diff mbox

[libnftables] data_reg: fix verdict format approach

Message ID CAOkSjBjGX1AgBNT4AL7zP-J2ZMO8Vkk_EcQNLQZgiOC0MMLEEg@mail.gmail.com
State Not Applicable
Headers show

Commit Message

Arturo Borrero Jan. 18, 2014, 9:06 p.m. UTC 
On 18 January 2014 21:53, Pablo Neira Ayuso <pablo@netfilter.org> wrote:
> On Sat, Jan 18, 2014 at 05:39:44PM +0100, Arturo Borrero Gonzalez wrote:
>> Patrick reports that the XML/JSON formats of the data_reg object
>> are not accuarate.
>>
>> This patch updates these formats, so they are now as follow:
>>
>>  * <data_reg type=value> with raw data (this doesn't change).
>>  * <data_reg type=verdict> with a concrete verdict (eg drop accept) and an
>>   optional <chain>, with destination.
>
> Applied.
>

I included an unrelated change! :(

i'm very sorry. What should I do?

>> In XML:
>>       <data_reg type="verdict">
>                   ^------------^
>
> I think we decided time ago that we prefer elements instead of
> attributes. I would take a patch for that conversion.

I think this particular case is more like in expressions.
We need a 'type' attribute, so we can know which nodes to expect
inside <data_reg>.

I think the absence of this 'type' attribute may harden the parsing,
validating and error reporting. Don't you?
diff mbox

Patch

diff --git a/tests/nft-parsing-test.c b/tests/nft-parsing-test.c
index b2ad62e..df981ad 100644
--- a/tests/nft-parsing-test.c
+++ b/tests/nft-parsing-test.c
@@ -121,6 +121,7 @@  failparsing:
fclose(fp);
printf("parsing %s: ", filename);
printf("\033[31mFAILED\e[0m (%s)\n", strerror(errno));
+ nft_parse_perror("fail", err);
return -1;
}