diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-27 21:19:08 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-12-27 21:21:52 +0100 |
commit | c351f337b4e5c71b3551eef1d1b936d1e56b5601 (patch) | |
tree | 8801066320447f2547bf44331778b7a40a876efe /src | |
parent | 8d51f169e0e832a41d2ed278be903c08bd4fa473 (diff) |
src: remove deprecated code for export/import commands
Update parser to display this error message:
# nft export json
Error: JSON export is no longer supported, use 'nft -j list ruleset' instead
export json
^^^^^^^^^^^^
Just like:
# nft export vm json
Error: JSON export is no longer supported, use 'nft -j list ruleset' instead
export vm json
^^^^^^^^^^^^^^^
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/evaluate.c | 2 | ||||
-rw-r--r-- | src/mnl.c | 60 | ||||
-rw-r--r-- | src/netlink.c | 13 | ||||
-rw-r--r-- | src/parser_bison.y | 2 | ||||
-rw-r--r-- | src/rule.c | 45 |
5 files changed, 4 insertions, 118 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index bd25d9ab..0bda431d 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -3802,7 +3802,7 @@ static int cmd_evaluate_export(struct eval_ctx *ctx, struct cmd *cmd) { if (cmd->markup->format == __NFT_OUTPUT_NOTSUPP) return cmd_error(ctx, &cmd->location, - "this output type is not supported"); + "this output type is not supported, use nft -j list ruleset for JSON support instead"); else if (cmd->markup->format == NFTNL_OUTPUT_JSON) return cmd_error(ctx, &cmd->location, "JSON export is no longer supported, use 'nft -j list ruleset' instead"); @@ -1377,66 +1377,6 @@ int mnl_nft_flowtable_del(struct netlink_ctx *ctx, const struct cmd *cmd) } /* - * ruleset - */ -struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx, - uint32_t family) -{ - struct nftnl_ruleset *rs; - struct nftnl_table_list *t; - struct nftnl_chain_list *c; - struct nftnl_set_list *sl; - struct nftnl_set_list_iter *i; - struct nftnl_set *s; - struct nftnl_rule_list *r; - int ret = 0; - - rs = nftnl_ruleset_alloc(); - if (rs == NULL) - memory_allocation_error(); - - t = mnl_nft_table_dump(ctx, family); - if (t == NULL) - goto err; - - nftnl_ruleset_set(rs, NFTNL_RULESET_TABLELIST, t); - - c = mnl_nft_chain_dump(ctx, family); - if (c == NULL) - goto err; - - nftnl_ruleset_set(rs, NFTNL_RULESET_CHAINLIST, c); - - sl = mnl_nft_set_dump(ctx, family, NULL); - if (sl == NULL) - goto err; - - i = nftnl_set_list_iter_create(sl); - s = nftnl_set_list_iter_next(i); - while (s != NULL) { - ret = mnl_nft_setelem_get(ctx, s); - if (ret < 0) - goto err; - - s = nftnl_set_list_iter_next(i); - } - nftnl_set_list_iter_destroy(i); - - nftnl_ruleset_set(rs, NFTNL_RULESET_SETLIST, sl); - - r = mnl_nft_rule_dump(ctx, family); - if (r == NULL) - goto err; - - nftnl_ruleset_set(rs, NFTNL_RULESET_RULELIST, r); - - return rs; -err: - nftnl_ruleset_free(rs); - return NULL; -} - -/* * events */ #define NFTABLES_NLEVENT_BUFSIZ (1 << 24) diff --git a/src/netlink.c b/src/netlink.c index fc9aeeff..f67f6390 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -1117,13 +1117,6 @@ int netlink_list_flowtables(struct netlink_ctx *ctx, const struct handle *h) return err; } -struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx, - const struct handle *h, - const struct location *loc) -{ - return mnl_nft_ruleset_dump(ctx, h->family); -} - static void trace_print_hdr(const struct nftnl_trace *nlt, struct output_ctx *octx) { @@ -1434,9 +1427,3 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type, nftnl_trace_free(nlt); return MNL_CB_OK; } - -int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx) -{ - errno = EOPNOTSUPP; - return -1; -} diff --git a/src/parser_bison.y b/src/parser_bison.y index 34202b04..01f5be95 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -1422,7 +1422,7 @@ monitor_format : /* empty */ { $$ = NFTNL_OUTPUT_DEFAULT; } ; markup_format : XML { $$ = __NFT_OUTPUT_NOTSUPP; } - | JSON { $$ = __NFT_OUTPUT_NOTSUPP; } + | JSON { $$ = NFTNL_OUTPUT_JSON; } | VM JSON { $$ = NFTNL_OUTPUT_JSON; } ; @@ -1597,47 +1597,6 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd) } } -static int do_command_export(struct netlink_ctx *ctx, struct cmd *cmd) -{ - struct nftnl_ruleset *rs; - FILE *fp = ctx->nft->output.output_fp; - - do { - rs = netlink_dump_ruleset(ctx, &cmd->handle, &cmd->location); - if (rs == NULL && errno != EINTR) - return -1; - } while (rs == NULL); - - nftnl_ruleset_fprintf(fp, rs, cmd->markup->format, NFTNL_OF_EVENT_NEW); - - nft_print(&ctx->nft->output, "\n"); - - nftnl_ruleset_free(rs); - return 0; -} - -static int do_command_import(struct netlink_ctx *ctx, struct cmd *cmd) -{ - int ret; - struct nftnl_parse_err *err; - struct ruleset_parse rp = { - .nl_ctx = ctx, - .cmd = cmd - }; - - err = nftnl_parse_err_alloc(); - if (err == NULL) - return -1; - - ret = nftnl_ruleset_parse_file_cb(cmd->markup->format, stdin, err, &rp, - netlink_markup_parse_cb); - if (ret < 0) - nftnl_parse_perror("unable to import: parsing failed", err); - - nftnl_parse_err_free(err); - return ret; -} - static int do_list_table(struct netlink_ctx *ctx, struct cmd *cmd, struct table *table) { @@ -2527,9 +2486,9 @@ int do_command(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_RENAME: return do_command_rename(ctx, cmd); case CMD_IMPORT: - return do_command_import(ctx, cmd); case CMD_EXPORT: - return do_command_export(ctx, cmd); + errno = EOPNOTSUPP; + return -1; case CMD_MONITOR: return do_command_monitor(ctx, cmd); case CMD_DESCRIBE: |