From 92abc51d3580dc719fdcbca8d36fdcf5a3751be5 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Mon, 29 Oct 2018 14:15:14 +0100 Subject: src: add -y to priority base chain nummerically By default base chains are printed using default hook priority definitions. Add -y option to print them as numbers. Acked-by: Phil Sutter Signed-off-by: Pablo Neira Ayuso --- src/main.c | 12 ++++++++++-- src/rule.c | 20 ++++++++++---------- 2 files changed, 20 insertions(+), 12 deletions(-) (limited to 'src') diff --git a/src/main.c b/src/main.c index 0c8fa1e9..883261fc 100644 --- a/src/main.c +++ b/src/main.c @@ -40,10 +40,10 @@ enum opt_vals { OPT_HANDLE_OUTPUT = 'a', OPT_ECHO = 'e', OPT_GUID = 'u', + OPT_NUMERIC_PRIO = 'y', OPT_INVALID = '?', }; - -#define OPTSTRING "hvcf:iI:jvnsNaeSu" +#define OPTSTRING "hvcf:iI:jvnsNaeSupy" static const struct option options[] = { { @@ -109,6 +109,10 @@ static const struct option options[] = { .name = "guid", .val = OPT_GUID, }, + { + .name = "numeric-priority", + .val = OPT_NUMERIC_PRIO, + }, { .name = NULL } @@ -135,6 +139,7 @@ static void show_help(const char *name) " -u, --guid Print UID/GID as defined in /etc/passwd and /etc/group.\n" " -N Translate IP addresses to names.\n" " -S, --service Translate ports to service names as described in /etc/services.\n" +" -y, --numeric-priority Print chain priority numerically.\n" " -a, --handle Output rule handle.\n" " -e, --echo Echo what has been added, inserted or replaced.\n" " -I, --includepath Add to the paths searched for include files. Default is: %s\n" @@ -285,6 +290,9 @@ int main(int argc, char * const *argv) case OPT_GUID: output_flags |= NFT_CTX_OUTPUT_GUID; break; + case OPT_NUMERIC_PRIO: + output_flags |= NFT_CTX_OUTPUT_NUMERIC_PRIO; + break; case OPT_INVALID: exit(EXIT_FAILURE); } diff --git a/src/rule.c b/src/rule.c index 33cbf0e2..524db41e 100644 --- a/src/rule.c +++ b/src/rule.c @@ -946,8 +946,9 @@ int std_prio_lookup(const char *std_prio_name, int family, int hook) return NF_IP_PRI_LAST; } -static const char *prio2str(char *buf, size_t bufsize, int family, int hook, - int prio, int numeric) +static const char *prio2str(const struct output_ctx *octx, + char *buf, size_t bufsize, int family, int hook, + int prio) { const struct prio_tag *prio_arr; const char *std_prio_str; @@ -963,7 +964,7 @@ static const char *prio2str(char *buf, size_t bufsize, int family, int hook, arr_size = array_size(std_prios); } - if (numeric != NFT_NUMERIC_ALL) { + if (!nft_output_numeric_prio(octx)) { for (i = 0; i < arr_size; ++i) { std_prio = prio_arr[i].val; std_prio_str = prio_arr[i].str; @@ -1004,9 +1005,9 @@ static void chain_print_declaration(const struct chain *chain, if (chain->dev != NULL) nft_print(octx, " device %s", chain->dev); nft_print(octx, " priority %s; policy %s;\n", - prio2str(priobuf, sizeof(priobuf), + prio2str(octx, priobuf, sizeof(priobuf), chain->handle.family, chain->hooknum, - chain->priority.num, octx->numeric), + chain->priority.num), chain_policy2str(chain->policy)); } } @@ -1035,9 +1036,9 @@ void chain_print_plain(const struct chain *chain, struct output_ctx *octx) if (chain->flags & CHAIN_F_BASECHAIN) { nft_print(octx, " { type %s hook %s priority %s; policy %s; }", chain->type, chain->hookstr, - prio2str(priobuf, sizeof(priobuf), + prio2str(octx, priobuf, sizeof(priobuf), chain->handle.family, chain->hooknum, - chain->priority.num, octx->numeric), + chain->priority.num), chain_policy2str(chain->policy)); } if (nft_output_handle(octx)) @@ -1950,9 +1951,8 @@ static void flowtable_print_declaration(const struct flowtable *flowtable, nft_print(octx, "%s%shook %s priority %s%s", opts->tab, opts->tab, hooknum2str(NFPROTO_NETDEV, flowtable->hooknum), - prio2str(priobuf, sizeof(priobuf), NFPROTO_NETDEV, - flowtable->hooknum, flowtable->priority.num, - octx->numeric), + prio2str(octx, priobuf, sizeof(priobuf), NFPROTO_NETDEV, + flowtable->hooknum, flowtable->priority.num), opts->stmt_separator); nft_print(octx, "%s%sdevices = { ", opts->tab, opts->tab); -- cgit v1.2.3