From 92a4ff6f0448bcb0b5909982a7ad317c23c89372 Mon Sep 17 00:00:00 2001
From: Liping Zhang <liping.zhang@spreadtrum.com>
Date: Fri, 7 Oct 2016 19:08:54 +0800
Subject: extensions: libxt_quota: add translation to nft

For example:
  # iptables-translate -A OUTPUT -m quota --quota 111
  nft add rule ip filter OUTPUT quota 111 bytes counter

  # iptables-translate -A OUTPUT -m quota ! --quota 111
  nft add rule ip filter OUTPUT quota over 111 bytes counter

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 extensions/libxt_quota.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

(limited to 'extensions')

diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index ff7dd2a3..bad77d23 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -50,6 +50,17 @@ static void quota_parse(struct xt_option_call *cb)
 		info->flags |= XT_QUOTA_INVERT;
 }
 
+static int quota_xlate(struct xt_xlate *xl,
+		       const struct xt_xlate_mt_params *params)
+{
+	const struct xt_quota_info *q = (void *)params->match->data;
+
+	xt_xlate_add(xl, "quota %s%llu bytes",
+		     q->flags & XT_QUOTA_INVERT ? "over " : "",
+		     (unsigned long long) q->quota);
+	return 1;
+}
+
 static struct xtables_match quota_match = {
 	.family		= NFPROTO_UNSPEC,
 	.name		= "quota",
@@ -61,6 +72,7 @@ static struct xtables_match quota_match = {
 	.save		= quota_save,
 	.x6_parse	= quota_parse,
 	.x6_options	= quota_opts,
+	.xlate		= quota_xlate,
 };
 
 void
-- 
cgit v1.2.3