Add NFT_CTX_OUTPUT_JSON flag and display output in json format.
Signed-off-by: Pablo Neira Ayuso
---
v3: Refer to flag, not function, in the documentation.
add missing #ifdef HAVE_LIBJANSSON in src/main.c
- Both requested by Phil.
doc/libnftables.adoc | 18 +-
include/nftables.h | 6 +-
include/nftables/libnftables.h | 3 +--
src/libnftables.c | 24
src/main.c | 4 +++-
src/monitor.c | 2 +-
src/rule.c | 2 +-
7 files changed, 20 insertions(+), 39 deletions(-)
diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc
index dbd38bdd2134..b385567c2f69 100644
--- a/doc/libnftables.adoc
+++ b/doc/libnftables.adoc
@@ -31,9 +31,6 @@ void nft_ctx_output_set_debug(struct nft_ctx* '\*ctx'*,
unsigned int* 'mask'*);
bool nft_ctx_output_get_echo(struct nft_ctx* '\*ctx'*);
void nft_ctx_output_set_echo(struct nft_ctx* '\*ctx'*, bool* 'val'*);
-bool nft_ctx_output_get_json(struct nft_ctx* '\*ctx'*);
-void nft_ctx_output_set_json(struct nft_ctx* '\*ctx'*, bool* 'val'*);
-
FILE *nft_ctx_set_output(struct nft_ctx* '\*ctx'*, FILE* '\*fp'*);
int nft_ctx_buffer_output(struct nft_ctx* '\*ctx'*);
int nft_ctx_unbuffer_output(struct nft_ctx* '\*ctx'*);
@@ -94,6 +91,7 @@ enum {
NFT_CTX_OUTPUT_SERVICE = (1 << 1),
NFT_CTX_OUTPUT_STATELESS = (1 << 2),
NFT_CTX_OUTPUT_HANDLE = (1 << 3),
+NFT_CTX_OUTPUT_JSON= (1 << 4),
};
@@ -109,6 +107,10 @@ NFT_CTX_OUTPUT_HANDLE::
For example, when deleting a table or chain, it may be identified either by
name or handle.
Rules on the other hand must be deleted by handle because there is no other
way to uniquely identify them.
This flag makes ruleset listings include handle values.
+NFT_CTX_OUTPUT_JSON::
+ If enabled at compile-time, libnftables accepts input in JSON format
and is able to print output in JSON format as well.
+See *libnftables-json*(5) for a description of the supported schema.
+This flag controls JSON output format, input is auto-detected.
The *nft_ctx_output_get_flags*() function returns the output flags setting's
value in 'ctx'.
@@ -190,16 +192,6 @@ The *nft_ctx_output_get_echo*() function returns the echo
output setting's value
The *nft_ctx_output_set_echo*() function sets the echo output setting in 'ctx'
to the value of 'val'.
-=== nft_ctx_output_get_json() and nft_ctx_output_set_json()
-If enabled at compile-time, libnftables accepts input in JSON format and is
able to print output in JSON format as well.
-See *libnftables-json*(5) for a description of the supported schema.
-These functions control JSON output format, input is auto-detected.
-The default setting is *false*.
-
-The *nft_ctx_output_get_json*() function returns the JSON output setting's
value in 'ctx'.
-
-The *nft_ctx_output_set_json*() function sets the JSON output setting in 'ctx'
to the value of 'val'.
-
=== Controlling library standard and error output
By default, any output from the library (e.g., after a *list* command) is
written to 'stdout' and any error messages are written to 'stderr'.
To give applications control over them, there are functions to assign custom
file pointers as well as having the library buffer what would be written for
later retrieval in a static buffer.
diff --git a/include/nftables.h b/include/nftables.h
index f0f123586d66..3cbfe7f3a305 100644
--- a/include/nftables.h
+++ b/include/nftables.h
@@ -19,7 +19,6 @@ struct output_ctx {
unsigned int flags;
unsigned int numeric;
unsigned int echo;
- unsigned int json;
union {
FILE *output_fp;
struct cookie output_cookie;
@@ -64,6 +63,11 @@ static inline bool nft_output_handle(const struct output_ctx
*octx)
return octx->flags & NFT_CTX_OUTPUT_HANDLE;
}
+static inline bool nft_output_json(const struct output_ctx *octx)
+{
+ return octx->flags & NFT_CTX_OUTPUT_JSON;
+}
+
struct nft_cache {
uint16_tgenid;
struct list_headlist;
diff --git a/include/nftables/libnftables.h b/include/nftables/libnftables.h
index a6ce938305c3..35374072560e 100644
--- a/include/nftables/libnftables.h
+++ b/include/nftables/libnftables.h
@@ -49,6 +49,7 @@ enum {
NFT_CTX_OUTPUT_SERVICE = (1 << 1),
NFT_CTX_OUTPUT_STATELESS= (1 << 2),
NFT_CTX_OUTPUT_HANDLE = (1 << 3),
+ NFT_CTX_OUTPUT_JSON = (1 << 4),
};
unsigned int nft_ctx_output_get_flags(struct nft_ctx *ctx);
@@ -60,8 +61,6 @@ unsigned int nft_ctx_output_get_debug(struct nft_ctx *ctx);
void nft_ctx_output_set_debug(struct nft_ctx *ctx, unsigned int mask);
bool nft_ctx_output_get_echo(struct nft_ctx *ctx);
void nft_ctx_output_set_echo(struct nft_ctx *ctx, bool val);
-bool nft_ctx_output_get_json(struct nft_ctx *ctx);
-void nft_ctx_output_set_json(struct nft_ctx *ctx,
