* [nftables PATCH] json: support element output
@ 2025-12-03 13:17 Georg Pfuetzenreuter
2026-01-14 15:15 ` Phil Sutter
0 siblings, 1 reply; 2+ messages in thread
From: Georg Pfuetzenreuter @ 2025-12-03 13:17 UTC (permalink / raw)
To: netfilter-devel; +Cc: Georg Pfuetzenreuter
From: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
JSON was skipped for `get element` operations. Resolve this by
introducing JSON output handling for set elements - the structure is
kept close to what's already implemented for `list set`.
Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
---
include/json.h | 1 +
src/json.c | 36 ++++++++++++++++++++++++++++++++++++
src/rule.c | 3 +++
3 files changed, 40 insertions(+)
diff --git a/include/json.h b/include/json.h
index 3b8d045f87bb..8c15e92ed90f 100644
--- a/include/json.h
+++ b/include/json.h
@@ -98,6 +98,7 @@ json_t *optstrip_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
json_t *xt_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
int do_command_list_json(struct netlink_ctx *ctx, struct cmd *cmd);
+int do_get_setelems_json(struct netlink_ctx *ctx, struct cmd *cmd, bool reset);
int nft_parse_json_buffer(struct nft_ctx *nft, const char *buf,
struct list_head *msgs, struct list_head *cmds);
diff --git a/src/json.c b/src/json.c
index 9fb6d715a53d..e205c508e36b 100644
--- a/src/json.c
+++ b/src/json.c
@@ -2170,6 +2170,42 @@ int do_command_list_json(struct netlink_ctx *ctx, struct cmd *cmd)
return 0;
}
+int do_get_setelems_json(struct netlink_ctx *ctx, struct cmd *cmd, bool reset)
+{
+ struct set *set, *new_set;
+ struct expr *init;
+ json_t *root = json_array();
+ int err;
+
+ set = cmd->elem.set;
+
+ if (set_is_non_concat_range(set))
+ init = get_set_intervals(set, cmd->expr);
+ else
+ init = cmd->expr;
+
+ new_set = set_clone(set);
+
+ json_array_insert_new(root, 0, generate_json_metainfo());
+
+ err = netlink_get_setelem(ctx, &cmd->handle, &cmd->location,
+ cmd->elem.set, new_set, init, reset);
+ if (err >= 0)
+ json_array_append_new(root, set_print_json(&ctx->nft->output, new_set));
+
+ if (set_is_non_concat_range(set))
+ expr_free(init);
+
+ set_free(new_set);
+
+ root = nft_json_pack("{s:o}", "nftables", root);
+ json_dumpf(root, ctx->nft->output.output_fp, 0);
+ json_decref(root);
+ fprintf(ctx->nft->output.output_fp, "\n");
+ fflush(ctx->nft->output.output_fp);
+ return 0;
+}
+
static void monitor_print_json(struct netlink_mon_handler *monh,
const char *cmd, json_t *obj)
{
diff --git a/src/rule.c b/src/rule.c
index 8f8b77f1e883..5d3382632728 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -2681,6 +2681,9 @@ static int do_get_setelems(struct netlink_ctx *ctx, struct cmd *cmd, bool reset)
struct expr *init;
int err;
+ if (nft_output_json(&ctx->nft->output))
+ return do_get_setelems_json(ctx, cmd, reset);
+
set = cmd->elem.set;
/* Create a list of elements based of what we got from command line. */
--
2.52.0
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [nftables PATCH] json: support element output
2025-12-03 13:17 [nftables PATCH] json: support element output Georg Pfuetzenreuter
@ 2026-01-14 15:15 ` Phil Sutter
0 siblings, 0 replies; 2+ messages in thread
From: Phil Sutter @ 2026-01-14 15:15 UTC (permalink / raw)
To: Georg Pfuetzenreuter; +Cc: netfilter-devel, Georg Pfuetzenreuter
Hi Georg,
Sorry for the late reply, I missed your mail last year and am still
recovering from the "big reset". ;)
On Wed, Dec 03, 2025 at 02:17:36PM +0100, Georg Pfuetzenreuter wrote:
> From: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
>
> JSON was skipped for `get element` operations. Resolve this by
> introducing JSON output handling for set elements - the structure is
> kept close to what's already implemented for `list set`.
>
> Signed-off-by: Georg Pfuetzenreuter <georg.pfuetzenreuter@suse.com>
Patch looks fine apart from:
[...]
> +int do_get_setelems_json(struct netlink_ctx *ctx, struct cmd *cmd, bool reset)
> +{
> + struct set *set, *new_set;
> + struct expr *init;
> + json_t *root = json_array();
> + int err;
Please stick to reverse christmas tree notation here, i.e. put the
json_t *root on top of the list.
> +
> + set = cmd->elem.set;
> +
> + if (set_is_non_concat_range(set))
> + init = get_set_intervals(set, cmd->expr);
> + else
> + init = cmd->expr;
> +
> + new_set = set_clone(set);
> +
> + json_array_insert_new(root, 0, generate_json_metainfo());
> +
> + err = netlink_get_setelem(ctx, &cmd->handle, &cmd->location,
> + cmd->elem.set, new_set, init, reset);
> + if (err >= 0)
> + json_array_append_new(root, set_print_json(&ctx->nft->output, new_set));
This line exceeds 80 columns, no?
Also, could you please add a test case? A simple one in
tests/shell/testcases/json/ to make sure 'nft -j get element' output is
as expected should be fine.
Thanks, Phil
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-01-14 15:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-12-03 13:17 [nftables PATCH] json: support element output Georg Pfuetzenreuter
2026-01-14 15:15 ` Phil Sutter
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox