From 53693c43d94dddf1ae1a0e69bfa953fba2c098e0 Mon Sep 17 00:00:00 2001

From: Phil Sutter <phil@nwl.cc>

Date: Thu, 11 Oct 2018 17:49:00 +0200

Subject: [PATCH] monitor: Use libnftables JSON output

This switches 'nft monitor' JSON output from using libnftnl's to

libnftables' implementation.

Signed-off-by: Phil Sutter <phil@nwl.cc>

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

(cherry picked from commit 9e88aae28e9f44d010f3ecf7577357f4c0e7d622)

Signed-off-by: Phil Sutter <psutter@redhat.com>

---

 include/json.h |  51 +++++++++

 src/json.c     |  57 ++++++++++

 src/monitor.c  | 281 +++++++++++++++++++++++++------------------------

 src/rule.c     |   2 -

 4 files changed, 251 insertions(+), 140 deletions(-)

diff --git a/include/json.h b/include/json.h

index ae3938142aeac..af0f72f13dd60 100644

--- a/include/json.h

+++ b/include/json.h

@@ -9,9 +9,11 @@ struct expr;

 struct netlink_ctx;

 struct rule;

 struct set;

+struct obj;

 struct stmt;

 struct symbol_table;

 struct table;

+struct netlink_mon_handler;

 #ifdef HAVE_LIBJANSSON

@@ -81,6 +83,19 @@ int nft_parse_json_buffer(struct nft_ctx *nft, char *buf, size_t buflen,

 int nft_parse_json_filename(struct nft_ctx *nft, const char *filename,

 			    struct list_head *msgs, struct list_head *cmds);

+void monitor_print_table_json(struct netlink_mon_handler *monh,

+			      const char *cmd, struct table *t);

+void monitor_print_chain_json(struct netlink_mon_handler *monh,

+			      const char *cmd, struct chain *c);

+void monitor_print_set_json(struct netlink_mon_handler *monh,

+			    const char *cmd, struct set *s);

+void monitor_print_element_json(struct netlink_mon_handler *monh,

+				const char *cmd, struct set *s);

+void monitor_print_obj_json(struct netlink_mon_handler *monh,

+			    const char *cmd, struct obj *o);

+void monitor_print_rule_json(struct netlink_mon_handler *monh,

+			     const char *cmd, struct rule *r);

+

 #else /* ! HAVE_LIBJANSSON */

 typedef void json_t;

@@ -176,6 +191,42 @@ nft_parse_json_filename(struct nft_ctx *nft, const char *filename,

 	return -EINVAL;

 }

+static inline void monitor_print_table_json(struct netlink_mon_handler *monh,

+					    const char *cmd, struct table *t)

+{

+	/* empty */

+}

+

+static inline void monitor_print_chain_json(struct netlink_mon_handler *monh,

+					    const char *cmd, struct chain *c)

+{

+	/* empty */

+}

+

+static inline void monitor_print_set_json(struct netlink_mon_handler *monh,

+					  const char *cmd, struct set *s)

+{

+	/* empty */

+}

+

+static inline void monitor_print_element_json(struct netlink_mon_handler *monh,

+					      const char *cmd, struct set *s)

+{

+	/* empty */

+}

+

+static inline void monitor_print_obj_json(struct netlink_mon_handler *monh,

+					  const char *cmd, struct obj *o)

+{

+	/* empty */

+}

+

+static inline void monitor_print_rule_json(struct netlink_mon_handler *monh,

+					   const char *cmd, struct rule *r)

+{

+	/* empty */

+}

+

 #endif /* HAVE_LIBJANSSON */

 #endif /* NFTABLES_JSON_H */

diff --git a/src/json.c b/src/json.c

index af157212c081e..7d89754bd666d 100644

--- a/src/json.c

+++ b/src/json.c

@@ -147,6 +147,19 @@ static json_t *set_print_json(struct output_ctx *octx, const struct set *set)

 	return json_pack("{s:o}", type, root);

 }

+/* XXX: Merge with set_print_json()? */

+static json_t *element_print_json(struct output_ctx *octx,

+				  const struct set *set)

+{

+	json_t *root = expr_print_json(set->init, octx);

+

+	return json_pack("{s: {s:s, s:s, s:s, s:o}}", "element",

+			 "family", family2str(set->handle.family),

+			 "table", set->handle.table.name,

+			 "name", set->handle.set.name,

+			 "elem", root);

+}

+

 static json_t *stmt_print_json(const struct stmt *stmt, struct output_ctx *octx)

 {

 	char buf[1024];

@@ -1554,3 +1567,47 @@ int do_command_list_json(struct netlink_ctx *ctx, struct cmd *cmd)

 	json_decref(root);

 	return 0;

 }

+

+static void monitor_print_json(struct netlink_mon_handler *monh,

+			       const char *cmd, json_t *obj)

+{

+	obj = json_pack("{s:o}", cmd, obj);

+	json_dumpf(obj, monh->ctx->octx->output_fp, 0);

+	json_decref(obj);

+}

+

+void monitor_print_table_json(struct netlink_mon_handler *monh,

+			      const char *cmd, struct table *t)

+{

+	monitor_print_json(monh, cmd, table_print_json(monh->ctx->octx, t));

+}

+

+void monitor_print_chain_json(struct netlink_mon_handler *monh,

+			      const char *cmd, struct chain *c)

+{

+	monitor_print_json(monh, cmd, chain_print_json(monh->ctx->octx, c));

+}

+

+void monitor_print_set_json(struct netlink_mon_handler *monh,

+			    const char *cmd, struct set *s)

+{

+	monitor_print_json(monh, cmd, set_print_json(monh->ctx->octx, s));

+}

+

+void monitor_print_element_json(struct netlink_mon_handler *monh,

+				const char *cmd, struct set *s)

+{

+	monitor_print_json(monh, cmd, element_print_json(monh->ctx->octx, s));

+}

+

+void monitor_print_obj_json(struct netlink_mon_handler *monh,

+			    const char *cmd, struct obj *o)

+{

+	monitor_print_json(monh, cmd, obj_print_json(monh->ctx->octx, o));

+}

+

+void monitor_print_rule_json(struct netlink_mon_handler *monh,

+			     const char *cmd, struct rule *r)

+{

+	monitor_print_json(monh, cmd, rule_print_json(monh->ctx->octx, r));

+}

diff --git a/src/monitor.c b/src/monitor.c

index 3e70b89f0b2ab..213c40d119b4c 100644

--- a/src/monitor.c

+++ b/src/monitor.c

@@ -38,6 +38,7 @@

 #include <utils.h>

 #include <erec.h>

 #include <iface.h>

+#include <json.h>

 #define nft_mon_print(monh, ...) nft_print(monh->ctx->octx, __VA_ARGS__)

@@ -127,18 +128,39 @@ static uint32_t netlink_msg2nftnl_of(uint32_t msg)

 	case NFT_MSG_NEWSET:

 	case NFT_MSG_NEWSETELEM:

 	case NFT_MSG_NEWRULE:

+	case NFT_MSG_NEWOBJ:

+	case NFT_MSG_NEWFLOWTABLE:

 		return NFTNL_OF_EVENT_NEW;

 	case NFT_MSG_DELTABLE:

 	case NFT_MSG_DELCHAIN:

 	case NFT_MSG_DELSET:

 	case NFT_MSG_DELSETELEM:

 	case NFT_MSG_DELRULE:

+	case NFT_MSG_DELOBJ:

+	case NFT_MSG_DELFLOWTABLE:

 		return NFTNL_OF_EVENT_DEL;

 	}

 	return 0;

 }

+static const char *nftnl_of2cmd(uint32_t of)

+{

+	switch (of) {

+	case NFTNL_OF_EVENT_NEW:

+		return "add";

+	case NFTNL_OF_EVENT_DEL:

+		return "delete";

+	default:

+		return "???";

+	}

+}

+

+static const char *netlink_msg2cmd(uint32_t msg)

+{

+	return nftnl_of2cmd(netlink_msg2nftnl_of(msg));

+}

+

 static void nlr_for_each_set(struct nftnl_rule *nlr,

 			     void (*cb)(struct set *s, void *data),

 			     void *data, struct nft_cache *cache)

@@ -179,34 +201,29 @@ static int netlink_events_table_cb(const struct nlmsghdr *nlh, int type,

 				   struct netlink_mon_handler *monh)

 {

 	struct nftnl_table *nlt;

-	uint32_t family;

+	struct table *t;

+	const char *cmd;

 	nlt = netlink_table_alloc(nlh);

+	t = netlink_delinearize_table(monh->ctx, nlt);

+	cmd = netlink_msg2cmd(type);

 	switch (monh->format) {

 	case NFTNL_OUTPUT_DEFAULT:

-		if (type == NFT_MSG_NEWTABLE) {

-			nft_mon_print(monh, "add table ");

-		} else {

-			nft_mon_print(monh, "delete table ");

-		}

+		nft_mon_print(monh, "%s table ", cmd);

-		family = nftnl_table_get_u32(nlt, NFTNL_TABLE_FAMILY);

-

-		nft_mon_print(monh, "%s %s", family2str(family),

-		       nftnl_table_get_str(nlt, NFTNL_TABLE_NAME));

+		nft_mon_print(monh, "%s %s", family2str(t->handle.family),

+			      t->handle.table.name);

 		if (monh->ctx->octx->handle > 0)

 			nft_mon_print(monh, " # handle %" PRIu64 "",

-				      nftnl_table_get_u64(nlt, NFTNL_TABLE_HANDLE));

-		nft_mon_print(monh, "\n");

+				      t->handle.handle.id);

 		break;

 	case NFTNL_OUTPUT_JSON:

-		nftnl_table_fprintf(monh->ctx->octx->output_fp, nlt,

-				    monh->format, netlink_msg2nftnl_of(type));

-		nft_mon_print(monh, "\n");

+		monitor_print_table_json(monh, cmd, t);

 		break;

 	}

-

+	nft_mon_print(monh, "\n");

+	table_free(t);

 	nftnl_table_free(nlt);

 	return MNL_CB_OK;

 }

@@ -216,35 +233,34 @@ static int netlink_events_chain_cb(const struct nlmsghdr *nlh, int type,

 {

 	struct nftnl_chain *nlc;

 	struct chain *c;

-	uint32_t family;

+	const char *cmd;

 	nlc = netlink_chain_alloc(nlh);

+	c = netlink_delinearize_chain(monh->ctx, nlc);

+	cmd = netlink_msg2cmd(type);

 	switch (monh->format) {

 	case NFTNL_OUTPUT_DEFAULT:

+		nft_mon_print(monh, "%s ", cmd);

+

 		switch (type) {

 		case NFT_MSG_NEWCHAIN:

-			nft_mon_print(monh, "add ");

-

-			c = netlink_delinearize_chain(monh->ctx, nlc);

 			chain_print_plain(c, monh->ctx->octx);

-			chain_free(c);

 			break;

 		case NFT_MSG_DELCHAIN:

-			family = nftnl_chain_get_u32(nlc, NFTNL_CHAIN_FAMILY);

-			nft_mon_print(monh, "delete chain %s %s %s\n", family2str(family),

-			       nftnl_chain_get_str(nlc, NFTNL_CHAIN_TABLE),

-			       nftnl_chain_get_str(nlc, NFTNL_CHAIN_NAME));

+			nft_mon_print(monh, "chain %s %s %s",

+				      family2str(c->handle.family),

+				      c->handle.table.name,

+				      c->handle.chain.name);

 			break;

 		}

 		break;

 	case NFTNL_OUTPUT_JSON:

-		nftnl_chain_fprintf(monh->ctx->octx->output_fp, nlc,

-				    monh->format, netlink_msg2nftnl_of(type));

-		nft_mon_print(monh, "\n");

+		monitor_print_chain_json(monh, cmd, c);

 		break;

 	}

-

+	nft_mon_print(monh, "\n");

+	chain_free(c);

 	nftnl_chain_free(nlc);

 	return MNL_CB_OK;

 }

@@ -253,43 +269,44 @@ static int netlink_events_set_cb(const struct nlmsghdr *nlh, int type,

 				 struct netlink_mon_handler *monh)

 {

 	struct nftnl_set *nls;

+	const char *family, *cmd;

 	struct set *set;

-	uint32_t family, flags;

+	uint32_t flags;

 	nls = netlink_set_alloc(nlh);

 	flags = nftnl_set_get_u32(nls, NFTNL_SET_FLAGS);

 	if (flags & NFT_SET_ANONYMOUS)

 		goto out;

+	set = netlink_delinearize_set(monh->ctx, nls);

+	if (set == NULL) {

+		nftnl_set_free(nls);

+		return MNL_CB_ERROR;

+	}

+	family = family2str(set->handle.family);

+	cmd = netlink_msg2cmd(type);

+

 	switch (monh->format) {

 	case NFTNL_OUTPUT_DEFAULT:

+		nft_mon_print(monh, "%s ", cmd);

+

 		switch (type) {

 		case NFT_MSG_NEWSET:

-			nft_mon_print(monh, "add ");

-			set = netlink_delinearize_set(monh->ctx, nls);

-			if (set == NULL) {

-				nftnl_set_free(nls);

-				return MNL_CB_ERROR;

-			}

 			set_print_plain(set, monh->ctx->octx);

-			set_free(set);

-			nft_mon_print(monh, "\n");

 			break;

 		case NFT_MSG_DELSET:

-			family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY);

-			nft_mon_print(monh, "delete set %s %s %s\n",

-			       family2str(family),

-			       nftnl_set_get_str(nls, NFTNL_SET_TABLE),

-			       nftnl_set_get_str(nls, NFTNL_SET_NAME));

+			nft_mon_print(monh, "set %s %s %s", family,

+				      set->handle.table.name,

+				      set->handle.set.name);

 			break;

 		}

 		break;

 	case NFTNL_OUTPUT_JSON:

-		nftnl_set_fprintf(monh->ctx->octx->output_fp, nls,

-				  monh->format, netlink_msg2nftnl_of(type));

-		nft_mon_print(monh, "\n");

+		monitor_print_set_json(monh, cmd, set);

 		break;

 	}

+	nft_mon_print(monh, "\n");

+	set_free(set);

 out:

 	nftnl_set_free(nls);

 	return MNL_CB_OK;

@@ -360,13 +377,14 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type,

 	struct nftnl_set *nls;

 	struct set *dummyset;

 	struct set *set;

-	const char *setname, *table;

+	const char *setname, *table, *cmd;

 	uint32_t family;

 	nls = netlink_setelem_alloc(nlh);

 	table = nftnl_set_get_str(nls, NFTNL_SET_TABLE);

 	setname = nftnl_set_get_str(nls, NFTNL_SET_NAME);

 	family = nftnl_set_get_u32(nls, NFTNL_SET_FAMILY);

+	cmd = netlink_msg2cmd(type);

 	set = set_lookup_global(family, table, setname, monh->cache);

 	if (set == NULL) {

@@ -374,70 +392,63 @@ static int netlink_events_setelem_cb(const struct nlmsghdr *nlh, int type,

 		goto out;

 	}

-	switch (monh->format) {

-	case NFTNL_OUTPUT_DEFAULT:

-		if (set->flags & NFT_SET_ANONYMOUS)

-			goto out;

-

-		/* we want to 'delinearize' the set_elem, but don't

-		 * modify the original cached set. This path is only

-		 * used by named sets, so use a dummy set.

-		 */

-		dummyset = set_alloc(monh->loc);

-		dummyset->key = expr_clone(set->key);

-		dummyset->datatype = set->datatype;

-		dummyset->flags = set->flags;

-		dummyset->init = set_expr_alloc(monh->loc, set);

+	if (set->flags & NFT_SET_ANONYMOUS)

+		goto out;

-		nlsei = nftnl_set_elems_iter_create(nls);

-		if (nlsei == NULL)

-			memory_allocation_error();

+	/* we want to 'delinearize' the set_elem, but don't

+	 * modify the original cached set. This path is only

+	 * used by named sets, so use a dummy set.

+	 */

+	dummyset = set_alloc(monh->loc);

+	dummyset->key = expr_clone(set->key);

+	dummyset->datatype = set->datatype;

+	dummyset->flags = set->flags;

+	dummyset->init = set_expr_alloc(monh->loc, set);

-		nlse = nftnl_set_elems_iter_next(nlsei);

-		while (nlse != NULL) {

-			if (netlink_event_ignore_range_event(nlse)) {

-				set_free(dummyset);

-				nftnl_set_elems_iter_destroy(nlsei);

-				goto out;

-			}

-			if (netlink_delinearize_setelem(nlse, dummyset,

-							monh->cache) < 0) {

-				set_free(dummyset);

-				nftnl_set_elems_iter_destroy(nlsei);

-				goto out;

-			}

-			nlse = nftnl_set_elems_iter_next(nlsei);

-		}

-		nftnl_set_elems_iter_destroy(nlsei);

+	nlsei = nftnl_set_elems_iter_create(nls);

+	if (nlsei == NULL)

+		memory_allocation_error();

-		if (netlink_event_range_cache(set, dummyset)) {

+	nlse = nftnl_set_elems_iter_next(nlsei);

+	while (nlse != NULL) {

+		if (netlink_event_ignore_range_event(nlse)) {

 			set_free(dummyset);

+			nftnl_set_elems_iter_destroy(nlsei);

 			goto out;

 		}

-

-		switch (type) {

-		case NFT_MSG_NEWSETELEM:

-			nft_mon_print(monh, "add ");

-			break;

-		case NFT_MSG_DELSETELEM:

-			nft_mon_print(monh, "delete ");

-			break;

-		default:

+		if (netlink_delinearize_setelem(nlse, dummyset,

+						monh->cache) < 0) {

 			set_free(dummyset);

+			nftnl_set_elems_iter_destroy(nlsei);

 			goto out;

 		}

-		nft_mon_print(monh, "element %s %s %s ", family2str(family), table, setname);

-		expr_print(dummyset->init, monh->ctx->octx);

-		nft_mon_print(monh, "\n");

+		nlse = nftnl_set_elems_iter_next(nlsei);

+	}

+	nftnl_set_elems_iter_destroy(nlsei);

+	if (netlink_event_range_cache(set, dummyset)) {

 		set_free(dummyset);

+		goto out;

+	}

+

+	switch (monh->format) {

+	case NFTNL_OUTPUT_DEFAULT:

+		nft_mon_print(monh, "%s element %s %s %s ",

+			      cmd, family2str(family), table, setname);

+		expr_print(dummyset->init, monh->ctx->octx);

 		break;

 	case NFTNL_OUTPUT_JSON:

-		nftnl_set_fprintf(monh->ctx->octx->output_fp, nls,

-				  monh->format, netlink_msg2nftnl_of(type));

-		nft_mon_print(monh, "\n");

+		dummyset->handle.family = family;

+		dummyset->handle.set.name = setname;

+		dummyset->handle.table.name = table;

+		monitor_print_element_json(monh, cmd, dummyset);

+		/* prevent set_free() from trying to free those */

+		dummyset->handle.set.name = NULL;

+		dummyset->handle.table.name = NULL;

 		break;

 	}

+	nft_mon_print(monh, "\n");

+	set_free(dummyset);

 out:

 	nftnl_set_free(nls);

 	return MNL_CB_OK;

@@ -446,43 +457,43 @@ out:

 static int netlink_events_obj_cb(const struct nlmsghdr *nlh, int type,

 				 struct netlink_mon_handler *monh)

 {

+	const char *family, *cmd;

 	struct nftnl_obj *nlo;

-	uint32_t family;

 	struct obj *obj;

 	nlo = netlink_obj_alloc(nlh);

+	obj = netlink_delinearize_obj(monh->ctx, nlo);

+	if (obj == NULL) {

+		nftnl_obj_free(nlo);

+		return MNL_CB_ERROR;

+	}

+	family = family2str(obj->handle.family);

+	cmd = netlink_msg2cmd(type);

+

 	switch (monh->format) {

 	case NFTNL_OUTPUT_DEFAULT:

+		nft_mon_print(monh, "%s ", cmd);

+

 		switch (type) {

 		case NFT_MSG_NEWOBJ:

-			nft_mon_print(monh, "add ");

-			obj = netlink_delinearize_obj(monh->ctx, nlo);

-			if (obj == NULL) {

-				nftnl_obj_free(nlo);

-				return MNL_CB_ERROR;

-			}

 			obj_print_plain(obj, monh->ctx->octx);

-			obj_free(obj);

-			nft_mon_print(monh, "\n");

 			break;

 		case NFT_MSG_DELOBJ:

-			family = nftnl_obj_get_u32(nlo, NFTNL_OBJ_FAMILY);

-			nft_mon_print(monh, "delete %s %s %s %s\n",

-			       obj_type_name(nftnl_obj_get_u32(nlo, NFTNL_OBJ_TYPE)),

-			       family2str(family),

-			       nftnl_obj_get_str(nlo, NFTNL_OBJ_TABLE),

-			       nftnl_obj_get_str(nlo, NFTNL_OBJ_NAME));

+			nft_mon_print(monh, "%s %s %s %s",

+			       obj_type_name(obj->type),

+			       family,

+			       obj->handle.table.name,

+			       obj->handle.obj.name);

 			break;

 		}

 		break;

 	case NFTNL_OUTPUT_JSON:

-		nftnl_obj_fprintf(monh->ctx->octx->output_fp, nlo,

-				  monh->format, netlink_msg2nftnl_of(type));

-		nft_mon_print(monh, "\n");

+		monitor_print_obj_json(monh, cmd, obj);

 		break;

 	}

-

+	nft_mon_print(monh, "\n");

+	obj_free(obj);

 	nftnl_obj_free(nlo);

 	return MNL_CB_OK;

 }

@@ -496,48 +507,42 @@ static void rule_map_decompose_cb(struct set *s, void *data)

 static int netlink_events_rule_cb(const struct nlmsghdr *nlh, int type,

 				  struct netlink_mon_handler *monh)

 {

+	const char *family, *cmd;

 	struct nftnl_rule *nlr;

-	const char *family;

-	const char *table;

-	const char *chain;

 	struct rule *r;

-	uint64_t handle;

-	uint32_t fam;

 	nlr = netlink_rule_alloc(nlh);

+	r = netlink_delinearize_rule(monh->ctx, nlr);

+	nlr_for_each_set(nlr, rule_map_decompose_cb, NULL, monh->cache);

+	cmd = netlink_msg2cmd(type);

+

 	switch (monh->format) {

 	case NFTNL_OUTPUT_DEFAULT:

-		fam = nftnl_rule_get_u32(nlr, NFTNL_RULE_FAMILY);

-		family = family2str(fam);

-		table = nftnl_rule_get_str(nlr, NFTNL_RULE_TABLE);

-		chain = nftnl_rule_get_str(nlr, NFTNL_RULE_CHAIN);

-		handle = nftnl_rule_get_u64(nlr, NFTNL_RULE_HANDLE);

+		family = family2str(r->handle.family);

+

+		nft_mon_print(monh, "%s rule %s %s %s ",

+			      cmd,

+			      family,

+			      r->handle.table.name,

+			      r->handle.chain.name);

 		switch (type) {

 		case NFT_MSG_NEWRULE:

-			r = netlink_delinearize_rule(monh->ctx, nlr);

-			nlr_for_each_set(nlr, rule_map_decompose_cb, NULL,

-					 monh->cache);

-

-			nft_mon_print(monh, "add rule %s %s %s ", family, table, chain);

 			rule_print(r, monh->ctx->octx);

-			nft_mon_print(monh, "\n");

-			rule_free(r);

 			break;

 		case NFT_MSG_DELRULE:

-			nft_mon_print(monh, "delete rule %s %s %s handle %u\n",

-			       family, table, chain, (unsigned int)handle);

+			nft_mon_print(monh, "handle %" PRIu64,

+				      r->handle.handle.id);

 			break;

 		}

 		break;

 	case NFTNL_OUTPUT_JSON:

-		nftnl_rule_fprintf(monh->ctx->octx->output_fp, nlr,

-				   monh->format, netlink_msg2nftnl_of(type));

-		nft_mon_print(monh, "\n");

+		monitor_print_rule_json(monh, cmd, r);

 		break;

 	}

-

+	nft_mon_print(monh, "\n");

+	rule_free(r);

 	nftnl_rule_free(nlr);

 	return MNL_CB_OK;

 }

diff --git a/src/rule.c b/src/rule.c

index eb06302d4f223..3065cc5474bbf 100644

--- a/src/rule.c

+++ b/src/rule.c

@@ -812,8 +812,6 @@ void chain_print_plain(const struct chain *chain, struct output_ctx *octx)

 	}

 	if (octx->handle > 0)

 		nft_print(octx, " # handle %" PRIu64, chain->handle.handle.id);

-

-	nft_print(octx, "\n");

 }

 struct table *table_alloc(void)

-- 

2.19.0