From 80aae9b3b784ffdea3624117c548d500c56f24d9 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Wed, 19 Sep 2018 15:17:00 +0200 Subject: iptables: Use print_ifaces() from xtables Move the function to xshared.c for common use between legacy and xtables sources. While being at it, silence a covscan warning triggered by that function as it couldn't verify input buffers won't exceed IFNAMSIZ. Therefore use snprintf() when writing to the local buffer. Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- iptables/xshared.c | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) (limited to 'iptables/xshared.c') diff --git a/iptables/xshared.c b/iptables/xshared.c index d30e7232..a10e425c 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -568,3 +568,28 @@ void print_ipv6_addresses(const struct ip6t_entry *fw6, unsigned int format) ipv6_addr_to_string(&fw6->ipv6.dst, &fw6->ipv6.dmsk, format)); } + +/* Luckily, IPT_INV_VIA_IN and IPT_INV_VIA_OUT + * have the same values as IP6T_INV_VIA_IN and IP6T_INV_VIA_OUT + * so this function serves for both iptables and ip6tables */ +void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags, + unsigned int format) +{ + const char *anyname = format & FMT_NUMERIC ? "*" : "any"; + char iface[IFNAMSIZ + 2]; + + if (!(format & FMT_VIA)) + return; + + snprintf(iface, IFNAMSIZ + 2, "%s%s", + invflags & IPT_INV_VIA_IN ? "!" : "", + iniface[0] != '\0' ? iniface : anyname); + + printf(FMT(" %-6s ", "in %s "), iface); + + snprintf(iface, IFNAMSIZ + 2, "%s%s", + invflags & IPT_INV_VIA_OUT ? "!" : "", + outiface[0] != '\0' ? outiface : anyname); + + printf(FMT("%-6s ", "out %s "), iface); +} -- cgit v1.2.3