diff options
author | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-08-02 12:43:04 +0100 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-08-02 15:03:31 +0200 |
commit | 9871458e20c941f08bc8a825ee24f2a868f875d2 (patch) | |
tree | 27821d176e7360241cd0f25bbe71d5491a2c75f6 /src | |
parent | 119a49a5354c16208ec1bd24500a180bcbe86cd2 (diff) |
src: handle rule tracing as an monitor object
Traces are not an event type, they should be handled as an object.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
-rw-r--r-- | src/evaluate.c | 31 | ||||
-rw-r--r-- | src/parser_bison.y | 2 | ||||
-rw-r--r-- | src/scanner.l | 1 |
3 files changed, 7 insertions, 27 deletions
diff --git a/src/evaluate.c b/src/evaluate.c index 959e8542..d24526fe 100644 --- a/src/evaluate.c +++ b/src/evaluate.c @@ -3218,7 +3218,6 @@ enum { CMD_MONITOR_EVENT_ANY, CMD_MONITOR_EVENT_NEW, CMD_MONITOR_EVENT_DEL, - CMD_MONITOR_EVENT_TRACE, CMD_MONITOR_EVENT_MAX }; @@ -3247,6 +3246,7 @@ static uint32_t monitor_flags[CMD_MONITOR_EVENT_MAX][CMD_MONITOR_OBJ_MAX] = { (1 << NFT_MSG_DELSETELEM) | (1 << NFT_MSG_NEWOBJ) | (1 << NFT_MSG_DELOBJ), + [CMD_MONITOR_OBJ_TRACE] = (1 << NFT_MSG_TRACE), }, [CMD_MONITOR_EVENT_NEW] = { [CMD_MONITOR_OBJ_ANY] = (1 << NFT_MSG_NEWTABLE) | @@ -3264,7 +3264,8 @@ static uint32_t monitor_flags[CMD_MONITOR_EVENT_MAX][CMD_MONITOR_OBJ_MAX] = { (1 << NFT_MSG_NEWRULE) | (1 << NFT_MSG_NEWSET) | (1 << NFT_MSG_NEWSETELEM) | - (1 << NFT_MSG_NEWOBJ) + (1 << NFT_MSG_NEWOBJ), + [CMD_MONITOR_OBJ_TRACE] = 0, }, [CMD_MONITOR_EVENT_DEL] = { [CMD_MONITOR_OBJ_ANY] = (1 << NFT_MSG_DELTABLE) | @@ -3283,29 +3284,7 @@ static uint32_t monitor_flags[CMD_MONITOR_EVENT_MAX][CMD_MONITOR_OBJ_MAX] = { (1 << NFT_MSG_DELSET) | (1 << NFT_MSG_DELSETELEM) | (1 << NFT_MSG_DELOBJ), - }, - [CMD_MONITOR_EVENT_TRACE] = { - [CMD_MONITOR_OBJ_ANY] = (1 << NFT_MSG_NEWTABLE) | - (1 << NFT_MSG_NEWCHAIN) | - (1 << NFT_MSG_NEWRULE) | - (1 << NFT_MSG_DELTABLE) | - (1 << NFT_MSG_DELCHAIN) | - (1 << NFT_MSG_DELRULE) | - (1 << NFT_MSG_TRACE), - [CMD_MONITOR_OBJ_TABLES] = (1 << NFT_MSG_NEWTABLE) | - (1 << NFT_MSG_DELTABLE), - [CMD_MONITOR_OBJ_CHAINS] = (1 << NFT_MSG_NEWCHAIN) | - (1 << NFT_MSG_DELCHAIN), - [CMD_MONITOR_OBJ_RULES] = (1 << NFT_MSG_NEWRULE) | - (1 << NFT_MSG_DELRULE), - [CMD_MONITOR_OBJ_RULESET] = (1 << NFT_MSG_NEWTABLE) | - (1 << NFT_MSG_NEWCHAIN) | - (1 << NFT_MSG_NEWRULE) | - (1 << NFT_MSG_NEWOBJ) | - (1 << NFT_MSG_DELTABLE) | - (1 << NFT_MSG_DELCHAIN) | - (1 << NFT_MSG_DELRULE) | - (1 << NFT_MSG_DELOBJ), + [CMD_MONITOR_OBJ_TRACE] = 0, }, }; @@ -3324,8 +3303,6 @@ static int cmd_evaluate_monitor(struct eval_ctx *ctx, struct cmd *cmd) event = CMD_MONITOR_EVENT_NEW; else if (strcmp(cmd->monitor->event, "destroy") == 0) event = CMD_MONITOR_EVENT_DEL; - else if (strcmp(cmd->monitor->event, "trace") == 0) - event = CMD_MONITOR_EVENT_TRACE; else { return monitor_error(ctx, cmd->monitor, "invalid event %s", cmd->monitor->event); diff --git a/src/parser_bison.y b/src/parser_bison.y index 86baf23a..e7bb9097 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -194,6 +194,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token MAPS "maps" %token HANDLE "handle" %token RULESET "ruleset" +%token TRACE "trace" %token INET "inet" %token NETDEV "netdev" @@ -1196,6 +1197,7 @@ monitor_object : /* empty */ { $$ = CMD_MONITOR_OBJ_ANY; } | RULES { $$ = CMD_MONITOR_OBJ_RULES; } | ELEMENTS { $$ = CMD_MONITOR_OBJ_ELEMS; } | RULESET { $$ = CMD_MONITOR_OBJ_RULESET; } + | TRACE { $$ = CMD_MONITOR_OBJ_TRACE; } ; monitor_format : /* empty */ { $$ = NFTNL_OUTPUT_DEFAULT; } diff --git a/src/scanner.l b/src/scanner.l index 7d5437f1..b6ba32d8 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -250,6 +250,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "maps" { return MAPS; } "handle" { return HANDLE; } "ruleset" { return RULESET; } +"trace" { return TRACE; } "accept" { return ACCEPT; } "drop" { return DROP; } |