On Mon, Oct 29, 2018 at 12:33:39PM +0100, Pablo Neira Ayuso wrote: > Add NFT_CTX_OUTPUT_JSON flag and display output in json format. > > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> > --- > v2: Add nft_output_json() > Fix missing conversion to use NFT_CTX_OUTPUT_JSON. > Remove json field from struct output_ctx. > > doc/libnftables.adoc | 16 +++------------- > include/nftables.h | 6 +++++- > include/nftables/libnftables.h | 3 +-- > src/libnftables.c | 24 ++++-------------------- > src/main.c | 2 +- > src/monitor.c | 2 +- > src/rule.c | 2 +- > 7 files changed, 16 insertions(+), 39 deletions(-) > > diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc > index 8b7aee9af134..5a3562c3266c 100644 > --- a/doc/libnftables.adoc > +++ b/doc/libnftables.adoc > @@ -31,9 +31,6 @@ void nft_ctx_output_set_debug(struct nft_ctx* '\*ctx'*, unsigned int* 'mask'*); > bool nft_ctx_output_get_echo(struct nft_ctx* '\*ctx'*); > void nft_ctx_output_set_echo(struct nft_ctx* '\*ctx'*, bool* 'val'*); > > -bool nft_ctx_output_get_json(struct nft_ctx* '\*ctx'*); > -void nft_ctx_output_set_json(struct nft_ctx* '\*ctx'*, bool* 'val'*); > - > FILE *nft_ctx_set_output(struct nft_ctx* '\*ctx'*, FILE* '\*fp'*); > int nft_ctx_buffer_output(struct nft_ctx* '\*ctx'*); > int nft_ctx_unbuffer_output(struct nft_ctx* '\*ctx'*); > @@ -94,6 +91,7 @@ enum { > NFT_CTX_OUTPUT_SERVICE = (1 << 1), > NFT_CTX_OUTPUT_STATELESS = (1 << 2), > NFT_CTX_OUTPUT_HANDLE = (1 << 3), > + NFT_CTX_OUTPUT_JSON = (1 << 4), > }; > ---- > > @@ -105,6 +103,8 @@ NFT_CTX_OUTPUT_STATELESS:: > If stateless output has been requested then stateful data is not printed. Stateful data refers to those objects that carry run-time data, eg. the *counter* statement holds packet and byte counter values, making it stateful. > NFT_CTX_OUTPUT_HANDLE:: > Upon insertion into the ruleset, some elements are assigned a unique handle for identification purposes. For example, when deleting a table or chain, it may be identified either by name or handle. Rules on the other hand must be deleted by handle because there is no other way to uniquely identify them. These functions allow to control whether ruleset listings should include handles or not. > +NFT_CTX_OUTPUT_JSON:: > + If enabled at compile-time, libnftables accepts input in JSON format and is able to print output in JSON format as well. See *libnftables-json*(5) for a description of the supported schema. These functions control JSON output format, input is auto-detected. How about: + If enabled at compile-time, libnftables accepts input in JSON format and is able to print output in JSON format as well. + See *libnftables-json*(5) for a description of the supported schema. + These functions control JSON output format, input is auto-detected. I.e. implement Phil's suggestion of a new line for each sentence. I'd like to see the previous long line split similarly, but suggest to leave that for a "reformat-only" patch with no change to content. Cheers ... Duncan. > > The *nft_ctx_output_get_flags*() function returns the output flags setting's value in 'ctx'. > > @@ -186,16 +186,6 @@ The *nft_ctx_output_get_echo*() function returns the echo output setting's value > > The *nft_ctx_output_set_echo*() function sets the echo output setting in 'ctx' to the value of 'val'. > > -=== nft_ctx_output_get_json() and nft_ctx_output_set_json() > -If enabled at compile-time, libnftables accepts input in JSON format and is able to print output in JSON format as well. > -See *libnftables-json*(5) for a description of the supported schema. > -These functions control JSON output format, input is auto-detected. > -The default setting is *false*. > - > -The *nft_ctx_output_get_json*() function returns the JSON output setting's value in 'ctx'. > - > -The *nft_ctx_output_set_json*() function sets the JSON output setting in 'ctx' to the value of 'val'. > - > === Controlling library standard and error output > By default, any output from the library (e.g., after a *list* command) is written to 'stdout' and any error messages are written to 'stderr'. > To give applications control over them, there are functions to assign custom file pointers as well as having the library buffer what would be written for later retrieval in a static buffer. > diff --git a/include/nftables.h b/include/nftables.h > index e0e7a1135406..86788a43dd71 100644 > --- a/include/nftables.h > +++ b/include/nftables.h > @@ -19,7 +19,6 @@ struct output_ctx { > unsigned int flags; > unsigned int numeric; > unsigned int echo; > - unsigned int json; > union { > FILE *output_fp; > struct cookie output_cookie; > @@ -50,6 +49,11 @@ static inline bool nft_output_handle(const struct output_ctx *octx) > return octx->flags & NFT_CTX_OUTPUT_HANDLE; > } > > +static inline bool nft_output_json(const struct output_ctx *octx) > +{ > + return octx->flags & NFT_CTX_OUTPUT_JSON; > +} > + > struct nft_cache { > uint16_t genid; > struct list_head list; > diff --git a/include/nftables/libnftables.h b/include/nftables/libnftables.h > index a6ce938305c3..35374072560e 100644 > --- a/include/nftables/libnftables.h > +++ b/include/nftables/libnftables.h > @@ -49,6 +49,7 @@ enum { > NFT_CTX_OUTPUT_SERVICE = (1 << 1), > NFT_CTX_OUTPUT_STATELESS = (1 << 2), > NFT_CTX_OUTPUT_HANDLE = (1 << 3), > + NFT_CTX_OUTPUT_JSON = (1 << 4), > }; > > unsigned int nft_ctx_output_get_flags(struct nft_ctx *ctx); > @@ -60,8 +61,6 @@ unsigned int nft_ctx_output_get_debug(struct nft_ctx *ctx); > void nft_ctx_output_set_debug(struct nft_ctx *ctx, unsigned int mask); > bool nft_ctx_output_get_echo(struct nft_ctx *ctx); > void nft_ctx_output_set_echo(struct nft_ctx *ctx, bool val); > -bool nft_ctx_output_get_json(struct nft_ctx *ctx); > -void nft_ctx_output_set_json(struct nft_ctx *ctx, bool val); > > FILE *nft_ctx_set_output(struct nft_ctx *ctx, FILE *fp); > int nft_ctx_buffer_output(struct nft_ctx *ctx); > diff --git a/src/libnftables.c b/src/libnftables.c > index 6dc1be3d5ef8..ff7a53d22ba4 100644 > --- a/src/libnftables.c > +++ b/src/libnftables.c > @@ -352,22 +352,6 @@ void nft_ctx_output_set_echo(struct nft_ctx *ctx, bool val) > ctx->output.echo = val; > } > > -bool nft_ctx_output_get_json(struct nft_ctx *ctx) > -{ > -#ifdef HAVE_LIBJANSSON > - return ctx->output.json; > -#else > - return false; > -#endif > -} > - > -void nft_ctx_output_set_json(struct nft_ctx *ctx, bool val) > -{ > -#ifdef HAVE_LIBJANSSON > - ctx->output.json = val; > -#endif > -} > - > static const struct input_descriptor indesc_cmdline = { > .type = INDESC_BUFFER, > .name = "<cmdline>", > @@ -425,7 +409,7 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf) > nlbuf = xzalloc(strlen(buf) + 2); > sprintf(nlbuf, "%s\n", buf); > > - if (nft->output.json) > + if (nft_output_json(&nft->output)) > rc = nft_parse_json_buffer(nft, nlbuf, &msgs, &cmds); > if (rc == -EINVAL) > rc = nft_parse_bison_buffer(nft, nlbuf, &msgs, &cmds); > @@ -447,7 +431,7 @@ err: > } > free(nlbuf); > > - if (!rc && nft->output.json && nft->output.echo) > + if (!rc && nft_output_json(&nft->output) && nft->output.echo) > json_print_echo(nft); > return rc; > } > @@ -467,7 +451,7 @@ int nft_run_cmd_from_filename(struct nft_ctx *nft, const char *filename) > filename = "/dev/stdin"; > > rc = -EINVAL; > - if (nft->output.json) > + if (nft_output_json(&nft->output)) > rc = nft_parse_json_filename(nft, filename, &msgs, &cmds); > if (rc == -EINVAL) > rc = nft_parse_bison_filename(nft, filename, &msgs, &cmds); > @@ -488,7 +472,7 @@ err: > nft->scanner = NULL; > } > > - if (!rc && nft->output.json && nft->output.echo) > + if (!rc && nft_output_json(&nft->output) && nft->output.echo) > json_print_echo(nft); > return rc; > } > diff --git a/src/main.c b/src/main.c > index 97b8746608a7..8ea07641734d 100644 > --- a/src/main.c > +++ b/src/main.c > @@ -271,7 +271,7 @@ int main(int argc, char * const *argv) > nft_ctx_output_set_echo(nft, true); > break; > case OPT_JSON: > - nft_ctx_output_set_json(nft, true); > + output_flags |= NFT_CTX_OUTPUT_JSON; > break; > case OPT_INVALID: > exit(EXIT_FAILURE); > diff --git a/src/monitor.c b/src/monitor.c > index 9e3c43dcac68..01480cd7d86e 100644 > --- a/src/monitor.c > +++ b/src/monitor.c > @@ -908,7 +908,7 @@ int netlink_echo_callback(const struct nlmsghdr *nlh, void *data) > if (!echo_monh.ctx->nft->output.echo) > return MNL_CB_OK; > > - if (ctx->nft->output.json) > + if (nft_output_json(&ctx->nft->output)) > return json_events_cb(nlh, &echo_monh); > > return netlink_events_cb(nlh, &echo_monh); > diff --git a/src/rule.c b/src/rule.c > index da1bdc44ab69..86b68cb8c34f 100644 > --- a/src/rule.c > +++ b/src/rule.c > @@ -2127,7 +2127,7 @@ static int do_command_list(struct netlink_ctx *ctx, struct cmd *cmd) > { > struct table *table = NULL; > > - if (ctx->nft->output.json) > + if (nft_output_json(&ctx->nft->output)) > return do_command_list_json(ctx, cmd); > > if (cmd->handle.table.name != NULL) > -- > 2.11.0 >