From f4a34d25f6d5f4188573dbe16613ce96327f0e6c Mon Sep 17 00:00:00 2001 From: Harsha Sharma Date: Sun, 14 Jan 2018 21:48:46 +0530 Subject: src: list set handle and delete set via set handle Print 'handle' attribute in sets when listing via '-a' option and delete sets via their unique set handles listed with '-a' option. For e.g. nft delete set [] [handle ] Signed-off-by: Harsha Sharma Signed-off-by: Pablo Neira Ayuso --- src/netlink.c | 4 ++++ src/parser_bison.y | 16 ++++++++++++++-- src/rule.c | 6 +++++- 3 files changed, 23 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/netlink.c b/src/netlink.c index 728b6fdf..9f6d24c8 100644 --- a/src/netlink.c +++ b/src/netlink.c @@ -195,6 +195,8 @@ struct nftnl_set *alloc_nftnl_set(const struct handle *h) nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set); if (h->set_id) nftnl_set_set_u32(nls, NFTNL_SET_ID, h->set_id); + if (h->handle.id) + nftnl_set_set_u64(nls, NFTNL_SET_HANDLE, h->handle.id); return nls; } @@ -981,6 +983,7 @@ static struct set *netlink_delinearize_set(struct netlink_ctx *ctx, nftnl_set_get_u32(nls, NFTNL_SET_KEY_LEN) * BITS_PER_BYTE, NULL); set->flags = nftnl_set_get_u32(nls, NFTNL_SET_FLAGS); + set->handle.handle.id = nftnl_set_get_u64(nls, NFTNL_SET_HANDLE); set->objtype = objtype; @@ -1123,6 +1126,7 @@ int netlink_list_sets(struct netlink_ctx *ctx, const struct handle *h, return 0; } + ctx->data = h; err = nftnl_set_list_foreach(set_cache, list_set_cb, ctx); nftnl_set_list_free(set_cache); return err; diff --git a/src/parser_bison.y b/src/parser_bison.y index dd0dcc51..d4481ad6 100644 --- a/src/parser_bison.y +++ b/src/parser_bison.y @@ -509,8 +509,8 @@ int nft_lex(void *, void *, void *); %type table_spec tableid_spec chain_spec chainid_spec flowtable_spec chain_identifier ruleid_spec handle_spec position_spec rule_position ruleset_spec %destructor { handle_free(&$$); } table_spec tableid_spec chain_spec chainid_spec flowtable_spec chain_identifier ruleid_spec handle_spec position_spec rule_position ruleset_spec -%type set_spec set_identifier flowtable_identifier obj_spec obj_identifier -%destructor { handle_free(&$$); } set_spec set_identifier obj_spec obj_identifier +%type set_spec setid_spec set_identifier flowtable_identifier obj_spec obj_identifier +%destructor { handle_free(&$$); } set_spec setid_spec set_identifier obj_spec obj_identifier %type family_spec family_spec_explicit chain_policy prio_spec %type dev_spec quota_unit @@ -1048,6 +1048,10 @@ delete_cmd : TABLE table_spec { $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SET, &$2, &@$, NULL); } + | SET setid_spec + { + $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SET, &$2, &@$, NULL); + } | MAP set_spec { $$ = cmd_alloc(CMD_DELETE, CMD_OBJ_SET, &$2, &@$, NULL); @@ -1856,6 +1860,14 @@ set_spec : table_spec identifier } ; +setid_spec : table_spec HANDLE NUM + { + $$ = $1; + $$.handle.location = @$; + $$.handle.id = $3; + } + ; + set_identifier : identifier { memset(&$$, 0, sizeof($$)); diff --git a/src/rule.c b/src/rule.c index 29343f75..d58e58f1 100644 --- a/src/rule.c +++ b/src/rule.c @@ -377,7 +377,11 @@ static void do_set_print(const struct set *set, struct print_fmt_options *opts, expr_print(set->init, octx); nft_print(octx, "%s", opts->nl); } - nft_print(octx, "%s}%s", opts->tab, opts->nl); + nft_print(octx, "%s}", opts->tab); + if (octx->handle > 0) + nft_print(octx, " # handle %" PRIu64, set->handle.handle.id); + nft_print(octx, "%s", opts->nl); + } void set_print(const struct set *s, struct output_ctx *octx) -- cgit v1.2.3