On Thu, Jul 20, 2023 at 04:27:02PM +0200, Thomas Haller wrote:
[...]
> diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc
> index 77f3a0fd5659..27e230281edb 100644
> --- a/doc/libnftables.adoc
> +++ b/doc/libnftables.adoc
> @@ -87,6 +87,7 @@ The flags setting controls the input format.
> ----
> enum {
> NFT_CTX_INPUT_NO_DNS = (1 << 0),
> + NFT_CTX_INPUT_JSON = (1 << 1),
> };
> ----
>
> @@ -94,6 +95,11 @@ NFT_CTX_INPUT_NO_DNS::
> Avoid resolving IP addresses with blocking getaddrinfo(). In that case,
> only plain IP addresses are accepted.
>
> +NFT_CTX_INPUT_JSON:
> + When parsing the input, first try to interpret the input as JSON before
> + falling back to the nftables format. This behavior is implied when setting
> + the NFT_CTX_OUTPUT_JSON flag.
I would drop the last sentence here and extend NFT_CTX_OUTPUT_JSON docs
instead, illustrating that it implicitly enables NFT_CTX_INPUT_JSON. Or
keep the sentence here, if you prefer. But JSON input being enabled when
enabling JSON output is the actually unintuitive part for people aware
of input flags' existence.
[...]
> diff --git a/src/libnftables.c b/src/libnftables.c
> index 6832f0486d6d..a2e0ae6b5843 100644
> --- a/src/libnftables.c
> +++ b/src/libnftables.c
> @@ -578,7 +578,8 @@ int nft_run_cmd_from_buffer(struct nft_ctx *nft, const char *buf)
> nlbuf = xzalloc(strlen(buf) + 2);
> sprintf(nlbuf, "%s\n", buf);
>
> - if (nft_output_json(&nft->output))
> + if (nft_output_json(&nft->output) ||
> + (nft_ctx_input_get_flags(nft) & NFT_CTX_INPUT_JSON))
As pointed out before, this reads much nicer with a getter:
| if (nft_output_json(&nft->output) ||
| nft_input_json(&nft->input))
Cheers, Phil
