summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@inai.de>2012-09-27 23:48:25 +0200
committerJan Engelhardt <jengelh@inai.de>2012-09-29 23:14:44 +0200
commitc436dad7cfdd80ca4a05ceed556c39babc266f55 (patch)
tree7b91b28f5ef3f735e18c08fbcf7beeb1eae5fe1f
parent50f19190a60ff7d69e88406a71a2f27e09008566 (diff)
iptables: support for match aliases
This patch allows for match names listed on the command line to be rewritten to new names and revisions, like we did for targets before. Signed-off-by: Jan Engelhardt <jengelh@inai.de>
-rw-r--r--include/xtables.h1
-rw-r--r--iptables/ip6tables.c6
-rw-r--r--iptables/iptables.c6
-rw-r--r--libxtables/xtables.c12
4 files changed, 19 insertions, 6 deletions
diff --git a/include/xtables.h b/include/xtables.h
index 7bdc331c..2cc1a028 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -213,6 +213,7 @@ struct xtables_match
struct xtables_match *next;
const char *name;
+ const char *real_name;
/* Revision of match (0 by default). */
u_int8_t revision;
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 752cf033..f93bfb33 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -1319,8 +1319,12 @@ static void command_match(struct iptables_command_state *cs)
size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size;
m->m = xtables_calloc(1, size);
m->m->u.match_size = size;
- strcpy(m->m->u.user.name, m->name);
+ strcpy(m->m->u.user.name, m->real_name);
m->m->u.user.revision = m->revision;
+ if (m->real_name != m->name)
+ fprintf(stderr, "WARNING: The %s match is obsolete. "
+ "Use %s instead.\n", m->name, m->real_name);
+
xs_init_match(m);
if (m == m->next)
return;
diff --git a/iptables/iptables.c b/iptables/iptables.c
index a237e93c..5786bfdd 100644
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -1330,8 +1330,12 @@ static void command_match(struct iptables_command_state *cs)
size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size;
m->m = xtables_calloc(1, size);
m->m->u.match_size = size;
- strcpy(m->m->u.user.name, m->name);
+ strcpy(m->m->u.user.name, m->real_name);
m->m->u.user.revision = m->revision;
+ if (m->real_name != m->name)
+ fprintf(stderr, "WARNING: The %s match is obsolete. "
+ "Use %s instead.\n", m->name, m->real_name);
+
xs_init_match(m);
if (m == m->next)
return;
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index a2b24c5a..82c3643b 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -848,6 +848,8 @@ void xtables_register_match(struct xtables_match *me)
exit(1);
}
+ if (me->real_name == NULL)
+ me->real_name = me->name;
if (me->x6_options != NULL)
xtables_option_metavalidate(me->name, me->x6_options);
if (me->extra_opts != NULL)
@@ -903,8 +905,10 @@ xtables_mt_prefer(bool a_alias, unsigned int a_rev, unsigned int a_fam,
static int xtables_match_prefer(const struct xtables_match *a,
const struct xtables_match *b)
{
- return xtables_mt_prefer(false, a->revision, a->family,
- false, b->revision, b->family);
+ return xtables_mt_prefer(a->name != a->real_name,
+ a->revision, a->family,
+ b->name != b->real_name,
+ b->revision, b->family);
}
static int xtables_target_prefer(const struct xtables_target *a,
@@ -938,11 +942,11 @@ static void xtables_fully_register_pending_match(struct xtables_match *me)
/* Now we have two (or more) options, check compatibility. */
if (compare > 0 &&
- compatible_match_revision(old->name, old->revision))
+ compatible_match_revision(old->real_name, old->revision))
return;
/* See if new match can be used. */
- if (!compatible_match_revision(me->name, me->revision))
+ if (!compatible_match_revision(me->real_name, me->revision))
return;
/* Delete old one. */