From: Florian Westphal <fw@strlen.de>
Date: Tue, 8 Apr 2025 14:21:31 +0000 (+0200)
Subject: src: print count variable in normal set listings
X-Git-Tag: v1.1.4~48
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=8ff87c8fd483eb3fdab5839cccaf100b593fe92e;p=thirdparty%2Fnftables.git

src: print count variable in normal set listings

Also print the number of allocated set elements if the set provided
an upper size limit and there is at least one element.

Example:

table ip t {
   set s {
       type ipv4_addr
       size 65535      # count 1
       flags dynamic
       counter
       elements = { 1.1.1.1 counter packets 1 bytes 11 }
   }
   ...

JSON output is unchanged as this only has informational purposes.

This change breaks tests, followup patch addresses this.

Suggested-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Florian Westphal <fw@strlen.de>
---

diff --git a/include/rule.h b/include/rule.h
index 655d6aba..470ae107 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -321,6 +321,7 @@ void rule_stmt_insert_at(struct rule *rule, struct stmt *nstmt,
  * @refcnt:	reference count
  * @flags:	bitmask of set flags
  * @gc_int:	garbage collection interval
+ * @count:	count of kernel-allocated elements
  * @timeout:	default timeout value
  * @key:	key expression (data type, length))
  * @data:	mapping data expression
@@ -345,6 +346,7 @@ struct set {
 	unsigned int		refcnt;
 	uint32_t		flags;
 	uint32_t		gc_int;
+	uint32_t		count;
 	uint64_t		timeout;
 	struct expr		*key;
 	struct expr		*data;
diff --git a/src/netlink.c b/src/netlink.c
index 68f1b90c..b5c092b4 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -1139,6 +1139,9 @@ struct set *netlink_delinearize_set(struct netlink_ctx *ctx,
 	if (nftnl_set_is_set(nls, NFTNL_SET_DESC_SIZE))
 		set->desc.size = nftnl_set_get_u32(nls, NFTNL_SET_DESC_SIZE);
 
+	if (nftnl_set_is_set(nls, NFTNL_SET_COUNT))
+		set->count = nftnl_set_get_u32(nls, NFTNL_SET_COUNT);
+
 	if (nftnl_set_is_set(nls, NFTNL_SET_DESC_CONCAT)) {
 		uint32_t len = NFT_REG32_COUNT;
 		const uint8_t *data;
diff --git a/src/rule.c b/src/rule.c
index e2fe0979..0945d14a 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -335,10 +335,13 @@ static void set_print_declaration(const struct set *set,
 		}
 
 		if (set->desc.size > 0) {
-			nft_print(octx, "%s%ssize %u%s",
+			nft_print(octx, "%s%ssize %u",
 				  opts->tab, opts->tab,
-				  set->desc.size,
-				  opts->stmt_separator);
+				  set->desc.size);
+			if (set->count > 0)
+				nft_print(octx, "%s# count %u", opts->tab,
+					  set->count);
+			nft_print(octx, "%s", opts->stmt_separator);
 		}
 	}