diff options
author | Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> | 2014-01-23 17:42:34 +0000 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2014-01-23 17:42:34 +0000 |
commit | cb86c1691c6900881b43229c07779412ffc48154 (patch) | |
tree | 4017d9fa5d34d883f2c432d84e91ce86df53c879 /src/parser.y | |
parent | 2f61f093c3149465f2a68764b25c817adbe87fcd (diff) |
ruleset: add XML/JSON export
This patch adds the following operation:
:~# nft export <xml|json>
The XML/JSON output is provided raw by libnftnl, thus without format.
In case of XML, you can give format with the `xmllint' tool from libxml2-tools:
:~# nft list ruleset xml | xmllint --format -
In case of JSON, you can use `json_pp' from perl standar package:
:~# nft list ruleset json | json_pp
A format field is added in struct cmd, and it will be reused in the import
operation.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'src/parser.y')
-rw-r--r-- | src/parser.y | 23 |
1 files changed, 21 insertions, 2 deletions
diff --git a/src/parser.y b/src/parser.y index cd9ade14..24f022a5 100644 --- a/src/parser.y +++ b/src/parser.y @@ -18,6 +18,7 @@ #include <linux/netfilter.h> #include <linux/netfilter/nf_tables.h> #include <linux/netfilter/nf_conntrack_tuple_common.h> +#include <libnftnl/common.h> #include <rule.h> #include <statement.h> @@ -176,6 +177,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token FLUSH "flush" %token RENAME "rename" %token DESCRIBE "describe" +%token EXPORT "export" %token ACCEPT "accept" %token DROP "drop" @@ -346,14 +348,17 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token POSITION "position" +%token XML "xml" +%token JSON "json" + %type <string> identifier string %destructor { xfree($$); } identifier string %type <cmd> line %destructor { cmd_free($$); } line -%type <cmd> base_cmd add_cmd create_cmd insert_cmd delete_cmd list_cmd flush_cmd rename_cmd -%destructor { cmd_free($$); } base_cmd add_cmd create_cmd insert_cmd delete_cmd list_cmd flush_cmd rename_cmd +%type <cmd> base_cmd add_cmd create_cmd insert_cmd delete_cmd list_cmd flush_cmd rename_cmd export_cmd +%destructor { cmd_free($$); } base_cmd add_cmd create_cmd insert_cmd delete_cmd list_cmd flush_cmd rename_cmd export_cmd %type <handle> table_spec tables_spec chain_spec chain_identifier ruleid_spec %destructor { handle_free(&$$); } table_spec tables_spec chain_spec chain_identifier ruleid_spec @@ -476,6 +481,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %destructor { expr_free($$); } ct_expr %type <val> ct_key +%type <val> export_format + %% input : /* empty */ @@ -544,6 +551,7 @@ base_cmd : /* empty */ add_cmd { $$ = $1; } | LIST list_cmd { $$ = $2; } | FLUSH flush_cmd { $$ = $2; } | RENAME rename_cmd { $$ = $2; } + | EXPORT export_cmd { $$ = $2; } | DESCRIBE primary_expr { expr_describe($2); @@ -703,6 +711,14 @@ rename_cmd : CHAIN chain_spec identifier } ; +export_cmd : export_format + { + struct handle h = { .family = NFPROTO_UNSPEC }; + $$ = cmd_alloc(CMD_EXPORT, CMD_OBJ_RULESET, &h, &@$, NULL); + $$->format = $1; + } + ; + table_block_alloc : /* empty */ { $$ = table_alloc(); @@ -1914,4 +1930,7 @@ mh_hdr_field : NEXTHDR { $$ = MHHDR_NEXTHDR; } | CHECKSUM { $$ = MHHDR_CHECKSUM; } ; +export_format : XML { $$ = NFT_OUTPUT_XML; } + | JSON { $$ = NFT_OUTPUT_JSON; } + ; %% |