diff options
author | Eric Jallot <ejallot@gmail.com> | 2019-10-30 18:06:19 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2019-10-31 14:16:42 +0100 |
commit | 81c51fc1ab699fb6e417ada77221657ca34efd0b (patch) | |
tree | a0deb244f9e69ba8b6013162a1293cc2ec517de2 /src/rule.c | |
parent | 909e297ed430c3d7be0ad06bb002913e766115f1 (diff) |
src: flowtable: add support for named flowtable listing
This patch allows you to dump a named flowtable.
# nft list flowtable inet t f
table inet t {
flowtable f {
hook ingress priority filter + 10
devices = { eth0, eth1 }
}
}
Also:
libnftables-json.adoc: fix missing quotes.
Fixes: db0697ce7f60 ("src: support for flowtable listing")
Fixes: 872f373dc50f ("doc: Add JSON schema documentation")
Signed-off-by: Eric Jallot <ejallot@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/rule.c')
-rw-r--r-- | src/rule.c | 64 |
1 files changed, 60 insertions, 4 deletions
@@ -105,7 +105,7 @@ void handle_free(struct handle *h) xfree(h->table.name); xfree(h->chain.name); xfree(h->set.name); - xfree(h->flowtable); + xfree(h->flowtable.name); xfree(h->obj.name); } @@ -125,8 +125,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->set.name = xstrdup(src->set.name); dst->set.location = src->set.location; } - if (dst->flowtable == NULL && src->flowtable != NULL) - dst->flowtable = xstrdup(src->flowtable); + if (dst->flowtable.name == NULL && src->flowtable.name != NULL) + dst->flowtable.name = xstrdup(src->flowtable.name); if (dst->obj.name == NULL && src->obj.name != NULL) dst->obj.name = xstrdup(src->obj.name); if (dst->handle.id == 0) @@ -2156,7 +2156,7 @@ static void flowtable_print_declaration(const struct flowtable *flowtable, if (opts->table != NULL) nft_print(octx, " %s", opts->table); - nft_print(octx, " %s {%s", flowtable->handle.flowtable, opts->nl); + nft_print(octx, " %s {%s", flowtable->handle.flowtable.name, opts->nl); nft_print(octx, "%s%shook %s priority %s%s", opts->tab, opts->tab, @@ -2193,6 +2193,60 @@ void flowtable_print(const struct flowtable *s, struct output_ctx *octx) do_flowtable_print(s, &opts, octx); } +struct flowtable *flowtable_lookup(const struct table *table, const char *name) +{ + struct flowtable *ft; + + list_for_each_entry(ft, &table->flowtables, list) { + if (!strcmp(ft->handle.flowtable.name, name)) + return ft; + } + return NULL; +} + +struct flowtable *flowtable_lookup_fuzzy(const char *ft_name, + const struct nft_cache *cache, + const struct table **t) +{ + struct string_misspell_state st; + struct table *table; + struct flowtable *ft; + + string_misspell_init(&st); + + list_for_each_entry(table, &cache->list, list) { + list_for_each_entry(ft, &table->flowtables, list) { + if (!strcmp(ft->handle.flowtable.name, ft_name)) { + *t = table; + return ft; + } + if (string_misspell_update(ft->handle.flowtable.name, + ft_name, ft, &st)) + *t = table; + } + } + return st.obj; +} + +static int do_list_flowtable(struct netlink_ctx *ctx, struct cmd *cmd, + struct table *table) +{ + struct flowtable *ft; + + ft = flowtable_lookup(table, cmd->handle.flowtable.name); + if (ft == NULL) + return -1; + + nft_print(&ctx->nft->output, "table %s %s {\n", + family2str(table->handle.family), + table->handle.table.name); + + flowtable_print(ft, &ctx->nft->output); + nft_print(&ctx->nft->output, "}\n"); + + return 0; +} + static int do_list_flowtables(struct netlink_ctx *ctx, struct cmd *cmd) { struct print_fmt_options opts = { @@ -2388,6 +2442,8 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_OBJ_SYNPROXY: case CMD_OBJ_SYNPROXYS: return do_list_obj(ctx, cmd, NFT_OBJECT_SYNPROXY); + case CMD_OBJ_FLOWTABLE: + return do_list_flowtable(ctx, cmd, table); case CMD_OBJ_FLOWTABLES: return do_list_flowtables(ctx, cmd); default: |