summaryrefslogtreecommitdiffstats
path: root/src/expr/log.c
diff options
context:
space:
mode:
authorAna Rey <anarey@gmail.com>2014-06-03 12:41:56 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2014-06-05 15:22:56 +0200
commitd79329a5e99f4f2fdf293f9e3418cad0af7e7b1d (patch)
tree71d8fdac7d56140c893465bcb8d31a01c4893ced /src/expr/log.c
parent131b5b7801d6801dbf57b6ae3e85b3c2a10cacac (diff)
expr: log: Do not print unset values in xml
It changes the parse and the snprint functions to omit unset values. If we used this rule: nft add rule ip test output log We got this xml file: <rule><family>ip</family> <table>test</table> <chain>output</chain> <handle>88</handle> <expr type="log"> <prefix>(null)</prefix> <group>0</group> <snaplen>0</snaplen> <qthreshold>0</qthreshold> </expr> </rule> And It was imposible import this file. Now, That rule creates this xml file without null values: <rule><family>ip</family> <table>test</table> <chain>output</chain> <handle>88</handle> <expr type="log"> </expr> </rule> and It's possible import this xml file. Signed-off-by: Ana Rey <anarey@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expr/log.c')
-rw-r--r--src/expr/log.c49
1 files changed, 31 insertions, 18 deletions
diff --git a/src/expr/log.c b/src/expr/log.c
index 497d5a3..bd9bdc5 100644
--- a/src/expr/log.c
+++ b/src/expr/log.c
@@ -210,25 +210,21 @@ static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e,
prefix = nft_mxml_str_parse(tree, "prefix", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
- if (prefix == NULL)
- return -1;
- nft_rule_expr_set_str(e, NFT_EXPR_LOG_PREFIX, prefix);
+ if (prefix != NULL)
+ nft_rule_expr_set_str(e, NFT_EXPR_LOG_PREFIX, prefix);
if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC,
- &group, NFT_TYPE_U16, NFT_XML_MAND, err) < 0)
- return -1;
- nft_rule_expr_set_u16(e, NFT_EXPR_LOG_GROUP, group);
+ &group, NFT_TYPE_U16, NFT_XML_MAND, err) == 0)
+ nft_rule_expr_set_u16(e, NFT_EXPR_LOG_GROUP, group);
if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC,
- &snaplen, NFT_TYPE_U32, NFT_XML_MAND, err) < 0)
- return -1;
- nft_rule_expr_set_u32(e, NFT_EXPR_LOG_SNAPLEN, snaplen);
+ &snaplen, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
+ nft_rule_expr_set_u32(e, NFT_EXPR_LOG_SNAPLEN, snaplen);
if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST, BASE_DEC,
&qthreshold, NFT_TYPE_U16, NFT_XML_MAND,
- err) < 0)
- return -1;
- nft_rule_expr_set_u16(e, NFT_EXPR_LOG_QTHRESHOLD, qthreshold);
+ err) == 0)
+ nft_rule_expr_set_u16(e, NFT_EXPR_LOG_QTHRESHOLD, qthreshold);
return 0;
#else
@@ -250,14 +246,31 @@ static int nft_rule_expr_log_snprintf_default(char *buf, size_t len,
static int nft_rule_expr_log_snprintf_xml(char *buf, size_t size,
struct nft_rule_expr *e)
{
+ int ret, len = size, offset = 0;
struct nft_expr_log *log = nft_expr_data(e);
- return snprintf(buf, size, "<prefix>%s</prefix>"
- "<group>%u</group>"
- "<snaplen>%u</snaplen>"
- "<qthreshold>%u</qthreshold>",
- log->prefix, log->group,
- log->snaplen, log->qthreshold);
+ if (e->flags & (1 << NFT_EXPR_LOG_PREFIX)) {
+ ret = snprintf(buf + offset, len, "<prefix>%s</prefix>",
+ log->prefix);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+ }
+ if (e->flags & (1 << NFT_EXPR_LOG_GROUP)) {
+ ret = snprintf(buf + offset, len, "<group>%u</group>",
+ log->group);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+ }
+ if (e->flags & (1 << NFT_EXPR_LOG_SNAPLEN)) {
+ ret = snprintf(buf + offset, len, "<snaplen>%u</snaplen>",
+ log->snaplen);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+ }
+ if (e->flags & (1 << NFT_EXPR_LOG_QTHRESHOLD)) {
+ ret = snprintf(buf + offset, len, "<qthreshold>%u</qthreshold>",
+ log->qthreshold);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+ }
+
+ return offset;
}
static int nft_rule_expr_log_snprintf_json(char *buf, size_t len,