path: root/src/cli.c
diff options
authorPhil Sutter <>2017-10-23 17:33:18 +0200
committerPablo Neira Ayuso <>2017-10-24 15:23:55 +0200
commit4c15b4008c249b768ca1ec958747a9033f8235b9 (patch)
tree5e62190b7a72d995e7a0607d246c978b4a253a02 /src/cli.c
parent2a3f699d99898c50c51987f8fb64cd5b11ad0dd6 (diff)
cli: Use nft_run_cmd_from_buffer()
Make CLI code adhere to intended libnftables API by not open coding what nft_run_cmd_from_buffer() does. This way, nft_run() has no users outside of src/libnftables.c anymore and therefore can become static. Since nft_run_cmd_from_buffer() takes care of scanner initialization and libmnl socket passed to cli_init() is present as nft_ctx field as well, signature of cli_init() can be reduced to just take nft_ctx pointer as single argument. Note that this change introduces two (possibly unwanted) side-effects: * Input descriptor passed to scanner_push_buffer() is changed from the CLI-specific one to the one used by nft_run_cmd_from_buffer(). In practice though, this doesn't make a difference: input descriptor types INDESC_CLI and INDESC_BUFFER are treated equally by erec_print(). Also, scanner_push_buffer() NULLs input descriptor name, so that is not used at all in latter code. * Error messages are printed to stderr instead of cli_nft->output. This could be fixed by introducing an 'error_output' field in nft_ctx for nft_run_cmd_from_buffer() to use when printing error messages. Signed-off-by: Phil Sutter <> Signed-off-by: Pablo Neira Ayuso <>
Diffstat (limited to 'src/cli.c')
1 files changed, 2 insertions, 19 deletions
diff --git a/src/cli.c b/src/cli.c
index 3174cfed..37351f2f 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -35,15 +35,7 @@
#define CMDLINE_HISTFILE ".nft.history"
-static const struct input_descriptor indesc_cli = {
- .type = INDESC_CLI,
- .name = "<cli>",
-static struct parser_state *state;
static struct nft_ctx *cli_nft;
-static struct mnl_socket *cli_nf_sock;
-static void *scanner;
static char histfile[PATH_MAX];
static char *multiline;
static bool eof;
@@ -134,11 +126,7 @@ static void cli_complete(char *line)
line = s;
- parser_init(cli_nf_sock, &cli_nft->cache, state, &msgs,
- cli_nft->debug_mask, &cli_nft->output);
- scanner_push_buffer(scanner, &indesc_cli, line);
- nft_run(cli_nft, cli_nf_sock, scanner, state, &msgs);
- erec_print_list(&cli_nft->output, &msgs, cli_nft->debug_mask);
+ nft_run_cmd_from_buffer(cli_nft, line, len + 2);
@@ -148,12 +136,10 @@ static char **cli_completion(const char *text, int start, int end)
return NULL;
-int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- struct parser_state *_state)
+int cli_init(struct nft_ctx *nft)
const char *home;
- cli_nf_sock = nf_sock;
cli_nft = nft;
rl_readline_name = "nft";
rl_instream = stdin;
@@ -170,9 +156,6 @@ int cli_init(struct nft_ctx *nft, struct mnl_socket *nf_sock,
- state = _state;
- scanner = scanner_init(state);
while (!eof)
return 0;