From 8e7acbfae3017cd5f30e3b17ca16354f76b81b8a Mon Sep 17 00:00:00 2001 From: Arturo Borrero Date: Thu, 27 Jun 2013 18:56:38 +0200 Subject: src: xml: convert family values to string This patch translates family values to display a string: * ip if AF_INET * ip6 if AF_INET6 * bridge if AF_BRIDGE * arp if 0 Signed-off-by: Arturo Borrero Gonzalez Signed-off-by: Pablo Neira Ayuso --- src/Makefile.am | 3 ++- src/chain.c | 26 +++++++++++++++----------- src/expr/nat.c | 14 ++++++-------- src/internal.h | 3 +++ src/rule.c | 15 ++++++++------- src/table.c | 26 +++++++++++++------------- src/utils.c | 46 ++++++++++++++++++++++++++++++++++++++++++++++ 7 files changed, 93 insertions(+), 40 deletions(-) create mode 100644 src/utils.c (limited to 'src') diff --git a/src/Makefile.am b/src/Makefile.am index 4017720..4649646 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -4,7 +4,8 @@ lib_LTLIBRARIES = libnftables.la libnftables_la_LIBADD = ${LIBMNL_LIBS} ${LIBXML_LIBS} libnftables_la_LDFLAGS = -Wl,--version-script=$(srcdir)/libnftables.map \ -version-info $(LIBVERSION) -libnftables_la_SOURCES = table.c \ +libnftables_la_SOURCES = utils.c \ + table.c \ chain.c \ rule.c \ set.c \ diff --git a/src/chain.c b/src/chain.c index 301937b..e8f6c71 100644 --- a/src/chain.c +++ b/src/chain.c @@ -515,6 +515,7 @@ static int nft_chain_xml_parse(struct nft_chain *c, char *xml) char *endptr = NULL; uint64_t utmp; int64_t tmp; + int family; /* NOTE: all XML nodes are mandatory */ @@ -675,13 +676,14 @@ static int nft_chain_xml_parse(struct nft_chain *c, char *xml) mxmlDelete(tree); return -1; } - utmp = strtoull(node->child->value.opaque, &endptr, 10); - if (utmp > UINT8_MAX || utmp < 0 || *endptr) { + + family = nft_str2family(node->child->value.opaque); + if (family < 0) { mxmlDelete(tree); return -1; } - c->family = (uint32_t)utmp; + c->family = family; c->flags |= (1 << NFT_CHAIN_ATTR_FAMILY); mxmlDelete(tree); @@ -727,14 +729,14 @@ static int nft_chain_snprintf_json(char *buf, size_t size, struct nft_chain *c) "\"use\" : %d," "\"hooknum\" : \"%s\"," "\"policy\" : %d," - "\"family\" : %d" + "\"family\" : \"%s\"" "}" "}" "}", c->name, c->handle, c->bytes, c->packets, NFT_CHAIN_JSON_VERSION, c->type, c->table, c->prio, c->use, hooknum2str_array[c->hooknum], - c->policy, c->family); + c->policy, nft_family2str(c->family)); } static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c) @@ -749,22 +751,24 @@ static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c) "%d" "%s" "%d" - "%d" + "%s" "" "", c->name, c->handle, c->bytes, c->packets, NFT_CHAIN_XML_VERSION, c->type, c->table, c->prio, c->use, hooknum2str_array[c->hooknum], - c->policy, c->family); + c->policy, nft_family2str(c->family)); } -static int nft_chain_snprintf_default(char *buf, size_t size, struct nft_chain *c) +static int nft_chain_snprintf_default(char *buf, size_t size, + struct nft_chain *c) { - return snprintf(buf, size, "family=%u table=%s chain=%s type=%s " + return snprintf(buf, size, "family=%s table=%s chain=%s type=%s " "hook=%u prio=%d policy=%d use=%d " "packets=%lu bytes=%lu", - c->family, c->table, c->name, c->type, c->hooknum, - c->prio, c->policy, c->use, c->packets, c->bytes); + nft_family2str(c->family), c->table, c->name, c->type, + c->hooknum, c->prio, c->policy, c->use, c->packets, + c->bytes); } int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c, diff --git a/src/expr/nat.c b/src/expr/nat.c index 7c4cf37..2061618 100644 --- a/src/expr/nat.c +++ b/src/expr/nat.c @@ -213,6 +213,7 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, char *xml) mxml_node_t *node = NULL; uint64_t tmp; char *endptr; + int family; tree = mxmlLoadString(NULL, xml, MXML_OPAQUE_CALLBACK); if (tree == NULL) @@ -254,15 +255,13 @@ static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, char *xml) return -1; } - if (strcmp(node->child->value.opaque, "AF_INET") == 0) { - nat->family = AF_INET; - } else if (strcmp(node->child->value.opaque, "AF_INET6") == 0) { - nat->family = AF_INET6; - } else { + family = nft_str2family(node->child->value.opaque); + if (family < 0) { mxmlDelete(tree); return -1; } + nat->family = family; e->flags |= (1 << NFT_EXPR_NAT_FAMILY); /* Get and set . Not mandatory */ @@ -349,7 +348,7 @@ nft_rule_expr_nat_snprintf_xml(char *buf, size_t size, } ret = snprintf(buf+offset, len, "%s", - nat->family == AF_INET ? "AF_INET" : "AF_INET6"); + nft_family2str(nat->family)); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (e->flags & (1 << NFT_EXPR_NAT_REG_ADDR_MIN)) { @@ -389,8 +388,7 @@ nft_rule_expr_nat_snprintf_default(char *buf, size_t size, break; } - ret = snprintf(buf, len, "family=%s ", - nat->family == AF_INET ? "AF_INET" : "AF_INET6"); + ret = snprintf(buf, len, "family=%s ", nft_family2str(nat->family)); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); if (e->flags & (1 << NFT_EXPR_NAT_REG_ADDR_MIN)) { diff --git a/src/internal.h b/src/internal.h index fffca3d..23a3e59 100644 --- a/src/internal.h +++ b/src/internal.h @@ -23,6 +23,9 @@ #define NFT_TABLE_JSON_VERSION 0 #define NFT_CHAIN_JSON_VERSION 0 +const char *nft_family2str(uint32_t family); +int nft_str2family(const char *family); + struct expr_ops; struct nft_rule_expr { diff --git a/src/rule.c b/src/rule.c index 00f1026..e792169 100644 --- a/src/rule.c +++ b/src/rule.c @@ -486,6 +486,7 @@ static int nft_rule_xml_parse(struct nft_rule *r, char *xml) struct expr_ops *ops; char *endptr = NULL; uint64_t tmp; + int family; /* Load the tree */ tree = mxmlLoadString(NULL, xml, MXML_OPAQUE_CALLBACK); @@ -509,13 +510,13 @@ static int nft_rule_xml_parse(struct nft_rule *r, char *xml) return -1; } - tmp = strtoull(mxmlElementGetAttr(tree, "family"), &endptr, 10); - if (tmp > UINT8_MAX || tmp < 0 || *endptr) { + family = nft_str2family(mxmlElementGetAttr(tree, "family")); + if (family < 0) { mxmlDelete(tree); return -1; } - r->family = (uint8_t)tmp; + r->family = family; r->flags |= (1 << NFT_RULE_ATTR_FAMILY); /* get and set */ @@ -674,9 +675,9 @@ static int nft_rule_snprintf_xml(char *buf, size_t size, struct nft_rule *r, struct nft_rule_expr *expr; ret = snprintf(buf, size, - "", - r->family, r->table, r->chain, + nft_family2str(r->family), r->table, r->chain, (unsigned long long)r->handle, NFT_RULE_XML_VERSION); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); @@ -717,9 +718,9 @@ static int nft_rule_snprintf_default(char *buf, size_t size, struct nft_rule *r, struct nft_rule_expr *expr; int ret, len = size, offset = 0; - ret = snprintf(buf, size, "family=%u table=%s chain=%s handle=%llu " + ret = snprintf(buf, size, "family=%s table=%s chain=%s handle=%llu " "flags=%x ", - r->family, r->table, r->chain, + nft_family2str(r->family), r->table, r->chain, (unsigned long long)r->handle, r->rule_flags); SNPRINTF_BUFFER_SIZE(ret, size, len, offset); diff --git a/src/table.c b/src/table.c index 4533e23..dc0c2a1 100644 --- a/src/table.c +++ b/src/table.c @@ -232,6 +232,7 @@ static int nft_table_xml_parse(struct nft_table *t, char *xml) char *endptr = NULL; uint64_t tmp; int64_t stmp; + int family; /* NOTE: all XML nodes are mandatory */ @@ -275,13 +276,13 @@ static int nft_table_xml_parse(struct nft_table *t, char *xml) return -1; } - tmp = strtoull(node->child->value.opaque, &endptr, 10); - if (tmp > UINT32_MAX || *endptr || tmp < 0) { + family = nft_str2family(node->child->value.opaque); + if (family < 0) { mxmlDelete(tree); return -1; } - t->family = (uint32_t)tmp; + t->family = family; t->flags |= (1 << NFT_TABLE_ATTR_FAMILY); /* Get and set */ @@ -335,32 +336,31 @@ static int nft_table_snprintf_json(char *buf, size_t size, struct nft_table *t) "\"name\" : \"%s\"," "\"version\" : %d," "\"properties\" : {" - "\"family\" : %u," + "\"family\" : \"%s\"," "\"table_flags\" : %d" "}" "}" "}" , t->name, NFT_TABLE_JSON_VERSION, - t->family, t->table_flags); + nft_family2str(t->family), t->table_flags); } static int nft_table_snprintf_xml(char *buf, size_t size, struct nft_table *t) { - return snprintf(buf, size, - "" + return snprintf(buf, size, "
" "" - "%u" + "%s" "%d" "" - "
" , - t->name, NFT_TABLE_XML_VERSION, - t->family, t->table_flags); + "", + t->name, NFT_TABLE_XML_VERSION, + nft_family2str(t->family), t->table_flags); } static int nft_table_snprintf_default(char *buf, size_t size, struct nft_table *t) { - return snprintf(buf, size, "table=%s family=%u flags=%x", - t->name, t->family, t->table_flags); + return snprintf(buf, size, "table=%s family=%s flags=%x", + t->name, nft_family2str(t->family), t->table_flags); } int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, diff --git a/src/utils.c b/src/utils.c new file mode 100644 index 0000000..9416540 --- /dev/null +++ b/src/utils.c @@ -0,0 +1,46 @@ +/* + * (C) 2012-2013 by Pablo Neira Ayuso + * (C) 2013 by Arturo Borrero Gonzalez + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published + * by the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + */ + +#include +#include +#include +#include +#include +#include + +const char *nft_family2str(uint32_t family) +{ + switch (family) { + case AF_INET: + return "ip"; + case AF_INET6: + return "ip6"; + case AF_BRIDGE: + return "bridge"; + case 0: + return "arp"; + default: + return "unknown"; + } +} + +int nft_str2family(const char *family) +{ + if (strcmp(family, "ip") == 0) + return AF_INET; + else if (strcmp(family, "ip6") == 0) + return AF_INET6; + else if (strcmp(family, "bridge") == 0) + return AF_BRIDGE; + else if (strcmp(family, "arp") == 0) + return 0; + + return -1; +} -- cgit v1.2.3