diff options
author | Phil Sutter <phil@nwl.cc> | 2020-05-12 18:46:39 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2022-11-15 16:58:16 +0100 |
commit | eb2546a8467764de357598e6a54ddbc23ca5ee7d (patch) | |
tree | e2175d30cdfacb334d36d2f2761c95779d0b9d9a /iptables/xshared.c | |
parent | 223e34b057b95604f07c53e984b199c56140e309 (diff) |
xshared: Share make_delete_mask() between ip{,6}tables
Function bodies were mostly identical, the only difference being the use
of struct ipt_entry or ip6t_entry for size calculation. Pass this value
via parameter to make them fully identical.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/xshared.c')
-rw-r--r-- | iptables/xshared.c | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/iptables/xshared.c b/iptables/xshared.c index 69515789..0beacee6 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -2000,3 +2000,37 @@ void ipv6_post_parse(int command, struct iptables_command_state *cs, "! not allowed with multiple" " source or destination IP addresses"); } + +unsigned char * +make_delete_mask(const struct xtables_rule_match *matches, + const struct xtables_target *target, + size_t entry_size) +{ + /* Establish mask for comparison */ + unsigned int size = entry_size; + const struct xtables_rule_match *matchp; + unsigned char *mask, *mptr; + + for (matchp = matches; matchp; matchp = matchp->next) + size += XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->size; + + mask = xtables_calloc(1, size + + XT_ALIGN(sizeof(struct xt_entry_target)) + + target->size); + + memset(mask, 0xFF, entry_size); + mptr = mask + entry_size; + + for (matchp = matches; matchp; matchp = matchp->next) { + memset(mptr, 0xFF, + XT_ALIGN(sizeof(struct xt_entry_match)) + + matchp->match->userspacesize); + mptr += XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->size; + } + + memset(mptr, 0xFF, + XT_ALIGN(sizeof(struct xt_entry_target)) + + target->userspacesize); + + return mask; +} |