diff options
author | Eric Leblond <eric@regit.org> | 2013-06-09 01:08:46 +0200 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-06-12 11:39:54 +0200 |
commit | 856789c1546c6356e9b61289db6c5c5f92213145 (patch) | |
tree | 03ba5fc2f0afa0b4a48b18bde32b88da096f569b | |
parent | 6b01bb9ff798c8f9c761872fc5e62120604440f5 (diff) |
rule: display hook info
It was not possible to restore a ruleset because of missing
hook information. This patch adds hooknum output to list
operation.
[ Mangled this patch to use a string array mapping hook numbers
and name --pablo ]
Signed-off-by: Eric Leblond <eric@regit.org>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
-rw-r--r-- | src/rule.c | 23 |
1 files changed, 23 insertions, 0 deletions
@@ -19,6 +19,8 @@ #include <rule.h> #include <utils.h> +#include <netinet/ip.h> +#include <linux/netfilter.h> void handle_free(struct handle *h) { @@ -224,11 +226,32 @@ struct chain *chain_lookup(const struct table *table, const struct handle *h) return NULL; } +static const char *hooknum2str_array[NF_INET_NUMHOOKS] = { + [NF_INET_PRE_ROUTING] = "NF_INET_PRE_ROUTING", + [NF_INET_LOCAL_IN] = "NF_INET_LOCAL_IN", + [NF_INET_FORWARD] = "NF_INET_FORWARD", + [NF_INET_LOCAL_OUT] = "NF_INET_LOCAL_OUT", + [NF_INET_POST_ROUTING] = "NF_INET_POST_ROUTING", +}; + +static const char *hooknum2str(unsigned int hooknum) +{ + if (hooknum >= NF_INET_NUMHOOKS) + return "UNKNOWN"; + + return hooknum2str_array[hooknum]; +} + static void chain_print(const struct chain *chain) { struct rule *rule; printf("\tchain %s {\n", chain->handle.chain); + if (chain->hooknum) { + printf("\t\t hook %s %u;\n", + hooknum2str(chain->hooknum), + chain->priority); + } list_for_each_entry(rule, &chain->rules, list) { printf("\t\t"); rule_print(rule); |