From 78f8d8127eac64abb14e1d4a4309b353ba03bdb6 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Fri, 8 Jun 2018 17:27:17 +0200 Subject: JSON: Add support for connlimit statement Signed-off-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- src/json.c | 10 ++++++++++ src/parser_json.c | 19 +++++++++++++++++++ src/statement.c | 1 + 3 files changed, 30 insertions(+) (limited to 'src') diff --git a/src/json.c b/src/json.c index 83d438c6..a871c934 100644 --- a/src/json.c +++ b/src/json.c @@ -1276,6 +1276,16 @@ json_t *verdict_stmt_json(const struct stmt *stmt, struct output_ctx *octx) return expr_print_json(stmt->expr, octx); } +json_t *connlimit_stmt_json(const struct stmt *stmt, struct output_ctx *octx) +{ + json_t *root = json_pack("{s:i}", "val", stmt->connlimit.count); + + if (stmt->connlimit.flags & NFT_CONNLIMIT_F_INV) + json_object_set_new(root, "inv", json_true()); + + return json_pack("{s:o}", "ct count", root); +} + static json_t *table_print_json_full(struct netlink_ctx *ctx, struct table *table) { diff --git a/src/parser_json.c b/src/parser_json.c index d60cbad8..bc36136f 100644 --- a/src/parser_json.c +++ b/src/parser_json.c @@ -2048,6 +2048,24 @@ static struct stmt *json_parse_queue_stmt(struct json_ctx *ctx, return stmt; } +static struct stmt *json_parse_connlimit_stmt(struct json_ctx *ctx, + const char *key, json_t *value) +{ + struct stmt *stmt = connlimit_stmt_alloc(int_loc); + + if (json_unpack_err(ctx, value, "{s:i}", + "val", &stmt->connlimit.count)) { + stmt_free(stmt); + return NULL; + } + + json_unpack(value, "{s:b}", "inv", &stmt->connlimit.flags); + if (stmt->connlimit.flags) + stmt->connlimit.flags = NFT_CONNLIMIT_F_INV; + + return stmt; +} + static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root) { struct { @@ -2078,6 +2096,7 @@ static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root) { "ct helper", json_parse_cthelper_stmt }, { "meter", json_parse_meter_stmt }, { "queue", json_parse_queue_stmt }, + { "ct count", json_parse_connlimit_stmt }, }; const char *type; unsigned int i; diff --git a/src/statement.c b/src/statement.c index 58e86f21..6f5e6660 100644 --- a/src/statement.c +++ b/src/statement.c @@ -159,6 +159,7 @@ static const struct stmt_ops connlimit_stmt_ops = { .type = STMT_CONNLIMIT, .name = "connlimit", .print = connlimit_stmt_print, + .json = connlimit_stmt_json, }; struct stmt *connlimit_stmt_alloc(const struct location *loc) -- cgit v1.2.3