diff options
| -rw-r--r-- | doc/nft.xml | 15 | ||||
| -rw-r--r-- | include/nftables.h | 1 | ||||
| -rw-r--r-- | src/datatype.c | 4 | ||||
| -rw-r--r-- | src/main.c | 16 |
4 files changed, 28 insertions, 8 deletions
diff --git a/doc/nft.xml b/doc/nft.xml index cec5ef3b..e45a5936 100644 --- a/doc/nft.xml +++ b/doc/nft.xml @@ -101,9 +101,18 @@ vi:ts=4 sw=4 <para> Numeric output: Addresses and other information that might need network traffic to resolve to symbolic names - are shown numerically. When used twice, internet services - and UIDs/GIDs are also shown numerically. When used thrice, - protocol numbers are also shown numerically. + are shown numerically (default behaviour). When used twice, + internet services are translated. When used twice, internet + services and UIDs/GIDs are also shown numerically. When used + three times, protocol numbers are also shown numerically. + </para> + </listitem> + </varlistentry> + <varlistentry> + <term><option>-N</option></term> + <listitem> + <para> + Translate IP addresses to DNS names. </para> </listitem> </varlistentry> diff --git a/include/nftables.h b/include/nftables.h index c3d3dbfb..4c33ec63 100644 --- a/include/nftables.h +++ b/include/nftables.h @@ -26,6 +26,7 @@ enum debug_level { extern unsigned int max_errors; extern unsigned int numeric_output; +extern unsigned int ip2name_output; extern unsigned int handle_output; extern unsigned int debug_level; extern const char *include_paths[INCLUDE_PATHS_MAX]; diff --git a/src/datatype.c b/src/datatype.c index 8ad211c1..5f976aa3 100644 --- a/src/datatype.c +++ b/src/datatype.c @@ -379,7 +379,7 @@ static void ipaddr_type_print(const struct expr *expr) sin.sin_addr.s_addr = mpz_get_be32(expr->value); err = getnameinfo((struct sockaddr *)&sin, sizeof(sin), buf, sizeof(buf), NULL, 0, - numeric_output ? NI_NUMERICHOST : 0); + ip2name_output ? 0 : NI_NUMERICHOST); if (err != 0) { getnameinfo((struct sockaddr *)&sin, sizeof(sin), buf, sizeof(buf), NULL, 0, NI_NUMERICHOST); @@ -437,7 +437,7 @@ static void ip6addr_type_print(const struct expr *expr) err = getnameinfo((struct sockaddr *)&sin6, sizeof(sin6), buf, sizeof(buf), NULL, 0, - numeric_output ? NI_NUMERICHOST : 0); + ip2name_output ? 0 : NI_NUMERICHOST); if (err != 0) { getnameinfo((struct sockaddr *)&sin6, sizeof(sin6), buf, sizeof(buf), NULL, 0, NI_NUMERICHOST); @@ -28,6 +28,7 @@ unsigned int max_errors = 10; unsigned int numeric_output; +unsigned int ip2name_output; unsigned int handle_output; #ifdef DEBUG unsigned int debug_level; @@ -43,12 +44,13 @@ enum opt_vals { OPT_INTERACTIVE = 'i', OPT_INCLUDEPATH = 'I', OPT_NUMERIC = 'n', + OPT_IP2NAME = 'N', OPT_DEBUG = 'd', OPT_HANDLE_OUTPUT = 'a', OPT_INVALID = '?', }; -#define OPTSTRING "hvf:iI:vna" +#define OPTSTRING "hvf:iI:vnNa" static const struct option options[] = { { @@ -73,6 +75,10 @@ static const struct option options[] = { .val = OPT_NUMERIC, }, { + .name = "reversedns", + .val = OPT_IP2NAME, + }, + { .name = "includepath", .val = OPT_INCLUDEPATH, .has_arg = 1, @@ -105,10 +111,11 @@ static void show_help(const char *name) " -f/--file <filename> Read input from <filename>\n" " -i/--interactive Read input from interactive CLI\n" "\n" -" -n/--numeric When specified once, show network addresses numerically.\n" -" When specified twice, also show Internet services,\n" +" -n/--numeric When specified once, show network addresses numerically (default behaviour).\n" +" When specified twice, show Internet services,\n" " user IDs and group IDs numerically.\n" " When specified thrice, also show protocols numerically.\n" +" -N Translate IP addresses to names.\n" " -a/--handle Output rule handle.\n" " -I/--includepath <directory> Add <directory> to the paths searched for include files.\n" #ifdef DEBUG @@ -279,6 +286,9 @@ int main(int argc, char * const *argv) case OPT_NUMERIC: numeric_output++; break; + case OPT_IP2NAME: + ip2name_output++; + break; #ifdef DEBUG case OPT_DEBUG: for (;;) { |