[PATCH nft 4/4] src: display (inner) tag in --debug=proto-ctx

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Pablo Neira Ayuso <pablo@netfilter.org>
To: netfilter-devel@vger.kernel.org
Subject: [PATCH nft 4/4] src: display (inner) tag in --debug=proto-ctx
Date: Thu, 29 Sep 2022 00:09:14 +0200	[thread overview]
Message-ID: <20220928220914.1486-4-pablo@netfilter.org> (raw)
In-Reply-To: <20220928220914.1486-1-pablo@netfilter.org>

For easier debugging, add decoration on protocol context:

 # nft --debug=proto-ctx add rule netdev x y udp dport 4789 vxlan ip protocol icmp counter
 update link layer protocol context (inner):
  link layer          : netdev <-
  network layer       : none
  transport layer     : none
  payload data        : none

 update network layer protocol context (inner):
  link layer          : netdev
  network layer       : ip <-
  transport layer     : none
  payload data        : none

 update network layer protocol context (inner):
  link layer          : netdev
  network layer       : ip <-
  transport layer     : none
  payload data        : none

 update transport layer protocol context (inner):
  link layer          : netdev
  network layer       : ip
  transport layer     : icmp <-
  payload data        : none

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 include/proto.h           | 3 ++-
 src/evaluate.c            | 4 ++--
 src/netlink.c             | 2 +-
 src/netlink_delinearize.c | 4 ++--
 src/proto.c               | 7 +++++--
 5 files changed, 12 insertions(+), 8 deletions(-)

diff --git a/include/proto.h b/include/proto.h
index 2af887bcd126..162924f6df29 100644
--- a/include/proto.h
+++ b/include/proto.h
@@ -190,6 +190,7 @@ extern const struct proto_desc *proto_dev_desc(uint16_t type);
 struct proto_ctx {
 	unsigned int			debug_mask;
 	uint8_t				family;
+	bool				inner;
 	union {
 		struct {
 			uint8_t			type;
@@ -209,7 +210,7 @@ struct proto_ctx {
 };
 
 extern void proto_ctx_init(struct proto_ctx *ctx, unsigned int family,
-			   unsigned int debug_mask);
+			   unsigned int debug_mask, bool inner);
 extern void proto_ctx_update(struct proto_ctx *ctx, enum proto_bases base,
 			     const struct location *loc,
 			     const struct proto_desc *desc);
diff --git a/src/evaluate.c b/src/evaluate.c
index eff1cffafb0b..9f4f9fe459f2 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -4562,8 +4562,8 @@ static int rule_evaluate(struct eval_ctx *ctx, struct rule *rule,
 	struct stmt *stmt, *tstmt = NULL;
 	struct error_record *erec;
 
-	proto_ctx_init(&ctx->_pctx[0], rule->handle.family, ctx->nft->debug_mask);
-	proto_ctx_init(&ctx->_pctx[1], rule->handle.family, ctx->nft->debug_mask);
+	proto_ctx_init(&ctx->_pctx[0], rule->handle.family, ctx->nft->debug_mask, false);
+	proto_ctx_init(&ctx->_pctx[1], rule->handle.family, ctx->nft->debug_mask, true);
 	memset(&ctx->ectx, 0, sizeof(ctx->ectx));
 
 	ctx->rule = rule;
diff --git a/src/netlink.c b/src/netlink.c
index 799cf9b8ebef..e38bacf3ac3f 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1995,7 +1995,7 @@ static void trace_print_packet(const struct nftnl_trace *nlt,
 				 meta_expr_alloc(&netlink_location,
 						 NFT_META_OIF), octx);
 
-	proto_ctx_init(&ctx, nftnl_trace_get_u32(nlt, NFTNL_TRACE_FAMILY), 0);
+	proto_ctx_init(&ctx, nftnl_trace_get_u32(nlt, NFTNL_TRACE_FAMILY), 0, false);
 	ll_desc = ctx.protocol[PROTO_BASE_LL_HDR].desc;
 	if ((ll_desc == &proto_inet || ll_desc  == &proto_netdev) &&
 	    nftnl_trace_is_set(nlt, NFTNL_TRACE_NFPROTO)) {
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 36a7d63071ff..b46cdf808f38 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -3177,8 +3177,8 @@ static void rule_parse_postprocess(struct netlink_parse_ctx *ctx, struct rule *r
 	struct expr *expr;
 
 	memset(&rctx, 0, sizeof(rctx));
-	proto_ctx_init(&rctx._dl[0].pctx, rule->handle.family, ctx->debug_mask);
-	proto_ctx_init(&rctx._dl[1].pctx, NFPROTO_BRIDGE, ctx->debug_mask);
+	proto_ctx_init(&rctx._dl[0].pctx, rule->handle.family, ctx->debug_mask, false);
+	proto_ctx_init(&rctx._dl[1].pctx, NFPROTO_BRIDGE, ctx->debug_mask, true);
 
 	list_for_each_entry_safe(stmt, next, &rule->stmts, list) {
 		enum stmt_types type = stmt->ops->type;
diff --git a/src/proto.c b/src/proto.c
index bd14d1160697..13b681d4d26a 100644
--- a/src/proto.c
+++ b/src/proto.c
@@ -176,7 +176,9 @@ static void proto_ctx_debug(const struct proto_ctx *ctx, enum proto_bases base,
 			pr_debug(" %s", ctx->stacked_ll[i]->name);
 	}
 
-	pr_debug("update %s protocol context:\n", proto_base_names[base]);
+	pr_debug("update %s protocol context%s:\n",
+		 proto_base_names[base], ctx->inner ? " (inner)" : "");
+
 	for (i = PROTO_BASE_LL_HDR; i <= PROTO_BASE_MAX; i++) {
 		pr_debug(" %-20s: %s",
 			 proto_base_names[i],
@@ -197,7 +199,7 @@ static void proto_ctx_debug(const struct proto_ctx *ctx, enum proto_bases base,
  * @debug_mask:	display debugging information
  */
 void proto_ctx_init(struct proto_ctx *ctx, unsigned int family,
-		    unsigned int debug_mask)
+		    unsigned int debug_mask, bool inner)
 {
 	const struct hook_proto_desc *h = &hook_proto_desc[family];
 
@@ -205,6 +207,7 @@ void proto_ctx_init(struct proto_ctx *ctx, unsigned int family,
 	ctx->family = family;
 	ctx->protocol[h->base].desc = h->desc;
 	ctx->debug_mask = debug_mask;
+	ctx->inner = inner;
 
 	proto_ctx_debug(ctx, h->base, debug_mask);
 }
-- 
2.30.2

     prev parent reply	other threads:[~2022-09-28 22:09 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-28 22:09 [PATCH nft 1/4] src: add eval_proto_ctx() Pablo Neira Ayuso
2022-09-28 22:09 ` [PATCH nft 2/4] src: add dl_proto_ctx() Pablo Neira Ayuso
2022-09-28 22:09 ` [PATCH nft 3/4] src: add vxlan matching support Pablo Neira Ayuso
2022-09-28 22:09 ` Pablo Neira Ayuso [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:2af887bcd12 dfblob:162924f6df2 dfblob:eff1cffafb0
dfblob:9f4f9fe459f dfblob:799cf9b8ebe dfblob:e38bacf3ac3
dfblob:36a7d63071f dfblob:b46cdf808f3 dfblob:bd14d116069
dfblob:13b681d4d26 )
 OR (
bs:"[PATCH nft 4/4] src: display (inner) tag in --debug=proto-ctx" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220928220914.1486-4-pablo@netfilter.org \
    --to=pablo@netfilter.org \
    --cc=netfilter-devel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).