This patch deletes the <properties> node in chain and table XML objects.
For this to work, the first tree search with MXML_DESCEND_FIRST flag is moved
to the next node.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
c->packets = utmp;
c->flags |= (1 << NFT_CHAIN_ATTR_PACKETS);
- /* Ignore <properties> node */
- node = mxmlFindElement(tree, tree, "properties", NULL, NULL,
- MXML_DESCEND_FIRST);
-
/* Get and set <type> */
- node = mxmlFindElement(tree, tree, "type", NULL, NULL, MXML_DESCEND);
+ node = mxmlFindElement(tree, tree, "type", NULL, NULL,
+ MXML_DESCEND_FIRST);
if (node == NULL) {
mxmlDelete(tree);
return -1;
ret = snprintf(buf, size,
"<chain name=\"%s\" handle=\"%"PRIu64"\""
" bytes=\"%"PRIu64"\" packets=\"%"PRIu64"\">"
- "<properties>"
- "<type>%s</type>"
- "<table>%s</table>"
- "<prio>%d</prio>"
- "<use>%d</use>"
- "<hooknum>%s</hooknum>",
+ "<type>%s</type><table>%s</table><prio>%d</prio>"
+ "<use>%d</use><hooknum>%s</hooknum>",
c->name, c->handle, c->bytes, c->packets,
c->type, c->table,
c->prio, c->use, hooknum2str_array[c->hooknum]);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
}
- ret = snprintf(buf+offset, size, "<family>%s</family>"
- "</properties></chain>",
+ ret = snprintf(buf+offset, size, "<family>%s</family></chain>",
nft_family2str(c->family));
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
t->name = strdup(mxmlElementGetAttr(tree, "name"));
t->flags |= (1 << NFT_TABLE_ATTR_NAME);
- /* Ignore <properties> node */
- node = mxmlFindElement(tree, tree, "properties", NULL, NULL,
- MXML_DESCEND_FIRST);
-
/* Get the and set <family> node */
- node = mxmlFindElement(tree, tree, "family", NULL, NULL, MXML_DESCEND);
+ node = mxmlFindElement(tree, tree, "family", NULL, NULL,
+ MXML_DESCEND_FIRST);
if (node == NULL) {
mxmlDelete(tree);
return -1;
static int nft_table_snprintf_xml(char *buf, size_t size, struct nft_table *t)
{
- return snprintf(buf, size, "<table name=\"%s\">"
- "<properties>"
- "<family>%s</family>"
- "<table_flags>%d</table_flags>"
- "</properties>"
- "</table>",
- t->name, nft_family2str(t->family), t->table_flags);
+ return snprintf(buf, size, "<table name=\"%s\"><family>%s</family>"
+ "<table_flags>%d</table_flags></table>",
+ t->name, nft_family2str(t->family), t->table_flags);
}
static int nft_table_snprintf_default(char *buf, size_t size, struct nft_table *t)
<table name="filter">
- <properties>
- <family>ip</family>
- <table_flags>0</table_flags>
- </properties>
+ <family>ip</family>
+ <table_flags>0</table_flags>
</table>
<table name="nat">
- <properties>
- <family>ip6</family>
- <table_flags>0</table_flags>
- </properties>
+ <family>ip6</family>
+ <table_flags>0</table_flags>
</table>
<chain name="test" handle="0" bytes="0" packets="0">
- <properties>
- <type>filter</type>
- <table>filter</table>
- <prio>0</prio>
- <use>1</use>
- <hooknum>NF_INET_LOCAL_IN</hooknum>
- <policy>accept</policy>
- <family>ip</family>
- </properties>
+ <type>filter</type>
+ <table>filter</table>
+ <prio>0</prio>
+ <use>1</use>
+ <hooknum>NF_INET_LOCAL_IN</hooknum>
+ <policy>accept</policy>
+ <family>ip</family>
</chain>
<chain name="test" handle="0" bytes="59" packets="1">
- <properties>
- <type>filter</type>
- <table>filter</table>
- <prio>0</prio>
- <use>1</use>
- <hooknum>NF_INET_FORWARD</hooknum>
- <policy>drop</policy>
- <family>ip6</family>
- </properties>
+ <type>filter</type>
+ <table>filter</table>
+ <prio>0</prio>
+ <use>1</use>
+ <hooknum>NF_INET_FORWARD</hooknum>
+ <policy>drop</policy>
+ <family>ip6</family>
</chain>
<chain name="foo" handle="100" bytes="59264154979" packets="2548796325">
- <properties>
- <type>nat</type>
- <table>nat</table>
- <prio>0</prio>
- <use>1</use>
- <hooknum>NF_INET_POST_ROUTING</hooknum>
- <policy>accept</policy>
- <family>ip</family>
- </properties>
+ <type>nat</type>
+ <table>nat</table>
+ <prio>0</prio>
+ <use>1</use>
+ <hooknum>NF_INET_POST_ROUTING</hooknum>
+ <policy>accept</policy>
+ <family>ip</family>
</chain>
projects / thirdparty / libnftnl.git / commitdiff
