Store location object in handle to improve error reporting.
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
uint64_t id;
};
+struct table_spec {
+ struct location location;
+ const char *name;
+};
+
/**
* struct handle - handle for tables, chains, rules and sets
*
*/
struct handle {
uint32_t family;
- const char *table;
+ struct table_spec table;
const char *chain;
const char *set;
const char *obj;
table = table_lookup_global(ctx);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- ctx->cmd->handle.table);
+ ctx->cmd->handle.table.name);
set = set_lookup(table, (*expr)->identifier);
if (set == NULL)
table = table_lookup_global(ctx);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- ctx->cmd->handle.table);
+ ctx->cmd->handle.table.name);
set = set_lookup(table, ctx->cmd->handle.set);
if (set == NULL)
table = table_lookup_global(ctx);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- ctx->cmd->handle.table);
+ ctx->cmd->handle.table.name);
if (!(set->flags & NFT_SET_INTERVAL) && set->automerge)
return set_error(ctx, set, "auto-merge only works with interval sets");
table = table_lookup_global(ctx);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- ctx->cmd->handle.table);
+ ctx->cmd->handle.table.name);
ft->hooknum = str2hooknum(NFPROTO_NETDEV, ft->hookstr);
if (ft->hooknum == NF_INET_NUMHOOKS)
table = table_lookup_global(ctx);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- ctx->cmd->handle.table);
+ ctx->cmd->handle.table.name);
if (chain == NULL) {
if (chain_lookup(table, &ctx->cmd->handle) == NULL) {
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
if (obj_lookup(table, cmd->handle.obj, obj_type) == NULL)
return cmd_error(ctx, "Could not process rule: Object '%s' does not exist",
cmd->handle.obj);
switch (cmd->obj) {
case CMD_OBJ_TABLE:
- if (cmd->handle.table == NULL)
+ if (cmd->handle.table.name == NULL)
return 0;
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
return 0;
case CMD_OBJ_SET:
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || !(set->flags & NFT_SET_EVAL))
return cmd_error(ctx, "Could not process rule: Meter '%s' does not exist",
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || !(set->flags & NFT_SET_MAP))
return cmd_error(ctx, "Could not process rule: Map '%s' does not exist",
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
if (chain_lookup(table, &cmd->handle) == NULL)
return cmd_error(ctx, "Could not process rule: Chain '%s' does not exist",
cmd->handle.chain);
case CMD_OBJ_LIMITS:
case CMD_OBJ_SETS:
case CMD_OBJ_FLOWTABLES:
- if (cmd->handle.table == NULL)
+ if (cmd->handle.table.name == NULL)
return 0;
if (table_lookup(&cmd->handle, ctx->cache) == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
return 0;
case CMD_OBJ_CHAINS:
case CMD_OBJ_RULESET:
case CMD_OBJ_QUOTA:
case CMD_OBJ_COUNTERS:
case CMD_OBJ_QUOTAS:
- if (cmd->handle.table == NULL)
+ if (cmd->handle.table.name == NULL)
return 0;
if (table_lookup(&cmd->handle, ctx->cache) == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
return 0;
default:
BUG("invalid command object type %u\n", cmd->obj);
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || set->flags & (NFT_SET_MAP | NFT_SET_EVAL))
return cmd_error(ctx, "Could not process rule: Set '%s' does not exist",
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || !(set->flags & NFT_SET_MAP))
return cmd_error(ctx, "Could not process rule: Map '%s' does not exist",
table = table_lookup(&cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- cmd->handle.table);
+ cmd->handle.table.name);
set = set_lookup(table, cmd->handle.set);
if (set == NULL || !(set->flags & NFT_SET_EVAL))
return cmd_error(ctx, "Could not process rule: Meter '%s' does not exist",
table = table_lookup(&ctx->cmd->handle, ctx->cache);
if (table == NULL)
return cmd_error(ctx, "Could not process rule: Table '%s' does not exist",
- ctx->cmd->handle.table);
+ ctx->cmd->handle.table.name);
if (chain_lookup(table, &ctx->cmd->handle) == NULL)
return cmd_error(ctx, "Could not process rule: Chain '%s' does not exist",
ctx->cmd->handle.chain);
nlt = netlink_table_alloc(nlh);
h.family = nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY);
- h.table = nftnl_table_get_str(nlt, NFTNL_TABLE_NAME);
+ h.table.name = nftnl_table_get_str(nlt, NFTNL_TABLE_NAME);
t = table_lookup(&h, monh->cache);
if (t == NULL)
nlo = netlink_obj_alloc(nlh);
h.family = nftnl_obj_get_u32(nlo, NFTNL_OBJ_FAMILY);
- h.table = nftnl_obj_get_str(nlo, NFTNL_OBJ_TABLE);
+ h.table.name = nftnl_obj_get_str(nlo, NFTNL_OBJ_TABLE);
name = nftnl_obj_get_str(nlo, NFTNL_OBJ_NAME);
type = nftnl_obj_get_u32(nlo, NFTNL_OBJ_TYPE);
memory_allocation_error();
nftnl_table_set_u32(nlt, NFTNL_TABLE_FAMILY, h->family);
- if (h->table != NULL)
- nftnl_table_set(nlt, NFTNL_TABLE_NAME, h->table);
+ if (h->table.name != NULL)
+ nftnl_table_set(nlt, NFTNL_TABLE_NAME, h->table.name);
if (h->handle.id)
nftnl_table_set_u64(nlt, NFTNL_TABLE_HANDLE, h->handle.id);
memory_allocation_error();
nftnl_chain_set_u32(nlc, NFTNL_CHAIN_FAMILY, h->family);
- nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, h->table);
+ nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, h->table.name);
if (h->handle.id)
nftnl_chain_set_u64(nlc, NFTNL_CHAIN_HANDLE, h->handle.id);
if (h->chain != NULL)
memory_allocation_error();
nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family);
- nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table);
+ nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name);
if (h->chain != NULL)
nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain);
if (h->handle.id)
memory_allocation_error();
nftnl_set_set_u32(nls, NFTNL_SET_FAMILY, h->family);
- nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table);
+ nftnl_set_set_str(nls, NFTNL_SET_TABLE, h->table.name);
if (h->set != NULL)
nftnl_set_set_str(nls, NFTNL_SET_NAME, h->set);
if (h->set_id)
memory_allocation_error();
nftnl_obj_set_u32(nlo, NFTNL_OBJ_FAMILY, h->family);
- nftnl_obj_set_str(nlo, NFTNL_OBJ_TABLE, h->table);
+ nftnl_obj_set_str(nlo, NFTNL_OBJ_TABLE, h->table.name);
if (h->obj != NULL)
nftnl_obj_set_str(nlo, NFTNL_OBJ_NAME, h->obj);
chain = nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN);
if (h->family != family ||
- strcmp(table, h->table) != 0 ||
+ strcmp(table, h->table.name) != 0 ||
(h->chain && strcmp(chain, h->chain) != 0))
return 0;
chain = chain_alloc(nftnl_chain_get_str(nlc, NFTNL_CHAIN_NAME));
chain->handle.family =
nftnl_chain_get_u32(nlc, NFTNL_CHAIN_FAMILY);
- chain->handle.table =
+ chain->handle.table.name =
xstrdup(nftnl_chain_get_str(nlc, NFTNL_CHAIN_TABLE));
chain->handle.handle.id =
nftnl_chain_get_u64(nlc, NFTNL_CHAIN_HANDLE);
name = nftnl_chain_get_str(nlc, NFTNL_CHAIN_NAME);
family = nftnl_chain_get_u32(nlc, NFTNL_CHAIN_FAMILY);
- if (h->family != family || strcmp(table, h->table) != 0)
+ if (h->family != family || strcmp(table, h->table.name) != 0)
return 0;
if (h->chain && strcmp(name, h->chain) != 0)
return 0;
table = table_alloc();
table->handle.family = nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY);
- table->handle.table = xstrdup(nftnl_table_get_str(nlt, NFTNL_TABLE_NAME));
+ table->handle.table.name = xstrdup(nftnl_table_get_str(nlt, NFTNL_TABLE_NAME));
table->flags = nftnl_table_get_u32(nlt, NFTNL_TABLE_FLAGS);
table->handle.handle.id = nftnl_table_get_u64(nlt, NFTNL_TABLE_HANDLE);
set = set_alloc(&netlink_location);
set->handle.family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY);
- set->handle.table = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_TABLE));
+ set->handle.table.name = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_TABLE));
set->handle.set = xstrdup(nftnl_set_get_str(nls, NFTNL_SET_NAME));
set->automerge = automerge;
struct nftnl_set_list *set_cache;
int err;
- set_cache = mnl_nft_set_dump(ctx, h->family, h->table);
+ set_cache = mnl_nft_set_dump(ctx, h->family, h->table.name);
if (set_cache == NULL) {
if (errno == EINTR)
return -1;
obj = obj_alloc(&netlink_location);
obj->handle.family = nftnl_obj_get_u32(nlo, NFTNL_OBJ_FAMILY);
- obj->handle.table =
+ obj->handle.table.name =
xstrdup(nftnl_obj_get_str(nlo, NFTNL_OBJ_TABLE));
obj->handle.obj =
xstrdup(nftnl_obj_get_str(nlo, NFTNL_OBJ_NAME));
memory_allocation_error();
nftnl_flowtable_set_u32(flo, NFTNL_FLOWTABLE_FAMILY, h->family);
- nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE, h->table);
+ nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_TABLE, h->table.name);
if (h->flowtable != NULL)
nftnl_flowtable_set_str(flo, NFTNL_FLOWTABLE_NAME, h->flowtable);
int err;
obj_cache = mnl_nft_obj_dump(ctx, h->family,
- h->table, NULL, 0, true, false);
+ h->table.name, NULL, 0, true, false);
if (obj_cache == NULL) {
if (errno == EINTR)
return -1;
int err;
obj_cache = mnl_nft_obj_dump(ctx, h->family,
- h->table, h->obj, type, dump, true);
+ h->table.name, h->obj, type, dump, true);
if (obj_cache == NULL)
return -1;
flowtable = flowtable_alloc(&netlink_location);
flowtable->handle.family =
nftnl_flowtable_get_u32(nlo, NFTNL_FLOWTABLE_FAMILY);
- flowtable->handle.table =
+ flowtable->handle.table.name =
xstrdup(nftnl_flowtable_get_str(nlo, NFTNL_FLOWTABLE_TABLE));
flowtable->handle.flowtable =
xstrdup(nftnl_flowtable_get_str(nlo, NFTNL_FLOWTABLE_NAME));
struct nftnl_flowtable_list *flowtable_cache;
int err;
- flowtable_cache = mnl_nft_flowtable_dump(ctx, h->family, h->table);
+ flowtable_cache = mnl_nft_flowtable_dump(ctx, h->family, h->table.name);
if (flowtable_cache == NULL) {
if (errno == EINTR)
return -1;
struct handle h;
h.family = nftnl_trace_get_u32(nlt, NFTNL_TRACE_FAMILY);
- h.table = nftnl_trace_get_str(nlt, NFTNL_TRACE_TABLE);
+ h.table.name = nftnl_trace_get_str(nlt, NFTNL_TRACE_TABLE);
h.chain = nftnl_trace_get_str(nlt, NFTNL_TRACE_CHAIN);
- if (!h.table)
+ if (!h.table.name)
return;
table = table_lookup(&h, cache);
memset(&h, 0, sizeof(h));
h.family = nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY);
- h.table = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE));
+ h.table.name = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE));
h.chain = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN));
h.handle.id = nftnl_rule_get_u64(nlr, NFTNL_RULE_HANDLE);
{
memset(&$$, 0, sizeof($$));
$$.family = $1;
- $$.table = $2;
+ $$.table.location = @2;
+ $$.table.name = $2;
}
;
void handle_free(struct handle *h)
{
- xfree(h->table);
+ xfree(h->table.name);
xfree(h->chain);
xfree(h->set);
xfree(h->flowtable);
{
if (dst->family == 0)
dst->family = src->family;
- if (dst->table == NULL && src->table != NULL)
- dst->table = xstrdup(src->table);
+ if (dst->table.name == NULL && src->table.name != NULL)
+ dst->table.name = xstrdup(src->table.name);
if (dst->chain == NULL && src->chain != NULL)
dst->chain = xstrdup(src->chain);
if (dst->set == NULL && src->set != NULL)
struct table *t;
h.family = family;
- h.table = table;
+ h.table.name = table;
t = table_lookup(&h, cache);
if (t == NULL)
struct print_fmt_options opts = {
.tab = "",
.nl = " ",
- .table = s->handle.table,
+ .table = s->handle.table.name,
.family = family2str(s->handle.family),
.stmt_separator = "; ",
};
void chain_print_plain(const struct chain *chain, struct output_ctx *octx)
{
nft_print(octx, "chain %s %s %s", family2str(chain->handle.family),
- chain->handle.table, chain->handle.chain);
+ chain->handle.table.name, chain->handle.chain);
if (chain->flags & CHAIN_F_BASECHAIN) {
nft_print(octx, " { type %s hook %s priority %d; policy %s; }",
list_for_each_entry(table, &cache->list, list) {
if (table->handle.family == h->family &&
- !strcmp(table->handle.table, h->table))
+ !strcmp(table->handle.table.name, h->table.name))
return table;
}
return NULL;
const char *delim = "";
const char *family = family2str(table->handle.family);
- nft_print(octx, "table %s %s {", family, table->handle.table);
+ nft_print(octx, "table %s %s {", family, table->handle.table.name);
if (octx->handle > 0)
nft_print(octx, " # handle %" PRIu64, table->handle.handle.id);
nft_print(octx, "\n");
nft_print(ctx->octx, "table %s %s {\n",
family2str(table->handle.family),
- table->handle.table);
+ table->handle.table.name);
list_for_each_entry(set, &table->sets, list) {
if (cmd->obj == CMD_OBJ_SETS &&
struct print_fmt_options opts = {
.tab = "",
.nl = " ",
- .table = obj->handle.table,
+ .table = obj->handle.table.name,
.family = family2str(obj->handle.family),
};
nft_print(ctx->octx, "table %s %s {\n",
family2str(table->handle.family),
- table->handle.table);
+ table->handle.table.name);
- if (cmd->handle.table != NULL &&
- strcmp(cmd->handle.table, table->handle.table)) {
+ if (cmd->handle.table.name != NULL &&
+ strcmp(cmd->handle.table.name, table->handle.table.name)) {
nft_print(ctx->octx, "}\n");
continue;
}
nft_print(ctx->octx, "table %s %s {\n",
family2str(table->handle.family),
- table->handle.table);
+ table->handle.table.name);
list_for_each_entry(flowtable, &table->flowtables, list) {
flowtable_print_declaration(flowtable, &opts, ctx->octx);
continue;
cmd->handle.family = table->handle.family;
- cmd->handle.table = table->handle.table;
+ cmd->handle.table.name = table->handle.table.name;
if (do_list_table(ctx, cmd, table) < 0)
return -1;
}
- cmd->handle.table = NULL;
+ cmd->handle.table.name = NULL;
return 0;
}
nft_print(ctx->octx, "table %s %s\n",
family2str(table->handle.family),
- table->handle.table);
+ table->handle.table.name);
}
return 0;
{
nft_print(octx, "table %s %s {\n",
family2str(table->handle.family),
- table->handle.table);
+ table->handle.table.name);
}
static int do_list_chain(struct netlink_ctx *ctx, struct cmd *cmd,
{
struct table *table = NULL;
- if (cmd->handle.table != NULL)
+ if (cmd->handle.table.name != NULL)
table = table_lookup(&cmd->handle, ctx->cache);
switch (cmd->obj) {
case CMD_OBJ_TABLE:
- if (!cmd->handle.table)
+ if (!cmd->handle.table.name)
return do_list_tables(ctx, cmd);
return do_list_table(ctx, cmd, table);
case CMD_OBJ_CHAIN:
{
struct table *table = NULL;
- if (cmd->handle.table != NULL)
+ if (cmd->handle.table.name != NULL)
table = table_lookup(&cmd->handle, ctx->cache);
switch (cmd->obj) {
projects / thirdparty / nftables.git / commitdiff
