From: Florian Westphal <fw@strlen.de>
To: <netfilter-devel@vger.kernel.org>
Cc: Florian Westphal <fw@strlen.de>
Subject: [PATCH nft 2/3] segtree: add pretty-print support for wildcard strings in concatenated sets
Date: Fri, 29 Apr 2022 20:32:38 +0200 [thread overview]
Message-ID: <20220429183239.5569-3-fw@strlen.de> (raw)
In-Reply-To: <20220429183239.5569-1-fw@strlen.de>
For concat ranges, something like 'ppp*' is translated as a range
from 'ppp\0\0\0...' to 'ppp\ff\ff\ff...'.
In order to display this properly, check for presence of string base
type and convert to symbolic expression, with appended '*' character.
Signed-off-by: Florian Westphal <fw@strlen.de>
---
src/segtree.c | 38 ++++++++++++++++++++++++++++++++++++--
1 file changed, 36 insertions(+), 2 deletions(-)
diff --git a/src/segtree.c b/src/segtree.c
index 4602becc10e6..f9cac373a5f0 100644
--- a/src/segtree.c
+++ b/src/segtree.c
@@ -345,6 +345,8 @@ void concat_range_aggregate(struct expr *set)
list_for_each_entry_safe(r1, r1_next,
&expr_value(start)->expressions,
list) {
+ bool string_type = false;
+
mpz_init(range);
mpz_init(p);
@@ -356,16 +358,48 @@ void concat_range_aggregate(struct expr *set)
goto next;
}
+ if (expr_basetype(r1)->type == TYPE_STRING &&
+ expr_basetype(r2)->type == TYPE_STRING) {
+ string_type = true;
+ mpz_switch_byteorder(r1->value, r1->len / BITS_PER_BYTE);
+ mpz_switch_byteorder(r2->value, r2->len / BITS_PER_BYTE);
+ }
+
mpz_sub(range, r2->value, r1->value);
mpz_sub_ui(range, range, 1);
mpz_and(p, r1->value, range);
/* Check if we are forced, or if it's anyway preferable,
- * to express the range as two points instead of a
- * netmask.
+ * to express the range as a wildcard string, or two points
+ * instead of a netmask.
*/
prefix_len = range_mask_len(r1->value, r2->value,
r1->len);
+ if (string_type) {
+ mpz_switch_byteorder(r1->value, r1->len / BITS_PER_BYTE);
+ mpz_switch_byteorder(r2->value, r2->len / BITS_PER_BYTE);
+ }
+
+ if (prefix_len >= 0 &&
+ (prefix_len % BITS_PER_BYTE) == 0 &&
+ string_type) {
+ unsigned int str_len = prefix_len / BITS_PER_BYTE;
+ char data[str_len + 2];
+
+ mpz_export_data(data, r1->value, BYTEORDER_HOST_ENDIAN, str_len);
+ data[str_len] = '*';
+
+ tmp = constant_expr_alloc(&r1->location, r1->dtype,
+ BYTEORDER_HOST_ENDIAN,
+ (str_len + 1) * BITS_PER_BYTE, data);
+ tmp->len = r2->len;
+ list_replace(&r2->list, &tmp->list);
+ r2_next = tmp->list.next;
+ expr_free(r2);
+ free_r1 = 1;
+ goto next;
+ }
+
if (prefix_len < 0 ||
!(r1->dtype->flags & DTYPE_F_PREFIX)) {
tmp = range_expr_alloc(&r1->location, r1,
--
2.35.1
next prev parent reply other threads:[~2022-04-29 18:35 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-04-29 18:32 [PATCH nft 0/3] nftables: add support for wildcard interfaces Florian Westphal
2022-04-29 18:32 ` [PATCH nft 1/3] netlink: swap byteorder for host-endian concat data Florian Westphal
2022-04-29 18:32 ` Florian Westphal [this message]
2022-04-29 18:32 ` [PATCH nft 3/3] sets_with_ifnames: add test case for concatenated range Florian Westphal
2022-05-02 18:58 ` [PATCH nft 0/3] nftables: add support for wildcard interfaces Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220429183239.5569-3-fw@strlen.de \
--to=fw@strlen.de \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).