From 81c51fc1ab699fb6e417ada77221657ca34efd0b Mon Sep 17 00:00:00 2001 From: Eric Jallot Date: Wed, 30 Oct 2019 18:06:19 +0100 Subject: src: flowtable: add support for named flowtable listing This patch allows you to dump a named flowtable. # nft list flowtable inet t f table inet t { flowtable f { hook ingress priority filter + 10 devices = { eth0, eth1 } } } Also: libnftables-json.adoc: fix missing quotes. Fixes: db0697ce7f60 ("src: support for flowtable listing") Fixes: 872f373dc50f ("doc: Add JSON schema documentation") Signed-off-by: Eric Jallot Signed-off-by: Pablo Neira Ayuso --- src/rule.c | 64 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 60 insertions(+), 4 deletions(-) (limited to 'src/rule.c') diff --git a/src/rule.c b/src/rule.c index c258f12e..a2811d18 100644 --- a/src/rule.c +++ b/src/rule.c @@ -105,7 +105,7 @@ void handle_free(struct handle *h) xfree(h->table.name); xfree(h->chain.name); xfree(h->set.name); - xfree(h->flowtable); + xfree(h->flowtable.name); xfree(h->obj.name); } @@ -125,8 +125,8 @@ void handle_merge(struct handle *dst, const struct handle *src) dst->set.name = xstrdup(src->set.name); dst->set.location = src->set.location; } - if (dst->flowtable == NULL && src->flowtable != NULL) - dst->flowtable = xstrdup(src->flowtable); + if (dst->flowtable.name == NULL && src->flowtable.name != NULL) + dst->flowtable.name = xstrdup(src->flowtable.name); if (dst->obj.name == NULL && src->obj.name != NULL) dst->obj.name = xstrdup(src->obj.name); if (dst->handle.id == 0) @@ -2156,7 +2156,7 @@ static void flowtable_print_declaration(const struct flowtable *flowtable, if (opts->table != NULL) nft_print(octx, " %s", opts->table); - nft_print(octx, " %s {%s", flowtable->handle.flowtable, opts->nl); + nft_print(octx, " %s {%s", flowtable->handle.flowtable.name, opts->nl); nft_print(octx, "%s%shook %s priority %s%s", opts->tab, opts->tab, @@ -2193,6 +2193,60 @@ void flowtable_print(const struct flowtable *s, struct output_ctx *octx) do_flowtable_print(s, &opts, octx); } +struct flowtable *flowtable_lookup(const struct table *table, const char *name) +{ + struct flowtable *ft; + + list_for_each_entry(ft, &table->flowtables, list) { + if (!strcmp(ft->handle.flowtable.name, name)) + return ft; + } + return NULL; +} + +struct flowtable *flowtable_lookup_fuzzy(const char *ft_name, + const struct nft_cache *cache, + const struct table **t) +{ + struct string_misspell_state st; + struct table *table; + struct flowtable *ft; + + string_misspell_init(&st); + + list_for_each_entry(table, &cache->list, list) { + list_for_each_entry(ft, &table->flowtables, list) { + if (!strcmp(ft->handle.flowtable.name, ft_name)) { + *t = table; + return ft; + } + if (string_misspell_update(ft->handle.flowtable.name, + ft_name, ft, &st)) + *t = table; + } + } + return st.obj; +} + +static int do_list_flowtable(struct netlink_ctx *ctx, struct cmd *cmd, + struct table *table) +{ + struct flowtable *ft; + + ft = flowtable_lookup(table, cmd->handle.flowtable.name); + if (ft == NULL) + return -1; + + nft_print(&ctx->nft->output, "table %s %s {\n", + family2str(table->handle.family), + table->handle.table.name); + + flowtable_print(ft, &ctx->nft->output); + nft_print(&ctx->nft->output, "}\n"); + + return 0; +} + static int do_list_flowtables(struct netlink_ctx *ctx, struct cmd *cmd) { struct print_fmt_options opts = { @@ -2388,6 +2442,8 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd) case CMD_OBJ_SYNPROXY: case CMD_OBJ_SYNPROXYS: return do_list_obj(ctx, cmd, NFT_OBJECT_SYNPROXY); + case CMD_OBJ_FLOWTABLE: + return do_list_flowtable(ctx, cmd, table); case CMD_OBJ_FLOWTABLES: return do_list_flowtables(ctx, cmd); default: -- cgit v1.2.3