[PATCH] cli: complete basic functionality of the interactive mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This patch adds missing code to get basic interactive mode
operative via `nft -i', including parsing, evaluation,
command execution via netlink and error reporting.

Autocomplete is not yet implemented.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/nftables.h |    4 ++-
 src/cli.c          |   13 ++++++----
 src/main.c         |   71 +++++++++++++++++++++++++++++-----------------------
 src/rule.c         |   25 +++++++++++++-----
 4 files changed, 70 insertions(+), 43 deletions(-)

diff --git a/include/nftables.h b/include/nftables.h
index 66bfab3..0eab1e5 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -25,7 +25,7 @@ extern unsigned int debug_level;
 extern const char *include_paths[INCLUDE_PATHS_MAX];
 
 struct parser_state;
-extern int cli_init(void *scanner, struct parser_state *state);
+extern int cli_init(struct parser_state *state);
 extern void cli_exit(void);
 extern void cli_display(const char *fmt, va_list ap) __fmtstring(1, 0);
 
@@ -101,4 +101,6 @@ struct input_descriptor {
 	off_t				line_offset;
 };
 
+int nft_run(void *scanner, struct parser_state *state, struct list_head *msgs);
+
 #endif /* NFTABLES_NFTABLES_H */
diff --git a/src/cli.c b/src/cli.c
index e302dfa..fce34e1 100644
--- a/src/cli.c
+++ b/src/cli.c
@@ -27,11 +27,13 @@
 #include <parser.h>
 #include <erec.h>
 #include <utils.h>
+#include <netlink.h>
 
 #define CMDLINE_HISTFILE	".nft.history"
 
 static const struct input_descriptor indesc_cli = {
 	.type	= INDESC_CLI,
+	.name   = "<cli>",
 };
 
 static struct parser_state *state;
@@ -86,6 +88,7 @@ static void cli_complete(char *line)
 {
 	const HIST_ENTRY *hist;
 	const char *c;
+	LIST_HEAD(msgs);
 
 	line = cli_append_multiline(line);
 	if (line == NULL)
@@ -102,10 +105,10 @@ static void cli_complete(char *line)
 	if (hist == NULL || strcmp(hist->line, line))
 		add_history(line);
 
+	parser_init(state, &msgs);
 	scanner_push_buffer(scanner, &indesc_cli, line);
-	nft_parse(scanner, state);
-
-	erec_print_list(stdout, state->msgs);
+	nft_run(scanner, state, &msgs);
+	erec_print_list(stdout, &msgs);
 	xfree(line);
 }
 
@@ -140,7 +143,7 @@ void __fmtstring(1, 0) cli_display(const char *fmt, va_list ap)
 	rl_forced_update_display();
 }
 
-int cli_init(void *_scanner, struct parser_state *_state)
+int cli_init(struct parser_state *_state)
 {
 	const char *home;
 
@@ -159,8 +162,8 @@ int cli_init(void *_scanner, struct parser_state *_state)
 	read_history(histfile);
 	history_set_pos(history_length);
 
-	scanner = _scanner;
 	state	= _state;
+	scanner = scanner_init(state);
 
 	while (!eof)
 		rl_callback_read_char();
diff --git a/src/main.c b/src/main.c
index ab2ceab..283ec28 100644
--- a/src/main.c
+++ b/src/main.c
@@ -141,17 +141,48 @@ static const struct input_descriptor indesc_cmdline = {
 	.name	= "<cmdline>",
 };
 
+int nft_run(void *scanner, struct parser_state *state, struct list_head *msgs)
+{
+	struct eval_ctx ctx;
+	int ret;
+
+	ret = nft_parse(scanner, state);
+	if (ret != 0)
+		return -1;
+
+	memset(&ctx, 0, sizeof(ctx));
+	ctx.msgs = msgs;
+	if (evaluate(&ctx, &state->cmds) < 0)
+		return -1;
+
+	{
+		struct netlink_ctx ctx;
+		struct cmd *cmd, *next;
+
+		list_for_each_entry_safe(cmd, next, &state->cmds, list) {
+			memset(&ctx, 0, sizeof(ctx));
+			ctx.msgs = msgs;
+			init_list_head(&ctx.list);
+			ret = do_command(&ctx, cmd);
+			list_del(&cmd->list);
+			cmd_free(cmd);
+			if (ret < 0)
+				return ret;
+		}
+	}
+
+	return 0;
+}
+
 int main(int argc, char * const *argv)
 {
 	struct parser_state state;
-	struct eval_ctx ctx;
 	void *scanner;
 	LIST_HEAD(msgs);
 	char *buf = NULL, *filename = NULL;
 	unsigned int len;
 	bool interactive = false;
 	int i, val;
-	int ret;
 
 	while (1) {
 		val = getopt_long(argc, argv, OPTSTRING, options, NULL);
@@ -218,9 +249,6 @@ int main(int argc, char * const *argv)
 		}
 	}
 
-	parser_init(&state, &msgs);
-	scanner = scanner_init(&state);
-
 	if (optind != argc) {
 		for (len = 0, i = optind; i < argc; i++)
 			len += strlen(argv[i]) + strlen(" ");
@@ -231,44 +259,25 @@ int main(int argc, char * const *argv)
 			if (i + 1 < argc)
 				strcat(buf, " ");
 		}
-
+		parser_init(&state, &msgs);
+		scanner = scanner_init(&state);
 		scanner_push_buffer(scanner, &indesc_cmdline, buf);
 	} else if (filename != NULL) {
+		parser_init(&state, &msgs);
+		scanner = scanner_init(&state);
 		if (scanner_read_file(scanner, filename, &internal_location) < 0)
 			goto out;
 	} else if (interactive) {
-		cli_init(scanner, &state);
+		cli_init(&state);
+		return 0;
 	} else {
 		fprintf(stderr, "%s: no command specified\n", argv[0]);
 		exit(NFT_EXIT_FAILURE);
 	}
 
-	ret = nft_parse(scanner, &state);
-	if (ret != 0)
-		goto out;
-
-	memset(&ctx, 0, sizeof(ctx));
-	ctx.msgs = &msgs;
-	if (evaluate(&ctx, &state.cmds) < 0)
-		goto out;
-
-	{
-		struct netlink_ctx ctx;
-		struct cmd *cmd, *next;
-
-		list_for_each_entry_safe(cmd, next, &state.cmds, list) {
-			memset(&ctx, 0, sizeof(ctx));
-			ctx.msgs = &msgs;
-			init_list_head(&ctx.list);
-			if (do_command(&ctx, cmd) < 0)
-				goto out;
-			list_del(&cmd->list);
-			cmd_free(cmd);
-		}
-	}
+	nft_run(scanner, &state, &msgs);
 out:
 	scanner_destroy(scanner);
-	scope_release(&state.top_scope);
 	erec_print_list(stdout, &msgs);
 
 	xfree(buf);
diff --git a/src/rule.c b/src/rule.c
index 89c3607..9d9eaee 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -142,7 +142,6 @@ void rule_print(const struct rule *rule)
 struct scope *scope_init(struct scope *scope, const struct scope *parent)
 {
 	scope->parent = parent;
-	init_list_head(&scope->symbols);
 	return scope;
 }
 
@@ -189,6 +188,7 @@ struct chain *chain_alloc(const char *name)
 
 	chain = xzalloc(sizeof(*chain));
 	init_list_head(&chain->rules);
+	init_list_head(&chain->scope.symbols);
 	if (name != NULL)
 		chain->handle.chain = xstrdup(name);
 	return chain;
@@ -240,6 +240,7 @@ struct table *table_alloc(void)
 	table = xzalloc(sizeof(*table));
 	init_list_head(&table->chains);
 	init_list_head(&table->sets);
+	init_list_head(&table->scope.symbols);
 	return table;
 }
 
@@ -472,14 +473,20 @@ static int do_list_sets(struct netlink_ctx *ctx, const struct location *loc,
 
 static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
 {
-	struct table *table;
-	struct chain *chain;
+	struct table *table = NULL;
+	struct chain *chain, *nchain;
 	struct rule *rule, *nrule;
 	struct set *set, *nset;
 
-	table = table_alloc();
-	handle_merge(&table->handle, &cmd->handle);
-	table_add_hash(table);
+	/* No need to allocate the table object when listing all tables */
+	if (cmd->handle.table != NULL) {
+		table = table_lookup(&cmd->handle);
+		if (table == NULL) {
+			table = table_alloc();
+			handle_merge(&table->handle, &cmd->handle);
+			table_add_hash(table);
+		}
+	}
 
 	switch (cmd->obj) {
 	case CMD_OBJ_TABLE:
@@ -546,6 +553,12 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd)
 	}
 
 	table_print(table);
+
+	list_for_each_entry_safe(chain, nchain, &table->chains, list) {
+		list_del(&chain->list);
+		chain_free(chain);
+	}
+
 	return 0;
 }
 
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux