From da24c01b6d94820aee7222aa3c75854ef47bf355 Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Thu, 18 Apr 2013 12:28:25 +0200 Subject: rule: allow to list of existing tables You can now specify: nft list tables ip to obtain the list of all existing tables. Signed-off-by: Pablo Neira Ayuso --- src/netlink.c | 3 ++- src/parser.y | 17 +++++++++++++++-- src/rule.c | 13 +++++++++++++ src/scanner.l | 1 + 4 files changed, 31 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/netlink.c b/src/netlink.c index 4c60c4a2..e760ccc9 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -87,7 +87,8 @@ struct nfnl_nft_table *alloc_nft_table(const struct handle *h) if (nlt == NULL) memory_allocation_error(); nfnl_nft_table_set_family(nlt, h->family); - nfnl_nft_table_set_name(nlt, h->table, strlen(h->table) + 1); + if (h->table != NULL) + nfnl_nft_table_set_name(nlt, h->table, strlen(h->table) + 1); return nlt; } diff --git a/src/parser.y b/src/parser.y index fc724588..87602d9f 100644 --- a/src/parser.y +++ b/src/parser.y @@ -157,6 +157,7 @@ static void location_update(struct location *loc, struct location *rhs, int n) %token HOOK "hook" %token HOOKNUM "hooknum" %token TABLE "table" +%token TABLES "tables" %token CHAIN "chain" %token RULE "rule" %token SETS "sets" @@ -332,8 +333,8 @@ static void location_update(struct location *loc, struct location *rhs, int n) %type base_cmd add_cmd insert_cmd delete_cmd list_cmd flush_cmd rename_cmd %destructor { cmd_free($$); } base_cmd add_cmd insert_cmd delete_cmd list_cmd flush_cmd rename_cmd -%type table_spec chain_spec chain_identifier ruleid_spec -%destructor { handle_free(&$$); } table_spec chain_spec chain_identifier ruleid_spec +%type table_spec tables_spec chain_spec chain_identifier ruleid_spec +%destructor { handle_free(&$$); } table_spec tables_spec chain_spec chain_identifier ruleid_spec %type set_spec set_identifier %destructor { handle_free(&$$); } set_spec set_identifier %type handle_spec family_spec @@ -602,6 +603,10 @@ delete_cmd : TABLE table_spec ; list_cmd : TABLE table_spec + { + $$ = cmd_alloc(CMD_LIST, CMD_OBJ_TABLE, &$2, NULL); + } + | TABLES tables_spec { $$ = cmd_alloc(CMD_LIST, CMD_OBJ_TABLE, &$2, NULL); } @@ -789,6 +794,14 @@ table_spec : family_spec identifier } ; +tables_spec : family_spec + { + memset(&$$, 0, sizeof($$)); + $$.family = $1; + $$.table = NULL; + } + ; + chain_spec : table_spec identifier { $$ = $1; diff --git a/src/rule.c b/src/rule.c index 7d0887aa..43b683ca 100644 --- a/src/rule.c +++ b/src/rule.c @@ -477,6 +477,19 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd) switch (cmd->obj) { case CMD_OBJ_TABLE: + if (!cmd->handle.table) { + /* List all existing tables */ + struct table *table; + + if (netlink_list_tables(ctx, &cmd->handle) < 0) + return -1; + + list_for_each_entry(table, &ctx->list, list) { + printf("table %s\n", table->handle.table); + } + return 0; + } + /* List content of this table */ if (do_list_sets(ctx, table) < 0) return -1; if (netlink_list_chains(ctx, &cmd->handle) < 0) diff --git a/src/scanner.l b/src/scanner.l index 7ceae09d..edecf7b6 100644 --- a/src/scanner.l +++ b/src/scanner.l @@ -225,6 +225,7 @@ addrstring ({macaddr}|{ip4addr}|{ip6addr}) "hook" { return HOOK; } "table" { return TABLE; } +"tables" { return TABLES; } "chain" { return CHAIN; } "rule" { return RULE; } "sets" { return SETS; } -- cgit v1.2.3