#ifdef XML_PARSING
mxml_node_t *tree = NULL;
mxml_node_t *node = NULL;
- char *endptr = NULL;
- uint64_t utmp;
+ const char *name;
const char *hooknum_str;
int family, hooknum;
if (tree == NULL)
return -1;
- /* Get and set <chain name="xxx" ... >*/
- if (mxmlElementGetAttr(tree, "name") == NULL) {
+ if (strcmp(tree->value.opaque, "chain") != 0) {
mxmlDelete(tree);
return -1;
}
- strncpy(c->name, mxmlElementGetAttr(tree, "name"),
- NFT_CHAIN_MAXNAMELEN);
- c->flags |= (1 << NFT_CHAIN_ATTR_NAME);
- /* Get and set <chain handle="x" ... >*/
- if (mxmlElementGetAttr(tree, "handle") == NULL) {
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ if (name == NULL) {
mxmlDelete(tree);
return -1;
}
- utmp = strtoull(mxmlElementGetAttr(tree, "handle"), &endptr, 10);
- if (utmp == UINT64_MAX || utmp < 0 || *endptr) {
+ strncpy(c->name, name, NFT_CHAIN_MAXNAMELEN);
+ xfree(name);
+ c->flags |= (1 << NFT_CHAIN_ATTR_NAME);
+
+ if (nft_mxml_num_parse(tree, "handle", MXML_DESCEND_FIRST, BASE_DEC,
+ &c->handle, NFT_TYPE_U64) != 0) {
mxmlDelete(tree);
return -1;
}
- c->handle = utmp;
c->flags |= (1 << NFT_CHAIN_ATTR_HANDLE);
- /* Get and set <chain bytes="x" ... >*/
- if (mxmlElementGetAttr(tree, "bytes") == NULL) {
+ if (nft_mxml_num_parse(tree, "bytes", MXML_DESCEND_FIRST, BASE_DEC,
+ &c->bytes, NFT_TYPE_U64) != 0) {
mxmlDelete(tree);
return -1;
}
- utmp = strtoull(mxmlElementGetAttr(tree, "bytes"), &endptr, 10);
- if (utmp == UINT64_MAX || utmp < 0 || *endptr) {
- mxmlDelete(tree);
- return -1;
- }
- c->bytes = utmp;
+
c->flags |= (1 << NFT_CHAIN_ATTR_BYTES);
- /* Get and set <chain packets="x" ... > */
- if (mxmlElementGetAttr(tree, "packets") == NULL) {
+ if (nft_mxml_num_parse(tree, "packets", MXML_DESCEND_FIRST, BASE_DEC,
+ &c->packets, NFT_TYPE_U64) != 0) {
mxmlDelete(tree);
return -1;
}
- utmp = strtoull(mxmlElementGetAttr(tree, "packets"), &endptr, 10);
- if (utmp == UINT64_MAX || utmp < 0 || *endptr) {
- mxmlDelete(tree);
- return -1;
- }
- c->packets = utmp;
+
c->flags |= (1 << NFT_CHAIN_ATTR_PACKETS);
/* Get and set <type> */
c->flags |= (1 << NFT_CHAIN_ATTR_POLICY);
/* Get and set <family> */
- node = mxmlFindElement(tree, tree, "family", NULL, NULL, MXML_DESCEND);
- if (node == NULL) {
- mxmlDelete(tree);
- return -1;
- }
-
- family = nft_str2family(node->child->value.opaque);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
if (family < 0) {
mxmlDelete(tree);
return -1;
{
int ret, len = size, offset = 0;
- ret = snprintf(buf, size,
- "<chain name=\"%s\" handle=\"%"PRIu64"\""
- " bytes=\"%"PRIu64"\" packets=\"%"PRIu64"\">"
- "<type>%s</type><table>%s</table><prio>%d</prio>"
- "<use>%d</use><hooknum>%s</hooknum>",
+ ret = snprintf(buf, size, "<chain><name>%s</name>"
+ "<handle>%"PRIu64"</handle><bytes>%"PRIu64"</bytes>"
+ "<packets>%"PRIu64"</packets><type>%s</type>"
+ "<table>%s</table><prio>%d</prio><use>%d</use>"
+ "<hooknum>%s</hooknum>",
c->name, c->handle, c->bytes, c->packets,
c->type, c->table,
c->prio, c->use, hooknum2str_array[c->hooknum]);
{
#ifdef XML_PARSING
struct nft_expr_nat *nat = nft_expr_data(e);
- const char *nat_type, *family_str;
+ const char *nat_type;
int32_t reg;
int family;
e->flags |= (1 << NFT_EXPR_NAT_TYPE);
- family_str = nft_mxml_str_parse(tree, "family", MXML_DESCEND_FIRST);
- if (family_str == NULL)
- return -1;
-
- family = nft_str2family(family_str);
- if (family < 0)
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
+ if (family < 0) {
+ mxmlDelete(tree);
return -1;
+ }
nat->family = family;
e->flags |= (1 << NFT_EXPR_NAT_FAMILY);
int nft_mxml_data_reg_parse(mxml_node_t *tree, const char *node_name, union nft_data_reg *data_reg);
int nft_mxml_num_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags, int base, void *number, enum nft_type type);
const char *nft_mxml_str_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags);
+int nft_mxml_family_parse(mxml_node_t *tree, const char *node_name, uint32_t mxml_flags);
struct nft_set_elem *nft_mxml_set_elem_parse(mxml_node_t *node);
#endif
return strdup(node->child->value.opaque);
}
+int nft_mxml_family_parse(mxml_node_t *tree, const char *node_name,
+ uint32_t mxml_flags)
+{
+ const char *family_str;
+ int family;
+
+ family_str = nft_mxml_str_parse(tree, node_name, mxml_flags);
+ if (family_str == NULL)
+ return -1;
+
+ family = nft_str2family(family_str);
+ xfree(family_str);
+
+ if (family < 0)
+ errno = EAFNOSUPPORT;
+
+ return family;
+}
+
struct nft_set_elem *nft_mxml_set_elem_parse(mxml_node_t *node)
{
mxml_node_t *save;
mxml_node_t *node = NULL;
mxml_node_t *save = NULL;
struct nft_rule_expr *e;
- char *endptr = NULL;
- uint64_t tmp;
+ const char *table;
+ const char *chain;
int family;
/* Load the tree */
if (tree == NULL)
return -1;
- /* get and set <rule ... family=X ... > */
- if (mxmlElementGetAttr(tree, "family") == NULL) {
+ if (strcmp(tree->value.opaque, "rule") != 0) {
mxmlDelete(tree);
return -1;
}
- family = nft_str2family(mxmlElementGetAttr(tree, "family"));
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
if (family < 0) {
mxmlDelete(tree);
return -1;
r->family = family;
r->flags |= (1 << NFT_RULE_ATTR_FAMILY);
- /* get and set <rule ... table=X ...> */
- if (mxmlElementGetAttr(tree, "table") == NULL) {
+ table = nft_mxml_str_parse(tree, "table", MXML_DESCEND_FIRST);
+ if (table == NULL) {
mxmlDelete(tree);
return -1;
}
if (r->table)
xfree(r->table);
- r->table = strdup(mxmlElementGetAttr(tree, "table"));
+ r->table = (char *)table;
r->flags |= (1 << NFT_RULE_ATTR_TABLE);
- /* get and set <rule ... chain=X ...> */
- if (mxmlElementGetAttr(tree, "chain") == NULL) {
+ chain = nft_mxml_str_parse(tree, "chain", MXML_DESCEND_FIRST);
+ if (chain == NULL) {
mxmlDelete(tree);
return -1;
}
if (r->chain)
xfree(r->chain);
- r->chain = strdup(mxmlElementGetAttr(tree, "chain"));
+ r->chain = (char *)chain;
r->flags |= (1 << NFT_RULE_ATTR_CHAIN);
- /* get and set <rule ... handle=X ...> */
- if (mxmlElementGetAttr(tree, "handle") == NULL) {
- mxmlDelete(tree);
- return -1;
- }
- tmp = strtoull(mxmlElementGetAttr(tree, "handle"), &endptr, 10);
- if (tmp == UINT64_MAX || tmp < 0 || *endptr) {
+ if (nft_mxml_num_parse(tree, "handle", MXML_DESCEND_FIRST, BASE_DEC,
+ &r->handle, NFT_TYPE_U64) != 0) {
mxmlDelete(tree);
return -1;
}
- r->handle = tmp;
r->flags |= (1 << NFT_RULE_ATTR_HANDLE);
/* get and set <rule_flags> */
/* <compat_proto> is optional */
node = mxmlFindElement(tree, tree, "compat_proto", NULL, NULL,
MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr) {
+ if (node != NULL && node->child != NULL) {
+ if (nft_strtoi(node->child->value.opaque, BASE_DEC,
+ &r->compat.proto, NFT_TYPE_U32) != 0) {
mxmlDelete(tree);
return -1;
}
- r->compat.proto = tmp;
r->flags |= (1 << NFT_RULE_ATTR_COMPAT_PROTO);
}
/* <compat_flags> is optional */
node = mxmlFindElement(tree, tree, "compat_flags", NULL, NULL,
MXML_DESCEND);
- if (node != NULL) {
- tmp = strtoull(node->child->value.opaque, &endptr, 10);
- if (tmp > UINT32_MAX || tmp < 0 || *endptr) {
+ if (node != NULL && node->child != NULL) {
+ if (nft_strtoi(node->child->value.opaque, BASE_DEC,
+ &r->compat.flags, NFT_TYPE_U32) != 0) {
mxmlDelete(tree);
return -1;
}
- r->compat.flags = tmp;
r->flags |= (1 << NFT_RULE_ATTR_COMPAT_FLAGS);
}
int ret, len = size, offset = 0;
struct nft_rule_expr *expr;
- ret = snprintf(buf, size,
- "<rule family=\"%s\" table=\"%s\" "
- "chain=\"%s\" handle=\"%llu\">",
- nft_family2str(r->family), r->table, r->chain,
- (unsigned long long)r->handle);
+ ret = snprintf(buf, size, "<rule><family>%s</family>"
+ "<table>%s</table><chain>%s</chain>"
+ "<handle>%llu</handle>",
+ nft_family2str(r->family), r->table, r->chain,
+ (unsigned long long)r->handle);
SNPRINTF_BUFFER_SIZE(ret, size, len, offset);
ret = snprintf(buf+offset, len, "<rule_flags>%u</rule_flags>",
{
#ifdef XML_PARSING
mxml_node_t *tree = NULL;
- mxml_node_t *node = NULL;
+ const char *name;
int family;
/* NOTE: all XML nodes are mandatory */
if (tree == NULL)
return -1;
- /* Get and set the name of the table */
- if (mxmlElementGetAttr(tree, "name") == NULL) {
+ if (strcmp(tree->value.opaque, "table") != 0) {
+ mxmlDelete(tree);
+ return -1;
+ }
+
+ name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST);
+ if (name == NULL) {
mxmlDelete(tree);
return -1;
}
if (t->name)
xfree(t->name);
- t->name = strdup(mxmlElementGetAttr(tree, "name"));
+ t->name = name;
t->flags |= (1 << NFT_TABLE_ATTR_NAME);
- /* Get the and set <family> node */
- node = mxmlFindElement(tree, tree, "family", NULL, NULL,
- MXML_DESCEND_FIRST);
- if (node == NULL) {
- mxmlDelete(tree);
- return -1;
- }
-
- family = nft_str2family(node->child->value.opaque);
+ family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST);
if (family < 0) {
mxmlDelete(tree);
return -1;
t->family = family;
t->flags |= (1 << NFT_TABLE_ATTR_FAMILY);
- /* Get and set <table_flags> */
if (nft_mxml_num_parse(tree, "table_flags", MXML_DESCEND, BASE_DEC,
&t->table_flags, NFT_TYPE_U32) != 0) {
mxmlDelete(tree);
static int nft_table_snprintf_xml(char *buf, size_t size, struct nft_table *t)
{
- return snprintf(buf, size, "<table name=\"%s\"><family>%s</family>"
+ return snprintf(buf, size, "<table><name>%s</name><family>%s</family>"
"<table_flags>%d</table_flags></table>",
t->name, nft_family2str(t->family), t->table_flags);
}
-<table name="filter">
+<table>
+ <name>filter</name>
<family>ip</family>
<table_flags>0</table_flags>
</table>
-<table name="nat">
+<table>
+ <name>nat</name>
<family>ip6</family>
<table_flags>0</table_flags>
</table>
-<chain name="test" handle="0" bytes="0" packets="0">
+<chain>
+ <name>test</name>
+ <handle>0</handle>
+ <bytes>0</bytes>
+ <packets>0</packets>
<type>filter</type>
<table>filter</table>
<prio>0</prio>
-<chain name="test" handle="0" bytes="59" packets="1">
+<chain>
+ <name>test</name>
+ <handle>0</handle>
+ <bytes>59</bytes>
+ <packets>1</packets>
<type>filter</type>
<table>filter</table>
<prio>0</prio>
-<chain name="foo" handle="100" bytes="59264154979" packets="2548796325">
+<chain>
+ <name>foo</name>
+ <handle>100</handle>
+ <bytes>59264154979</bytes>
+ <packets>2548796325</packets>
<type>nat</type>
<table>nat</table>
<prio>0</prio>
-<rule family="ip" table="filter" chain="INPUT" handle="100">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
<rule_flags>0</rule_flags>
<expr type="bitwise">
<sreg>1</sreg>
-<rule family="ip" table="test" chain="test" handle="1000">
+<rule>
+ <family>ip</family>
+ <table>test</table>
+ <chain>test</chain>
+ <handle>1000</handle>
<rule_flags>0</rule_flags>
<expr type="byteorder">
<sreg>3</sreg>
-<rule family="ip6" table="filter" chain="test" handle="36">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>36</handle>
<rule_flags>0</rule_flags>
<expr type="cmp">
<sreg>1</sreg>
-<rule family="ip6" table="filter" chain="test" handle="39">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>39</handle>
<rule_flags>0</rule_flags>
<expr type="counter">
<pkts>3</pkts>
-<rule family="ip" table="filter" chain="INPUT" handle="100">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip6" table="filter" chain="INPUT" handle="100">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
<rule_flags>0</rule_flags>
<expr type="exthdr">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="input" handle="32">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>input</chain>
+ <handle>32</handle>
<rule_flags>0</rule_flags>
<expr type="immediate">
<dreg>0</dreg>
-<rule family="ip" table="filter" chain="INPUT" handle="100">
- <rule_flags>0</rule_flags>
- <expr type="limit">
- <rate>123123</rate>
- <depth>321321</depth>
- </expr>
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
+ <rule_flags>0</rule_flags>
+ <expr type="limit">
+ <rate>123123</rate>
+ <depth>321321</depth>
+ </expr>
</rule>
-<rule family="ip6" table="filter" chain="test" handle="96">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>96</handle>
<rule_flags>0</rule_flags>
<expr type="log">
<prefix>test_chain</prefix>
-<rule family="ip6" table="filter" chain="test" handle="37">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>37</handle>
<rule_flags>0</rule_flags>
<expr type="lookup">
<set>set0</set>
-<rule family="ip" table="filter" chain="INPUT" handle="100">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
<rule_flags>0</rule_flags>
<expr type="match">
<name>state</name>
-<rule family="ip6" table="filter" chain="test" handle="36">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>36</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip6" table="nat" chain="OUTPUT" handle="100">
+<rule>
+ <family>ip6</family>
+ <table>nat</table>
+ <chain>OUTPUT</chain>
+ <handle>100</handle>
<rule_flags>0</rule_flags>
<expr type="nat">
<family>ip6</family>
-<rule family="ip" table="filter" chain="INPUT" handle="100">
- <rule_flags>0</rule_flags>
- <expr type="nat">
- <sreg_addr_min>1</sreg_addr_min>
- <sreg_addr_max>2</sreg_addr_max>
- <sreg_proto_min>3</sreg_proto_min>
- <sreg_proto_max>4</sreg_proto_max>
- <family>ip</family>
- <nat_type>dnat</nat_type>
- </expr>
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
+ <rule_flags>0</rule_flags>
+ <expr type="nat">
+ <sreg_addr_min>1</sreg_addr_min>
+ <sreg_addr_max>2</sreg_addr_max>
+ <sreg_proto_min>3</sreg_proto_min>
+ <sreg_proto_max>4</sreg_proto_max>
+ <family>ip</family>
+ <nat_type>dnat</nat_type>
+ </expr>
</rule>
-<rule family="ip6" table="filter" chain="test" handle="34">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>34</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="INPUT" handle="100">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>100</handle>
<rule_flags>0</rule_flags>
<expr type="target">
<name>LOG</name>
-<rule family="ip" table="filter" chain="output" handle="22">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>22</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="INPUT" handle="25">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>25</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="INPUT" handle="30">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>INPUT</chain>
+ <handle>30</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip6" table="filter" chain="test" handle="31">
+<rule>
+ <family>ip6</family>
+ <table>filter</table>
+ <chain>test</chain>
+ <handle>31</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="2">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>2</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="3">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>3</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="4">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>4</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="5">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>5</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="6">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>6</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="7">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>7</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="8">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>8</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="9">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>9</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="10">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>10</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="11">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>11</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="12">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>12</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="13">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>13</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="14">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>14</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="15">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>15</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="16">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>16</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="17">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>17</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="18">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>18</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="19">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>19</handle>
<rule_flags>0</rule_flags>
<expr type="ct">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="20">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>20</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="21">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>21</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="22">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>22</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="23">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>23</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="24">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>24</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="25">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>25</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="26">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>26</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="27">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>27</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="28">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>28</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="29">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>29</handle>
<rule_flags>0</rule_flags>
<expr type="meta">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="32">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>32</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="33">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>33</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="34">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>34</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="35">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>35</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
-<rule family="ip" table="filter" chain="output" handle="36">
+<rule>
+ <family>ip</family>
+ <table>filter</table>
+ <chain>output</chain>
+ <handle>36</handle>
<rule_flags>0</rule_flags>
<expr type="payload">
<dreg>1</dreg>
projects / thirdparty / libnftnl.git / commitdiff
