summaryrefslogtreecommitdiffstats
path: root/src/expr/ct.c
Commit message (Collapse)AuthorAgeFilesLines
* src: xml: add parsing optional/mandatory flagArturo Borrero Gonzalez2013-09-161-3/+4
| | | | | | | | | | | Add an optional/mandatory flag to XML parsing. In some elements (ie regs), no flag is used because is always mandatory. DATA_NONE is created to indicate a non-parsed data_reg. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: json: s/nft_jansson_value_parse_reg/nft_jansson_parse_reg/gPablo Neira Ayuso2013-08-241-1/+1
| | | | | | | | This patch is a cleanup to save LOC. I have also changed it to use < 0 to check for error conditions. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: json: s/nft_jansson_value_parse_val/nft_jansson_parse_val/gPablo Neira Ayuso2013-08-241-2/+1
| | | | | | | | This patch is a cleanup to save LOC. I have also changed it to use < 0 to check for error conditions. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: json: s/nft_jansson_value_parse_str/nft_jansson_parse_str/gPablo Neira Ayuso2013-08-241-1/+1
| | | | | | Remove _value_ infix to make the function name smaller. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* rule: Add json parser supportÁlvaro Neira Ayuso2013-08-201-0/+49
| | | | | | | Add function for parsing rules in JSON format Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: ct: optional output in ctÁlvaro Neira Ayuso2013-08-091-4/+25
| | | | | | | Display direction and key if available Signed-off-by: Alvaro Neira Ayuso Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: don't override errno value if nft_mxml_num_parse is usedPablo Neira Ayuso2013-07-251-1/+1
| | | | | | That function already sets errno for us. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: ct: use nft_mxml_str_parsePablo Neira Ayuso2013-07-251-5/+5
| | | | | | Replace existing code to use this function. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: xml: consolidate common XML code via nft_mxml_num_parseArturo Borrero2013-07-251-10/+5
| | | | | | | | | | | This patch moves common XML parsing code to nft_mxml_num_parse(). To handle this, the nft_strtoi() helper fuction is included. I've changed some MXML_DESCEND[_FIRST] flags to avoid match a nested node under some circumstances, ie, matching two nodes with the same name that are descendant. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: simplify getter logicPablo Neira Ayuso2013-07-181-20/+6
| | | | | | | | This patch refactors the getter code to simplify it. The default cases have been removed so gcc will spot a warning if an attribute is not handled appropriately. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: add nft_expr_data to replace explicit casting to obtain expression dataPablo Neira Ayuso2013-07-131-6/+6
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: use __attribute__((constructor)) to register expressionPablo Neira Ayuso2013-07-131-0/+5
| | | | | | Instead of manual array registration. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: improve default text outputGiuseppe Longo2013-07-051-2/+2
| | | | | | | | | | | | | This patch improves default plain text output by mimicing the default output of libnl-nft. While at it, several %lu has been translated to use %"PRIu64" for correctness. [ I have added the policy to string translation --pablo ] Signed-off-by: Giuseppe Longo <giuseppelng@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: consolidate XML parsing of expressions via nft_mxml_reg_parsePablo Neira Ayuso2013-07-041-12/+5
| | | | This patch reduces the XML code in 100 LOC.
* src: consolidate XML parsing of expressions via nft_mxml_expr_parsePablo Neira Ayuso2013-07-041-14/+1
| | | | | | | | | Move common code for XML parsing of expressions to the new nft_mxml_expr_parse function. This patch reduces the XML parsing code in 300 LOC. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: ct: fix setting of NFT_EXPR_CT_DIRArturo Borrero Gonzalez2013-07-041-1/+1
| | | | | Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: support JSON format in chain, rule and expressionsÁlvaro Neira Ayuso2013-06-291-0/+5
| | | | | | | While at it, order possible switch cases of _snprintf. Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ct: xml: use key names instead of numbersArturo Borrero Gonzalez2013-06-271-7/+48
| | | | | | | ct expr uses a string instead of a numerical one in the <key> node. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* ct: xml: add extra dir checkArturo Borrero Gonzalez2013-06-271-0/+6
| | | | | | | | | | | | | This patch adds an extra dir check. 0 means original. 1 means a reply. Pablo decided not to include nf_conntrack_tuple_common.h, instead internally defined them. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: xml: registers must be <= NFT_REG_MAXArturo Borrero Gonzalez2013-06-271-0/+3
| | | | | | | With this patch, all expressions validate that registers are <= NFT_REG_MAX. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* src: constify first parameter of all nft_*_getPablo Neira Ayuso2013-06-171-1/+2
| | | | Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
* expr: add ctPablo Neira Ayuso2013-06-121-0/+247
This patch adds the ct expression. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>