From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nftables 6/9] segtree: add string "range" reversal support
Date: Sat, 9 Apr 2022 15:58:29 +0200 [thread overview]
Message-ID: <20220409135832.17401-7-fw@strlen.de> (raw)
In-Reply-To: <20220409135832.17401-1-fw@strlen.de>
Previous commits allows to use set key as a range, i.e.
key ifname
flags interval
elements = { eth* }
and then have it match on any interface starting with 'eth'.
Listing is broken however, we need to reverse-translate the (128bit)
number back to a string.
'eth*' is stored as interval
00687465 0000000 .. 00697465 0000000, i.e. "eth-eti",
this adds the needed endianess fixups.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
src/segtree.c | 47 +++++++++++++++++++++++++++++++++++++++++------
1 file changed, 41 insertions(+), 6 deletions(-)
diff --git a/src/segtree.c b/src/segtree.c
index b4e76bf530d6..bed8bbcf0c8e 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -1032,6 +1032,33 @@ static struct expr *interval_to_prefix(struct expr *low, struct expr *i, const m
return __expr_to_set_elem(low, prefix);
}
+static struct expr *interval_to_string(struct expr *low, struct expr *i, const mpz_t range)
+{
+ unsigned int len = div_round_up(i->len, BITS_PER_BYTE);
+ unsigned int prefix_len, str_len;
+ char data[len + 2];
+ struct expr *expr;
+
+ prefix_len = expr_value(i)->len - mpz_scan0(range, 0);
+
+ if (prefix_len > i->len || prefix_len % BITS_PER_BYTE)
+ return interval_to_prefix(low, i, range);
+
+ mpz_export_data(data, expr_value(low)->value, BYTEORDER_BIG_ENDIAN, len);
+
+ str_len = strnlen(data, len);
+ if (str_len >= len || str_len == 0)
+ return interval_to_prefix(low, i, range);
+
+ data[str_len] = '*';
+
+ expr = constant_expr_alloc(&low->location, low->dtype,
+ BYTEORDER_HOST_ENDIAN,
+ (str_len + 1) * BITS_PER_BYTE, data);
+
+ return __expr_to_set_elem(low, expr);
+}
+
static struct expr *interval_to_range(struct expr *low, struct expr *i, mpz_t range)
{
struct expr *tmp;
@@ -1130,16 +1157,24 @@ void interval_map_decompose(struct expr *set)
mpz_and(p, expr_value(low)->value, range);
- if (!mpz_cmp_ui(range, 0))
+ if (!mpz_cmp_ui(range, 0)) {
+ if (expr_basetype(low)->type == TYPE_STRING)
+ mpz_switch_byteorder(expr_value(low)->value, low->len / BITS_PER_BYTE);
+
compound_expr_add(set, expr_get(low));
- else if ((!range_is_prefix(range) ||
- !(i->dtype->flags & DTYPE_F_PREFIX)) ||
- mpz_cmp_ui(p, 0)) {
- struct expr *expr = interval_to_range(low, i, range);
+ } else if (range_is_prefix(range) && !mpz_cmp_ui(p, 0)) {
+ struct expr *expr;
+
+ if (i->dtype->flags & DTYPE_F_PREFIX)
+ expr = interval_to_prefix(low, i, range);
+ else if (expr_basetype(i)->type == TYPE_STRING)
+ expr = interval_to_string(low, i, range);
+ else
+ expr = interval_to_range(low, i, range);
compound_expr_add(set, expr);
} else {
- struct expr *expr = interval_to_prefix(low, i, range);
+ struct expr *expr = interval_to_range(low, i, range);
compound_expr_add(set, expr);
}
--
2.35.1
next prev parent reply other threads:[~2022-04-09 13:59 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-09 13:58 [PATCH nftables 0/9] nftables: add support for wildcard string as set keys Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 1/9] evaluate: make byteorder conversion on string base type a no-op Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 2/9] evaluate: keep prefix expression length Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 3/9] segtree: split prefix and range creation to a helper function Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 4/9] evaluate: string prefix expression must retain original length Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 5/9] src: make interval sets work with string datatypes Florian Westphal
2022-04-12 23:46 ` Pablo Neira Ayuso
2022-04-09 13:58 ` Florian Westphal [this message]
2022-04-09 13:58 ` [PATCH nftables 7/9] tests: add testcases for interface names in sets Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 8/9] segtree: use correct byte order for 'element get' Florian Westphal
2022-04-09 13:58 ` [PATCH nftables 9/9] segtree: add support for get element with sets that contain ifnames Florian Westphal
2022-04-12 22:17 ` [PATCH nftables 0/9] nftables: add support for wildcard string as set keys Pablo Neira Ayuso
2022-04-12 22:43 ` Florian Westphal
2022-04-12 23:08 ` Pablo Neira Ayuso
2022-04-12 23:30 ` Florian Westphal
2022-04-12 23:41 ` Pablo Neira Ayuso
2022-04-13 0:02 ` Florian Westphal
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220409135832.17401-7-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).