static int nft_rule_expr_ct_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *key_str, *dir_str; int key; uint8_t dir; uint32_t dreg, sreg; if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND_FIRST, NFT_XML_OPT, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_CT_DREG, dreg); if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST, NFT_XML_OPT, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_CT_SREG, sreg); key_str = nft_mxml_str_parse(tree, "key", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (key_str != NULL) { key = str2ctkey(key_str); if (key < 0) return -1; nft_rule_expr_set_u32(e, NFT_EXPR_CT_KEY, key); } dir_str = nft_mxml_str_parse(tree, "dir", MXML_DESCEND_FIRST, NFT_XML_OPT, err); if (dir_str != NULL) { if (str2ctdir(dir_str, &dir) != 0) { err->node_name = "dir"; err->error = NFT_PARSE_EBADTYPE; goto err; } nft_rule_expr_set_u8(e, NFT_EXPR_CT_DIR, dir); } return 0; err: errno = EINVAL; return -1; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_nat_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *nat_type; uint32_t family, nat_type_value, flags; uint32_t reg_addr_min, reg_addr_max; uint32_t reg_proto_min, reg_proto_max; nat_type = nft_mxml_str_parse(tree, "nat_type", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (nat_type == NULL) return -1; nat_type_value = nft_str2nat(nat_type); if (nat_type_value < 0) return -1; nft_rule_expr_set_u32(e, NFT_EXPR_NAT_TYPE, nat_type_value); family = nft_mxml_family_parse(tree, "family", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (family < 0) { mxmlDelete(tree); return -1; } nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FAMILY, family); if (nft_mxml_reg_parse(tree, "sreg_addr_min", ®_addr_min, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MIN, reg_addr_min); if (nft_mxml_reg_parse(tree, "sreg_addr_max", ®_addr_max, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_ADDR_MAX, reg_addr_max); if (nft_mxml_reg_parse(tree, "sreg_proto_min", ®_proto_min, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MIN, reg_proto_min); if (nft_mxml_reg_parse(tree, "sreg_proto_max", ®_proto_max, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_REG_PROTO_MAX, reg_proto_max); if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND, BASE_DEC, &flags, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_NAT_FLAGS, flags); return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_log_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *prefix; uint32_t snaplen, level, flags; uint16_t group, qthreshold; prefix = nft_mxml_str_parse(tree, "prefix", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (prefix != NULL) nft_rule_expr_set_str(e, NFT_EXPR_LOG_PREFIX, prefix); if (nft_mxml_num_parse(tree, "group", MXML_DESCEND_FIRST, BASE_DEC, &group, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_LOG_GROUP, group); if (nft_mxml_num_parse(tree, "snaplen", MXML_DESCEND_FIRST, BASE_DEC, &snaplen, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_LOG_SNAPLEN, snaplen); if (nft_mxml_num_parse(tree, "qthreshold", MXML_DESCEND_FIRST, BASE_DEC, &qthreshold, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u16(e, NFT_EXPR_LOG_QTHRESHOLD, qthreshold); if (nft_mxml_num_parse(tree, "level", MXML_DESCEND_FIRST, BASE_DEC, &level, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_LOG_LEVEL, level); if (nft_mxml_num_parse(tree, "flags", MXML_DESCEND_FIRST, BASE_DEC, &flags, NFT_TYPE_U16, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_LOG_FLAGS, flags); return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_match_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *name; name = nft_mxml_str_parse(tree, "name", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (name != NULL) nft_rule_expr_set_str(e, NFT_EXPR_MT_NAME, name); /* mt->info is ignored until other solution is reached */ return 0; #else errno = EOPNOTSUPP; return -1; #endif }
static int nft_rule_expr_byteorder_xml_parse(struct nft_rule_expr *e, mxml_node_t *tree, struct nft_parse_err *err) { #ifdef XML_PARSING const char *op; int32_t ntoh; uint32_t sreg, dreg, len, size; if (nft_mxml_reg_parse(tree, "sreg", &sreg, MXML_DESCEND_FIRST, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SREG, sreg); if (nft_mxml_reg_parse(tree, "dreg", &dreg, MXML_DESCEND, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_DREG, dreg); op = nft_mxml_str_parse(tree, "op", MXML_DESCEND_FIRST, NFT_XML_MAND, err); if (op != NULL) { ntoh = nft_str2ntoh(op); if (ntoh < 0) return -1; nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_OP, ntoh); } if (nft_mxml_num_parse(tree, "len", MXML_DESCEND_FIRST, BASE_DEC, &len, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_LEN, len); if (nft_mxml_num_parse(tree, "size", MXML_DESCEND_FIRST, BASE_DEC, &size, NFT_TYPE_U32, NFT_XML_MAND, err) == 0) nft_rule_expr_set_u32(e, NFT_EXPR_BYTEORDER_SIZE, size); return 0; #else errno = EOPNOTSUPP; return -1; #endif }