summaryrefslogtreecommitdiffstats
path: root/src/expr
diff options
context:
space:
mode:
authorArturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>2013-06-26 13:37:17 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2013-06-27 19:51:56 +0200
commit347f9679fab254108fe5b8558bbbff0b7db39ecd (patch)
tree035023714133d837a217badedac1b4d56f27fbb3 /src/expr
parent845952009ee304cc523bb428eef56c5bbbd2c786 (diff)
exthdr: xml: use string for type node
This patch implements using a string for the <type> node. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/expr')
-rw-r--r--src/expr/exthdr.c52
1 files changed, 47 insertions, 5 deletions
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index 762facd..c174bc2 100644
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -12,6 +12,7 @@
#include "internal.h"
#include <stdio.h>
+#include <string.h>
#include <stdint.h>
#include <limits.h>
#include <arpa/inet.h>
@@ -25,6 +26,10 @@
#include "expr_ops.h"
+#ifndef IPPROTO_MH
+#define IPPROTO_MH 135
+#endif
+
struct nft_expr_exthdr {
enum nft_registers dreg;
uint8_t type;
@@ -171,6 +176,41 @@ nft_rule_expr_exthdr_parse(struct nft_rule_expr *e, struct nlattr *attr)
return 0;
}
+static const char *exthdr_type2str(uint32_t type)
+{
+ switch (type) {
+ case IPPROTO_HOPOPTS:
+ return "hopopts";
+ case IPPROTO_ROUTING:
+ return "routing";
+ case IPPROTO_FRAGMENT:
+ return "fragment";
+ case IPPROTO_DSTOPTS:
+ return "dstopts";
+ case IPPROTO_MH:
+ return "mh";
+ default:
+ return "unknown";
+ }
+}
+
+static inline int str2exthdr_type(char *str)
+{
+ if (strcmp(str, "hopopts") == 0)
+ return IPPROTO_HOPOPTS;
+ else if (strcmp(str, "routing") == 0)
+ return IPPROTO_ROUTING;
+ else if (strcmp(str, "fragment") == 0)
+ return IPPROTO_FRAGMENT;
+ else if (strcmp(str, "dstopts") == 0)
+ return IPPROTO_DSTOPTS;
+ else if (strcmp(str, "mh") == 0)
+ return IPPROTO_MH;
+
+ return -1;
+}
+
+
static int
nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, char *xml)
{
@@ -180,6 +220,7 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, char *xml)
mxml_node_t *node = NULL;
uint64_t tmp;
char *endptr;
+ int type;
tree = mxmlLoadString(NULL, xml, MXML_OPAQUE_CALLBACK);
if (tree == NULL)
@@ -226,13 +267,13 @@ nft_rule_expr_exthdr_xml_parse(struct nft_rule_expr *e, char *xml)
return -1;
}
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT8_MAX || tmp < 0 || *endptr) {
+ type = str2exthdr_type(node->child->value.opaque);
+ if (type < 0) {
mxmlDelete(tree);
return -1;
}
- exthdr->type = tmp;
+ exthdr->type = type;
e->flags |= (1 << NFT_EXPR_EXTHDR_TYPE);
/* Get and set <offset> */
@@ -285,9 +326,10 @@ nft_rule_expr_exthdr_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_XML:
return snprintf(buf, len, "<dreg>%u</dreg>"
- "<type>%u</type><offset>%u</offset>"
+ "<type>%s</type><offset>%u</offset>"
"<len>%u</len>",
- exthdr->dreg, exthdr->type,
+ exthdr->dreg,
+ exthdr_type2str(exthdr->type),
exthdr->offset, exthdr->len);
case NFT_RULE_O_DEFAULT: