diff options
Diffstat (limited to 'iptables/iptables.c')
-rw-r--r-- | iptables/iptables.c | 88 |
1 files changed, 5 insertions, 83 deletions
diff --git a/iptables/iptables.c b/iptables/iptables.c index f765cf98..00e3f016 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -48,21 +48,6 @@ #define FALSE 0 #endif -#define FMT_NUMERIC 0x0001 -#define FMT_NOCOUNTS 0x0002 -#define FMT_KILOMEGAGIGA 0x0004 -#define FMT_OPTIONS 0x0008 -#define FMT_NOTABLE 0x0010 -#define FMT_NOTARGET 0x0020 -#define FMT_VIA 0x0040 -#define FMT_NONEWLINE 0x0080 -#define FMT_LINENUMBERS 0x0100 - -#define FMT_PRINT_RULE (FMT_NOCOUNTS | FMT_OPTIONS | FMT_VIA \ - | FMT_NUMERIC | FMT_NOTABLE) -#define FMT(tab,notab) ((format) & FMT_NOTABLE ? (notab) : (tab)) - - #define CMD_NONE 0x0000U #define CMD_INSERT 0x0001U #define CMD_DELETE 0x0002U @@ -186,22 +171,6 @@ static const int inverse_for_options[NUMBER_OF_OPT] = #define prog_name iptables_globals.program_name #define prog_vers iptables_globals.program_version -/* Primitive headers... */ -/* defined in netinet/in.h */ -#if 0 -#ifndef IPPROTO_ESP -#define IPPROTO_ESP 50 -#endif -#ifndef IPPROTO_AH -#define IPPROTO_AH 51 -#endif -#endif - -enum { - IPT_DOTTED_ADDR = 0, - IPT_DOTTED_MASK -}; - static void __attribute__((noreturn)) exit_tryhelp(int status) { @@ -445,32 +414,6 @@ set_option(unsigned int *options, unsigned int option, uint8_t *invflg, } static void -print_num(uint64_t number, unsigned int format) -{ - if (format & FMT_KILOMEGAGIGA) { - if (number > 99999) { - number = (number + 500) / 1000; - if (number > 9999) { - number = (number + 500) / 1000; - if (number > 9999) { - number = (number + 500) / 1000; - if (number > 9999) { - number = (number + 500) / 1000; - printf(FMT("%4lluT ","%lluT "), (unsigned long long)number); - } - else printf(FMT("%4lluG ","%lluG "), (unsigned long long)number); - } - else printf(FMT("%4lluM ","%lluM "), (unsigned long long)number); - } else - printf(FMT("%4lluK ","%lluK "), (unsigned long long)number); - } else - printf(FMT("%5llu ","%llu "), (unsigned long long)number); - } else - printf(FMT("%8llu ","%llu "), (unsigned long long)number); -} - - -static void print_header(unsigned int format, const char *chain, struct xtc_handle *handle) { struct xt_counters counters; @@ -480,9 +423,9 @@ print_header(unsigned int format, const char *chain, struct xtc_handle *handle) printf(" (policy %s", pol); if (!(format & FMT_NOCOUNTS)) { fputc(' ', stdout); - print_num(counters.pcnt, (format|FMT_NOTABLE)); + xtables_print_num(counters.pcnt, (format|FMT_NOTABLE)); fputs("packets, ", stdout); - print_num(counters.bcnt, (format|FMT_NOTABLE)); + xtables_print_num(counters.bcnt, (format|FMT_NOTABLE)); fputs("bytes", stdout); } printf(")\n"); @@ -567,8 +510,8 @@ print_firewall(const struct ipt_entry *fw, printf(FMT("%-4u ", "%u "), num); if (!(format & FMT_NOCOUNTS)) { - print_num(fw->counters.pcnt, format); - print_num(fw->counters.bcnt, format); + xtables_print_num(fw->counters.pcnt, format); + xtables_print_num(fw->counters.bcnt, format); } if (!(format & FMT_NOTARGET)) @@ -1257,27 +1200,6 @@ generate_entry(const struct ipt_entry *fw, return e; } -static void clear_rule_matches(struct xtables_rule_match **matches) -{ - struct xtables_rule_match *matchp, *tmp; - - for (matchp = *matches; matchp;) { - tmp = matchp->next; - if (matchp->match->m) { - free(matchp->match->m); - matchp->match->m = NULL; - } - if (matchp->match == matchp->match->next) { - free(matchp->match); - matchp->match = NULL; - } - free(matchp); - matchp = tmp; - } - - *matches = NULL; -} - static void command_jump(struct iptables_command_state *cs) { size_t size; @@ -1979,7 +1901,7 @@ int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle if (verbose > 1) dump_entries(*handle); - clear_rule_matches(&cs.matches); + xtables_rule_matches_free(&cs.matches); if (e != NULL) { free(e); |