diff options
-rw-r--r-- | iptables/ip6tables.c | 31 | ||||
-rw-r--r-- | iptables/iptables.c | 31 | ||||
-rw-r--r-- | iptables/xshared.c | 30 | ||||
-rw-r--r-- | iptables/xshared.h | 2 |
4 files changed, 32 insertions, 62 deletions
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index 5a64566e..0509c36c 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -644,37 +644,6 @@ list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, return found; } -static int print_match_save(const struct xt_entry_match *e, - const struct ip6t_ip6 *ip) -{ - const char *name = e->u.user.name; - const int revision = e->u.user.revision; - struct xtables_match *match, *mt, *mt2; - - match = xtables_find_match(name, XTF_TRY_LOAD, NULL); - if (match) { - mt = mt2 = xtables_find_match_revision(name, XTF_TRY_LOAD, - match, revision); - if (!mt2) - mt2 = match; - printf(" -m %s", mt2->alias ? mt2->alias(e) : name); - - /* some matches don't provide a save function */ - if (mt && mt->save) - mt->save(ip, e); - else if (match->save) - printf(unsupported_rev); - } else { - if (e->u.match_size) { - fprintf(stderr, - "Can't find library for match `%s'\n", - name); - exit(1); - } - } - return 0; -} - /* We want this to be readable, so only print out necessary fields. * Because that's the kind of world I want to live in. */ diff --git a/iptables/iptables.c b/iptables/iptables.c index ac51c612..a69d4238 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -642,37 +642,6 @@ list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, #define IP_PARTS(n) IP_PARTS_NATIVE(ntohl(n)) -static int print_match_save(const struct xt_entry_match *e, - const struct ipt_ip *ip) -{ - const char *name = e->u.user.name; - const int revision = e->u.user.revision; - struct xtables_match *match, *mt, *mt2; - - match = xtables_find_match(name, XTF_TRY_LOAD, NULL); - if (match) { - mt = mt2 = xtables_find_match_revision(name, XTF_TRY_LOAD, - match, revision); - if (!mt2) - mt2 = match; - printf(" -m %s", mt2->alias ? mt2->alias(e) : name); - - /* some matches don't provide a save function */ - if (mt && mt->save) - mt->save(ip, e); - else if (match->save) - printf(unsupported_rev); - } else { - if (e->u.match_size) { - fprintf(stderr, - "Can't find library for match `%s'\n", - name); - exit(1); - } - } - return 0; -} - /* We want this to be readable, so only print out necessary fields. * Because that's the kind of world I want to live in. */ diff --git a/iptables/xshared.c b/iptables/xshared.c index a1ca2b0f..94a2d088 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -1119,3 +1119,33 @@ void save_rule_details(const char *iniface, unsigned const char *iniface_mask, printf(" -f"); } } + +int print_match_save(const struct xt_entry_match *e, const void *ip) +{ + const char *name = e->u.user.name; + const int revision = e->u.user.revision; + struct xtables_match *match, *mt, *mt2; + + match = xtables_find_match(name, XTF_TRY_LOAD, NULL); + if (match) { + mt = mt2 = xtables_find_match_revision(name, XTF_TRY_LOAD, + match, revision); + if (!mt2) + mt2 = match; + printf(" -m %s", mt2->alias ? mt2->alias(e) : name); + + /* some matches don't provide a save function */ + if (mt && mt->save) + mt->save(ip, e); + else if (match->save) + printf(" [unsupported revision]"); + } else { + if (e->u.match_size) { + fprintf(stderr, + "Can't find library for match `%s'\n", + name); + exit(1); + } + } + return 0; +} diff --git a/iptables/xshared.h b/iptables/xshared.h index 060c62ef..1ee64d9e 100644 --- a/iptables/xshared.h +++ b/iptables/xshared.h @@ -257,4 +257,6 @@ void save_rule_details(const char *iniface, unsigned const char *iniface_mask, const char *outiface, unsigned const char *outiface_mask, uint16_t proto, int frag, uint8_t invflags); +int print_match_save(const struct xt_entry_match *e, const void *ip); + #endif /* IPTABLES_XSHARED_H */ |