netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "Fernando F. Mancera" <ffmancera@riseup.net>
To: Pablo Neira Ayuso <pablo@netfilter.org>
Cc: netfilter-devel@vger.kernel.org
Subject: Re: [PATCH nft v2] json: add set statement list support
Date: Sun, 4 Sep 2022 13:22:27 +0200	[thread overview]
Message-ID: <df03a29a-ee7c-a5fb-0d65-6c477eed9e4d@riseup.net> (raw)
In-Reply-To: <YxNfXkBPgtKUx+ws@salvia>

On 9/3/22 16:06, Pablo Neira Ayuso wrote:
> On Thu, Sep 01, 2022 at 12:31:43PM +0200, Fernando Fernandez Mancera wrote:
>> When listing a set with statements with JSON support, the statements were
>> ignored.
>>
>> Output example:
>>
>> {
>>    "set": {
>>      "op": "add",
>>      "elem": {
>>        "payload": {
>>          "protocol": "ip",
>>          "field": "saddr"
>>        }
>>      },
>>      "stmt": [
>>        {
>>          "limit": {
>>            "rate": 10,
>>            "burst": 5,
>>            "per": "second"
>>          }
>>        },
>>        {
>>          "counter": {
>>            "packets": 0,
>>            "bytes": 0
>>          }
>>        }
>>      ],
>>      "set": "@my_ssh_meter"
>>    }
>> }
> 
> ip/sets.t: WARNING: line 53: '{"nftables": [{"add": {"rule": {"table": "test-ip4", "chain": "input", "family": "ip", "expr": [{"set": {"set": "@set5", "elem": {"concat": [{"payload": {"field": "saddr", "protocol": "ip"}}, {"payload": {"field": "daddr", "protocol": "ip"}}]}, "op": "add"}}]}}}]}': '[{"set": {"elem": {"concat": [{"payload": {"field": "saddr", "protocol": "ip"}}, {"payload": {"field": "daddr", "protocol": "ip"}}]}, "op": "add", "set": "@set5"}}]' mismatches '[{"set": {"elem": {"concat": [{"payload": {"field": "saddr", "protocol": "ip"}}, {"payload": {"field": "daddr", "protocol": "ip"}}]}, "op": "add", "set": "@set5", "stmt": []}}]'
> 
> tests/py in nftables reports this warning.
> 
> I think it should be possible not to print "stmt" if it is empty.

Ugh, I missed it. Yes, it is possible. In addittion, I noticed when 
generating the JSON output the statements in the list should be 
stateless. I will send a patch for both problems.

Thank you,
Fernando.

> 
> Please follow up with an incremental patch to address this.
> 
> Thanks.


      reply	other threads:[~2022-09-04 11:22 UTC|newest]

Thread overview: 4+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-09-01 10:31 [PATCH nft v2] json: add set statement list support Fernando Fernandez Mancera
2022-09-01 12:46 ` Pablo Neira Ayuso
2022-09-03 14:06 ` Pablo Neira Ayuso
2022-09-04 11:22   ` Fernando F. Mancera [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=df03a29a-ee7c-a5fb-0d65-6c477eed9e4d@riseup.net \
    --to=ffmancera@riseup.net \
    --cc=netfilter-devel@vger.kernel.org \
    --cc=pablo@netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).