[PATCH nft 2/5] src: add chain_spec

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Store location object in handle to improve error reporting.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 include/rule.h            |  7 ++++++-
 src/evaluate.c            |  4 ++--
 src/netlink.c             | 14 +++++++-------
 src/netlink_delinearize.c |  4 ++--
 src/parser_bison.y        |  6 ++++--
 src/rule.c                | 16 ++++++++--------
 6 files changed, 29 insertions(+), 22 deletions(-)

diff --git a/include/rule.h b/include/rule.h
index 88750f0a4b54..4ea09c52b12e 100644
--- a/include/rule.h
+++ b/include/rule.h
@@ -32,6 +32,11 @@ struct table_spec {
 	const char		*name;
 };
 
+struct chain_spec {
+	struct location		location;
+	const char		*name;
+};
+
 /**
  * struct handle - handle for tables, chains, rules and sets
  *
@@ -48,7 +53,7 @@ struct table_spec {
 struct handle {
 	uint32_t		family;
 	struct table_spec	table;
-	const char		*chain;
+	struct chain_spec	chain;
 	const char		*set;
 	const char		*obj;
 	const char		*flowtable;
diff --git a/src/evaluate.c b/src/evaluate.c
index 76125fcd884d..78ff6071230a 100644
--- a/src/evaluate.c
+++ b/src/evaluate.c
@@ -3176,7 +3176,7 @@ static int cmd_evaluate_list(struct eval_ctx *ctx, struct cmd *cmd)
 					 cmd->handle.table.name);
 		if (chain_lookup(table, &cmd->handle) == NULL)
 			return cmd_error(ctx, "Could not process rule: Chain '%s' does not exist",
-					 cmd->handle.chain);
+					 cmd->handle.chain.name);
 		return 0;
 	case CMD_OBJ_QUOTA:
 		return cmd_evaluate_list_obj(ctx, cmd, NFT_OBJECT_QUOTA);
@@ -3319,7 +3319,7 @@ static int cmd_evaluate_rename(struct eval_ctx *ctx, struct cmd *cmd)
 					 ctx->cmd->handle.table.name);
 		if (chain_lookup(table, &ctx->cmd->handle) == NULL)
 			return cmd_error(ctx, "Could not process rule: Chain '%s' does not exist",
-					 ctx->cmd->handle.chain);
+					 ctx->cmd->handle.chain.name);
 		break;
 	default:
 		BUG("invalid command object type %u\n", cmd->obj);
diff --git a/src/netlink.c b/src/netlink.c
index 0c078d643344..e33e094e1992 100644
--- a/src/netlink.c
+++ b/src/netlink.c
@@ -145,8 +145,8 @@ struct nftnl_chain *alloc_nftnl_chain(const struct handle *h)
 	nftnl_chain_set_str(nlc, NFTNL_CHAIN_TABLE, h->table.name);
 	if (h->handle.id)
 		nftnl_chain_set_u64(nlc, NFTNL_CHAIN_HANDLE, h->handle.id);
-	if (h->chain != NULL)
-		nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, h->chain);
+	if (h->chain.name != NULL)
+		nftnl_chain_set_str(nlc, NFTNL_CHAIN_NAME, h->chain.name);
 
 	return nlc;
 }
@@ -161,8 +161,8 @@ struct nftnl_rule *alloc_nftnl_rule(const struct handle *h)
 
 	nftnl_rule_set_u32(nlr, NFTNL_RULE_FAMILY, h->family);
 	nftnl_rule_set_str(nlr, NFTNL_RULE_TABLE, h->table.name);
-	if (h->chain != NULL)
-		nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain);
+	if (h->chain.name != NULL)
+		nftnl_rule_set_str(nlr, NFTNL_RULE_CHAIN, h->chain.name);
 	if (h->handle.id)
 		nftnl_rule_set_u64(nlr, NFTNL_RULE_HANDLE, h->handle.id);
 	if (h->position.id)
@@ -540,7 +540,7 @@ static int list_rule_cb(struct nftnl_rule *nlr, void *arg)
 
 	if (h->family != family ||
 	    strcmp(table, h->table.name) != 0 ||
-	    (h->chain && strcmp(chain, h->chain) != 0))
+	    (h->chain.name && strcmp(chain, h->chain.name) != 0))
 		return 0;
 
 	netlink_dump_rule(nlr, ctx);
@@ -697,7 +697,7 @@ static int list_chain_cb(struct nftnl_chain *nlc, void *arg)
 
 	if (h->family != family || strcmp(table, h->table.name) != 0)
 		return 0;
-	if (h->chain && strcmp(name, h->chain) != 0)
+	if (h->chain.name && strcmp(name, h->chain.name) != 0)
 		return 0;
 
 	chain = netlink_delinearize_chain(ctx, nlc);
@@ -1720,7 +1720,7 @@ static void trace_print_rule(const struct nftnl_trace *nlt,
 
 	h.family = nftnl_trace_get_u32(nlt, NFTNL_TRACE_FAMILY);
 	h.table.name  = nftnl_trace_get_str(nlt, NFTNL_TRACE_TABLE);
-	h.chain  = nftnl_trace_get_str(nlt, NFTNL_TRACE_CHAIN);
+	h.chain.name  = nftnl_trace_get_str(nlt, NFTNL_TRACE_CHAIN);
 
 	if (!h.table.name)
 		return;
diff --git a/src/netlink_delinearize.c b/src/netlink_delinearize.c
index 8b42850ecd43..eb509917e01d 100644
--- a/src/netlink_delinearize.c
+++ b/src/netlink_delinearize.c
@@ -2444,8 +2444,8 @@ struct rule *netlink_delinearize_rule(struct netlink_ctx *ctx,
 
 	memset(&h, 0, sizeof(h));
 	h.family = nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY);
-	h.table.name  = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE));
-	h.chain  = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN));
+	h.table.name = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE));
+	h.chain.name = xstrdup(nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN));
 	h.handle.id = nftnl_rule_get_u64(nlr, NFTNL_RULE_HANDLE);
 
 	if (nftnl_rule_is_set(nlr, NFTNL_RULE_POSITION))
diff --git a/src/parser_bison.y b/src/parser_bison.y
index c104bc86fadb..1d44189775f0 100644
--- a/src/parser_bison.y
+++ b/src/parser_bison.y
@@ -1862,7 +1862,8 @@ tableid_spec 		: 	family_spec 	HANDLE NUM
 chain_spec		:	table_spec	identifier
 			{
 				$$		= $1;
-				$$.chain	= $2;
+				$$.chain.name	= $2;
+				$$.chain.location = @2;
 			}
 			;
 
@@ -1877,7 +1878,8 @@ chainid_spec 		: 	table_spec 	HANDLE NUM
 chain_identifier	:	identifier
 			{
 				memset(&$$, 0, sizeof($$));
-				$$.chain	= $1;
+				$$.chain.name		= $1;
+				$$.chain.location	= @1;
 			}
 			;
 
diff --git a/src/rule.c b/src/rule.c
index 6c2b4eea7c24..bbf23a6bcb50 100644
--- a/src/rule.c
+++ b/src/rule.c
@@ -31,7 +31,7 @@
 void handle_free(struct handle *h)
 {
 	xfree(h->table.name);
-	xfree(h->chain);
+	xfree(h->chain.name);
 	xfree(h->set);
 	xfree(h->flowtable);
 }
@@ -42,8 +42,8 @@ void handle_merge(struct handle *dst, const struct handle *src)
 		dst->family = src->family;
 	if (dst->table.name == NULL && src->table.name != NULL)
 		dst->table.name = xstrdup(src->table.name);
-	if (dst->chain == NULL && src->chain != NULL)
-		dst->chain = xstrdup(src->chain);
+	if (dst->chain.name == NULL && src->chain.name != NULL)
+		dst->chain.name = xstrdup(src->chain.name);
 	if (dst->set == NULL && src->set != NULL)
 		dst->set = xstrdup(src->set);
 	if (dst->flowtable == NULL && src->flowtable != NULL)
@@ -620,7 +620,7 @@ struct chain *chain_alloc(const char *name)
 	init_list_head(&chain->rules);
 	init_list_head(&chain->scope.symbols);
 	if (name != NULL)
-		chain->handle.chain = xstrdup(name);
+		chain->handle.chain.name = xstrdup(name);
 
 	chain->policy = -1;
 	return chain;
@@ -658,7 +658,7 @@ struct chain *chain_lookup(const struct table *table, const struct handle *h)
 	struct chain *chain;
 
 	list_for_each_entry(chain, &table->chains, list) {
-		if (!strcmp(chain->handle.chain, h->chain))
+		if (!strcmp(chain->handle.chain.name, h->chain.name))
 			return chain;
 	}
 	return NULL;
@@ -746,7 +746,7 @@ static const char *chain_policy2str(uint32_t policy)
 static void chain_print_declaration(const struct chain *chain,
 				    struct output_ctx *octx)
 {
-	nft_print(octx, "\tchain %s {", chain->handle.chain);
+	nft_print(octx, "\tchain %s {", chain->handle.chain.name);
 	if (octx->handle > 0)
 		nft_print(octx, " # handle %" PRIu64, chain->handle.handle.id);
 	nft_print(octx, "\n");
@@ -777,7 +777,7 @@ static void chain_print(const struct chain *chain, struct output_ctx *octx)
 void chain_print_plain(const struct chain *chain, struct output_ctx *octx)
 {
 	nft_print(octx, "chain %s %s %s", family2str(chain->handle.family),
-		  chain->handle.table.name, chain->handle.chain);
+		  chain->handle.table.name, chain->handle.chain.name);
 
 	if (chain->flags & CHAIN_F_BASECHAIN) {
 		nft_print(octx, " { type %s hook %s priority %d; policy %s; }",
@@ -1754,7 +1754,7 @@ static int do_list_chain(struct netlink_ctx *ctx, struct cmd *cmd,
 
 	list_for_each_entry(chain, &table->chains, list) {
 		if (chain->handle.family != cmd->handle.family ||
-		    strcmp(cmd->handle.chain, chain->handle.chain) != 0)
+		    strcmp(cmd->handle.chain.name, chain->handle.chain.name) != 0)
 			continue;
 
 		chain_print(chain, ctx->octx);
-- 
2.11.0

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux