From f2be4af9094d47dbd9c028e02ceb8b9d16cd4c02 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 3 May 2018 12:11:32 +0200 Subject: src: add chain_spec Store location object in handle to improve error reporting. Signed-off-by: Pablo Neira Ayuso --- include/rule.h | 7 ++++++- src/evaluate.c | 4 ++-- src/netlink.c | 14 +++++++------- src/netlink_delinearize.c | 4 ++-- src/parser_bison.y | 6 ++++-- src/rule.c | 16 ++++++++-------- 6 files changed, 29 insertions(+), 22 deletions(-) diff --git a/include/rule.h b/include/rule.h index 88750f0a..4ea09c52 100644 --- a/include/rule.h +++ b/include/rule.h @@ -32,6 +32,11 @@ struct table_spec { const char *name; }; +struct chain_spec { + struct location location; + const char *name; +}; + /** * struct handle - handle for tables, chains, rules and sets * @@ -48,7 +53,7 @@ struct table_spec { struct handle { uint32_t family; struct table_spec table; - const char *chain; + struct chain_spec chain; const char *set; const char *obj; const char *flowtable; diff --git a/src/evaluate.c b/src/evaluate.c index de314c1d..c924547c 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -3177,7 +3177,7 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd) cmd->handle.table.name); if (chain_lookup(table, &cmd->handle) == NULL) return cmd_error(ctx, "Could not process rule: Chain '%s' does not exist", - cmd->handle.chain); + cmd->handle.chain.name); return 0; case CMD_OBJ_QUOTA: return cmd_evaluate_list_obj(ctx, cmd, NFT_OBJECT_QUOTA); @@ -3320,7 +3320,7 @@ static int cmd_evaluate_rename(struct eval_ctx *ctx, struct cmd *cmd) ctx->cmd->handle.table.name); if (chain_lookup(table, &ctx->cmd->handle) == NULL) return cmd_error(ctx, "Could not process rule: Chain '%s' does not exist", - ctx->cmd->handle.chain); + ctx->cmd->handle.chain.name); break; default: BUG("invalid command object type %u\n", cmd->obj); diff --git a/src/netlink.c b/src/netlink.c index 0c078d64..e33e094e 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -145,8 +145,8 @@ struct nftnl_chain *alloc_nftnl_chain(const struct handle *h) nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, h->table.name); if (h->handle.id) nftnl_chain_set_u64(nlc, NFTNL_CHAIN_HANDLE, h->handle.id); - if (h->chain != NULL) - nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, h->chain); + if (h->chain.name != NULL) + nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, h->chain.name); return nlc; } @@ -161,8 +161,8 @@ struct nftnl_rule *alloc_nftnl_rule(const struct handle *h) nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family); nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name); - if (h->chain != NULL) - nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain); + if (h->chain.name != NULL) + nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain.name); if (h->handle.id) nftnl_rule_set_u64(nlr, NFTNL_RULE_HANDLE, h->handle.id); if (h->position.id) @@ -540,7 +540,7 @@ static int list_rule_cb(struct nftnl_rule *nlr, void *arg) if (h->family != family || strcmp(table, h->table.name) != 0 || - (h->chain && strcmp(chain, h->chain) != 0)) + (h->chain.name && strcmp(chain, h->chain.name) != 0)) return 0; netlink_dump_rule(nlr, ctx); @@ -697,7 +697,7 @@ static int list_chain_cb(struct nftnl_chain *nlc, void *arg) if (h->family != family || strcmp(table, h->table.name) != 0) return 0; - if (h->chain && strcmp(name, h->chain) != 0) + if (h->chain.name && strcmp(name, h->chain.name) != 0) return 0; chain = netlink_delinearize_chain(ctx, nlc); @@ -1720,7 +1720,7 @@ static void trace_print_rule(const struct nftnl_trace *nlt, h.family = nftnl_trace_get_u32(nlt, NFTNL_TRACE_FAMILY); h.table.name = nftnl_trace_get_str(nlt, NFTNL_TRACE_TABLE); - h.chain = nftnl_trace_get_str(nlt, NFTNL_TRACE_CHAIN); + h.chain.name = nftnl_trace_get_str(nlt, NFTNL_TRACE_CHAIN); if (!h.table.name) return; diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c index 6a082ad1..8f4035a2 100644 --- a/src/netlink_delinearize.c +++ b/src/netlink_delinearize.c @@ -2445,8 +2445,8 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx, memset(&h, 0, sizeof(h)); h.family = nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY); - h.table.name = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE)); - h.chain = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN)); + h.table.name = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE)); + h.chain.name = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN)); h.handle.id = nftnl_rule_get_u64(nlr, NFTNL_RULE_HANDLE); if (nftnl_rule_is_set(nlr, NFTNL_RULE_POSITION)) diff --git a/src/parser_bison.y b/src/parser_bison.y index 95a42d3e..b5229ae1 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -1861,7 +1861,8 @@ tableid_spec : family_spec HANDLE NUM chain_spec : table_spec identifier { $$ = $1; - $$.chain = $2; + $$.chain.name = $2; + $$.chain.location = @2; } ; @@ -1876,7 +1877,8 @@ chainid_spec : table_spec HANDLE NUM chain_identifier : identifier { memset(&$$, 0, sizeof($$)); - $$.chain = $1; + $$.chain.name = $1; + $$.chain.location = @1; } ; diff --git a/src/rule.c b/src/rule.c index 6c2b4eea..bbf23a6b 100644 --- a/src/rule.c +++ b/src/rule.c @@ -31,7 +31,7 @@ void handle_free(struct handle *h) { xfree(h->table.name); - xfree(h->chain); + xfree(h->chain.name); xfree(h->set); xfree(h->flowtable); } @@ -42,8 +42,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->family = src->family; if (dst->table.name == NULL && src->table.name != NULL) dst->table.name = xstrdup(src->table.name); - if (dst->chain == NULL && src->chain != NULL) - dst->chain = xstrdup(src->chain); + if (dst->chain.name == NULL && src->chain.name != NULL) + dst->chain.name = xstrdup(src->chain.name); if (dst->set == NULL && src->set != NULL) dst->set = xstrdup(src->set); if (dst->flowtable == NULL && src->flowtable != NULL) @@ -620,7 +620,7 @@ struct chain *chain_alloc(const char *name) init_list_head(&chain->rules); init_list_head(&chain->scope.symbols); if (name != NULL) - chain->handle.chain = xstrdup(name); + chain->handle.chain.name = xstrdup(name); chain->policy = -1; return chain; @@ -658,7 +658,7 @@ struct chain *chain_lookup(const struct table *table, const struct handle *h) struct chain *chain; list_for_each_entry(chain, &table->chains, list) { - if (!strcmp(chain->handle.chain, h->chain)) + if (!strcmp(chain->handle.chain.name, h->chain.name)) return chain; } return NULL; @@ -746,7 +746,7 @@ static const char *chain_policy2str(uint32_t policy) static void chain_print_declaration(const struct chain *chain, struct output_ctx *octx) { - nft_print(octx, "\tchain %s {", chain->handle.chain); + nft_print(octx, "\tchain %s {", chain->handle.chain.name); if (octx->handle > 0) nft_print(octx, " # handle %" PRIu64, chain->handle.handle.id); nft_print(octx, "\n"); @@ -777,7 +777,7 @@ static void chain_print(const struct chain *chain, struct output_ctx *octx) void chain_print_plain(const struct chain *chain, struct output_ctx *octx) { nft_print(octx, "chain %s %s %s", family2str(chain->handle.family), - chain->handle.table.name, chain->handle.chain); + chain->handle.table.name, chain->handle.chain.name); if (chain->flags & CHAIN_F_BASECHAIN) { nft_print(octx, " { type %s hook %s priority %d; policy %s; }", @@ -1754,7 +1754,7 @@ static int do_list_chain(struct netlink_ctx *ctx, struct cmd *cmd, list_for_each_entry(chain, &table->chains, list) { if (chain->handle.family != cmd->handle.family || - strcmp(cmd->handle.chain, chain->handle.chain) != 0) + strcmp(cmd->handle.chain.name, chain->handle.chain.name) != 0) continue; chain_print(chain, ctx->octx); -- cgit v1.2.3