[libnftables PATCH 1/2] set: json: fix incomplete output

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Alvaro Neira <alvaroneay@gmail.com>
To: netfilter-devel@vger.kernel.org
Cc: eric@regit.org
Subject: [libnftables PATCH 1/2] set: json: fix incomplete output
Date: Mon, 15 Jul 2013 21:30:52 +0200	[thread overview]
Message-ID: <20130715193052.20241.52862.stgit@Ph0enix> (raw)

From: Álvaro Neira Ayuso <alvaroneay@gmail.com>

In (bf39c53 set: add json output), the json support for sets was
incomplete:

* version, family, key_type, key_len, data_type, data_len were not included.
* Now I use nft_data_reg_snprintf for printing the key and data

Signed-off-by: Alvaro Neira Ayuso <alvaroneay@gmail.com>
---
 src/internal.h |    1 +
 src/set.c      |   23 +++++++++++++++++------
 src/set_elem.c |   50 ++++++++++++++++++++++++++++----------------------
 3 files changed, 46 insertions(+), 28 deletions(-)

diff --git a/src/internal.h b/src/internal.h
index 803dcc4..b3cdb76 100644
--- a/src/internal.h
+++ b/src/internal.h
@@ -28,6 +28,7 @@ int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name, union nft_
 #define NFT_TABLE_JSON_VERSION 0
 #define NFT_CHAIN_JSON_VERSION 0
 #define NFT_RULE_JSON_VERSION 0
+#define NFT_SET_JSON_VERSION 0
 
 const char *nft_family2str(uint32_t family);
 int nft_str2family(const char *family);
diff --git a/src/set.c b/src/set.c
index dc3bd27..343e27c 100644
--- a/src/set.c
+++ b/src/set.c
@@ -317,16 +317,27 @@ int nft_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s)
 EXPORT_SYMBOL(nft_set_nlmsg_parse);
 
 static int nft_set_snprintf_json(char *buf, size_t size, struct nft_set *s,
-			   uint32_t type, uint32_t flags)
+				  uint32_t type, uint32_t flags)
 {
-	int ret;
-	int len = size, offset = 0;
+	int len = size, offset = 0, ret;
 	struct nft_set_elem *elem;
 
-	ret = snprintf(buf, size, "{ \"set\" : { \"name\" : \"%s\", \"table\" : \"%s\", \"flags\" : %u",
-			s->name, s->table, s->set_flags);
+	ret = snprintf(buf, size, "{ \"set\": { \"name\": \"%s\","
+				  "\"table\": \"%s\",\"version\": %d,"
+				  "\"flags\": %u,\"family\": \"%s\","
+				  "\"key_type\": %u,\"key_len\": %u",
+			s->name, s->table, NFT_SET_JSON_VERSION, s->set_flags,
+			nft_family2str(s->family), s->key_type, s->key_len);
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
+	if(s->flags & (1 << NFT_SET_ATTR_DATA_TYPE) &&
+	   s->flags & (1 << NFT_SET_ATTR_DATA_LEN)){
+		ret = snprintf(buf+offset, size,
+				  ",\"data_type\": %u,\"data_len\": %u",
+			s->data_type, s->data_len);
+		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+	}
+
 	/* Empty set? Skip printinf of elements */
 	if (list_empty(&s->element_list)){
 		ret = snprintf(buf+offset, size, "}}");
@@ -334,7 +345,7 @@ static int nft_set_snprintf_json(char *buf, size_t size, struct nft_set *s,
 		return offset;
 	}
 
-	ret = snprintf(buf+offset, size, ", \"set_elem\" : [");
+	ret = snprintf(buf+offset, size, ",\"set_elem\": [");
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
 	list_for_each_entry(elem, &s->element_list, head) {
diff --git a/src/set_elem.c b/src/set_elem.c
index 3966cd6..eeab726 100644
--- a/src/set_elem.c
+++ b/src/set_elem.c
@@ -385,34 +385,40 @@ int nft_set_elems_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s)
 }
 EXPORT_SYMBOL(nft_set_elems_nlmsg_parse);
 
-static int nft_set_elem_snprintf_json(char *buf, size_t size, struct nft_set_elem *e)
+static int nft_set_elem_snprintf_json(char *buf, size_t size,
+				       struct nft_set_elem *e, uint32_t flags)
 {
-	int ret, len = size, offset = 0, i, numregs;
+	int ret, len = size, offset = 0, type = -1;
 
-	ret = snprintf(buf, size, "\"flags\" : %u", e->set_elem_flags);
+	ret = snprintf(buf, size, "\"set_elem_flags\": %u", e->set_elem_flags);
 	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 
-	numregs = div_round_up(e->key.len, sizeof(uint32_t));
-	if (numregs != 0) {
-		ret = snprintf(buf+offset, len, ", \"key\" : \"0x");
-		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
-		for (i = 0; i < numregs; i++) {
-			ret = snprintf(buf+offset, len, "%.8x", e->key.val[i]);
-			SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
-		}
-		ret = snprintf(buf+offset, len, "\"");
-		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
-	}
+	ret = snprintf(buf+offset, size, ",\"set_elem_key\": {");
+	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+	ret = nft_data_reg_snprintf(buf+offset, len, &e->key,
+				    NFT_RULE_O_JSON, flags, DATA_VALUE);
+	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+	ret = snprintf(buf+offset, size, "}");
+	SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+	if (e->flags & (1 << NFT_SET_ELEM_ATTR_DATA))
+		type = DATA_VALUE;
+	else if (e->flags & (1 << NFT_SET_ELEM_ATTR_CHAIN))
+		type = DATA_CHAIN;
+	else if (e->flags & (1 << NFT_SET_ELEM_ATTR_VERDICT))
+		type = DATA_VERDICT;
 
-	numregs = div_round_up(e->data.len, sizeof(uint32_t));
-	if (numregs != 0) {
-		ret = snprintf(buf+offset, size, " ,\"data\" : \"0x");
+	if (type != -1) {
+		ret = snprintf(buf+offset, size, ",\"set_elem_data\": {");
 		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
-		for (i = 0; i < numregs; i++) {
-			ret = snprintf(buf+offset, len, "%.8x", e->data.val[i]);
+
+		ret = nft_data_reg_snprintf(buf+offset, len, &e->data,
+				    NFT_RULE_O_JSON, flags, type);
 			SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
-		}
-		ret = snprintf(buf+offset, len, "\"");
+
+		ret = snprintf(buf+offset, size, "}");
 		SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
 	}
 
@@ -514,7 +520,7 @@ int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *e,
 	case NFT_SET_O_XML:
 		return nft_set_elem_snprintf_xml(buf, size, e, flags);
 	case NFT_SET_O_JSON:
-		return nft_set_elem_snprintf_json(buf, size, e);
+		return nft_set_elem_snprintf_json(buf, size, e, flags);
 	default:
 		break;
 	}

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

next             reply	other threads:[~2013-07-15 19:30 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-07-15 19:30 Alvaro Neira [this message]
2013-07-15 19:31 ` [libnftables PATCH 2/2] chain: json: use string to identify policy Alvaro Neira
2013-07-15 22:11   ` Pablo Neira Ayuso
2013-07-15 22:11 ` [libnftables PATCH 1/2] set: json: fix incomplete output Pablo Neira Ayuso

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:803dcc4 dfblob:b3cdb76 dfblob:dc3bd27 dfblob:343e27c
dfblob:3966cd6 dfblob:eeab726 )
 OR (
bs:"[libnftables PATCH 1/2] set: json: fix incomplete output" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130715193052.20241.52862.stgit@Ph0enix \
    --to=alvaroneay@gmail.com \
    --cc=eric@regit.org \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).