From e77b31f53a61a8995cd6baf91a6e557260f401bd Mon Sep 17 00:00:00 2001
From: Phil Sutter <phil@nwl.cc>
Date: Tue, 8 May 2018 13:08:36 +0200
Subject: libnftables: Introduce a few helper functions

This adds a bunch of functions for conversion of different values into
string (and vice-versa).

* log_level_parse(): A simple helper to turn log level string
                     representation into log level value.
* nat_etype2str(): Translate nat statement type into string
                   representation.
* ct_dir2str(): Convert IP_CT_DIR_* values into string representation.
* ct_label2str(): Convert ct_label values into string representation.

Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/ct.h        |  2 ++
 include/statement.h |  3 +++
 src/ct.c            | 44 +++++++++++++++++++++++++++++++-------------
 src/statement.c     | 21 +++++++++++++++++++--
 4 files changed, 55 insertions(+), 15 deletions(-)

diff --git a/include/ct.h b/include/ct.h
index dadd820f..4c5bd804 100644
--- a/include/ct.h
+++ b/include/ct.h
@@ -33,6 +33,8 @@ extern void ct_expr_update_type(struct proto_ctx *ctx, struct expr *expr);
 extern struct stmt *notrack_stmt_alloc(const struct location *loc);
 extern struct stmt *flow_offload_stmt_alloc(const struct location *loc,
 					    const char *table_name);
+extern const char *ct_dir2str(int dir);
+extern const char *ct_label2str(unsigned long value);
 
 extern const struct datatype ct_dir_type;
 extern const struct datatype ct_state_type;
diff --git a/include/statement.h b/include/statement.h
index fc80dbd5..2c6d0dfa 100644
--- a/include/statement.h
+++ b/include/statement.h
@@ -77,6 +77,7 @@ struct log_stmt {
 };
 
 extern const char *log_level(uint32_t level);
+extern int log_level_parse(const char *level);
 extern struct stmt *log_stmt_alloc(const struct location *loc);
 
 
@@ -107,6 +108,8 @@ enum nft_nat_etypes {
 	NFT_NAT_REDIR,
 };
 
+extern const char *nat_etype2str(enum nft_nat_etypes type);
+
 struct nat_stmt {
 	enum nft_nat_etypes	type;
 	struct expr		*addr;
diff --git a/src/ct.c b/src/ct.c
index 2abaa0d5..a1a91f3a 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -64,6 +64,18 @@ static const struct symbol_table ct_dir_tbl = {
 	}
 };
 
+const char *ct_dir2str(int dir)
+{
+	const struct symbolic_constant *s;
+
+	for (s = ct_dir_tbl.symbols; s->identifier != NULL; s++) {
+		if (dir == (int)s->value)
+			return s->identifier;
+	}
+
+	return NULL;
+}
+
 const struct datatype ct_dir_type = {
 	.type		= TYPE_CT_DIR,
 	.name		= "ct_dir",
@@ -133,20 +145,30 @@ static struct symbol_table *ct_label_tbl;
 
 #define CT_LABEL_BIT_SIZE 128
 
+const char *ct_label2str(unsigned long value)
+{
+	const struct symbolic_constant *s;
+
+	for (s = ct_label_tbl->symbols; s->identifier; s++) {
+		if (value == s->value)
+			return s->identifier;
+	}
+
+	return NULL;
+}
+
 static void ct_label_type_print(const struct expr *expr,
 				 struct output_ctx *octx)
 {
 	unsigned long bit = mpz_scan1(expr->value, 0);
-	const struct symbolic_constant *s;
+	const char *labelstr = ct_label2str(bit);
 
-	for (s = ct_label_tbl->symbols; s->identifier != NULL; s++) {
-		if (bit != s->value)
-			continue;
-		nft_print(octx, "\"%s\"", s->identifier);
+	if (labelstr) {
+		nft_print(octx, "\"%s\"", labelstr);
 		return;
 	}
 	/* can happen when connlabel.conf is altered after rules were added */
-	nft_print(octx, "%ld", (long)mpz_scan1(expr->value, 0));
+	nft_print(octx, "%lu", bit);
 }
 
 static struct error_record *ct_label_type_parse(const struct expr *sym,
@@ -273,19 +295,15 @@ const struct ct_template ct_templates[__NFT_CT_MAX] = {
 static void ct_print(enum nft_ct_keys key, int8_t dir, uint8_t nfproto,
 		     struct output_ctx *octx)
 {
-	const struct symbolic_constant *s;
+	const char *dirstr = ct_dir2str(dir);
 	const struct proto_desc *desc;
 
 	nft_print(octx, "ct ");
 	if (dir < 0)
 		goto done;
 
-	for (s = ct_dir_tbl.symbols; s->identifier != NULL; s++) {
-		if (dir == (int)s->value) {
-			nft_print(octx, "%s ", s->identifier);
-			break;
-		}
-	}
+	if (dirstr)
+		nft_print(octx, "%s ", dirstr);
 
 	switch (key) {
 	case NFT_CT_SRC:
diff --git a/src/statement.c b/src/statement.c
index 6537bbbd..8160e0ad 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -233,6 +233,18 @@ const char *log_level(uint32_t level)
 	return syslog_level[level];
 }
 
+int log_level_parse(const char *level)
+{
+	int i;
+
+	for (i = 0; i <= LOG_DEBUG; i++) {
+		if (syslog_level[i] &&
+		    !strcmp(level, syslog_level[i]))
+			return i;
+	}
+	return -1;
+}
+
 static void log_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
 {
 	nft_print(octx, "log");
@@ -499,7 +511,7 @@ static void print_nf_nat_flags(uint32_t flags, struct output_ctx *octx)
 		nft_print(octx, "%spersistent", delim);
 }
 
-static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
+const char *nat_etype2str(enum nft_nat_etypes type)
 {
 	static const char * const nat_types[] = {
 		[NFT_NAT_SNAT]	= "snat",
@@ -508,7 +520,12 @@ static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
 		[NFT_NAT_REDIR]	= "redirect",
 	};
 
-	nft_print(octx, "%s", nat_types[stmt->nat.type]);
+	return nat_types[type];
+}
+
+static void nat_stmt_print(const struct stmt *stmt, struct output_ctx *octx)
+{
+	nft_print(octx, "%s", nat_etype2str(stmt->nat.type));
 	if (stmt->nat.addr || stmt->nat.proto)
 		nft_print(octx, " to");
 
-- 
cgit v1.2.3