summaryrefslogtreecommitdiffstats
path: root/src/datatype.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2018-07-03 17:24:05 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2018-07-07 20:53:11 +0200
commitb0f6a45b25dd1b8e4ab0e3b2dd2a00d918ae29c0 (patch)
treed2d457d0b8384aee1f7a6d176c21ec9cf8814db6 /src/datatype.c
parent1dc9be8445265498a2db534ae254260b6e7dd75b (diff)
src: add --literal option
Default not to print the service name as we discussed during the NFWS. # nft list ruleset table ip x { chain y { tcp dport 22 ip saddr 1.1.1.1 } } # nft -l list ruleset table ip x { chain y { tcp dport ssh ip saddr 1.1.1.1 } } # nft -ll list ruleset table ip x { chain y { tcp dport 22 ip saddr 1dot1dot1dot1.cloudflare-dns.com } } Then, -ll displays FQDN. just like the (now deprecated) --ip2name (-N) option. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/datatype.c')
-rw-r--r--src/datatype.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/datatype.c b/src/datatype.c
index 20904453..fbc3ac35 100644
--- a/src/datatype.c
+++ b/src/datatype.c
@@ -454,7 +454,7 @@ static void ipaddr_type_print(const struct expr *expr, struct output_ctx *octx)
sin.sin_addr.s_addr = mpz_get_be32(expr->value);
err = getnameinfo((struct sockaddr *)&sin, sizeof(sin), buf,
sizeof(buf), NULL, 0,
- octx->ip2name ? 0 : NI_NUMERICHOST);
+ octx->literal >= NFT_LITERAL_ADDR ? 0 : NI_NUMERICHOST);
if (err != 0) {
getnameinfo((struct sockaddr *)&sin, sizeof(sin), buf,
sizeof(buf), NULL, 0, NI_NUMERICHOST);
@@ -512,7 +512,7 @@ static void ip6addr_type_print(const struct expr *expr, struct output_ctx *octx)
err = getnameinfo((struct sockaddr *)&sin6, sizeof(sin6), buf,
sizeof(buf), NULL, 0,
- octx->ip2name ? 0 : NI_NUMERICHOST);
+ octx->literal >= NFT_LITERAL_ADDR ? 0 : NI_NUMERICHOST);
if (err != 0) {
getnameinfo((struct sockaddr *)&sin6, sizeof(sin6), buf,
sizeof(buf), NULL, 0, NI_NUMERICHOST);
@@ -617,11 +617,11 @@ const struct datatype inet_protocol_type = {
static void inet_service_type_print(const struct expr *expr,
struct output_ctx *octx)
{
- if (octx->numeric >= NFT_NUMERIC_PORT) {
- integer_type_print(expr, octx);
+ if (octx->literal == NFT_LITERAL_PORT) {
+ symbolic_constant_print(&inet_service_tbl, expr, false, octx);
return;
}
- symbolic_constant_print(&inet_service_tbl, expr, false, octx);
+ integer_type_print(expr, octx);
}
static struct error_record *inet_service_type_parse(const struct expr *sym,