static int
nft_rule_expr_queue_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
uint16_t queue_num, queue_total, flags;
if (nft_mxml_num_parse(tree, "num", MXML_DESCEND_FIRST, BASE_DEC,
&queue_num, NFT_TYPE_U16, NFT_XML_MAND,
err) == 0)
nft_rule_expr_set_u16(e, NFT_EXPR_QUEUE_NUM, queue_num);
if (nft_mxml_num_parse(tree, "total", MXML_DESCEND_FIRST, BASE_DEC,
&queue_total, NFT_TYPE_U16,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u16(e, NFT_EXPR_QUEUE_TOTAL, queue_total);
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST, BASE_DEC,
&flags, NFT_TYPE_U16,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u16(e, NFT_EXPR_QUEUE_FLAGS, flags);
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e,
mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
const char *prefix;
uint32_t snaplen, level, flags;
uint16_t group, qthreshold;
prefix = nft_mxml_str_parse(tree, "prefix", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
if (prefix != NULL)
nft_rule_expr_set_str(e, NFT_EXPR_LOG_PREFIX, prefix);
if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC,
&group, NFT_TYPE_U16, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u16(e, NFT_EXPR_LOG_GROUP, group);
if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC,
&snaplen, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_LOG_SNAPLEN, snaplen);
if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST, BASE_DEC,
&qthreshold, NFT_TYPE_U16, NFT_XML_MAND,
err) == 0)
nft_rule_expr_set_u16(e, NFT_EXPR_LOG_QTHRESHOLD, qthreshold);
if (nft_mxml_num_parse(tree, "level", MXML_DESCEND_FIRST, BASE_DEC,
&level, NFT_TYPE_U16, NFT_XML_MAND,
err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_LOG_LEVEL, level);
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST, BASE_DEC,
&flags, NFT_TYPE_U16, NFT_XML_MAND,
err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_LOG_FLAGS, flags);
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int
nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
const char *op;
int32_t ntoh;
uint32_t sreg, dreg, len, size;
if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SREG, sreg);
if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND, NFT_XML_MAND,
err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_DREG, dreg);
op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST, NFT_XML_MAND,
err);
if (op != NULL) {
ntoh = nft_str2ntoh(op);
if (ntoh < 0)
return -1;
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_OP, ntoh);
}
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
&len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_LEN, len);
if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC,
&size, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SIZE, size);
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
const char *nat_type;
uint32_t family, nat_type_value, flags;
uint32_t reg_addr_min, reg_addr_max;
uint32_t reg_proto_min, reg_proto_max;
nat_type = nft_mxml_str_parse(tree, "nat_type", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
if (nat_type == NULL)
return -1;
nat_type_value = nft_str2nat(nat_type);
if (nat_type_value < 0)
return -1;
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_TYPE, nat_type_value);
family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST,
NFT_XML_MAND, err);
if (family < 0) {
mxmlDelete(tree);
return -1;
}
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FAMILY, family);
if (nft_mxml_reg_parse(tree, "sreg_addr_min", ®_addr_min,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MIN, reg_addr_min);
if (nft_mxml_reg_parse(tree, "sreg_addr_max", ®_addr_max,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MAX, reg_addr_max);
if (nft_mxml_reg_parse(tree, "sreg_proto_min", ®_proto_min,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MIN, reg_proto_min);
if (nft_mxml_reg_parse(tree, "sreg_proto_max", ®_proto_max,
MXML_DESCEND, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MAX, reg_proto_max);
if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND, BASE_DEC, &flags,
NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FLAGS, flags);
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
static int
nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree,
struct nft_parse_err *err)
{
#ifdef XML_PARSING
struct nft_expr_bitwise *bitwise = nft_expr_data(e);
uint32_t sreg, dreg, len;
if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_SREG, sreg);
if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND_FIRST,
NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_DREG, dreg);
if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC,
&len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0)
nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_LEN, len);
if (nft_mxml_data_reg_parse(tree, "mask", &bitwise->mask, NFT_XML_MAND,
err) == DATA_VALUE)
e->flags |= (1 << NFT_EXPR_BITWISE_MASK);
if (nft_mxml_data_reg_parse(tree, "xor", &bitwise->xor, NFT_XML_MAND,
err) == DATA_VALUE)
e->flags |= (1 << NFT_EXPR_BITWISE_XOR);
/* Additional validation: mask and xor must use the same number of
* data registers.
*/
if (bitwise->mask.len != bitwise->xor.len)
return -1;
return 0;
#else
errno = EOPNOTSUPP;
return -1;
#endif
}
