diff options
author | Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> | 2014-01-23 17:42:34 +0000 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2014-01-23 17:42:34 +0000 |
commit | cb86c1691c6900881b43229c07779412ffc48154 (patch) | |
tree | 4017d9fa5d34d883f2c432d84e91ce86df53c879 /src/netlink.c | |
parent | 2f61f093c3149465f2a68764b25c817adbe87fcd (diff) |
ruleset: add XML/JSON export
This patch adds the following operation:
:~# nft export <xml|json>
The XML/JSON output is provided raw by libnftnl, thus without format.
In case of XML, you can give format with the `xmllint' tool from libxml2-tools:
:~# nft list ruleset xml | xmllint --format -
In case of JSON, you can use `json_pp' from perl standar package:
:~# nft list ruleset json | json_pp
A format field is added in struct cmd, and it will be reused in the import
operation.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'src/netlink.c')
-rw-r--r-- | src/netlink.c | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/src/netlink.c b/src/netlink.c index 84be505d..98e7fc6c 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -13,12 +13,15 @@ #include <fcntl.h> #include <errno.h> #include <libmnl/libmnl.h> +#include <netinet/in.h> +#include <arpa/inet.h> #include <libnftnl/table.h> #include <libnftnl/chain.h> #include <libnftnl/expr.h> #include <libnftnl/set.h> #include <linux/netfilter/nf_tables.h> +#include <linux/netfilter.h> #include <nftables.h> #include <netlink.h> @@ -1050,3 +1053,17 @@ int netlink_batch_send(struct list_head *err_list) { return mnl_batch_talk(nf_sock, err_list); } + +struct nft_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx, + const struct handle *h, + const struct location *loc) +{ + struct nft_ruleset *rs; + + rs = mnl_nft_ruleset_dump(nf_sock, h->family); + if (rs == NULL) + netlink_io_error(ctx, loc, "Could not receive ruleset: %s", + strerror(errno)); + + return rs; +} |