Signed-off-by: Phil Sutter <phil@xxxxxx>
---
include/json.h | 2 ++
src/json.c | 10 ++++++++++
src/parser_json.c | 19 +++++++++++++++++++
src/statement.c | 1 +
4 files changed, 32 insertions(+)
diff --git a/include/json.h b/include/json.h
index 1972bc841525d..0a93bca8d9ead 100644
--- a/include/json.h
+++ b/include/json.h
@@ -74,6 +74,7 @@ json_t *objref_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
json_t *meter_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
json_t *queue_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
json_t *verdict_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
+json_t *connlimit_stmt_json(const struct stmt *stmt, struct output_ctx *octx);
int do_command_list_json(struct netlink_ctx *ctx, struct cmd *cmd);
@@ -149,6 +150,7 @@ STMT_PRINT_STUB(objref)
STMT_PRINT_STUB(meter)
STMT_PRINT_STUB(queue)
STMT_PRINT_STUB(verdict)
+STMT_PRINT_STUB(connlimit)
#undef STMT_PRINT_STUB
#undef EXPR_PRINT_STUB
diff --git a/src/json.c b/src/json.c
index 83d438c6c9c23..a871c934f020c 100644
--- a/src/json.c
+++ b/src/json.c
@@ -1276,6 +1276,16 @@ json_t *verdict_stmt_json(const struct stmt *stmt, struct output_ctx *octx)
return expr_print_json(stmt->expr, octx);
}
+json_t *connlimit_stmt_json(const struct stmt *stmt, struct output_ctx *octx)
+{
+ json_t *root = json_pack("{s:i}", "val", stmt->connlimit.count);
+
+ if (stmt->connlimit.flags & NFT_CONNLIMIT_F_INV)
+ json_object_set_new(root, "inv", json_true());
+
+ return json_pack("{s:o}", "ct count", root);
+}
+
static json_t *table_print_json_full(struct netlink_ctx *ctx,
struct table *table)
{
diff --git a/src/parser_json.c b/src/parser_json.c
index d60cbad8299ef..bc36136f825fc 100644
--- a/src/parser_json.c
+++ b/src/parser_json.c
@@ -2048,6 +2048,24 @@ static struct stmt *json_parse_queue_stmt(struct json_ctx *ctx,
return stmt;
}
+static struct stmt *json_parse_connlimit_stmt(struct json_ctx *ctx,
+ const char *key, json_t *value)
+{
+ struct stmt *stmt = connlimit_stmt_alloc(int_loc);
+
+ if (json_unpack_err(ctx, value, "{s:i}",
+ "val", &stmt->connlimit.count)) {
+ stmt_free(stmt);
+ return NULL;
+ }
+
+ json_unpack(value, "{s:b}", "inv", &stmt->connlimit.flags);
+ if (stmt->connlimit.flags)
+ stmt->connlimit.flags = NFT_CONNLIMIT_F_INV;
+
+ return stmt;
+}
+
static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root)
{
struct {
@@ -2078,6 +2096,7 @@ static struct stmt *json_parse_stmt(struct json_ctx *ctx, json_t *root)
{ "ct helper", json_parse_cthelper_stmt },
{ "meter", json_parse_meter_stmt },
{ "queue", json_parse_queue_stmt },
+ { "ct count", json_parse_connlimit_stmt },
};
const char *type;
unsigned int i;
diff --git a/src/statement.c b/src/statement.c
index 58e86f215d5ac..6f5e6660d474a 100644
--- a/src/statement.c
+++ b/src/statement.c
@@ -159,6 +159,7 @@ static const struct stmt_ops connlimit_stmt_ops = {
.type = STMT_CONNLIMIT,
.name = "connlimit",
.print = connlimit_stmt_print,
+ .json = connlimit_stmt_json,
};
struct stmt *connlimit_stmt_alloc(const struct location *loc)
--
2.17.0
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
