From 26e06d838d6471f5233c1da3fee012bf113564a5 Mon Sep 17 00:00:00 2001 From: Arturo Borrero Gonzalez Date: Fri, 8 Feb 2013 17:51:56 +0100 Subject: src: add XML output support Signed-off-by: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- include/libnftables/chain.h | 1 + include/libnftables/rule.h | 1 + include/libnftables/table.h | 1 + src/chain.c | 38 +++++++++++++++++++++++-- src/expr/bitwise.c | 58 +++++++++++++++++++++++++++++++++++-- src/expr/cmp.c | 42 +++++++++++++++++++++++++-- src/expr/counter.c | 14 +++++++-- src/expr/immediate.c | 15 ++++++++-- src/expr/lookup.c | 38 ++++++++++++++++++++++--- src/expr/match.c | 40 ++++++++++++++++++++++++-- src/expr/meta.c | 14 ++++++++- src/expr/nat.c | 69 +++++++++++++++++++++++++++++++++++++++++---- src/expr/payload.c | 20 +++++++++++-- src/expr/target.c | 37 ++++++++++++++++++++++-- src/rule.c | 52 +++++++++++++++++++++++++++++++--- src/table.c | 29 +++++++++++++++++-- 16 files changed, 433 insertions(+), 36 deletions(-) diff --git a/include/libnftables/chain.h b/include/libnftables/chain.h index 8a57732..a7f6a50 100644 --- a/include/libnftables/chain.h +++ b/include/libnftables/chain.h @@ -41,6 +41,7 @@ void nft_chain_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nft_chain enum { NFT_CHAIN_O_DEFAULT = 0, + NFT_CHAIN_O_XML, }; int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *t, uint32_t type, uint32_t flags); diff --git a/include/libnftables/rule.h b/include/libnftables/rule.h index e17799a..50222c5 100644 --- a/include/libnftables/rule.h +++ b/include/libnftables/rule.h @@ -40,6 +40,7 @@ void nft_rule_nlmsg_build_payload(struct nlmsghdr *nlh, struct nft_rule *t); enum { NFT_RULE_O_DEFAULT = 0, + NFT_RULE_O_XML, }; int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *t, uint32_t type, uint32_t flags); diff --git a/include/libnftables/table.h b/include/libnftables/table.h index 1977d91..f367bb8 100644 --- a/include/libnftables/table.h +++ b/include/libnftables/table.h @@ -28,6 +28,7 @@ void nft_table_nlmsg_build_payload(struct nlmsghdr *nlh, const struct nft_table enum { NFT_TABLE_O_DEFAULT = 0, + NFT_TABLE_O_XML, }; int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, uint32_t type, uint32_t flags); diff --git a/src/chain.c b/src/chain.c index e12f82b..3c83e6d 100644 --- a/src/chain.c +++ b/src/chain.c @@ -437,8 +437,28 @@ int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *c) } EXPORT_SYMBOL(nft_chain_nlmsg_parse); -int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c, - uint32_t type, uint32_t flags) +static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c) +{ + return snprintf(buf, size, + "\n" + "\t\n" + "\t\t\n" + "\t\t\n" + "\t\t\n" + "\t\t\n" + "\t\t\n" + "\t\t\n" + "\t\t\n" + "\t\t\n" + "\t\n" + "\n", + c->name, c->handle, c->bytes, c->packets, + c->flags, c->type, c->table, c->prio, + c->use, c->hooknum, c->policy, c->family); +} + +static int nft_chain_snprintf_default(char *buf, size_t size, struct nft_chain *c) { return snprintf(buf, size, "family=%u table=%s chain=%s type=%s " "hook=%u prio=%d policy=%d use=%d " @@ -446,6 +466,20 @@ int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c, c->family, c->table, c->name, c->type, c->hooknum, c->prio, c->policy, c->use, c->packets, c->bytes); } + +int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c, + uint32_t type, uint32_t flags) +{ + switch(type) { + case NFT_CHAIN_O_XML: + return nft_chain_snprintf_xml(buf, size, c); + case NFT_CHAIN_O_DEFAULT: + return nft_chain_snprintf_default(buf, size, c); + default: + break; + } + return -1; +} EXPORT_SYMBOL(nft_chain_snprintf); struct nft_chain_list { diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index fdab8e6..ac89cba 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -18,6 +18,7 @@ #include #include #include +#include #include "data_reg.h" #include "expr_ops.h" @@ -195,10 +196,43 @@ nft_rule_expr_bitwise_parse(struct nft_rule_expr *e, struct nlattr *attr) } static int -nft_rule_expr_bitwise_snprintf(char *buf, size_t size, uint32_t type, - uint32_t flags, struct nft_rule_expr *e) +nft_rule_expr_bitwise_snprintf_xml(char *buf, size_t size, + struct nft_expr_bitwise *bitwise) +{ + int len = size, offset = 0, ret, i; + + ret = snprintf(buf, len, "\t\t%u " + "%u ", + bitwise->sreg, bitwise->dreg); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = snprintf(buf+offset, len, ""); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + for (i=0; imask.len/sizeof(uint32_t); i++) { + ret = snprintf(buf+offset, len, "%.8x ", + bitwise->mask.val[i]); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, " "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + for (i=0; ixor.len/sizeof(uint32_t); i++) { + ret = snprintf(buf+offset, len, "%.8x ", bitwise->xor.val[i]); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, " "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + +static int +nft_rule_expr_bitwise_snprintf_default(char *buf, size_t size, + struct nft_expr_bitwise *bitwise) { - struct nft_expr_bitwise *bitwise = (struct nft_expr_bitwise *)e->data; int len = size, offset = 0, ret, i; ret = snprintf(buf, len, "sreg=%u dreg=%u ", @@ -224,6 +258,24 @@ nft_rule_expr_bitwise_snprintf(char *buf, size_t size, uint32_t type, return offset; } +static int +nft_rule_expr_bitwise_snprintf(char *buf, size_t size, uint32_t type, + uint32_t flags, struct nft_rule_expr *e) +{ + struct nft_expr_bitwise *bitwise = (struct nft_expr_bitwise *)e->data; + + switch(type) { + case NFT_RULE_O_XML: + return nft_rule_expr_bitwise_snprintf_xml(buf, size, bitwise); + case NFT_RULE_O_DEFAULT: + return nft_rule_expr_bitwise_snprintf_default(buf, size, + bitwise); + default: + break; + } + return -1; +} + struct expr_ops expr_ops_bitwise = { .name = "bitwise", .alloc_len = sizeof(struct nft_expr_bitwise), diff --git a/src/expr/cmp.c b/src/expr/cmp.c index 0849c49..429f024 100644 --- a/src/expr/cmp.c +++ b/src/expr/cmp.c @@ -19,6 +19,7 @@ #include #include #include +#include #include "expr_ops.h" #include "data_reg.h" @@ -166,10 +167,29 @@ static char *expr_cmp_str[] = { }; static int -nft_rule_expr_cmp_snprintf(char *buf, size_t size, uint32_t type, - uint32_t flags, struct nft_rule_expr *e) +nft_rule_expr_cmp_snprintf_xml(char *buf, size_t size, struct nft_expr_cmp *cmp) +{ + int len = size, offset = 0, ret, i; + + ret = snprintf(buf, len, "\t\t%u %s ", + cmp->sreg, expr_cmp_str[cmp->op]); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + for (i=0; idata.len/sizeof(uint32_t); i++) { + ret = snprintf(buf+offset, len, "%.8x ", cmp->data.val[i]); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, " "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + +static int +nft_rule_expr_cmp_snprintf_default(char *buf, size_t size, + struct nft_expr_cmp *cmp) { - struct nft_expr_cmp *cmp = (struct nft_expr_cmp *)e->data; int len = size, offset = 0, ret, i; ret = snprintf(buf, len, "sreg=%u op=%s data=", @@ -183,6 +203,22 @@ nft_rule_expr_cmp_snprintf(char *buf, size_t size, uint32_t type, return offset; } +static int +nft_rule_expr_cmp_snprintf(char *buf, size_t size, uint32_t type, + uint32_t flags, struct nft_rule_expr *e) +{ + struct nft_expr_cmp *cmp = (struct nft_expr_cmp *)e->data; + switch(type) { + case NFT_RULE_O_XML: + return nft_rule_expr_cmp_snprintf_xml(buf, size, cmp); + case NFT_RULE_O_DEFAULT: + return nft_rule_expr_cmp_snprintf_default(buf, size, cmp); + default: + break; + } + return -1; +} + struct expr_ops expr_ops_cmp = { .name = "cmp", .alloc_len = sizeof(struct nft_expr_cmp), diff --git a/src/expr/counter.c b/src/expr/counter.c index f0d7617..d2da9bf 100644 --- a/src/expr/counter.c +++ b/src/expr/counter.c @@ -18,6 +18,7 @@ #include "internal.h" #include #include +#include #include "expr_ops.h" struct nft_expr_counter { @@ -130,8 +131,17 @@ nft_rule_expr_counter_snprintf(char *buf, size_t len, uint32_t type, { struct nft_expr_counter *ctr = (struct nft_expr_counter *)e->data; - return snprintf(buf, len, "pkts=%lu bytes=%lu ", - ctr->pkts, ctr->bytes); + switch(type) { + case NFT_RULE_O_XML: + return snprintf(buf, len, "\t\t%lu %lu ", + ctr->pkts, ctr->bytes); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, len, "pkts=%lu bytes=%lu ", + ctr->pkts, ctr->bytes); + default: + break; + } + return -1; } struct expr_ops expr_ops_counter = { diff --git a/src/expr/immediate.c b/src/expr/immediate.c index b5ac602..496cbfd 100644 --- a/src/expr/immediate.c +++ b/src/expr/immediate.c @@ -18,6 +18,7 @@ #include #include #include +#include #include "expr_ops.h" #include "data_reg.h" @@ -200,8 +201,18 @@ nft_rule_expr_immediate_snprintf(char *buf, size_t len, uint32_t type, { struct nft_expr_immediate *imm = (struct nft_expr_immediate *)e->data; - return snprintf(buf, len, "dreg=%u data=%u ", - imm->dreg, imm->data.val[0]); + switch(type) { + case NFT_RULE_O_XML: + return snprintf(buf, len, "\t\t%u" + " %u ", + imm->dreg, imm->data.val[0]); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, len, "dreg=%u data=%u ", + imm->dreg, imm->data.val[0]); + default: + break; + } + return -1; } struct expr_ops expr_ops_immediate = { diff --git a/src/expr/lookup.c b/src/expr/lookup.c index 8e533c4..550c850 100644 --- a/src/expr/lookup.c +++ b/src/expr/lookup.c @@ -17,6 +17,7 @@ #include #include #include +#include #include #include "data_reg.h" #include "expr_ops.h" @@ -150,19 +151,48 @@ nft_rule_expr_lookup_parse(struct nft_rule_expr *e, struct nlattr *attr) } static int -nft_rule_expr_lookup_snprintf(char *buf, size_t size, uint32_t type, - uint32_t flags, struct nft_rule_expr *e) +nft_rule_expr_lookup_snprintf_xml(char *buf, size_t size, + struct nft_expr_lookup *l) +{ + int len = size, offset = 0, ret; + + ret = snprintf(buf, len, "%s%u%u\n", + l->set_name, l->sreg, l->dreg); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + +static int +nft_rule_expr_lookup_snprintf_default(char *buf, size_t size, + struct nft_expr_lookup *l) { - struct nft_expr_lookup *lookup = (struct nft_expr_lookup *)e->data; int len = size, offset = 0, ret; ret = snprintf(buf, len, "set=%s sreg=%u dreg=%u\n", - lookup->set_name, lookup->sreg, lookup->dreg); + l->set_name, l->sreg, l->dreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); return offset; } +static int +nft_rule_expr_lookup_snprintf(char *buf, size_t size, uint32_t type, + uint32_t flags, struct nft_rule_expr *e) +{ + struct nft_expr_lookup *lookup = (struct nft_expr_lookup *)e->data; + + switch(type) { + case NFT_RULE_O_XML: + return nft_rule_expr_lookup_snprintf_xml(buf, size, lookup); + case NFT_RULE_O_DEFAULT: + return nft_rule_expr_lookup_snprintf_default(buf, size, lookup); + default: + break; + } + return -1; +} + struct expr_ops expr_ops_lookup = { .name = "lookup", .alloc_len = sizeof(struct nft_expr_lookup), diff --git a/src/expr/match.c b/src/expr/match.c index 855d210..0c7427d 100644 --- a/src/expr/match.c +++ b/src/expr/match.c @@ -15,6 +15,8 @@ #include #include /* for memcpy */ #include +#include /* bin to hex*/ +#include /* bin to hex*/ #include @@ -23,6 +25,7 @@ #include #include +#include #include "expr_ops.h" @@ -183,14 +186,47 @@ static int nft_rule_expr_match_parse(struct nft_rule_expr *e, struct nlattr *att return 0; } +static +int nft_rule_exp_match_snprintf_xml(char *buf, size_t len, + struct nft_expr_match *mt) +{ + int ret, size=len; + int i; + int offset = 0; + uint8_t *data = (uint8_t *)mt->data; + + ret = snprintf(buf, len, "\t\t%s %u 0x", + mt->name, mt->rev); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + for (i=0; i < mt->data_len; i++) { + ret = snprintf(buf+offset, len, "%x", data[i] & 0xff); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, "" ); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + + static int nft_rule_expr_match_snprintf(char *buf, size_t len, uint32_t type, uint32_t flags, struct nft_rule_expr *e) { struct nft_expr_match *match = (struct nft_expr_match *)e->data; - return snprintf(buf, len, "name=%s rev=%u ", - match->name, match->rev); + switch(type) { + case NFT_RULE_O_XML: + return nft_rule_exp_match_snprintf_xml(buf, len, match); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, len, "name=%s rev=%u ", + match->name, match->rev); + default: + break; + } + return -1; } struct expr_ops expr_ops_match = { diff --git a/src/expr/meta.c b/src/expr/meta.c index b7cd201..2095545 100644 --- a/src/expr/meta.c +++ b/src/expr/meta.c @@ -18,6 +18,7 @@ #include "internal.h" #include #include +#include #include "expr_ops.h" struct nft_expr_meta { @@ -130,7 +131,18 @@ nft_rule_expr_meta_snprintf(char *buf, size_t len, uint32_t type, { struct nft_expr_meta *meta = (struct nft_expr_meta *)e->data; - return snprintf(buf, len, "dreg=%u key=%u ", meta->dreg, meta->key); + switch(type) { + case NFT_RULE_O_XML: + return snprintf(buf, len, "\t\t%u" + " %u ", + meta->dreg, meta->key); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, len, "dreg=%u key=%u ", + meta->dreg, meta->key); + default: + break; + } + return -1; } struct expr_ops expr_ops_meta = { diff --git a/src/expr/nat.c b/src/expr/nat.c index 17f4459..68217bd 100644 --- a/src/expr/nat.c +++ b/src/expr/nat.c @@ -18,6 +18,7 @@ #include #include #include +#include #include "expr_ops.h" struct nft_expr_nat { @@ -201,8 +202,49 @@ nft_rule_expr_nat_build(struct nlmsghdr *nlh, struct nft_rule_expr *e) } static int -nft_rule_expr_nat_snprintf(char *buf, size_t size, uint32_t type, - uint32_t flags, struct nft_rule_expr *e) +nft_rule_expr_nat_snprintf_xml(char *buf, size_t size, + struct nft_rule_expr *e) +{ + struct nft_expr_nat *nat = (struct nft_expr_nat *)e->data; + int len = size, offset = 0, ret = 0; + + switch (nat->type) { + case NFT_NAT_SNAT: + ret = snprintf(buf, len, + "\t\tNFT_NAT_SNAT "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + break; + case NFT_NAT_DNAT: + ret = snprintf(buf, len, + "\t\tNFT_NAT_DNAT "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + break; + } + + ret = snprintf(buf, len, "%s ", + nat->family == AF_INET ? "AF_INET" : "AF_INET6"); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + if (e->flags & (1 << NFT_EXPR_NAT_REG_ADDR_MIN)) { + ret = snprintf(buf, len, "%u" + " %u ", + nat->sreg_addr_min, nat->sreg_addr_max); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + if (e->flags & (1 << NFT_EXPR_NAT_REG_PROTO_MIN)) { + ret = snprintf(buf, len, "%u" + " %u ", + nat->sreg_proto_min, nat->sreg_proto_max); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + return offset; +} + +static int +nft_rule_expr_nat_snprintf_default(char *buf, size_t size, + struct nft_rule_expr *e) { struct nft_expr_nat *nat = (struct nft_expr_nat *)e->data; int len = size, offset = 0, ret = 0; @@ -210,12 +252,13 @@ nft_rule_expr_nat_snprintf(char *buf, size_t size, uint32_t type, switch (nat->type) { case NFT_NAT_SNAT: ret = snprintf(buf, len, "type=NFT_NAT_SNAT "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); break; case NFT_NAT_DNAT: ret = snprintf(buf, len, "type=NFT_NAT_DNAT "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); break; } - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = snprintf(buf, len, "family=%s ", nat->family == AF_INET ? "AF_INET" : "AF_INET6"); @@ -225,20 +268,34 @@ nft_rule_expr_nat_snprintf(char *buf, size_t size, uint32_t type, ret = snprintf(buf, len, "sreg_addr_min_v4=%u sreg_addr_max_v4=%u ", nat->sreg_addr_min, nat->sreg_addr_max); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - if (e->flags & (1 << NFT_EXPR_NAT_REG_PROTO_MIN)) { ret = snprintf(buf, len, "sreg_proto_min=%u sreg_proto_max=%u ", nat->sreg_proto_min, nat->sreg_proto_max); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); } - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); return offset; } +static int +nft_rule_expr_nat_snprintf(char *buf, size_t size, uint32_t type, + uint32_t flags, struct nft_rule_expr *e) +{ + switch (type) { + case NFT_RULE_O_XML: + return nft_rule_expr_nat_snprintf_xml(buf, size, e); + case NFT_RULE_O_DEFAULT: + return nft_rule_expr_nat_snprintf_default(buf, size, e); + default: + break; + } + return -1; +} + struct expr_ops expr_ops_nat = { .name = "nat", .alloc_len = sizeof(struct nft_expr_nat), diff --git a/src/expr/payload.c b/src/expr/payload.c index f571206..33fcef1 100644 --- a/src/expr/payload.c +++ b/src/expr/payload.c @@ -20,6 +20,7 @@ #include #include +#include #include "expr_ops.h" @@ -169,9 +170,22 @@ nft_rule_expr_payload_snprintf(char *buf, size_t len, uint32_t type, { struct nft_expr_payload *payload = (struct nft_expr_payload *)e->data; - return snprintf(buf, len, "dreg=%u base=%u offset=%u len=%u ", - payload->dreg, payload->base, - payload->offset, payload->len); + switch(type) { + case NFT_RULE_O_XML: + return snprintf(buf, len, "\t\t%u" + "%u %u" + "%u", + payload->dreg, payload->base, + payload->offset, payload->len); + + case NFT_RULE_O_DEFAULT: + return snprintf(buf, len, "dreg=%u base=%u offset=%u len=%u ", + payload->dreg, payload->base, + payload->offset, payload->len); + default: + break; + } + return -1; } struct expr_ops expr_ops_payload = { diff --git a/src/expr/target.c b/src/expr/target.c index 1ee7379..86c9bc8 100644 --- a/src/expr/target.c +++ b/src/expr/target.c @@ -23,6 +23,7 @@ #include #include +#include #include "expr_ops.h" @@ -183,14 +184,46 @@ static int nft_rule_expr_target_parse(struct nft_rule_expr *e, struct nlattr *at return 0; } +static +int nft_rule_exp_target_snprintf_xml(char *buf, size_t len, + struct nft_expr_target *tg) +{ + int ret, size=len; + int i; + int offset = 0; + uint8_t *data = (uint8_t *)tg->data; + + ret = snprintf(buf, len, "\t\t%s %u 0x", + tg->name, tg->rev); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + for (i=0; i < tg->data_len; i++) { + ret = snprintf(buf+offset, len, "%x", data[i] & 0xff); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, "" ); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + static int nft_rule_expr_target_snprintf(char *buf, size_t len, uint32_t type, uint32_t flags, struct nft_rule_expr *e) { struct nft_expr_target *target = (struct nft_expr_target *)e->data; - return snprintf(buf, len, "name=%s rev=%u ", - target->name, target->rev); + switch(type) { + case NFT_RULE_O_XML: + return nft_rule_exp_target_snprintf_xml(buf, len, target); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, len, "name=%s rev=%u ", + target->name, target->rev); + default: + break; + } + return -1; } struct expr_ops expr_ops_target = { diff --git a/src/rule.c b/src/rule.c index 6c4aa4c..501b4f6 100644 --- a/src/rule.c +++ b/src/rule.c @@ -434,12 +434,42 @@ int nft_rule_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_rule *r) } EXPORT_SYMBOL(nft_rule_nlmsg_parse); -int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *r, - uint32_t type, uint32_t flags) +static int nft_rule_snprintf_xml(char *buf, size_t size, struct nft_rule *r, + uint32_t type, uint32_t flags) +{ + int ret, len = size, offset = 0; + struct nft_rule_expr *expr; + + ret = snprintf(buf, size, + " ", + r->family, r->table, r->chain, + (unsigned long long)r->handle); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + list_for_each_entry(expr, &r->expr_list, head) { + ret = snprintf(buf+offset, len, + "\n\t\n", expr->ops->name); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = expr->ops->snprintf(buf+offset, len, type, flags, expr); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = snprintf(buf+offset, len, "\n\t"); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + } + ret = snprintf(buf+offset-1, len, "\n\n "); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return ret; +} + +static int nft_rule_snprintf_default(char *buf, size_t size, struct nft_rule *r, + uint32_t type, uint32_t flags) { - int ret; struct nft_rule_expr *expr; - int len = size, offset = 0; + int ret, len = size, offset = 0; ret = snprintf(buf, size, "family=%u table=%s chain=%s handle=%llu " "flags=%x ", @@ -459,6 +489,20 @@ int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *r, return ret; } + +int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *r, + uint32_t type, uint32_t flags) +{ + switch(type) { + case NFT_RULE_O_XML: + return nft_rule_snprintf_xml(buf, size, r, type, flags); + case NFT_RULE_O_DEFAULT: + return nft_rule_snprintf_default(buf, size, r, type, flags); + default: + break; + } + return -1; +} EXPORT_SYMBOL(nft_rule_snprintf); struct nft_rule_expr_iter { diff --git a/src/table.c b/src/table.c index 48e9a6a..eb485b2 100644 --- a/src/table.c +++ b/src/table.c @@ -174,12 +174,37 @@ int nft_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_table *t) } EXPORT_SYMBOL(nft_table_nlmsg_parse); -int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, - uint32_t type, uint32_t flags) +static int nft_table_snprintf_xml(char *buf, size_t size, struct nft_table *t) +{ + return snprintf(buf, size, + "
\n" + "\t\n" + "\t\t\n" + "\t\t\n" + "\t\n" + "
\n" , + t->name, t->family, t->flags, t->table_flags); +} + +static int nft_table_snprintf_default(char *buf, size_t size, struct nft_table *t) { return snprintf(buf, size, "table=%s family=%u flags=%x\n", t->name, t->family, t->table_flags); } + +int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, + uint32_t type, uint32_t flags) +{ + switch(type) { + case NFT_TABLE_O_XML: + return nft_table_snprintf_xml(buf, size, t); + case NFT_TABLE_O_DEFAULT: + return nft_table_snprintf_default(buf, size, t); + default: + break; + } + return -1; +} EXPORT_SYMBOL(nft_table_snprintf); struct nft_table_list { -- cgit v1.2.3