diff options
author | Fernando Fernandez Mancera <ffmancera@riseup.net> | 2019-05-24 15:06:47 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-05-24 21:29:54 +0200 |
commit | f1e8a129ee428419a0d5a45a2f410e8e4008d109 (patch) | |
tree | 7216ec99ab5873ca6706c766a04b4d0209efef90 /src/netlink.c | |
parent | 4b0f2a712b5792d2842d89fe68d4230e0eb05c7e (diff) |
src: Introduce chain_expr in jump and goto statements
Introduce expressions as a chain in jump and goto statements.
This is going to be used to support variables as a chain in the
following patches.
Signed-off-by: Fernando Fernandez Mancera <ffmancera@riseup.net>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/netlink.c')
-rw-r--r-- | src/netlink.c | 26 |
1 files changed, 21 insertions, 5 deletions
diff --git a/src/netlink.c b/src/netlink.c index c051ae6c..ef12cb01 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -218,12 +218,17 @@ static void netlink_gen_constant_data(const struct expr *expr, static void netlink_gen_verdict(const struct expr *expr, struct nft_data_linearize *data) { + char chain[NFT_CHAIN_MAXNAMELEN]; + data->verdict = expr->verdict; switch (expr->verdict) { case NFT_JUMP: case NFT_GOTO: - snprintf(data->chain, NFT_CHAIN_MAXNAMELEN, "%s", expr->chain); + mpz_export_data(chain, expr->chain->value, + BYTEORDER_HOST_ENDIAN, + NFT_CHAIN_MAXNAMELEN); + snprintf(data->chain, NFT_CHAIN_MAXNAMELEN, "%s", chain); data->chain[NFT_CHAIN_MAXNAMELEN-1] = '\0'; break; } @@ -253,12 +258,15 @@ struct expr *netlink_alloc_value(const struct location *loc, static struct expr *netlink_alloc_verdict(const struct location *loc, const struct nft_data_delinearize *nld) { - char *chain; + struct expr *chain; switch (nld->verdict) { case NFT_JUMP: case NFT_GOTO: - chain = xstrdup(nld->chain); + chain = constant_expr_alloc(loc, &string_type, + BYTEORDER_HOST_ENDIAN, + NFT_CHAIN_MAXNAMELEN * + BITS_PER_BYTE, nld->chain); break; default: chain = NULL; @@ -1153,14 +1161,22 @@ static void trace_print_expr(const struct nftnl_trace *nlt, unsigned int attr, static void trace_print_verdict(const struct nftnl_trace *nlt, struct output_ctx *octx) { + struct expr *chain_expr = NULL; const char *chain = NULL; unsigned int verdict; struct expr *expr; verdict = nftnl_trace_get_u32(nlt, NFTNL_TRACE_VERDICT); - if (nftnl_trace_is_set(nlt, NFTNL_TRACE_JUMP_TARGET)) + if (nftnl_trace_is_set(nlt, NFTNL_TRACE_JUMP_TARGET)) { chain = xstrdup(nftnl_trace_get_str(nlt, NFTNL_TRACE_JUMP_TARGET)); - expr = verdict_expr_alloc(&netlink_location, verdict, chain); + chain_expr = constant_expr_alloc(&netlink_location, + &string_type, + BYTEORDER_HOST_ENDIAN, + NFT_CHAIN_MAXNAMELEN + * BITS_PER_BYTE, + chain); + } + expr = verdict_expr_alloc(&netlink_location, verdict, chain_expr); nft_print(octx, "verdict "); expr_print(expr, octx); |