diff options
| author | Simon THOBY <git@nightmared.fr> | 2021-10-21 22:37:23 +0200 |
|---|---|---|
| committer | Simon THOBY <git@nightmared.fr> | 2021-11-02 22:17:44 +0100 |
| commit | 4dc522ae121ef9c8379b9efe248d0dc9625812cb (patch) | |
| tree | 24d7df36d4be647f7abbc386d112fd972614858d /rustables/src/expr | |
| parent | 180c4d5c8ff86836e0f440d7d0540c02c168c4bf (diff) | |
Extend the `Expression` trait to allow for "deserialization"
Diffstat (limited to 'rustables/src/expr')
| -rw-r--r-- | rustables/src/expr/bitwise.rs | 8 | ||||
| -rw-r--r-- | rustables/src/expr/cmp.rs | 6 | ||||
| -rw-r--r-- | rustables/src/expr/counter.rs | 8 | ||||
| -rw-r--r-- | rustables/src/expr/ct.rs | 6 | ||||
| -rw-r--r-- | rustables/src/expr/immediate.rs | 8 | ||||
| -rw-r--r-- | rustables/src/expr/log.rs | 50 | ||||
| -rw-r--r-- | rustables/src/expr/lookup.rs | 8 | ||||
| -rw-r--r-- | rustables/src/expr/masquerade.rs | 6 | ||||
| -rw-r--r-- | rustables/src/expr/meta.rs | 8 | ||||
| -rw-r--r-- | rustables/src/expr/mod.rs | 12 | ||||
| -rw-r--r-- | rustables/src/expr/nat.rs | 7 | ||||
| -rw-r--r-- | rustables/src/expr/payload.rs | 8 | ||||
| -rw-r--r-- | rustables/src/expr/verdict.rs | 8 |
13 files changed, 94 insertions, 49 deletions
diff --git a/rustables/src/expr/bitwise.rs b/rustables/src/expr/bitwise.rs index 1eb81ab..0c6c33c 100644 --- a/rustables/src/expr/bitwise.rs +++ b/rustables/src/expr/bitwise.rs @@ -19,11 +19,13 @@ impl<M: ToSlice, X: ToSlice> Bitwise<M, X> { } impl<M: ToSlice, X: ToSlice> Expression for Bitwise<M, X> { + fn get_raw_name() -> *const c_char { + b"bitwise\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"bitwise\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); let mask = self.mask.to_slice(); let xor = self.xor.to_slice(); diff --git a/rustables/src/expr/cmp.rs b/rustables/src/expr/cmp.rs index 5c56492..b14aa1d 100644 --- a/rustables/src/expr/cmp.rs +++ b/rustables/src/expr/cmp.rs @@ -55,9 +55,13 @@ impl<T: ToSlice> Cmp<T> { } impl<T: ToSlice> Expression for Cmp<T> { + fn get_raw_name() -> *const c_char { + b"cmp\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc(b"cmp\0" as *const _ as *const c_char)); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); let data = self.data.to_slice(); trace!("Creating a cmp expr comparing with data {:?}", data); diff --git a/rustables/src/expr/counter.rs b/rustables/src/expr/counter.rs index d254543..2a8ad6f 100644 --- a/rustables/src/expr/counter.rs +++ b/rustables/src/expr/counter.rs @@ -19,11 +19,13 @@ impl Counter { } impl Expression for Counter { + fn get_raw_name() -> *const c_char { + b"counter\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"counter\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); sys::nftnl_expr_set_u64(expr, sys::NFTNL_EXPR_CTR_BYTES as u16, self.nb_bytes); sys::nftnl_expr_set_u64(expr, sys::NFTNL_EXPR_CTR_PACKETS as u16, self.nb_packets); expr diff --git a/rustables/src/expr/ct.rs b/rustables/src/expr/ct.rs index c0349ab..1f15858 100644 --- a/rustables/src/expr/ct.rs +++ b/rustables/src/expr/ct.rs @@ -27,9 +27,13 @@ impl Conntrack { } impl Expression for Conntrack { + fn get_raw_name() -> *const c_char { + b"ct\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc(b"ct\0" as *const _ as *const c_char)); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); if let Conntrack::Mark { set: true } = self { sys::nftnl_expr_set_u32( diff --git a/rustables/src/expr/immediate.rs b/rustables/src/expr/immediate.rs index e5ccc2a..15eb452 100644 --- a/rustables/src/expr/immediate.rs +++ b/rustables/src/expr/immediate.rs @@ -19,11 +19,13 @@ impl<T> Immediate<T> { } impl<T> Expression for Immediate<T> { + fn get_raw_name() -> *const c_char { + b"immediate\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"immediate\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); sys::nftnl_expr_set_u32( expr, diff --git a/rustables/src/expr/log.rs b/rustables/src/expr/log.rs index aa7a8b7..8f52686 100644 --- a/rustables/src/expr/log.rs +++ b/rustables/src/expr/log.rs @@ -1,34 +1,28 @@ use super::{Expression, Rule}; use rustables_sys as sys; -use std::os::raw::c_char; use std::ffi::CString; +use std::os::raw::c_char; use thiserror::Error; /// A Log expression will log all packets that match the rule. pub struct Log { pub group: Option<LogGroup>, - pub prefix: Option<LogPrefix> + pub prefix: Option<LogPrefix>, } impl Expression for Log { + fn get_raw_name() -> *const sys::libc::c_char { + b"log\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"log\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(b"log\0" as *const _ as *const c_char)); if let Some(log_group) = self.group { - sys::nftnl_expr_set_u32( - expr, - sys::NFTNL_EXPR_LOG_GROUP as u16, - log_group.0 as u32, - ); + sys::nftnl_expr_set_u32(expr, sys::NFTNL_EXPR_LOG_GROUP as u16, log_group.0 as u32); }; if let Some(LogPrefix(prefix)) = &self.prefix { - sys::nftnl_expr_set_str( - expr, - sys::NFTNL_EXPR_LOG_PREFIX as u16, - prefix.as_ptr() - ); + sys::nftnl_expr_set_str(expr, sys::NFTNL_EXPR_LOG_PREFIX as u16, prefix.as_ptr()); }; expr @@ -41,8 +35,7 @@ pub enum LogPrefixError { #[error("The log prefix string is more than 128 characters long")] TooLongPrefix, #[error("The log prefix string contains an invalid Nul character.")] - PrefixContainsANul(#[from] std::ffi::NulError) - + PrefixContainsANul(#[from] std::ffi::NulError), } /// The NFLOG group that will be assigned to each log line. @@ -58,25 +51,36 @@ impl LogPrefix { /// that LogPrefix should not be more than 127 characters long. pub fn new(prefix: &str) -> Result<Self, LogPrefixError> { if prefix.chars().count() > 127 { - return Err(LogPrefixError::TooLongPrefix) + return Err(LogPrefixError::TooLongPrefix); } Ok(LogPrefix(CString::new(prefix)?)) } } - #[macro_export] macro_rules! nft_expr_log { (group $group:ident prefix $prefix:expr) => { - $crate::expr::Log { group: $group, prefix: $prefix } + $crate::expr::Log { + group: $group, + prefix: $prefix, + } }; (prefix $prefix:expr) => { - $crate::expr::Log { group: None, prefix: $prefix } + $crate::expr::Log { + group: None, + prefix: $prefix, + } }; (group $group:ident) => { - $crate::expr::Log { group: $group, prefix: None } + $crate::expr::Log { + group: $group, + prefix: None, + } }; () => { - $crate::expr::Log { group: None, prefix: None } + $crate::expr::Log { + group: None, + prefix: None, + } }; } diff --git a/rustables/src/expr/lookup.rs b/rustables/src/expr/lookup.rs index bab09c2..d9acbe6 100644 --- a/rustables/src/expr/lookup.rs +++ b/rustables/src/expr/lookup.rs @@ -21,11 +21,13 @@ impl Lookup { } impl Expression for Lookup { + fn get_raw_name() -> *const libc::c_char { + b"lookup\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"lookup\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); sys::nftnl_expr_set_u32( expr, diff --git a/rustables/src/expr/masquerade.rs b/rustables/src/expr/masquerade.rs index 66e9e0e..31b98c0 100644 --- a/rustables/src/expr/masquerade.rs +++ b/rustables/src/expr/masquerade.rs @@ -6,7 +6,11 @@ use std::os::raw::c_char; pub struct Masquerade; impl Expression for Masquerade { + fn get_raw_name() -> *const sys::libc::c_char { + b"masq\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { - try_alloc!(unsafe { sys::nftnl_expr_alloc(b"masq\0" as *const _ as *const c_char) }) + try_alloc!(unsafe { sys::nftnl_expr_alloc(Self::get_raw_name()) }) } } diff --git a/rustables/src/expr/meta.rs b/rustables/src/expr/meta.rs index a91cb27..f907278 100644 --- a/rustables/src/expr/meta.rs +++ b/rustables/src/expr/meta.rs @@ -59,11 +59,13 @@ impl Meta { } impl Expression for Meta { + fn get_raw_name() -> *const libc::c_char { + b"meta\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"meta\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); if let Meta::Mark { set: true } = self { sys::nftnl_expr_set_u32( diff --git a/rustables/src/expr/mod.rs b/rustables/src/expr/mod.rs index 4493662..b028c2f 100644 --- a/rustables/src/expr/mod.rs +++ b/rustables/src/expr/mod.rs @@ -53,6 +53,18 @@ impl ExpressionWrapper { /// Trait for every safe wrapper of an nftables expression. pub trait Expression { + /// Returns the raw name used by nftables to identify the rule. + fn get_raw_name() -> *const libc::c_char; + + /// Try to parse the expression from a raw nftables expression, + /// returning None if the attempted parsing failed. + fn from_expr(_expr: *const sys::nftnl_expr) -> Option<Self> + where + Self: Sized, + { + None + } + /// Allocates and returns the low level `nftnl_expr` representation of this expression. /// The caller to this method is responsible for freeing the expression. fn to_expr(&self, rule: &Rule) -> *mut sys::nftnl_expr; diff --git a/rustables/src/expr/nat.rs b/rustables/src/expr/nat.rs index d60e5ea..0970134 100644 --- a/rustables/src/expr/nat.rs +++ b/rustables/src/expr/nat.rs @@ -22,9 +22,12 @@ pub struct Nat { } impl Expression for Nat { + fn get_raw_name() -> *const libc::c_char { + b"nat\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { - let expr = - try_alloc!(unsafe { sys::nftnl_expr_alloc(b"nat\0" as *const _ as *const c_char) }); + let expr = try_alloc!(unsafe { sys::nftnl_expr_alloc(Self::get_raw_name()) }); unsafe { sys::nftnl_expr_set_u32(expr, sys::NFTNL_EXPR_NAT_TYPE as u16, self.nat_type as u32); diff --git a/rustables/src/expr/payload.rs b/rustables/src/expr/payload.rs index 2da4e1f..de77e0c 100644 --- a/rustables/src/expr/payload.rs +++ b/rustables/src/expr/payload.rs @@ -46,11 +46,13 @@ impl HeaderField for Payload { } impl Expression for Payload { + fn get_raw_name() -> *const libc::c_char { + b"payload\0" as *const _ as *const c_char + } + fn to_expr(&self, _rule: &Rule) -> *mut sys::nftnl_expr { unsafe { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"payload\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); sys::nftnl_expr_set_u32(expr, sys::NFTNL_EXPR_PAYLOAD_BASE as u16, self.base()); sys::nftnl_expr_set_u32(expr, sys::NFTNL_EXPR_PAYLOAD_OFFSET as u16, self.offset()); diff --git a/rustables/src/expr/verdict.rs b/rustables/src/expr/verdict.rs index dc006bb..0c87a8e 100644 --- a/rustables/src/expr/verdict.rs +++ b/rustables/src/expr/verdict.rs @@ -90,9 +90,7 @@ impl Verdict { reject_type: RejectionType, family: ProtoFamily, ) -> *mut sys::nftnl_expr { - let expr = try_alloc!(sys::nftnl_expr_alloc( - b"reject\0" as *const _ as *const c_char - )); + let expr = try_alloc!(sys::nftnl_expr_alloc(Self::get_raw_name())); sys::nftnl_expr_set_u32( expr, @@ -120,6 +118,10 @@ impl Verdict { } impl Expression for Verdict { + fn get_raw_name() -> *const libc::c_char { + b"reject\0" as *const _ as *const c_char + } + fn to_expr(&self, rule: &Rule) -> *mut sys::nftnl_expr { let immediate_const = match *self { Verdict::Drop => libc::NF_DROP, |