summaryrefslogtreecommitdiffstats
path: root/src/parser_bison.y
diff options
context:
space:
mode:
authorShyam Saini <mayhs11saini@gmail.com>2017-12-05 19:37:34 +0530
committerPablo Neira Ayuso <pablo@netfilter.org>2018-01-17 13:46:30 +0100
commit2fa54d8a49352bda44d3e25d1d7ba3531faf3303 (patch)
tree55182570ad839f401ed4e4e3c39a28884652cd80 /src/parser_bison.y
parent9afd72a883e391e366a1d75bb4e1705357e078e9 (diff)
src: Add import command for low level json
This new operation allows to import low level virtual machine ruleset in json to make incremental changes using the parse functions of libnftnl. A basic way to test this new functionality is: $ cat file.json | nft import vm json where the file.json is a ruleset exported in low level json format. To export json rules in low level virtual machine format we need to specify "vm" token before json. See below $ nft export vm json and $ nft export/import json will do no operations. Same goes with "$nft monitor" Highly based on work from Alvaro Neira <alvaroneay@gmail.com> and Arturo Borrero <arturo@netfilter.org> Acked-by: Arturo Borrero Gonzalez <arturo@netfilter.org> Signed-off-by: Shyam Saini <mayhs11saini@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/parser_bison.y')
-rw-r--r--src/parser_bison.y44
1 files changed, 32 insertions, 12 deletions
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 6e85a628..009b801f 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -218,6 +218,7 @@ int nft_lex(void *, void *, void *);
%token FLUSH "flush"
%token RENAME "rename"
%token DESCRIBE "describe"
+%token IMPORT "import"
%token EXPORT "export"
%token MONITOR "monitor"
@@ -473,6 +474,7 @@ int nft_lex(void *, void *, void *);
%token XML "xml"
%token JSON "json"
+%token VM "vm"
%token NOTRACK "notrack"
@@ -492,8 +494,8 @@ int nft_lex(void *, void *, void *);
%type <cmd> line
%destructor { cmd_free($$); } line
-%type <cmd> base_cmd add_cmd replace_cmd create_cmd insert_cmd delete_cmd list_cmd reset_cmd flush_cmd rename_cmd export_cmd monitor_cmd describe_cmd
-%destructor { cmd_free($$); } base_cmd add_cmd replace_cmd create_cmd insert_cmd delete_cmd list_cmd reset_cmd flush_cmd rename_cmd export_cmd monitor_cmd describe_cmd
+%type <cmd> base_cmd add_cmd replace_cmd create_cmd insert_cmd delete_cmd list_cmd reset_cmd flush_cmd rename_cmd export_cmd monitor_cmd describe_cmd import_cmd
+%destructor { cmd_free($$); } base_cmd add_cmd replace_cmd create_cmd insert_cmd delete_cmd list_cmd reset_cmd flush_cmd rename_cmd export_cmd monitor_cmd describe_cmd import_cmd
%type <handle> table_spec chain_spec chain_identifier ruleid_spec handle_spec position_spec rule_position ruleset_spec
%destructor { handle_free(&$$); } table_spec chain_spec chain_identifier ruleid_spec handle_spec position_spec rule_position ruleset_spec
@@ -681,7 +683,7 @@ int nft_lex(void *, void *, void *);
%destructor { expr_free($$); } fib_expr
%type <val> fib_tuple fib_result fib_flag
-%type <val> export_format
+%type <val> markup_format
%type <string> monitor_event
%destructor { xfree($$); } monitor_event
%type <val> monitor_object monitor_format
@@ -812,6 +814,7 @@ base_cmd : /* empty */ add_cmd { $$ = $1; }
| RESET reset_cmd { $$ = $2; }
| FLUSH flush_cmd { $$ = $2; }
| RENAME rename_cmd { $$ = $2; }
+ | IMPORT import_cmd { $$ = $2; }
| EXPORT export_cmd { $$ = $2; }
| MONITOR monitor_cmd { $$ = $2; }
| DESCRIBE describe_cmd { $$ = $2; }
@@ -1181,18 +1184,34 @@ rename_cmd : CHAIN chain_spec identifier
}
;
-export_cmd : RULESET export_format
+import_cmd : RULESET markup_format
{
struct handle h = { .family = NFPROTO_UNSPEC };
- struct export *export = export_alloc($2);
- $$ = cmd_alloc(CMD_EXPORT, CMD_OBJ_EXPORT, &h, &@$, export);
+ struct markup *markup = markup_alloc($2);
+ $$ = cmd_alloc(CMD_IMPORT, CMD_OBJ_MARKUP, &h, &@$, markup);
}
- | export_format
+ | markup_format
{
struct handle h = { .family = NFPROTO_UNSPEC };
- struct export *export = export_alloc($1);
- $$ = cmd_alloc(CMD_EXPORT, CMD_OBJ_EXPORT, &h, &@$, export);
+ struct markup *markup = markup_alloc($1);
+ $$ = cmd_alloc(CMD_IMPORT, CMD_OBJ_MARKUP, &h, &@$, markup);
}
+ | JSON { $$ = NULL; }
+ ;
+
+export_cmd : RULESET markup_format
+ {
+ struct handle h = { .family = NFPROTO_UNSPEC };
+ struct markup *markup = markup_alloc($2);
+ $$ = cmd_alloc(CMD_EXPORT, CMD_OBJ_MARKUP, &h, &@$, markup);
+ }
+ | markup_format
+ {
+ struct handle h = { .family = NFPROTO_UNSPEC };
+ struct markup *markup = markup_alloc($1);
+ $$ = cmd_alloc(CMD_EXPORT, CMD_OBJ_MARKUP, &h, &@$, markup);
+ }
+ | JSON { $$ = NULL; }
;
monitor_cmd : monitor_event monitor_object monitor_format
@@ -1219,11 +1238,12 @@ monitor_object : /* empty */ { $$ = CMD_MONITOR_OBJ_ANY; }
;
monitor_format : /* empty */ { $$ = NFTNL_OUTPUT_DEFAULT; }
- | export_format
+ | markup_format
+ | JSON { $$ = NFTNL_OUTPUT_JSON; }
;
-export_format : XML { $$ = NFTNL_OUTPUT_XML; }
- | JSON { $$ = NFTNL_OUTPUT_JSON; }
+markup_format : XML { $$ = NFTNL_OUTPUT_XML; }
+ | VM JSON { $$ = NFTNL_OUTPUT_JSON; }
;
describe_cmd : primary_expr