static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
const char *nat_type;
uint32_t family, nat_type_value, flags;
uint32_t reg_addr_min, reg_addr_max;
uint32_t reg_proto_min, reg_proto_max;
nat_type = nft_mxml_str_parse(tree, "nat_type", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
if (nat_type == NULL)
return -1;
nat_type_value = nft_str2nat(nat_type);
if (nat_type_value < 0)
return -1;
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_TYPE, nat_type_value);
family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
if (family < 0) {
mxmlDelete(tree);
return -1;
}
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FAMILY, family);
if (nft_mxml_reg_parse(tree, "sreg_addr_min", ®_addr_min,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MIN, reg_addr_min);
if (nft_mxml_reg_parse(tree, "sreg_addr_max", ®_addr_max,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MAX, reg_addr_max);
if (nft_mxml_reg_parse(tree, "sreg_proto_min", ®_proto_min,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MIN, reg_proto_min);
if (nft_mxml_reg_parse(tree, "sreg_proto_max", ®_proto_max,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MAX, reg_proto_max);
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND, BASE_DEC, &flags,
NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FLAGS, flags);
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
const char *key_str, *dir_str;
int key;
uint8_t dir;
uint32_t dreg, sreg;
if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND_FIRST,
NFT_XML_OPT, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_CT_DREG, dreg);
if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST,
NFT_XML_OPT, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_CT_SREG, sreg);
key_str = nft_mxml_str_parse(tree, "key", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
if (key_str != NULL) {
key = str2ctkey(key_str);
if (key < 0)
return -1;
nft_rule_expr_set_u32(e, NFT_EXPR_CT_KEY, key);
}
dir_str = nft_mxml_str_parse(tree, "dir", MXML_DESCEND_FIRST,
NFT_XML_OPT, err);
if (dir_str != NULL) {
if (str2ctdir(dir_str, &dir) != 0) {
err->node_name = "dir";
err->error = NFT_PARSE_EBADTYPE;
goto err;
}
nft_rule_expr_set_u8(e, NFT_EXPR_CT_DIR, dir);
}
return 0;
err:
errno = EINVAL;
return -1;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int
nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
const char *op;
int32_t ntoh;
uint32_t sreg, dreg, len, size;
if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SREG, sreg);
if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND, NFT_XML_MAND,
err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_DREG, dreg);
op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST, NFT_XML_MAND,
err);
if (op != NULL) {
ntoh = nft_str2ntoh(op);
if (ntoh < 0)
return -1;
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_OP, ntoh);
}
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
&len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_LEN, len);
if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC,
&size, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SIZE, size);
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int
nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
struct nft_expr_bitwise *bitwise = nft_expr_data(e);
uint32_t sreg, dreg, len;
if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_SREG, sreg);
if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND_FIRST,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_DREG, dreg);
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
&len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_LEN, len);
if (nft_mxml_data_reg_parse(tree, "mask", &bitwise->mask, NFT_XML_MAND,
err) == DATA_VALUE)
e->flags |= (1 << NFT_EXPR_BITWISE_MASK);
if (nft_mxml_data_reg_parse(tree, "xor", &bitwise->xor, NFT_XML_MAND,
err) == DATA_VALUE)
e->flags |= (1 << NFT_EXPR_BITWISE_XOR);
/* Additional validation: mask and xor must use the same number of
* data registers.
*/
if (bitwise->mask.len != bitwise->xor.len)
return -1;
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
