From c351f337b4e5c71b3551eef1d1b936d1e56b5601 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Thu, 27 Dec 2018 21:19:08 +0100
Subject: src: remove deprecated code for export/import commands

Update parser to display this error message:

 # nft export json
 Error: JSON export is no longer supported, use 'nft -j list ruleset' instead
 export json
 ^^^^^^^^^^^^

Just like:

 # nft export vm json
 Error: JSON export is no longer supported, use 'nft -j list ruleset' instead
 export vm json
 ^^^^^^^^^^^^^^^

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/evaluate.c     |  2 +-
 src/mnl.c          | 60 ------------------------------------------------------
 src/netlink.c      | 13 ------------
 src/parser_bison.y |  2 +-
 src/rule.c         | 45 ++--------------------------------------
 5 files changed, 4 insertions(+), 118 deletions(-)

(limited to 'src')

diff --git a/src/evaluate.c b/src/evaluate.c
index bd25d9ab..0bda431d 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3802,7 +3802,7 @@ static int cmd_evaluate_export(struct eval_ctx *ctx, struct cmd *cmd)
 {
 	if (cmd->markup->format == __NFT_OUTPUT_NOTSUPP)
 		return cmd_error(ctx, &cmd->location,
-				 "this output type is not supported");
+				 "this output type is not supported, use nft -j list ruleset for JSON support instead");
 	else if (cmd->markup->format == NFTNL_OUTPUT_JSON)
 		return cmd_error(ctx, &cmd->location,
 				 "JSON export is no longer supported, use 'nft -j list ruleset' instead");
diff --git a/src/mnl.c b/src/mnl.c
index 455e2d47..c3d16774 100644
--- a/src/mnl.c
+++ b/src/mnl.c
@@ -1376,66 +1376,6 @@ int mnl_nft_flowtable_del(struct netlink_ctx *ctx, const struct cmd *cmd)
 	return 0;
 }
 
-/*
- * ruleset
- */
-struct nftnl_ruleset *mnl_nft_ruleset_dump(struct netlink_ctx *ctx,
-					   uint32_t family)
-{
-	struct nftnl_ruleset *rs;
-	struct nftnl_table_list *t;
-	struct nftnl_chain_list *c;
-	struct nftnl_set_list *sl;
-	struct nftnl_set_list_iter *i;
-	struct nftnl_set *s;
-	struct nftnl_rule_list *r;
-	int ret = 0;
-
-	rs = nftnl_ruleset_alloc();
-	if (rs == NULL)
-		memory_allocation_error();
-
-	t = mnl_nft_table_dump(ctx, family);
-	if (t == NULL)
-		goto err;
-
-	nftnl_ruleset_set(rs, NFTNL_RULESET_TABLELIST, t);
-
-	c = mnl_nft_chain_dump(ctx, family);
-	if (c == NULL)
-		goto err;
-
-	nftnl_ruleset_set(rs, NFTNL_RULESET_CHAINLIST, c);
-
-	sl = mnl_nft_set_dump(ctx, family, NULL);
-	if (sl == NULL)
-		goto err;
-
-	i = nftnl_set_list_iter_create(sl);
-	s = nftnl_set_list_iter_next(i);
-	while (s != NULL) {
-		ret = mnl_nft_setelem_get(ctx, s);
-		if (ret < 0)
-			goto err;
-
-		s = nftnl_set_list_iter_next(i);
-	}
-	nftnl_set_list_iter_destroy(i);
-
-	nftnl_ruleset_set(rs, NFTNL_RULESET_SETLIST, sl);
-
-	r = mnl_nft_rule_dump(ctx, family);
-	if (r == NULL)
-		goto err;
-
-	nftnl_ruleset_set(rs, NFTNL_RULESET_RULELIST, r);
-
-	return rs;
-err:
-	nftnl_ruleset_free(rs);
-	return NULL;
-}
-
 /*
  * events
  */
diff --git a/src/netlink.c b/src/netlink.c
index fc9aeeff..f67f6390 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1117,13 +1117,6 @@ int netlink_list_flowtables(struct netlink_ctx *ctx, const struct handle *h)
 	return err;
 }
 
-struct nftnl_ruleset *netlink_dump_ruleset(struct netlink_ctx *ctx,
-					 const struct handle *h,
-					 const struct location *loc)
-{
-	return mnl_nft_ruleset_dump(ctx, h->family);
-}
-
 static void trace_print_hdr(const struct nftnl_trace *nlt,
 			    struct output_ctx *octx)
 {
@@ -1434,9 +1427,3 @@ int netlink_events_trace_cb(const struct nlmsghdr *nlh, int type,
 	nftnl_trace_free(nlt);
 	return MNL_CB_OK;
 }
-
-int netlink_markup_parse_cb(const struct nftnl_parse_ctx *ctx)
-{
-	errno = EOPNOTSUPP;
-	return -1;
-}
diff --git a/src/parser_bison.y b/src/parser_bison.y
index 34202b04..01f5be95 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -1422,7 +1422,7 @@ monitor_format		:	/* empty */	{ $$ = NFTNL_OUTPUT_DEFAULT; }
 			;
 
 markup_format		: 	XML 		{ $$ = __NFT_OUTPUT_NOTSUPP; }
-			|	JSON		{ $$ = __NFT_OUTPUT_NOTSUPP; }
+			|	JSON		{ $$ = NFTNL_OUTPUT_JSON; }
 			|	VM JSON		{ $$ = NFTNL_OUTPUT_JSON; }
 			;
 
diff --git a/src/rule.c b/src/rule.c
index ad300129..a815850d 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -1597,47 +1597,6 @@ static int do_command_delete(struct netlink_ctx *ctx, struct cmd *cmd)
 	}
 }
 
-static int do_command_export(struct netlink_ctx *ctx, struct cmd *cmd)
-{
-	struct nftnl_ruleset *rs;
-	FILE *fp = ctx->nft->output.output_fp;
-
-	do {
-		rs = netlink_dump_ruleset(ctx, &cmd->handle, &cmd->location);
-		if (rs == NULL && errno != EINTR)
-			return -1;
-	} while (rs == NULL);
-
-	nftnl_ruleset_fprintf(fp, rs, cmd->markup->format, NFTNL_OF_EVENT_NEW);
-
-	nft_print(&ctx->nft->output, "\n");
-
-	nftnl_ruleset_free(rs);
-	return 0;
-}
-
-static int do_command_import(struct netlink_ctx *ctx, struct cmd *cmd)
-{
-	int ret;
-	struct nftnl_parse_err *err;
-	struct ruleset_parse rp = {
-		.nl_ctx = ctx,
-		.cmd    = cmd
-	};
-
-	err = nftnl_parse_err_alloc();
-	if (err == NULL)
-		return -1;
-
-	ret = nftnl_ruleset_parse_file_cb(cmd->markup->format, stdin, err, &rp,
-					  netlink_markup_parse_cb);
-	if (ret < 0)
-		nftnl_parse_perror("unable to import: parsing failed", err);
-
-	nftnl_parse_err_free(err);
-	return ret;
-}
-
 static int do_list_table(struct netlink_ctx *ctx, struct cmd *cmd,
 			 struct table *table)
 {
@@ -2527,9 +2486,9 @@ int do_command(struct netlink_ctx *ctx, struct cmd *cmd)
 	case CMD_RENAME:
 		return do_command_rename(ctx, cmd);
 	case CMD_IMPORT:
-		return do_command_import(ctx, cmd);
 	case CMD_EXPORT:
-		return do_command_export(ctx, cmd);
+		errno = EOPNOTSUPP;
+		return -1;
 	case CMD_MONITOR:
 		return do_command_monitor(ctx, cmd);
 	case CMD_DESCRIBE:
-- 
cgit v1.2.3