summaryrefslogtreecommitdiffstats
path: root/src/datatype.c
diff options
context:
space:
mode:
authorArturo Borrero <arturo.borrero.glez@gmail.com>2014-11-06 09:05:28 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2014-11-06 12:51:40 +0100
commit31f031b0d348afd1c343692eca4b496c4bf5d05d (patch)
tree7012e6344f70274e8cfcdcd093241730ec4270ff /src/datatype.c
parent3cc636eda67c9dd416e584e21ccb9031d44dcbd0 (diff)
nft: don't resolve hostnames by default
This patch changes the default behaviour of nft to not translate IP addresses to hostnames when printing rules if no options are passed. The options regarding translations after this patch are: <no -n/-N> show IP addresses numerically (default behaviour) -n show IP addresses numerically -nn show Internet services and uid/gid numerically -nnn show protocols numerically -N (--reversedns) translate IP addresses to names The idea is to avoid breaking existing scripts that most likely rely on '-n' to save the ruleset, so we reduce the impact of this patch and provide a default behaviour that doesn't generate network traffic when listing / saving the ruleset. Joint work with Pablo. Suggested-by: Patrick McHardy <kaber@trash.net> Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/datatype.c')
-rw-r--r--src/datatype.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/datatype.c b/src/datatype.c
index 8ad211c1..5f976aa3 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -379,7 +379,7 @@ static void ipaddr_type_print(const struct expr *expr)
sin.sin_addr.s_addr = mpz_get_be32(expr->value);
err = getnameinfo((struct sockaddr *)&sin, sizeof(sin), buf,
sizeof(buf), NULL, 0,
- numeric_output ? NI_NUMERICHOST : 0);
+ ip2name_output ? 0 : NI_NUMERICHOST);
if (err != 0) {
getnameinfo((struct sockaddr *)&sin, sizeof(sin), buf,
sizeof(buf), NULL, 0, NI_NUMERICHOST);
@@ -437,7 +437,7 @@ static void ip6addr_type_print(const struct expr *expr)
err = getnameinfo((struct sockaddr *)&sin6, sizeof(sin6), buf,
sizeof(buf), NULL, 0,
- numeric_output ? NI_NUMERICHOST : 0);
+ ip2name_output ? 0 : NI_NUMERICHOST);
if (err != 0) {
getnameinfo((struct sockaddr *)&sin6, sizeof(sin6), buf,
sizeof(buf), NULL, 0, NI_NUMERICHOST);