From a3e215d7f68f41556912c33b3dcf12781f6b9b59 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Wed, 24 Mar 2021 17:19:32 +0100 Subject: src: add datatype->describe() As an alternative to print the datatype values when no symbol table is available. Use it to print protocols available via getprotobynumber() which actually refers to /etc/protocols. Not very efficient, getprotobynumber() causes a series of open()/close() calls on /etc/protocols, but this is called from a non-critical path. Closes: https://bugzilla.netfilter.org/show_bug.cgi?id=1503 Signed-off-by: Pablo Neira Ayuso --- include/datatype.h | 1 + src/datatype.c | 15 +++++++++++++++ src/expression.c | 2 ++ 3 files changed, 18 insertions(+) diff --git a/include/datatype.h b/include/datatype.h index 1061a389..a16f8f2b 100644 --- a/include/datatype.h +++ b/include/datatype.h @@ -164,6 +164,7 @@ struct datatype { struct error_record *(*parse)(struct parse_ctx *ctx, const struct expr *sym, struct expr **res); + void (*describe)(struct output_ctx *octx); const struct symbol_table *sym_tbl; unsigned int refcnt; }; diff --git a/src/datatype.c b/src/datatype.c index 7382307e..fae1aa26 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -619,6 +619,20 @@ static void inet_protocol_type_print(const struct expr *expr, integer_type_print(expr, octx); } +static void inet_protocol_type_describe(struct output_ctx *octx) +{ + struct protoent *p; + uint8_t protonum; + + for (protonum = 0; protonum < UINT8_MAX; protonum++) { + p = getprotobynumber(protonum); + if (!p) + continue; + + nft_print(octx, "\t%-30s\t%u\n", p->p_name, protonum); + } +} + static struct error_record *inet_protocol_type_parse(struct parse_ctx *ctx, const struct expr *sym, struct expr **res) @@ -658,6 +672,7 @@ const struct datatype inet_protocol_type = { .print = inet_protocol_type_print, .json = inet_protocol_type_json, .parse = inet_protocol_type_parse, + .describe = inet_protocol_type_describe, }; static void inet_service_print(const struct expr *expr, struct output_ctx *octx) diff --git a/src/expression.c b/src/expression.c index 0c5276d1..9fdf23d9 100644 --- a/src/expression.c +++ b/src/expression.c @@ -172,6 +172,8 @@ void expr_describe(const struct expr *expr, struct output_ctx *octx) nft_print(octx, "(in hexadecimal):\n"); symbol_table_print(edtype->sym_tbl, edtype, expr->byteorder, octx); + } else if (edtype->describe) { + edtype->describe(octx); } } -- cgit v1.2.3