|
 |
029dc7 |
From b321a8af45e3040ae46091fef2c35d5533ab83bc Mon Sep 17 00:00:00 2001
|
|
|
029dc7 |
From: Phil Sutter <phil@nwl.cc>
|
|
|
029dc7 |
Date: Mon, 21 Jan 2019 17:43:34 +0100
|
|
|
029dc7 |
Subject: [PATCH] ebtables: Fix rule listing with counters
|
|
|
029dc7 |
|
|
|
029dc7 |
This is a partial revert of commit 583b27eabcad6 ("ebtables-save: add -c
|
|
|
029dc7 |
option, using xtables-style counters") which broke ruleset listing with
|
|
|
029dc7 |
'--Lc' flag turned on:
|
|
|
029dc7 |
|
|
|
029dc7 |
| # ebtables-nft -L --Lc
|
|
|
029dc7 |
| Bridge table: filter
|
|
|
029dc7 |
|
|
|
|
029dc7 |
| Bridge chain: INPUT, entries: 0, policy: ACCEPT
|
|
|
029dc7 |
|
|
|
|
029dc7 |
| Bridge chain: FORWARD, entries: 2, policy: ACCEPT
|
|
|
029dc7 |
| -j foo
|
|
|
029dc7 |
| , pcnt = 0 -- bcnt = 0-j ACCEPT
|
|
|
029dc7 |
| , pcnt = 0 -- bcnt = 0
|
|
|
029dc7 |
| Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
|
|
|
029dc7 |
|
|
|
|
029dc7 |
| Bridge chain: foo, entries: 1, policy: RETURN
|
|
|
029dc7 |
| -j ACCEPT
|
|
|
029dc7 |
| , pcnt = 0 -- bcnt = 0%
|
|
|
029dc7 |
|
|
|
029dc7 |
(That percentage sign means no newline after last line of output and
|
|
|
029dc7 |
doesn't belong to ebtables-nft's output.)
|
|
|
029dc7 |
|
|
|
029dc7 |
Problem was that nft_bridge_print_rule() printed the counters after
|
|
|
029dc7 |
nft_bridge_save_rule() had already printed the newline character.
|
|
|
029dc7 |
|
|
|
029dc7 |
Note also that there is no need to remove FMT_EBT_SAVE bit from 'format'
|
|
|
029dc7 |
variable: It is set only by ebtables-nft-save which doesn't call
|
|
|
029dc7 |
nft_bridge_print_rule().
|
|
|
029dc7 |
|
|
|
029dc7 |
Fixes: 583b27eabcad6 ("ebtables-save: add -c option, using xtables-style counters")
|
|
|
029dc7 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
029dc7 |
Signed-off-by: Florian Westphal <fw@strlen.de>
|
|
|
029dc7 |
(cherry picked from commit 32ebc39f71e8107d6069a9f6fba8338a2823889d)
|
|
|
029dc7 |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
029dc7 |
---
|
|
|
029dc7 |
iptables/nft-bridge.c | 11 ++++++-----
|
|
|
029dc7 |
1 file changed, 6 insertions(+), 5 deletions(-)
|
|
|
029dc7 |
|
|
|
029dc7 |
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
|
|
|
029dc7 |
index 140fcf0a31b84..43b3e3e9649b8 100644
|
|
|
029dc7 |
--- a/iptables/nft-bridge.c
|
|
|
029dc7 |
+++ b/iptables/nft-bridge.c
|
|
|
029dc7 |
@@ -479,6 +479,11 @@ static void nft_bridge_save_rule(const void *data, unsigned int format)
|
|
|
029dc7 |
(uint64_t)cs->counters.pcnt,
|
|
|
029dc7 |
(uint64_t)cs->counters.bcnt);
|
|
|
029dc7 |
|
|
|
029dc7 |
+ if (!(format & FMT_NOCOUNTS))
|
|
|
029dc7 |
+ printf(" , pcnt = %"PRIu64" -- bcnt = %"PRIu64"",
|
|
|
029dc7 |
+ (uint64_t)cs->counters.pcnt,
|
|
|
029dc7 |
+ (uint64_t)cs->counters.bcnt);
|
|
|
029dc7 |
+
|
|
|
029dc7 |
if (!(format & FMT_NONEWLINE))
|
|
|
029dc7 |
fputc('\n', stdout);
|
|
|
029dc7 |
}
|
|
|
029dc7 |
@@ -492,11 +497,7 @@ static void nft_bridge_print_rule(struct nftnl_rule *r, unsigned int num,
|
|
|
029dc7 |
printf("%d ", num);
|
|
|
029dc7 |
|
|
|
029dc7 |
nft_rule_to_ebtables_command_state(r, &cs);
|
|
|
029dc7 |
- nft_bridge_save_rule(&cs, format & ~FMT_EBT_SAVE);
|
|
|
029dc7 |
- if (!(format & FMT_NOCOUNTS))
|
|
|
029dc7 |
- printf(" , pcnt = %"PRIu64" -- bcnt = %"PRIu64"",
|
|
|
029dc7 |
- (uint64_t)cs.counters.pcnt,
|
|
|
029dc7 |
- (uint64_t)cs.counters.bcnt);
|
|
|
029dc7 |
+ nft_bridge_save_rule(&cs, format);
|
|
|
029dc7 |
ebt_cs_clean(&cs);
|
|
|
029dc7 |
}
|
|
|
029dc7 |
|
|
|
029dc7 |
--
|
|
|
029dc7 |
2.21.0
|
|
|
029dc7 |
|