From aa56f410581fe3539b3c907c2a2fdec360481d5c Mon Sep 17 00:00:00 2001 From: Arturo Borrero Gonzalez Date: Sun, 7 Apr 2013 22:30:22 +0000 Subject: expr: basic support for printing nft_data_reg in XML format nft_data_reg now is printed in XML according to what it contains nodes have been also renamed. Arturo Borrero Gonzalez says: ==================== cmp is using has which can also be redundant. But all around the XML printing (including sets, an incoming patch) i've been nesting the data_reg into another XML node, so you could easily see (also the XML parser) the difference between (for example. in set) nft_set_elem->key and nft_set_elem->data. As I needed to nest in nft_set_elem I decided to follow a constant line and do nest all data_reg. ==================== Signed-off-by: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- src/expr/bitwise.c | 39 ++++++++++----------- src/expr/cmp.c | 27 +++++++-------- src/expr/data_reg.c | 95 ++++++++++++++++++++++++++++++++++++++++++++++++++++ src/expr/data_reg.h | 3 ++ src/expr/immediate.c | 72 +++++++++++++++++++++++++++++++++++---- 5 files changed, 193 insertions(+), 43 deletions(-) diff --git a/src/expr/bitwise.c b/src/expr/bitwise.c index ac89cba..052144e 100644 --- a/src/expr/bitwise.c +++ b/src/expr/bitwise.c @@ -199,29 +199,26 @@ static int nft_rule_expr_bitwise_snprintf_xml(char *buf, size_t size, struct nft_expr_bitwise *bitwise) { - int len = size, offset = 0, ret, i; + int len = size, offset = 0, ret; ret = snprintf(buf, len, "\t\t%u " "%u ", - bitwise->sreg, bitwise->dreg); + bitwise->sreg, bitwise->dreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = snprintf(buf+offset, len, ""); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - for (i=0; imask.len/sizeof(uint32_t); i++) { - ret = snprintf(buf+offset, len, "%.8x ", - bitwise->mask.val[i]); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - } + ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->mask, + NFT_RULE_O_XML, 0, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = snprintf(buf+offset, len, " "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - for (i=0; ixor.len/sizeof(uint32_t); i++) { - ret = snprintf(buf+offset, len, "%.8x ", bitwise->xor.val[i]); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - } + ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->xor, + NFT_RULE_O_XML, 0, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = snprintf(buf+offset, len, " "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); @@ -231,29 +228,27 @@ nft_rule_expr_bitwise_snprintf_xml(char *buf, size_t size, static int nft_rule_expr_bitwise_snprintf_default(char *buf, size_t size, - struct nft_expr_bitwise *bitwise) + struct nft_expr_bitwise *bitwise) { - int len = size, offset = 0, ret, i; + int len = size, offset = 0, ret; ret = snprintf(buf, len, "sreg=%u dreg=%u ", - bitwise->sreg, bitwise->dreg); + bitwise->sreg, bitwise->dreg); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = snprintf(buf+offset, len, " mask="); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - for (i=0; imask.len/sizeof(uint32_t); i++) { - ret = snprintf(buf+offset, len, "%.8x ", bitwise->mask.val[i]); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - } + ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->mask, + NFT_RULE_O_DEFAULT, 0, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); ret = snprintf(buf+offset, len, " xor="); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - for (i=0; ixor.len/sizeof(uint32_t); i++) { - ret = snprintf(buf+offset, len, "%.8x ", bitwise->xor.val[i]); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - } + ret = nft_data_reg_snprintf(buf+offset, len, &bitwise->xor, + NFT_RULE_O_DEFAULT, 0, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); return offset; } diff --git a/src/expr/cmp.c b/src/expr/cmp.c index 429f024..6b5a3a2 100644 --- a/src/expr/cmp.c +++ b/src/expr/cmp.c @@ -169,18 +169,17 @@ static char *expr_cmp_str[] = { static int nft_rule_expr_cmp_snprintf_xml(char *buf, size_t size, struct nft_expr_cmp *cmp) { - int len = size, offset = 0, ret, i; + int len = size, offset = 0, ret; - ret = snprintf(buf, len, "\t\t%u %s ", - cmp->sreg, expr_cmp_str[cmp->op]); + ret = snprintf(buf, len, "\t\t%u %s ", + cmp->sreg, expr_cmp_str[cmp->op]); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - for (i=0; idata.len/sizeof(uint32_t); i++) { - ret = snprintf(buf+offset, len, "%.8x ", cmp->data.val[i]); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - } + ret = nft_data_reg_snprintf(buf+offset, len, &cmp->data, + NFT_RULE_O_XML, 0, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - ret = snprintf(buf+offset, len, " "); + ret = snprintf(buf+offset, len, " "); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); return offset; @@ -190,16 +189,16 @@ static int nft_rule_expr_cmp_snprintf_default(char *buf, size_t size, struct nft_expr_cmp *cmp) { - int len = size, offset = 0, ret, i; + int len = size, offset = 0, ret; ret = snprintf(buf, len, "sreg=%u op=%s data=", - cmp->sreg, expr_cmp_str[cmp->op]); + cmp->sreg, expr_cmp_str[cmp->op]); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = nft_data_reg_snprintf(buf+offset, len, &cmp->data, + NFT_RULE_O_DEFAULT, 0, DATA_VALUE); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - for (i=0; idata.len/sizeof(uint32_t); i++) { - ret = snprintf(buf+offset, len, "%.8x ", cmp->data.val[i]); - SNPRINTF_BUFFER_SIZE(ret, size, len, offset); - } return offset; } diff --git a/src/expr/data_reg.c b/src/expr/data_reg.c index 5b14695..78c7d49 100644 --- a/src/expr/data_reg.c +++ b/src/expr/data_reg.c @@ -18,10 +18,105 @@ #include #include #include +#include #include "expr_ops.h" #include "data_reg.h" #include "internal.h" +static int nft_data_reg_value_snprintf_xml(char *buf, size_t size, + union nft_data_reg *reg, + uint32_t flags) +{ + int len = size, offset = 0, ret, i, j; + uint8_t *tmp; + int data_len = reg->len/sizeof(uint32_t); + + ret = snprintf(buf, len, ""); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + ret = snprintf(buf+offset, len, "%d", data_len); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + for (i=0; i0x", i); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + tmp = (uint8_t *)®->val[i]; + + for (j=0; j", i); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, ""); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + +static int +nft_data_reg_value_snprintf_default(char *buf, size_t size, + union nft_data_reg *reg, uint32_t flags) +{ + int len = size, offset = 0, ret, i; + + for (i=0; ilen/sizeof(uint32_t); i++) { + ret = snprintf(buf+offset, len, "0x%.8x ", reg->val[i]); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + return offset; +} + +int nft_data_reg_snprintf(char *buf, size_t size, union nft_data_reg *reg, + uint32_t output_format, uint32_t flags, int reg_type) +{ + switch(reg_type) { + case DATA_VALUE: + switch(output_format) { + case NFT_RULE_O_XML: + return nft_data_reg_value_snprintf_xml(buf, size, + reg, flags); + case NFT_RULE_O_DEFAULT: + return nft_data_reg_value_snprintf_default(buf, size, + reg, flags); + default: + break; + } + case DATA_VERDICT: + switch(output_format) { + case NFT_RULE_O_XML: + return snprintf(buf, size, + "" + "%d" + "", reg->verdict); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, size, "verdict=%d", reg->verdict); + default: + break; + } + case DATA_CHAIN: + switch(output_format) { + case NFT_RULE_O_XML: + return snprintf(buf, size, + "" + "%s" + "", reg->chain); + case NFT_RULE_O_DEFAULT: + return snprintf(buf, size, "chain=%s", reg->chain); + default: + break; + } + default: + break; + } + return -1; +} + static int nft_data_parse_cb(const struct nlattr *attr, void *data) { const struct nlattr **tb = data; diff --git a/src/expr/data_reg.h b/src/expr/data_reg.h index 00eab63..1552c1e 100644 --- a/src/expr/data_reg.h +++ b/src/expr/data_reg.h @@ -18,6 +18,9 @@ union nft_data_reg { }; }; +int nft_data_reg_snprintf(char *buf, size_t size, union nft_data_reg *reg, + uint32_t output_format, uint32_t flags, int reg_type); +int nft_data_reg_xml_parse(union nft_data_reg *reg, char *xml); int nft_parse_data(union nft_data_reg *data, struct nlattr *attr, int *type); #endif diff --git a/src/expr/immediate.c b/src/expr/immediate.c index 496cbfd..082db76 100644 --- a/src/expr/immediate.c +++ b/src/expr/immediate.c @@ -196,19 +196,77 @@ nft_rule_expr_immediate_parse(struct nft_rule_expr *e, struct nlattr *attr) } static int -nft_rule_expr_immediate_snprintf(char *buf, size_t len, uint32_t type, - uint32_t flags, struct nft_rule_expr *e) +nft_rule_expr_immediate_snprintf_xml(char *buf, size_t len, + struct nft_rule_expr *e, uint32_t flags) +{ + int size = len, offset = 0, ret; + struct nft_expr_immediate *imm = (struct nft_expr_immediate *)e->data; + + ret = snprintf(buf, len, "\t\t%u" + "\n\t\t", imm->dreg); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + + if (e->flags & (1 << NFT_EXPR_IMM_DATA)) { + ret = nft_data_reg_snprintf(buf+offset, len, &imm->data, + NFT_RULE_O_XML, flags, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + } else if (e->flags & (1 << NFT_EXPR_IMM_VERDICT)) { + ret = nft_data_reg_snprintf(buf+offset, len, &imm->data, + NFT_RULE_O_XML, flags, DATA_VERDICT); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + } else if (e->flags & (1 << NFT_EXPR_IMM_CHAIN)) { + ret = nft_data_reg_snprintf(buf+offset, len, &imm->data, + NFT_RULE_O_XML, flags, DATA_CHAIN); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + ret = snprintf(buf+offset, len, ""); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + return offset; +} + +static int +nft_rule_expr_immediate_snprintf_default(char *buf, size_t len, + struct nft_rule_expr *e, uint32_t flags) { + int size = len, offset = 0, ret; struct nft_expr_immediate *imm = (struct nft_expr_immediate *)e->data; + ret = snprintf(buf, len, "dreg=%u", imm->dreg); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + if (e->flags & (1 << NFT_EXPR_IMM_DATA)) { + ret = nft_data_reg_snprintf(buf+offset, len, &imm->data, + NFT_RULE_O_DEFAULT, flags, DATA_VALUE); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + } else if (e->flags & (1 << NFT_EXPR_IMM_VERDICT)) { + ret = nft_data_reg_snprintf(buf+offset, len, &imm->data, + NFT_RULE_O_DEFAULT, flags, DATA_VERDICT); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + + } else if (e->flags & (1 << NFT_EXPR_IMM_CHAIN)) { + ret = nft_data_reg_snprintf(buf+offset, len, &imm->data, + NFT_RULE_O_DEFAULT, flags, DATA_CHAIN); + SNPRINTF_BUFFER_SIZE(ret, size, len, offset); + } + + return offset; +} + +static int +nft_rule_expr_immediate_snprintf(char *buf, size_t len, uint32_t type, + uint32_t flags, struct nft_rule_expr *e) +{ switch(type) { case NFT_RULE_O_XML: - return snprintf(buf, len, "\t\t%u" - " %u ", - imm->dreg, imm->data.val[0]); + return nft_rule_expr_immediate_snprintf_xml(buf, len, e, flags); case NFT_RULE_O_DEFAULT: - return snprintf(buf, len, "dreg=%u data=%u ", - imm->dreg, imm->data.val[0]); + return nft_rule_expr_immediate_snprintf_default(buf, len, e, flags); default: break; } -- cgit v1.2.3