diff options
| author | Phil Sutter <phil@nwl.cc> | 2018-05-08 13:08:37 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-05-11 12:16:59 +0200 |
| commit | e70354f53e9f6be4a4be31dbc46c5e23291d3587 (patch) | |
| tree | 8d0bb763d9e80c5eb33e899666552e2bd414053b /include | |
| parent | e77b31f53a61a8995cd6baf91a6e557260f401bd (diff) | |
libnftables: Implement JSON output support
Although technically there already is support for JSON output via 'nft
export json' command, it is hardly useable since it exports all the gory
details of nftables VM. Also, libnftables has no control over what is
exported since the content comes directly from libnftnl.
Instead, implement JSON format support for regular 'nft list' commands.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'include')
| -rw-r--r-- | include/datatype.h | 4 | ||||
| -rw-r--r-- | include/expression.h | 3 | ||||
| -rw-r--r-- | include/gmputil.h | 1 | ||||
| -rw-r--r-- | include/json.h | 161 | ||||
| -rw-r--r-- | include/nftables.h | 1 | ||||
| -rw-r--r-- | include/nftables/libnftables.h | 2 | ||||
| -rw-r--r-- | include/statement.h | 3 |
7 files changed, 175 insertions, 0 deletions
diff --git a/include/datatype.h b/include/datatype.h index 56892ddc..b641f0ed 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -1,6 +1,8 @@ #ifndef NFTABLES_DATATYPE_H #define NFTABLES_DATATYPE_H +#include <json.h> + /** * enum datatypes * @@ -149,6 +151,8 @@ struct datatype { const char *basefmt; void (*print)(const struct expr *expr, struct output_ctx *octx); + json_t *(*json)(const struct expr *expr, + struct output_ctx *octx); struct error_record *(*parse)(const struct expr *sym, struct expr **res); const struct symbol_table *sym_tbl; diff --git a/include/expression.h b/include/expression.h index 23d6bd23..15af35e8 100644 --- a/include/expression.h +++ b/include/expression.h @@ -9,6 +9,7 @@ #include <datatype.h> #include <utils.h> #include <list.h> +#include <json.h> /** * enum expr_types @@ -154,6 +155,8 @@ struct expr_ops { enum byteorder byteorder); void (*print)(const struct expr *expr, struct output_ctx *octx); + json_t *(*json)(const struct expr *expr, + struct output_ctx *octx); bool (*cmp)(const struct expr *e1, const struct expr *e2); void (*pctx_update)(struct proto_ctx *ctx, diff --git a/include/gmputil.h b/include/gmputil.h index 084aa622..73959c17 100644 --- a/include/gmputil.h +++ b/include/gmputil.h @@ -13,6 +13,7 @@ extern int mpz_vfprintf(FILE *fp, const char *format, va_list args); #define gmp_vfprintf mpz_vfprintf #endif +#include <inttypes.h> #include <asm/byteorder.h> enum mpz_word_order { diff --git a/include/json.h b/include/json.h new file mode 100644 index 00000000..579bd5df --- /dev/null +++ b/include/json.h @@ -0,0 +1,161 @@ +#ifndef NFTABLES_JSON_H +#define NFTABLES_JSON_H + +struct chain; +struct cmd; +struct expr; +struct netlink_ctx; +struct rule; +struct set; +struct stmt; +struct symbol_table; +struct table; + +#ifdef HAVE_LIBJANSSON + +#include <jansson.h> + +json_t *binop_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *relational_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *range_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *meta_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *payload_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *ct_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *concat_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *set_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *set_ref_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *set_elem_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *prefix_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *list_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *unary_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *mapping_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *map_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *exthdr_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *verdict_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *rt_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *numgen_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *hash_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *fib_expr_json(const struct expr *expr, struct output_ctx *octx); +json_t *constant_expr_json(const struct expr *expr, struct output_ctx *octx); + +json_t *integer_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *string_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *boolean_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *inet_protocol_type_json(const struct expr *expr, + struct output_ctx *octx); +json_t *inet_service_type_json(const struct expr *expr, + struct output_ctx *octx); +json_t *mark_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *devgroup_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *ct_label_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *time_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *uid_type_json(const struct expr *expr, struct output_ctx *octx); +json_t *gid_type_json(const struct expr *expr, struct output_ctx *octx); + +json_t *expr_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *payload_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *exthdr_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *quota_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *ct_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *limit_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *fwd_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *notrack_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *dup_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *meta_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *nat_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *reject_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *counter_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *set_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *log_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *objref_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *meter_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *queue_stmt_json(const struct stmt *stmt, struct output_ctx *octx); +json_t *verdict_stmt_json(const struct stmt *stmt, struct output_ctx *octx); + +int do_command_list_json(struct netlink_ctx *ctx, struct cmd *cmd); + +#else /* ! HAVE_LIBJANSSON */ + +typedef void json_t; + +#define JSON_PRINT_STUB(name, arg1_t, arg2_t) \ +static inline json_t *name##_json(arg1_t arg1, arg2_t arg2) { return NULL; } + +#define EXPR_PRINT_STUB(name) \ + JSON_PRINT_STUB(name, const struct expr *, struct output_ctx *) +#define STMT_PRINT_STUB(name) \ + JSON_PRINT_STUB(name##_stmt, const struct stmt *, struct output_ctx *) + +EXPR_PRINT_STUB(binop_expr) +EXPR_PRINT_STUB(relational_expr) +EXPR_PRINT_STUB(range_expr) +EXPR_PRINT_STUB(meta_expr) +EXPR_PRINT_STUB(payload_expr) +EXPR_PRINT_STUB(ct_expr) +EXPR_PRINT_STUB(concat_expr) +EXPR_PRINT_STUB(set_expr) +EXPR_PRINT_STUB(set_ref_expr) +EXPR_PRINT_STUB(set_elem_expr) +EXPR_PRINT_STUB(prefix_expr) +EXPR_PRINT_STUB(list_expr) +EXPR_PRINT_STUB(unary_expr) +EXPR_PRINT_STUB(mapping_expr) +EXPR_PRINT_STUB(map_expr) +EXPR_PRINT_STUB(exthdr_expr) +EXPR_PRINT_STUB(verdict_expr) +EXPR_PRINT_STUB(rt_expr) +EXPR_PRINT_STUB(numgen_expr) +EXPR_PRINT_STUB(hash_expr) +EXPR_PRINT_STUB(fib_expr) +EXPR_PRINT_STUB(constant_expr) + +EXPR_PRINT_STUB(integer_type) +EXPR_PRINT_STUB(string_type) +EXPR_PRINT_STUB(boolean_type) +EXPR_PRINT_STUB(inet_protocol_type) +EXPR_PRINT_STUB(inet_service_type) +EXPR_PRINT_STUB(mark_type) +EXPR_PRINT_STUB(devgroup_type) +EXPR_PRINT_STUB(ct_label_type) +EXPR_PRINT_STUB(time_type) +EXPR_PRINT_STUB(uid_type) +EXPR_PRINT_STUB(gid_type) + +STMT_PRINT_STUB(expr) +STMT_PRINT_STUB(payload) +STMT_PRINT_STUB(exthdr) +STMT_PRINT_STUB(quota) +STMT_PRINT_STUB(ct) +STMT_PRINT_STUB(limit) +STMT_PRINT_STUB(fwd) +STMT_PRINT_STUB(notrack) +STMT_PRINT_STUB(dup) +STMT_PRINT_STUB(meta) +STMT_PRINT_STUB(nat) +STMT_PRINT_STUB(reject) +STMT_PRINT_STUB(counter) +STMT_PRINT_STUB(set) +STMT_PRINT_STUB(log) +STMT_PRINT_STUB(objref) +STMT_PRINT_STUB(meter) +STMT_PRINT_STUB(queue) +STMT_PRINT_STUB(verdict) + +#undef STMT_PRINT_STUB +#undef EXPR_PRINT_STUB +#undef JSON_PRINT_STUB + +static inline json_t *symbolic_constant_json(const struct symbol_table *tbl, + const struct expr *expr) +{ + return NULL; +} + +static inline int do_command_list_json(struct netlink_ctx *ctx, struct cmd *cmd) +{ + return -1; +} + +#endif /* HAVE_LIBJANSSON */ + +#endif /* NFTABLES_JSON_H */ diff --git a/include/nftables.h b/include/nftables.h index 661c1e17..f88d0530 100644 --- a/include/nftables.h +++ b/include/nftables.h @@ -21,6 +21,7 @@ struct output_ctx { unsigned int ip2name; unsigned int handle; unsigned int echo; + unsigned int json; union { FILE *output_fp; struct cookie output_cookie; diff --git a/include/nftables/libnftables.h b/include/nftables/libnftables.h index 652e0ca9..4bfdaf9a 100644 --- a/include/nftables/libnftables.h +++ b/include/nftables/libnftables.h @@ -55,6 +55,8 @@ bool nft_ctx_output_get_handle(struct nft_ctx *ctx); void nft_ctx_output_set_handle(struct nft_ctx *ctx, bool val); bool nft_ctx_output_get_echo(struct nft_ctx *ctx); void nft_ctx_output_set_echo(struct nft_ctx *ctx, bool val); +bool nft_ctx_output_get_json(struct nft_ctx *ctx); +void nft_ctx_output_set_json(struct nft_ctx *ctx, bool val); FILE *nft_ctx_set_output(struct nft_ctx *ctx, FILE *fp); int nft_ctx_buffer_output(struct nft_ctx *ctx); diff --git a/include/statement.h b/include/statement.h index 2c6d0dfa..de26549b 100644 --- a/include/statement.h +++ b/include/statement.h @@ -3,6 +3,7 @@ #include <list.h> #include <expression.h> +#include <json.h> extern struct stmt *expr_stmt_alloc(const struct location *loc, struct expr *expr); @@ -289,6 +290,8 @@ struct stmt_ops { void (*destroy)(struct stmt *stmt); void (*print)(const struct stmt *stmt, struct output_ctx *octx); + json_t *(*json)(const struct stmt *stmt, + struct output_ctx *octx); }; enum stmt_flags { |