diff options
author | Liping Zhang <liping.zhang@spreadtrum.com> | 2016-10-07 19:08:54 +0800 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-10-14 18:59:36 +0200 |
commit | 92a4ff6f0448bcb0b5909982a7ad317c23c89372 (patch) | |
tree | 70aeae38cc078fdf9ed7b7a94aaf4e9417e11099 /extensions | |
parent | 82dc0ce50d2f48369f6e738f165f9187012d5a82 (diff) |
extensions: libxt_quota: add translation to nft
For example:
# iptables-translate -A OUTPUT -m quota --quota 111
nft add rule ip filter OUTPUT quota 111 bytes counter
# iptables-translate -A OUTPUT -m quota ! --quota 111
nft add rule ip filter OUTPUT quota over 111 bytes counter
Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/libxt_quota.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c index ff7dd2a3..bad77d23 100644 --- a/extensions/libxt_quota.c +++ b/extensions/libxt_quota.c @@ -50,6 +50,17 @@ static void quota_parse(struct xt_option_call *cb) info->flags |= XT_QUOTA_INVERT; } +static int quota_xlate(struct xt_xlate *xl, + const struct xt_xlate_mt_params *params) +{ + const struct xt_quota_info *q = (void *)params->match->data; + + xt_xlate_add(xl, "quota %s%llu bytes", + q->flags & XT_QUOTA_INVERT ? "over " : "", + (unsigned long long) q->quota); + return 1; +} + static struct xtables_match quota_match = { .family = NFPROTO_UNSPEC, .name = "quota", @@ -61,6 +72,7 @@ static struct xtables_match quota_match = { .save = quota_save, .x6_parse = quota_parse, .x6_options = quota_opts, + .xlate = quota_xlate, }; void |