Hi,
On Mon, Oct 29, 2018 at 12:33:39PM +0100, Pablo Neira Ayuso wrote:
> Add NFT_CTX_OUTPUT_JSON flag and display output in json format.
>
> Signed-off-by: Pablo Neira Ayuso <[email protected]>
[...]
> diff --git a/doc/libnftables.adoc b/doc/libnftables.adoc
> index 8b7aee9af134..5a3562c3266c 100644
> --- a/doc/libnftables.adoc
> +++ b/doc/libnftables.adoc
[...]
> @@ -105,6 +103,8 @@ NFT_CTX_OUTPUT_STATELESS::
> If stateless output has been requested then stateful data is not
> printed. Stateful data refers to those objects that carry run-time data, eg.
> the *counter* statement holds packet and byte counter values, making it
> stateful.
> NFT_CTX_OUTPUT_HANDLE::
> Upon insertion into the ruleset, some elements are assigned a unique
> handle for identification purposes. For example, when deleting a table or
> chain, it may be identified either by name or handle. Rules on the other hand
> must be deleted by handle because there is no other way to uniquely identify
> them. These functions allow to control whether ruleset listings should
> include handles or not.
> +NFT_CTX_OUTPUT_JSON::
> + If enabled at compile-time, libnftables accepts input in JSON format
> and is able to print output in JSON format as well. See *libnftables-json*(5)
> for a description of the supported schema. These functions control JSON
> output format, input is auto-detected.
s/These functions control/This flag controls/
[...]
> diff --git a/src/libnftables.c b/src/libnftables.c
> index 6dc1be3d5ef8..ff7a53d22ba4 100644
> --- a/src/libnftables.c
> +++ b/src/libnftables.c
> @@ -352,22 +352,6 @@ void nft_ctx_output_set_echo(struct nft_ctx *ctx, bool
> val)
> ctx->output.echo = val;
> }
>
> -bool nft_ctx_output_get_json(struct nft_ctx *ctx)
> -{
> -#ifdef HAVE_LIBJANSSON
> - return ctx->output.json;
> -#else
> - return false;
> -#endif
> -}
> -
> -void nft_ctx_output_set_json(struct nft_ctx *ctx, bool val)
> -{
> -#ifdef HAVE_LIBJANSSON
> - ctx->output.json = val;
> -#endif
> -}
> -
In above functions, I guarded output.json setting by whether JSON
support was built-in.
[...]
> diff --git a/src/main.c b/src/main.c
> index 97b8746608a7..8ea07641734d 100644
> --- a/src/main.c
> +++ b/src/main.c
> @@ -271,7 +271,7 @@ int main(int argc, char * const *argv)
> nft_ctx_output_set_echo(nft, true);
> break;
> case OPT_JSON:
> - nft_ctx_output_set_json(nft, true);
> + output_flags |= NFT_CTX_OUTPUT_JSON;
> break;
> case OPT_INVALID:
> exit(EXIT_FAILURE);
Maybe we should do the same here? Otherwise if JSON wasn't enabled at
compile-time, calling 'nft -j' leads to no output at all. (Not sure if
silently falling back to standard output formatting is a better choice
after all. :)
Thanks, Phil
