diff options
author | Giuseppe Longo <giuseppelng@gmail.com> | 2013-07-05 10:06:28 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-07-05 13:06:23 +0200 |
commit | f95e8598af7e3a1641166b4e6be31b87d4690326 (patch) | |
tree | 21714a822cb02404ba68e1dfd9da3b39a082991e /src | |
parent | 1085a4e18d297d8338cf9babe7e623e25a00f499 (diff) |
src: improve default text output
This patch improves default plain text output by mimicing the
default output of libnl-nft.
While at it, several %lu has been translated to use %"PRIu64"
for correctness.
[ I have added the policy to string translation --pablo ]
Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/chain.c | 47 | ||||
-rw-r--r-- | src/expr/bitwise.c | 9 | ||||
-rw-r--r-- | src/expr/byteorder.c | 7 | ||||
-rw-r--r-- | src/expr/cmp.c | 4 | ||||
-rw-r--r-- | src/expr/counter.c | 7 | ||||
-rw-r--r-- | src/expr/ct.c | 4 | ||||
-rw-r--r-- | src/expr/data_reg.c | 4 | ||||
-rw-r--r-- | src/expr/exthdr.c | 6 | ||||
-rw-r--r-- | src/expr/immediate.c | 2 | ||||
-rw-r--r-- | src/expr/limit.c | 2 | ||||
-rw-r--r-- | src/expr/log.c | 4 | ||||
-rw-r--r-- | src/expr/lookup.c | 4 | ||||
-rw-r--r-- | src/expr/match.c | 2 | ||||
-rw-r--r-- | src/expr/meta.c | 4 | ||||
-rw-r--r-- | src/expr/nat.c | 10 | ||||
-rw-r--r-- | src/expr/payload.c | 5 | ||||
-rw-r--r-- | src/expr/target.c | 2 | ||||
-rw-r--r-- | src/rule.c | 11 | ||||
-rw-r--r-- | src/set.c | 2 | ||||
-rw-r--r-- | src/set_elem.c | 7 | ||||
-rw-r--r-- | src/table.c | 2 |
21 files changed, 86 insertions, 59 deletions
diff --git a/src/chain.c b/src/chain.c index 68744bc..bdbaf60 100644 --- a/src/chain.c +++ b/src/chain.c @@ -18,6 +18,7 @@ #include <string.h> #include <netinet/in.h> #include <errno.h> +#include <inttypes.h> #include <libmnl/libmnl.h> #include <linux/netfilter/nfnetlink.h> @@ -721,9 +722,9 @@ static int nft_chain_snprintf_json(char *buf, size_t size, struct nft_chain *c) return snprintf(buf, size, "{ \"chain\": {" "\"name\": \"%s\"," - "\"handle\": %lu," - "\"bytes\": %lu," - "\"packets\": %lu," + "\"handle\": %"PRIu64"," + "\"bytes\": %"PRIu64"," + "\"packets\": %"PRIu64"," "\"version\": %d," "\"properties\": {" "\"type\" : \"%s\"," @@ -747,8 +748,8 @@ static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c) int ret, len = size, offset = 0; ret = snprintf(buf, size, - "<chain name=\"%s\" handle=\"%lu\"" - " bytes=\"%lu\" packets=\"%lu\" version=\"%d\">" + "<chain name=\"%s\" handle=\"%"PRIu64"\"" + " bytes=\"%"PRIu64"\" packets=\"%"PRIu64"\" version=\"%d\">" "<properties>" "<type>%s</type>" "<table>%s</table>" @@ -779,15 +780,39 @@ static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c) return offset; } +static const char *policy2str(int policy) +{ + switch (policy) { + case NF_ACCEPT: + return "accept"; + case NF_DROP: + return "drop"; + default: + break; + } + return "unknown"; +} + static int nft_chain_snprintf_default(char *buf, size_t size, struct nft_chain *c) { - return snprintf(buf, size, "family=%s table=%s chain=%s type=%s " - "hook=%u prio=%d policy=%d use=%d " - "packets=%lu bytes=%lu", - nft_family2str(c->family), c->table, c->name, c->type, - c->hooknum, c->prio, c->policy, c->use, c->packets, - c->bytes); + int ret, len = size, offset = 0; + + ret = snprintf(buf, size, "%s %s %s", + nft_family2str(c->family), c->table, c->name); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + if (c->flags & (1 << NFT_CHAIN_ATTR_HOOKNUM)) { + ret = snprintf(buf+offset, size, + " type %s hook %s prio %d policy %s use %d " + "packets %"PRIu64" bytes %"PRIu64"", + c->type, hooknum2str_array[c->hooknum], c->prio, + policy2str(c->policy), c->use, + c->packets, c->bytes); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + return offset; } int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c, diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index 6b534b4..e9176cd 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -337,18 +337,15 @@ nft_rule_expr_bitwise_snprintf_default(char *buf, size_t size, { int len = size, offset = 0, ret; - ret = snprintf(buf, len, "sreg=%u dreg=%u ", - bitwise->sreg, bitwise->dreg); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - - ret = snprintf(buf+offset, len, " mask="); + ret = snprintf(buf, len, "reg %u = (reg=%u & ", + bitwise->dreg, bitwise->sreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->mask, NFT_RULE_O_DEFAULT, 0, DATA_VALUE); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - ret = snprintf(buf+offset, len, " xor="); + ret = snprintf(buf+offset, len, ") ^ "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->xor, diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c index 8813546..1e6a51b 100644 --- a/src/expr/byteorder.c +++ b/src/expr/byteorder.c @@ -315,10 +315,9 @@ nft_rule_expr_byteorder_snprintf_default(char *buf, size_t size, { int len = size, offset = 0, ret; - ret = snprintf(buf, len, "sreg=%u dreg=%u op=%s len=%u size=%u ", - byteorder->sreg, byteorder->dreg, - expr_byteorder_str[byteorder->op], - byteorder->len, byteorder->size); + ret = snprintf(buf, len, "reg %u = %s(reg %u, %u, %u) ", + byteorder->dreg, expr_byteorder_str[byteorder->op], + byteorder->sreg, byteorder->size, byteorder->len); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); return offset; diff --git a/src/expr/cmp.c b/src/expr/cmp.c index f3a363a..2115839 100644 --- a/src/expr/cmp.c +++ b/src/expr/cmp.c @@ -277,8 +277,8 @@ nft_rule_expr_cmp_snprintf_default(char *buf, size_t size, { int len = size, offset = 0, ret; - ret = snprintf(buf, len, "sreg=%u op=%s data=", - cmp->sreg, expr_cmp_str[cmp->op]); + ret = snprintf(buf, len, "%s reg %u ", + expr_cmp_str[cmp->op], cmp->sreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_data_reg_snprintf(buf+offset, len, &cmp->data, diff --git a/src/expr/counter.c b/src/expr/counter.c index 665fa14..171088d 100644 --- a/src/expr/counter.c +++ b/src/expr/counter.c @@ -13,6 +13,7 @@ #include <stdint.h> #include <arpa/inet.h> #include <errno.h> +#include <inttypes.h> #include <linux/netfilter/nf_tables.h> @@ -175,13 +176,13 @@ nft_rule_expr_counter_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "pkts=%lu bytes=%lu ", + return snprintf(buf, len, "pkts %"PRIu64" bytes %"PRIu64" ", ctr->pkts, ctr->bytes); case NFT_RULE_O_XML: - return snprintf(buf, len, "<pkts>%lu</pkts><bytes>%lu</bytes>", + return snprintf(buf, len, "<pkts>%"PRIu64"</pkts><bytes>%"PRIu64"</bytes>", ctr->pkts, ctr->bytes); case NFT_RULE_O_JSON: - return snprintf(buf, len, "\"pkts\" : %lu, \"bytes\" : %lu", + return snprintf(buf, len, "\"pkts\" : %"PRIu64", \"bytes\" : %"PRIu64"", ctr->pkts, ctr->bytes); default: break; diff --git a/src/expr/ct.c b/src/expr/ct.c index be23e80..655a935 100644 --- a/src/expr/ct.c +++ b/src/expr/ct.c @@ -252,8 +252,8 @@ nft_rule_expr_ct_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "dreg=%u key=%s dir=%u ", - ct->dreg, ctkey2str(ct->key), ct->dir); + return snprintf(buf, len, "load %s => reg %u dir %u ", + ctkey2str(ct->key), ct->dreg, ct->dir); case NFT_RULE_O_XML: return snprintf(buf, len, "<dreg>%u</dreg>" "<key>%s</key>" diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c index fd05499..316111d 100644 --- a/src/expr/data_reg.c +++ b/src/expr/data_reg.c @@ -363,7 +363,7 @@ int nft_data_reg_snprintf(char *buf, size_t size, union nft_data_reg *reg, case DATA_VERDICT: switch(output_format) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, size, "verdict=%d", reg->verdict); + return snprintf(buf, size, "%d ", reg->verdict); case NFT_RULE_O_XML: return snprintf(buf, size, "<data_reg type=\"verdict\">" @@ -380,7 +380,7 @@ int nft_data_reg_snprintf(char *buf, size_t size, union nft_data_reg *reg, case DATA_CHAIN: switch(output_format) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, size, "chain=%s", reg->chain); + return snprintf(buf, size, "%s ", reg->chain); case NFT_RULE_O_XML: return snprintf(buf, size, "<data_reg type=\"chain\">" diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c index 6055067..eddcd00 100644 --- a/src/expr/exthdr.c +++ b/src/expr/exthdr.c @@ -282,9 +282,9 @@ nft_rule_expr_exthdr_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "dreg=%u type=%u offset=%u len=%u ", - exthdr->dreg, exthdr->type, - exthdr->offset, exthdr->len); + return snprintf(buf, len, "load %ub @ %u + %u => reg %u ", + exthdr->len, exthdr->type, + exthdr->offset, exthdr->dreg); case NFT_RULE_O_XML: return snprintf(buf, len, "<dreg>%u</dreg>" "<exthdr_type>%s</exthdr_type>" diff --git a/src/expr/immediate.c b/src/expr/immediate.c index 8f57649..c5757c6 100644 --- a/src/expr/immediate.c +++ b/src/expr/immediate.c @@ -333,7 +333,7 @@ nft_rule_expr_immediate_snprintf_default(char *buf, size_t len, int size = len, offset = 0, ret; struct nft_expr_immediate *imm = (struct nft_expr_immediate *)e->data; - ret = snprintf(buf, len, "dreg=%u ", imm->dreg); + ret = snprintf(buf, len, "reg %u ", imm->dreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (e->flags & (1 << NFT_EXPR_IMM_DATA)) { diff --git a/src/expr/limit.c b/src/expr/limit.c index fdd76e3..c18ca2a 100644 --- a/src/expr/limit.c +++ b/src/expr/limit.c @@ -176,7 +176,7 @@ nft_rule_expr_limit_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "rate=%"PRIu64" depth=%"PRIu64" ", + return snprintf(buf, len, "rate %"PRIu64" depth %"PRIu64" ", limit->rate, limit->depth); case NFT_RULE_O_XML: return snprintf(buf, len, "<rate>%"PRIu64"</rate>" diff --git a/src/expr/log.c b/src/expr/log.c index b2b3ca1..03be030 100644 --- a/src/expr/log.c +++ b/src/expr/log.c @@ -239,8 +239,8 @@ nft_rule_expr_log_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "prefix=%s group=%u " - "snaplen=%u qthreshold=%u ", + return snprintf(buf, len, "prefix '%s' group %u " + "snaplen %u qthreshold %u ", log->prefix, log->group, log->snaplen, log->qthreshold); case NFT_RULE_O_XML: diff --git a/src/expr/lookup.c b/src/expr/lookup.c index e083372..9babfd1 100644 --- a/src/expr/lookup.c +++ b/src/expr/lookup.c @@ -224,8 +224,8 @@ nft_rule_expr_lookup_snprintf_default(char *buf, size_t size, { int len = size, offset = 0, ret; - ret = snprintf(buf, len, "set=%s sreg=%u dreg=%u", - l->set_name, l->sreg, l->dreg); + ret = snprintf(buf, len, "reg %u set %s dreg %u ", + l->sreg, l->set_name, l->dreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); return offset; diff --git a/src/expr/match.c b/src/expr/match.c index 3302bb4..01d8cef 100644 --- a/src/expr/match.c +++ b/src/expr/match.c @@ -242,7 +242,7 @@ nft_rule_expr_match_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "name=%s rev=%u ", + return snprintf(buf, len, "name %s rev %u ", match->name, match->rev); case NFT_RULE_O_XML: return nft_rule_expr_match_snprintf_xml(buf, len, match); diff --git a/src/expr/meta.c b/src/expr/meta.c index b1d978b..3b83a4a 100644 --- a/src/expr/meta.c +++ b/src/expr/meta.c @@ -211,8 +211,8 @@ nft_rule_expr_meta_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "dreg=%u key=%u ", - meta->dreg, meta->key); + return snprintf(buf, len, "load %s => reg %u ", + meta_key2str(meta->key), meta->dreg); case NFT_RULE_O_XML: return snprintf(buf, len, "<dreg>%u</dreg>" "<key>%s</key>", diff --git a/src/expr/nat.c b/src/expr/nat.c index 32be564..66ae405 100644 --- a/src/expr/nat.c +++ b/src/expr/nat.c @@ -363,28 +363,28 @@ nft_rule_expr_nat_snprintf_default(char *buf, size_t size, switch (nat->type) { case NFT_NAT_SNAT: - ret = snprintf(buf, len, "type=NFT_NAT_SNAT "); + ret = snprintf(buf, len, "snat "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); break; case NFT_NAT_DNAT: - ret = snprintf(buf, len, "type=NFT_NAT_DNAT "); + ret = snprintf(buf, len, "dnat "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); break; } - ret = snprintf(buf+offset, len, "family=%s ", nft_family2str(nat->family)); + ret = snprintf(buf+offset, len, "%s ", nft_family2str(nat->family)); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (e->flags & (1 << NFT_EXPR_NAT_REG_ADDR_MIN)) { ret = snprintf(buf+offset, len, - "sreg_addr_min_v4=%u sreg_addr_max_v4=%u ", + "addr_min reg %u addr_max reg %u ", nat->sreg_addr_min, nat->sreg_addr_max); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } if (e->flags & (1 << NFT_EXPR_NAT_REG_PROTO_MIN)) { ret = snprintf(buf+offset, len, - "sreg_proto_min=%u sreg_proto_max=%u ", + "proto_min reg %u proto_max reg %u ", nat->sreg_proto_min, nat->sreg_proto_max); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } diff --git a/src/expr/payload.c b/src/expr/payload.c index 7d6fb6d..449fbd6 100644 --- a/src/expr/payload.c +++ b/src/expr/payload.c @@ -303,9 +303,8 @@ nft_rule_expr_payload_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "dreg=%u base=%u offset=%u len=%u ", - payload->dreg, payload->base, - payload->offset, payload->len); + return snprintf(buf, len, "load %ub @ network header + %u => reg %u ", + payload->dreg, payload->offset, payload->len); case NFT_RULE_O_XML: return nft_rule_expr_payload_snprintf_xml(buf, len, flags, payload); diff --git a/src/expr/target.c b/src/expr/target.c index ba7ee1a..fc24a81 100644 --- a/src/expr/target.c +++ b/src/expr/target.c @@ -244,7 +244,7 @@ nft_rule_expr_target_snprintf(char *buf, size_t len, uint32_t type, switch(type) { case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "name=%s rev=%u ", + return snprintf(buf, len, "name %s rev %u ", target->name, target->rev); case NFT_RULE_O_XML: return nft_rule_exp_target_snprintf_xml(buf, len, target); @@ -18,6 +18,7 @@ #include <string.h> #include <netinet/in.h> #include <errno.h> +#include <inttypes.h> #include <libmnl/libmnl.h> #include <linux/netfilter/nfnetlink.h> @@ -745,18 +746,20 @@ static int nft_rule_snprintf_default(char *buf, size_t size, struct nft_rule *r, struct nft_rule_expr *expr; int ret, len = size, offset = 0; - ret = snprintf(buf, size, "family=%s table=%s chain=%s handle=%llu " - "flags=%x ", + ret = snprintf(buf, size, "%s %s %s %"PRIu64"\n", nft_family2str(r->family), r->table, r->chain, - (unsigned long long)r->handle, r->rule_flags); + r->handle); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); list_for_each_entry(expr, &r->expr_list, head) { - ret = snprintf(buf+offset, len, "%s ", expr->ops->name); + ret = snprintf(buf+offset, len, " [ %s ", expr->ops->name); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = nft_rule_expr_snprintf(buf+offset, size, expr, type, flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = snprintf(buf+offset, len, "]\n"); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } return offset; @@ -323,7 +323,7 @@ int nft_set_snprintf(char *buf, size_t size, struct nft_set *s, int len = size, offset = 0; struct nft_set_elem *elem; - ret = snprintf(buf, size, "set=%s table=%s flags=%x", + ret = snprintf(buf, size, "%s %s %x", s->name, s->table, s->set_flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); diff --git a/src/set_elem.c b/src/set_elem.c index 0cbb9b7..a70dc09 100644 --- a/src/set_elem.c +++ b/src/set_elem.c @@ -389,7 +389,7 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e, { int ret, len = size, offset = 0, i; - ret = snprintf(buf, size, "flags=%u key=", e->set_elem_flags); + ret = snprintf(buf, size, "element "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); for (i=0; i<e->key.len/sizeof(uint32_t); i++) { @@ -397,7 +397,7 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e, SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } - ret = snprintf(buf+offset, size, "data="); + ret = snprintf(buf+offset, size, " : "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); for (i=0; i<e->data.len/sizeof(uint32_t); i++) { @@ -405,6 +405,9 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e, SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } + ret = snprintf(buf+offset, len, "%u [end]", e->set_elem_flags); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + return offset; } EXPORT_SYMBOL(nft_set_elem_snprintf); diff --git a/src/table.c b/src/table.c index 982d101..27fa8fc 100644 --- a/src/table.c +++ b/src/table.c @@ -359,7 +359,7 @@ static int nft_table_snprintf_xml(char *buf, size_t size, struct nft_table *t) static int nft_table_snprintf_default(char *buf, size_t size, struct nft_table *t) { - return snprintf(buf, size, "table=%s family=%s flags=%x", + return snprintf(buf, size, "table %s %s flags %x", t->name, nft_family2str(t->family), t->table_flags); } |