diff options
Diffstat (limited to 'extensions/libebt_among.c')
-rw-r--r-- | extensions/libebt_among.c | 44 |
1 files changed, 20 insertions, 24 deletions
diff --git a/extensions/libebt_among.c b/extensions/libebt_among.c index 7eb898f9..85f9bee4 100644 --- a/extensions/libebt_among.c +++ b/extensions/libebt_among.c @@ -43,10 +43,10 @@ static void bramong_print_help(void) { printf( "`among' options:\n" -"--among-dst [!] list : matches if ether dst is in list\n" -"--among-src [!] list : matches if ether src is in list\n" -"--among-dst-file [!] file : obtain dst list from file\n" -"--among-src-file [!] file : obtain src list from file\n" +"[!] --among-dst list : matches if ether dst is in list\n" +"[!] --among-src list : matches if ether src is in list\n" +"[!] --among-dst-file file : obtain dst list from file\n" +"[!] --among-src-file file : obtain src list from file\n" "list has form:\n" " xx:xx:xx:xx:xx:xx[=ip.ip.ip.ip],yy:yy:yy:yy:yy:yy[=ip.ip.ip.ip]" ",...,zz:zz:zz:zz:zz:zz[=ip.ip.ip.ip][,]\n" @@ -68,12 +68,12 @@ parse_nft_among_pair(char *buf, struct nft_among_pair *pair, bool have_ip) if (!inet_pton(AF_INET, sep + 1, &pair->in)) xtables_error(PARAMETER_PROBLEM, - "Invalid IP address '%s'\n", sep + 1); + "Invalid IP address '%s'", sep + 1); } ether = ether_aton(buf); if (!ether) xtables_error(PARAMETER_PROBLEM, - "Invalid MAC address '%s'\n", buf); + "Invalid MAC address '%s'", buf); memcpy(&pair->ether, ether, sizeof(*ether)); } @@ -119,7 +119,6 @@ static int bramong_parse(int c, char **argv, int invert, struct xt_entry_match **match) { struct nft_among_data *data = (struct nft_among_data *)(*match)->data; - struct xt_entry_match *new_match; bool have_ip, dst = false; size_t new_size, cnt; struct stat stats; @@ -152,10 +151,9 @@ static int bramong_parse(int c, char **argv, int invert, xtables_error(PARAMETER_PROBLEM, "File should only contain one line"); optarg[flen-1] = '\0'; - /* fall through */ + break; case AMONG_DST: - if (c == AMONG_DST) - dst = true; + dst = true; /* fall through */ case AMONG_SRC: break; @@ -171,18 +169,17 @@ static int bramong_parse(int c, char **argv, int invert, new_size *= sizeof(struct nft_among_pair); new_size += XT_ALIGN(sizeof(struct xt_entry_match)) + sizeof(struct nft_among_data); - new_match = xtables_calloc(1, new_size); - memcpy(new_match, *match, (*match)->u.match_size); - new_match->u.match_size = new_size; - data = (struct nft_among_data *)new_match->data; + if (new_size > (*match)->u.match_size) { + *match = xtables_realloc(*match, new_size); + (*match)->u.match_size = new_size; + data = (struct nft_among_data *)(*match)->data; + } + have_ip = nft_among_pairs_have_ip(optarg); poff = nft_among_prepare_data(data, dst, cnt, invert, have_ip); parse_nft_among_pairs(data->pairs + poff, optarg, cnt, have_ip); - free(*match); - *match = new_match; - if (c == AMONG_DST_F || c == AMONG_SRC_F) { munmap(argv, flen); close(fd); @@ -191,10 +188,10 @@ static int bramong_parse(int c, char **argv, int invert, } static void __bramong_print(struct nft_among_pair *pairs, - int cnt, bool inv, bool have_ip) + int cnt, bool have_ip) { - const char *isep = inv ? "! " : ""; char abuf[INET_ADDRSTRLEN]; + const char *isep = ""; int i; for (i = 0; i < cnt; i++) { @@ -215,14 +212,13 @@ static void bramong_print(const void *ip, const struct xt_entry_match *match, struct nft_among_data *data = (struct nft_among_data *)match->data; if (data->src.cnt) { - printf("--among-src "); - __bramong_print(data->pairs, - data->src.cnt, data->src.inv, data->src.ip); + printf("%s--among-src ", data->src.inv ? "! " : ""); + __bramong_print(data->pairs, data->src.cnt, data->src.ip); } if (data->dst.cnt) { - printf("--among-dst "); + printf("%s--among-dst ", data->dst.inv ? "! " : ""); __bramong_print(data->pairs + data->src.cnt, - data->dst.cnt, data->dst.inv, data->dst.ip); + data->dst.cnt, data->dst.ip); } } |