|
 |
aca4c4 |
From f8839b3651e0ffbb93b6ce4675809d60782a4396 Mon Sep 17 00:00:00 2001
|
|
|
aca4c4 |
From: Phil Sutter <phil@nwl.cc>
|
|
|
aca4c4 |
Date: Tue, 17 Nov 2020 00:57:10 +0100
|
|
|
aca4c4 |
Subject: [PATCH] Use proto_to_name() from xshared in more places
|
|
|
aca4c4 |
|
|
|
aca4c4 |
Share the common proto name lookup code. While being at it, make proto
|
|
|
aca4c4 |
number variable 16bit, values may exceed 256.
|
|
|
aca4c4 |
|
|
|
aca4c4 |
This aligns iptables-nft '-p' argument printing with legacy iptables. In
|
|
|
aca4c4 |
practice, this should make a difference only in corner cases.
|
|
|
aca4c4 |
|
|
|
aca4c4 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
aca4c4 |
(cherry picked from commit 556f704458cdb509d395ddb7d2629987d60e762e)
|
|
|
aca4c4 |
---
|
|
|
aca4c4 |
include/xtables.h | 2 +-
|
|
|
aca4c4 |
iptables/ip6tables.c | 22 +++++-----------------
|
|
|
aca4c4 |
iptables/iptables.c | 20 +++++---------------
|
|
|
aca4c4 |
iptables/nft-shared.c | 6 +++---
|
|
|
aca4c4 |
iptables/xshared.c | 2 +-
|
|
|
aca4c4 |
iptables/xshared.h | 2 +-
|
|
|
aca4c4 |
6 files changed, 16 insertions(+), 38 deletions(-)
|
|
|
aca4c4 |
|
|
|
aca4c4 |
diff --git a/include/xtables.h b/include/xtables.h
|
|
|
aca4c4 |
index d77a73a4303a7..06982e720cbb8 100644
|
|
|
aca4c4 |
--- a/include/xtables.h
|
|
|
aca4c4 |
+++ b/include/xtables.h
|
|
|
aca4c4 |
@@ -395,7 +395,7 @@ struct xtables_rule_match {
|
|
|
aca4c4 |
*/
|
|
|
aca4c4 |
struct xtables_pprot {
|
|
|
aca4c4 |
const char *name;
|
|
|
aca4c4 |
- uint8_t num;
|
|
|
aca4c4 |
+ uint16_t num;
|
|
|
aca4c4 |
};
|
|
|
aca4c4 |
|
|
|
aca4c4 |
enum xtables_tryload {
|
|
|
aca4c4 |
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
|
|
|
aca4c4 |
index b96dc033e7ebb..4860682001360 100644
|
|
|
aca4c4 |
--- a/iptables/ip6tables.c
|
|
|
aca4c4 |
+++ b/iptables/ip6tables.c
|
|
|
aca4c4 |
@@ -849,28 +849,16 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
|
|
|
aca4c4 |
-/* The ip6tables looks up the /etc/protocols. */
|
|
|
aca4c4 |
static void print_proto(uint16_t proto, int invert)
|
|
|
aca4c4 |
{
|
|
|
aca4c4 |
if (proto) {
|
|
|
aca4c4 |
- unsigned int i;
|
|
|
aca4c4 |
+ const char *pname = proto_to_name(proto, 0);
|
|
|
aca4c4 |
const char *invertstr = invert ? " !" : "";
|
|
|
aca4c4 |
|
|
|
aca4c4 |
- const struct protoent *pent = getprotobynumber(proto);
|
|
|
aca4c4 |
- if (pent) {
|
|
|
aca4c4 |
- printf("%s -p %s",
|
|
|
aca4c4 |
- invertstr, pent->p_name);
|
|
|
aca4c4 |
- return;
|
|
|
aca4c4 |
- }
|
|
|
aca4c4 |
-
|
|
|
aca4c4 |
- for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
|
|
|
aca4c4 |
- if (xtables_chain_protos[i].num == proto) {
|
|
|
aca4c4 |
- printf("%s -p %s",
|
|
|
aca4c4 |
- invertstr, xtables_chain_protos[i].name);
|
|
|
aca4c4 |
- return;
|
|
|
aca4c4 |
- }
|
|
|
aca4c4 |
-
|
|
|
aca4c4 |
- printf("%s -p %u", invertstr, proto);
|
|
|
aca4c4 |
+ if (pname)
|
|
|
aca4c4 |
+ printf("%s -p %s", invertstr, pname);
|
|
|
aca4c4 |
+ else
|
|
|
aca4c4 |
+ printf("%s -p %u", invertstr, proto);
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
|
|
|
aca4c4 |
diff --git a/iptables/iptables.c b/iptables/iptables.c
|
|
|
aca4c4 |
index 6e2946f5660de..620429b5d4817 100644
|
|
|
aca4c4 |
--- a/iptables/iptables.c
|
|
|
aca4c4 |
+++ b/iptables/iptables.c
|
|
|
aca4c4 |
@@ -819,23 +819,13 @@ list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric,
|
|
|
aca4c4 |
static void print_proto(uint16_t proto, int invert)
|
|
|
aca4c4 |
{
|
|
|
aca4c4 |
if (proto) {
|
|
|
aca4c4 |
- unsigned int i;
|
|
|
aca4c4 |
+ const char *pname = proto_to_name(proto, 0);
|
|
|
aca4c4 |
const char *invertstr = invert ? " !" : "";
|
|
|
aca4c4 |
|
|
|
aca4c4 |
- const struct protoent *pent = getprotobynumber(proto);
|
|
|
aca4c4 |
- if (pent) {
|
|
|
aca4c4 |
- printf("%s -p %s", invertstr, pent->p_name);
|
|
|
aca4c4 |
- return;
|
|
|
aca4c4 |
- }
|
|
|
aca4c4 |
-
|
|
|
aca4c4 |
- for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
|
|
|
aca4c4 |
- if (xtables_chain_protos[i].num == proto) {
|
|
|
aca4c4 |
- printf("%s -p %s",
|
|
|
aca4c4 |
- invertstr, xtables_chain_protos[i].name);
|
|
|
aca4c4 |
- return;
|
|
|
aca4c4 |
- }
|
|
|
aca4c4 |
-
|
|
|
aca4c4 |
- printf("%s -p %u", invertstr, proto);
|
|
|
aca4c4 |
+ if (pname)
|
|
|
aca4c4 |
+ printf("%s -p %s", invertstr, pname);
|
|
|
aca4c4 |
+ else
|
|
|
aca4c4 |
+ printf("%s -p %u", invertstr, proto);
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
|
|
|
aca4c4 |
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
|
|
|
aca4c4 |
index d73d0b6159be6..e3ba4ac34146f 100644
|
|
|
aca4c4 |
--- a/iptables/nft-shared.c
|
|
|
aca4c4 |
+++ b/iptables/nft-shared.c
|
|
|
aca4c4 |
@@ -821,13 +821,13 @@ void save_rule_details(const struct iptables_command_state *cs,
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
|
|
|
aca4c4 |
if (proto > 0) {
|
|
|
aca4c4 |
- const struct protoent *pent = getprotobynumber(proto);
|
|
|
aca4c4 |
+ const char *pname = proto_to_name(proto, 0);
|
|
|
aca4c4 |
|
|
|
aca4c4 |
if (invflags & XT_INV_PROTO)
|
|
|
aca4c4 |
printf("! ");
|
|
|
aca4c4 |
|
|
|
aca4c4 |
- if (pent)
|
|
|
aca4c4 |
- printf("-p %s ", pent->p_name);
|
|
|
aca4c4 |
+ if (pname)
|
|
|
aca4c4 |
+ printf("-p %s ", pname);
|
|
|
aca4c4 |
else
|
|
|
aca4c4 |
printf("-p %u ", proto);
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
diff --git a/iptables/xshared.c b/iptables/xshared.c
|
|
|
aca4c4 |
index 0c232ca2ae8d5..7a55ed5d15715 100644
|
|
|
aca4c4 |
--- a/iptables/xshared.c
|
|
|
aca4c4 |
+++ b/iptables/xshared.c
|
|
|
aca4c4 |
@@ -48,7 +48,7 @@ void print_extension_helps(const struct xtables_target *t,
|
|
|
aca4c4 |
}
|
|
|
aca4c4 |
|
|
|
aca4c4 |
const char *
|
|
|
aca4c4 |
-proto_to_name(uint8_t proto, int nolookup)
|
|
|
aca4c4 |
+proto_to_name(uint16_t proto, int nolookup)
|
|
|
aca4c4 |
{
|
|
|
aca4c4 |
unsigned int i;
|
|
|
aca4c4 |
|
|
|
aca4c4 |
diff --git a/iptables/xshared.h b/iptables/xshared.h
|
|
|
aca4c4 |
index 095a574d85879..f3c7f28806619 100644
|
|
|
aca4c4 |
--- a/iptables/xshared.h
|
|
|
aca4c4 |
+++ b/iptables/xshared.h
|
|
|
aca4c4 |
@@ -146,7 +146,7 @@ enum {
|
|
|
aca4c4 |
|
|
|
aca4c4 |
extern void print_extension_helps(const struct xtables_target *,
|
|
|
aca4c4 |
const struct xtables_rule_match *);
|
|
|
aca4c4 |
-extern const char *proto_to_name(uint8_t, int);
|
|
|
aca4c4 |
+extern const char *proto_to_name(uint16_t, int);
|
|
|
aca4c4 |
extern int command_default(struct iptables_command_state *,
|
|
|
aca4c4 |
struct xtables_globals *);
|
|
|
aca4c4 |
extern struct xtables_match *load_proto(struct iptables_command_state *);
|
|
|
aca4c4 |
--
|
|
|
aca4c4 |
2.34.1
|
|
|
aca4c4 |
|