static int nft_rule_expr_queue_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING uint16_t queue_num, queue_total, flags; if (nft_mxml_num_parse(tree, "num", MXML_DESCEND_FIRST, BASE_DEC, &queue_num, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_QUEUE_NUM, queue_num); if (nft_mxml_num_parse(tree, "total", MXML_DESCEND_FIRST, BASE_DEC, &queue_total, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_QUEUE_TOTAL, queue_total); if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST, BASE_DEC, &flags, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_QUEUE_FLAGS, flags); return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *prefix; uint32_t snaplen, level, flags; uint16_t group, qthreshold; prefix = nft_mxml_str_parse(tree, "prefix", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (prefix != NULL) nft_rule_expr_set_str(e, NFT_EXPR_LOG_PREFIX, prefix); if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC, &group, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_LOG_GROUP, group); if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC, &snaplen, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_LOG_SNAPLEN, snaplen); if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST, BASE_DEC, &qthreshold, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_LOG_QTHRESHOLD, qthreshold); if (nft_mxml_num_parse(tree, "level", MXML_DESCEND_FIRST, BASE_DEC, &level, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_LOG_LEVEL, level); if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST, BASE_DEC, &flags, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_LOG_FLAGS, flags); return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *op; int32_t ntoh; uint32_t sreg, dreg, len, size; if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SREG, sreg); if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_DREG, dreg); op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (op != NULL) { ntoh = nft_str2ntoh(op); if (ntoh < 0) return -1; nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_OP, ntoh); } if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC, &len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_LEN, len); if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC, &size, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SIZE, size); return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *nat_type; uint32_t family, nat_type_value, flags; uint32_t reg_addr_min, reg_addr_max; uint32_t reg_proto_min, reg_proto_max; nat_type = nft_mxml_str_parse(tree, "nat_type", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (nat_type == NULL) return -1; nat_type_value = nft_str2nat(nat_type); if (nat_type_value < 0) return -1; nft_rule_expr_set_u32(e, NFT_EXPR_NAT_TYPE, nat_type_value); family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (family < 0) { mxmlDelete(tree); return -1; } nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FAMILY, family); if (nft_mxml_reg_parse(tree, "sreg_addr_min", ®_addr_min, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MIN, reg_addr_min); if (nft_mxml_reg_parse(tree, "sreg_addr_max", ®_addr_max, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MAX, reg_addr_max); if (nft_mxml_reg_parse(tree, "sreg_proto_min", ®_proto_min, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MIN, reg_proto_min); if (nft_mxml_reg_parse(tree, "sreg_proto_max", ®_proto_max, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MAX, reg_proto_max); if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND, BASE_DEC, &flags, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FLAGS, flags); return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_bitwise_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING struct nft_expr_bitwise *bitwise = nft_expr_data(e); uint32_t sreg, dreg, len; if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_SREG, sreg); if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND_FIRST, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_DREG, dreg); if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC, &len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BITWISE_LEN, len); if (nft_mxml_data_reg_parse(tree, "mask", &bitwise->mask, NFT_XML_MAND, err) == DATA_VALUE) e->flags |= (1 << NFT_EXPR_BITWISE_MASK); if (nft_mxml_data_reg_parse(tree, "xor", &bitwise->xor, NFT_XML_MAND, err) == DATA_VALUE) e->flags |= (1 << NFT_EXPR_BITWISE_XOR); /* Additional validation: mask and xor must use the same number of * data registers. */ if (bitwise->mask.len != bitwise->xor.len) return -1; return 0; #else errno = EOPNOTSUPP; return -1; #endif }