diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-10-26 13:15:10 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-10-30 09:29:05 +0100 |
commit | 3fdc7541fba079f9626bcb1605368a7da3a8d81a (patch) | |
tree | 8e83aa0d4ceb4f8f66325776b80301cf68afa42d /src/parser_json.c | |
parent | 6b53baa89f5b6a0c1d2520820d9654418cda7105 (diff) |
src: add multidevice support for netdev chain
This patch allows you to specify multiple netdevices to be bound to the
netdev basechain, eg.
# nft add chain netdev x y { \
type filter hook ingress devices = { eth0, eth1 } priority 0\; }
json codebase has been updated to support for one single device with the
existing representation, no support for multidevice is included in this
patch.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/parser_json.c')
-rw-r--r-- | src/parser_json.c | 18 |
1 files changed, 15 insertions, 3 deletions
diff --git a/src/parser_json.c b/src/parser_json.c index fe0c5df9..a9bcb84f 100644 --- a/src/parser_json.c +++ b/src/parser_json.c @@ -17,6 +17,7 @@ #include <netinet/icmp6.h> #include <netinet/ip.h> #include <netinet/ip_icmp.h> +#include <net/if.h> #include <linux/xfrm.h> #include <linux/netfilter.h> @@ -2581,8 +2582,9 @@ static struct cmd *json_parse_cmd_add_chain(struct json_ctx *ctx, json_t *root, .table.location = *int_loc, }; const char *family = "", *policy = "", *type, *hookstr; - int prio; + const char name[IFNAMSIZ]; struct chain *chain; + int prio; if (json_unpack_err(ctx, root, "{s:s, s:s}", "family", &family, @@ -2626,8 +2628,18 @@ static struct cmd *json_parse_cmd_add_chain(struct json_ctx *ctx, json_t *root, return NULL; } - if (!json_unpack(root, "{s:s}", "dev", &chain->dev)) - chain->dev = xstrdup(chain->dev); + if (!json_unpack(root, "{s:s}", "dev", &name)) { + struct expr *dev_expr, *expr; + + dev_expr = compound_expr_alloc(int_loc, EXPR_LIST); + expr = constant_expr_alloc(int_loc, &integer_type, + BYTEORDER_HOST_ENDIAN, + strlen(name) * BITS_PER_BYTE, + name); + compound_expr_add(dev_expr, expr); + chain->dev_expr = dev_expr; + } + if (!json_unpack(root, "{s:s}", "policy", &policy)) { chain->policy = parse_policy(policy); if (!chain->policy) { |