diff options
| author | Phil Sutter <phil@nwl.cc> | 2018-06-08 17:27:17 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-06-11 11:31:49 +0200 |
| commit | 78f8d8127eac64abb14e1d4a4309b353ba03bdb6 (patch) | |
| tree | 7adf2aab7ce8d98eb6ebf2bf7bb785d213fe132a /src | |
| parent | e8b5419b94e230d008d6701b66d02434a7cb1152 (diff) | |
JSON: Add support for connlimit statement
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/json.c | 10 | ||||
| -rw-r--r-- | src/parser_json.c | 19 | ||||
| -rw-r--r-- | src/statement.c | 1 |
3 files changed, 30 insertions, 0 deletions
@@ -1276,6 +1276,16 @@ json_t *verdict_stmt_json(const struct stmt *stmt, struct output_ctx *octx) return expr_print_json(stmt->expr, octx); } +json_t *connlimit_stmt_json(const struct stmt *stmt, struct output_ctx *octx) +{ + json_t *root = json_pack("{s:i}", "val", stmt->connlimit.count); + + if (stmt->connlimit.flags & NFT_CONNLIMIT_F_INV) + json_object_set_new(root, "inv", json_true()); + + return json_pack("{s:o}", "ct count", root); +} + static json_t *table_print_json_full(struct netlink_ctx *ctx, struct table *table) { diff --git a/src/parser_json.c b/src/parser_json.c index d60cbad8..bc36136f 100644 --- a/src/parser_json.c +++ b/src/parser_json.c @@ -2048,6 +2048,24 @@ static struct stmt *json_parse_queue_stmt(struct json_ctx *ctx, return stmt; } +static struct stmt *json_parse_connlimit_stmt(struct json_ctx *ctx, + const char *key, json_t *value) +{ + struct stmt *stmt = connlimit_stmt_alloc(int_loc); + + if (json_unpack_err(ctx, value, "{s:i}", + "val", &stmt->connlimit.count)) { + stmt_free(stmt); + return NULL; + } + + json_unpack(value, "{s:b}", "inv", &stmt->connlimit.flags); + if (stmt->connlimit.flags) + stmt->connlimit.flags = NFT_CONNLIMIT_F_INV; + + return stmt; +} + static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root) { struct { @@ -2078,6 +2096,7 @@ static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root) { "ct helper", json_parse_cthelper_stmt }, { "meter", json_parse_meter_stmt }, { "queue", json_parse_queue_stmt }, + { "ct count", json_parse_connlimit_stmt }, }; const char *type; unsigned int i; diff --git a/src/statement.c b/src/statement.c index 58e86f21..6f5e6660 100644 --- a/src/statement.c +++ b/src/statement.c @@ -159,6 +159,7 @@ static const struct stmt_ops connlimit_stmt_ops = { .type = STMT_CONNLIMIT, .name = "connlimit", .print = connlimit_stmt_print, + .json = connlimit_stmt_json, }; struct stmt *connlimit_stmt_alloc(const struct location *loc) |