Re: [libnftables PATCH] src: add fprintf functions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi Arturo,

On Wed, Oct 16, 2013 at 07:14:38PM +0200, Arturo Borrero Gonzalez wrote:
> Now it's possible to print directly from libnftables to a file or other stream.
> 
> In order to don't force any format, the caller must print '\n'.
> 
> Signed-off-by: Arturo Borrero Gonzale <arturo.borrero.glez@xxxxxxxxx>
> ---
>  include/libnftables/chain.h   |    1 +
>  include/libnftables/rule.h    |    1 +
>  include/libnftables/ruleset.h |    1 +
>  include/libnftables/set.h     |    2 ++
>  include/libnftables/table.h   |    1 +
>  src/chain.c                   |   27 +++++++++++++++++++++++++++
>  src/internal.h                |    2 ++
>  src/libnftables.map           |    6 ++++++
>  src/rule.c                    |   27 +++++++++++++++++++++++++++
>  src/ruleset.c                 |   28 ++++++++++++++++++++++++++++
>  src/set.c                     |   27 +++++++++++++++++++++++++++
>  src/set_elem.c                |   27 +++++++++++++++++++++++++++
>  src/table.c                   |   27 +++++++++++++++++++++++++++
>  13 files changed, 177 insertions(+)
> 
> diff --git a/include/libnftables/chain.h b/include/libnftables/chain.h
> index d3086ea..4b58f16 100644
> --- a/include/libnftables/chain.h
> +++ b/include/libnftables/chain.h
> @@ -58,6 +58,7 @@ enum nft_chain_parse_type {
>  
>  int nft_chain_parse(struct nft_chain *c, enum nft_chain_parse_type type, const char *data);
>  int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *t, uint32_t type, uint32_t flags);
> +int nft_chain_fprintf(FILE *fp, struct nft_chain *c, uint32_t type, uint32_t flags);
>  
>  struct nlmsghdr *nft_chain_nlmsg_build_hdr(char *buf, uint16_t cmd, uint16_t family, uint16_t type, uint32_t seq);
>  int nft_chain_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_chain *t);
> diff --git a/include/libnftables/rule.h b/include/libnftables/rule.h
> index 9fba9c8..a35b700 100644
> --- a/include/libnftables/rule.h
> +++ b/include/libnftables/rule.h
> @@ -57,6 +57,7 @@ enum nft_rule_parse_type {
>  
>  int nft_rule_parse(struct nft_rule *r, enum nft_rule_parse_type type, const char *data);
>  int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *t, uint32_t type, uint32_t flags);
> +int nft_rule_fprintf(FILE *fp, struct nft_rule *r, uint32_t type, uint32_t flags);
>  
>  struct nlmsghdr *nft_rule_nlmsg_build_hdr(char *buf, uint16_t cmd, uint16_t family, uint16_t type, uint32_t seq);
>  int nft_rule_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_rule *t);
> diff --git a/include/libnftables/ruleset.h b/include/libnftables/ruleset.h
> index a4a1279..980276d 100644
> --- a/include/libnftables/ruleset.h
> +++ b/include/libnftables/ruleset.h
> @@ -37,6 +37,7 @@ enum nft_ruleset_parse_type {
>  
>  int nft_ruleset_parse(struct nft_ruleset *rs, enum nft_ruleset_parse_type type, const char *data);
>  int nft_ruleset_snprintf(char *buf, size_t size, const struct nft_ruleset *rs, uint32_t type, uint32_t flags);
> +int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type, uint32_t flags);
>  
>  #ifdef __cplusplus
>  } /* extern "C" */
> diff --git a/include/libnftables/set.h b/include/libnftables/set.h
> index e377826..2bddda4 100644
> --- a/include/libnftables/set.h
> +++ b/include/libnftables/set.h
> @@ -36,6 +36,7 @@ int nft_set_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s);
>  int nft_set_elems_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set *s);
>  
>  int nft_set_snprintf(char *buf, size_t size, struct nft_set *s, uint32_t type, uint32_t flags);
> +int nft_set_fprintf(FILE *fp, struct nft_set *s, uint32_t type, uint32_t flags);
>  
>  struct nft_set_list;
>  
> @@ -106,6 +107,7 @@ int nft_set_elem_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_set_elem *s)
>  
>  int nft_set_elem_parse(struct nft_set_elem *e, enum nft_set_parse_type type, const char *data);
>  int nft_set_elem_snprintf(char *buf, size_t size, struct nft_set_elem *s, uint32_t type, uint32_t flags);
> +int nft_set_elem_fprintf(FILE *fp, struct nft_set_elem *se, uint32_t type, uint32_t flags);
>  
>  int nft_set_elem_foreach(struct nft_set *s, int (*cb)(struct nft_set_elem *e, void *data), void *data);
>  
> diff --git a/include/libnftables/table.h b/include/libnftables/table.h
> index 66574cf..c412c43 100644
> --- a/include/libnftables/table.h
> +++ b/include/libnftables/table.h
> @@ -46,6 +46,7 @@ enum nft_table_parse_type {
>  
>  int nft_table_parse(struct nft_table *t, enum nft_table_parse_type type, const char *data);
>  int nft_table_snprintf(char *buf, size_t size, struct nft_table *t, uint32_t type, uint32_t flags);
> +int nft_table_fprintf(FILE *fp, struct nft_table *t, uint32_t type, uint32_t flags);
>  
>  struct nlmsghdr *nft_table_nlmsg_build_hdr(char *buf, uint16_t cmd, uint16_t family, uint16_t type, uint32_t seq);
>  int nft_table_nlmsg_parse(const struct nlmsghdr *nlh, struct nft_table *t);
> diff --git a/src/chain.c b/src/chain.c
> index f831479..b92b22f 100644
> --- a/src/chain.c
> +++ b/src/chain.c
> @@ -851,6 +851,33 @@ int nft_chain_snprintf(char *buf, size_t size, struct nft_chain *c,
>  }
>  EXPORT_SYMBOL(nft_chain_snprintf);
>  
> +int nft_chain_fprintf(FILE *fp, struct nft_chain *c, uint32_t type,
> +		      uint32_t flags)
> +{
> +	char _buf[NFT_SNPRINTF_BUFSIZ];
> +	char *buf = _buf;
> +	size_t bufsiz = sizeof(_buf);
> +	int ret;
> +
> +	ret = nft_chain_snprintf(buf, bufsiz, c, type, flags);
> +	if (ret > NFT_SNPRINTF_BUFSIZ) {
> +		buf = calloc(1, ret);
> +		if (buf == NULL)
> +			return -1;
> +
> +		bufsiz = ret;
> +		ret = nft_chain_snprintf(buf, bufsiz, c, type, flags);
> +	}
> +
> +	ret = fprintf(fp, "%s", buf);
> +
> +	if (buf != _buf)
> +		xfree(buf);
> +
> +	return ret;
> +}

Most of this code looks very similar, I think you can refactorize it
by adding some internal function:

int nft_fprintf(FILE *fp, void *obj, uint32_t type, uint32_t flags,
                size_t (*snprintf_cb)(char *but, size_t bufsiz, void *obj,
                                      uint32_t type, uint32_t flags))
{
        ...

        ret = snprintf_cb(...);
        if (...) {
                ...
                ret = snprintf_cb(...);
        }
        ...
}

Thus, nft_chain_fprintf looks like:

int nft_chain_fprintf(...)
{
        return nft_fprintf(..., nft_chain_snprintf);
}

One more comment below.

> +EXPORT_SYMBOL(nft_chain_fprintf);
> +
>  struct nft_chain_list {
>  	struct list_head list;
>  };
> diff --git a/src/internal.h b/src/internal.h
> index b29288a..e0f17ec 100644
> --- a/src/internal.h
> +++ b/src/internal.h
> @@ -17,6 +17,8 @@
>  #define BASE_DEC 10
>  #define BASE_HEX 16
>  
> +#define NFT_SNPRINTF_BUFSIZ 4096
> +
>  enum nft_type {
>  	NFT_TYPE_U8,
>  	NFT_TYPE_U16,
> diff --git a/src/libnftables.map b/src/libnftables.map
> index 1223403..aa47714 100644
> --- a/src/libnftables.map
> +++ b/src/libnftables.map
> @@ -12,6 +12,7 @@ global:
>    nft_table_attr_get_str;
>    nft_table_parse;
>    nft_table_snprintf;
> +  nft_table_fprintf;
>    nft_table_nlmsg_build_hdr;
>    nft_table_nlmsg_build_payload;
>    nft_table_nlmsg_parse;
> @@ -42,6 +43,7 @@ global:
>    nft_chain_attr_get_str;
>    nft_chain_parse;
>    nft_chain_snprintf;
> +  nft_chain_fprintf;
>    nft_chain_nlmsg_build_hdr;
>    nft_chain_nlmsg_build_payload;
>    nft_chain_nlmsg_parse;
> @@ -71,6 +73,7 @@ global:
>    nft_rule_attr_get_str;
>    nft_rule_parse;
>    nft_rule_snprintf;
> +  nft_rule_fprintf;
>    nft_rule_nlmsg_build_hdr;
>    nft_rule_nlmsg_build_payload;
>    nft_rule_nlmsg_parse;
> @@ -126,6 +129,7 @@ global:
>    nft_set_nlmsg_parse;
>    nft_set_parse;
>    nft_set_snprintf;
> +  nft_set_fprintf;
>  
>    nft_set_list_alloc;
>    nft_set_list_free;
> @@ -157,6 +161,7 @@ global:
>    nft_set_elem_nlmsg_parse;
>    nft_set_elem_parse;
>    nft_set_elem_snprintf;
> +  nft_set_elem_fprinf;
>  
>    nft_set_elems_nlmsg_build_payload;
>    nft_set_elems_nlmsg_parse;
> @@ -176,6 +181,7 @@ global:
>    nft_ruleset_attr_get;
>    nft_ruleset_parse;
>    nft_ruleset_snprintf;
> +  nft_ruleset_fprintf;
>  
>  local: *;
>  };
> diff --git a/src/rule.c b/src/rule.c
> index 7f2bce6..68e733b 100644
> --- a/src/rule.c
> +++ b/src/rule.c
> @@ -843,6 +843,33 @@ int nft_rule_snprintf(char *buf, size_t size, struct nft_rule *r,
>  }
>  EXPORT_SYMBOL(nft_rule_snprintf);
>  
> +int nft_rule_fprintf(FILE *fp, struct nft_rule *r, uint32_t type,
> +		     uint32_t flags)
> +{
> +	char _buf[NFT_SNPRINTF_BUFSIZ];
> +	char *buf = _buf;
> +	size_t bufsiz = sizeof(_buf);
> +	int ret;
> +
> +	ret = nft_rule_snprintf(buf, bufsiz, r, type, flags);
> +	if (ret > NFT_SNPRINTF_BUFSIZ) {
> +		buf = calloc(1, ret);
> +		if (buf == NULL)
> +			return -1;
> +
> +		bufsiz = ret;
> +		ret = nft_rule_snprintf(buf, bufsiz, r, type, flags);
> +	}
> +
> +	ret = fprintf(fp, "%s", buf);
> +
> +	if (buf != _buf)
> +		xfree(buf);
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL(nft_rule_fprintf);
> +
>  int nft_rule_expr_foreach(struct nft_rule *r,
>                            int (*cb)(struct nft_rule_expr *e, void *data),
>                            void *data)
> diff --git a/src/ruleset.c b/src/ruleset.c
> index a7fbc33..54c3fc1 100644
> --- a/src/ruleset.c
> +++ b/src/ruleset.c
> @@ -811,3 +811,31 @@ int nft_ruleset_snprintf(char *buf, size_t size, const struct nft_ruleset *r,
>  	return -1;
>  }
>  EXPORT_SYMBOL(nft_ruleset_snprintf);
> +
> +int nft_ruleset_fprintf(FILE *fp, const struct nft_ruleset *rs, uint32_t type,
> +			uint32_t flags)
> +{
> +	char _buf[NFT_SNPRINTF_BUFSIZ];
> +	char *buf = _buf;
> +	size_t bufsiz = sizeof(_buf);
> +	int ret;
> +
> +	ret = nft_ruleset_snprintf(buf, bufsiz, rs, type, flags);
> +	if (ret > NFT_SNPRINTF_BUFSIZ) {

For set and ruleset objects, this branch is very likely to happen,
since it is very likely that the buffer will be too small. To avoid
this, I think it's better to provide an optimized version for this
function that iterates over the list of objects and print them.

> +		buf = calloc(1, ret);
> +		if (buf == NULL)
> +			return -1;
> +
> +		bufsiz = ret;
> +		ret = nft_ruleset_snprintf(buf, bufsiz, rs, type, flags);
> +	}
> +
> +	ret = fprintf(fp, "%s", buf);
> +
> +	if (buf != _buf)
> +		xfree(buf);
> +
> +	return ret;
> +}
> +EXPORT_SYMBOL(nft_ruleset_fprintf);
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux