diff options
| author | Florian Westphal <fw@strlen.de> | 2018-08-29 11:37:41 +0200 |
|---|---|---|
| committer | Florian Westphal <fw@strlen.de> | 2018-08-29 23:55:02 +0200 |
| commit | cd11fe1224af5dba5a04aaadf68ad5ca982177f5 (patch) | |
| tree | e19bb8695f399fe7be4750fe4e992f274310c05d /src | |
| parent | bb594473acd532aee6a268a6b27fd529ac71d4b5 (diff) | |
src: tproxy: add json support
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'src')
| -rw-r--r-- | src/json.c | 26 | ||||
| -rw-r--r-- | src/parser_json.c | 43 | ||||
| -rw-r--r-- | src/statement.c | 1 |
3 files changed, 70 insertions, 0 deletions
@@ -1297,6 +1297,32 @@ json_t *connlimit_stmt_json(const struct stmt *stmt, struct output_ctx *octx) return json_pack("{s:o}", "ct count", root); } +json_t *tproxy_stmt_json(const struct stmt *stmt, struct output_ctx *octx) +{ + json_t *root = json_object(); + + if (stmt->tproxy.addr) { + int family; + json_t *tmp; + + family = stmt->tproxy.table_family; + if (family == NFPROTO_INET) + family = stmt->tproxy.family; + + tmp = json_string(family2str(family)); + json_object_set_new(root, "family", tmp); + + tmp = expr_print_json(stmt->tproxy.addr, octx); + json_object_set_new(root, "addr", tmp); + } + + if (stmt->tproxy.port) + json_object_set_new(root, "port", + expr_print_json(stmt->tproxy.port, octx)); + + return json_pack("{s:o}", "tproxy", root); +} + static json_t *table_print_json_full(struct netlink_ctx *ctx, struct table *table) { diff --git a/src/parser_json.c b/src/parser_json.c index 6d8cda97..3d96000b 100644 --- a/src/parser_json.c +++ b/src/parser_json.c @@ -1796,6 +1796,48 @@ static struct stmt *json_parse_nat_stmt(struct json_ctx *ctx, return stmt; } +static struct stmt *json_parse_tproxy_stmt(struct json_ctx *ctx, + const char *key, json_t *value) +{ + json_t *jaddr, *tmp; + const char *family; + struct stmt *stmt; + int familyval; + + stmt = tproxy_stmt_alloc(int_loc); + + if (json_unpack(value, "{s:s, s:o}", + "family", &family, "addr", &jaddr)) + goto try_port; + + familyval = parse_family(family); + if (familyval != NFPROTO_IPV4 && + familyval != NFPROTO_IPV6) { + json_error(ctx, "Invalid family '%s'.", family); + goto out_free; + } + stmt->tproxy.family = familyval; + + stmt->tproxy.addr = json_parse_stmt_expr(ctx, jaddr); + if (!stmt->tproxy.addr) { + json_error(ctx, "Invalid addr."); + goto out_free; + } +try_port: + if (!json_unpack(value, "{s:o}", "port", &tmp)) { + stmt->tproxy.port = json_parse_stmt_expr(ctx, tmp); + if (!stmt->tproxy.port) { + json_error(ctx, "Invalid port."); + goto out_free; + } + } + return stmt; + +out_free: + stmt_free(stmt); + return NULL; +} + static struct stmt *json_parse_reject_stmt(struct json_ctx *ctx, const char *key, json_t *value) { @@ -2150,6 +2192,7 @@ static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root) { "meter", json_parse_meter_stmt }, { "queue", json_parse_queue_stmt }, { "ct count", json_parse_connlimit_stmt }, + { "tproxy", json_parse_tproxy_stmt }, }; const char *type; unsigned int i; diff --git a/src/statement.c b/src/statement.c index 98e56844..45d2067c 100644 --- a/src/statement.c +++ b/src/statement.c @@ -810,6 +810,7 @@ static const struct stmt_ops tproxy_stmt_ops = { .type = STMT_TPROXY, .name = "tproxy", .print = tproxy_stmt_print, + .json = tproxy_stmt_json, .destroy = tproxy_stmt_destroy, }; |