From 4496b390ed2a086c4abbaa864798f36d891fa933 Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Fri, 18 Aug 2023 11:40:36 +0200 Subject: src: add input flags for nft_ctx Similar to the existing output flags, add input flags. No flags are yet implemented, that will follow. One difference to nft_ctx_output_set_flags(), is that the setter for input flags returns the previously set flags. Signed-off-by: Thomas Haller Reviewed-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- doc/libnftables.adoc | 13 +++++++++++++ include/nftables.h | 5 +++++ include/nftables/libnftables.h | 3 +++ src/libnftables.c | 16 ++++++++++++++++ src/libnftables.map | 5 +++++ 5 files changed, 42 insertions(+) diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc index 7ea0d56e..a0d3521e 100644 --- a/doc/libnftables.adoc +++ b/doc/libnftables.adoc @@ -18,6 +18,9 @@ void nft_ctx_free(struct nft_ctx* '\*ctx'*); bool nft_ctx_get_dry_run(struct nft_ctx* '\*ctx'*); void nft_ctx_set_dry_run(struct nft_ctx* '\*ctx'*, bool* 'dry'*); +unsigned int nft_ctx_input_get_flags(struct nft_ctx* '\*ctx'*); +unsigned int nft_ctx_input_set_flags(struct nft_ctx* '\*ctx'*, unsigned int* 'flags'*); + unsigned int nft_ctx_output_get_flags(struct nft_ctx* '\*ctx'*); void nft_ctx_output_set_flags(struct nft_ctx* '\*ctx'*, unsigned int* 'flags'*); @@ -78,6 +81,16 @@ The *nft_ctx_get_dry_run*() function returns the dry-run setting's value contain The *nft_ctx_set_dry_run*() function sets the dry-run setting in 'ctx' to the value of 'dry'. +=== nft_ctx_input_get_flags() and nft_ctx_input_set_flags() +The flags setting controls the input format. + +Currently no flags are implemented. + +The *nft_ctx_input_get_flags*() function returns the input flags setting's value in 'ctx'. + +The *nft_ctx_input_set_flags*() function sets the input flags setting in 'ctx' to the value of 'val' +and returns the previous flags. + === nft_ctx_output_get_flags() and nft_ctx_output_set_flags() The flags setting controls the output format. diff --git a/include/nftables.h b/include/nftables.h index d49eb579..7d35a95a 100644 --- a/include/nftables.h +++ b/include/nftables.h @@ -23,6 +23,10 @@ struct symbol_tables { const struct symbol_table *realm; }; +struct input_ctx { + unsigned int flags; +}; + struct output_ctx { unsigned int flags; union { @@ -119,6 +123,7 @@ struct nft_ctx { unsigned int num_vars; unsigned int parser_max_errors; unsigned int debug_mask; + struct input_ctx input; struct output_ctx output; bool check; struct nft_cache cache; diff --git a/include/nftables/libnftables.h b/include/nftables/libnftables.h index 85e08c9b..9a05d3c4 100644 --- a/include/nftables/libnftables.h +++ b/include/nftables/libnftables.h @@ -48,6 +48,9 @@ enum nft_optimize_flags { uint32_t nft_ctx_get_optimize(struct nft_ctx *ctx); void nft_ctx_set_optimize(struct nft_ctx *ctx, uint32_t flags); +unsigned int nft_ctx_input_get_flags(struct nft_ctx *ctx); +unsigned int nft_ctx_input_set_flags(struct nft_ctx *ctx, unsigned int flags); + enum { NFT_CTX_OUTPUT_REVERSEDNS = (1 << 0), NFT_CTX_OUTPUT_SERVICE = (1 << 1), diff --git a/src/libnftables.c b/src/libnftables.c index e214abb6..17438b53 100644 --- a/src/libnftables.c +++ b/src/libnftables.c @@ -401,6 +401,22 @@ void nft_ctx_set_optimize(struct nft_ctx *ctx, uint32_t flags) ctx->optimize_flags = flags; } +EXPORT_SYMBOL(nft_ctx_input_get_flags); +unsigned int nft_ctx_input_get_flags(struct nft_ctx *ctx) +{ + return ctx->input.flags; +} + +EXPORT_SYMBOL(nft_ctx_input_set_flags); +unsigned int nft_ctx_input_set_flags(struct nft_ctx *ctx, unsigned int flags) +{ + unsigned int old_flags; + + old_flags = ctx->input.flags; + ctx->input.flags = flags; + return old_flags; +} + EXPORT_SYMBOL(nft_ctx_output_get_flags); unsigned int nft_ctx_output_get_flags(struct nft_ctx *ctx) { diff --git a/src/libnftables.map b/src/libnftables.map index a46a3ad5..9369f44f 100644 --- a/src/libnftables.map +++ b/src/libnftables.map @@ -33,3 +33,8 @@ LIBNFTABLES_3 { nft_ctx_set_optimize; nft_ctx_get_optimize; } LIBNFTABLES_2; + +LIBNFTABLES_4 { + nft_ctx_input_get_flags; + nft_ctx_input_set_flags; +} LIBNFTABLES_3; -- cgit v1.2.3