ct: xml: use key names instead of numbers

author Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>

Wed, 26 Jun 2013 11:37:08 +0000 (13:37 +0200)

committer Pablo Neira Ayuso <pablo@netfilter.org>

Thu, 27 Jun 2013 17:36:33 +0000 (19:36 +0200)
author Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Wed, 26 Jun 2013 11:37:08 +0000 (13:37 +0200)
committer Pablo Neira Ayuso <pablo@netfilter.org>
Thu, 27 Jun 2013 17:36:33 +0000 (19:36 +0200)
diff --git a/src/expr/ct.c b/src/expr/ct.c

index c6d11c9aa04ac783cc7cb12ef4c4a53ce6630bac..e4ab3edb0b34817ddd65545f50b099251b6167f4 100644 (file)
--- a/src/expr/ct.c
+++ b/src/expr/ct.c
@@ -10,6 +10,7 @@
   */
  
  #include <stdio.h>
+#include <string.h>
  #include <stdint.h>
  #include <arpa/inet.h>
  #include <errno.h>
@@ -30,6 +31,10 @@ struct nft_expr_ct {
  #define IP_CT_DIR_ORIGINAL     0
  #define IP_CT_DIR_REPLY                1
  
+#ifndef NFT_CT_MAX
+#define NFT_CT_MAX (NFT_CT_PROTO_DST + 1)
+#endif
+
  static int
  nft_rule_expr_ct_set(struct nft_rule_expr *e, uint16_t type,
                        const void *data, size_t data_len)
@@ -152,6 +157,41 @@ nft_rule_expr_ct_parse(struct nft_rule_expr *e, struct nlattr *attr)
         return 0;
  }
  
+const char *ctkey2str_array[NFT_CT_MAX] = {
+       [NFT_CT_STATE]          = "state",
+       [NFT_CT_DIRECTION]      = "direction",
+       [NFT_CT_STATUS]         = "status",
+       [NFT_CT_MARK]           = "mark",
+       [NFT_CT_SECMARK]        = "secmark",
+       [NFT_CT_EXPIRATION]     = "expiration",
+       [NFT_CT_HELPER]         = "helper",
+       [NFT_CT_PROTOCOL]       = "protocol",
+       [NFT_CT_SRC]            = "src",
+       [NFT_CT_DST]            = "dst",
+       [NFT_CT_PROTO_SRC]      = "proto_src",
+       [NFT_CT_PROTO_DST]      = "proto_dst"
+};
+
+static const char *ctkey2str(uint32_t ctkey)
+{
+       if (ctkey > NFT_CT_MAX)
+               return "unknown";
+
+       return ctkey2str_array[ctkey];
+}
+
+static inline int str2ctkey(const char *ctkey)
+{
+       int i;
+
+       for (i = 0; i < NFT_CT_MAX; i++) {
+               if (strcmp(ctkey2str_array[i], ctkey) == 0)
+                       return i;
+       }
+
+       return -1;
+}
+
  static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, char *xml)
  {
  #ifdef XML_PARSING
@@ -160,6 +200,7 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, char *xml)
         mxml_node_t *node = NULL;
         uint64_t tmp;
         char *endptr;
+       int key;
  
         tree = mxmlLoadString(NULL, xml, MXML_OPAQUE_CALLBACK);
         if (tree == NULL)
@@ -190,11 +231,11 @@ static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, char *xml)
         if (node == NULL)
                 goto err;
  
-       tmp = strtoull(node->child->value.opaque, &endptr, 10);
-       if (tmp > UINT8_MAX || tmp < 0 || *endptr)
+       key = str2ctkey(node->child->value.opaque);
+       if (key < 0)
                 goto err;
  
-       ct->key = tmp;
+       ct->key = key;
         e->flags |= (1 << NFT_EXPR_CT_KEY);
  
         node = mxmlFindElement(tree, tree, "dir", NULL, NULL, MXML_DESCEND);
@@ -231,13 +272,13 @@ nft_rule_expr_ct_snprintf(char *buf, size_t len, uint32_t type,
  
         switch(type) {
         case NFT_RULE_O_DEFAULT:
-               return snprintf(buf, len, "dreg=%u key=%u dir=%u ",
-                               ct->dreg, ct->key, ct->dir);
+               return snprintf(buf, len, "dreg=%u key=%s dir=%u ",
+                               ct->dreg, ctkey2str(ct->key), ct->dir);
         case NFT_RULE_O_XML:
                 return snprintf(buf, len, "<dreg>%u</dreg>"
-                                         "<key>%u</key>"
+                                         "<key>%s</key>"
                                           "<dir>%u</dir>",
-                               ct->dreg, ct->key, ct->dir);
+                               ct->dreg, ctkey2str(ct->key), ct->dir);
         default:
                 break;
         }
author	Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
	Wed, 26 Jun 2013 11:37:08 +0000 (13:37 +0200)
committer	Pablo Neira Ayuso <pablo@netfilter.org>
	Thu, 27 Jun 2013 17:36:33 +0000 (19:36 +0200)