summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorGiuseppe Longo <giuseppelng@gmail.com>2013-07-05 10:06:28 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2013-07-05 13:06:23 +0200
commitf95e8598af7e3a1641166b4e6be31b87d4690326 (patch)
tree21714a822cb02404ba68e1dfd9da3b39a082991e /src
parent1085a4e18d297d8338cf9babe7e623e25a00f499 (diff)
src: improve default text output
This patch improves default plain text output by mimicing the default output of libnl-nft. While at it, several %lu has been translated to use %"PRIu64" for correctness. [ I have added the policy to string translation --pablo ] Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r--src/chain.c47
-rw-r--r--src/expr/bitwise.c9
-rw-r--r--src/expr/byteorder.c7
-rw-r--r--src/expr/cmp.c4
-rw-r--r--src/expr/counter.c7
-rw-r--r--src/expr/ct.c4
-rw-r--r--src/expr/data_reg.c4
-rw-r--r--src/expr/exthdr.c6
-rw-r--r--src/expr/immediate.c2
-rw-r--r--src/expr/limit.c2
-rw-r--r--src/expr/log.c4
-rw-r--r--src/expr/lookup.c4
-rw-r--r--src/expr/match.c2
-rw-r--r--src/expr/meta.c4
-rw-r--r--src/expr/nat.c10
-rw-r--r--src/expr/payload.c5
-rw-r--r--src/expr/target.c2
-rw-r--r--src/rule.c11
-rw-r--r--src/set.c2
-rw-r--r--src/set_elem.c7
-rw-r--r--src/table.c2
21 files changed, 86 insertions, 59 deletions
diff --git a/src/chain.c b/src/chain.c
index 68744bc..bdbaf60 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -18,6 +18,7 @@
#include <string.h>
#include <netinet/in.h>
#include <errno.h>
+#include <inttypes.h>
#include <libmnl/libmnl.h>
#include <linux/netfilter/nfnetlink.h>
@@ -721,9 +722,9 @@ static int nft_chain_snprintf_json(char *buf, size_t size, struct nft_chain *c)
return snprintf(buf, size,
"{ \"chain\": {"
"\"name\": \"%s\","
- "\"handle\": %lu,"
- "\"bytes\": %lu,"
- "\"packets\": %lu,"
+ "\"handle\": %"PRIu64","
+ "\"bytes\": %"PRIu64","
+ "\"packets\": %"PRIu64","
"\"version\": %d,"
"\"properties\": {"
"\"type\" : \"%s\","
@@ -747,8 +748,8 @@ static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c)
int ret, len = size, offset = 0;
ret = snprintf(buf, size,
- "<chain name=\"%s\" handle=\"%lu\""
- " bytes=\"%lu\" packets=\"%lu\" version=\"%d\">"
+ "<chain name=\"%s\" handle=\"%"PRIu64"\""
+ " bytes=\"%"PRIu64"\" packets=\"%"PRIu64"\" version=\"%d\">"
"<properties>"
"<type>%s</type>"
"<table>%s</table>"
@@ -779,15 +780,39 @@ static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c)
return offset;
}
+static const char *policy2str(int policy)
+{
+ switch (policy) {
+ case NF_ACCEPT:
+ return "accept";
+ case NF_DROP:
+ return "drop";
+ default:
+ break;
+ }
+ return "unknown";
+}
+
static int nft_chain_snprintf_default(char *buf, size_t size,
struct nft_chain *c)
{
- return snprintf(buf, size, "family=%s table=%s chain=%s type=%s "
- "hook=%u prio=%d policy=%d use=%d "
- "packets=%lu bytes=%lu",
- nft_family2str(c->family), c->table, c->name, c->type,
- c->hooknum, c->prio, c->policy, c->use, c->packets,
- c->bytes);
+ int ret, len = size, offset = 0;
+
+ ret = snprintf(buf, size, "%s %s %s",
+ nft_family2str(c->family), c->table, c->name);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+ if (c->flags & (1 << NFT_CHAIN_ATTR_HOOKNUM)) {
+ ret = snprintf(buf+offset, size,
+ " type %s hook %s prio %d policy %s use %d "
+ "packets %"PRIu64" bytes %"PRIu64"",
+ c->type, hooknum2str_array[c->hooknum], c->prio,
+ policy2str(c->policy), c->use,
+ c->packets, c->bytes);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+ }
+
+ return offset;
}
int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c,
diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c
index 6b534b4..e9176cd 100644
--- a/src/expr/bitwise.c
+++ b/src/expr/bitwise.c
@@ -337,18 +337,15 @@ nft_rule_expr_bitwise_snprintf_default(char *buf, size_t size,
{
int len = size, offset = 0, ret;
- ret = snprintf(buf, len, "sreg=%u dreg=%u ",
- bitwise->sreg, bitwise->dreg);
- SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
-
- ret = snprintf(buf+offset, len, " mask=");
+ ret = snprintf(buf, len, "reg %u = (reg=%u & ",
+ bitwise->dreg, bitwise->sreg);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->mask,
NFT_RULE_O_DEFAULT, 0, DATA_VALUE);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
- ret = snprintf(buf+offset, len, " xor=");
+ ret = snprintf(buf+offset, len, ") ^ ");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->xor,
diff --git a/src/expr/byteorder.c b/src/expr/byteorder.c
index 8813546..1e6a51b 100644
--- a/src/expr/byteorder.c
+++ b/src/expr/byteorder.c
@@ -315,10 +315,9 @@ nft_rule_expr_byteorder_snprintf_default(char *buf, size_t size,
{
int len = size, offset = 0, ret;
- ret = snprintf(buf, len, "sreg=%u dreg=%u op=%s len=%u size=%u ",
- byteorder->sreg, byteorder->dreg,
- expr_byteorder_str[byteorder->op],
- byteorder->len, byteorder->size);
+ ret = snprintf(buf, len, "reg %u = %s(reg %u, %u, %u) ",
+ byteorder->dreg, expr_byteorder_str[byteorder->op],
+ byteorder->sreg, byteorder->size, byteorder->len);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
return offset;
diff --git a/src/expr/cmp.c b/src/expr/cmp.c
index f3a363a..2115839 100644
--- a/src/expr/cmp.c
+++ b/src/expr/cmp.c
@@ -277,8 +277,8 @@ nft_rule_expr_cmp_snprintf_default(char *buf, size_t size,
{
int len = size, offset = 0, ret;
- ret = snprintf(buf, len, "sreg=%u op=%s data=",
- cmp->sreg, expr_cmp_str[cmp->op]);
+ ret = snprintf(buf, len, "%s reg %u ",
+ expr_cmp_str[cmp->op], cmp->sreg);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
ret = nft_data_reg_snprintf(buf+offset, len, &cmp->data,
diff --git a/src/expr/counter.c b/src/expr/counter.c
index 665fa14..171088d 100644
--- a/src/expr/counter.c
+++ b/src/expr/counter.c
@@ -13,6 +13,7 @@
#include <stdint.h>
#include <arpa/inet.h>
#include <errno.h>
+#include <inttypes.h>
#include <linux/netfilter/nf_tables.h>
@@ -175,13 +176,13 @@ nft_rule_expr_counter_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "pkts=%lu bytes=%lu ",
+ return snprintf(buf, len, "pkts %"PRIu64" bytes %"PRIu64" ",
ctr->pkts, ctr->bytes);
case NFT_RULE_O_XML:
- return snprintf(buf, len, "<pkts>%lu</pkts><bytes>%lu</bytes>",
+ return snprintf(buf, len, "<pkts>%"PRIu64"</pkts><bytes>%"PRIu64"</bytes>",
ctr->pkts, ctr->bytes);
case NFT_RULE_O_JSON:
- return snprintf(buf, len, "\"pkts\" : %lu, \"bytes\" : %lu",
+ return snprintf(buf, len, "\"pkts\" : %"PRIu64", \"bytes\" : %"PRIu64"",
ctr->pkts, ctr->bytes);
default:
break;
diff --git a/src/expr/ct.c b/src/expr/ct.c
index be23e80..655a935 100644
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -252,8 +252,8 @@ nft_rule_expr_ct_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "dreg=%u key=%s dir=%u ",
- ct->dreg, ctkey2str(ct->key), ct->dir);
+ return snprintf(buf, len, "load %s => reg %u dir %u ",
+ ctkey2str(ct->key), ct->dreg, ct->dir);
case NFT_RULE_O_XML:
return snprintf(buf, len, "<dreg>%u</dreg>"
"<key>%s</key>"
diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c
index fd05499..316111d 100644
--- a/src/expr/data_reg.c
+++ b/src/expr/data_reg.c
@@ -363,7 +363,7 @@ int nft_data_reg_snprintf(char *buf, size_t size, union nft_data_reg *reg,
case DATA_VERDICT:
switch(output_format) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, size, "verdict=%d", reg->verdict);
+ return snprintf(buf, size, "%d ", reg->verdict);
case NFT_RULE_O_XML:
return snprintf(buf, size,
"<data_reg type=\"verdict\">"
@@ -380,7 +380,7 @@ int nft_data_reg_snprintf(char *buf, size_t size, union nft_data_reg *reg,
case DATA_CHAIN:
switch(output_format) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, size, "chain=%s", reg->chain);
+ return snprintf(buf, size, "%s ", reg->chain);
case NFT_RULE_O_XML:
return snprintf(buf, size,
"<data_reg type=\"chain\">"
diff --git a/src/expr/exthdr.c b/src/expr/exthdr.c
index 6055067..eddcd00 100644
--- a/src/expr/exthdr.c
+++ b/src/expr/exthdr.c
@@ -282,9 +282,9 @@ nft_rule_expr_exthdr_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "dreg=%u type=%u offset=%u len=%u ",
- exthdr->dreg, exthdr->type,
- exthdr->offset, exthdr->len);
+ return snprintf(buf, len, "load %ub @ %u + %u => reg %u ",
+ exthdr->len, exthdr->type,
+ exthdr->offset, exthdr->dreg);
case NFT_RULE_O_XML:
return snprintf(buf, len, "<dreg>%u</dreg>"
"<exthdr_type>%s</exthdr_type>"
diff --git a/src/expr/immediate.c b/src/expr/immediate.c
index 8f57649..c5757c6 100644
--- a/src/expr/immediate.c
+++ b/src/expr/immediate.c
@@ -333,7 +333,7 @@ nft_rule_expr_immediate_snprintf_default(char *buf, size_t len,
int size = len, offset = 0, ret;
struct nft_expr_immediate *imm = (struct nft_expr_immediate *)e->data;
- ret = snprintf(buf, len, "dreg=%u ", imm->dreg);
+ ret = snprintf(buf, len, "reg %u ", imm->dreg);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
if (e->flags & (1 << NFT_EXPR_IMM_DATA)) {
diff --git a/src/expr/limit.c b/src/expr/limit.c
index fdd76e3..c18ca2a 100644
--- a/src/expr/limit.c
+++ b/src/expr/limit.c
@@ -176,7 +176,7 @@ nft_rule_expr_limit_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "rate=%"PRIu64" depth=%"PRIu64" ",
+ return snprintf(buf, len, "rate %"PRIu64" depth %"PRIu64" ",
limit->rate, limit->depth);
case NFT_RULE_O_XML:
return snprintf(buf, len, "<rate>%"PRIu64"</rate>"
diff --git a/src/expr/log.c b/src/expr/log.c
index b2b3ca1..03be030 100644
--- a/src/expr/log.c
+++ b/src/expr/log.c
@@ -239,8 +239,8 @@ nft_rule_expr_log_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "prefix=%s group=%u "
- "snaplen=%u qthreshold=%u ",
+ return snprintf(buf, len, "prefix '%s' group %u "
+ "snaplen %u qthreshold %u ",
log->prefix, log->group,
log->snaplen, log->qthreshold);
case NFT_RULE_O_XML:
diff --git a/src/expr/lookup.c b/src/expr/lookup.c
index e083372..9babfd1 100644
--- a/src/expr/lookup.c
+++ b/src/expr/lookup.c
@@ -224,8 +224,8 @@ nft_rule_expr_lookup_snprintf_default(char *buf, size_t size,
{
int len = size, offset = 0, ret;
- ret = snprintf(buf, len, "set=%s sreg=%u dreg=%u",
- l->set_name, l->sreg, l->dreg);
+ ret = snprintf(buf, len, "reg %u set %s dreg %u ",
+ l->sreg, l->set_name, l->dreg);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
return offset;
diff --git a/src/expr/match.c b/src/expr/match.c
index 3302bb4..01d8cef 100644
--- a/src/expr/match.c
+++ b/src/expr/match.c
@@ -242,7 +242,7 @@ nft_rule_expr_match_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "name=%s rev=%u ",
+ return snprintf(buf, len, "name %s rev %u ",
match->name, match->rev);
case NFT_RULE_O_XML:
return nft_rule_expr_match_snprintf_xml(buf, len, match);
diff --git a/src/expr/meta.c b/src/expr/meta.c
index b1d978b..3b83a4a 100644
--- a/src/expr/meta.c
+++ b/src/expr/meta.c
@@ -211,8 +211,8 @@ nft_rule_expr_meta_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "dreg=%u key=%u ",
- meta->dreg, meta->key);
+ return snprintf(buf, len, "load %s => reg %u ",
+ meta_key2str(meta->key), meta->dreg);
case NFT_RULE_O_XML:
return snprintf(buf, len, "<dreg>%u</dreg>"
"<key>%s</key>",
diff --git a/src/expr/nat.c b/src/expr/nat.c
index 32be564..66ae405 100644
--- a/src/expr/nat.c
+++ b/src/expr/nat.c
@@ -363,28 +363,28 @@ nft_rule_expr_nat_snprintf_default(char *buf, size_t size,
switch (nat->type) {
case NFT_NAT_SNAT:
- ret = snprintf(buf, len, "type=NFT_NAT_SNAT ");
+ ret = snprintf(buf, len, "snat ");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
break;
case NFT_NAT_DNAT:
- ret = snprintf(buf, len, "type=NFT_NAT_DNAT ");
+ ret = snprintf(buf, len, "dnat ");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
break;
}
- ret = snprintf(buf+offset, len, "family=%s ", nft_family2str(nat->family));
+ ret = snprintf(buf+offset, len, "%s ", nft_family2str(nat->family));
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
if (e->flags & (1 << NFT_EXPR_NAT_REG_ADDR_MIN)) {
ret = snprintf(buf+offset, len,
- "sreg_addr_min_v4=%u sreg_addr_max_v4=%u ",
+ "addr_min reg %u addr_max reg %u ",
nat->sreg_addr_min, nat->sreg_addr_max);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
if (e->flags & (1 << NFT_EXPR_NAT_REG_PROTO_MIN)) {
ret = snprintf(buf+offset, len,
- "sreg_proto_min=%u sreg_proto_max=%u ",
+ "proto_min reg %u proto_max reg %u ",
nat->sreg_proto_min, nat->sreg_proto_max);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
diff --git a/src/expr/payload.c b/src/expr/payload.c
index 7d6fb6d..449fbd6 100644
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -303,9 +303,8 @@ nft_rule_expr_payload_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "dreg=%u base=%u offset=%u len=%u ",
- payload->dreg, payload->base,
- payload->offset, payload->len);
+ return snprintf(buf, len, "load %ub @ network header + %u => reg %u ",
+ payload->dreg, payload->offset, payload->len);
case NFT_RULE_O_XML:
return nft_rule_expr_payload_snprintf_xml(buf, len, flags,
payload);
diff --git a/src/expr/target.c b/src/expr/target.c
index ba7ee1a..fc24a81 100644
--- a/src/expr/target.c
+++ b/src/expr/target.c
@@ -244,7 +244,7 @@ nft_rule_expr_target_snprintf(char *buf, size_t len, uint32_t type,
switch(type) {
case NFT_RULE_O_DEFAULT:
- return snprintf(buf, len, "name=%s rev=%u ",
+ return snprintf(buf, len, "name %s rev %u ",
target->name, target->rev);
case NFT_RULE_O_XML:
return nft_rule_exp_target_snprintf_xml(buf, len, target);
diff --git a/src/rule.c b/src/rule.c
index 64c34bd..5a4ae91 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -18,6 +18,7 @@
#include <string.h>
#include <netinet/in.h>
#include <errno.h>
+#include <inttypes.h>
#include <libmnl/libmnl.h>
#include <linux/netfilter/nfnetlink.h>
@@ -745,18 +746,20 @@ static int nft_rule_snprintf_default(char *buf, size_t size, struct nft_rule *r,
struct nft_rule_expr *expr;
int ret, len = size, offset = 0;
- ret = snprintf(buf, size, "family=%s table=%s chain=%s handle=%llu "
- "flags=%x ",
+ ret = snprintf(buf, size, "%s %s %s %"PRIu64"\n",
nft_family2str(r->family), r->table, r->chain,
- (unsigned long long)r->handle, r->rule_flags);
+ r->handle);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
list_for_each_entry(expr, &r->expr_list, head) {
- ret = snprintf(buf+offset, len, "%s ", expr->ops->name);
+ ret = snprintf(buf+offset, len, " [ %s ", expr->ops->name);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
ret = nft_rule_expr_snprintf(buf+offset, size, expr, type, flags);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+ ret = snprintf(buf+offset, len, "]\n");
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
return offset;
diff --git a/src/set.c b/src/set.c
index b8d431e..69f25ac 100644
--- a/src/set.c
+++ b/src/set.c
@@ -323,7 +323,7 @@ int nft_set_snprintf(char *buf, size_t size, struct nft_set *s,
int len = size, offset = 0;
struct nft_set_elem *elem;
- ret = snprintf(buf, size, "set=%s table=%s flags=%x",
+ ret = snprintf(buf, size, "%s %s %x",
s->name, s->table, s->set_flags);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
diff --git a/src/set_elem.c b/src/set_elem.c
index 0cbb9b7..a70dc09 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -389,7 +389,7 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e,
{
int ret, len = size, offset = 0, i;
- ret = snprintf(buf, size, "flags=%u key=", e->set_elem_flags);
+ ret = snprintf(buf, size, "element ");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
for (i=0; i<e->key.len/sizeof(uint32_t); i++) {
@@ -397,7 +397,7 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e,
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
- ret = snprintf(buf+offset, size, "data=");
+ ret = snprintf(buf+offset, size, " : ");
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
for (i=0; i<e->data.len/sizeof(uint32_t); i++) {
@@ -405,6 +405,9 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e,
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
+ ret = snprintf(buf+offset, len, "%u [end]", e->set_elem_flags);
+ SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
return offset;
}
EXPORT_SYMBOL(nft_set_elem_snprintf);
diff --git a/src/table.c b/src/table.c
index 982d101..27fa8fc 100644
--- a/src/table.c
+++ b/src/table.c
@@ -359,7 +359,7 @@ static int nft_table_snprintf_xml(char *buf, size_t size, struct nft_table *t)
static int nft_table_snprintf_default(char *buf, size_t size, struct nft_table *t)
{
- return snprintf(buf, size, "table=%s family=%s flags=%x",
+ return snprintf(buf, size, "table %s %s flags %x",
t->name, nft_family2str(t->family), t->table_flags);
}