| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It deletes the immediatedata label in the structure of json and xml file.
Example of the old structure of xmlfile:
<nftables>
<rule>
<family>ip</family>
<table>filter</table>
<chain>input</chain>
<handle>32</handle>
<expr type="immediate">
<dreg>0</dreg>
<immediatedata>
<data_reg type="verdict">
<verdict>accept</verdict>
</data_reg>
</immediatedata>
</expr>
</rule>
</nftables>
Example of the new structure of xmlfile:
<nftables>
<rule>
<family>ip</family>
<table>filter</table>
<chain>input</chain>
<handle>32</handle>
<expr type="immediate">
<dreg>0</dreg>
<data_reg type="verdict">
<verdict>accept</verdict>
</data_reg>
</expr>
</rule>
</nftables>
To generate the new testfiles, It use the option -u of nft-parsing-test
script.
Signed-off-by: Ana Rey <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
It delete the cmpdata label in the structure of json and xml file.
Example of xmlfile:
The old structure of xml file:
[...]
<expr type="cmp">
<sreg>1</sreg>
<op>eq</op>
<cmpdata>
<data_reg type="value">
<len>4</len>
<data0>0x0100a8c0</data0>
</data_reg>
</cmpdata>
</expr>
The new structure of json file:
[...]
<expr type="cmp">
<sreg>1</sreg>
<op>eq</op>
<data_reg type="value">
<len>4</len>
<data0>0x0100a8c0</data0>
</data_reg>
</expr>
[...]
To generate the new testfiles, It use the option -u of nft-parsing-test
script.
Signed-off-by: Ana Rey <anarey@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|\
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This patch includes changes to adapt this branch to the library
rename that happened in the master branch.
Conflicts:
src/Makefile.am
src/expr/cmp.c
src/expr/ct.c
src/expr/data_reg.c
src/expr/meta.c
tests/jsonfiles/01-table.json
tests/jsonfiles/02-table.json
tests/jsonfiles/64-ruleset.json
tests/xmlfiles/01-table.xml
tests/xmlfiles/02-table.xml
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All testfiles are now enclosed in the corresponding top element, ie.
* XML: <nftables>...</nftables>
* JSON: {"nftables":[...]}
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Parsing tests were failing because a missing 'use' attribute in tables.
validating xmlfiles/02-table.xml: FAILED
from file: 0</flags></table>
f
from snprintf: 0</flags><use>0</use
^
[...]
validating jsonfiles/64-ruleset.json: FAILED
from file: ,"flags":0}},{"chain
from snprintf: ,"flags":0,"use":0}}
^
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
| |
It should have been done in (2cba099 rule: remove
NFT_RULE_ATTR_FLAGS).
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove all the spaces from the JSON output to reduce the size
of the output string, this also provides a consistent output
in table, chain, rule and set.
As Stephen Hemminger suggested, better to squash the output to
consume as less bytes as possible.
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|
|
This patch adds a low level ruleset API for libnftables.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
|