All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH nft,v2 2/2] monitor: honor NLM_F_APPEND flag for rules
@ 2021-09-20 23:19 Pablo Neira Ayuso
  0 siblings, 0 replies; only message in thread
From: Pablo Neira Ayuso @ 2021-09-20 23:19 UTC (permalink / raw)
  To: netfilter-devel

Print 'add' or 'insert' according to this netlink flag.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
v2: restrict 'insert' to rule commands.

 src/monitor.c | 40 ++++++++++++++++++++++++++--------------
 1 file changed, 26 insertions(+), 14 deletions(-)

diff --git a/src/monitor.c b/src/monitor.c
index ffaa39b67304..ff69234bfab4 100644
--- a/src/monitor.c
+++ b/src/monitor.c
@@ -40,6 +40,12 @@
 #include <iface.h>
 #include <json.h>
 
+enum {
+	NFT_OF_EVENT_ADD,
+	NFT_OF_EVENT_INSERT,
+	NFT_OF_EVENT_DEL,
+};
+
 #define nft_mon_print(monh, ...) nft_print(&monh->ctx->nft->output, __VA_ARGS__)
 
 struct nftnl_table *netlink_table_alloc(const struct nlmsghdr *nlh)
@@ -120,17 +126,21 @@ struct nftnl_obj *netlink_obj_alloc(const struct nlmsghdr *nlh)
 	return nlo;
 }
 
-static uint32_t netlink_msg2nftnl_of(uint32_t msg)
+static uint32_t netlink_msg2nftnl_of(uint32_t type, uint16_t flags)
 {
-	switch (msg) {
+	switch (type) {
+	case NFT_MSG_NEWRULE:
+		if (flags & NLM_F_APPEND)
+			return NFT_OF_EVENT_ADD;
+		else
+			return NFT_OF_EVENT_INSERT;
 	case NFT_MSG_NEWTABLE:
 	case NFT_MSG_NEWCHAIN:
 	case NFT_MSG_NEWSET:
 	case NFT_MSG_NEWSETELEM:
-	case NFT_MSG_NEWRULE:
 	case NFT_MSG_NEWOBJ:
 	case NFT_MSG_NEWFLOWTABLE:
-		return NFTNL_OF_EVENT_NEW;
+		return NFT_OF_EVENT_ADD;
 	case NFT_MSG_DELTABLE:
 	case NFT_MSG_DELCHAIN:
 	case NFT_MSG_DELSET:
@@ -147,18 +157,20 @@ static uint32_t netlink_msg2nftnl_of(uint32_t msg)
 static const char *nftnl_of2cmd(uint32_t of)
 {
 	switch (of) {
-	case NFTNL_OF_EVENT_NEW:
+	case NFT_OF_EVENT_ADD:
 		return "add";
-	case NFTNL_OF_EVENT_DEL:
+	case NFT_OF_EVENT_INSERT:
+		return "insert";
+	case NFT_OF_EVENT_DEL:
 		return "delete";
 	default:
 		return "???";
 	}
 }
 
-static const char *netlink_msg2cmd(uint32_t msg)
+static const char *netlink_msg2cmd(uint32_t type, uint16_t flags)
 {
-	return nftnl_of2cmd(netlink_msg2nftnl_of(msg));
+	return nftnl_of2cmd(netlink_msg2nftnl_of(type, flags));
 }
 
 static void nlr_for_each_set(struct nftnl_rule *nlr,
@@ -206,7 +218,7 @@ static int netlink_events_table_cb(const struct nlmsghdr *nlh, int type,
 
 	nlt = netlink_table_alloc(nlh);
 	t = netlink_delinearize_table(monh->ctx, nlt);
-	cmd = netlink_msg2cmd(type);
+	cmd = netlink_msg2cmd(type, nlh->nlmsg_flags);
 
 	switch (monh->format) {
 	case NFTNL_OUTPUT_DEFAULT:
@@ -243,7 +255,7 @@ static int netlink_events_chain_cb(const struct nlmsghdr *nlh, int type,
 
 	nlc = netlink_chain_alloc(nlh);
 	c = netlink_delinearize_chain(monh->ctx, nlc);
-	cmd = netlink_msg2cmd(type);
+	cmd = netlink_msg2cmd(type, nlh->nlmsg_flags);
 
 	switch (monh->format) {
 	case NFTNL_OUTPUT_DEFAULT:
@@ -292,7 +304,7 @@ static int netlink_events_set_cb(const struct nlmsghdr *nlh, int type,
 		return MNL_CB_ERROR;
 	}
 	family = family2str(set->handle.family);
-	cmd = netlink_msg2cmd(type);
+	cmd = netlink_msg2cmd(type, nlh->nlmsg_flags);
 
 	switch (monh->format) {
 	case NFTNL_OUTPUT_DEFAULT:
@@ -394,7 +406,7 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type,
 	table = nftnl_set_get_str(nls, NFTNL_SET_TABLE);
 	setname = nftnl_set_get_str(nls, NFTNL_SET_NAME);
 	family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY);
-	cmd = netlink_msg2cmd(type);
+	cmd = netlink_msg2cmd(type, nlh->nlmsg_flags);
 
 	set = set_lookup_global(family, table, setname, &monh->ctx->nft->cache);
 	if (set == NULL) {
@@ -482,7 +494,7 @@ static int netlink_events_obj_cb(const struct nlmsghdr *nlh, int type,
 		return MNL_CB_ERROR;
 	}
 	family = family2str(obj->handle.family);
-	cmd = netlink_msg2cmd(type);
+	cmd = netlink_msg2cmd(type, nlh->nlmsg_flags);
 
 	switch (monh->format) {
 	case NFTNL_OUTPUT_DEFAULT:
@@ -530,7 +542,7 @@ static int netlink_events_rule_cb(const struct nlmsghdr *nlh, int type,
 	r = netlink_delinearize_rule(monh->ctx, nlr);
 	nlr_for_each_set(nlr, rule_map_decompose_cb, NULL,
 			 &monh->ctx->nft->cache);
-	cmd = netlink_msg2cmd(type);
+	cmd = netlink_msg2cmd(type, nlh->nlmsg_flags);
 
 	switch (monh->format) {
 	case NFTNL_OUTPUT_DEFAULT:
-- 
2.30.2


^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2021-09-20 23:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-20 23:19 [PATCH nft,v2 2/2] monitor: honor NLM_F_APPEND flag for rules Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.