From: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
To: netfilter-devel@vger.kernel.org
Subject: [libnftables PATCH v2] chain: add hooknum2str
Date: Thu, 27 Jun 2013 18:55:47 +0200 [thread overview]
Message-ID: <20130627165512.26972.47124.stgit@nfdev.cica.es> (raw)
This patch translates the Netfilter hooknumber to a readable string.
Useful for printing and parsing in XML and JSON formats.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
v2: Add "" to Json strings.
src/chain.c | 36 +++++++++++++++++++++++++++---------
test/nft-chain-xml-add.sh | 6 +++---
2 files changed, 30 insertions(+), 12 deletions(-)
diff --git a/src/chain.c b/src/chain.c
index 6673b82..d290545 100644
--- a/src/chain.c
+++ b/src/chain.c
@@ -22,6 +22,7 @@
#include <libmnl/libmnl.h>
#include <linux/netfilter/nfnetlink.h>
#include <linux/netfilter/nf_tables.h>
+#include <linux/netfilter.h>
#include <libnftables/chain.h>
@@ -42,6 +43,14 @@ struct nft_chain {
uint32_t flags;
};
+static const char *hooknum2str_array[NF_INET_NUMHOOKS] = {
+ [NF_INET_PRE_ROUTING] = "NF_INET_PRE_ROUTING",
+ [NF_INET_LOCAL_IN] = "NF_INET_LOCAL_IN",
+ [NF_INET_FORWARD] = "NF_INET_FORWARD",
+ [NF_INET_LOCAL_OUT] = "NF_INET_LOCAL_OUT",
+ [NF_INET_POST_ROUTING] = "NF_INET_POST_ROUTING",
+};
+
struct nft_chain *nft_chain_alloc(void)
{
return calloc(1, sizeof(struct nft_chain));
@@ -629,15 +638,22 @@ static int nft_chain_xml_parse(struct nft_chain *c, char *xml)
mxmlDelete(tree);
return -1;
}
- utmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (utmp > UINT32_MAX || utmp < 0 || *endptr) {
+
+ /* iterate the list of hooks until a match is found */
+ for (utmp = 0; utmp < NF_INET_NUMHOOKS; utmp++) {
+ if (strcmp(node->child->value.opaque, hooknum2str_array[utmp]) == 0) {
+ c->hooknum = utmp;
+ c->flags |= (1 << NFT_CHAIN_ATTR_HOOKNUM);
+ break;
+ }
+ }
+
+ /* if no hook was found, error */
+ if (!(c->flags & (1 << NFT_CHAIN_ATTR_HOOKNUM))) {
mxmlDelete(tree);
return -1;
}
- memcpy(&c->hooknum, &utmp, sizeof(c->hooknum));
- c->flags |= (1 << NFT_CHAIN_ATTR_HOOKNUM);
-
/* Get and set <policy> */
node = mxmlFindElement(tree, tree, "policy", NULL, NULL, MXML_DESCEND);
if (node == NULL) {
@@ -709,7 +725,7 @@ static int nft_chain_snprintf_json(char *buf, size_t size, struct nft_chain *c)
"\"table\" : \"%s\","
"\"prio\" : %d,"
"\"use\" : %d,"
- "\"hooknum\" : %d,"
+ "\"hooknum\" : \"%s\","
"\"policy\" : %d,"
"\"family\" : %d"
"}"
@@ -717,7 +733,8 @@ static int nft_chain_snprintf_json(char *buf, size_t size, struct nft_chain *c)
"}",
c->name, c->handle, c->bytes, c->packets,
NFT_CHAIN_JSON_VERSION, c->type, c->table,
- c->prio, c->use, c->hooknum, c->policy, c->family);
+ c->prio, c->use, hooknum2str_array[c->hooknum],
+ c->policy, c->family);
}
static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c)
@@ -730,14 +747,15 @@ static int nft_chain_snprintf_xml(char *buf, size_t size, struct nft_chain *c)
"<table>%s</table>"
"<prio>%d</prio>"
"<use>%d</use>"
- "<hooknum>%d</hooknum>"
+ "<hooknum>%s</hooknum>"
"<policy>%d</policy>"
"<family>%d</family>"
"</properties>"
"</chain>",
c->name, c->handle, c->bytes, c->packets,
NFT_CHAIN_XML_VERSION, c->type, c->table,
- c->prio, c->use, c->hooknum, c->policy, c->family);
+ c->prio, c->use, hooknum2str_array[c->hooknum],
+ c->policy, c->family);
}
static int nft_chain_snprintf_default(char *buf, size_t size, struct nft_chain *c)
diff --git a/test/nft-chain-xml-add.sh b/test/nft-chain-xml-add.sh
index d1bd839..fda28cb 100755
--- a/test/nft-chain-xml-add.sh
+++ b/test/nft-chain-xml-add.sh
@@ -40,7 +40,7 @@ XML="<chain name=\"test1\" handle=\"100\" bytes=\"123\" packets=\"321\" version=
<table>filter</table>
<prio>0</prio>
<use>0</use>
- <hooknum>2</hooknum>
+ <hooknum>NF_INET_LOCAL_IN</hooknum>
<policy>1</policy>
<family>2</family>
</properties>
@@ -61,7 +61,7 @@ XML="<chain name=\"test2\" handle=\"101\" bytes=\"59\" packets=\"1\" version=\"0
<table>filter</table>
<prio>1</prio>
<use>0</use>
- <hooknum>4</hooknum>
+ <hooknum>NF_INET_POST_ROUTING</hooknum>
<policy>1</policy>
<family>10</family>
</properties>
@@ -83,7 +83,7 @@ XML="<chain name=\"test3\" handle=\"102\" bytes=\"51231239\" packets=\"112312312
<table>filter</table>
<prio>0</prio>
<use>0</use>
- <hooknum>4</hooknum>
+ <hooknum>NF_INET_FORWARD</hooknum>
<policy>1</policy>
<family>2</family>
</properties>
next reply other threads:[~2013-06-27 16:56 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-27 16:55 Arturo Borrero Gonzalez [this message]
2013-06-27 17:58 ` [libnftables PATCH v2] chain: add hooknum2str Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130627165512.26972.47124.stgit@nfdev.cica.es \
--to=arturo.borrero.glez@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.