payload: xml: use string for base attribute

This patch implements using a string instead of a number for the <base> node.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/src/expr/payload.c b/src/expr/payload.c
index dc42918af3b464ea387a3a5debc8d8d7cbfc46b5..ae72fa2bf014ff0bf9bd87bf5ad575f0ffc2597d 100644 (file)
--- a/src/expr/payload.c
+++ b/src/expr/payload.c
@@ -212,13 +212,19 @@ nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, char *xml)
        /* Get and set <base>. Not mandatory */
        node = mxmlFindElement(tree, tree, "base", NULL, NULL, MXML_DESCEND);
        if (node != NULL) {
-               tmp = strtoull(node->child->value.opaque, &endptr, 10);
-               if (tmp > UINT32_MAX || tmp < 0 || *endptr) {
+
+               if (strcmp(node->child->value.opaque, "link") == 0) {
+                       payload->base = NFT_PAYLOAD_LL_HEADER;
+               } else if (strcmp(node->child->value.opaque, "network") == 0) {
+                       payload->base = NFT_PAYLOAD_NETWORK_HEADER;
+               } else if (strcmp(node->child->value.opaque,
+                                 "transport") == 0) {
+                       payload->base = NFT_PAYLOAD_TRANSPORT_HEADER;
+               } else {
                        mxmlDelete(tree);
                        return -1;
                }
 
-               payload->base = (uint32_t)tmp;
                e->flags |= (1 << NFT_EXPR_PAYLOAD_BASE);
        }
 
@@ -256,6 +262,41 @@ nft_rule_expr_payload_xml_parse(struct nft_rule_expr *e, char *xml)
 #endif
 }
 
+static int
+nft_rule_expr_payload_snprintf_xml(char *buf, size_t len, uint32_t flags,
+                                  struct nft_expr_payload *p)
+{
+       int size = len, offset = 0, ret;
+
+       ret = snprintf(buf, len, "<dreg>%u</dreg><offset>%u</offset>"
+                      "<len>%u</len>", p->dreg, p->offset, p->len);
+       SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+       /* A default option is not provided.
+        * The <base> node will be missing; Is not mandatory.
+        */
+
+       switch (p->base) {
+       case NFT_PAYLOAD_LL_HEADER:
+               ret = snprintf(buf+offset, len, "<base>link</base>");
+               break;
+       case NFT_PAYLOAD_NETWORK_HEADER:
+               ret = snprintf(buf+offset, len, "<base>network</base>");
+               break;
+       case NFT_PAYLOAD_TRANSPORT_HEADER:
+               ret = snprintf(buf+offset, len, "<base>transport</base>");
+               break;
+       default:
+               ret = snprintf(buf+offset, len, "<base>unknown</base>");
+               break;
+       }
+
+       SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
+
+       return offset;
+}
+
+
 static int
 nft_rule_expr_payload_snprintf(char *buf, size_t len, uint32_t type,
                               uint32_t flags, struct nft_rule_expr *e)
@@ -264,12 +305,8 @@ nft_rule_expr_payload_snprintf(char *buf, size_t len, uint32_t type,
 
        switch(type) {
        case NFT_RULE_O_XML:
-               return snprintf(buf, len, "<dreg>%u</dreg>"
-                                         "<base>%u</base><offset>%u</offset>"
-                                         "<len>%u</len>",
-                               payload->dreg, payload->base,
-                                       payload->offset, payload->len);
-
+               return nft_rule_expr_payload_snprintf_xml(buf, len, flags,
+                                                         payload);
        case NFT_RULE_O_DEFAULT:
                return snprintf(buf, len, "dreg=%u base=%u offset=%u len=%u ",
                                payload->dreg, payload->base,

diff --git a/test/nft-rule-xml-add.sh b/test/nft-rule-xml-add.sh
index 322e70c8d78059194f9827d807be86fb2528993b..e1e35d95e505ddfe33687b07bf6a728c4cd9ae00 100755 (executable)
--- a/test/nft-rule-xml-add.sh
+++ b/test/nft-rule-xml-add.sh
@@ -53,7 +53,7 @@ XML="<rule family=\"ip\" table=\"filter\" chain=\"INPUT\" handle=\"100\" version
   </expr>
   <expr type=\"payload\">
     <dreg>1</dreg>
-    <base>1</base>
+    <base>transport</base>
     <offset>12</offset>
     <len>4</len>
   </expr>
@@ -69,7 +69,7 @@ XML="<rule family=\"ip\" table=\"filter\" chain=\"INPUT\" handle=\"100\" version
   </expr>
   <expr type=\"payload\">
     <dreg>1</dreg>
-    <base>1</base>
+    <base>link</base>
     <offset>16</offset>
     <len>4</len>
   </expr>
@@ -85,7 +85,7 @@ XML="<rule family=\"ip\" table=\"filter\" chain=\"INPUT\" handle=\"100\" version
   </expr>
   <expr type=\"payload\">
     <dreg>1</dreg>
-    <base>1</base>
+    <base>network</base>
     <offset>9</offset>
     <len>1</len>
   </expr>