nftnl_parse_type typ
return nftnl_ruleset_parse_file_cb(type, fp, err, rs, nftnl_ruleset_cb);
}
-static const char *nftnl_ruleset_o_opentag(uint32_t type)
-{
- switch (type) {
- case NFTNL_OUTPUT_JSON:
- return "{\"nftables\":[";
- case NFTNL_OUTPUT_XML:
- default:
- return "";
- }
-}
-
-static const char *nftnl_ruleset_o_separator(void *obj, uint32_t type)
-{
- if (obj == NULL)
- return "";
-
- switch (type) {
- case NFTNL_OUTPUT_JSON:
- return ",";
- case NFTNL_OUTPUT_DEFAULT:
- return "\n";
- default:
- return "";
- }
-}
-
-static const char *nftnl_ruleset_o_closetag(uint32_t type)
-{
- switch (type) {
- case NFTNL_OUTPUT_JSON:
- return "]}";
- case NFTNL_OUTPUT_XML:
- default:
- return "";
- }
-}
-
static int
-nftnl_ruleset_snprintf_table(char *buf, size_t size,
+nftnl_ruleset_snprintf_table(char *buf, size_t remain,
const struct nftnl_ruleset *rs, uint32_t type,
uint32_t flags)
{
struct nftnl_table *t;
struct nftnl_table_list_iter *ti;
- int ret, remain = size, offset = 0;
+ const char *sep = "";
+ int ret, offset = 0;
ti = nftnl_table_list_iter_create(rs->table_list);
if (ti == NULL)
@@ -357,14 +321,14 @@ nftnl_ruleset_snprintf_table(char *buf, size_t size,
t = nftnl_table_list_iter_next(ti);
while (t != NULL) {
+ ret = snprintf(buf + offset, remain, "%s", sep);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
ret = nftnl_table_snprintf(buf + offset, remain, t, type, flags);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
t = nftnl_table_list_iter_next(ti);
-
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(t, type));
- SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+ sep = "\n";
}
nftnl_table_list_iter_destroy(ti);
@@ -372,13 +336,14 @@ nftnl_ruleset_snprintf_table(char *buf, size_t size,
}
static int
-nftnl_ruleset_snprintf_chain(char *buf, size_t size,
+nftnl_ruleset_snprintf_chain(char *buf, size_t remain,
const struct nftnl_ruleset *rs, uint32_t type,
uint32_t flags)
{
struct nftnl_chain *c;
struct nftnl_chain_list_iter *ci;
- int ret, remain = size, offset = 0;
+ const char *sep = "";
+ int ret, offset = 0;
ci = nftnl_chain_list_iter_create(rs->chain_list);
if (ci == NULL)
@@ -386,14 +351,14 @@ nftnl_ruleset_snprintf_chain(char *buf, size_t size,
c = nftnl_chain_list_iter_next(ci);
while (c != NULL) {
+ ret = snprintf(buf + offset, remain, "%s", sep);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
ret = nftnl_chain_snprintf(buf + offset, remain, c, type, flags);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
c = nftnl_chain_list_iter_next(ci);
-
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(c, type));
- SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+ sep = "\n";
}
nftnl_chain_list_iter_destroy(ci);
@@ -401,13 +366,14 @@ nftnl_ruleset_snprintf_chain(char *buf, size_t size,
}
static int
-nftnl_ruleset_snprintf_set(char *buf, size_t size,
+nftnl_ruleset_snprintf_set(char *buf, size_t remain,
const struct nftnl_ruleset *rs, uint32_t type,
uint32_t flags)
{
struct nftnl_set *s;
struct nftnl_set_list_iter *si;
- int ret, remain = size, offset = 0;
+ const char *sep = "";
+ int ret, offset = 0;
si = nftnl_set_list_iter_create(rs->set_list);
if (si == NULL)
@@ -415,14 +381,14 @@ nftnl_ruleset_snprintf_set(char *buf, size_t size,
s = nftnl_set_list_iter_next(si);
while (s != NULL) {
+ ret = snprintf(buf + offset, remain, "%s", sep);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
ret = nftnl_set_snprintf(buf + offset, remain, s, type, flags);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
s = nftnl_set_list_iter_next(si);
-
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(s, type));
- SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+ sep = "\n";
}
nftnl_set_list_iter_destroy(si);
@@ -430,13 +396,14 @@ nftnl_ruleset_snprintf_set(char *buf, size_t size,
}
static int
-nftnl_ruleset_snprintf_rule(char *buf, size_t size,
+nftnl_ruleset_snprintf_rule(char *buf, size_t remain,
const struct nftnl_ruleset *rs, uint32_t type,
uint32_t flags)
{
struct nftnl_rule *r;
struct nftnl_rule_list_iter *ri;
- int ret, remain = size, offset = 0;
+ const char *sep = "";
+ int ret, offset = 0;
ri = nftnl_rule_list_iter_create(rs->rule_list);
if (ri == NULL)
@@ -444,14 +411,14 @@ nftnl_ruleset_snprintf_rule(char *buf, size_t size,
r = nftnl_rule_list_iter_next(ri);
while (r != NULL) {
+ ret = snprintf(buf + offset, remain, "%s", sep);
+ SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+
ret = nftnl_rule_snprintf(buf + offset, remain, r, type, flags);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
r = nftnl_rule_list_iter_next(ri);
-
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(r, type));
- SNPRINTF_BUFFER_SIZE(ret, remain, offset);
+ sep = "\n";
}
nftnl_rule_list_iter_destroy(ri);
@@ -459,12 +426,13 @@ nftnl_ruleset_snprintf_rule(char *buf, size_t size,
}
static int
-nftnl_ruleset_do_snprintf(char *buf, size_t size, const struct nftnl_ruleset *rs,
- uint32_t cmd, uint32_t type, uint32_t flags)
+nftnl_ruleset_do_snprintf(char *buf, size_t remain,
+ const struct nftnl_ruleset *rs,
+ uint32_t cmd, uint32_t type, uint32_t flags)
{
- int ret, remain = size, offset = 0;
- void *prev = NULL;
uint32_t inner_flags = flags;
+ const char *sep = "";
+ int ret, offset = 0;
/* dont pass events flags to child calls of _snprintf() */
inner_flags &= ~NFTNL_OF_EVENT_ANY;
@@ -476,13 +444,12 @@ nftnl_ruleset_do_snprintf(char *buf, size_t size, const struct nftnl_ruleset *rs
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
if (ret > 0)
- prev = rs->table_list;
+ sep = "\n";
}
if (nftnl_ruleset_is_set(rs, NFTNL_RULESET_CHAINLIST) &&
(!nftnl_chain_list_is_empty(rs->chain_list))) {
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(prev, type));
+ ret = snprintf(buf + offset, remain, "%s", sep);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
ret = nftnl_ruleset_snprintf_chain(buf + offset, remain, rs,
@@ -490,13 +457,12 @@ nftnl_ruleset_do_snprintf(char *buf, size_t size, const struct nftnl_ruleset *rs
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
if (ret > 0)
- prev = rs->chain_list;
+ sep = "\n";
}
if (nftnl_ruleset_is_set(rs, NFTNL_RULESET_SETLIST) &&
(!nftnl_set_list_is_empty(rs->set_list))) {
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(prev, type));
+ ret = snprintf(buf + offset, remain, "%s", sep);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
ret = nftnl_ruleset_snprintf_set(buf + offset, remain, rs,
@@ -504,13 +470,12 @@ nftnl_ruleset_do_snprintf(char *buf, size_t size, const struct nftnl_ruleset *rs
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
if (ret > 0)
- prev = rs->set_list;
+ sep = "\n";
}
if (nftnl_ruleset_is_set(rs, NFTNL_RULESET_RULELIST) &&
(!nftnl_rule_list_is_empty(rs->rule_list))) {
- ret = snprintf(buf + offset, remain, "%s",
- nftnl_ruleset_o_separator(prev, type));
+ ret = snprintf(buf + offset, remain, "%s", sep);
SNPRINTF_BUFFER_SIZE(ret, remain, offset);
ret = nftnl_ruleset_snprintf_rule(buf + offset, remain, rs,
@@ -521,21 +486,6 @@ nftnl_ruleset_do_snprintf(char *buf, size_t size, const struct nftnl_ruleset *rs
return offset;
}
-static int nftnl_ruleset_cmd_snprintf(char *buf, size_t size,
- const struct nftnl_ruleset *r, uint32_t cmd,
- uint32_t type, uint32_t flags)
-{
- switch (type) {
- case NFTNL_OUTPUT_DEFAULT:
- case NFTNL_OUTPUT_JSON:
- return nftnl_ruleset_do_snprintf(buf, size, r, cmd, type, flags);
- case NFTNL_OUTPUT_XML:
- default:
- errno = EOPNOTSUPP;
- return -1;
- }
-}
-
EXPORT_SYMBOL(nftnl_ruleset_snprintf);
int nftnl_ruleset_snprintf(char *buf, size_t size, const struct nftnl_ruleset *r,
uint32_t type, uint32_t flags)
@@ -543,17 +493,12 @@ int nftnl_ruleset_snprintf(char *buf, size_t size, const struct nftnl_ruleset *r
if (size)
buf[0] = '\0';
- switch (type) {
- case NFTNL_OUTPUT_DEFAULT:
- case NFTNL_OUTPUT_JSON:
- return nftnl_ruleset_cmd_snprintf(buf, size, r,
- nftnl_flag2cmd(flags), type,
- flags);
- case NFTNL_OUTPUT_XML:
- default:
+ if (type != NFTNL_OUTPUT_DEFAULT) {
errno = EOPNOTSUPP;
return -1;
}
+ return nftnl_ruleset_do_snprintf(buf, size, r, nftnl_flag2cmd(flags),
+ type, flags);
}
static int nftnl_ruleset_fprintf_tables(FILE *fp, const struct nftnl_ruleset *rs,
@@ -562,6 +507,7 @@ static int nftnl_ruleset_fprintf_tables(FILE *fp, const struct nftnl_ruleset *rs
int len = 0, ret = 0;
struct nftnl_table *t;
struct nftnl_table_list_iter *ti;
+ const char *sep = "";
ti = nftnl_table_list_iter_create(rs->table_list);
if (ti == NULL)
@@ -569,19 +515,21 @@ static int nftnl_ruleset_fprintf_tables(FILE *fp, const struct nftnl_ruleset *rs
t = nftnl_table_list_iter_next(ti);
while (t != NULL) {
- ret = nftnl_table_fprintf(fp, t, type, flags);
+ ret = fprintf(fp, "%s", sep);
if (ret < 0)
goto err;
len += ret;
- t = nftnl_table_list_iter_next(ti);
-
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(t, type));
+ ret = nftnl_table_fprintf(fp, t, type, flags);
if (ret < 0)
goto err;
len += ret;
+
+ t = nftnl_table_list_iter_next(ti);
+ sep = "\n";
+
}
nftnl_table_list_iter_destroy(ti);
@@ -597,6 +545,7 @@ static int nftnl_ruleset_fprintf_chains(FILE *fp, const struct nftnl_ruleset *rs
int len = 0, ret = 0;
struct nftnl_chain *o;
struct nftnl_chain_list_iter *i;
+ const char *sep = "";
i = nftnl_chain_list_iter_create(rs->chain_list);
if (i == NULL)
@@ -604,19 +553,20 @@ static int nftnl_ruleset_fprintf_chains(FILE *fp, const struct nftnl_ruleset *rs
o = nftnl_chain_list_iter_next(i);
while (o != NULL) {
- ret = nftnl_chain_fprintf(fp, o, type, flags);
+ ret = fprintf(fp, "%s", sep);
if (ret < 0)
goto err;
len += ret;
- o = nftnl_chain_list_iter_next(i);
-
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(o, type));
+ ret = nftnl_chain_fprintf(fp, o, type, flags);
if (ret < 0)
goto err;
len += ret;
+
+ o = nftnl_chain_list_iter_next(i);
+ sep = "\n";
}
nftnl_chain_list_iter_destroy(i);
@@ -632,6 +582,7 @@ static int nftnl_ruleset_fprintf_sets(FILE *fp, const struct nftnl_ruleset *rs,
int len = 0, ret = 0;
struct nftnl_set *o;
struct nftnl_set_list_iter *i;
+ const char *sep = "";
i = nftnl_set_list_iter_create(rs->set_list);
if (i == NULL)
@@ -639,19 +590,20 @@ static int nftnl_ruleset_fprintf_sets(FILE *fp, const struct nftnl_ruleset *rs,
o = nftnl_set_list_iter_next(i);
while (o != NULL) {
- ret = nftnl_set_fprintf(fp, o, type, flags);
+ ret = fprintf(fp, "%s", sep);
if (ret < 0)
goto err;
len += ret;
- o = nftnl_set_list_iter_next(i);
-
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(o, type));
+ ret = nftnl_set_fprintf(fp, o, type, flags);
if (ret < 0)
goto err;
len += ret;
+
+ o = nftnl_set_list_iter_next(i);
+ sep = "\n";
}
nftnl_set_list_iter_destroy(i);
@@ -667,6 +619,7 @@ static int nftnl_ruleset_fprintf_rules(FILE *fp, const struct nftnl_ruleset *rs,
int len = 0, ret = 0;
struct nftnl_rule *o;
struct nftnl_rule_list_iter *i;
+ const char *sep = "";
i = nftnl_rule_list_iter_create(rs->rule_list);
if (i == NULL)
@@ -674,19 +627,20 @@ static int nftnl_ruleset_fprintf_rules(FILE *fp, const struct nftnl_ruleset *rs,
o = nftnl_rule_list_iter_next(i);
while (o != NULL) {
- ret = nftnl_rule_fprintf(fp, o, type, flags);
+ ret = fprintf(fp, "%s", sep);
if (ret < 0)
goto err;
len += ret;
- o = nftnl_rule_list_iter_next(i);
-
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(o, type));
+ ret = nftnl_rule_fprintf(fp, o, type, flags);
if (ret < 0)
goto err;
len += ret;
+
+ o = nftnl_rule_list_iter_next(i);
+ sep = "\n";
}
nftnl_rule_list_iter_destroy(i);
@@ -705,60 +659,54 @@ static int nftnl_ruleset_cmd_fprintf(FILE *fp, const struct nftnl_ruleset *rs,
uint32_t cmd, uint32_t type, uint32_t flags)
{
int len = 0, ret = 0;
- void *prev = NULL;
uint32_t inner_flags = flags;
+ const char *sep = "";
/* dont pass events flags to child calls of _snprintf() */
inner_flags &= ~NFTNL_OF_EVENT_ANY;
- ret = fprintf(fp, "%s", nftnl_ruleset_o_opentag(type));
- NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
-
if ((nftnl_ruleset_is_set(rs, NFTNL_RULESET_TABLELIST)) &&
(!nftnl_table_list_is_empty(rs->table_list))) {
ret = nftnl_ruleset_fprintf_tables(fp, rs, type, inner_flags);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
if (ret > 0)
- prev = rs->table_list;
+ sep = "\n";
}
if ((nftnl_ruleset_is_set(rs, NFTNL_RULESET_CHAINLIST)) &&
(!nftnl_chain_list_is_empty(rs->chain_list))) {
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(prev, type));
+ ret = fprintf(fp, "%s", sep);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
ret = nftnl_ruleset_fprintf_chains(fp, rs, type, inner_flags);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
if (ret > 0)
- prev = rs->chain_list;
+ sep = "\n";
}
if ((nftnl_ruleset_is_set(rs, NFTNL_RULESET_SETLIST)) &&
(!nftnl_set_list_is_empty(rs->set_list))) {
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(prev, type));
+ ret = fprintf(fp, "%s", sep);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
ret = nftnl_ruleset_fprintf_sets(fp, rs, type, inner_flags);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
if (ret > 0)
- prev = rs->set_list;
+ sep = "\n";
}
if ((nftnl_ruleset_is_set(rs, NFTNL_RULESET_RULELIST)) &&
(!nftnl_rule_list_is_empty(rs->rule_list))) {
- ret = fprintf(fp, "%s", nftnl_ruleset_o_separator(prev, type));
+ ret = fprintf(fp, "%s", sep);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
ret = nftnl_ruleset_fprintf_rules(fp, rs, type, inner_flags);
NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
}
- ret = fprintf(fp, "%s", nftnl_ruleset_o_closetag(type));
- NFTNL_FPRINTF_RETURN_OR_FIXLEN(ret, len);
-
return len;
}