diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-10-27 11:44:09 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-10-29 15:07:35 +0100 |
| commit | 0c6379953ab575b3b71dda4bcd94b940f0f68447 (patch) | |
| tree | 5c05aef9bd8a372faa1317bfe7895f3858e8ed70 /src | |
| parent | a42d2865bc7e96fe63276e22acd523d996aaf0a4 (diff) | |
src: add nft_ctx_output_{get,set}_stateless() to nft_ctx_output_{get,flags}_flags
Add NFT_CTX_OUTPUT_STATELESS flag and enable stateless printing from new
output flags interface.
This patch adds nft_output_save_flags() and nft_output_restore_flags()
to temporarily disable stateful printing
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/expression.c | 2 | ||||
| -rw-r--r-- | src/json.c | 9 | ||||
| -rw-r--r-- | src/libnftables.c | 10 | ||||
| -rw-r--r-- | src/main.c | 2 | ||||
| -rw-r--r-- | src/rule.c | 6 | ||||
| -rw-r--r-- | src/statement.c | 22 |
6 files changed, 24 insertions, 27 deletions
diff --git a/src/expression.c b/src/expression.c index d1d6bee4..25883ea7 100644 --- a/src/expression.c +++ b/src/expression.c @@ -1043,7 +1043,7 @@ static void set_elem_expr_print(const struct expr *expr, nft_print(octx, " timeout "); time_print(expr->timeout, octx); } - if (!octx->stateless && expr->expiration) { + if (!nft_output_stateless(octx) && expr->expiration) { nft_print(octx, " expires "); time_print(expr->expiration, octx); } @@ -1075,7 +1075,7 @@ json_t *quota_stmt_json(const struct stmt *stmt, struct output_ctx *octx) if (stmt->quota.flags & NFT_QUOTA_F_INV) json_object_set_new(root, "inv", json_true()); - if (!octx->stateless && stmt->quota.used) { + if (!nft_output_stateless(octx) && stmt->quota.used) { data_unit = get_rate(stmt->quota.used, &bytes); json_object_set_new(root, "used", json_integer(bytes)); json_object_set_new(root, "used_unit", json_string(data_unit)); @@ -1324,7 +1324,7 @@ json_t *reject_stmt_json(const struct stmt *stmt, struct output_ctx *octx) json_t *counter_stmt_json(const struct stmt *stmt, struct output_ctx *octx) { - if (octx->stateless) + if (nft_output_stateless(octx)) return json_pack("{s:n}", "counter"); return json_pack("{s:{s:I, s:I}}", "counter", @@ -1354,11 +1354,12 @@ json_t *objref_stmt_json(const struct stmt *stmt, struct output_ctx *octx) json_t *meter_stmt_json(const struct stmt *stmt, struct output_ctx *octx) { + unsigned int flags = octx->flags; json_t *root, *tmp; - octx->stateless++; + octx->flags |= NFT_CTX_OUTPUT_STATELESS; tmp = stmt_print_json(stmt->meter.stmt, octx); - octx->stateless--; + octx->flags = flags; root = json_pack("{s:o, s:o, s:i}", "key", expr_print_json(stmt->meter.key, octx), diff --git a/src/libnftables.c b/src/libnftables.c index 06d7c177..35e755e9 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -323,16 +323,6 @@ void nft_ctx_output_set_numeric(struct nft_ctx *ctx, ctx->output.numeric = level; } -bool nft_ctx_output_get_stateless(struct nft_ctx *ctx) -{ - return ctx->output.stateless; -} - -void nft_ctx_output_set_stateless(struct nft_ctx *ctx, bool val) -{ - ctx->output.stateless = val; -} - unsigned int nft_ctx_output_get_flags(struct nft_ctx *ctx) { return ctx->output.flags; @@ -228,7 +228,7 @@ int main(int argc, char * const *argv) nft_ctx_output_set_numeric(nft, numeric + 1); break; case OPT_STATELESS: - nft_ctx_output_set_stateless(nft, true); + output_flags |= NFT_CTX_OUTPUT_STATELESS; break; case OPT_IP2NAME: output_flags |= NFT_CTX_OUTPUT_REVERSEDNS; @@ -486,7 +486,7 @@ static void do_set_print(const struct set *set, struct print_fmt_options *opts, { set_print_declaration(set, opts, octx); - if (set->flags & NFT_SET_EVAL && octx->stateless) { + if (set->flags & NFT_SET_EVAL && nft_output_stateless(octx)) { nft_print(octx, "%s}%s", opts->tab, opts->nl); return; } @@ -1683,7 +1683,7 @@ static void obj_print_data(const struct obj *obj, if (octx->handle > 0) nft_print(octx, " # handle %" PRIu64, obj->handle.handle.id); nft_print(octx, "%s%s%s", opts->nl, opts->tab, opts->tab); - if (octx->stateless) { + if (nft_output_stateless(octx)) { nft_print(octx, "packets 0 bytes 0"); break; } @@ -1702,7 +1702,7 @@ static void obj_print_data(const struct obj *obj, nft_print(octx, "%s%" PRIu64 " %s", obj->quota.flags & NFT_QUOTA_F_INV ? "over " : "", bytes, data_unit); - if (!octx->stateless && obj->quota.used) { + if (!nft_output_stateless(octx) && obj->quota.used) { data_unit = get_rate(obj->quota.used, &bytes); nft_print(octx, " used %" PRIu64 " %s", bytes, data_unit); diff --git a/src/statement.c b/src/statement.c index e50ac706..1eaaf585 100644 --- a/src/statement.c +++ b/src/statement.c @@ -112,6 +112,8 @@ struct stmt *verdict_stmt_alloc(const struct location *loc, struct expr *expr) static void meter_stmt_print(const struct stmt *stmt, struct output_ctx *octx) { + unsigned int flags = octx->flags; + nft_print(octx, "meter "); if (stmt->meter.set) { expr_print(stmt->meter.set, octx); @@ -121,9 +123,9 @@ static void meter_stmt_print(const struct stmt *stmt, struct output_ctx *octx) expr_print(stmt->meter.key, octx); nft_print(octx, " "); - octx->stateless++; + octx->flags |= NFT_CTX_OUTPUT_STATELESS; stmt_print(stmt->meter.stmt, octx); - octx->stateless--; + octx->flags = flags; nft_print(octx, "} "); @@ -175,7 +177,7 @@ static void counter_stmt_print(const struct stmt *stmt, struct output_ctx *octx) { nft_print(octx, "counter"); - if (octx->stateless) + if (nft_output_stateless(octx)) return; nft_print(octx, " packets %" PRIu64 " bytes %" PRIu64, @@ -463,7 +465,7 @@ static void quota_stmt_print(const struct stmt *stmt, struct output_ctx *octx) nft_print(octx, "quota %s%" PRIu64 " %s", inv ? "over " : "", bytes, data_unit); - if (!octx->stateless && stmt->quota.used) { + if (!nft_output_stateless(octx) && stmt->quota.used) { data_unit = get_rate(stmt->quota.used, &used); nft_print(octx, " used %" PRIu64 " %s", used, data_unit); } @@ -631,15 +633,17 @@ const char * const set_stmt_op_names[] = { static void set_stmt_print(const struct stmt *stmt, struct output_ctx *octx) { + unsigned int flags = octx->flags; + nft_print(octx, "%s ", set_stmt_op_names[stmt->set.op]); expr_print(stmt->set.set, octx); nft_print(octx, " { "); expr_print(stmt->set.key, octx); if (stmt->set.stmt) { nft_print(octx, " "); - octx->stateless++; + octx->flags |= NFT_CTX_OUTPUT_STATELESS; stmt_print(stmt->set.stmt, octx); - octx->stateless--; + octx->flags = flags; } nft_print(octx, " }"); } @@ -665,15 +669,17 @@ struct stmt *set_stmt_alloc(const struct location *loc) static void map_stmt_print(const struct stmt *stmt, struct output_ctx *octx) { + unsigned int flags = octx->flags; + nft_print(octx, "%s ", set_stmt_op_names[stmt->map.op]); expr_print(stmt->map.set, octx); nft_print(octx, " { "); expr_print(stmt->map.key, octx); if (stmt->map.stmt) { nft_print(octx, " "); - octx->stateless++; + octx->flags |= NFT_CTX_OUTPUT_STATELESS; stmt_print(stmt->map.stmt, octx); - octx->stateless--; + octx->flags = flags; } nft_print(octx, " : "); expr_print(stmt->map.data, octx); |