diff options
| author | Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> | 2014-01-23 17:42:34 +0000 |
|---|---|---|
| committer | Patrick McHardy <kaber@trash.net> | 2014-01-23 17:42:34 +0000 |
| commit | cb86c1691c6900881b43229c07779412ffc48154 (patch) | |
| tree | 4017d9fa5d34d883f2c432d84e91ce86df53c879 /include | |
| parent | 2f61f093c3149465f2a68764b25c817adbe87fcd (diff) | |
ruleset: add XML/JSON export
This patch adds the following operation:
:~# nft export <xml|json>
The XML/JSON output is provided raw by libnftnl, thus without format.
In case of XML, you can give format with the `xmllint' tool from libxml2-tools:
:~# nft list ruleset xml | xmllint --format -
In case of JSON, you can use `json_pp' from perl standar package:
:~# nft list ruleset json | json_pp
A format field is added in struct cmd, and it will be reused in the import
operation.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'include')
| -rw-r--r-- | include/mnl.h | 2 | ||||
| -rw-r--r-- | include/netlink.h | 3 | ||||
| -rw-r--r-- | include/rule.h | 6 |
3 files changed, 11 insertions, 0 deletions
diff --git a/include/mnl.h b/include/mnl.h index a6306058..f4de27db 100644 --- a/include/mnl.h +++ b/include/mnl.h @@ -65,4 +65,6 @@ int mnl_nft_setelem_delete(struct mnl_socket *nf_sock, struct nft_set *nls, unsigned int flags); int mnl_nft_setelem_get(struct mnl_socket *nf_sock, struct nft_set *nls); +struct nft_ruleset *mnl_nft_ruleset_dump(struct mnl_socket *nf_sock, + uint32_t family); #endif /* _NFTABLES_MNL_H_ */ diff --git a/include/netlink.h b/include/netlink.h index 3f8d465c..84b24877 100644 --- a/include/netlink.h +++ b/include/netlink.h @@ -136,4 +136,7 @@ extern int netlink_batch_send(struct list_head *err_list); extern int netlink_io_error(struct netlink_ctx *ctx, const struct location *loc, const char *fmt, ...); +extern struct nft_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx, + const struct handle *h, + const struct location *loc); #endif /* NFTABLES_NETLINK_H */ diff --git a/include/rule.h b/include/rule.h index 30a4d12c..47dd6ab9 100644 --- a/include/rule.h +++ b/include/rule.h @@ -205,6 +205,7 @@ extern void set_print(const struct set *set); * @CMD_LIST: list container * @CMD_FLUSH: flush container * @CMD_RENAME: rename object + * @CMD_EXPORT: export the ruleset in a given format */ enum cmd_ops { CMD_INVALID, @@ -215,6 +216,7 @@ enum cmd_ops { CMD_LIST, CMD_FLUSH, CMD_RENAME, + CMD_EXPORT, }; /** @@ -227,6 +229,7 @@ enum cmd_ops { * @CMD_OBJ_RULE: rule * @CMD_OBJ_CHAIN: chain * @CMD_OBJ_TABLE: table + * @CMD_OBJ_RULESET: ruleset */ enum cmd_obj { CMD_OBJ_INVALID, @@ -236,6 +239,7 @@ enum cmd_obj { CMD_OBJ_RULE, CMD_OBJ_CHAIN, CMD_OBJ_TABLE, + CMD_OBJ_RULESET, }; /** @@ -249,6 +253,7 @@ enum cmd_obj { * @seqnum: sequence number to match netlink errors * @union: object * @arg: argument data + * @format: info about the export/import format */ struct cmd { struct list_head list; @@ -266,6 +271,7 @@ struct cmd { struct table *table; }; const void *arg; + uint32_t format; }; extern struct cmd *cmd_alloc(enum cmd_ops op, enum cmd_obj obj, |