summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--include/ct.h2
-rw-r--r--include/statement.h3
-rw-r--r--src/ct.c44
-rw-r--r--src/statement.c21
4 files changed, 55 insertions, 15 deletions
diff --git a/include/ct.h b/include/ct.h
index dadd820f..4c5bd804 100644
--- a/include/ct.h
+++ b/include/ct.h
@@ -33,6 +33,8 @@ extern void ct_expr_update_type(struct proto_ctx *ctx, struct expr *expr);
extern struct stmt *notrack_stmt_alloc(const struct location *loc);
extern struct stmt *flow_offload_stmt_alloc(const struct location *loc,
const char *table_name);
+extern const char *ct_dir2str(int dir);
+extern const char *ct_label2str(unsigned long value);
extern const struct datatype ct_dir_type;
extern const struct datatype ct_state_type;
diff --git a/include/statement.h b/include/statement.h
index fc80dbd5..2c6d0dfa 100644
--- a/include/statement.h
+++ b/include/statement.h
@@ -77,6 +77,7 @@ struct log_stmt {
};
extern const char *log_level(uint32_t level);
+extern int log_level_parse(const char *level);
extern struct stmt *log_stmt_alloc(const struct location *loc);
@@ -107,6 +108,8 @@ enum nft_nat_etypes {
NFT_NAT_REDIR,
};
+extern const char *nat_etype2str(enum nft_nat_etypes type);
+
struct nat_stmt {
enum nft_nat_etypes type;
struct expr *addr;
diff --git a/src/ct.c b/src/ct.c
index 2abaa0d5..a1a91f3a 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -64,6 +64,18 @@ static const struct symbol_table ct_dir_tbl = {
}
};
+const char *ct_dir2str(int dir)
+{
+ const struct symbolic_constant *s;
+
+ for (s = ct_dir_tbl.symbols; s->identifier != NULL; s++) {
+ if (dir == (int)s->value)
+ return s->identifier;
+ }
+
+ return NULL;
+}
+
const struct datatype ct_dir_type = {
.type = TYPE_CT_DIR,
.name = "ct_dir",
@@ -133,20 +145,30 @@ static struct symbol_table *ct_label_tbl;
#define CT_LABEL_BIT_SIZE 128
+const char *ct_label2str(unsigned long value)
+{
+ const struct symbolic_constant *s;
+
+ for (s = ct_label_tbl->symbols; s->identifier; s++) {
+ if (value == s->value)
+ return s->identifier;
+ }
+
+ return NULL;
+}
+
static void ct_label_type_print(const struct expr *expr,
struct output_ctx *octx)
{
unsigned long bit = mpz_scan1(expr->value, 0);
- const struct symbolic_constant *s;
+ const char *labelstr = ct_label2str(bit);
- for (s = ct_label_tbl->symbols; s->identifier != NULL; s++) {
- if (bit != s->value)
- continue;
- nft_print(octx, "\"%s\"", s->identifier);
+ if (labelstr) {
+ nft_print(octx, "\"%s\"", labelstr);
return;
}
/* can happen when connlabel.conf is altered after rules were added */
- nft_print(octx, "%ld", (long)mpz_scan1(expr->value, 0));
+ nft_print(octx, "%lu", bit);
}
static struct error_record *ct_label_type_parse(const struct expr *sym,
@@ -273,19 +295,15 @@ const struct ct_template ct_templates[__NFT_CT_MAX] = {
static void ct_print(enum nft_ct_keys key, int8_t dir, uint8_t nfproto,
struct output_ctx *octx)
{
- const struct symbolic_constant *s;
+ const char *dirstr = ct_dir2str(dir);
const struct proto_desc *desc;
nft_print(octx, "ct ");
if (dir < 0)
goto done;
- for (s = ct_dir_tbl.symbols; s->identifier != NULL; s++) {
- if (dir == (int)s->value) {
- nft_print(octx, "%s ", s->identifier);
- break;
- }
- }
+ if (dirstr)
+ nft_print(octx, "%s ", dirstr);
switch (key) {
case NFT_CT_SRC:
diff --git a/src/statement.c b/src/statement.c
index 6537bbbd..8160e0ad 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -233,6 +233,18 @@ const char *log_level(uint32_t level)
return syslog_level[level];
}
+int log_level_parse(const char *level)
+{
+ int i;
+
+ for (i = 0; i <= LOG_DEBUG; i++) {
+ if (syslog_level[i] &&
+ !strcmp(level, syslog_level[i]))
+ return i;
+ }
+ return -1;
+}
+
static void log_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
{
nft_print(octx, "log");
@@ -499,7 +511,7 @@ static void print_nf_nat_flags(uint32_t flags, struct output_ctx *octx)
nft_print(octx, "%spersistent", delim);
}
-static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
+const char *nat_etype2str(enum nft_nat_etypes type)
{
static const char * const nat_types[] = {
[NFT_NAT_SNAT] = "snat",
@@ -508,7 +520,12 @@ static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
[NFT_NAT_REDIR] = "redirect",
};
- nft_print(octx, "%s", nat_types[stmt->nat.type]);
+ return nat_types[type];
+}
+
+static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
+{
+ nft_print(octx, "%s", nat_etype2str(stmt->nat.type));
if (stmt->nat.addr || stmt->nat.proto)
nft_print(octx, " to");