From 9edaa6a51eab49a378dd358e0b4254d0398c629f Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 20 Jul 2021 12:17:33 +0200 Subject: src: add --define key=value This patch adds a new option to define variables from the command line. # cat test.nft table netdev x { chain y { type filter hook ingress devices = $dev priority 0; counter accept } } # nft --define dev="{ eth0, eth1 }" -f test.nft You can only combine it with -f/--filename. Signed-off-by: Pablo Neira Ayuso --- src/main.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'src/main.c') diff --git a/src/main.c b/src/main.c index 8c470644..21096fc7 100644 --- a/src/main.c +++ b/src/main.c @@ -32,6 +32,7 @@ enum opt_indices { /* Ruleset input handling */ IDX_FILE, #define IDX_RULESET_INPUT_START IDX_FILE + IDX_DEFINE, IDX_INTERACTIVE, IDX_INCLUDEPATH, IDX_CHECK, @@ -63,6 +64,7 @@ enum opt_vals { OPT_VERSION_LONG = 'V', OPT_CHECK = 'c', OPT_FILE = 'f', + OPT_DEFINE = 'D', OPT_INTERACTIVE = 'i', OPT_INCLUDEPATH = 'I', OPT_JSON = 'j', @@ -100,6 +102,8 @@ static const struct nft_opt nft_options[] = { "Show extended version information"), [IDX_FILE] = NFT_OPT("file", OPT_FILE, "", "Read input from "), + [IDX_DEFINE] = NFT_OPT("define", OPT_DEFINE, "", + "Define variable, e.g. --define foo=1.2.3.4"), [IDX_INTERACTIVE] = NFT_OPT("interactive", OPT_INTERACTIVE, NULL, "Read input from interactive CLI"), [IDX_INCLUDEPATH] = NFT_OPT("includepath", OPT_INCLUDEPATH, "", @@ -332,8 +336,10 @@ static bool nft_options_check(int argc, char * const argv[]) } else if (argv[i][1] == 'd' || argv[i][1] == 'I' || argv[i][1] == 'f' || + argv[i][1] == 'D' || !strcmp(argv[i], "--debug") || !strcmp(argv[i], "--includepath") || + !strcmp(argv[i], "--define") || !strcmp(argv[i], "--file")) { skip = true; continue; @@ -349,10 +355,10 @@ static bool nft_options_check(int argc, char * const argv[]) int main(int argc, char * const *argv) { const struct option *options = get_options(); + bool interactive = false, define = false; const char *optstring = get_optstring(); char *buf = NULL, *filename = NULL; unsigned int output_flags = 0; - bool interactive = false; unsigned int debug_mask; unsigned int len; int i, val, rc; @@ -378,6 +384,15 @@ int main(int argc, char * const *argv) case OPT_VERSION_LONG: show_version(); exit(EXIT_SUCCESS); + case OPT_DEFINE: + if (nft_ctx_add_var(nft, optarg)) { + fprintf(stderr, + "Failed to define variable '%s'\n", + optarg); + exit(EXIT_FAILURE); + } + define = true; + break; case OPT_CHECK: nft_ctx_set_dry_run(nft, true); break; @@ -470,6 +485,11 @@ int main(int argc, char * const *argv) } } + if (!filename && define) { + fprintf(stderr, "Error: -D/--define can only be used with -f/--filename\n"); + exit(EXIT_FAILURE); + } + nft_ctx_output_set_flags(nft, output_flags); if (optind != argc) { -- cgit v1.2.3