struct list_head *msgs);
extern void cache_release(struct nft_cache *cache);
-enum udata_type {
- UDATA_TYPE_COMMENT,
- __UDATA_TYPE_MAX,
-};
-#define UDATA_TYPE_MAX (__UDATA_TYPE_MAX - 1)
-
-#define UDATA_COMMENT_MAXLEN 128
-
-enum udata_set_type {
- UDATA_SET_KEYBYTEORDER,
- UDATA_SET_DATABYTEORDER,
- UDATA_SET_MERGE_ELEMENTS,
- __UDATA_SET_MAX,
-};
-#define UDATA_SET_MAX (__UDATA_SET_MAX - 1)
-
-enum udata_set_elem_type {
- UDATA_SET_ELEM_COMMENT,
- UDATA_SET_ELEM_FLAGS,
- __UDATA_SET_ELEM_MAX,
-};
-#define UDATA_SET_ELEM_MAX (__UDATA_SET_ELEM_MAX - 1)
-
-/**
- * enum udata_set_elem_flags - meaning of bits in UDATA_SET_ELEM_FLAGS
- *
- * @SET_ELEM_F_INTERVAL_OPEN: set element denotes a half-open range
- */
-enum udata_set_elem_flags {
- SET_ELEM_F_INTERVAL_OPEN = 0x1,
-};
-
struct timeout_protocol {
uint32_t array_size;
const char *const *state_to_name;
udbuf = nftnl_udata_buf_alloc(NFT_USERDATA_MAXLEN);
if (!udbuf)
memory_allocation_error();
- if (!nftnl_udata_put_u32(udbuf, UDATA_SET_KEYBYTEORDER,
+ if (!nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_KEYBYTEORDER,
set->key->byteorder))
memory_allocation_error();
if (set->flags & NFT_SET_MAP &&
- !nftnl_udata_put_u32(udbuf, UDATA_SET_DATABYTEORDER,
+ !nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_DATABYTEORDER,
set->datatype->byteorder))
memory_allocation_error();
if (set->automerge &&
- !nftnl_udata_put_u32(udbuf, UDATA_SET_MERGE_ELEMENTS,
+ !nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_MERGE_ELEMENTS,
set->automerge))
memory_allocation_error();
{
switch (elem->etype) {
case EXPR_SET_ELEM:
- return elem->elem_flags & SET_ELEM_F_INTERVAL_OPEN;
+ return elem->elem_flags & NFTNL_SET_ELEM_F_INTERVAL_OPEN;
case EXPR_MAPPING:
return set_elem_is_open_interval(elem->left);
default:
memory_allocation_error();
}
if (elem->comment) {
- if (!nftnl_udata_put_strz(udbuf, UDATA_SET_ELEM_COMMENT,
+ if (!nftnl_udata_put_strz(udbuf, NFTNL_UDATA_SET_ELEM_COMMENT,
elem->comment))
memory_allocation_error();
}
if (expr->elem_flags) {
- if (!nftnl_udata_put_u32(udbuf, UDATA_SET_ELEM_FLAGS,
+ if (!nftnl_udata_put_u32(udbuf, NFTNL_UDATA_SET_ELEM_FLAGS,
expr->elem_flags))
memory_allocation_error();
}
uint8_t len = nftnl_udata_len(attr);
switch (type) {
- case UDATA_SET_KEYBYTEORDER:
- case UDATA_SET_DATABYTEORDER:
- case UDATA_SET_MERGE_ELEMENTS:
+ case NFTNL_UDATA_SET_KEYBYTEORDER:
+ case NFTNL_UDATA_SET_DATABYTEORDER:
+ case NFTNL_UDATA_SET_MERGE_ELEMENTS:
if (len != sizeof(uint32_t))
return -1;
break;
struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
const struct nftnl_set *nls)
{
- const struct nftnl_udata *ud[UDATA_SET_MAX + 1] = {};
+ const struct nftnl_udata *ud[NFTNL_UDATA_SET_MAX + 1] = {};
uint32_t flags, key, data, data_len, objtype = 0;
enum byteorder keybyteorder = BYTEORDER_INVALID;
enum byteorder databyteorder = BYTEORDER_INVALID;
return NULL;
}
- if (ud[UDATA_SET_KEYBYTEORDER])
- keybyteorder =
- nftnl_udata_get_u32(ud[UDATA_SET_KEYBYTEORDER]);
- if (ud[UDATA_SET_DATABYTEORDER])
- databyteorder =
- nftnl_udata_get_u32(ud[UDATA_SET_DATABYTEORDER]);
- if (ud[UDATA_SET_MERGE_ELEMENTS])
- automerge =
- nftnl_udata_get_u32(ud[UDATA_SET_MERGE_ELEMENTS]);
+#define GET_U32_UDATA(var, attr) \
+ if (ud[attr]) \
+ var = nftnl_udata_get_u32(ud[attr])
+
+ GET_U32_UDATA(keybyteorder, NFTNL_UDATA_SET_KEYBYTEORDER);
+ GET_U32_UDATA(databyteorder, NFTNL_UDATA_SET_DATABYTEORDER);
+ GET_U32_UDATA(automerge, NFTNL_UDATA_SET_MERGE_ELEMENTS);
+
+#undef GET_U32_UDATA
}
key = nftnl_set_get_u32(nls, NFTNL_SET_KEY_TYPE);
uint8_t len = nftnl_udata_len(attr);
switch (type) {
- case UDATA_SET_ELEM_COMMENT:
+ case NFTNL_UDATA_SET_ELEM_COMMENT:
if (value[len - 1] != '\0')
return -1;
break;
- case UDATA_SET_ELEM_FLAGS:
+ case NFTNL_UDATA_SET_ELEM_FLAGS:
if (len != sizeof(uint32_t))
return -1;
break;
static void set_elem_parse_udata(struct nftnl_set_elem *nlse,
struct expr *expr)
{
- const struct nftnl_udata *ud[UDATA_SET_ELEM_MAX + 1] = {};
+ const struct nftnl_udata *ud[NFTNL_UDATA_SET_ELEM_MAX + 1] = {};
const void *data;
uint32_t len;
if (nftnl_udata_parse(data, len, set_elem_parse_udata_cb, ud))
return;
- if (ud[UDATA_SET_ELEM_COMMENT])
+ if (ud[NFTNL_UDATA_SET_ELEM_COMMENT])
expr->comment =
- xstrdup(nftnl_udata_get(ud[UDATA_SET_ELEM_COMMENT]));
- if (ud[UDATA_SET_ELEM_FLAGS])
- expr->elem_flags = nftnl_udata_get_u32(ud[UDATA_SET_ELEM_FLAGS]);
+ xstrdup(nftnl_udata_get(ud[NFTNL_UDATA_SET_ELEM_COMMENT]));
+ if (ud[NFTNL_UDATA_SET_ELEM_FLAGS])
+ expr->elem_flags =
+ nftnl_udata_get_u32(ud[NFTNL_UDATA_SET_ELEM_FLAGS]);
}
int netlink_delinearize_setelem(struct nftnl_set_elem *nlse,
}
}
-static int parse_udata_cb(const struct nftnl_udata *attr, void *data)
+static int parse_rule_udata_cb(const struct nftnl_udata *attr, void *data)
{
unsigned char *value = nftnl_udata_get(attr);
uint8_t type = nftnl_udata_type(attr);
const struct nftnl_udata **tb = data;
switch (type) {
- case UDATA_TYPE_COMMENT:
+ case NFTNL_UDATA_RULE_COMMENT:
if (value[len - 1] != '\0')
return -1;
break;
return 0;
}
-static char *udata_get_comment(const void *data, uint32_t data_len)
+static char *nftnl_rule_get_comment(const struct nftnl_rule *nlr)
{
- const struct nftnl_udata *tb[UDATA_TYPE_MAX + 1] = {};
+ const struct nftnl_udata *tb[NFTNL_UDATA_RULE_MAX + 1] = {};
+ const void *data;
+ uint32_t len;
- if (nftnl_udata_parse(data, data_len, parse_udata_cb, tb) < 0)
+ if (!nftnl_rule_is_set(nlr, NFTNL_RULE_USERDATA))
return NULL;
- if (!tb[UDATA_TYPE_COMMENT])
+ data = nftnl_rule_get_data(nlr, NFTNL_RULE_USERDATA, &len);
+
+ if (nftnl_udata_parse(data, len, parse_rule_udata_cb, tb) < 0)
+ return NULL;
+
+ if (!tb[NFTNL_UDATA_RULE_COMMENT])
return NULL;
- return xstrdup(nftnl_udata_get(tb[UDATA_TYPE_COMMENT]));
+ return xstrdup(nftnl_udata_get(tb[NFTNL_UDATA_RULE_COMMENT]));
}
struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
pctx->table = table_lookup(&h, &ctx->nft->cache);
assert(pctx->table != NULL);
- if (nftnl_rule_is_set(nlr, NFTNL_RULE_USERDATA)) {
- const void *data;
- uint32_t len;
-
- data = nftnl_rule_get_data(nlr, NFTNL_RULE_USERDATA, &len);
- pctx->rule->comment = udata_get_comment(data, len);
- }
+ pctx->rule->comment = nftnl_rule_get_comment(nlr);
nftnl_expr_foreach(nlr, netlink_parse_rule_expr, pctx);
if (!udata)
memory_allocation_error();
- if (!nftnl_udata_put_strz(udata, UDATA_TYPE_COMMENT,
+ if (!nftnl_udata_put_strz(udata, NFTNL_UDATA_RULE_COMMENT,
rule->comment))
memory_allocation_error();
nftnl_rule_set_data(nlr, NFTNL_RULE_USERDATA,
#include <netinet/icmp6.h>
#include <libnftnl/common.h>
#include <libnftnl/set.h>
+#include <libnftnl/udata.h>
#include <rule.h>
#include <statement.h>
comment_spec : COMMENT string
{
- if (strlen($2) > UDATA_COMMENT_MAXLEN) {
- erec_queue(error(&@2, "comment too long, %d characters maximum allowed", UDATA_COMMENT_MAXLEN),
+ if (strlen($2) > NFTNL_UDATA_COMMENT_MAXLEN) {
+ erec_queue(error(&@2, "comment too long, %d characters maximum allowed",
+ NFTNL_UDATA_COMMENT_MAXLEN),
state->msgs);
YYERROR;
}
#include <inttypes.h>
#include <arpa/inet.h>
+#include <libnftnl/udata.h>
+
#include <rule.h>
#include <expression.h>
#include <gmputil.h>
if (ei->flags & EI_F_INTERVAL_END)
expr->flags |= EXPR_F_INTERVAL_END;
if (ei->flags & EI_F_INTERVAL_OPEN)
- expr->elem_flags |= SET_ELEM_F_INTERVAL_OPEN;
+ expr->elem_flags |= NFTNL_SET_ELEM_F_INTERVAL_OPEN;
compound_expr_add(set, expr);
}
projects / thirdparty / nftables.git / commitdiff
