summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorJeremy Sowden <jeremy@azazel.net>2019-10-21 22:49:22 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2019-10-22 09:39:41 +0200
commit46763359adc3be45f7202dc0a130718203bfafce (patch)
tree08e359a29b53a0fe9a0073aa0be9d0a4a3adbe73 /src
parent27c9fc5e879c903e4e9ddefc27b0110bab3a1d87 (diff)
src: add --terse to suppress output of set elements.
Listing an entire ruleset or a table with `nft list` prints the elements of all set definitions within the ruleset or table. Seeing the full set contents is not often necessary especially when requesting to see someone's ruleset for help and support purposes. Add a new option '-t, --terse' options to suppress the output of set contents. Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1374 Signed-off-by: Jeremy Sowden <jeremy@azazel.net> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/main.c11
-rw-r--r--src/rule.c3
2 files changed, 12 insertions, 2 deletions
diff --git a/src/main.c b/src/main.c
index 238c5e0b..ebd6d7c3 100644
--- a/src/main.c
+++ b/src/main.c
@@ -43,9 +43,10 @@ enum opt_vals {
OPT_NUMERIC_PRIO = 'y',
OPT_NUMERIC_PROTO = 'p',
OPT_NUMERIC_TIME = 'T',
+ OPT_TERSE = 't',
OPT_INVALID = '?',
};
-#define OPTSTRING "+hvcf:iI:jvnsNaeSupypT"
+#define OPTSTRING "+hvcf:iI:jvnsNaeSupypTt"
static const struct option options[] = {
{
@@ -120,6 +121,10 @@ static const struct option options[] = {
.val = OPT_NUMERIC_TIME,
},
{
+ .name = "terse",
+ .val = OPT_TERSE,
+ },
+ {
.name = NULL
}
};
@@ -140,6 +145,7 @@ static void show_help(const char *name)
" -j, --json Format output in JSON\n"
" -n, --numeric Print fully numerical output.\n"
" -s, --stateless Omit stateful information of ruleset.\n"
+" -t, --terse Omit contents of sets.\n"
" -u, --guid Print UID/GID as defined in /etc/passwd and /etc/group.\n"
" -N Translate IP addresses to names.\n"
" -S, --service Translate ports to service names as described in /etc/services.\n"
@@ -301,6 +307,9 @@ int main(int argc, char * const *argv)
case OPT_NUMERIC_TIME:
output_flags |= NFT_CTX_OUTPUT_NUMERIC_TIME;
break;
+ case OPT_TERSE:
+ output_flags |= NFT_CTX_OUTPUT_TERSE;
+ break;
case OPT_INVALID:
exit(EXIT_FAILURE);
}
diff --git a/src/rule.c b/src/rule.c
index 55894cbd..64756bce 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -538,7 +538,8 @@ static void do_set_print(const struct set *set, struct print_fmt_options *opts,
{
set_print_declaration(set, opts, octx);
- if (set->flags & NFT_SET_EVAL && nft_output_stateless(octx)) {
+ if ((set->flags & NFT_SET_EVAL && nft_output_stateless(octx)) ||
+ nft_output_terse(octx)) {
nft_print(octx, "%s}%s", opts->tab, opts->nl);
return;
}