From 296dca39be1166c4b7c6367c1b97ee95aebddfc3 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 27 Aug 2011 13:06:37 +0200 Subject: iptables-save: remove binary dumping dead code Was never implemented, kill it. Signed-off-by: Jan Engelhardt --- iptables/ip6tables-save.c | 80 ++++++++++++++++++++--------------------------- iptables/iptables-save.c | 80 ++++++++++++++++++++--------------------------- 2 files changed, 68 insertions(+), 92 deletions(-) (limited to 'iptables') diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c index ad0e70f0..38b0c2f2 100644 --- a/iptables/ip6tables-save.c +++ b/iptables/ip6tables-save.c @@ -22,10 +22,9 @@ #include #endif -static int show_binary = 0, show_counters = 0; +static int show_counters = 0; static const struct option options[] = { - {.name = "binary", .has_arg = false, .val = 'b'}, {.name = "counters", .has_arg = false, .val = 'c'}, {.name = "dump", .has_arg = false, .val = 'd'}, {.name = "table", .has_arg = true, .val = 't'}, @@ -76,52 +75,45 @@ static int do_output(const char *tablename) xtables_error(OTHER_PROBLEM, "Cannot initialize: %s\n", ip6tc_strerror(errno)); - if (!show_binary) { - time_t now = time(NULL); - - printf("# Generated by ip6tables-save v%s on %s", - IPTABLES_VERSION, ctime(&now)); - printf("*%s\n", tablename); - - /* Dump out chain names first, - * thereby preventing dependency conflicts */ - for (chain = ip6tc_first_chain(h); - chain; - chain = ip6tc_next_chain(h)) { - - printf(":%s ", chain); - if (ip6tc_builtin(chain, h)) { - struct ip6t_counters count; - printf("%s ", - ip6tc_get_policy(chain, &count, h)); - printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); - } else { - printf("- [0:0]\n"); - } + time_t now = time(NULL); + + printf("# Generated by ip6tables-save v%s on %s", + IPTABLES_VERSION, ctime(&now)); + printf("*%s\n", tablename); + + /* Dump out chain names first, + * thereby preventing dependency conflicts */ + for (chain = ip6tc_first_chain(h); + chain; + chain = ip6tc_next_chain(h)) { + + printf(":%s ", chain); + if (ip6tc_builtin(chain, h)) { + struct ip6t_counters count; + printf("%s ", + ip6tc_get_policy(chain, &count, h)); + printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); + } else { + printf("- [0:0]\n"); } + } + for (chain = ip6tc_first_chain(h); + chain; + chain = ip6tc_next_chain(h)) { + const struct ip6t_entry *e; - for (chain = ip6tc_first_chain(h); - chain; - chain = ip6tc_next_chain(h)) { - const struct ip6t_entry *e; - - /* Dump out rules */ - e = ip6tc_first_rule(chain, h); - while(e) { - print_rule6(e, h, chain, show_counters); - e = ip6tc_next_rule(e, h); - } + /* Dump out rules */ + e = ip6tc_first_rule(chain, h); + while(e) { + print_rule6(e, h, chain, show_counters); + e = ip6tc_next_rule(e, h); } - - now = time(NULL); - printf("COMMIT\n"); - printf("# Completed on %s", ctime(&now)); - } else { - /* Binary, huh? OK. */ - xtables_error(OTHER_PROBLEM, "Binary NYI\n"); } + now = time(NULL); + printf("COMMIT\n"); + printf("# Completed on %s", ctime(&now)); ip6tc_free(h); return 1; @@ -151,10 +143,6 @@ int ip6tables_save_main(int argc, char *argv[]) while ((c = getopt_long(argc, argv, "bcdt:", options, NULL)) != -1) { switch (c) { - case 'b': - show_binary = 1; - break; - case 'c': show_counters = 1; break; diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c index 73fba12a..a25a186e 100644 --- a/iptables/iptables-save.c +++ b/iptables/iptables-save.c @@ -21,10 +21,9 @@ #include #endif -static int show_binary = 0, show_counters = 0; +static int show_counters = 0; static const struct option options[] = { - {.name = "binary", .has_arg = false, .val = 'b'}, {.name = "counters", .has_arg = false, .val = 'c'}, {.name = "dump", .has_arg = false, .val = 'd'}, {.name = "table", .has_arg = true, .val = 't'}, @@ -74,52 +73,45 @@ static int do_output(const char *tablename) xtables_error(OTHER_PROBLEM, "Cannot initialize: %s\n", iptc_strerror(errno)); - if (!show_binary) { - time_t now = time(NULL); - - printf("# Generated by iptables-save v%s on %s", - IPTABLES_VERSION, ctime(&now)); - printf("*%s\n", tablename); - - /* Dump out chain names first, - * thereby preventing dependency conflicts */ - for (chain = iptc_first_chain(h); - chain; - chain = iptc_next_chain(h)) { - - printf(":%s ", chain); - if (iptc_builtin(chain, h)) { - struct ipt_counters count; - printf("%s ", - iptc_get_policy(chain, &count, h)); - printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); - } else { - printf("- [0:0]\n"); - } + time_t now = time(NULL); + + printf("# Generated by iptables-save v%s on %s", + IPTABLES_VERSION, ctime(&now)); + printf("*%s\n", tablename); + + /* Dump out chain names first, + * thereby preventing dependency conflicts */ + for (chain = iptc_first_chain(h); + chain; + chain = iptc_next_chain(h)) { + + printf(":%s ", chain); + if (iptc_builtin(chain, h)) { + struct ipt_counters count; + printf("%s ", + iptc_get_policy(chain, &count, h)); + printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); + } else { + printf("- [0:0]\n"); } + } + for (chain = iptc_first_chain(h); + chain; + chain = iptc_next_chain(h)) { + const struct ipt_entry *e; - for (chain = iptc_first_chain(h); - chain; - chain = iptc_next_chain(h)) { - const struct ipt_entry *e; - - /* Dump out rules */ - e = iptc_first_rule(chain, h); - while(e) { - print_rule4(e, h, chain, show_counters); - e = iptc_next_rule(e, h); - } + /* Dump out rules */ + e = iptc_first_rule(chain, h); + while(e) { + print_rule4(e, h, chain, show_counters); + e = iptc_next_rule(e, h); } - - now = time(NULL); - printf("COMMIT\n"); - printf("# Completed on %s", ctime(&now)); - } else { - /* Binary, huh? OK. */ - xtables_error(OTHER_PROBLEM, "Binary NYI\n"); } + now = time(NULL); + printf("COMMIT\n"); + printf("# Completed on %s", ctime(&now)); iptc_free(h); return 1; @@ -150,10 +142,6 @@ iptables_save_main(int argc, char *argv[]) while ((c = getopt_long(argc, argv, "bcdt:", options, NULL)) != -1) { switch (c) { - case 'b': - show_binary = 1; - break; - case 'c': show_counters = 1; break; -- cgit v1.2.3 From 7e5e866a36a76c153e5903b8251f90cfe07a1d34 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 27 Aug 2011 11:16:16 +0200 Subject: libiptc: replace ipt_chainlabel by xt_chainlabel Signed-off-by: Jan Engelhardt --- iptables/ip6tables.c | 30 +++++++++++++++--------------- iptables/iptables.c | 30 +++++++++++++++--------------- 2 files changed, 30 insertions(+), 30 deletions(-) (limited to 'iptables') diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index 04e5224f..c5d2a0bf 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -676,7 +676,7 @@ print_firewall_line(const struct ip6t_entry *fw, } static int -append_entry(const ip6t_chainlabel chain, +append_entry(const xt_chainlabel chain, struct ip6t_entry *fw, unsigned int nsaddrs, const struct in6_addr saddrs[], @@ -706,7 +706,7 @@ append_entry(const ip6t_chainlabel chain, } static int -replace_entry(const ip6t_chainlabel chain, +replace_entry(const xt_chainlabel chain, struct ip6t_entry *fw, unsigned int rulenum, const struct in6_addr *saddr, const struct in6_addr *smask, @@ -725,7 +725,7 @@ replace_entry(const ip6t_chainlabel chain, } static int -insert_entry(const ip6t_chainlabel chain, +insert_entry(const xt_chainlabel chain, struct ip6t_entry *fw, unsigned int rulenum, unsigned int nsaddrs, @@ -790,7 +790,7 @@ make_delete_mask(const struct xtables_rule_match *matches, } static int -delete_entry(const ip6t_chainlabel chain, +delete_entry(const xt_chainlabel chain, struct ip6t_entry *fw, unsigned int nsaddrs, const struct in6_addr saddrs[], @@ -825,7 +825,7 @@ delete_entry(const ip6t_chainlabel chain, } static int -check_entry(const ip6t_chainlabel chain, struct ip6t_entry *fw, +check_entry(const xt_chainlabel chain, struct ip6t_entry *fw, unsigned int nsaddrs, const struct in6_addr *saddrs, const struct in6_addr *smasks, unsigned int ndaddrs, const struct in6_addr *daddrs, const struct in6_addr *dmasks, @@ -855,7 +855,7 @@ check_entry(const ip6t_chainlabel chain, struct ip6t_entry *fw, } int -for_each_chain6(int (*fn)(const ip6t_chainlabel, int, struct ip6tc_handle *), +for_each_chain6(int (*fn)(const xt_chainlabel, int, struct ip6tc_handle *), int verbose, int builtinstoo, struct ip6tc_handle *handle) { int ret = 1; @@ -869,21 +869,21 @@ for_each_chain6(int (*fn)(const ip6t_chainlabel, int, struct ip6tc_handle *), chain = ip6tc_next_chain(handle); } - chains = xtables_malloc(sizeof(ip6t_chainlabel) * chaincount); + chains = xtables_malloc(sizeof(xt_chainlabel) * chaincount); i = 0; chain = ip6tc_first_chain(handle); while (chain) { - strcpy(chains + i*sizeof(ip6t_chainlabel), chain); + strcpy(chains + i*sizeof(xt_chainlabel), chain); i++; chain = ip6tc_next_chain(handle); } for (i = 0; i < chaincount; i++) { if (!builtinstoo - && ip6tc_builtin(chains + i*sizeof(ip6t_chainlabel), + && ip6tc_builtin(chains + i*sizeof(xt_chainlabel), handle) == 1) continue; - ret &= fn(chains + i*sizeof(ip6t_chainlabel), verbose, handle); + ret &= fn(chains + i*sizeof(xt_chainlabel), verbose, handle); } free(chains); @@ -891,7 +891,7 @@ for_each_chain6(int (*fn)(const ip6t_chainlabel, int, struct ip6tc_handle *), } int -flush_entries6(const ip6t_chainlabel chain, int verbose, +flush_entries6(const xt_chainlabel chain, int verbose, struct ip6tc_handle *handle) { if (!chain) @@ -903,7 +903,7 @@ flush_entries6(const ip6t_chainlabel chain, int verbose, } static int -zero_entries(const ip6t_chainlabel chain, int verbose, +zero_entries(const xt_chainlabel chain, int verbose, struct ip6tc_handle *handle) { if (!chain) @@ -915,7 +915,7 @@ zero_entries(const ip6t_chainlabel chain, int verbose, } int -delete_chain6(const ip6t_chainlabel chain, int verbose, +delete_chain6(const xt_chainlabel chain, int verbose, struct ip6tc_handle *handle) { if (!chain) @@ -927,7 +927,7 @@ delete_chain6(const ip6t_chainlabel chain, int verbose, } static int -list_entries(const ip6t_chainlabel chain, int rulenum, int verbose, int numeric, +list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, int expanded, int linenumbers, struct ip6tc_handle *handle) { int found = 0; @@ -1169,7 +1169,7 @@ void print_rule6(const struct ip6t_entry *e, } static int -list_rules(const ip6t_chainlabel chain, int rulenum, int counters, +list_rules(const xt_chainlabel chain, int rulenum, int counters, struct ip6tc_handle *handle) { const char *this = NULL; diff --git a/iptables/iptables.c b/iptables/iptables.c index 830ddbcb..f5f47fa1 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -678,7 +678,7 @@ print_firewall_line(const struct ipt_entry *fw, } static int -append_entry(const ipt_chainlabel chain, +append_entry(const xt_chainlabel chain, struct ipt_entry *fw, unsigned int nsaddrs, const struct in_addr saddrs[], @@ -708,7 +708,7 @@ append_entry(const ipt_chainlabel chain, } static int -replace_entry(const ipt_chainlabel chain, +replace_entry(const xt_chainlabel chain, struct ipt_entry *fw, unsigned int rulenum, const struct in_addr *saddr, const struct in_addr *smask, @@ -727,7 +727,7 @@ replace_entry(const ipt_chainlabel chain, } static int -insert_entry(const ipt_chainlabel chain, +insert_entry(const xt_chainlabel chain, struct ipt_entry *fw, unsigned int rulenum, unsigned int nsaddrs, @@ -792,7 +792,7 @@ make_delete_mask(const struct xtables_rule_match *matches, } static int -delete_entry(const ipt_chainlabel chain, +delete_entry(const xt_chainlabel chain, struct ipt_entry *fw, unsigned int nsaddrs, const struct in_addr saddrs[], @@ -827,7 +827,7 @@ delete_entry(const ipt_chainlabel chain, } static int -check_entry(const ipt_chainlabel chain, struct ipt_entry *fw, +check_entry(const xt_chainlabel chain, struct ipt_entry *fw, unsigned int nsaddrs, const struct in_addr *saddrs, const struct in_addr *smasks, unsigned int ndaddrs, const struct in_addr *daddrs, const struct in_addr *dmasks, @@ -857,7 +857,7 @@ check_entry(const ipt_chainlabel chain, struct ipt_entry *fw, } int -for_each_chain4(int (*fn)(const ipt_chainlabel, int, struct iptc_handle *), +for_each_chain4(int (*fn)(const xt_chainlabel, int, struct iptc_handle *), int verbose, int builtinstoo, struct iptc_handle *handle) { int ret = 1; @@ -871,21 +871,21 @@ for_each_chain4(int (*fn)(const ipt_chainlabel, int, struct iptc_handle *), chain = iptc_next_chain(handle); } - chains = xtables_malloc(sizeof(ipt_chainlabel) * chaincount); + chains = xtables_malloc(sizeof(xt_chainlabel) * chaincount); i = 0; chain = iptc_first_chain(handle); while (chain) { - strcpy(chains + i*sizeof(ipt_chainlabel), chain); + strcpy(chains + i*sizeof(xt_chainlabel), chain); i++; chain = iptc_next_chain(handle); } for (i = 0; i < chaincount; i++) { if (!builtinstoo - && iptc_builtin(chains + i*sizeof(ipt_chainlabel), + && iptc_builtin(chains + i*sizeof(xt_chainlabel), handle) == 1) continue; - ret &= fn(chains + i*sizeof(ipt_chainlabel), verbose, handle); + ret &= fn(chains + i*sizeof(xt_chainlabel), verbose, handle); } free(chains); @@ -893,7 +893,7 @@ for_each_chain4(int (*fn)(const ipt_chainlabel, int, struct iptc_handle *), } int -flush_entries4(const ipt_chainlabel chain, int verbose, +flush_entries4(const xt_chainlabel chain, int verbose, struct iptc_handle *handle) { if (!chain) @@ -905,7 +905,7 @@ flush_entries4(const ipt_chainlabel chain, int verbose, } static int -zero_entries(const ipt_chainlabel chain, int verbose, +zero_entries(const xt_chainlabel chain, int verbose, struct iptc_handle *handle) { if (!chain) @@ -917,7 +917,7 @@ zero_entries(const ipt_chainlabel chain, int verbose, } int -delete_chain4(const ipt_chainlabel chain, int verbose, +delete_chain4(const xt_chainlabel chain, int verbose, struct iptc_handle *handle) { if (!chain) @@ -929,7 +929,7 @@ delete_chain4(const ipt_chainlabel chain, int verbose, } static int -list_entries(const ipt_chainlabel chain, int rulenum, int verbose, int numeric, +list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, int expanded, int linenumbers, struct iptc_handle *handle) { int found = 0; @@ -1177,7 +1177,7 @@ void print_rule4(const struct ipt_entry *e, } static int -list_rules(const ipt_chainlabel chain, int rulenum, int counters, +list_rules(const xt_chainlabel chain, int rulenum, int counters, struct iptc_handle *handle) { const char *this = NULL; -- cgit v1.2.3 From 1639fe86579f86f5f6a954a9b0adde2e16ad1980 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 27 Aug 2011 11:39:52 +0200 Subject: libiptc: combine common types: _handle No real API/ABI change incurred, since the definition of the structs' types is not visible anyhow. Signed-off-by: Jan Engelhardt --- iptables/ip6tables-restore.c | 6 +++--- iptables/ip6tables-save.c | 2 +- iptables/ip6tables-standalone.c | 2 +- iptables/ip6tables.c | 34 +++++++++++++++++----------------- iptables/iptables-restore.c | 6 +++--- iptables/iptables-save.c | 2 +- iptables/iptables-standalone.c | 2 +- iptables/iptables.c | 34 +++++++++++++++++----------------- 8 files changed, 44 insertions(+), 44 deletions(-) (limited to 'iptables') diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c index 1487504b..c5afe315 100644 --- a/iptables/ip6tables-restore.c +++ b/iptables/ip6tables-restore.c @@ -56,9 +56,9 @@ static void print_usage(const char *name, const char *version) exit(1); } -static struct ip6tc_handle *create_handle(const char *tablename) +static struct xtc_handle *create_handle(const char *tablename) { - struct ip6tc_handle *handle; + struct xtc_handle *handle; handle = ip6tc_init(tablename); @@ -116,7 +116,7 @@ static void free_argv(void) { int ip6tables_restore_main(int argc, char *argv[]) { - struct ip6tc_handle *handle = NULL; + struct xtc_handle *handle = NULL; char buffer[10240]; int c; char curtable[IP6T_TABLE_MAXNAMELEN + 1]; diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c index 38b0c2f2..fbfce788 100644 --- a/iptables/ip6tables-save.c +++ b/iptables/ip6tables-save.c @@ -60,7 +60,7 @@ static int for_each_table(int (*func)(const char *tablename)) static int do_output(const char *tablename) { - struct ip6tc_handle *h; + struct xtc_handle *h; const char *chain = NULL; if (!tablename) diff --git a/iptables/ip6tables-standalone.c b/iptables/ip6tables-standalone.c index 6b829353..21b58116 100644 --- a/iptables/ip6tables-standalone.c +++ b/iptables/ip6tables-standalone.c @@ -42,7 +42,7 @@ ip6tables_main(int argc, char *argv[]) { int ret; char *table = "filter"; - struct ip6tc_handle *handle = NULL; + struct xtc_handle *handle = NULL; ip6tables_globals.program_name = "ip6tables"; ret = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6); diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index c5d2a0bf..7b12205b 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -469,7 +469,7 @@ print_num(uint64_t number, unsigned int format) static void -print_header(unsigned int format, const char *chain, struct ip6tc_handle *handle) +print_header(unsigned int format, const char *chain, struct xtc_handle *handle) { struct ip6t_counters counters; const char *pol = ip6tc_get_policy(chain, &counters, handle); @@ -545,7 +545,7 @@ print_firewall(const struct ip6t_entry *fw, const char *targname, unsigned int num, unsigned int format, - struct ip6tc_handle *const handle) + struct xtc_handle *const handle) { const struct xtables_target *target = NULL; const struct ip6t_entry_target *t; @@ -667,7 +667,7 @@ print_firewall(const struct ip6t_entry *fw, static void print_firewall_line(const struct ip6t_entry *fw, - struct ip6tc_handle *const h) + struct xtc_handle *const h) { struct ip6t_entry_target *t; @@ -685,7 +685,7 @@ append_entry(const xt_chainlabel chain, const struct in6_addr daddrs[], const struct in6_addr dmasks[], int verbose, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { unsigned int i, j; int ret = 1; @@ -712,7 +712,7 @@ replace_entry(const xt_chainlabel chain, const struct in6_addr *saddr, const struct in6_addr *smask, const struct in6_addr *daddr, const struct in6_addr *dmask, int verbose, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { fw->ipv6.src = *saddr; fw->ipv6.dst = *daddr; @@ -735,7 +735,7 @@ insert_entry(const xt_chainlabel chain, const struct in6_addr daddrs[], const struct in6_addr dmasks[], int verbose, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { unsigned int i, j; int ret = 1; @@ -799,7 +799,7 @@ delete_entry(const xt_chainlabel chain, const struct in6_addr daddrs[], const struct in6_addr dmasks[], int verbose, - struct ip6tc_handle *handle, + struct xtc_handle *handle, struct xtables_rule_match *matches, const struct xtables_target *target) { @@ -829,7 +829,7 @@ check_entry(const xt_chainlabel chain, struct ip6t_entry *fw, unsigned int nsaddrs, const struct in6_addr *saddrs, const struct in6_addr *smasks, unsigned int ndaddrs, const struct in6_addr *daddrs, const struct in6_addr *dmasks, - bool verbose, struct ip6tc_handle *handle, + bool verbose, struct xtc_handle *handle, struct xtables_rule_match *matches, const struct xtables_target *target) { @@ -855,8 +855,8 @@ check_entry(const xt_chainlabel chain, struct ip6t_entry *fw, } int -for_each_chain6(int (*fn)(const xt_chainlabel, int, struct ip6tc_handle *), - int verbose, int builtinstoo, struct ip6tc_handle *handle) +for_each_chain6(int (*fn)(const xt_chainlabel, int, struct xtc_handle *), + int verbose, int builtinstoo, struct xtc_handle *handle) { int ret = 1; const char *chain; @@ -892,7 +892,7 @@ for_each_chain6(int (*fn)(const xt_chainlabel, int, struct ip6tc_handle *), int flush_entries6(const xt_chainlabel chain, int verbose, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { if (!chain) return for_each_chain6(flush_entries6, verbose, 1, handle); @@ -904,7 +904,7 @@ flush_entries6(const xt_chainlabel chain, int verbose, static int zero_entries(const xt_chainlabel chain, int verbose, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { if (!chain) return for_each_chain6(zero_entries, verbose, 1, handle); @@ -916,7 +916,7 @@ zero_entries(const xt_chainlabel chain, int verbose, int delete_chain6(const xt_chainlabel chain, int verbose, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { if (!chain) return for_each_chain6(delete_chain6, verbose, 0, handle); @@ -928,7 +928,7 @@ delete_chain6(const xt_chainlabel chain, int verbose, static int list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, - int expanded, int linenumbers, struct ip6tc_handle *handle) + int expanded, int linenumbers, struct xtc_handle *handle) { int found = 0; unsigned int format; @@ -1080,7 +1080,7 @@ static void print_ip(const char *prefix, const struct in6_addr *ip, /* We want this to be readable, so only print out neccessary fields. * Because that's the kind of world I want to live in. */ void print_rule6(const struct ip6t_entry *e, - struct ip6tc_handle *h, const char *chain, int counters) + struct xtc_handle *h, const char *chain, int counters) { const struct ip6t_entry_target *t; const char *target_name; @@ -1170,7 +1170,7 @@ void print_rule6(const struct ip6t_entry *e, static int list_rules(const xt_chainlabel chain, int rulenum, int counters, - struct ip6tc_handle *handle) + struct xtc_handle *handle) { const char *this = NULL; int found = 0; @@ -1328,7 +1328,7 @@ static void command_match(struct iptables_command_state *cs) m->extra_opts, &m->option_offset); } -int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **handle) +int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle) { struct iptables_command_state cs; struct ip6t_entry *e = NULL; diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c index d0bd79a9..7152d750 100644 --- a/iptables/iptables-restore.c +++ b/iptables/iptables-restore.c @@ -56,9 +56,9 @@ static void print_usage(const char *name, const char *version) exit(1); } -static struct iptc_handle *create_handle(const char *tablename) +static struct xtc_handle *create_handle(const char *tablename) { - struct iptc_handle *handle; + struct xtc_handle *handle; handle = iptc_init(tablename); @@ -116,7 +116,7 @@ static void free_argv(void) { int iptables_restore_main(int argc, char *argv[]) { - struct iptc_handle *handle = NULL; + struct xtc_handle *handle = NULL; char buffer[10240]; int c; char curtable[IPT_TABLE_MAXNAMELEN + 1]; diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c index a25a186e..ff42f884 100644 --- a/iptables/iptables-save.c +++ b/iptables/iptables-save.c @@ -58,7 +58,7 @@ static int for_each_table(int (*func)(const char *tablename)) static int do_output(const char *tablename) { - struct iptc_handle *h; + struct xtc_handle *h; const char *chain = NULL; if (!tablename) diff --git a/iptables/iptables-standalone.c b/iptables/iptables-standalone.c index 1ebec33d..683a44a5 100644 --- a/iptables/iptables-standalone.c +++ b/iptables/iptables-standalone.c @@ -43,7 +43,7 @@ iptables_main(int argc, char *argv[]) { int ret; char *table = "filter"; - struct iptc_handle *handle = NULL; + struct xtc_handle *handle = NULL; iptables_globals.program_name = "iptables"; ret = xtables_init_all(&iptables_globals, NFPROTO_IPV4); diff --git a/iptables/iptables.c b/iptables/iptables.c index f5f47fa1..d4a7ca11 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -471,7 +471,7 @@ print_num(uint64_t number, unsigned int format) static void -print_header(unsigned int format, const char *chain, struct iptc_handle *handle) +print_header(unsigned int format, const char *chain, struct xtc_handle *handle) { struct ipt_counters counters; const char *pol = iptc_get_policy(chain, &counters, handle); @@ -547,7 +547,7 @@ print_firewall(const struct ipt_entry *fw, const char *targname, unsigned int num, unsigned int format, - struct iptc_handle *const handle) + struct xtc_handle *const handle) { const struct xtables_target *target = NULL; const struct ipt_entry_target *t; @@ -669,7 +669,7 @@ print_firewall(const struct ipt_entry *fw, static void print_firewall_line(const struct ipt_entry *fw, - struct iptc_handle *const h) + struct xtc_handle *const h) { struct ipt_entry_target *t; @@ -687,7 +687,7 @@ append_entry(const xt_chainlabel chain, const struct in_addr daddrs[], const struct in_addr dmasks[], int verbose, - struct iptc_handle *handle) + struct xtc_handle *handle) { unsigned int i, j; int ret = 1; @@ -714,7 +714,7 @@ replace_entry(const xt_chainlabel chain, const struct in_addr *saddr, const struct in_addr *smask, const struct in_addr *daddr, const struct in_addr *dmask, int verbose, - struct iptc_handle *handle) + struct xtc_handle *handle) { fw->ip.src.s_addr = saddr->s_addr; fw->ip.dst.s_addr = daddr->s_addr; @@ -737,7 +737,7 @@ insert_entry(const xt_chainlabel chain, const struct in_addr daddrs[], const struct in_addr dmasks[], int verbose, - struct iptc_handle *handle) + struct xtc_handle *handle) { unsigned int i, j; int ret = 1; @@ -801,7 +801,7 @@ delete_entry(const xt_chainlabel chain, const struct in_addr daddrs[], const struct in_addr dmasks[], int verbose, - struct iptc_handle *handle, + struct xtc_handle *handle, struct xtables_rule_match *matches, const struct xtables_target *target) { @@ -831,7 +831,7 @@ check_entry(const xt_chainlabel chain, struct ipt_entry *fw, unsigned int nsaddrs, const struct in_addr *saddrs, const struct in_addr *smasks, unsigned int ndaddrs, const struct in_addr *daddrs, const struct in_addr *dmasks, - bool verbose, struct iptc_handle *handle, + bool verbose, struct xtc_handle *handle, struct xtables_rule_match *matches, const struct xtables_target *target) { @@ -857,8 +857,8 @@ check_entry(const xt_chainlabel chain, struct ipt_entry *fw, } int -for_each_chain4(int (*fn)(const xt_chainlabel, int, struct iptc_handle *), - int verbose, int builtinstoo, struct iptc_handle *handle) +for_each_chain4(int (*fn)(const xt_chainlabel, int, struct xtc_handle *), + int verbose, int builtinstoo, struct xtc_handle *handle) { int ret = 1; const char *chain; @@ -894,7 +894,7 @@ for_each_chain4(int (*fn)(const xt_chainlabel, int, struct iptc_handle *), int flush_entries4(const xt_chainlabel chain, int verbose, - struct iptc_handle *handle) + struct xtc_handle *handle) { if (!chain) return for_each_chain4(flush_entries4, verbose, 1, handle); @@ -906,7 +906,7 @@ flush_entries4(const xt_chainlabel chain, int verbose, static int zero_entries(const xt_chainlabel chain, int verbose, - struct iptc_handle *handle) + struct xtc_handle *handle) { if (!chain) return for_each_chain4(zero_entries, verbose, 1, handle); @@ -918,7 +918,7 @@ zero_entries(const xt_chainlabel chain, int verbose, int delete_chain4(const xt_chainlabel chain, int verbose, - struct iptc_handle *handle) + struct xtc_handle *handle) { if (!chain) return for_each_chain4(delete_chain4, verbose, 0, handle); @@ -930,7 +930,7 @@ delete_chain4(const xt_chainlabel chain, int verbose, static int list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, - int expanded, int linenumbers, struct iptc_handle *handle) + int expanded, int linenumbers, struct xtc_handle *handle) { int found = 0; unsigned int format; @@ -1097,7 +1097,7 @@ static void print_ip(const char *prefix, uint32_t ip, /* We want this to be readable, so only print out neccessary fields. * Because that's the kind of world I want to live in. */ void print_rule4(const struct ipt_entry *e, - struct iptc_handle *h, const char *chain, int counters) + struct xtc_handle *h, const char *chain, int counters) { const struct ipt_entry_target *t; const char *target_name; @@ -1178,7 +1178,7 @@ void print_rule4(const struct ipt_entry *e, static int list_rules(const xt_chainlabel chain, int rulenum, int counters, - struct iptc_handle *handle) + struct xtc_handle *handle) { const char *this = NULL; int found = 0; @@ -1340,7 +1340,7 @@ static void command_match(struct iptables_command_state *cs) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } -int do_command4(int argc, char *argv[], char **table, struct iptc_handle **handle) +int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle) { struct iptables_command_state cs; struct ipt_entry *e = NULL; -- cgit v1.2.3 From 14da56743c6cdf25da35b7b5ca7a5d201771990d Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 27 Aug 2011 09:56:16 +0200 Subject: src: resolve old macro names that are indirections Command used: git grep -f <(pcregrep -hior '(?<=#define\s)IP6?(T_\w+)(?=\s+X\1)' include/) and then fix all occurrences. Signed-off-by: Jan Engelhardt --- iptables/ip6tables-restore.c | 13 ++++++------ iptables/ip6tables-save.c | 4 ++-- iptables/ip6tables.c | 50 ++++++++++++++++++++++---------------------- iptables/iptables-restore.c | 13 ++++++------ iptables/iptables-save.c | 4 ++-- iptables/iptables-xml.c | 36 +++++++++++++++---------------- iptables/iptables.c | 48 +++++++++++++++++++++--------------------- iptables/xshared.c | 2 +- 8 files changed, 84 insertions(+), 86 deletions(-) (limited to 'iptables') diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c index c5afe315..073e42b8 100644 --- a/iptables/ip6tables-restore.c +++ b/iptables/ip6tables-restore.c @@ -77,7 +77,7 @@ static struct xtc_handle *create_handle(const char *tablename) return handle; } -static int parse_counters(char *string, struct ip6t_counters *ctr) +static int parse_counters(char *string, struct xt_counters *ctr) { unsigned long long pcnt, bcnt; int ret; @@ -119,7 +119,7 @@ int ip6tables_restore_main(int argc, char *argv[]) struct xtc_handle *handle = NULL; char buffer[10240]; int c; - char curtable[IP6T_TABLE_MAXNAMELEN + 1]; + char curtable[XT_TABLE_MAXNAMELEN + 1]; FILE *in; int in_table = 0, testing = 0; const char *tablename = NULL; @@ -218,8 +218,8 @@ int ip6tables_restore_main(int argc, char *argv[]) line); exit(1); } - strncpy(curtable, table, IP6T_TABLE_MAXNAMELEN); - curtable[IP6T_TABLE_MAXNAMELEN] = '\0'; + strncpy(curtable, table, XT_TABLE_MAXNAMELEN); + curtable[XT_TABLE_MAXNAMELEN] = '\0'; if (tablename != NULL && strcmp(tablename, table) != 0) continue; @@ -291,7 +291,7 @@ int ip6tables_restore_main(int argc, char *argv[]) } if (strcmp(policy, "-") != 0) { - struct ip6t_counters count; + struct xt_counters count; if (counters) { char *ctrs; @@ -303,8 +303,7 @@ int ip6tables_restore_main(int argc, char *argv[]) "for chain '%s'\n", chain); } else { - memset(&count, 0, - sizeof(struct ip6t_counters)); + memset(&count, 0, sizeof(count)); } DEBUGP("Setting policy of chain %s to %s\n", diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c index fbfce788..d819b30b 100644 --- a/iptables/ip6tables-save.c +++ b/iptables/ip6tables-save.c @@ -38,7 +38,7 @@ static int for_each_table(int (*func)(const char *tablename)) { int ret = 1; FILE *procfile = NULL; - char tablename[IP6T_TABLE_MAXNAMELEN+1]; + char tablename[XT_TABLE_MAXNAMELEN+1]; procfile = fopen("/proc/net/ip6_tables_names", "re"); if (!procfile) @@ -89,7 +89,7 @@ static int do_output(const char *tablename) printf(":%s ", chain); if (ip6tc_builtin(chain, h)) { - struct ip6t_counters count; + struct xt_counters count; printf("%s ", ip6tc_get_policy(chain, &count, h)); printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index 7b12205b..b191d5df 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -172,7 +172,7 @@ static const unsigned int inverse_for_options[NUMBER_OF_OPT] = /* -n */ 0, /* -s */ IP6T_INV_SRCIP, /* -d */ IP6T_INV_DSTIP, -/* -p */ IP6T_INV_PROTO, +/* -p */ XT_INV_PROTO, /* -j */ 0, /* -v */ 0, /* -x */ 0, @@ -471,7 +471,7 @@ print_num(uint64_t number, unsigned int format) static void print_header(unsigned int format, const char *chain, struct xtc_handle *handle) { - struct ip6t_counters counters; + struct xt_counters counters; const char *pol = ip6tc_get_policy(chain, &counters, handle); printf("Chain %s", chain); if (pol) { @@ -519,7 +519,7 @@ print_header(unsigned int format, const char *chain, struct xtc_handle *handle) static int -print_match(const struct ip6t_entry_match *m, +print_match(const struct xt_entry_match *m, const struct ip6t_ip6 *ip, int numeric) { @@ -548,13 +548,13 @@ print_firewall(const struct ip6t_entry *fw, struct xtc_handle *const handle) { const struct xtables_target *target = NULL; - const struct ip6t_entry_target *t; + const struct xt_entry_target *t; char buf[BUFSIZ]; if (!ip6tc_is_chain(targname, handle)) target = xtables_find_target(targname, XTF_TRY_LOAD); else - target = xtables_find_target(IP6T_STANDARD_TARGET, + target = xtables_find_target(XT_STANDARD_TARGET, XTF_LOAD_MUST_SUCCEED); t = ip6t_get_target((struct ip6t_entry *)fw); @@ -570,7 +570,7 @@ print_firewall(const struct ip6t_entry *fw, if (!(format & FMT_NOTARGET)) printf(FMT("%-9s ", "%s "), targname); - fputc(fw->ipv6.invflags & IP6T_INV_PROTO ? '!' : ' ', stdout); + fputc(fw->ipv6.invflags & XT_INV_PROTO ? '!' : ' ', stdout); { const char *pname = proto_to_name(fw->ipv6.proto, format&FMT_NUMERIC); if (pname) @@ -669,7 +669,7 @@ static void print_firewall_line(const struct ip6t_entry *fw, struct xtc_handle *const h) { - struct ip6t_entry_target *t; + struct xt_entry_target *t; t = ip6t_get_target((struct ip6t_entry *)fw); print_firewall(fw, t->u.user.name, 0, FMT_PRINT_RULE, h); @@ -766,10 +766,10 @@ make_delete_mask(const struct xtables_rule_match *matches, size = sizeof(struct ip6t_entry); for (matchp = matches; matchp; matchp = matchp->next) - size += XT_ALIGN(sizeof(struct ip6t_entry_match)) + matchp->match->size; + size += XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->size; mask = xtables_calloc(1, size - + XT_ALIGN(sizeof(struct ip6t_entry_target)) + + XT_ALIGN(sizeof(struct xt_entry_target)) + target->size); memset(mask, 0xFF, sizeof(struct ip6t_entry)); @@ -777,13 +777,13 @@ make_delete_mask(const struct xtables_rule_match *matches, for (matchp = matches; matchp; matchp = matchp->next) { memset(mptr, 0xFF, - XT_ALIGN(sizeof(struct ip6t_entry_match)) + XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->userspacesize); - mptr += XT_ALIGN(sizeof(struct ip6t_entry_match)) + matchp->match->size; + mptr += XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->size; } memset(mptr, 0xFF, - XT_ALIGN(sizeof(struct ip6t_entry_target)) + XT_ALIGN(sizeof(struct xt_entry_target)) + target->userspacesize); return mask; @@ -1033,7 +1033,7 @@ static void print_proto(uint16_t proto, int invert) } } -static int print_match_save(const struct ip6t_entry_match *e, +static int print_match_save(const struct xt_entry_match *e, const struct ip6t_ip6 *ip) { const struct xtables_match *match = @@ -1082,7 +1082,7 @@ static void print_ip(const char *prefix, const struct in6_addr *ip, void print_rule6(const struct ip6t_entry *e, struct xtc_handle *h, const char *chain, int counters) { - const struct ip6t_entry_target *t; + const struct xt_entry_target *t; const char *target_name; /* print counters for iptables-save */ @@ -1105,7 +1105,7 @@ void print_rule6(const struct ip6t_entry *e, print_iface('o', e->ipv6.outiface, e->ipv6.outiface_mask, e->ipv6.invflags & IP6T_INV_VIA_OUT); - print_proto(e->ipv6.proto, e->ipv6.invflags & IP6T_INV_PROTO); + print_proto(e->ipv6.proto, e->ipv6.invflags & XT_INV_PROTO); #if 0 /* not definied in ipv6 @@ -1153,11 +1153,11 @@ void print_rule6(const struct ip6t_entry *e, if (target->save) target->save(&e->ipv6, t); else { - /* If the target size is greater than ip6t_entry_target + /* If the target size is greater than xt_entry_target * there is something to be saved, we just don't know * how to print it */ if (t->u.target_size != - sizeof(struct ip6t_entry_target)) { + sizeof(struct xt_entry_target)) { fprintf(stderr, "Target `%s' is missing " "save function\n", t->u.user.name); @@ -1187,7 +1187,7 @@ list_rules(const xt_chainlabel chain, int rulenum, int counters, continue; if (ip6tc_builtin(this, handle)) { - struct ip6t_counters count; + struct xt_counters count; printf("-P %s %s", this, ip6tc_get_policy(this, &count, handle)); if (counters) printf(" -c %llu %llu", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); @@ -1224,7 +1224,7 @@ list_rules(const xt_chainlabel chain, int rulenum, int counters, static struct ip6t_entry * generate_entry(const struct ip6t_entry *fw, struct xtables_rule_match *matches, - struct ip6t_entry_target *target) + struct xt_entry_target *target) { unsigned int size; struct xtables_rule_match *matchp; @@ -1282,7 +1282,7 @@ static void command_jump(struct iptables_command_state *cs) if (cs->target == NULL) return; - size = XT_ALIGN(sizeof(struct ip6t_entry_target)) + cs->target->size; + size = XT_ALIGN(sizeof(struct xt_entry_target)) + cs->target->size; cs->target->t = xtables_calloc(1, size); cs->target->t->u.target_size = size; @@ -1311,7 +1311,7 @@ static void command_match(struct iptables_command_state *cs) "unexpected ! flag before --match"); m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); - size = XT_ALIGN(sizeof(struct ip6t_entry_match)) + m->size; + size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; m->m = xtables_calloc(1, size); m->m->u.match_size = size; strcpy(m->m->u.user.name, m->name); @@ -1548,12 +1548,12 @@ int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle cs.fw6.ipv6.flags |= IP6T_F_PROTO; if (cs.fw6.ipv6.proto == 0 - && (cs.fw6.ipv6.invflags & IP6T_INV_PROTO)) + && (cs.fw6.ipv6.invflags & XT_INV_PROTO)) xtables_error(PARAMETER_PROBLEM, "rule would never match protocol"); if (is_exthdr(cs.fw6.ipv6.proto) - && (cs.fw6.ipv6.invflags & IP6T_INV_PROTO) == 0) + && (cs.fw6.ipv6.invflags & XT_INV_PROTO) == 0) fprintf(stderr, "Warning: never matched protocol: %s. " "use extension match instead.\n", @@ -1824,10 +1824,10 @@ int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle || ip6tc_is_chain(cs.jumpto, *handle))) { size_t size; - cs.target = xtables_find_target(IP6T_STANDARD_TARGET, + cs.target = xtables_find_target(XT_STANDARD_TARGET, XTF_LOAD_MUST_SUCCEED); - size = sizeof(struct ip6t_entry_target) + size = sizeof(struct xt_entry_target) + cs.target->size; cs.target->t = xtables_calloc(1, size); cs.target->t->u.target_size = size; diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c index 7152d750..001da734 100644 --- a/iptables/iptables-restore.c +++ b/iptables/iptables-restore.c @@ -76,7 +76,7 @@ static struct xtc_handle *create_handle(const char *tablename) return handle; } -static int parse_counters(char *string, struct ipt_counters *ctr) +static int parse_counters(char *string, struct xt_counters *ctr) { unsigned long long pcnt, bcnt; int ret; @@ -119,7 +119,7 @@ iptables_restore_main(int argc, char *argv[]) struct xtc_handle *handle = NULL; char buffer[10240]; int c; - char curtable[IPT_TABLE_MAXNAMELEN + 1]; + char curtable[XT_TABLE_MAXNAMELEN + 1]; FILE *in; int in_table = 0, testing = 0; const char *tablename = NULL; @@ -217,8 +217,8 @@ iptables_restore_main(int argc, char *argv[]) prog_name, line); exit(1); } - strncpy(curtable, table, IPT_TABLE_MAXNAMELEN); - curtable[IPT_TABLE_MAXNAMELEN] = '\0'; + strncpy(curtable, table, XT_TABLE_MAXNAMELEN); + curtable[XT_TABLE_MAXNAMELEN] = '\0'; if (tablename && (strcmp(tablename, table) != 0)) continue; @@ -288,7 +288,7 @@ iptables_restore_main(int argc, char *argv[]) } if (strcmp(policy, "-") != 0) { - struct ipt_counters count; + struct xt_counters count; if (counters) { char *ctrs; @@ -300,8 +300,7 @@ iptables_restore_main(int argc, char *argv[]) "for chain '%s'\n", chain); } else { - memset(&count, 0, - sizeof(struct ipt_counters)); + memset(&count, 0, sizeof(count)); } DEBUGP("Setting policy of chain %s to %s\n", diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c index ff42f884..e599fcec 100644 --- a/iptables/iptables-save.c +++ b/iptables/iptables-save.c @@ -36,7 +36,7 @@ static int for_each_table(int (*func)(const char *tablename)) { int ret = 1; FILE *procfile = NULL; - char tablename[IPT_TABLE_MAXNAMELEN+1]; + char tablename[XT_TABLE_MAXNAMELEN+1]; procfile = fopen("/proc/net/ip_tables_names", "re"); if (!procfile) @@ -87,7 +87,7 @@ static int do_output(const char *tablename) printf(":%s ", chain); if (iptc_builtin(chain, h)) { - struct ipt_counters count; + struct xt_counters count; printf("%s ", iptc_get_policy(chain, &count, h)); printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); diff --git a/iptables/iptables-xml.c b/iptables/iptables-xml.c index 4ecddcb7..4b12bd46 100644 --- a/iptables/iptables-xml.c +++ b/iptables/iptables-xml.c @@ -56,7 +56,7 @@ print_usage(const char *name, const char *version) } static int -parse_counters(char *string, struct ipt_counters *ctr) +parse_counters(char *string, struct xt_counters *ctr) { __u64 *pcnt, *bcnt; @@ -81,16 +81,16 @@ static unsigned int oldargc = 0; /* arg meta data, were they quoted, frinstance */ static int newargvattr[255]; -#define IPT_CHAIN_MAXNAMELEN IPT_TABLE_MAXNAMELEN -static char closeActionTag[IPT_TABLE_MAXNAMELEN + 1]; -static char closeRuleTag[IPT_TABLE_MAXNAMELEN + 1]; -static char curTable[IPT_TABLE_MAXNAMELEN + 1]; -static char curChain[IPT_CHAIN_MAXNAMELEN + 1]; +#define XT_CHAIN_MAXNAMELEN XT_TABLE_MAXNAMELEN +static char closeActionTag[XT_TABLE_MAXNAMELEN + 1]; +static char closeRuleTag[XT_TABLE_MAXNAMELEN + 1]; +static char curTable[XT_TABLE_MAXNAMELEN + 1]; +static char curChain[XT_CHAIN_MAXNAMELEN + 1]; struct chain { char *chain; char *policy; - struct ipt_counters count; + struct xt_counters count; int created; }; @@ -233,12 +233,12 @@ closeChain(void) } static void -openChain(char *chain, char *policy, struct ipt_counters *ctr, char close) +openChain(char *chain, char *policy, struct xt_counters *ctr, char close) { closeChain(); - strncpy(curChain, chain, IPT_CHAIN_MAXNAMELEN); - curChain[IPT_CHAIN_MAXNAMELEN] = '\0'; + strncpy(curChain, chain, XT_CHAIN_MAXNAMELEN); + curChain[XT_CHAIN_MAXNAMELEN] = '\0'; printf(" = maxChains) { xtables_error(PARAMETER_PROBLEM, @@ -332,8 +332,8 @@ openTable(char *table) { closeTable(); - strncpy(curTable, table, IPT_TABLE_MAXNAMELEN); - curTable[IPT_TABLE_MAXNAMELEN] = '\0'; + strncpy(curTable, table, XT_TABLE_MAXNAMELEN); + curTable[XT_TABLE_MAXNAMELEN] = '\0'; printf(" \n"); - strncpy(closeRuleTag, " \n", IPT_TABLE_MAXNAMELEN); - closeRuleTag[IPT_TABLE_MAXNAMELEN] = '\0'; + strncpy(closeRuleTag, " \n", XT_TABLE_MAXNAMELEN); + closeRuleTag[XT_TABLE_MAXNAMELEN] = '\0'; /* no point in writing out condition if there isn't one */ if (argc >= 3 && !isTarget(argv[2])) { @@ -607,8 +607,8 @@ do_rule(char *pcnt, char *bcnt, int argc, char *argv[], int argvattr[]) if (!closeActionTag[0]) { printf(" \n"); strncpy(closeActionTag, " \n", - IPT_TABLE_MAXNAMELEN); - closeActionTag[IPT_TABLE_MAXNAMELEN] = '\0'; + XT_TABLE_MAXNAMELEN); + closeActionTag[XT_TABLE_MAXNAMELEN] = '\0'; } do_rule_part(NULL, NULL, 1, argc, argv, argvattr); } @@ -694,7 +694,7 @@ iptables_xml_main(int argc, char *argv[]) } else if ((buffer[0] == ':') && (curTable[0])) { /* New chain. */ char *policy, *chain; - struct ipt_counters count; + struct xt_counters count; char *ctrs; chain = strtok(buffer + 1, " \t\n"); diff --git a/iptables/iptables.c b/iptables/iptables.c index d4a7ca11..03ac63b8 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -171,7 +171,7 @@ static const int inverse_for_options[NUMBER_OF_OPT] = /* -n */ 0, /* -s */ IPT_INV_SRCIP, /* -d */ IPT_INV_DSTIP, -/* -p */ IPT_INV_PROTO, +/* -p */ XT_INV_PROTO, /* -j */ 0, /* -v */ 0, /* -x */ 0, @@ -473,7 +473,7 @@ print_num(uint64_t number, unsigned int format) static void print_header(unsigned int format, const char *chain, struct xtc_handle *handle) { - struct ipt_counters counters; + struct xt_counters counters; const char *pol = iptc_get_policy(chain, &counters, handle); printf("Chain %s", chain); if (pol) { @@ -521,7 +521,7 @@ print_header(unsigned int format, const char *chain, struct xtc_handle *handle) static int -print_match(const struct ipt_entry_match *m, +print_match(const struct xt_entry_match *m, const struct ipt_ip *ip, int numeric) { @@ -550,14 +550,14 @@ print_firewall(const struct ipt_entry *fw, struct xtc_handle *const handle) { const struct xtables_target *target = NULL; - const struct ipt_entry_target *t; + const struct xt_entry_target *t; uint8_t flags; char buf[BUFSIZ]; if (!iptc_is_chain(targname, handle)) target = xtables_find_target(targname, XTF_TRY_LOAD); else - target = xtables_find_target(IPT_STANDARD_TARGET, + target = xtables_find_target(XT_STANDARD_TARGET, XTF_LOAD_MUST_SUCCEED); t = ipt_get_target((struct ipt_entry *)fw); @@ -574,7 +574,7 @@ print_firewall(const struct ipt_entry *fw, if (!(format & FMT_NOTARGET)) printf(FMT("%-9s ", "%s "), targname); - fputc(fw->ip.invflags & IPT_INV_PROTO ? '!' : ' ', stdout); + fputc(fw->ip.invflags & XT_INV_PROTO ? '!' : ' ', stdout); { const char *pname = proto_to_name(fw->ip.proto, format&FMT_NUMERIC); if (pname) @@ -671,7 +671,7 @@ static void print_firewall_line(const struct ipt_entry *fw, struct xtc_handle *const h) { - struct ipt_entry_target *t; + struct xt_entry_target *t; t = ipt_get_target((struct ipt_entry *)fw); print_firewall(fw, t->u.user.name, 0, FMT_PRINT_RULE, h); @@ -768,10 +768,10 @@ make_delete_mask(const struct xtables_rule_match *matches, size = sizeof(struct ipt_entry); for (matchp = matches; matchp; matchp = matchp->next) - size += XT_ALIGN(sizeof(struct ipt_entry_match)) + matchp->match->size; + size += XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->size; mask = xtables_calloc(1, size - + XT_ALIGN(sizeof(struct ipt_entry_target)) + + XT_ALIGN(sizeof(struct xt_entry_target)) + target->size); memset(mask, 0xFF, sizeof(struct ipt_entry)); @@ -779,13 +779,13 @@ make_delete_mask(const struct xtables_rule_match *matches, for (matchp = matches; matchp; matchp = matchp->next) { memset(mptr, 0xFF, - XT_ALIGN(sizeof(struct ipt_entry_match)) + XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->userspacesize); - mptr += XT_ALIGN(sizeof(struct ipt_entry_match)) + matchp->match->size; + mptr += XT_ALIGN(sizeof(struct xt_entry_match)) + matchp->match->size; } memset(mptr, 0xFF, - XT_ALIGN(sizeof(struct ipt_entry_target)) + XT_ALIGN(sizeof(struct xt_entry_target)) + target->userspacesize); return mask; @@ -1041,7 +1041,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask, } } -static int print_match_save(const struct ipt_entry_match *e, +static int print_match_save(const struct xt_entry_match *e, const struct ipt_ip *ip) { const struct xtables_match *match = @@ -1099,7 +1099,7 @@ static void print_ip(const char *prefix, uint32_t ip, void print_rule4(const struct ipt_entry *e, struct xtc_handle *h, const char *chain, int counters) { - const struct ipt_entry_target *t; + const struct xt_entry_target *t; const char *target_name; /* print counters for iptables-save */ @@ -1122,7 +1122,7 @@ void print_rule4(const struct ipt_entry *e, print_iface('o', e->ip.outiface, e->ip.outiface_mask, e->ip.invflags & IPT_INV_VIA_OUT); - print_proto(e->ip.proto, e->ip.invflags & IPT_INV_PROTO); + print_proto(e->ip.proto, e->ip.invflags & XT_INV_PROTO); if (e->ip.flags & IPT_F_FRAG) printf("%s -f", @@ -1161,11 +1161,11 @@ void print_rule4(const struct ipt_entry *e, if (target->save) target->save(&e->ip, t); else { - /* If the target size is greater than ipt_entry_target + /* If the target size is greater than xt_entry_target * there is something to be saved, we just don't know * how to print it */ if (t->u.target_size != - sizeof(struct ipt_entry_target)) { + sizeof(struct xt_entry_target)) { fprintf(stderr, "Target `%s' is missing " "save function\n", t->u.user.name); @@ -1195,7 +1195,7 @@ list_rules(const xt_chainlabel chain, int rulenum, int counters, continue; if (iptc_builtin(this, handle)) { - struct ipt_counters count; + struct xt_counters count; printf("-P %s %s", this, iptc_get_policy(this, &count, handle)); if (counters) printf(" -c %llu %llu", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt); @@ -1232,7 +1232,7 @@ list_rules(const xt_chainlabel chain, int rulenum, int counters, static struct ipt_entry * generate_entry(const struct ipt_entry *fw, struct xtables_rule_match *matches, - struct ipt_entry_target *target) + struct xt_entry_target *target) { unsigned int size; struct xtables_rule_match *matchp; @@ -1290,7 +1290,7 @@ static void command_jump(struct iptables_command_state *cs) if (cs->target == NULL) return; - size = XT_ALIGN(sizeof(struct ipt_entry_target)) + size = XT_ALIGN(sizeof(struct xt_entry_target)) + cs->target->size; cs->target->t = xtables_calloc(1, size); @@ -1321,7 +1321,7 @@ static void command_match(struct iptables_command_state *cs) "unexpected ! flag before --match"); m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); - size = XT_ALIGN(sizeof(struct ipt_entry_match)) + m->size; + size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; m->m = xtables_calloc(1, size); m->m->u.match_size = size; strcpy(m->m->u.user.name, m->name); @@ -1559,7 +1559,7 @@ int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle cs.fw.ip.proto = xtables_parse_protocol(cs.protocol); if (cs.fw.ip.proto == 0 - && (cs.fw.ip.invflags & IPT_INV_PROTO)) + && (cs.fw.ip.invflags & XT_INV_PROTO)) xtables_error(PARAMETER_PROBLEM, "rule would never match protocol"); break; @@ -1837,10 +1837,10 @@ int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle || iptc_is_chain(cs.jumpto, *handle))) { size_t size; - cs.target = xtables_find_target(IPT_STANDARD_TARGET, + cs.target = xtables_find_target(XT_STANDARD_TARGET, XTF_LOAD_MUST_SUCCEED); - size = sizeof(struct ipt_entry_target) + size = sizeof(struct xt_entry_target) + cs.target->size; cs.target->t = xtables_calloc(1, size); cs.target->t->u.target_size = size; diff --git a/iptables/xshared.c b/iptables/xshared.c index 79da507d..e61c28c8 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -139,7 +139,7 @@ int command_default(struct iptables_command_state *cs, cs->proto_used = 1; - size = XT_ALIGN(sizeof(struct ip6t_entry_match)) + m->size; + size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; m->m = xtables_calloc(1, size); m->m->u.match_size = size; -- cgit v1.2.3 From 0ab10b11093ec250b404e3bead1d39177d1cbfa0 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 27 Aug 2011 10:34:01 +0200 Subject: ip6tables-restore: make code look alike with iptables-restore Signed-off-by: Jan Engelhardt --- iptables/ip6tables-restore.c | 34 +++++++++++++++------------------- iptables/iptables-restore.c | 29 +++++++++++++++-------------- 2 files changed, 30 insertions(+), 33 deletions(-) (limited to 'iptables') diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c index 073e42b8..92bdc302 100644 --- a/iptables/ip6tables-restore.c +++ b/iptables/ip6tables-restore.c @@ -123,6 +123,7 @@ int ip6tables_restore_main(int argc, char *argv[]) FILE *in; int in_table = 0, testing = 0; const char *tablename = NULL; + const struct xtc_ops *ops = &ip6tc_ops; line = 0; @@ -197,8 +198,8 @@ int ip6tables_restore_main(int argc, char *argv[]) } else if ((strcmp(buffer, "COMMIT\n") == 0) && (in_table)) { if (!testing) { DEBUGP("Calling commit\n"); - ret = ip6tc_commit(handle); - ip6tc_free(handle); + ret = ops->commit(handle); + ops->free(handle); handle = NULL; } else { DEBUGP("Not calling commit, testing\n"); @@ -214,8 +215,7 @@ int ip6tables_restore_main(int argc, char *argv[]) if (!table) { xtables_error(PARAMETER_PROBLEM, "%s: line %u table name invalid\n", - ip6tables_globals.program_name, - line); + xt_params->program_name, line); exit(1); } strncpy(curtable, table, XT_TABLE_MAXNAMELEN); @@ -224,7 +224,7 @@ int ip6tables_restore_main(int argc, char *argv[]) if (tablename != NULL && strcmp(tablename, table) != 0) continue; if (handle) - ip6tc_free(handle); + ops->free(handle); handle = create_handle(table); if (noflush == 0) { @@ -251,8 +251,7 @@ int ip6tables_restore_main(int argc, char *argv[]) if (!chain) { xtables_error(PARAMETER_PROBLEM, "%s: line %u chain name invalid\n", - ip6tables_globals.program_name, - line); + xt_params->program_name, line); exit(1); } @@ -262,17 +261,17 @@ int ip6tables_restore_main(int argc, char *argv[]) "(%u chars max)", chain, XT_EXTENSION_MAXNAMELEN - 1); - if (ip6tc_builtin(chain, handle) <= 0) { - if (noflush && ip6tc_is_chain(chain, handle)) { + if (ops->builtin(chain, handle) <= 0) { + if (noflush && ops->is_chain(chain, handle)) { DEBUGP("Flushing existing user defined chain '%s'\n", chain); - if (!ip6tc_flush_entries(chain, handle)) + if (!ops->flush_entries(chain, handle)) xtables_error(PARAMETER_PROBLEM, "error flushing chain " "'%s':%s\n", chain, strerror(errno)); } else { DEBUGP("Creating new chain '%s'\n", chain); - if (!ip6tc_create_chain(chain, handle)) + if (!ops->create_chain(chain, handle)) xtables_error(PARAMETER_PROBLEM, "error creating chain " "'%s':%s\n", chain, @@ -285,8 +284,7 @@ int ip6tables_restore_main(int argc, char *argv[]) if (!policy) { xtables_error(PARAMETER_PROBLEM, "%s: line %u policy invalid\n", - ip6tables_globals.program_name, - line); + xt_params->program_name, line); exit(1); } @@ -309,13 +307,13 @@ int ip6tables_restore_main(int argc, char *argv[]) DEBUGP("Setting policy of chain %s to %s\n", chain, policy); - if (!ip6tc_set_policy(chain, policy, &count, + if (!ops->set_policy(chain, policy, &count, handle)) xtables_error(OTHER_PROBLEM, "Can't set policy `%s'" " on `%s' line %u: %s\n", policy, chain, line, - ip6tc_strerror(errno)); + ops->strerror(errno)); } ret = 1; @@ -452,15 +450,13 @@ int ip6tables_restore_main(int argc, char *argv[]) continue; if (!ret) { fprintf(stderr, "%s: line %u failed\n", - ip6tables_globals.program_name, - line); + xt_params->program_name, line); exit(1); } } if (in_table) { fprintf(stderr, "%s: COMMIT expected at line %u\n", - ip6tables_globals.program_name, - line + 1); + xt_params->program_name, line + 1); exit(1); } diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c index 001da734..6b1c7929 100644 --- a/iptables/iptables-restore.c +++ b/iptables/iptables-restore.c @@ -123,6 +123,7 @@ iptables_restore_main(int argc, char *argv[]) FILE *in; int in_table = 0, testing = 0; const char *tablename = NULL; + const struct xtc_ops *ops = &iptc_ops; line = 0; @@ -197,8 +198,8 @@ iptables_restore_main(int argc, char *argv[]) } else if ((strcmp(buffer, "COMMIT\n") == 0) && (in_table)) { if (!testing) { DEBUGP("Calling commit\n"); - ret = iptc_commit(handle); - iptc_free(handle); + ret = ops->commit(handle); + ops->free(handle); handle = NULL; } else { DEBUGP("Not calling commit, testing\n"); @@ -214,7 +215,7 @@ iptables_restore_main(int argc, char *argv[]) if (!table) { xtables_error(PARAMETER_PROBLEM, "%s: line %u table name invalid\n", - prog_name, line); + xt_params->program_name, line); exit(1); } strncpy(curtable, table, XT_TABLE_MAXNAMELEN); @@ -223,7 +224,7 @@ iptables_restore_main(int argc, char *argv[]) if (tablename && (strcmp(tablename, table) != 0)) continue; if (handle) - iptc_free(handle); + ops->free(handle); handle = create_handle(table); if (noflush == 0) { @@ -250,7 +251,7 @@ iptables_restore_main(int argc, char *argv[]) if (!chain) { xtables_error(PARAMETER_PROBLEM, "%s: line %u chain name invalid\n", - prog_name, line); + xt_params->program_name, line); exit(1); } @@ -260,17 +261,17 @@ iptables_restore_main(int argc, char *argv[]) "(%u chars max)", chain, XT_EXTENSION_MAXNAMELEN - 1); - if (iptc_builtin(chain, handle) <= 0) { - if (noflush && iptc_is_chain(chain, handle)) { + if (ops->builtin(chain, handle) <= 0) { + if (noflush && ops->is_chain(chain, handle)) { DEBUGP("Flushing existing user defined chain '%s'\n", chain); - if (!iptc_flush_entries(chain, handle)) + if (!ops->flush_entries(chain, handle)) xtables_error(PARAMETER_PROBLEM, "error flushing chain " "'%s':%s\n", chain, strerror(errno)); } else { DEBUGP("Creating new chain '%s'\n", chain); - if (!iptc_create_chain(chain, handle)) + if (!ops->create_chain(chain, handle)) xtables_error(PARAMETER_PROBLEM, "error creating chain " "'%s':%s\n", chain, @@ -283,7 +284,7 @@ iptables_restore_main(int argc, char *argv[]) if (!policy) { xtables_error(PARAMETER_PROBLEM, "%s: line %u policy invalid\n", - prog_name, line); + xt_params->program_name, line); exit(1); } @@ -306,13 +307,13 @@ iptables_restore_main(int argc, char *argv[]) DEBUGP("Setting policy of chain %s to %s\n", chain, policy); - if (!iptc_set_policy(chain, policy, &count, + if (!ops->set_policy(chain, policy, &count, handle)) xtables_error(OTHER_PROBLEM, "Can't set policy `%s'" " on `%s' line %u: %s\n", policy, chain, line, - iptc_strerror(errno)); + ops->strerror(errno)); } ret = 1; @@ -449,13 +450,13 @@ iptables_restore_main(int argc, char *argv[]) continue; if (!ret) { fprintf(stderr, "%s: line %u failed\n", - prog_name, line); + xt_params->program_name, line); exit(1); } } if (in_table) { fprintf(stderr, "%s: COMMIT expected at line %u\n", - prog_name, line + 1); + xt_params->program_name, line + 1); exit(1); } -- cgit v1.2.3