summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2010-12-18 02:04:59 +0100
committerJan Engelhardt <jengelh@medozas.de>2011-01-31 03:05:34 +0100
commit73866357e4a7a0fdc1b293bf8863fee2bd56da9e (patch)
tree1890725e5f327ba14ccf452ff9e5916954d7908f
parentbb8be30857edd501e701c2f22db6c59bd6839c87 (diff)
iptables: do not print trailing whitespaces
Due to the use of printf("foobar "), iptables emits spaces at the end-of-line, which looks odd to some users because it causes the terminal to wrap even if there is seemingly nothing to print. It may also have other points of annoyance, such as mailers interpreting a trailing space as an indicator that the paragraph continues when format=flowed is also on. And git highlights trailing spaces in red, so let's avoid :) Preexisting inconsistencies in outputting spaces in the right spot are also addressed right away. References: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=429579 Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
-rw-r--r--extensions/libip6t_HL.c18
-rw-r--r--extensions/libip6t_LOG.c36
-rw-r--r--extensions/libip6t_REJECT.c4
-rw-r--r--extensions/libip6t_ah.c26
-rw-r--r--extensions/libip6t_dst.c19
-rw-r--r--extensions/libip6t_frag.c38
-rw-r--r--extensions/libip6t_hbh.c21
-rw-r--r--extensions/libip6t_hl.c4
-rw-r--r--extensions/libip6t_icmp6.c23
-rw-r--r--extensions/libip6t_ipv6header.c14
-rw-r--r--extensions/libip6t_mh.c12
-rw-r--r--extensions/libip6t_rt.c42
-rw-r--r--extensions/libipt_CLUSTERIP.c6
-rw-r--r--extensions/libipt_DNAT.c14
-rw-r--r--extensions/libipt_ECN.c18
-rw-r--r--extensions/libipt_LOG.c36
-rw-r--r--extensions/libipt_MASQUERADE.c10
-rw-r--r--extensions/libipt_NETMAP.c2
-rw-r--r--extensions/libipt_REDIRECT.c10
-rw-r--r--extensions/libipt_REJECT.c4
-rw-r--r--extensions/libipt_SAME.c26
-rw-r--r--extensions/libipt_SNAT.c14
-rw-r--r--extensions/libipt_TTL.c18
-rw-r--r--extensions/libipt_ULOG.c18
-rw-r--r--extensions/libipt_addrtype.c38
-rw-r--r--extensions/libipt_ah.c13
-rw-r--r--extensions/libipt_ecn.c30
-rw-r--r--extensions/libipt_icmp.c25
-rw-r--r--extensions/libipt_realm.c14
-rw-r--r--extensions/libipt_ttl.c22
-rw-r--r--extensions/libxt_AUDIT.c8
-rw-r--r--extensions/libxt_CHECKSUM.c6
-rw-r--r--extensions/libxt_CLASSIFY.c6
-rw-r--r--extensions/libxt_CONNMARK.c51
-rw-r--r--extensions/libxt_CONNSECMARK.c6
-rw-r--r--extensions/libxt_CT.c15
-rw-r--r--extensions/libxt_DSCP.c6
-rw-r--r--extensions/libxt_IDLETIMER.c8
-rw-r--r--extensions/libxt_LED.c20
-rw-r--r--extensions/libxt_MARK.c30
-rw-r--r--extensions/libxt_NFLOG.c8
-rw-r--r--extensions/libxt_NFQUEUE.c12
-rw-r--r--extensions/libxt_RATEEST.c12
-rw-r--r--extensions/libxt_SECMARK.c6
-rw-r--r--extensions/libxt_SET.c6
-rw-r--r--extensions/libxt_TCPMSS.c8
-rw-r--r--extensions/libxt_TCPOPTSTRIP.c4
-rw-r--r--extensions/libxt_TEE.c20
-rw-r--r--extensions/libxt_TOS.c20
-rw-r--r--extensions/libxt_TPROXY.c24
-rw-r--r--extensions/libxt_cluster.c14
-rw-r--r--extensions/libxt_comment.c4
-rw-r--r--extensions/libxt_connbytes.c32
-rw-r--r--extensions/libxt_connlimit.c24
-rw-r--r--extensions/libxt_connmark.c16
-rw-r--r--extensions/libxt_conntrack.c118
-rw-r--r--extensions/libxt_cpu.c4
-rw-r--r--extensions/libxt_dccp.c26
-rw-r--r--extensions/libxt_dscp.c4
-rw-r--r--extensions/libxt_esp.c16
-rw-r--r--extensions/libxt_hashlimit.c76
-rw-r--r--extensions/libxt_helper.c4
-rw-r--r--extensions/libxt_iprange.c76
-rw-r--r--extensions/libxt_ipvs.c44
-rw-r--r--extensions/libxt_length.c12
-rw-r--r--extensions/libxt_limit.c10
-rw-r--r--extensions/libxt_mac.c11
-rw-r--r--extensions/libxt_mark.c20
-rw-r--r--extensions/libxt_multiport.c24
-rw-r--r--extensions/libxt_osf.c4
-rw-r--r--extensions/libxt_owner.c50
-rw-r--r--extensions/libxt_physdev.c23
-rw-r--r--extensions/libxt_pkttype.c8
-rw-r--r--extensions/libxt_policy.c50
-rw-r--r--extensions/libxt_quota.c4
-rw-r--r--extensions/libxt_rateest.c60
-rw-r--r--extensions/libxt_recent.c46
-rw-r--r--extensions/libxt_sctp.c38
-rw-r--r--extensions/libxt_set.c10
-rw-r--r--extensions/libxt_socket.c4
-rw-r--r--extensions/libxt_state.c5
-rw-r--r--extensions/libxt_statistic.c10
-rw-r--r--extensions/libxt_string.c28
-rw-r--r--extensions/libxt_tcp.c34
-rw-r--r--extensions/libxt_tcpmss.c12
-rw-r--r--extensions/libxt_time.c35
-rw-r--r--extensions/libxt_tos.c16
-rw-r--r--extensions/libxt_u32.c12
-rw-r--r--extensions/libxt_udp.c19
-rw-r--r--extensions/tos_values.c2
-rw-r--r--ip6tables.c38
-rw-r--r--iptables.c36
-rw-r--r--xtables.c6
93 files changed, 940 insertions, 996 deletions
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 74304545..900564c4 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -93,17 +93,17 @@ static void HL_save(const void *ip, const struct xt_entry_target *target)
switch (info->mode) {
case IP6T_HL_SET:
- printf("--hl-set ");
+ printf(" --hl-set");
break;
case IP6T_HL_DEC:
- printf("--hl-dec ");
+ printf(" --hl-dec");
break;
case IP6T_HL_INC:
- printf("--hl-inc ");
+ printf(" --hl-inc");
break;
}
- printf("%u ", info->hop_limit);
+ printf(" %u", info->hop_limit);
}
static void HL_print(const void *ip, const struct xt_entry_target *target,
@@ -112,19 +112,19 @@ static void HL_print(const void *ip, const struct xt_entry_target *target,
const struct ip6t_HL_info *info =
(struct ip6t_HL_info *) target->data;
- printf("HL ");
+ printf(" HL ");
switch (info->mode) {
case IP6T_HL_SET:
- printf("set to ");
+ printf("set to");
break;
case IP6T_HL_DEC:
- printf("decrement by ");
+ printf("decrement by");
break;
case IP6T_HL_INC:
- printf("increment by ");
+ printf("increment by");
break;
}
- printf("%u ", info->hop_limit);
+ printf(" %u", info->hop_limit);
}
static const struct option HL_opts[] = {
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index a33d5705..af537050 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -203,34 +203,34 @@ static void LOG_print(const void *ip, const struct xt_entry_target *target,
= (const struct ip6t_log_info *)target->data;
unsigned int i = 0;
- printf("LOG ");
+ printf(" LOG");
if (numeric)
- printf("flags %u level %u ",
+ printf(" flags %u level %u",
loginfo->logflags, loginfo->level);
else {
for (i = 0; i < ARRAY_SIZE(ip6t_log_names); ++i)
if (loginfo->level == ip6t_log_names[i].level) {
- printf("level %s ", ip6t_log_names[i].name);
+ printf(" level %s", ip6t_log_names[i].name);
break;
}
if (i == ARRAY_SIZE(ip6t_log_names))
- printf("UNKNOWN level %u ", loginfo->level);
+ printf(" UNKNOWN level %u", loginfo->level);
if (loginfo->logflags & IP6T_LOG_TCPSEQ)
- printf("tcp-sequence ");
+ printf(" tcp-sequence");
if (loginfo->logflags & IP6T_LOG_TCPOPT)
- printf("tcp-options ");
+ printf(" tcp-options");
if (loginfo->logflags & IP6T_LOG_IPOPT)
- printf("ip-options ");
+ printf(" ip-options");
if (loginfo->logflags & IP6T_LOG_UID)
- printf("uid ");
+ printf(" uid");
if (loginfo->logflags & IP6T_LOG_MACDECODE)
- printf("macdecode ");
+ printf(" macdecode");
if (loginfo->logflags & ~(IP6T_LOG_MASK))
- printf("unknown-flags ");
+ printf(" unknown-flags");
}
if (strcmp(loginfo->prefix, "") != 0)
- printf("prefix `%s' ", loginfo->prefix);
+ printf(" prefix \"%s\"", loginfo->prefix);
}
static void LOG_save(const void *ip, const struct xt_entry_target *target)
@@ -239,21 +239,21 @@ static void LOG_save(const void *ip, const struct xt_entry_target *target)
= (const struct ip6t_log_info *)target->data;
if (strcmp(loginfo->prefix, "") != 0)
- printf("--log-prefix \"%s\" ", loginfo->prefix);
+ printf(" --log-prefix \"%s\"", loginfo->prefix);
if (loginfo->level != LOG_DEFAULT_LEVEL)
- printf("--log-level %d ", loginfo->level);
+ printf(" --log-level %d", loginfo->level);
if (loginfo->logflags & IP6T_LOG_TCPSEQ)
- printf("--log-tcp-sequence ");
+ printf(" --log-tcp-sequence");
if (loginfo->logflags & IP6T_LOG_TCPOPT)
- printf("--log-tcp-options ");
+ printf(" --log-tcp-options");
if (loginfo->logflags & IP6T_LOG_IPOPT)
- printf("--log-ip-options ");
+ printf(" --log-ip-options");
if (loginfo->logflags & IP6T_LOG_UID)
- printf("--log-uid ");
+ printf(" --log-uid");
if (loginfo->logflags & IP6T_LOG_MACDECODE)
- printf("--log-macdecode ");
+ printf(" --log-macdecode");
}
static struct xtables_target log_tg6_reg = {
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 9a4334f5..f906ab81 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -108,7 +108,7 @@ static void REJECT_print(const void *ip, const struct xt_entry_target *target,
for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if (reject_table[i].with == reject->with)
break;
- printf("reject-with %s ", reject_table[i].name);
+ printf(" reject-with %s", reject_table[i].name);
}
static void REJECT_save(const void *ip, const struct xt_entry_target *target)
@@ -121,7 +121,7 @@ static void REJECT_save(const void *ip, const struct xt_entry_target *target)
if (reject_table[i].with == reject->with)
break;
- printf("--reject-with %s ", reject_table[i].name);
+ printf(" --reject-with %s", reject_table[i].name);
}
static struct xtables_target reject_tg6_reg = {
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index 839f14d6..693a4f8f 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -123,9 +123,9 @@ print_spis(const char *name, uint32_t min, uint32_t max,
if (min != 0 || max != 0xFFFFFFFF || invert) {
if (min == max)
- printf("%s:%s%u ", name, inv, min);
+ printf("%s:%s%u", name, inv, min);
else
- printf("%ss:%s%u:%u ", name, inv, min, max);
+ printf("%ss:%s%u:%u", name, inv, min, max);
}
}
@@ -135,7 +135,7 @@ print_len(const char *name, uint32_t len, int invert)
const char *inv = invert ? "!" : "";
if (len != 0 || invert)
- printf("%s:%s%u ", name, inv, len);
+ printf("%s:%s%u", name, inv, len);
}
static void ah_print(const void *ip, const struct xt_entry_match *match,
@@ -143,17 +143,17 @@ static void ah_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_ah *ah = (struct ip6t_ah *)match->data;
- printf("ah ");
+ printf(" ah ");
print_spis("spi", ah->spis[0], ah->spis[1],
ah->invflags & IP6T_AH_INV_SPI);
print_len("length", ah->hdrlen,
ah->invflags & IP6T_AH_INV_LEN);
if (ah->hdrres)
- printf("reserved ");
+ printf(" reserved");
if (ah->invflags & ~IP6T_AH_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
ah->invflags & ~IP6T_AH_INV_MASK);
}
@@ -163,26 +163,26 @@ static void ah_save(const void *ip, const struct xt_entry_match *match)
if (!(ahinfo->spis[0] == 0
&& ahinfo->spis[1] == 0xFFFFFFFF)) {
- printf("%s--ahspi ",
- (ahinfo->invflags & IP6T_AH_INV_SPI) ? "! " : "");
+ printf("%s --ahspi ",
+ (ahinfo->invflags & IP6T_AH_INV_SPI) ? " !" : "");
if (ahinfo->spis[0]
!= ahinfo->spis[1])
- printf("%u:%u ",
+ printf("%u:%u",
ahinfo->spis[0],
ahinfo->spis[1]);
else
- printf("%u ",
+ printf("%u",
ahinfo->spis[0]);
}
if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN) ) {
- printf("%s--ahlen %u ",
- (ahinfo->invflags & IP6T_AH_INV_LEN) ? "! " : "",
+ printf("%s --ahlen %u",
+ (ahinfo->invflags & IP6T_AH_INV_LEN) ? " !" : "",
ahinfo->hdrlen);
}
if (ahinfo->hdrres != 0 )
- printf("--ahres ");
+ printf(" --ahres");
}
static struct xtables_match ah_mt6_reg = {
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
index e4cf431e..3ba804fe 100644
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -166,6 +166,7 @@ print_options(unsigned int optsnr, uint16_t *optsp)
{
unsigned int i;
+ printf(" ");
for(i = 0; i < optsnr; i++) {
printf("%d", (optsp[i] & 0xFF00) >> 8);
@@ -181,22 +182,22 @@ static void dst_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
- printf("dst ");
+ printf(" dst");
if (optinfo->flags & IP6T_OPTS_LEN)
- printf("length:%s%u ",
+ printf(" length:%s%u",
optinfo->invflags & IP6T_OPTS_INV_LEN ? "!" : "",
optinfo->hdrlen);
if (optinfo->flags & IP6T_OPTS_OPTS)
- printf("opts ");
+ printf(" opts");
print_options(optinfo->optsnr, (uint16_t *)optinfo->opts);
if (optinfo->flags & IP6T_OPTS_NSTRICT)
- printf("not-strict ");
+ printf(" not-strict");
if (optinfo->invflags & ~IP6T_OPTS_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
optinfo->invflags & ~IP6T_OPTS_INV_MASK);
}
@@ -205,18 +206,18 @@ static void dst_save(const void *ip, const struct xt_entry_match *match)
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
if (optinfo->flags & IP6T_OPTS_LEN) {
- printf("%s--dst-len %u ",
- (optinfo->invflags & IP6T_OPTS_INV_LEN) ? "! " : "",
+ printf("%s --dst-len %u",
+ (optinfo->invflags & IP6T_OPTS_INV_LEN) ? " !" : "",
optinfo->hdrlen);
}
if (optinfo->flags & IP6T_OPTS_OPTS)
- printf("--dst-opts ");
+ printf(" --dst-opts");
print_options(optinfo->optsnr, (uint16_t *)optinfo->opts);
if (optinfo->flags & IP6T_OPTS_NSTRICT)
- printf("--dst-not-strict ");
+ printf(" --dst-not-strict");
}
static struct xtables_match dst_mt6_reg = {
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c
index c342dd86..ed13c1f9 100644
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -155,9 +155,9 @@ print_ids(const char *name, uint32_t min, uint32_t max,
if (min != 0 || max != 0xFFFFFFFF || invert) {
printf("%s", name);
if (min == max)
- printf(":%s%u ", inv, min);
+ printf(":%s%u", inv, min);
else
- printf("s:%s%u:%u ", inv, min, max);
+ printf("s:%s%u:%u", inv, min, max);
}
}
@@ -166,30 +166,30 @@ static void frag_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_frag *frag = (struct ip6t_frag *)match->data;
- printf("frag ");
+ printf(" frag ");
print_ids("id", frag->ids[0], frag->ids[1],
frag->invflags & IP6T_FRAG_INV_IDS);
if (frag->flags & IP6T_FRAG_LEN) {
- printf("length:%s%u ",
+ printf(" length:%s%u",
frag->invflags & IP6T_FRAG_INV_LEN ? "!" : "",
frag->hdrlen);
}
if (frag->flags & IP6T_FRAG_RES)
- printf("reserved ");
+ printf(" reserved");
if (frag->flags & IP6T_FRAG_FST)
- printf("first ");
+ printf(" first");
if (frag->flags & IP6T_FRAG_MF)
- printf("more ");
+ printf(" more");
if (frag->flags & IP6T_FRAG_NMF)
- printf("last ");
+ printf(" last");
if (frag->invflags & ~IP6T_FRAG_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
frag->invflags & ~IP6T_FRAG_INV_MASK);
}
@@ -199,35 +199,35 @@ static void frag_save(const void *ip, const struct xt_entry_match *match)
if (!(fraginfo->ids[0] == 0
&& fraginfo->ids[1] == 0xFFFFFFFF)) {
- printf("%s--fragid ",
- (fraginfo->invflags & IP6T_FRAG_INV_IDS) ? "! " : "");
+ printf("%s --fragid ",
+ (fraginfo->invflags & IP6T_FRAG_INV_IDS) ? " !" : "");
if (fraginfo->ids[0]
!= fraginfo->ids[1])
- printf("%u:%u ",
+ printf("%u:%u",
fraginfo->ids[0],
fraginfo->ids[1]);
else
- printf("%u ",
+ printf("%u",
fraginfo->ids[0]);
}
if (fraginfo->flags & IP6T_FRAG_LEN) {
- printf("%s--fraglen %u ",
- (fraginfo->invflags & IP6T_FRAG_INV_LEN) ? "! " : "",
+ printf("%s --fraglen %u",
+ (fraginfo->invflags & IP6T_FRAG_INV_LEN) ? " !" : "",
fraginfo->hdrlen);
}
if (fraginfo->flags & IP6T_FRAG_RES)
- printf("--fragres ");
+ printf(" --fragres");
if (fraginfo->flags & IP6T_FRAG_FST)
- printf("--fragfirst ");
+ printf(" --fragfirst");
if (fraginfo->flags & IP6T_FRAG_MF)
- printf("--fragmore ");
+ printf(" --fragmore");
if (fraginfo->flags & IP6T_FRAG_NMF)
- printf("--fraglast ");
+ printf(" --fraglast");
}
static struct xtables_match frag_mt6_reg = {
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index f9d59df9..e51569ef 100644
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -160,11 +160,11 @@ print_options(unsigned int optsnr, uint16_t *optsp)
unsigned int i;
for(i=0; i<optsnr; i++){
+ printf("%c", (i==0)?' ':',');
printf("%d", (optsp[i] & 0xFF00)>>8);
if ((optsp[i] & 0x00FF) != 0x00FF){
printf(":%d", (optsp[i] & 0x00FF));
}
- printf("%c", (i!=optsnr-1)?',':' ');
}
}
@@ -173,18 +173,17 @@ static void hbh_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
- printf("hbh ");
+ printf(" hbh");
if (optinfo->flags & IP6T_OPTS_LEN) {
- printf("length");
+ printf(" length");
printf(":%s", optinfo->invflags & IP6T_OPTS_INV_LEN ? "!" : "");
printf("%u", optinfo->hdrlen);
- printf(" ");
}
- if (optinfo->flags & IP6T_OPTS_OPTS) printf("opts ");
+ if (optinfo->flags & IP6T_OPTS_OPTS) printf(" opts");
print_options(optinfo->optsnr, (uint16_t *)optinfo->opts);
- if (optinfo->flags & IP6T_OPTS_NSTRICT) printf("not-strict ");
+ if (optinfo->flags & IP6T_OPTS_NSTRICT) printf(" not-strict");
if (optinfo->invflags & ~IP6T_OPTS_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
optinfo->invflags & ~IP6T_OPTS_INV_MASK);
}
@@ -193,16 +192,16 @@ static void hbh_save(const void *ip, const struct xt_entry_match *match)
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
if (optinfo->flags & IP6T_OPTS_LEN) {
- printf("%s--hbh-len %u ",
- (optinfo->invflags & IP6T_OPTS_INV_LEN) ? "! " : "",
+ printf("%s --hbh-len %u",
+ (optinfo->invflags & IP6T_OPTS_INV_LEN) ? " !" : "",
optinfo->hdrlen);
}
if (optinfo->flags & IP6T_OPTS_OPTS)
- printf("--hbh-opts ");
+ printf(" --hbh-opts");
print_options(optinfo->optsnr, (uint16_t *)optinfo->opts);
if (optinfo->flags & IP6T_OPTS_NSTRICT)
- printf("--hbh-not-strict ");
+ printf(" --hbh-not-strict");
}
static struct xtables_match hbh_mt6_reg = {
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index daefea11..5da3210a 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -96,7 +96,7 @@ static void hl_print(const void *ip, const struct xt_entry_match *match,
const struct ip6t_hl_info *info =
(struct ip6t_hl_info *) match->data;
- printf("HL match HL %s %u ", op[info->mode], info->hop_limit);
+ printf(" HL match HL %s %u", op[info->mode], info->hop_limit);
}
static void hl_save(const void *ip, const struct xt_entry_match *match)
@@ -110,7 +110,7 @@ static void hl_save(const void *ip, const struct xt_entry_match *match)
const struct ip6t_hl_info *info =
(struct ip6t_hl_info *) match->data;
- printf("%s %u ", op[info->mode], info->hop_limit);
+ printf(" %s %u", op[info->mode], info->hop_limit);
}
static const struct option hl_opts[] = {
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index 8c39488e..fa87b696 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -186,7 +186,7 @@ static void print_icmpv6type(uint8_t type,
break;
if (i != ARRAY_SIZE(icmpv6_codes)) {
- printf("%s%s ",
+ printf(" %s%s",
invert ? "!" : "",
icmpv6_codes[i].name);
return;
@@ -194,15 +194,13 @@ static void print_icmpv6type(uint8_t type,
}
if (invert)
- printf("!");
+ printf(" !");
printf("type %u", type);
- if (code_min == 0 && code_max == 0xFF)
- printf(" ");
- else if (code_min == code_max)
- printf(" code %u ", code_min);
- else
- printf(" codes %u-%u ", code_min, code_max);
+ if (code_min == code_max)
+ printf(" code %u", code_min);
+ else if (code_min != 0 || code_max != 0xFF)
+ printf(" codes %u-%u", code_min, code_max);
}
static void icmp6_print(const void *ip, const struct xt_entry_match *match,
@@ -210,13 +208,13 @@ static void icmp6_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_icmp *icmpv6 = (struct ip6t_icmp *)match->data;
- printf("ipv6-icmp ");
+ printf(" ipv6-icmp");
print_icmpv6type(icmpv6->type, icmpv6->code[0], icmpv6->code[1],
icmpv6->invflags & IP6T_ICMP_INV,
numeric);
if (icmpv6->invflags & ~IP6T_ICMP_INV)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
icmpv6->invflags & ~IP6T_ICMP_INV);
}
@@ -225,12 +223,11 @@ static void icmp6_save(const void *ip, const struct xt_entry_match *match)
const struct ip6t_icmp *icmpv6 = (struct ip6t_icmp *)match->data;
if (icmpv6->invflags & IP6T_ICMP_INV)
- printf("! ");
+ printf(" !");
- printf("--icmpv6-type %u", icmpv6->type);
+ printf(" --icmpv6-type %u", icmpv6->type);
if (icmpv6->code[0] != 0 || icmpv6->code[1] != 0xFF)
printf("/%u", icmpv6->code[0]);
- printf(" ");
}
static void icmp6_check(unsigned int flags)
diff --git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index 7d2a97f8..da832e21 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -240,20 +240,19 @@ static void ipv6header_print(const void *ip,
const struct xt_entry_match *match, int numeric)
{
const struct ip6t_ipv6header_info *info = (const struct ip6t_ipv6header_info *)match->data;
- printf("ipv6header ");
+ printf(" ipv6header");
if (info->matchflags || info->invflags) {
- printf("flags:%s", info->invflags ? "!" : "");
+ printf(" flags:%s", info->invflags ? "!" : "");
if (numeric)
- printf("0x%02X ", info->matchflags);
+ printf("0x%02X", info->matchflags);
else {
print_header(info->matchflags);
- printf(" ");
}
}
if (info->modeflag)
- printf("soft ");
+ printf(" soft");
}
static void ipv6header_save(const void *ip, const struct xt_entry_match *match)
@@ -261,11 +260,10 @@ static void ipv6header_save(const void *ip, const struct xt_entry_match *match)
const struct ip6t_ipv6header_info *info = (const struct ip6t_ipv6header_info *)match->data;
- printf("%s--header ", info->invflags ? "! " : "");
+ printf("%s --header ", info->invflags ? " !" : "");
print_header(info->matchflags);
- printf(" ");
if (info->modeflag)
- printf("--soft ");
+ printf(" --soft");
}
static struct xtables_match ipv6header_mt6_reg = {
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index f41c4f43..460f9e47 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -170,6 +170,7 @@ static void print_types(uint8_t min, uint8_t max, int invert, int numeric)
const char *inv = invert ? "!" : "";
if (min != 0 || max != 0xFF || invert) {
+ printf(" ");
if (min == max) {
printf("%s", inv);
print_type(min, numeric);
@@ -179,7 +180,6 @@ static void print_types(uint8_t min, uint8_t max, int invert, int numeric)
printf(":");
print_type(max, numeric);
}
- printf(" ");
}
}
@@ -188,12 +188,12 @@ static void mh_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_mh *mhinfo = (struct ip6t_mh *)match->data;
- printf("mh ");
+ printf(" mh");
print_types(mhinfo->types[0], mhinfo->types[1],
mhinfo->invflags & IP6T_MH_INV_TYPE,
numeric);
if (mhinfo->invflags & ~IP6T_MH_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
mhinfo->invflags & ~IP6T_MH_INV_MASK);
}
@@ -205,12 +205,12 @@ static void mh_save(const void *ip, const struct xt_entry_match *match)
return;
if (mhinfo->invflags & IP6T_MH_INV_TYPE)
- printf("! ");
+ printf(" !");
if (mhinfo->types[0] != mhinfo->types[1])
- printf("--mh-type %u:%u ", mhinfo->types[0], mhinfo->types[1]);
+ printf(" --mh-type %u:%u", mhinfo->types[0], mhinfo->types[1]);
else
- printf("--mh-type %u ", mhinfo->types[0]);
+ printf(" --mh-type %u", mhinfo->types[0]);
}
static const struct option mh_opts[] = {
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index 4e27f8ae..bd2da59f 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -235,7 +235,7 @@ print_nums(const char *name, uint32_t min, uint32_t max,
const char *inv = invert ? "!" : "";
if (min != 0 || max != 0xFFFFFFFF || invert) {
- printf("%s", name);
+ printf(" %s", name);
if (min == max) {
printf(":%s", inv);
printf("%u", min);
@@ -245,7 +245,6 @@ print_nums(const char *name, uint32_t min, uint32_t max,
printf(":");
printf("%u",max);
}
- printf(" ");
}
}
@@ -255,7 +254,7 @@ print_addresses(unsigned int addrnr, struct in6_addr *addrp)
unsigned int i;
for(i=0; i<addrnr; i++){
- printf("%s%c", addr_to_numeric(&(addrp[i])), (i!=addrnr-1)?',':' ');
+ printf("%c%s", (i==0)?' ':',', addr_to_numeric(&(addrp[i])));
}
}
@@ -264,24 +263,23 @@ static void rt_print(const void *ip, const struct xt_entry_match *match,
{
const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
- printf("rt ");
+ printf(" rt");
if (rtinfo->flags & IP6T_RT_TYP)
- printf("type:%s%d ", rtinfo->invflags & IP6T_RT_INV_TYP ? "!" : "",
+ printf(" type:%s%d", rtinfo->invflags & IP6T_RT_INV_TYP ? "!" : "",
rtinfo->rt_type);
print_nums("segsleft", rtinfo->segsleft[0], rtinfo->segsleft[1],
rtinfo->invflags & IP6T_RT_INV_SGS);
if (rtinfo->flags & IP6T_RT_LEN) {
- printf("length");
+ printf(" length");
printf(":%s", rtinfo->invflags & IP6T_RT_INV_LEN ? "!" : "");
printf("%u", rtinfo->hdrlen);
- printf(" ");
}
- if (rtinfo->flags & IP6T_RT_RES) printf("reserved ");
- if (rtinfo->flags & IP6T_RT_FST) printf("0-addrs ");
+ if (rtinfo->flags & IP6T_RT_RES) printf(" reserved");
+ if (rtinfo->flags & IP6T_RT_FST) printf(" 0-addrs");
print_addresses(rtinfo->addrnr, (struct in6_addr *)rtinfo->addrs);
- if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf("0-not-strict ");
+ if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf(" 0-not-strict");
if (rtinfo->invflags & ~IP6T_RT_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
rtinfo->invflags & ~IP6T_RT_INV_MASK);
}
@@ -290,35 +288,35 @@ static void rt_save(const void *ip, const struct xt_entry_match *match)
const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
if (rtinfo->flags & IP6T_RT_TYP) {
- printf("%s--rt-type %u ",
- (rtinfo->invflags & IP6T_RT_INV_TYP) ? "! " : "",
+ printf("%s --rt-type %u",
+ (rtinfo->invflags & IP6T_RT_INV_TYP) ? " !" : "",
rtinfo->rt_type);
}
if (!(rtinfo->segsleft[0] == 0
&& rtinfo->segsleft[1] == 0xFFFFFFFF)) {
- printf("%s--rt-segsleft ",
- (rtinfo->invflags & IP6T_RT_INV_SGS) ? "! " : "");
+ printf("%s --rt-segsleft ",
+ (rtinfo->invflags & IP6T_RT_INV_SGS) ? " !" : "");
if (rtinfo->segsleft[0]
!= rtinfo->segsleft[1])
- printf("%u:%u ",
+ printf("%u:%u",
rtinfo->segsleft[0],
rtinfo->segsleft[1]);
else
- printf("%u ",
+ printf("%u",
rtinfo->segsleft[0]);
}
if (rtinfo->flags & IP6T_RT_LEN) {
- printf("%s--rt-len %u ",
- (rtinfo->invflags & IP6T_RT_INV_LEN) ? "! " : "",
+ printf("%s --rt-len %u",
+ (rtinfo->invflags & IP6T_RT_INV_LEN) ? " !" : "",
rtinfo->hdrlen);
}
- if (rtinfo->flags & IP6T_RT_RES) printf("--rt-0-res ");
- if (rtinfo->flags & IP6T_RT_FST) printf("--rt-0-addrs ");
+ if (rtinfo->flags & IP6T_RT_RES) printf(" --rt-0-res");
+ if (rtinfo->flags & IP6T_RT_FST) printf(" --rt-0-addrs");
print_addresses(rtinfo->addrnr, (struct in6_addr *)rtinfo->addrs);
- if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf("--rt-0-not-strict ");
+ if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf(" --rt-0-not-strict");
}
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c
index 9f4c9929..f7f46d1c 100644
--- a/extensions/libipt_CLUSTERIP.c
+++ b/extensions/libipt_CLUSTERIP.c
@@ -198,11 +198,11 @@ static void CLUSTERIP_print(const void *ip,
(const struct ipt_clusterip_tgt_info *)target->data;
if (!cipinfo->flags & CLUSTERIP_FLAG_NEW) {
- printf("CLUSTERIP");
+ printf(" CLUSTERIP");
return;
}
- printf("CLUSTERIP hashmode=%s clustermac=%s total_nodes=%u local_node=%u hash_init=%u",
+ printf(" CLUSTERIP hashmode=%s clustermac=%s total_nodes=%u local_node=%u hash_init=%u",
hashmode2str(cipinfo->hash_mode),
mac2str(cipinfo->clustermac),
cipinfo->num_total_nodes,
@@ -220,7 +220,7 @@ static void CLUSTERIP_save(const void *ip, const struct xt_entry_target *target)
if (!cipinfo->flags & CLUSTERIP_FLAG_NEW)
return;
- printf("--new --hashmode %s --clustermac %s --total-nodes %d --local-node %d --hash-init %u",
+ printf(" --new --hashmode %s --clustermac %s --total-nodes %d --local-node %d --hash-init %u",
hashmode2str(cipinfo->hash_mode),
mac2str(cipinfo->clustermac),
cipinfo->num_total_nodes,
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index 32b94b26..34d3777a 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -221,14 +221,13 @@ static void DNAT_print(const void *ip, const struct xt_entry_target *target,
const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
- printf("to:");
+ printf(" to:");
for (i = 0; i < info->mr.rangesize; i++) {
print_range(&info->mr.range[i]);
- printf(" ");
if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("random ");
+ printf(" random");
if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT)
- printf("persistent ");
+ printf(" persistent");
}
}
@@ -238,13 +237,12 @@ static void DNAT_save(const void *ip, const struct xt_entry_target *target)
unsigned int i = 0;
for (i = 0; i < info->mr.rangesize; i++) {
- printf("--to-destination ");
+ printf(" --to-destination ");
print_range(&info->mr.range[i]);
- printf(" ");
if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("--random ");
+ printf(" --random");
if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT)
- printf("--persistent ");
+ printf(" --persistent");
}
}
diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c
index cad20a86..216a9963 100644
--- a/extensions/libipt_ECN.c
+++ b/extensions/libipt_ECN.c
@@ -108,21 +108,21 @@ static void ECN_print(const void *ip, const struct xt_entry_target *target,
const struct ipt_ECN_info *einfo =
(const struct ipt_ECN_info *)target->data;
- printf("ECN ");
+ printf(" ECN");
if (einfo->operation == (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)
&& einfo->proto.tcp.ece == 0
&& einfo->proto.tcp.cwr == 0)
- printf("TCP remove ");
+ printf(" TCP remove");
else {
if (einfo->operation & IPT_ECN_OP_SET_ECE)
- printf("ECE=%u ", einfo->proto.tcp.ece);
+ printf(" ECE=%u", einfo->proto.tcp.ece);
if (einfo->operation & IPT_ECN_OP_SET_CWR)
- printf("CWR=%u ", einfo->proto.tcp.cwr);
+ printf(" CWR=%u", einfo->proto.tcp.cwr);
if (einfo->operation & IPT_ECN_OP_SET_IP)
- printf("ECT codepoint=%u ", einfo->ip_ect);
+ printf(" ECT codepoint=%u", einfo->ip_ect);
}
}
@@ -134,17 +134,17 @@ static void ECN_save(const void *ip, const struct xt_entry_target *target)
if (einfo->operation == (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR)
&& einfo->proto.tcp.ece == 0
&& einfo->proto.tcp.cwr == 0)
- printf("--ecn-tcp-remove ");
+ printf(" --ecn-tcp-remove");
else {
if (einfo->operation & IPT_ECN_OP_SET_ECE)
- printf("--ecn-tcp-ece %d ", einfo->proto.tcp.ece);
+ printf(" --ecn-tcp-ece %d", einfo->proto.tcp.ece);
if (einfo->operation & IPT_ECN_OP_SET_CWR)
- printf("--ecn-tcp-cwr %d ", einfo->proto.tcp.cwr);
+ printf(" --ecn-tcp-cwr %d", einfo->proto.tcp.cwr);
if (einfo->operation & IPT_ECN_OP_SET_IP)
- printf("--ecn-ip-ect %d ", einfo->ip_ect);
+ printf(" --ecn-ip-ect %d", einfo->ip_ect);
}
}
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index e6ccb3bf..233bd9a9 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -203,34 +203,34 @@ static void LOG_print(const void *ip, const struct xt_entry_target *target,
= (const struct ipt_log_info *)target->data;
unsigned int i = 0;
- printf("LOG ");
+ printf(" LOG");
if (numeric)
- printf("flags %u level %u ",
+ printf(" flags %u level %u",
loginfo->logflags, loginfo->level);
else {
for (i = 0; i < ARRAY_SIZE(ipt_log_names); ++i)
if (loginfo->level == ipt_log_names[i].level) {
- printf("level %s ", ipt_log_names[i].name);
+ printf(" level %s", ipt_log_names[i].name);
break;
}
if (i == ARRAY_SIZE(ipt_log_names))
- printf("UNKNOWN level %u ", loginfo->level);
+ printf(" UNKNOWN level %u", loginfo->level);
if (loginfo->logflags & IPT_LOG_TCPSEQ)
- printf("tcp-sequence ");
+ printf(" tcp-sequence");
if (loginfo->logflags & IPT_LOG_TCPOPT)
- printf("tcp-options ");
+ printf(" tcp-options");
if (loginfo->logflags & IPT_LOG_IPOPT)
- printf("ip-options ");
+ printf(" ip-options");
if (loginfo->logflags & IPT_LOG_UID)
- printf("uid ");
+ printf(" uid");
if (loginfo->logflags & IPT_LOG_MACDECODE)
- printf("macdecode ");
+ printf(" macdecode");
if (loginfo->logflags & ~(IPT_LOG_MASK))
- printf("unknown-flags ");
+ printf(" unknown-flags");
}
if (strcmp(loginfo->prefix, "") != 0)
- printf("prefix `%s' ", loginfo->prefix);
+ printf(" prefix \"%s\"", loginfo->prefix);
}
static void LOG_save(const void *ip, const struct xt_entry_target *target)
@@ -239,23 +239,23 @@ static void LOG_save(const void *ip, const struct xt_entry_target *target)
= (const struct ipt_log_info *)target->data;
if (strcmp(loginfo->prefix, "") != 0) {
- printf("--log-prefix ");
+ printf(" --log-prefix");
xtables_save_string(loginfo->prefix);
}
if (loginfo->level != LOG_DEFAULT_LEVEL)
- printf("--log-level %d ", loginfo->level);
+ printf(" --log-level %d", loginfo->level);
if (loginfo->logflags & IPT_LOG_TCPSEQ)
- printf("--log-tcp-sequence ");
+ printf(" --log-tcp-sequence");
if (loginfo->logflags & IPT_LOG_TCPOPT)
- printf("--log-tcp-options ");
+ printf(" --log-tcp-options");
if (loginfo->logflags & IPT_LOG_IPOPT)
- printf("--log-ip-options ");
+ printf(" --log-ip-options");
if (loginfo->logflags & IPT_LOG_UID)
- printf("--log-uid ");
+ printf(" --log-uid");
if (loginfo->logflags & IPT_LOG_MACDECODE)
- printf("--log-macdecode ");
+ printf(" --log-macdecode");
}
static struct xtables_target log_tg_reg = {
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 3b059ace..00baf25e 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -114,15 +114,14 @@ MASQUERADE_print(const void *ip, const struct xt_entry_target *target,
const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
- printf("masq ports: ");
+ printf(" masq ports: ");
printf("%hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
printf("-%hu", ntohs(r->max.tcp.port));
- printf(" ");
}
if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("random ");
+ printf(" random");
}
static void
@@ -132,14 +131,13 @@ MASQUERADE_save(const void *ip, const struct xt_entry_target *target)
const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
- printf("--to-ports %hu", ntohs(r->min.tcp.port));
+ printf(" --to-ports %hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
printf("-%hu", ntohs(r->max.tcp.port));
- printf(" ");
}
if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("--random ");
+ printf(" --random");
}
static struct xtables_target masquerade_tg_reg = {
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index c7d0307b..0e85dec1 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -155,7 +155,7 @@ static void NETMAP_print(const void *ip, const struct xt_entry_target *target,
static void NETMAP_save(const void *ip, const struct xt_entry_target *target)
{
- printf("--%s ", NETMAP_opts[0].name);
+ printf(" --%s ", NETMAP_opts[0].name);
NETMAP_print(ip, target, 0);
}
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 74b3aa13..471ff29a 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -124,13 +124,12 @@ static void REDIRECT_print(const void *ip, const struct xt_entry_target *target,
const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
- printf("redir ports ");
+ printf(" redir ports ");
printf("%hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
printf("-%hu", ntohs(r->max.tcp.port));
- printf(" ");
if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("random ");
+ printf(" random");
}
}
@@ -140,13 +139,12 @@ static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
- printf("--to-ports ");
+ printf(" --to-ports ");
printf("%hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
printf("-%hu", ntohs(r->max.tcp.port));
- printf(" ");
if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("--random ");
+ printf(" --random");
}
}
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index 4bd5f4a0..0ed58cbd 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -130,7 +130,7 @@ static void REJECT_print(const void *ip, const struct xt_entry_target *target,
for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if (reject_table[i].with == reject->with)
break;
- printf("reject-with %s ", reject_table[i].name);
+ printf(" reject-with %s", reject_table[i].name);
}
static void REJECT_save(const void *ip, const struct xt_entry_target *target)
@@ -143,7 +143,7 @@ static void REJECT_save(const void *ip, const struct xt_entry_target *target)
if (reject_table[i].with == reject->with)
break;
- printf("--reject-with %s ", reject_table[i].name);
+ printf(" --reject-with %s", reject_table[i].name);
}
static struct xtables_target reject_tg_reg = {
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index 9531a3bc..9c548f5f 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -139,8 +139,8 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target,
const struct ipt_same_info *mr = (const void *)target->data;
int random_selection = 0;
- printf("same:");
-
+ printf(" same:");
+
for (count = 0; count < mr->rangesize; count++) {
const struct nf_nat_range *r = &mr->range[count];
struct in_addr a;
@@ -150,19 +150,17 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target,
printf("%s", xtables_ipaddr_to_numeric(&a));
a.s_addr = r->max_ip;
- if (r->min_ip == r->max_ip)
- printf(" ");
- else
- printf("-%s ", xtables_ipaddr_to_numeric(&a));
+ if (r->min_ip != r->max_ip)
+ printf("-%s", xtables_ipaddr_to_numeric(&a));
if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
random_selection = 1;
}
if (mr->info & IPT_SAME_NODST)
- printf("nodst ");
+ printf(" nodst");
if (random_selection)
- printf("random ");
+ printf(" random");
}
static void SAME_save(const void *ip, const struct xt_entry_target *target)
@@ -176,22 +174,20 @@ static void SAME_save(const void *ip, const struct xt_entry_target *target)
struct in_addr a;
a.s_addr = r->min_ip;
- printf("--to %s", xtables_ipaddr_to_numeric(&a));
+ printf(" --to %s", xtables_ipaddr_to_numeric(&a));
a.s_addr = r->max_ip;
- if (r->min_ip == r->max_ip)
- printf(" ");
- else
- printf("-%s ", xtables_ipaddr_to_numeric(&a));
+ if (r->min_ip != r->max_ip)
+ printf("-%s", xtables_ipaddr_to_numeric(&a));
if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
random_selection = 1;
}
if (mr->info & IPT_SAME_NODST)
- printf("--nodst ");
+ printf(" --nodst");
if (random_selection)
- printf("--random ");
+ printf(" --random");
}
static struct xtables_target same_tg_reg = {
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 2700bcc8..532770da 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -221,14 +221,13 @@ static void SNAT_print(const void *ip, const struct xt_entry_target *target,
const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
- printf("to:");
+ printf(" to:");
for (i = 0; i < info->mr.rangesize; i++) {
print_range(&info->mr.range[i]);
- printf(" ");
if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("random ");
+ printf(" random");
if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT)
- printf("persistent ");
+ printf(" persistent");
}
}
@@ -238,13 +237,12 @@ static void SNAT_save(const void *ip, const struct xt_entry_target *target)
unsigned int i = 0;
for (i = 0; i < info->mr.rangesize; i++) {
- printf("--to-source ");
+ printf(" --to-source ");
print_range(&info->mr.range[i]);
- printf(" ");
if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM)
- printf("--random ");
+ printf(" --random");
if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT)
- printf("--persistent ");
+ printf(" --persistent");
}
}
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index c8e55242..f13d9c34 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -93,17 +93,17 @@ static void TTL_save(const void *ip, const struct xt_entry_target *target)
switch (info->mode) {
case IPT_TTL_SET:
- printf("--ttl-set ");
+ printf(" --ttl-set");
break;
case IPT_TTL_DEC:
- printf("--ttl-dec ");
+ printf(" --ttl-dec");
break;
case IPT_TTL_INC:
- printf("--ttl-inc ");
+ printf(" --ttl-inc");
break;
}
- printf("%u ", info->ttl);
+ printf(" %u", info->ttl);
}
static void TTL_print(const void *ip, const struct xt_entry_target *target,
@@ -112,19 +112,19 @@ static void TTL_print(const void *ip, const struct xt_entry_target *target,
const struct ipt_TTL_info *info =
(struct ipt_TTL_info *) target->data;
- printf("TTL ");
+ printf(" TTL ");
switch (info->mode) {
case IPT_TTL_SET:
- printf("set to ");
+ printf("set to");
break;
case IPT_TTL_DEC:
- printf("decrement by ");
+ printf("decrement by");
break;
case IPT_TTL_INC:
- printf("increment by ");
+ printf("increment by");
break;
}
- printf("%u ", info->ttl);
+ printf(" %u", info->ttl);
}
static const struct option TTL_opts[] = {
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c
index 0185f98c..8eeccf00 100644
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -29,7 +29,7 @@ static void print_groups(unsigned int gmask)
for (b = 31; b >= 0; b--) {
test = (1 << b);
if (gmask & test)
- printf("%d ", b + 1);
+ printf(" %d", b + 1);
}
}
@@ -148,19 +148,19 @@ static void ULOG_save(const void *ip, const struct xt_entry_target *target)
= (const struct ipt_ulog_info *) target->data;
if (strcmp(loginfo->prefix, "") != 0) {
- fputs("--ulog-prefix ", stdout);
+ fputs(" --ulog-prefix", stdout);
xtables_save_string(loginfo->prefix);
}
if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) {
- printf("--ulog-nlgroup ");
+ printf(" --ulog-nlgroup");
print_groups(loginfo->nl_group);
}
if (loginfo->copy_range)
- printf("--ulog-cprange %u ", (unsigned int)loginfo->copy_range);
+ printf(" --ulog-cprange %u", (unsigned int)loginfo->copy_range);
if (loginfo->qthreshold != ULOG_DEFAULT_QTHRESHOLD)
- printf("--ulog-qthreshold %u ", (unsigned int)loginfo->qthreshold);
+ printf(" --ulog-qthreshold %u", (unsigned int)loginfo->qthreshold);
}
static void ULOG_print(const void *ip, const struct xt_entry_target *target,
@@ -169,12 +169,12 @@ static void ULOG_print(const void *ip, const struct xt_entry_target *target,
const struct ipt_ulog_info *loginfo
= (const struct ipt_ulog_info *) target->data;
- printf("ULOG ");
- printf("copy_range %u nlgroup ", (unsigned int)loginfo->copy_range);
+ printf(" ULOG ");
+ printf("copy_range %u nlgroup", (unsigned int)loginfo->copy_range);
print_groups(loginfo->nl_group);
if (strcmp(loginfo->prefix, "") != 0)
- printf("prefix `%s' ", loginfo->prefix);
- printf("queue_threshold %u ", (unsigned int)loginfo->qthreshold);
+ printf(" prefix \"%s\"", loginfo->prefix);
+ printf(" queue_threshold %u", (unsigned int)loginfo->qthreshold);
}
static struct xtables_target ulog_tg_reg = {
diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c
index fa6cc1e4..a592f0d5 100644
--- a/extensions/libipt_addrtype.c
+++ b/extensions/libipt_addrtype.c
@@ -203,8 +203,6 @@ static void print_types(uint16_t mask)
printf("%s%s", sep, rtn_names[i]);
sep = ",";
}
-
- printf(" ");
}
static void addrtype_print_v0(const void *ip, const struct xt_entry_match *match,
@@ -213,15 +211,15 @@ static void addrtype_print_v0(const void *ip, const struct xt_entry_match *match
const struct ipt_addrtype_info *info =
(struct ipt_addrtype_info *) match->data;
- printf("ADDRTYPE match ");
+ printf(" ADDRTYPE match");
if (info->source) {
- printf("src-type ");
+ printf(" src-type ");
if (info->invert_source)
printf("!");
print_types(info->source);
}
if (info->dest) {
- printf("dst-type ");
+ printf(" dst-type");
if (info->invert_dest)
printf("!");
print_types(info->dest);
@@ -234,24 +232,24 @@ static void addrtype_print_v1(const void *ip, const struct xt_entry_match *match
const struct ipt_addrtype_info_v1 *info =
(struct ipt_addrtype_info_v1 *) match->data;
- printf("ADDRTYPE match ");
+ printf(" ADDRTYPE match");
if (info->source) {
- printf("src-type ");
+ printf(" src-type ");
if (info->flags & IPT_ADDRTYPE_INVERT_SOURCE)
printf("!");
print_types(info->source);
}
if (info->dest) {
- printf("dst-type ");
+ printf(" dst-type ");
if (info->flags & IPT_ADDRTYPE_INVERT_DEST)
printf("!");
print_types(info->dest);
}
if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_IN) {
- printf("limit-in ");
+ printf(" limit-in");
}
if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_OUT) {
- printf("limit-out ");
+ printf(" limit-out");
}
}
@@ -262,14 +260,14 @@ static void addrtype_save_v0(const void *ip, const struct xt_entry_match *match)
if (info->source) {
if (info->invert_source)
- printf("! ");
- printf("--src-type ");
+ printf(" !");
+ printf(" --src-type ");
print_types(info->source);
}
if (info->dest) {
if (info->invert_dest)
- printf("! ");
- printf("--dst-type ");
+ printf(" !");
+ printf(" --dst-type ");
print_types(info->dest);
}
}
@@ -281,21 +279,21 @@ static void addrtype_save_v1(const void *ip, const struct xt_entry_match *match)
if (info->source) {
if (info->flags & IPT_ADDRTYPE_INVERT_SOURCE)
- printf("! ");
- printf("--src-type ");
+ printf(" !");
+ printf(" --src-type ");
print_types(info->source);
}
if (info->dest) {
if (info->flags & IPT_ADDRTYPE_INVERT_DEST)
- printf("! ");
- printf("--dst-type ");
+ printf(" !");
+ printf(" --dst-type ");
print_types(info->dest);
}
if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_IN) {
- printf("--limit-iface-in ");
+ printf(" --limit-iface-in");
}
if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_OUT) {
- printf("--limit-iface-out ");
+ printf(" --limit-iface-out");
}
}
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index 93590620..c50eecc4 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -111,7 +111,6 @@ print_spis(const char *name, uint32_t min, uint32_t max,
printf(":");
printf("%u",max);
}
- printf(" ");
}
}
@@ -120,11 +119,11 @@ static void ah_print(const void *ip, const struct xt_entry_match *match,
{
const struct ipt_ah *ah = (struct ipt_ah *)match->data;
- printf("ah ");
+ printf(" ah ");
print_spis("spi", ah->spis[0], ah->spis[1],
ah->invflags & IPT_AH_INV_SPI);
if (ah->invflags & ~IPT_AH_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
ah->invflags & ~IPT_AH_INV_MASK);
}
@@ -134,15 +133,15 @@ static void ah_save(const void *ip, const struct xt_entry_match *match)
if (!(ahinfo->spis[0] == 0
&& ahinfo->spis[1] == 0xFFFFFFFF)) {
- printf("%s--ahspi ",
- (ahinfo->invflags & IPT_AH_INV_SPI) ? "! " : "");
+ printf("%s --ahspi ",
+ (ahinfo->invflags & IPT_AH_INV_SPI) ? " !" : "");
if (ahinfo->spis[0]
!= ahinfo->spis[1])
- printf("%u:%u ",
+ printf("%u:%u",
ahinfo->spis[0],
ahinfo->spis[1]);
else
- printf("%u ",
+ printf("%u",
ahinfo->spis[0]);
}
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c
index 27e46b3d..81d7b58b 100644
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -94,24 +94,22 @@ static void ecn_print(const void *ip, const struct xt_entry_match *match,
const struct ipt_ecn_info *einfo =
(const struct ipt_ecn_info *)match->data;
- printf("ECN match ");
+ printf(" ECN match");
if (einfo->operation & IPT_ECN_OP_MATCH_ECE) {
- if (einfo->invert & IPT_ECN_OP_MATCH_ECE)
- fputc('!', stdout);
- printf("ECE ");
+ printf(" %sECE",
+ (einfo->invert & IPT_ECN_OP_MATCH_ECE) ? "!" : "");
}
if (einfo->operation & IPT_ECN_OP_MATCH_CWR) {
- if (einfo->invert & IPT_ECN_OP_MATCH_CWR)
- fputc('!', stdout);
- printf("CWR ");
+ printf(" %sCWR",
+ (einfo->invert & IPT_ECN_OP_MATCH_CWR) ? "!" : "");
}
if (einfo->operation & IPT_ECN_OP_MATCH_IP) {
- if (einfo->invert & IPT_ECN_OP_MATCH_IP)
- fputc('!', stdout);
- printf("ECT=%d ", einfo->ip_ect);
+ printf(" %sECT=%d",
+ (einfo->invert & IPT_ECN_OP_MATCH_IP) ? "!" : "",
+ einfo->ip_ect);
}
}
@@ -122,20 +120,20 @@ static void ecn_save(const void *ip, const struct xt_entry_match *match)
if (einfo->operation & IPT_ECN_OP_MATCH_ECE) {
if (einfo->invert & IPT_ECN_OP_MATCH_ECE)
- printf("! ");
- printf("--ecn-tcp-ece ");
+ printf(" !");
+ printf(" --ecn-tcp-ece");
}
if (einfo->operation & IPT_ECN_OP_MATCH_CWR) {
if (einfo->invert & IPT_ECN_OP_MATCH_CWR)
- printf("! ");
- printf("--ecn-tcp-cwr ");
+ printf(" !");
+ printf(" --ecn-tcp-cwr");
}
if (einfo->operation & IPT_ECN_OP_MATCH_IP) {
if (einfo->invert & IPT_ECN_OP_MATCH_IP)
- printf("! ");
- printf("--ecn-ip-ect %d", einfo->ip_ect);
+ printf(" !");
+ printf(" --ecn-ip-ect %d", einfo->ip_ect);
}
}
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index a233520e..c75713d2 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -211,7 +211,7 @@ static void print_icmptype(uint8_t type,
break;
if (i != ARRAY_SIZE(icmp_codes)) {
- printf("%s%s ",
+ printf(" %s%s",
invert ? "!" : "",
icmp_codes[i].name);
return;
@@ -219,15 +219,13 @@ static void print_icmptype(uint8_t type,
}
if (invert)
- printf("!");
+ printf(" !");
printf("type %u", type);
- if (code_min == 0 && code_max == 0xFF)
- printf(" ");
- else if (code_min == code_max)
- printf(" code %u ", code_min);
- else
- printf(" codes %u-%u ", code_min, code_max);
+ if (code_min == code_max)
+ printf(" code %u", code_min);
+ else if (code_min != 0 || code_max != 0xFF)
+ printf(" codes %u-%u", code_min, code_max);
}
static void icmp_print(const void *ip, const struct xt_entry_match *match,
@@ -235,13 +233,13 @@ static void icmp_print(const void *ip, const struct xt_entry_match *match,
{
const struct ipt_icmp *icmp = (struct ipt_icmp *)match->data;
- printf("icmp ");
+ printf(" icmp");
print_icmptype(icmp->type, icmp->code[0], icmp->code[1],
icmp->invflags & IPT_ICMP_INV,
numeric);
if (icmp->invflags & ~IPT_ICMP_INV)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
icmp->invflags & ~IPT_ICMP_INV);
}
@@ -250,16 +248,15 @@ static void icmp_save(const void *ip, const struct xt_entry_match *match)
const struct ipt_icmp *icmp = (struct ipt_icmp *)match->data;
if (icmp->invflags & IPT_ICMP_INV)
- printf("! ");
+ printf(" !");
/* special hack for 'any' case */
if (icmp->type == 0xFF) {
- printf("--icmp-type any ");
+ printf(" --icmp-type any");
} else {
- printf("--icmp-type %u", icmp->type);
+ printf(" --icmp-type %u", icmp->type);
if (icmp->code[0] != 0 || icmp->code[1] != 0xFF)
printf("/%u", icmp->code[0]);
- printf(" ");
}
}
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index a5ec6d8c..a2505706 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -190,14 +190,14 @@ print_realm(unsigned long id, unsigned long mask, int numeric)
const char* name = NULL;
if (mask != 0xffffffff)
- printf("0x%lx/0x%lx ", id, mask);
+ printf(" 0x%lx/0x%lx", id, mask);
else {
if (numeric == 0)
name = realm_id2name(id);
if (name)
- printf("%s ", name);
+ printf(" %s", name);
else
- printf("0x%lx ", id);
+ printf(" 0x%lx", id);
}
}
@@ -207,9 +207,9 @@ static void realm_print(const void *ip, const struct xt_entry_match *match,
const struct ipt_realm_info *ri = (const void *)match->data;
if (ri->invert)
- printf("! ");
+ printf(" !");
- printf("realm ");
+ printf(" realm");
print_realm(ri->id, ri->mask, numeric);
}
@@ -218,9 +218,9 @@ static void realm_save(const void *ip, const struct xt_entry_match *match)
const struct ipt_realm_info *ri = (const void *)match->data;
if (ri->invert)
- printf("! ");
+ printf(" !");
- printf("--realm ");
+ printf(" --realm");
print_realm(ri->id, ri->mask, 0);
}
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 05de9f79..07fa3c40 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -92,22 +92,22 @@ static void ttl_print(const void *ip, const struct xt_entry_match *match,
const struct ipt_ttl_info *info =
(struct ipt_ttl_info *) match->data;
- printf("TTL match ");
+ printf(" TTL match ");
switch (info->mode) {
case IPT_TTL_EQ:
- printf("TTL == ");
+ printf("TTL ==");
break;
case IPT_TTL_NE:
- printf("TTL != ");
+ printf("TTL !=");
break;
case IPT_TTL_LT:
- printf("TTL < ");
+ printf("TTL <");
break;
case IPT_TTL_GT:
- printf("TTL > ");
+ printf("TTL >");
break;
}
- printf("%u ", info->ttl);
+ printf(" %u", info->ttl);
}
static void ttl_save(const void *ip, const struct xt_entry_match *match)
@@ -117,22 +117,22 @@ static void ttl_save(const void *ip, const struct xt_entry_match *match)
switch (info->mode) {
case IPT_TTL_EQ:
- printf("--ttl-eq ");
+ printf(" --ttl-eq");
break;
case IPT_TTL_NE:
- printf("! --ttl-eq ");
+ printf(" ! --ttl-eq");
break;
case IPT_TTL_LT:
- printf("--ttl-lt ");
+ printf(" --ttl-lt");
break;
case IPT_TTL_GT:
- printf("--ttl-gt ");
+ printf(" --ttl-gt");
break;
default:
/* error */
break;
}
- printf("%u ", info->ttl);
+ printf(" %u", info->ttl);
}
static const struct option ttl_opts[] = {
diff --git a/extensions/libxt_AUDIT.c b/extensions/libxt_AUDIT.c
index 1f2dee44..a6ab37f9 100644
--- a/extensions/libxt_AUDIT.c
+++ b/extensions/libxt_AUDIT.c
@@ -70,7 +70,7 @@ static void audit_print(const void *ip, const struct xt_entry_target *target,
const struct xt_audit_info *einfo =
(const struct xt_audit_info *)target->data;
- printf("AUDIT ");
+ printf(" AUDIT ");
switch(einfo->type) {
case XT_AUDIT_TYPE_ACCEPT:
@@ -92,13 +92,13 @@ static void audit_save(const void *ip, const struct xt_entry_target *target)
switch(einfo->type) {
case XT_AUDIT_TYPE_ACCEPT:
- printf("--type=accept");
+ printf(" --type accept");
break;
case XT_AUDIT_TYPE_DROP:
- printf("--type=drop");
+ printf(" --type drop");
break;
case XT_AUDIT_TYPE_REJECT:
- printf("--type=reject");
+ printf(" --type reject");
break;
}
}
diff --git a/extensions/libxt_CHECKSUM.c b/extensions/libxt_CHECKSUM.c
index a4a60b33..83b3d699 100644
--- a/extensions/libxt_CHECKSUM.c
+++ b/extensions/libxt_CHECKSUM.c
@@ -60,10 +60,10 @@ static void CHECKSUM_print(const void *ip, const struct xt_entry_target *target,
const struct xt_CHECKSUM_info *einfo =
(const struct xt_CHECKSUM_info *)target->data;
- printf("CHECKSUM ");
+ printf(" CHECKSUM");
if (einfo->operation & XT_CHECKSUM_OP_FILL)
- printf("fill ");
+ printf(" fill");
}
static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target)
@@ -72,7 +72,7 @@ static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target)
(const struct xt_CHECKSUM_info *)target->data;
if (einfo->operation & XT_CHECKSUM_OP_FILL)
- printf("--checksum-fill ");
+ printf(" --checksum-fill");
}
static struct xtables_target checksum_tg_reg = {
diff --git a/extensions/libxt_CLASSIFY.c b/extensions/libxt_CLASSIFY.c
index 2920ee8d..e9a03650 100644
--- a/extensions/libxt_CLASSIFY.c
+++ b/extensions/libxt_CLASSIFY.c
@@ -69,7 +69,7 @@ CLASSIFY_final_check(unsigned int flags)
static void
CLASSIFY_print_class(unsigned int priority, int numeric)
{
- printf("%x:%x ", TC_H_MAJ(priority)>>16, TC_H_MIN(priority));
+ printf(" %x:%x", TC_H_MAJ(priority)>>16, TC_H_MIN(priority));
}
static void
@@ -79,7 +79,7 @@ CLASSIFY_print(const void *ip,
{
const struct xt_classify_target_info *clinfo =
(const struct xt_classify_target_info *)target->data;
- printf("CLASSIFY set ");
+ printf(" CLASSIFY set");
CLASSIFY_print_class(clinfo->priority, numeric);
}
@@ -89,7 +89,7 @@ CLASSIFY_save(const void *ip, const struct xt_entry_target *target)
const struct xt_classify_target_info *clinfo =
(const struct xt_classify_target_info *)target->data;
- printf("--set-class %.4x:%.4x ",
+ printf(" --set-class %.4x:%.4x",
TC_H_MAJ(clinfo->priority)>>16, TC_H_MIN(clinfo->priority));
}
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index 4657411b..dbb9dc50 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -282,22 +282,20 @@ static void CONNMARK_print(const void *ip,
(const struct xt_connmark_target_info *)target->data;
switch (markinfo->mode) {
case XT_CONNMARK_SET:
- printf("CONNMARK set ");
+ printf(" CONNMARK set ");
print_mark(markinfo->mark);
print_mask("/", markinfo->mask);
- printf(" ");
break;
case XT_CONNMARK_SAVE:
- printf("CONNMARK save ");
+ printf(" CONNMARK save ");
print_mask("mask ", markinfo->mask);
- printf(" ");
break;
case XT_CONNMARK_RESTORE:
- printf("CONNMARK restore ");
+ printf(" CONNMARK restore ");
print_mask("mask ", markinfo->mask);
break;
default:
- printf("ERROR: UNKNOWN CONNMARK MODE ");
+ printf(" ERROR: UNKNOWN CONNMARK MODE");
break;
}
}
@@ -311,39 +309,39 @@ connmark_tg_print(const void *ip, const struct xt_entry_target *target,
switch (info->mode) {
case XT_CONNMARK_SET:
if (info->ctmark == 0)
- printf("CONNMARK and 0x%x ",
+ printf(" CONNMARK and 0x%x",
(unsigned int)(uint32_t)~info->ctmask);
else if (info->ctmark == info->ctmask)
- printf("CONNMARK or 0x%x ", info->ctmark);
+ printf(" CONNMARK or 0x%x", info->ctmark);
else if (info->ctmask == 0)
- printf("CONNMARK xor 0x%x ", info->ctmark);
+ printf(" CONNMARK xor 0x%x", info->ctmark);
else if (info->ctmask == 0xFFFFFFFFU)
- printf("CONNMARK set 0x%x ", info->ctmark);
+ printf(" CONNMARK set 0x%x", info->ctmark);
else
- printf("CONNMARK xset 0x%x/0x%x ",
+ printf(" CONNMARK xset 0x%x/0x%x",
info->ctmark, info->ctmask);
break;
case XT_CONNMARK_SAVE:
if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX)
- printf("CONNMARK save ");
+ printf(" CONNMARK save");
else if (info->nfmask == info->ctmask)
- printf("CONNMARK save mask 0x%x ", info->nfmask);
+ printf(" CONNMARK save mask 0x%x", info->nfmask);
else
- printf("CONNMARK save nfmask 0x%x ctmask ~0x%x ",
+ printf(" CONNMARK save nfmask 0x%x ctmask ~0x%x",
info->nfmask, info->ctmask);
break;
case XT_CONNMARK_RESTORE:
if (info->ctmask == UINT32_MAX && info->nfmask == UINT32_MAX)
- printf("CONNMARK restore ");
+ printf(" CONNMARK restore");
else if (info->ctmask == info->nfmask)
- printf("CONNMARK restore mask 0x%x ", info->ctmask);
+ printf(" CONNMARK restore mask 0x%x", info->ctmask);
else
- printf("CONNMARK restore ctmask 0x%x nfmask ~0x%x ",
+ printf(" CONNMARK restore ctmask 0x%x nfmask ~0x%x",
info->ctmask, info->nfmask);
break;
default:
- printf("ERROR: UNKNOWN CONNMARK MODE");
+ printf(" ERROR: UNKNOWN CONNMARK MODE");
break;
}
}
@@ -355,21 +353,20 @@ static void CONNMARK_save(const void *ip, const struct xt_entry_target *target)
switch (markinfo->mode) {
case XT_CONNMARK_SET:
- printf("--set-mark ");
+ printf(" --set-mark ");
print_mark(markinfo->mark);
print_mask("/", markinfo->mask);
- printf(" ");
break;
case XT_CONNMARK_SAVE:
- printf("--save-mark ");
+ printf(" --save-mark ");
print_mask("--mask ", markinfo->mask);
break;
case XT_CONNMARK_RESTORE:
- printf("--restore-mark ");
+ printf(" --restore-mark ");
print_mask("--mask ", markinfo->mask);
break;
default:
- printf("ERROR: UNKNOWN CONNMARK MODE ");
+ printf(" ERROR: UNKNOWN CONNMARK MODE");
break;
}
}
@@ -389,18 +386,18 @@ connmark_tg_save(const void *ip, const struct xt_entry_target *target)
switch (info->mode) {
case XT_CONNMARK_SET:
- printf("--set-xmark 0x%x/0x%x ", info->ctmark, info->ctmask);
+ printf(" --set-xmark 0x%x/0x%x", info->ctmark, info->ctmask);
break;
case XT_CONNMARK_SAVE:
- printf("--save-mark --nfmask 0x%x --ctmask 0x%x ",
+ printf(" --save-mark --nfmask 0x%x --ctmask 0x%x",
info->nfmask, info->ctmask);
break;
case XT_CONNMARK_RESTORE:
- printf("--restore-mark --nfmask 0x%x --ctmask 0x%x ",
+ printf(" --restore-mark --nfmask 0x%x --ctmask 0x%x",
info->nfmask, info->ctmask);
break;
default:
- printf("ERROR: UNKNOWN CONNMARK MODE");
+ printf(" ERROR: UNKNOWN CONNMARK MODE");
break;
}
}
diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c
index 75d0e3b1..6b161f3b 100644
--- a/extensions/libxt_CONNSECMARK.c
+++ b/extensions/libxt_CONNSECMARK.c
@@ -71,11 +71,11 @@ static void print_connsecmark(const struct xt_connsecmark_target_info *info)
{
switch (info->mode) {
case CONNSECMARK_SAVE:
- printf("save ");
+ printf("save");
break;
case CONNSECMARK_RESTORE:
- printf("restore ");
+ printf("restore");
break;
default:
@@ -90,7 +90,7 @@ CONNSECMARK_print(const void *ip, const struct xt_entry_target *target,
const struct xt_connsecmark_target_info *info =
(struct xt_connsecmark_target_info*)(target)->data;
- printf("CONNSECMARK ");
+ printf(" CONNSECMARK ");
print_connsecmark(info);
}
diff --git a/extensions/libxt_CT.c b/extensions/libxt_CT.c
index 682dd831..38ee17b1 100644
--- a/extensions/libxt_CT.c
+++ b/extensions/libxt_CT.c
@@ -87,14 +87,13 @@ static void ct_print_events(const char *pfx, const struct event_tbl *tbl,
const char *sep = "";
unsigned int i;
- printf("%s ", pfx);
+ printf(" %s ", pfx);
for (i = 0; i < size; i++) {
if (mask & (1 << tbl[i].event)) {
printf("%s%s", sep, tbl[i].name);
sep = ",";
}
}
- printf(" ");
}
static int ct_parse(int c, char **argv, int invert, unsigned int *flags,
@@ -138,11 +137,11 @@ static void ct_print(const void *ip, const struct xt_entry_target *target, int n
const struct xt_ct_target_info *info =
(const struct xt_ct_target_info *)target->data;
- printf("CT ");
+ printf(" CT");
if (info->flags & XT_CT_NOTRACK)
- printf("notrack ");
+ printf(" notrack");
if (info->helper[0])
- printf("helper %s ", info->helper);
+ printf(" helper %s", info->helper);
if (info->ct_events)
ct_print_events("ctevents", ct_event_tbl,
ARRAY_SIZE(ct_event_tbl), info->ct_events);
@@ -159,9 +158,9 @@ static void ct_save(const void *ip, const struct xt_entry_target *target)
(const struct xt_ct_target_info *)target->data;
if (info->flags & XT_CT_NOTRACK)
- printf("--notrack ");
+ printf(" --notrack");
if (info->helper[0])
- printf("--helper %s ", info->helper);
+ printf(" --helper %s", info->helper);
if (info->ct_events)
ct_print_events("--ctevents", ct_event_tbl,
ARRAY_SIZE(ct_event_tbl), info->ct_events);
@@ -169,7 +168,7 @@ static void ct_save(const void *ip, const struct xt_entry_target *target)
ct_print_events("--expevents", exp_event_tbl,
ARRAY_SIZE(exp_event_tbl), info->exp_events);
if (info->zone)
- printf("--zone %u ", info->zone);
+ printf(" --zone %u", info->zone);
}
static struct xtables_target ct_target = {
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index 468516c1..db27d68f 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -107,7 +107,7 @@ static void DSCP_check(unsigned int flags)
static void
print_dscp(uint8_t dscp, int numeric)
{
- printf("0x%02x ", dscp);
+ printf(" 0x%02x", dscp);
}
static void DSCP_print(const void *ip, const struct xt_entry_target *target,
@@ -115,7 +115,7 @@ static void DSCP_print(const void *ip, const struct xt_entry_target *target,
{
const struct xt_DSCP_info *dinfo =
(const struct xt_DSCP_info *)target->data;
- printf("DSCP set ");
+ printf(" DSCP set");
print_dscp(dinfo->dscp, numeric);
}
@@ -124,7 +124,7 @@ static void DSCP_save(const void *ip, const struct xt_entry_target *target)
const struct xt_DSCP_info *dinfo =
(const struct xt_DSCP_info *)target->data;
- printf("--set-dscp 0x%02x ", dinfo->dscp);
+ printf(" --set-dscp 0x%02x", dinfo->dscp);
}
static struct xtables_target dscp_target = {
diff --git a/extensions/libxt_IDLETIMER.c b/extensions/libxt_IDLETIMER.c
index 05db0e91..847ab180 100644
--- a/extensions/libxt_IDLETIMER.c
+++ b/extensions/libxt_IDLETIMER.c
@@ -100,8 +100,8 @@ static void idletimer_tg_print(const void *ip,
struct idletimer_tg_info *info =
(struct idletimer_tg_info *) target->data;
- printf("timeout:%u ", info->timeout);
- printf("label:%s ", info->label);
+ printf(" timeout:%u", info->timeout);
+ printf(" label:%s", info->label);
}
static void idletimer_tg_save(const void *ip,
@@ -110,8 +110,8 @@ static void idletimer_tg_save(const void *ip,
struct idletimer_tg_info *info =
(struct idletimer_tg_info *) target->data;
- printf("--timeout %u ", info->timeout);
- printf("--label %s ", info->label);
+ printf(" --timeout %u", info->timeout);
+ printf(" --label %s", info->label);
}
static struct xtables_target idletimer_tg_reg = {
diff --git a/extensions/libxt_LED.c b/extensions/libxt_LED.c
index ca1b6ed4..9e8b9b01 100644
--- a/extensions/libxt_LED.c
+++ b/extensions/libxt_LED.c
@@ -91,22 +91,22 @@ static void LED_print(const void *ip, const struct xt_entry_target *target,
const struct xt_led_info *led = (void *)target->data;
const char *id = led->id + strlen("netfilter-"); /* trim off prefix */
- printf("led-trigger-id:\"");
+ printf(" led-trigger-id:\"");
/* Escape double quotes and backslashes in the ID */
while (*id != '\0') {
if (*id == '"' || *id == '\\')
printf("\\");
printf("%c", *id++);
}
- printf("\" ");
+ printf("\"");
if (led->delay == -1)
- printf("led-delay:inf ");
+ printf(" led-delay:inf");
else
- printf("led-delay:%dms ", led->delay);
+ printf(" led-delay:%dms", led->delay);
if (led->always_blink)
- printf("led-always-blink ");
+ printf(" led-always-blink");
}
static void LED_save(const void *ip, const struct xt_entry_target *target)
@@ -114,24 +114,24 @@ static void LED_save(const void *ip, const struct xt_entry_target *target)
const struct xt_led_info *led = (void *)target->data;
const char *id = led->id + strlen("netfilter-"); /* trim off prefix */
- printf("--led-trigger-id \"");
+ printf(" --led-trigger-id \"");
/* Escape double quotes and backslashes in the ID */
while (*id != '\0') {
if (*id == '"' || *id == '\\')
printf("\\");
printf("%c", *id++);
}
- printf("\" ");
+ printf("\"");
/* Only print the delay if it's not zero (the default) */
if (led->delay > 0)
- printf("--led-delay %d ", led->delay);
+ printf(" --led-delay %d", led->delay);
else if (led->delay == -1)
- printf("--led-delay inf ");
+ printf(" --led-delay inf");
/* Only print always_blink if it's not set to the default */
if (led->always_blink)
- printf("--led-always-blink ");
+ printf(" --led-always-blink");
}
static struct xtables_target led_tg_reg = {
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index cbb18bad..885cf2f2 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -205,7 +205,7 @@ static void mark_tg_check(unsigned int flags)
static void
print_mark(unsigned long mark)
{
- printf("0x%lx ", mark);
+ printf(" 0x%lx", mark);
}
static void MARK_print_v0(const void *ip,
@@ -213,7 +213,7 @@ static void MARK_print_v0(const void *ip,
{
const struct xt_mark_target_info *markinfo =
(const struct xt_mark_target_info *)target->data;
- printf("MARK set ");
+ printf(" MARK set");
print_mark(markinfo->mark);
}
@@ -222,7 +222,7 @@ static void MARK_save_v0(const void *ip, const struct xt_entry_target *target)
const struct xt_mark_target_info *markinfo =
(const struct xt_mark_target_info *)target->data;
- printf("--set-mark ");
+ printf(" --set-mark");
print_mark(markinfo->mark);
}
@@ -234,13 +234,13 @@ static void MARK_print_v1(const void *ip, const struct xt_entry_target *target,
switch (markinfo->mode) {
case XT_MARK_SET:
- printf("MARK set ");
+ printf(" MARK set");
break;
case XT_MARK_AND:
- printf("MARK and ");
+ printf(" MARK and");
break;
case XT_MARK_OR:
- printf("MARK or ");
+ printf(" MARK or");
break;
}
print_mark(markinfo->mark);
@@ -252,15 +252,15 @@ static void mark_tg_print(const void *ip, const struct xt_entry_target *target,
const struct xt_mark_tginfo2 *info = (const void *)target->data;
if (info->mark == 0)
- printf("MARK and 0x%x ", (unsigned int)(uint32_t)~info->mask);
+ printf(" MARK and 0x%x", (unsigned int)(uint32_t)~info->mask);
else if (info->mark == info->mask)
- printf("MARK or 0x%x ", info->mark);
+ printf(" MARK or 0x%x", info->mark);
else if (info->mask == 0)
- printf("MARK xor 0x%x ", info->mark);
+ printf(" MARK xor 0x%x", info->mark);
else if (info->mask == 0xffffffffU)
- printf("MARK set 0x%x ", info->mark);
+ printf(" MARK set 0x%x", info->mark);
else
- printf("MARK xset 0x%x/0x%x ", info->mark, info->mask);
+ printf(" MARK xset 0x%x/0x%x", info->mark, info->mask);
}
static void MARK_save_v1(const void *ip, const struct xt_entry_target *target)
@@ -270,13 +270,13 @@ static void MARK_save_v1(const void *ip, const struct xt_entry_target *target)
switch (markinfo->mode) {
case XT_MARK_SET:
- printf("--set-mark ");
+ printf(" --set-mark");
break;
case XT_MARK_AND:
- printf("--and-mark ");
+ printf(" --and-mark");
break;
case XT_MARK_OR:
- printf("--or-mark ");
+ printf(" --or-mark");
break;
}
print_mark(markinfo->mark);
@@ -286,7 +286,7 @@ static void mark_tg_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_mark_tginfo2 *info = (const void *)target->data;
- printf("--set-xmark 0x%x/0x%x ", info->mark, info->mask);
+ printf(" --set-xmark 0x%x/0x%x", info->mark, info->mask);
}
static struct xtables_target mark_tg_reg[] = {
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 2da5d641..b4fdc482 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -111,15 +111,15 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
static void nflog_print(const struct xt_nflog_info *info, char *prefix)
{
if (info->prefix[0] != '\0') {
- printf("%snflog-prefix ", prefix);
+ printf(" %snflog-prefix ", prefix);
xtables_save_string(info->prefix);
}
if (info->group)
- printf("%snflog-group %u ", prefix, info->group);
+ printf(" %snflog-group %u", prefix, info->group);
if (info->len)
- printf("%snflog-range %u ", prefix, info->len);
+ printf(" %snflog-range %u", prefix, info->len);
if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
- printf("%snflog-threshold %u ", prefix, info->threshold);
+ printf(" %snflog-threshold %u", prefix, info->threshold);
}
static void NFLOG_print(const void *ip, const struct xt_entry_target *target,
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index 6c448425..7f2aab16 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -142,7 +142,7 @@ static void NFQUEUE_print(const void *ip,
{
const struct xt_NFQ_info *tinfo =
(const struct xt_NFQ_info *)target->data;
- printf("NFQUEUE num %u", tinfo->queuenum);
+ printf(" NFQUEUE num %u", tinfo->queuenum);
}
static void NFQUEUE_print_v1(const void *ip,
@@ -153,9 +153,9 @@ static void NFQUEUE_print_v1(const void *ip,
if (last > 1) {
last += tinfo->queuenum - 1;
- printf("NFQUEUE balance %u:%u", tinfo->queuenum, last);
+ printf(" NFQUEUE balance %u:%u", tinfo->queuenum, last);
} else {
- printf("NFQUEUE num %u", tinfo->queuenum);
+ printf(" NFQUEUE num %u", tinfo->queuenum);
}
}
@@ -174,7 +174,7 @@ static void NFQUEUE_save(const void *ip, const struct xt_entry_target *target)
const struct xt_NFQ_info *tinfo =
(const struct xt_NFQ_info *)target->data;
- printf("--queue-num %u ", tinfo->queuenum);
+ printf(" --queue-num %u", tinfo->queuenum);
}
static void NFQUEUE_save_v1(const void *ip, const struct xt_entry_target *target)
@@ -184,9 +184,9 @@ static void NFQUEUE_save_v1(const void *ip, const struct xt_entry_target *target
if (last > 1) {
last += tinfo->queuenum - 1;
- printf("--queue-balance %u:%u ", tinfo->queuenum, last);
+ printf(" --queue-balance %u:%u", tinfo->queuenum, last);
} else {
- printf("--queue-num %u ", tinfo->queuenum);
+ printf(" --queue-num %u", tinfo->queuenum);
}
}
diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c
index 173fee36..eb3cdd95 100644
--- a/extensions/libxt_RATEEST.c
+++ b/extensions/libxt_RATEEST.c
@@ -75,11 +75,11 @@ RATEEST_print_time(unsigned int time)
double tmp = time;
if (tmp >= TIME_UNITS_PER_SEC)
- printf("%.1fs ", tmp/TIME_UNITS_PER_SEC);
+ printf(" %.1fs", tmp / TIME_UNITS_PER_SEC);
else if (tmp >= TIME_UNITS_PER_SEC/1000)
- printf("%.1fms ", tmp/(TIME_UNITS_PER_SEC/1000));
+ printf(" %.1fms", tmp / (TIME_UNITS_PER_SEC / 1000));
else
- printf("%uus ", time);
+ printf(" %uus", time);
}
static void
@@ -179,10 +179,10 @@ __RATEEST_print(const struct xt_entry_target *target, const char *prefix)
local_interval = (TIME_UNITS_PER_SEC << (info->interval + 2)) / 4;
local_ewma_log = local_interval * (1 << (info->ewma_log));
- printf("%sname %s ", prefix, info->name);
- printf("%sinterval ", prefix);
+ printf(" %sname %s", prefix, info->name);
+ printf(" %sinterval", prefix);
RATEEST_print_time(local_interval);
- printf("%sewmalog ", prefix);
+ printf(" %sewmalog", prefix);
RATEEST_print_time(local_ewma_log);
}
diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c
index b800d4a4..5ad84866 100644
--- a/extensions/libxt_SECMARK.c
+++ b/extensions/libxt_SECMARK.c
@@ -64,7 +64,7 @@ static void print_secmark(const struct xt_secmark_target_info *info)
{
switch (info->mode) {
case SECMARK_MODE_SEL:
- printf("selctx %s ", info->secctx);
+ printf("selctx %s", info->secctx);
break;
default:
@@ -78,7 +78,7 @@ static void SECMARK_print(const void *ip, const struct xt_entry_target *target,
const struct xt_secmark_target_info *info =
(struct xt_secmark_target_info*)(target)->data;
- printf("SECMARK ");
+ printf(" SECMARK ");
print_secmark(info);
}
@@ -87,7 +87,7 @@ static void SECMARK_save(const void *ip, const struct xt_entry_target *target)
const struct xt_secmark_target_info *info =
(struct xt_secmark_target_info*)target->data;
- printf("--");
+ printf(" --");
print_secmark(info);
}
diff --git a/extensions/libxt_SET.c b/extensions/libxt_SET.c
index 37da6ec1..2f915bcd 100644
--- a/extensions/libxt_SET.c
+++ b/extensions/libxt_SET.c
@@ -115,7 +115,7 @@ print_target_v0(const char *prefix, const struct xt_set_info_v0 *info)
if (info->index == IPSET_INVALID_ID)
return;
get_set_byid(setname, info->index);
- printf("%s %s", prefix, setname);
+ printf(" %s %s", prefix, setname);
for (i = 0; i < IPSET_DIM_MAX; i++) {
if (!info->u.flags[i])
break;
@@ -123,7 +123,6 @@ print_target_v0(const char *prefix, const struct xt_set_info_v0 *info)
i == 0 ? " " : ",",
info->u.flags[i] & IPSET_SRC ? "src" : "dst");
}
- printf(" ");
}
static void
@@ -214,13 +213,12 @@ print_target(const char *prefix, const struct xt_set_info *info)
if (info->index == IPSET_INVALID_ID)
return;
get_set_byid(setname, info->index);
- printf("%s %s", prefix, setname);
+ printf(" %s %s", prefix, setname);
for (i = 1; i <= info->dim; i++) {
printf("%s%s",
i == 1 ? " " : ",",
info->flags & (1 << i) ? "src" : "dst");
}
- printf(" ");
}
static void
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 1468deeb..e15e87a8 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -101,9 +101,9 @@ static void TCPMSS_print(const void *ip, const struct xt_entry_target *target,
const struct xt_tcpmss_info *mssinfo =
(const struct xt_tcpmss_info *)target->data;
if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
- printf("TCPMSS clamp to PMTU ");
+ printf(" TCPMSS clamp to PMTU");
else
- printf("TCPMSS set %u ", mssinfo->mss);
+ printf(" TCPMSS set %u", mssinfo->mss);
}
static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
@@ -112,9 +112,9 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
(const struct xt_tcpmss_info *)target->data;
if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU)
- printf("--clamp-mss-to-pmtu ");
+ printf(" --clamp-mss-to-pmtu");
else
- printf("--set-mss %u ", mssinfo->mss);
+ printf(" --set-mss %u", mssinfo->mss);
}
static struct xtables_target tcpmss_target = {
diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c
index 66ab46d2..34f3562b 100644
--- a/extensions/libxt_TCPOPTSTRIP.c
+++ b/extensions/libxt_TCPOPTSTRIP.c
@@ -163,7 +163,7 @@ tcpoptstrip_tg_print(const void *ip, const struct xt_entry_target *target,
const struct xt_tcpoptstrip_target_info *info =
(const void *)target->data;
- printf("TCPOPTSTRIP options ");
+ printf(" TCPOPTSTRIP options ");
tcpoptstrip_print_list(info, numeric);
}
@@ -173,7 +173,7 @@ tcpoptstrip_tg_save(const void *ip, const struct xt_entry_target *target)
const struct xt_tcpoptstrip_target_info *info =
(const void *)target->data;
- printf("--strip-options ");
+ printf(" --strip-options ");
tcpoptstrip_print_list(info, true);
}
diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c
index e4c0607e..00a4de67 100644
--- a/extensions/libxt_TEE.c
+++ b/extensions/libxt_TEE.c
@@ -127,11 +127,11 @@ static void tee_tg_print(const void *ip, const struct xt_entry_target *target,
const struct xt_tee_tginfo *info = (const void *)target->data;
if (numeric)
- printf("TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in));
+ printf(" TEE gw:%s", xtables_ipaddr_to_numeric(&info->gw.in));
else
- printf("TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in));
+ printf(" TEE gw:%s", xtables_ipaddr_to_anyname(&info->gw.in));
if (*info->oif != '\0')
- printf("oif=%s ", info->oif);
+ printf(" oif=%s", info->oif);
}
static void tee_tg6_print(const void *ip, const struct xt_entry_target *target,
@@ -140,29 +140,29 @@ static void tee_tg6_print(const void *ip, const struct xt_entry_target *target,
const struct xt_tee_tginfo *info = (const void *)target->data;
if (numeric)
- printf("TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6));
+ printf(" TEE gw:%s", xtables_ip6addr_to_numeric(&info->gw.in6));
else
- printf("TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6));
+ printf(" TEE gw:%s", xtables_ip6addr_to_anyname(&info->gw.in6));
if (*info->oif != '\0')
- printf("oif=%s ", info->oif);
+ printf(" oif=%s", info->oif);
}
static void tee_tg_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_tee_tginfo *info = (const void *)target->data;
- printf("--gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in));
+ printf(" --gateway %s", xtables_ipaddr_to_numeric(&info->gw.in));
if (*info->oif != '\0')
- printf("--oif %s ", info->oif);
+ printf(" --oif %s", info->oif);
}
static void tee_tg6_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_tee_tginfo *info = (const void *)target->data;
- printf("--gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6));
+ printf(" --gateway %s", xtables_ip6addr_to_numeric(&info->gw.in6));
if (*info->oif != '\0')
- printf("--oif %s ", info->oif);
+ printf(" --oif %s", info->oif);
}
static struct xtables_target tee_tg_reg = {
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index 29bc6937..58ff2fc7 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -163,9 +163,9 @@ static void tos_tg_print_v0(const void *ip,
{
const struct ipt_tos_target_info *info = (const void *)target->data;
- printf("TOS set ");
+ printf(" TOS set ");
if (numeric || !tos_try_print_symbolic("", info->tos, 0xFF))
- printf("0x%02x ", info->tos);
+ printf("0x%02x", info->tos);
}
static void tos_tg_print(const void *ip, const struct xt_entry_target *target,
@@ -174,21 +174,21 @@ static void tos_tg_print(const void *ip, const struct xt_entry_target *target,
const struct xt_tos_target_info *info = (const void *)target->data;
if (numeric)
- printf("TOS set 0x%02x/0x%02x ",
+ printf(" TOS set 0x%02x/0x%02x",
info->tos_value, info->tos_mask);
- else if (tos_try_print_symbolic("TOS set ",
+ else if (tos_try_print_symbolic(" TOS set",
info->tos_value, info->tos_mask))
/* already printed by call */
return;
else if (info->tos_value == 0)
- printf("TOS and 0x%02x ",
+ printf(" TOS and 0x%02x",
(unsigned int)(uint8_t)~info->tos_mask);
else if (info->tos_value == info->tos_mask)
- printf("TOS or 0x%02x ", info->tos_value);
+ printf(" TOS or 0x%02x", info->tos_value);
else if (info->tos_mask == 0)
- printf("TOS xor 0x%02x ", info->tos_value);
+ printf(" TOS xor 0x%02x", info->tos_value);
else
- printf("TOS set 0x%02x/0x%02x ",
+ printf(" TOS set 0x%02x/0x%02x",
info->tos_value, info->tos_mask);
}
@@ -196,14 +196,14 @@ static void tos_tg_save_v0(const void *ip, const struct xt_entry_target *target)
{
const struct ipt_tos_target_info *info = (const void *)target->data;
- printf("--set-tos 0x%02x ", info->tos);
+ printf(" --set-tos 0x%02x", info->tos);
}
static void tos_tg_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_tos_target_info *info = (const void *)target->data;
- printf("--set-tos 0x%02x/0x%02x ", info->tos_value, info->tos_mask);
+ printf(" --set-tos 0x%02x/0x%02x", info->tos_value, info->tos_mask);
}
static struct xtables_target tos_tg_reg[] = {
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index 26419f5d..890dd866 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -169,7 +169,7 @@ static void tproxy_tg_print(const void *ip, const struct xt_entry_target *target
int numeric)
{
const struct xt_tproxy_target_info *info = (const void *)target->data;
- printf("TPROXY redirect %s:%u mark 0x%x/0x%x",
+ printf(" TPROXY redirect %s:%u mark 0x%x/0x%x",
xtables_ipaddr_to_numeric((const struct in_addr *)&info->laddr),
ntohs(info->lport), (unsigned int)info->mark_value,
(unsigned int)info->mark_mask);
@@ -182,7 +182,7 @@ tproxy_tg_print4(const void *ip, const struct xt_entry_target *target,
const struct xt_tproxy_target_info_v1 *info =
(const void *)target->data;
- printf("TPROXY redirect %s:%u mark 0x%x/0x%x",
+ printf(" TPROXY redirect %s:%u mark 0x%x/0x%x",
xtables_ipaddr_to_numeric(&info->laddr.in),
ntohs(info->lport), (unsigned int)info->mark_value,
(unsigned int)info->mark_mask);
@@ -195,7 +195,7 @@ tproxy_tg_print6(const void *ip, const struct xt_entry_target *target,
const struct xt_tproxy_target_info_v1 *info =
(const void *)target->data;
- printf("TPROXY redirect %s:%u mark 0x%x/0x%x",
+ printf(" TPROXY redirect %s:%u mark 0x%x/0x%x",
xtables_ip6addr_to_numeric(&info->laddr.in6),
ntohs(info->lport), (unsigned int)info->mark_value,
(unsigned int)info->mark_mask);
@@ -205,10 +205,10 @@ static void tproxy_tg_save(const void *ip, const struct xt_entry_target *target)
{
const struct xt_tproxy_target_info *info = (const void *)target->data;
- printf("--on-port %u ", ntohs(info->lport));
- printf("--on-ip %s ",
+ printf(" --on-port %u", ntohs(info->lport));
+ printf(" --on-ip %s",
xtables_ipaddr_to_numeric((const struct in_addr *)&info->laddr));
- printf("--tproxy-mark 0x%x/0x%x ",
+ printf(" --tproxy-mark 0x%x/0x%x",
(unsigned int)info->mark_value, (unsigned int)info->mark_mask);
}
@@ -218,9 +218,9 @@ tproxy_tg_save4(const void *ip, const struct xt_entry_target *target)
const struct xt_tproxy_target_info_v1 *info;
info = (const void *)target->data;
- printf("--on-port %u ", ntohs(info->lport));
- printf("--on-ip %s ", xtables_ipaddr_to_numeric(&info->laddr.in));
- printf("--tproxy-mark 0x%x/0x%x ",
+ printf(" --on-port %u", ntohs(info->lport));
+ printf(" --on-ip %s", xtables_ipaddr_to_numeric(&info->laddr.in));
+ printf(" --tproxy-mark 0x%x/0x%x",
(unsigned int)info->mark_value, (unsigned int)info->mark_mask);
}
@@ -230,9 +230,9 @@ tproxy_tg_save6(const void *ip, const struct xt_entry_target *target)
const struct xt_tproxy_target_info_v1 *info;
info = (const void *)target->data;
- printf("--on-port %u ", ntohs(info->lport));
- printf("--on-ip %s ", xtables_ip6addr_to_numeric(&info->laddr.in6));
- printf("--tproxy-mark 0x%x/0x%x ",
+ printf(" --on-port %u", ntohs(info->lport));
+ printf(" --on-ip %s", xtables_ip6addr_to_numeric(&info->laddr.in6));
+ printf(" --tproxy-mark 0x%x/0x%x",
(unsigned int)info->mark_value, (unsigned int)info->mark_mask);
}
diff --git a/extensions/libxt_cluster.c b/extensions/libxt_cluster.c
index c94741fc..edc14d36 100644
--- a/extensions/libxt_cluster.c
+++ b/extensions/libxt_cluster.c
@@ -193,13 +193,13 @@ cluster_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_cluster_match_info *info = (void *)match->data;
- printf("cluster ");
+ printf(" cluster ");
if (info->flags & XT_CLUSTER_F_INV)
- printf("!node_mask=0x%08x ", info->node_mask);
+ printf("!node_mask=0x%08x", info->node_mask);
else
- printf("node_mask=0x%08x ", info->node_mask);
+ printf("node_mask=0x%08x", info->node_mask);
- printf("total_nodes=%u hash_seed=0x%08x ",
+ printf(" total_nodes=%u hash_seed=0x%08x",
info->total_nodes, info->hash_seed);
}
@@ -209,11 +209,11 @@ cluster_save(const void *ip, const struct xt_entry_match *match)
const struct xt_cluster_match_info *info = (void *)match->data;
if (info->flags & XT_CLUSTER_F_INV)
- printf("! --cluster-local-nodemask 0x%08x ", info->node_mask);
+ printf(" ! --cluster-local-nodemask 0x%08x", info->node_mask);
else
- printf("--cluster-local-nodemask 0x%08x ", info->node_mask);
+ printf(" --cluster-local-nodemask 0x%08x", info->node_mask);
- printf("--cluster-total-nodes %u --cluster-hash-seed 0x%08x ",
+ printf(" --cluster-total-nodes %u --cluster-hash-seed 0x%08x",
info->total_nodes, info->hash_seed);
}
diff --git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
index bfdccb27..c10a2540 100644
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -72,7 +72,7 @@ comment_print(const void *ip, const struct xt_entry_match *match, int numeric)
struct xt_comment_info *commentinfo = (void *)match->data;
commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0';
- printf("/* %s */ ", commentinfo->comment);
+ printf(" /* %s */", commentinfo->comment);
}
/* Saves the union ipt_matchinfo in parsable form to stdout. */
@@ -82,7 +82,7 @@ comment_save(const void *ip, const struct xt_entry_match *match)
struct xt_comment_info *commentinfo = (void *)match->data;
commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0';
- printf("--comment ");
+ printf(" --comment");
xtables_save_string(commentinfo->comment);
}
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c
index 7c96c321..1d3391ae 100644
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -105,16 +105,16 @@ static void print_mode(const struct xt_connbytes_info *sinfo)
{
switch (sinfo->what) {
case XT_CONNBYTES_PKTS:
- fputs("packets ", stdout);
+ fputs(" packets", stdout);
break;
case XT_CONNBYTES_BYTES:
- fputs("bytes ", stdout);
+ fputs(" bytes", stdout);
break;
case XT_CONNBYTES_AVGPKT:
- fputs("avgpkt ", stdout);
+ fputs(" avgpkt", stdout);
break;
default:
- fputs("unknown ", stdout);
+ fputs(" unknown", stdout);
break;
}
}
@@ -123,16 +123,16 @@ static void print_direction(const struct xt_connbytes_info *sinfo)
{
switch (sinfo->direction) {
case XT_CONNBYTES_DIR_ORIGINAL:
- fputs("original ", stdout);
+ fputs(" original", stdout);
break;
case XT_CONNBYTES_DIR_REPLY:
- fputs("reply ", stdout);
+ fputs(" reply", stdout);
break;
case XT_CONNBYTES_DIR_BOTH:
- fputs("both ", stdout);
+ fputs(" both", stdout);
break;
default:
- fputs("unknown ", stdout);
+ fputs(" unknown", stdout);
break;
}
}
@@ -143,18 +143,18 @@ connbytes_print(const void *ip, const struct xt_entry_match *match, int numeric)
const struct xt_connbytes_info *sinfo = (const void *)match->data;
if (sinfo->count.from > sinfo->count.to)
- printf("connbytes ! %llu:%llu ",
+ printf(" connbytes ! %llu:%llu",
(unsigned long long)sinfo->count.to,
(unsigned long long)sinfo->count.from);
else
- printf("connbytes %llu:%llu ",
+ printf(" connbytes %llu:%llu",
(unsigned long long)sinfo->count.from,
(unsigned long long)sinfo->count.to);
- fputs("connbytes mode ", stdout);
+ fputs(" connbytes mode", stdout);
print_mode(sinfo);
- fputs("connbytes direction ", stdout);
+ fputs(" connbytes direction", stdout);
print_direction(sinfo);
}
@@ -163,18 +163,18 @@ static void connbytes_save(const void *ip, const struct xt_entry_match *match)
const struct xt_connbytes_info *sinfo = (const void *)match->data;
if (sinfo->count.from > sinfo->count.to)
- printf("! --connbytes %llu:%llu ",
+ printf(" ! --connbytes %llu:%llu",
(unsigned long long)sinfo->count.to,
(unsigned long long)sinfo->count.from);
else
- printf("--connbytes %llu:%llu ",
+ printf(" --connbytes %llu:%llu",
(unsigned long long)sinfo->count.from,
(unsigned long long)sinfo->count.to);
- fputs("--connbytes-mode ", stdout);
+ fputs(" --connbytes-mode", stdout);
print_mode(sinfo);
- fputs("--connbytes-dir ", stdout);
+ fputs(" --connbytes-dir", stdout);
print_direction(sinfo);
}
diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c
index 75eadf97..badf68c0 100644
--- a/extensions/libxt_connlimit.c
+++ b/extensions/libxt_connlimit.c
@@ -176,7 +176,7 @@ static void connlimit_print4(const void *ip,
{
const struct xt_connlimit_info *info = (const void *)match->data;
- printf("#conn %s/%u %s %u ",
+ printf(" #conn %s/%u %s %u",
(info->flags & XT_CONNLIMIT_DADDR) ? "dst" : "src",
count_bits4(info->v4_mask),
(info->flags & XT_CONNLIMIT_INVERT) ? "<=" : ">", info->limit);
@@ -187,7 +187,7 @@ static void connlimit_print6(const void *ip,
{
const struct xt_connlimit_info *info = (const void *)match->data;
- printf("#conn %s/%u %s %u ",
+ printf(" #conn %s/%u %s %u",
(info->flags & XT_CONNLIMIT_DADDR) ? "dst" : "src",
count_bits6(info->v6_mask),
(info->flags & XT_CONNLIMIT_INVERT) ? "<=" : ">", info->limit);
@@ -199,15 +199,15 @@ static void connlimit_save4(const void *ip, const struct xt_entry_match *match)
const int revision = match->u.user.revision;
if (info->flags & XT_CONNLIMIT_INVERT)
- printf("--connlimit-upto %u ", info->limit);
+ printf(" --connlimit-upto %u", info->limit);
else
- printf("--connlimit-above %u ", info->limit);
- printf("--connlimit-mask %u ", count_bits4(info->v4_mask));
+ printf(" --connlimit-above %u", info->limit);
+ printf(" --connlimit-mask %u", count_bits4(info->v4_mask));
if (revision >= 1) {
if (info->flags & XT_CONNLIMIT_DADDR)
- printf("--connlimit-daddr ");
+ printf(" --connlimit-daddr");
else
- printf("--connlimit-saddr ");
+ printf(" --connlimit-saddr");
}
}
@@ -217,15 +217,15 @@ static void connlimit_save6(const void *ip, const struct xt_entry_match *match)
const int revision = match->u.user.revision;
if (info->flags & XT_CONNLIMIT_INVERT)
- printf("--connlimit-upto %u ", info->limit);
+ printf(" --connlimit-upto %u", info->limit);
else
- printf("--connlimit-above %u ", info->limit);
- printf("--connlimit-mask %u ", count_bits6(info->v6_mask));
+ printf(" --connlimit-above %u", info->limit);
+ printf(" --connlimit-mask %u", count_bits6(info->v6_mask));
if (revision >= 1) {
if (info->flags & XT_CONNLIMIT_DADDR)
- printf("--connlimit-daddr ");
+ printf(" --connlimit-daddr");
else
- printf("--connlimit-saddr ");
+ printf(" --connlimit-saddr");
}
}
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 4cc59acd..a0e89fe7 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -109,9 +109,9 @@ connmark_parse(int c, char **argv, int invert, unsigned int *flags,
static void print_mark(unsigned int mark, unsigned int mask)
{
if (mask != 0xffffffffU)
- printf("0x%x/0x%x ", mark, mask);
+ printf(" 0x%x/0x%x", mark, mask);
else
- printf("0x%x ", mark);
+ printf(" 0x%x", mark);
}
static void connmark_mt_check(unsigned int flags)
@@ -126,7 +126,7 @@ connmark_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_connmark_info *info = (const void *)match->data;
- printf("CONNMARK match ");
+ printf(" CONNMARK match ");
if (info->invert)
printf("!");
print_mark(info->mark, info->mask);
@@ -137,7 +137,7 @@ connmark_mt_print(const void *ip, const struct xt_entry_match *match, int numeri
{
const struct xt_connmark_mtinfo1 *info = (const void *)match->data;
- printf("connmark match ");
+ printf(" connmark match ");
if (info->invert)
printf("!");
print_mark(info->mark, info->mask);
@@ -148,9 +148,9 @@ static void connmark_save(const void *ip, const struct xt_entry_match *match)
const struct xt_connmark_info *info = (const void *)match->data;
if (info->invert)
- printf("! ");
+ printf(" !");
- printf("--mark ");
+ printf(" --mark");
print_mark(info->mark, info->mask);
}
@@ -160,9 +160,9 @@ connmark_mt_save(const void *ip, const struct xt_entry_match *match)
const struct xt_connmark_mtinfo1 *info = (const void *)match->data;
if (info->invert)
- printf("! ");
+ printf(" !");
- printf("--mark ");
+ printf(" --mark");
print_mark(info->mark, info->mask);
}
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 8d8e1b23..8312d042 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -820,7 +820,7 @@ static void conntrack_mt_check(unsigned int flags)
static void
print_state(unsigned int statemask)
{
- const char *sep = "";
+ const char *sep = " ";
if (statemask & XT_CONNTRACK_STATE_INVALID) {
printf("%sINVALID", sep);
@@ -850,13 +850,12 @@ print_state(unsigned int statemask)
printf("%sDNAT", sep);
sep = ",";
}
- printf(" ");
}
static void
print_status(unsigned int statusmask)
{
- const char *sep = "";
+ const char *sep = " ";
if (statusmask & IPS_EXPECTED) {
printf("%sEXPECTED", sep);
@@ -876,7 +875,6 @@ print_status(unsigned int statusmask)
}
if (statusmask == 0)
printf("%sNONE", sep);
- printf(" ");
}
static void
@@ -886,29 +884,29 @@ conntrack_dump_addr(const union nf_inet_addr *addr,
{
if (family == NFPROTO_IPV4) {
if (!numeric && addr->ip == 0) {
- printf("anywhere ");
+ printf(" anywhere");
return;
}
if (numeric)
- printf("%s%s ",
+ printf(" %s%s",
xtables_ipaddr_to_numeric(&addr->in),
xtables_ipmask_to_numeric(&mask->in));
else
- printf("%s%s ",
+ printf(" %s%s",
xtables_ipaddr_to_anyname(&addr->in),
xtables_ipmask_to_numeric(&mask->in));
} else if (family == NFPROTO_IPV6) {
if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 &&
addr->ip6[2] == 0 && addr->ip6[3] == 0) {
- printf("anywhere ");
+ printf(" anywhere");
return;
}
if (numeric)
- printf("%s%s ",
+ printf(" %s%s",
xtables_ip6addr_to_numeric(&addr->in6),
xtables_ip6mask_to_numeric(&mask->in6));
else
- printf("%s%s ",
+ printf(" %s%s",
xtables_ip6addr_to_anyname(&addr->in6),
xtables_ip6mask_to_numeric(&mask->in6));
}
@@ -921,17 +919,17 @@ print_addr(const struct in_addr *addr, const struct in_addr *mask,
char buf[BUFSIZ];
if (inv)
- printf("! ");
+ printf(" !");
if (mask->s_addr == 0L && !numeric)
- printf("%s ", "anywhere");
+ printf(" %s", "anywhere");
else {
if (numeric)
strcpy(buf, xtables_ipaddr_to_numeric(addr));
else
strcpy(buf, xtables_ipaddr_to_anyname(addr));
strcat(buf, xtables_ipmask_to_numeric(mask));
- printf("%s ", buf);
+ printf(" %s", buf);
}
}
@@ -942,22 +940,22 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric,
if(sinfo->flags & XT_CONNTRACK_STATE) {
if (sinfo->invflags & XT_CONNTRACK_STATE)
- printf("! ");
- printf("%sctstate ", optpfx);
+ printf(" !");
+ printf(" %sctstate", optpfx);
print_state(sinfo->statemask);
}
if(sinfo->flags & XT_CONNTRACK_PROTO) {
if (sinfo->invflags & XT_CONNTRACK_PROTO)
- printf("! ");
- printf("%sctproto ", optpfx);
- printf("%u ", sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum);
+ printf(" !");
+ printf(" %sctproto", optpfx);
+ printf(" %u", sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum);
}
if(sinfo->flags & XT_CONNTRACK_ORIGSRC) {
if (sinfo->invflags & XT_CONNTRACK_ORIGSRC)
- printf("! ");
- printf("%sctorigsrc ", optpfx);
+ printf(" !");
+ printf(" %sctorigsrc", optpfx);
print_addr(
(struct in_addr *)&sinfo->tuple[IP_CT_DIR_ORIGINAL].src.ip,
@@ -968,8 +966,8 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric,
if(sinfo->flags & XT_CONNTRACK_ORIGDST) {
if (sinfo->invflags & XT_CONNTRACK_ORIGDST)
- printf("! ");
- printf("%sctorigdst ", optpfx);
+ printf(" !");
+ printf(" %sctorigdst", optpfx);
print_addr(
(struct in_addr *)&sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.ip,
@@ -980,8 +978,8 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric,
if(sinfo->flags & XT_CONNTRACK_REPLSRC) {
if (sinfo->invflags & XT_CONNTRACK_REPLSRC)
- printf("! ");
- printf("%sctreplsrc ", optpfx);
+ printf(" !");
+ printf(" %sctreplsrc", optpfx);
print_addr(
(struct in_addr *)&sinfo->tuple[IP_CT_DIR_REPLY].src.ip,
@@ -992,8 +990,8 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric,
if(sinfo->flags & XT_CONNTRACK_REPLDST) {
if (sinfo->invflags & XT_CONNTRACK_REPLDST)
- printf("! ");
- printf("%sctrepldst ", optpfx);
+ printf(" !");
+ printf(" %sctrepldst", optpfx);
print_addr(
(struct in_addr *)&sinfo->tuple[IP_CT_DIR_REPLY].dst.ip,
@@ -1004,27 +1002,27 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric,
if(sinfo->flags & XT_CONNTRACK_STATUS) {
if (sinfo->invflags & XT_CONNTRACK_STATUS)
- printf("! ");
- printf("%sctstatus ", optpfx);
+ printf(" !");
+ printf(" %sctstatus", optpfx);
print_status(sinfo->statusmask);
}
if(sinfo->flags & XT_CONNTRACK_EXPIRES) {
if (sinfo->invflags & XT_CONNTRACK_EXPIRES)
- printf("! ");
- printf("%sctexpire ", optpfx);
+ printf(" !");
+ printf(" %sctexpire ", optpfx);
if (sinfo->expires_max == sinfo->expires_min)
- printf("%lu ", sinfo->expires_min);
+ printf("%lu", sinfo->expires_min);
else
- printf("%lu:%lu ", sinfo->expires_min, sinfo->expires_max);
+ printf("%lu:%lu", sinfo->expires_min, sinfo->expires_max);
}
if (sinfo->flags & XT_CONNTRACK_DIRECTION) {
if (sinfo->invflags & XT_CONNTRACK_DIRECTION)
- printf("%sctdir REPLY ", optpfx);
+ printf(" %sctdir REPLY", optpfx);
else
- printf("%sctdir ORIGINAL ", optpfx);
+ printf(" %sctdir ORIGINAL", optpfx);
}
}
@@ -1034,9 +1032,9 @@ conntrack_dump_ports(const char *prefix, const char *opt,
u_int16_t port_low, u_int16_t port_high)
{
if (port_high == 0 || port_low == port_high)
- printf("%s%s %u ", prefix, opt, port_low);
+ printf(" %s%s %u", prefix, opt, port_low);
else
- printf("%s%s %u:%u ", prefix, opt, port_low, port_high);
+ printf(" %s%s %u:%u", prefix, opt, port_low, port_high);
}
static void
@@ -1045,52 +1043,52 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix,
{
if (info->match_flags & XT_CONNTRACK_STATE) {
if (info->invert_flags & XT_CONNTRACK_STATE)
- printf("! ");
- printf("%sctstate ", prefix);
+ printf(" !");
+ printf(" %sctstate", prefix);
print_state(info->state_mask);
}
if (info->match_flags & XT_CONNTRACK_PROTO) {
if (info->invert_flags & XT_CONNTRACK_PROTO)
- printf("! ");
- printf("%sctproto %u ", prefix, info->l4proto);
+ printf(" !");
+ printf(" %sctproto %u", prefix, info->l4proto);
}
if (info->match_flags & XT_CONNTRACK_ORIGSRC) {
if (info->invert_flags & XT_CONNTRACK_ORIGSRC)
- printf("! ");
- printf("%sctorigsrc ", prefix);
+ printf(" !");
+ printf(" %sctorigsrc", prefix);
conntrack_dump_addr(&info->origsrc_addr, &info->origsrc_mask,
family, numeric);
}
if (info->match_flags & XT_CONNTRACK_ORIGDST) {
if (info->invert_flags & XT_CONNTRACK_ORIGDST)
- printf("! ");
- printf("%sctorigdst ", prefix);
+ printf(" !");
+ printf(" %sctorigdst", prefix);
conntrack_dump_addr(&info->origdst_addr, &info->origdst_mask,
family, numeric);
}
if (info->match_flags & XT_CONNTRACK_REPLSRC) {
if (info->invert_flags & XT_CONNTRACK_REPLSRC)
- printf("! ");
- printf("%sctreplsrc ", prefix);
+ printf(" !");
+ printf(" %sctreplsrc", prefix);
conntrack_dump_addr(&info->replsrc_addr, &info->replsrc_mask,
family, numeric);
}
if (info->match_flags & XT_CONNTRACK_REPLDST) {
if (info->invert_flags & XT_CONNTRACK_REPLDST)
- printf("! ");
- printf("%sctrepldst ", prefix);
+ printf(" !");
+ printf(" %sctrepldst", prefix);
conntrack_dump_addr(&info->repldst_addr, &info->repldst_mask,
family, numeric);
}
if (info->match_flags & XT_CONNTRACK_ORIGSRC_PORT) {
if (info->invert_flags & XT_CONNTRACK_ORIGSRC_PORT)
- printf("! ");
+ printf(" !");
conntrack_dump_ports(prefix, "ctorigsrcport",
v3 ? info->origsrc_port : ntohs(info->origsrc_port),
v3 ? info->origsrc_port_high : 0);
@@ -1098,7 +1096,7 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix,
if (info->match_flags & XT_CONNTRACK_ORIGDST_PORT) {
if (info->invert_flags & XT_CONNTRACK_ORIGDST_PORT)
- printf("! ");
+ printf(" !");
conntrack_dump_ports(prefix, "ctorigdstport",
v3 ? info->origdst_port : ntohs(info->origdst_port),
v3 ? info->origdst_port_high : 0);
@@ -1106,7 +1104,7 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix,
if (info->match_flags & XT_CONNTRACK_REPLSRC_PORT) {
if (info->invert_flags & XT_CONNTRACK_REPLSRC_PORT)
- printf("! ");
+ printf(" !");
conntrack_dump_ports(prefix, "ctreplsrcport",
v3 ? info->replsrc_port : ntohs(info->replsrc_port),
v3 ? info->replsrc_port_high : 0);
@@ -1114,7 +1112,7 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix,
if (info->match_flags & XT_CONNTRACK_REPLDST_PORT) {
if (info->invert_flags & XT_CONNTRACK_REPLDST_PORT)
- printf("! ");
+ printf(" !");
conntrack_dump_ports(prefix, "ctrepldstport",
v3 ? info->repldst_port : ntohs(info->repldst_port),
v3 ? info->repldst_port_high : 0);
@@ -1122,28 +1120,28 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix,
if (info->match_flags & XT_CONNTRACK_STATUS) {
if (info->invert_flags & XT_CONNTRACK_STATUS)
- printf("! ");
- printf("%sctstatus ", prefix);
+ printf(" !");
+ printf(" %sctstatus", prefix);
print_status(info->status_mask);
}
if (info->match_flags & XT_CONNTRACK_EXPIRES) {
if (info->invert_flags & XT_CONNTRACK_EXPIRES)
- printf("! ");
- printf("%sctexpire ", prefix);
+ printf(" !");
+ printf(" %sctexpire ", prefix);
if (info->expires_max == info->expires_min)
- printf("%u ", (unsigned int)info->expires_min);
+ printf("%u", (unsigned int)info->expires_min);
else
- printf("%u:%u ", (unsigned int)info->expires_min,
+ printf("%u:%u", (unsigned int)info->expires_min,
(unsigned int)info->expires_max);
}
if (info->match_flags & XT_CONNTRACK_DIRECTION) {
if (info->invert_flags & XT_CONNTRACK_DIRECTION)
- printf("%sctdir REPLY ", prefix);
+ printf(" %sctdir REPLY", prefix);
else
- printf("%sctdir ORIGINAL ", prefix);
+ printf(" %sctdir ORIGINAL", prefix);
}
}
diff --git a/extensions/libxt_cpu.c b/extensions/libxt_cpu.c
index b4ad4561..77efec7f 100644
--- a/extensions/libxt_cpu.c
+++ b/extensions/libxt_cpu.c
@@ -66,14 +66,14 @@ cpu_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_cpu_info *info = (void *)match->data;
- printf("cpu %s%u ", info->invert ? "! ":"", info->cpu);
+ printf(" cpu %s%u", info->invert ? "! ":"", info->cpu);
}
static void cpu_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_cpu_info *info = (void *)match->data;
- printf("%s--cpu %u ", info->invert ? "! ":"", info->cpu);
+ printf("%s --cpu %u", info->invert ? " !" : "", info->cpu);
}
static struct xtables_match cpu_match = {
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index 7a0e96b5..3b2dc6b8 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -216,7 +216,7 @@ print_ports(const char *name, uint16_t min, uint16_t max,
const char *inv = invert ? "!" : "";
if (min != 0 || max != 0xFFFF || invert) {
- printf("%s", name);
+ printf(" %s", name);
if (min == max) {
printf(":%s", inv);
print_port(min, numeric);
@@ -226,7 +226,6 @@ print_ports(const char *name, uint16_t min, uint16_t max,
printf(":");
print_port(max, numeric);
}
- printf(" ");
}
}
@@ -236,8 +235,9 @@ print_types(uint16_t types, int inverted, int numeric)
int have_type = 0;
if (inverted)
- printf("! ");
+ printf(" !");
+ printf(" ");
while (types) {
unsigned int i;
@@ -261,7 +261,7 @@ static void
print_option(uint8_t option, int invert, int numeric)
{
if (option || invert)
- printf("option=%s%u ", invert ? "!" : "", option);
+ printf(" option=%s%u", invert ? "!" : "", option);
}
static void
@@ -270,7 +270,7 @@ dccp_print(const void *ip, const struct xt_entry_match *match, int numeric)
const struct xt_dccp_info *einfo =
(const struct xt_dccp_info *)match->data;
- printf("dccp ");
+ printf(" dccp");
if (einfo->flags & XT_DCCP_SRC_PORTS) {
print_ports("spt", einfo->spts[0], einfo->spts[1],
@@ -303,31 +303,31 @@ static void dccp_save(const void *ip, const struct xt_entry_match *match)
if (einfo->flags & XT_DCCP_SRC_PORTS) {
if (einfo->invflags & XT_DCCP_SRC_PORTS)
- printf("! ");
+ printf(" !");
if (einfo->spts[0] != einfo->spts[1])
- printf("--sport %u:%u ",
+ printf(" --sport %u:%u",
einfo->spts[0], einfo->spts[1]);
else
- printf("--sport %u ", einfo->spts[0]);
+ printf(" --sport %u", einfo->spts[0]);
}
if (einfo->flags & XT_DCCP_DEST_PORTS) {
if (einfo->invflags & XT_DCCP_DEST_PORTS)
- printf("! ");
+ printf(" !");
if (einfo->dpts[0] != einfo->dpts[1])
- printf("--dport %u:%u ",
+ printf(" --dport %u:%u",
einfo->dpts[0], einfo->dpts[1]);
else
- printf("--dport %u ", einfo->dpts[0]);
+ printf(" --dport %u", einfo->dpts[0]);
}
if (einfo->flags & XT_DCCP_TYPE) {
- printf("--dccp-type ");
+ printf(" --dccp-type");
print_types(einfo->typemask, einfo->invflags & XT_DCCP_TYPE,0);
}
if (einfo->flags & XT_DCCP_OPTION) {
- printf("--dccp-option %s%u ",
+ printf(" --dccp-option %s%u",
einfo->typemask & XT_DCCP_OPTION ? "! " : "",
einfo->option);
}
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index 1d7fadf3..b07f83b0 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -117,7 +117,7 @@ dscp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_dscp_info *dinfo =
(const struct xt_dscp_info *)match->data;
- printf("DSCP match %s0x%02x", dinfo->invert ? "!" : "", dinfo->dscp);
+ printf(" DSCP match %s0x%02x", dinfo->invert ? "!" : "", dinfo->dscp);
}
static void dscp_save(const void *ip, const struct xt_entry_match *match)
@@ -125,7 +125,7 @@ static void dscp_save(const void *ip, const struct xt_entry_match *match)
const struct xt_dscp_info *dinfo =
(const struct xt_dscp_info *)match->data;
- printf("%s--dscp 0x%02x ", dinfo->invert ? "! " : "", dinfo->dscp);
+ printf("%s --dscp 0x%02x", dinfo->invert ? " !" : "", dinfo->dscp);
}
static struct xtables_match dscp_match = {
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index 82ca3018..17698683 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -108,9 +108,9 @@ print_spis(const char *name, uint32_t min, uint32_t max,
if (min != 0 || max != 0xFFFFFFFF || invert) {
if (min == max)
- printf("%s:%s%u ", name, inv, min);
+ printf(" %s:%s%u", name, inv, min);
else
- printf("%ss:%s%u:%u ", name, inv, min, max);
+ printf(" %ss:%s%u:%u", name, inv, min, max);
}
}
@@ -119,11 +119,11 @@ esp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_esp *esp = (struct xt_esp *)match->data;
- printf("esp ");
+ printf(" esp");
print_spis("spi", esp->spis[0], esp->spis[1],
esp->invflags & XT_ESP_INV_SPI);
if (esp->invflags & ~XT_ESP_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
esp->invflags & ~XT_ESP_INV_MASK);
}
@@ -133,15 +133,15 @@ static void esp_save(const void *ip, const struct xt_entry_match *match)
if (!(espinfo->spis[0] == 0
&& espinfo->spis[1] == 0xFFFFFFFF)) {
- printf("%s--espspi ",
- (espinfo->invflags & XT_ESP_INV_SPI) ? "! " : "");
+ printf("%s --espspi ",
+ (espinfo->invflags & XT_ESP_INV_SPI) ? " !" : "");
if (espinfo->spis[0]
!= espinfo->spis[1])
- printf("%u:%u ",
+ printf("%u:%u",
espinfo->spis[0],
espinfo->spis[1]);
else
- printf("%u ",
+ printf("%u",
espinfo->spis[0]);
}
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 352e5303..d766987e 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -488,13 +488,14 @@ static void print_rate(uint32_t period)
|| rates[i].mult/period < rates[i].mult%period)
break;
- printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name);
+ printf(" %u/%s", rates[i-1].mult / period, rates[i-1].name);
}
static void print_mode(unsigned int mode, char separator)
{
bool prevmode = false;
+ putchar(' ');
if (mode & XT_HASHLIMIT_HASH_SIP) {
fputs("srcip", stdout);
prevmode = 1;
@@ -516,54 +517,53 @@ static void print_mode(unsigned int mode, char separator)
putchar(separator);
fputs("dstport", stdout);
}
- putchar(' ');
}
static void hashlimit_print(const void *ip,
const struct xt_entry_match *match, int numeric)
{
const struct xt_hashlimit_info *r = (const void *)match->data;
- fputs("limit: avg ", stdout); print_rate(r->cfg.avg);
- printf("burst %u ", r->cfg.burst);
- fputs("mode ", stdout);
+ fputs(" limit: avg", stdout); print_rate(r->cfg.avg);
+ printf(" burst %u", r->cfg.burst);
+ fputs(" mode", stdout);
print_mode(r->cfg.mode, '-');
if (r->cfg.size)
- printf("htable-size %u ", r->cfg.size);
+ printf(" htable-size %u", r->cfg.size);
if (r->cfg.max)
- printf("htable-max %u ", r->cfg.max);
+ printf(" htable-max %u", r->cfg.max);
if (r->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL)
- printf("htable-gcinterval %u ", r->cfg.gc_interval);
+ printf(" htable-gcinterval %u", r->cfg.gc_interval);
if (r->cfg.expire != XT_HASHLIMIT_EXPIRE)
- printf("htable-expire %u ", r->cfg.expire);
+ printf(" htable-expire %u", r->cfg.expire);
}
static void
hashlimit_mt_print(const struct xt_hashlimit_mtinfo1 *info, unsigned int dmask)
{
if (info->cfg.mode & XT_HASHLIMIT_INVERT)
- fputs("limit: above ", stdout);
+ fputs(" limit: above", stdout);
else
- fputs("limit: up to ", stdout);
+ fputs(" limit: up to", stdout);
print_rate(info->cfg.avg);
- printf("burst %u ", info->cfg.burst);
+ printf(" burst %u", info->cfg.burst);
if (info->cfg.mode & (XT_HASHLIMIT_HASH_SIP | XT_HASHLIMIT_HASH_SPT |
XT_HASHLIMIT_HASH_DIP | XT_HASHLIMIT_HASH_DPT)) {
- fputs("mode ", stdout);
+ fputs(" mode", stdout);
print_mode(info->cfg.mode, '-');
}
if (info->cfg.size != 0)
- printf("htable-size %u ", info->cfg.size);
+ printf(" htable-size %u", info->cfg.size);
if (info->cfg.max != 0)
- printf("htable-max %u ", info->cfg.max);
+ printf(" htable-max %u", info->cfg.max);
if (info->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL)
- printf("htable-gcinterval %u ", info->cfg.gc_interval);
+ printf(" htable-gcinterval %u", info->cfg.gc_interval);
if (info->cfg.expire != XT_HASHLIMIT_EXPIRE)
- printf("htable-expire %u ", info->cfg.expire);
+ printf(" htable-expire %u", info->cfg.expire);
if (info->cfg.srcmask != dmask)
- printf("srcmask %u ", info->cfg.srcmask);
+ printf(" srcmask %u", info->cfg.srcmask);
if (info->cfg.dstmask != dmask)
- printf("dstmask %u ", info->cfg.dstmask);
+ printf(" dstmask %u", info->cfg.dstmask);
}
static void
@@ -588,55 +588,55 @@ static void hashlimit_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_hashlimit_info *r = (const void *)match->data;
- fputs("--hashlimit ", stdout); print_rate(r->cfg.avg);
- printf("--hashlimit-burst %u ", r->cfg.burst);
+ fputs(" --hashlimit", stdout); print_rate(r->cfg.avg);
+ printf(" --hashlimit-burst %u", r->cfg.burst);
- fputs("--hashlimit-mode ", stdout);
+ fputs(" --hashlimit-mode", stdout);
print_mode(r->cfg.mode, ',');
- printf("--hashlimit-name %s ", r->name);
+ printf(" --hashlimit-name %s", r->name);
if (r->cfg.size)
- printf("--hashlimit-htable-size %u ", r->cfg.size);
+ printf(" --hashlimit-htable-size %u", r->cfg.size);
if (r->cfg.max)
- printf("--hashlimit-htable-max %u ", r->cfg.max);
+ printf(" --hashlimit-htable-max %u", r->cfg.max);
if (r->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL)
- printf("--hashlimit-htable-gcinterval %u ", r->cfg.gc_interval);
+ printf(" --hashlimit-htable-gcinterval %u", r->cfg.gc_interval);
if (r->cfg.expire != XT_HASHLIMIT_EXPIRE)
- printf("--hashlimit-htable-expire %u ", r->cfg.expire);
+ printf(" --hashlimit-htable-expire %u", r->cfg.expire);
}
static void
hashlimit_mt_save(const struct xt_hashlimit_mtinfo1 *info, unsigned int dmask)
{
if (info->cfg.mode & XT_HASHLIMIT_INVERT)
- fputs("--hashlimit-above ", stdout);
+ fputs(" --hashlimit-above", stdout);
else
- fputs("--hashlimit-upto ", stdout);
+ fputs(" --hashlimit-upto", stdout);
print_rate(info->cfg.avg);
- printf("--hashlimit-burst %u ", info->cfg.burst);
+ printf(" --hashlimit-burst %u", info->cfg.burst);
if (info->cfg.mode & (XT_HASHLIMIT_HASH_SIP | XT_HASHLIMIT_HASH_SPT |
XT_HASHLIMIT_HASH_DIP | XT_HASHLIMIT_HASH_DPT)) {
- fputs("--hashlimit-mode ", stdout);
+ fputs(" --hashlimit-mode", stdout);
print_mode(info->cfg.mode, ',');
}
- printf("--hashlimit-name %s ", info->name);
+ printf(" --hashlimit-name %s", info->name);
if (info->cfg.size != 0)
- printf("--hashlimit-htable-size %u ", info->cfg.size);
+ printf(" --hashlimit-htable-size %u", info->cfg.size);
if (info->cfg.max != 0)
- printf("--hashlimit-htable-max %u ", info->cfg.max);
+ printf(" --hashlimit-htable-max %u", info->cfg.max);
if (info->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL)
- printf("--hashlimit-htable-gcinterval %u ", info->cfg.gc_interval);
+ printf(" --hashlimit-htable-gcinterval %u", info->cfg.gc_interval);
if (info->cfg.expire != XT_HASHLIMIT_EXPIRE)
- printf("--hashlimit-htable-expire %u ", info->cfg.expire);
+ printf(" --hashlimit-htable-expire %u", info->cfg.expire);
if (info->cfg.srcmask != dmask)
- printf("--hashlimit-srcmask %u ", info->cfg.srcmask);
+ printf(" --hashlimit-srcmask %u", info->cfg.srcmask);
if (info->cfg.dstmask != dmask)
- printf("--hashlimit-dstmask %u ", info->cfg.dstmask);
+ printf(" --hashlimit-dstmask %u", info->cfg.dstmask);
}
static void
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index 3c744c9f..1761b4d9 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -55,14 +55,14 @@ helper_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_helper_info *info = (const void *)match->data;
- printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
+ printf(" helper match %s\"%s\"", info->invert ? "! " : "", info->name);
}
static void helper_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_helper_info *info = (const void *)match->data;
- printf("%s--helper ",info->invert ? "! " : "");
+ printf("%s --helper", info->invert ? " !" : "");
xtables_save_string(info->name);
}
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 2ac2fa4d..2a914165 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -202,7 +202,7 @@ print_iprange(const struct ipt_iprange *range)
byte_min = (const unsigned char *)&range->min_ip;
byte_max = (const unsigned char *)&range->max_ip;
- printf("%u.%u.%u.%u-%u.%u.%u.%u ",
+ printf(" %u.%u.%u.%u-%u.%u.%u.%u",
byte_min[0], byte_min[1], byte_min[2], byte_min[3],
byte_max[0], byte_max[1], byte_max[2], byte_max[3]);
}
@@ -213,15 +213,15 @@ static void iprange_print(const void *ip, const struct xt_entry_match *match,
const struct ipt_iprange_info *info = (const void *)match->data;
if (info->flags & IPRANGE_SRC) {
- printf("source IP range ");
+ printf(" source IP range");
if (info->flags & IPRANGE_SRC_INV)
- printf("! ");
+ printf(" !");
print_iprange(&info->src);
}
if (info->flags & IPRANGE_DST) {
- printf("destination IP range ");
+ printf(" destination IP range");
if (info->flags & IPRANGE_DST_INV)
- printf("! ");
+ printf(" !");
print_iprange(&info->dst);
}
}
@@ -233,22 +233,22 @@ iprange_mt4_print(const void *ip, const struct xt_entry_match *match,
const struct xt_iprange_mtinfo *info = (const void *)match->data;
if (info->flags & IPRANGE_SRC) {
- printf("source IP range ");
+ printf(" source IP range");
if (info->flags & IPRANGE_SRC_INV)
- printf("! ");
+ printf(" !");
/*
* ipaddr_to_numeric() uses a static buffer, so cannot
* combine the printf() calls.
*/
- printf("%s", xtables_ipaddr_to_numeric(&info->src_min.in));
- printf("-%s ", xtables_ipaddr_to_numeric(&info->src_max.in));
+ printf(" %s", xtables_ipaddr_to_numeric(&info->src_min.in));
+ printf("-%s", xtables_ipaddr_to_numeric(&info->src_max.in));
}
if (info->flags & IPRANGE_DST) {
- printf("destination IP range ");
+ printf(" destination IP range");
if (info->flags & IPRANGE_DST_INV)
- printf("! ");
- printf("%s", xtables_ipaddr_to_numeric(&info->dst_min.in));
- printf("-%s ", xtables_ipaddr_to_numeric(&info->dst_max.in));
+ printf(" !");
+ printf(" %s", xtables_ipaddr_to_numeric(&info->dst_min.in));
+ printf("-%s", xtables_ipaddr_to_numeric(&info->dst_max.in));
}
}
@@ -259,22 +259,22 @@ iprange_mt6_print(const void *ip, const struct xt_entry_match *match,
const struct xt_iprange_mtinfo *info = (const void *)match->data;
if (info->flags & IPRANGE_SRC) {
- printf("source IP range ");
+ printf(" source IP range");
if (info->flags & IPRANGE_SRC_INV)
- printf("! ");
+ printf(" !");
/*
* ipaddr_to_numeric() uses a static buffer, so cannot
* combine the printf() calls.
*/
- printf("%s", xtables_ip6addr_to_numeric(&info->src_min.in6));
- printf("-%s ", xtables_ip6addr_to_numeric(&info->src_max.in6));
+ printf(" %s", xtables_ip6addr_to_numeric(&info->src_min.in6));
+ printf("-%s", xtables_ip6addr_to_numeric(&info->src_max.in6));
}
if (info->flags & IPRANGE_DST) {
- printf("destination IP range ");
+ printf(" destination IP range");
if (info->flags & IPRANGE_DST_INV)
- printf("! ");
- printf("%s", xtables_ip6addr_to_numeric(&info->dst_min.in6));
- printf("-%s ", xtables_ip6addr_to_numeric(&info->dst_max.in6));
+ printf(" !");
+ printf(" %s", xtables_ip6addr_to_numeric(&info->dst_min.in6));
+ printf("-%s", xtables_ip6addr_to_numeric(&info->dst_max.in6));
}
}
@@ -284,16 +284,14 @@ static void iprange_save(const void *ip, const struct xt_entry_match *match)
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
- printf("! ");
- printf("--src-range ");
+ printf(" !");
+ printf(" --src-range");
print_iprange(&info->src);
- if (info->flags & IPRANGE_DST)
- fputc(' ', stdout);
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
- printf("! ");
- printf("--dst-range ");
+ printf(" !");
+ printf(" --dst-range");
print_iprange(&info->dst);
}
}
@@ -304,15 +302,15 @@ static void iprange_mt4_save(const void *ip, const struct xt_entry_match *match)
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
- printf("! ");
- printf("--src-range %s", xtables_ipaddr_to_numeric(&info->src_min.in));
- printf("-%s ", xtables_ipaddr_to_numeric(&info->src_max.in));
+ printf(" !");
+ printf(" --src-range %s", xtables_ipaddr_to_numeric(&info->src_min.in));
+ printf("-%s", xtables_ipaddr_to_numeric(&info->src_max.in));
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
- printf("! ");
- printf("--dst-range %s", xtables_ipaddr_to_numeric(&info->dst_min.in));
- printf("-%s ", xtables_ipaddr_to_numeric(&info->dst_max.in));
+ printf(" !");
+ printf(" --dst-range %s", xtables_ipaddr_to_numeric(&info->dst_min.in));
+ printf("-%s", xtables_ipaddr_to_numeric(&info->dst_max.in));
}
}
@@ -322,15 +320,15 @@ static void iprange_mt6_save(const void *ip, const struct xt_entry_match *match)
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
- printf("! ");
- printf("--src-range %s", xtables_ip6addr_to_numeric(&info->src_min.in6));
- printf("-%s ", xtables_ip6addr_to_numeric(&info->src_max.in6));
+ printf(" !");
+ printf(" --src-range %s", xtables_ip6addr_to_numeric(&info->src_min.in6));
+ printf("-%s", xtables_ip6addr_to_numeric(&info->src_max.in6));
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
- printf("! ");
- printf("--dst-range %s", xtables_ip6addr_to_numeric(&info->dst_min.in6));
- printf("-%s ", xtables_ip6addr_to_numeric(&info->dst_max.in6));
+ printf(" !");
+ printf(" --dst-range %s", xtables_ip6addr_to_numeric(&info->dst_min.in6));
+ printf("-%s", xtables_ip6addr_to_numeric(&info->dst_max.in6));
}
}
diff --git a/extensions/libxt_ipvs.c b/extensions/libxt_ipvs.c
index 3001417d..89303a11 100644
--- a/extensions/libxt_ipvs.c
+++ b/extensions/libxt_ipvs.c
@@ -206,7 +206,7 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr,
if (family == NFPROTO_IPV4) {
if (!numeric && addr->ip == 0) {
- printf("anywhere ");
+ printf(" anywhere");
return;
}
if (numeric)
@@ -214,11 +214,11 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr,
else
strcpy(buf, xtables_ipaddr_to_anyname(&addr->in));
strcat(buf, xtables_ipmask_to_numeric(&mask->in));
- printf("%s ", buf);
+ printf(" %s", buf);
} else if (family == NFPROTO_IPV6) {
if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 &&
addr->ip6[2] == 0 && addr->ip6[3] == 0) {
- printf("anywhere ");
+ printf(" anywhere");
return;
}
if (numeric)
@@ -226,7 +226,7 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr,
else
strcpy(buf, xtables_ip6addr_to_anyname(&addr->in6));
strcat(buf, xtables_ip6mask_to_numeric(&mask->in6));
- printf("%s ", buf);
+ printf(" %s", buf);
}
}
@@ -235,65 +235,65 @@ static void ipvs_mt_dump(const void *ip, const struct xt_ipvs_mtinfo *data,
{
if (data->bitmask == XT_IPVS_IPVS_PROPERTY) {
if (data->invert & XT_IPVS_IPVS_PROPERTY)
- printf("! ");
- printf("%sipvs ", prefix);
+ printf(" !");
+ printf(" %sipvs", prefix);
}
if (data->bitmask & XT_IPVS_PROTO) {
if (data->invert & XT_IPVS_PROTO)
- printf("! ");
- printf("%sproto %u ", prefix, data->l4proto);
+ printf(" !");
+ printf(" %sproto %u", prefix, data->l4proto);
}
if (data->bitmask & XT_IPVS_VADDR) {
if (data->invert & XT_IPVS_VADDR)
- printf("! ");
+ printf(" !");
- printf("%svaddr ", prefix);
+ printf(" %svaddr", prefix);
ipvs_mt_dump_addr(&data->vaddr, &data->vmask, family, numeric);
}
if (data->bitmask & XT_IPVS_VPORT) {
if (data->invert & XT_IPVS_VPORT)
- printf("! ");
+ printf(" !");
- printf("%svport %u ", prefix, ntohs(data->vport));
+ printf(" %svport %u", prefix, ntohs(data->vport));
}
if (data->bitmask & XT_IPVS_DIR) {
if (data->invert & XT_IPVS_DIR)
- printf("%svdir REPLY ", prefix);
+ printf(" %svdir REPLY", prefix);
else
- printf("%svdir ORIGINAL ", prefix);
+ printf(" %svdir ORIGINAL", prefix);
}
if (data->bitmask & XT_IPVS_METHOD) {
if (data->invert & XT_IPVS_METHOD)
- printf("! ");
+ printf(" !");
- printf("%svmethod ", prefix);
+ printf(" %svmethod", prefix);
switch (data->fwd_method) {
case IP_VS_CONN_F_DROUTE:
- printf("GATE ");
+ printf(" GATE");
break;
case IP_VS_CONN_F_TUNNEL:
- printf("IPIP ");
+ printf(" IPIP");
break;
case IP_VS_CONN_F_MASQ:
- printf("MASQ ");
+ printf(" MASQ");
break;
default:
/* Hu? */
- printf("UNKNOWN ");
+ printf(" UNKNOWN");
break;
}
}
if (data->bitmask & XT_IPVS_VPORTCTL) {
if (data->invert & XT_IPVS_VPORTCTL)
- printf("! ");
+ printf(" !");
- printf("%svportctl %u ", prefix, ntohs(data->vportctl));
+ printf(" %svportctl %u", prefix, ntohs(data->vportctl));
}
}
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 86ccba07..a12aefef 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -93,22 +93,22 @@ length_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_length_info *info = (void *)match->data;
- printf("length %s", info->invert ? "!" : "");
+ printf(" length %s", info->invert ? "!" : "");
if (info->min == info->max)
- printf("%u ", info->min);
+ printf("%u", info->min);
else
- printf("%u:%u ", info->min, info->max);
+ printf("%u:%u", info->min, info->max);
}
static void length_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_length_info *info = (void *)match->data;
- printf("%s--length ", info->invert ? "! " : "");
+ printf("%s --length ", info->invert ? " !" : "");
if (info->min == info->max)
- printf("%u ", info->min);
+ printf("%u", info->min);
else
- printf("%u:%u ", info->min, info->max);
+ printf("%u:%u", info->min, info->max);
}
static struct xtables_match length_match = {
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index a62d1990..c4ba58bb 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -134,24 +134,24 @@ static void print_rate(uint32_t period)
|| rates[i].mult/period < rates[i].mult%period)
break;
- printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name);
+ printf(" %u/%s", rates[i-1].mult / period, rates[i-1].name);
}
static void
limit_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_rateinfo *r = (const void *)match->data;
- printf("limit: avg "); print_rate(r->avg);
- printf("burst %u ", r->burst);
+ printf(" limit: avg"); print_rate(r->avg);
+ printf(" burst %u", r->burst);
}
static void limit_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_rateinfo *r = (const void *)match->data;
- printf("--limit "); print_rate(r->avg);
+ printf(" --limit"); print_rate(r->avg);
if (r->burst != XT_LIMIT_BURST)
- printf("--limit-burst %u ", r->burst);
+ printf(" --limit-burst %u", r->burst);
}
static struct xtables_match limit_match = {
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index 15a7f3c1..d7e65dac 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -73,10 +73,9 @@ static void print_mac(const unsigned char macaddress[ETH_ALEN])
{
unsigned int i;
- printf("%02X", macaddress[0]);
+ printf(" %02X", macaddress[0]);
for (i = 1; i < ETH_ALEN; i++)
printf(":%02X", macaddress[i]);
- printf(" ");
}
static void mac_check(unsigned int flags)
@@ -90,10 +89,10 @@ static void
mac_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_mac_info *info = (void *)match->data;
- printf("MAC ");
+ printf(" MAC");
if (info->invert)
- printf("! ");
+ printf(" !");
print_mac(info->srcaddr);
}
@@ -103,9 +102,9 @@ static void mac_save(const void *ip, const struct xt_entry_match *match)
const struct xt_mac_info *info = (void *)match->data;
if (info->invert)
- printf("! ");
+ printf(" !");
- printf("--mac-source ");
+ printf(" --mac-source");
print_mac(info->srcaddr);
}
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 15b08b9a..d3c17277 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -86,9 +86,9 @@ mark_parse(int c, char **argv, int invert, unsigned int *flags,
static void print_mark(unsigned int mark, unsigned int mask)
{
if (mask != 0xffffffffU)
- printf("0x%x/0x%x ", mark, mask);
+ printf(" 0x%x/0x%x", mark, mask);
else
- printf("0x%x ", mark);
+ printf(" 0x%x", mark);
}
static void mark_mt_check(unsigned int flags)
@@ -103,9 +103,9 @@ mark_mt_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_mark_mtinfo1 *info = (const void *)match->data;
- printf("mark match ");
+ printf(" mark match");
if (info->invert)
- printf("!");
+ printf(" !");
print_mark(info->mark, info->mask);
}
@@ -114,10 +114,10 @@ mark_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_mark_info *info = (const void *)match->data;
- printf("MARK match ");
+ printf(" MARK match");
if (info->invert)
- printf("!");
+ printf(" !");
print_mark(info->mark, info->mask);
}
@@ -127,9 +127,9 @@ static void mark_mt_save(const void *ip, const struct xt_entry_match *match)
const struct xt_mark_mtinfo1 *info = (const void *)match->data;
if (info->invert)
- printf("! ");
+ printf(" !");
- printf("--mark ");
+ printf(" --mark");
print_mark(info->mark, info->mask);
}
@@ -139,9 +139,9 @@ mark_save(const void *ip, const struct xt_entry_match *match)
const struct xt_mark_info *info = (const void *)match->data;
if (info->invert)
- printf("! ");
+ printf(" !");
- printf("--mark ");
+ printf(" --mark");
print_mark(info->mark, info->mask);
}
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index 2f523837..163c7dc5 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -316,7 +316,7 @@ __multiport_print(const struct xt_entry_match *match, int numeric,
= (const struct xt_multiport *)match->data;
unsigned int i;
- printf("multiport ");
+ printf(" multiport ");
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
@@ -340,7 +340,6 @@ __multiport_print(const struct xt_entry_match *match, int numeric,
printf("%s", i ? "," : "");
print_port(multiinfo->ports[i], proto, numeric);
}
- printf(" ");
}
static void multiport_print(const void *ip_void,
@@ -364,7 +363,7 @@ static void __multiport_print_v1(const struct xt_entry_match *match,
= (const struct xt_multiport_v1 *)match->data;
unsigned int i;
- printf("multiport ");
+ printf(" multiport ");
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
@@ -385,7 +384,7 @@ static void __multiport_print_v1(const struct xt_entry_match *match,
}
if (multiinfo->invert)
- printf("! ");
+ printf(" !");
for (i=0; i < multiinfo->count; i++) {
printf("%s", i ? "," : "");
@@ -395,7 +394,6 @@ static void __multiport_print_v1(const struct xt_entry_match *match,
print_port(multiinfo->ports[++i], proto, numeric);
}
}
- printf(" ");
}
static void multiport_print_v1(const void *ip_void,
@@ -422,15 +420,15 @@ static void __multiport_save(const struct xt_entry_match *match,
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
- printf("--sports ");
+ printf(" --sports ");
break;
case XT_MULTIPORT_DESTINATION:
- printf("--dports ");
+ printf(" --dports ");
break;
case XT_MULTIPORT_EITHER:
- printf("--ports ");
+ printf(" --ports ");
break;
}
@@ -438,7 +436,6 @@ static void __multiport_save(const struct xt_entry_match *match,
printf("%s", i ? "," : "");
print_port(multiinfo->ports[i], proto, 1);
}
- printf(" ");
}
static void multiport_save(const void *ip_void,
@@ -463,19 +460,19 @@ static void __multiport_save_v1(const struct xt_entry_match *match,
unsigned int i;
if (multiinfo->invert)
- printf("! ");
+ printf(" !");
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
- printf("--sports ");
+ printf(" --sports ");
break;
case XT_MULTIPORT_DESTINATION:
- printf("--dports ");
+ printf(" --dports ");
break;
case XT_MULTIPORT_EITHER:
- printf("--ports ");
+ printf(" --ports ");
break;
}
@@ -487,7 +484,6 @@ static void __multiport_save_v1(const struct xt_entry_match *match,
print_port(multiinfo->ports[++i], proto, 1);
}
}
- printf(" ");
}
static void multiport_save_v1(const void *ip_void,
diff --git a/extensions/libxt_osf.c b/extensions/libxt_osf.c
index 38c4705e..a97884b9 100644
--- a/extensions/libxt_osf.c
+++ b/extensions/libxt_osf.c
@@ -123,14 +123,14 @@ static void osf_print(const void *ip, const struct xt_entry_match *match, int nu
{
const struct xt_osf_info *info = (const struct xt_osf_info*) match->data;
- printf("OS fingerprint match %s%s ", (info->flags & XT_OSF_INVERT) ? "! " : "", info->genre);
+ printf(" OS fingerprint match %s%s", (info->flags & XT_OSF_INVERT) ? "! " : "", info->genre);
}
static void osf_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_osf_info *info = (const struct xt_osf_info*) match->data;
- printf("--genre %s%s ", (info->flags & XT_OSF_INVERT) ? "! ": "", info->genre);
+ printf(" --genre %s%s", (info->flags & XT_OSF_INVERT) ? "! ": "", info->genre);
}
static struct xtables_match osf_match = {
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index b9b11043..5cc7b7a6 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -358,8 +358,8 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label,
if (!(info->match & flag))
return;
if (info->invert & flag)
- printf("! ");
- printf("%s ", label);
+ printf(" !");
+ printf(" %s", label);
switch (info->match & flag) {
case IPT_OWNER_UID:
@@ -367,11 +367,11 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label,
struct passwd *pwd = getpwuid(info->uid);
if (pwd != NULL && pwd->pw_name != NULL) {
- printf("%s ", pwd->pw_name);
+ printf(" %s", pwd->pw_name);
break;
}
}
- printf("%u ", (unsigned int)info->uid);
+ printf(" %u", (unsigned int)info->uid);
break;
case IPT_OWNER_GID:
@@ -379,24 +379,24 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label,
struct group *grp = getgrgid(info->gid);
if (grp != NULL && grp->gr_name != NULL) {
- printf("%s ", grp->gr_name);
+ printf(" %s", grp->gr_name);
break;
}
}
- printf("%u ", (unsigned int)info->gid);
+ printf(" %u", (unsigned int)info->gid);
break;
case IPT_OWNER_PID:
- printf("%u ", (unsigned int)info->pid);
+ printf(" %u", (unsigned int)info->pid);
break;
case IPT_OWNER_SID:
- printf("%u ", (unsigned int)info->sid);
+ printf(" %u", (unsigned int)info->sid);
break;
#ifdef IPT_OWNER_COMM
case IPT_OWNER_COMM:
- printf("%.*s ", (int)sizeof(info->comm), info->comm);
+ printf(" %.*s", (int)sizeof(info->comm), info->comm);
break;
#endif
}
@@ -409,8 +409,8 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label,
if (!(info->match & flag))
return;
if (info->invert & flag)
- printf("! ");
- printf("%s ", label);
+ printf(" !");
+ printf(" %s", label);
switch (info->match & flag) {
case IP6T_OWNER_UID:
@@ -418,11 +418,11 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label,
struct passwd *pwd = getpwuid(info->uid);
if (pwd != NULL && pwd->pw_name != NULL) {
- printf("%s ", pwd->pw_name);
+ printf(" %s", pwd->pw_name);
break;
}
}
- printf("%u ", (unsigned int)info->uid);
+ printf(" %u", (unsigned int)info->uid);
break;
case IP6T_OWNER_GID:
@@ -430,19 +430,19 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label,
struct group *grp = getgrgid(info->gid);
if (grp != NULL && grp->gr_name != NULL) {
- printf("%s ", grp->gr_name);
+ printf(" %s", grp->gr_name);
break;
}
}
- printf("%u ", (unsigned int)info->gid);
+ printf(" %u", (unsigned int)info->gid);
break;
case IP6T_OWNER_PID:
- printf("%u ", (unsigned int)info->pid);
+ printf(" %u", (unsigned int)info->pid);
break;
case IP6T_OWNER_SID:
- printf("%u ", (unsigned int)info->sid);
+ printf(" %u", (unsigned int)info->sid);
break;
}
}
@@ -454,40 +454,40 @@ owner_mt_print_item(const struct xt_owner_match_info *info, const char *label,
if (!(info->match & flag))
return;
if (info->invert & flag)
- printf("! ");
- printf("%s ", label);
+ printf(" !");
+ printf(" %s", label);
switch (info->match & flag) {
case XT_OWNER_UID:
if (info->uid_min != info->uid_max) {
- printf("%u-%u ", (unsigned int)info->uid_min,
+ printf(" %u-%u", (unsigned int)info->uid_min,
(unsigned int)info->uid_max);
break;
} else if (!numeric) {
const struct passwd *pwd = getpwuid(info->uid_min);
if (pwd != NULL && pwd->pw_name != NULL) {
- printf("%s ", pwd->pw_name);
+ printf(" %s", pwd->pw_name);
break;
}
}
- printf("%u ", (unsigned int)info->uid_min);
+ printf(" %u", (unsigned int)info->uid_min);
break;
case XT_OWNER_GID:
if (info->gid_min != info->gid_max) {
- printf("%u-%u ", (unsigned int)info->gid_min,
+ printf(" %u-%u", (unsigned int)info->gid_min,
(unsigned int)info->gid_max);
break;
} else if (!numeric) {
const struct group *grp = getgrgid(info->gid_min);
if (grp != NULL && grp->gr_name != NULL) {
- printf("%s ", grp->gr_name);
+ printf(" %s", grp->gr_name);
break;
}
}
- printf("%u ", (unsigned int)info->gid_min);
+ printf(" %u", (unsigned int)info->gid_min);
break;
}
}
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index abd182c2..1c0de97d 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -114,7 +114,7 @@ physdev_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_physdev_info *info = (const void *)match->data;
- printf("PHYSDEV match");
+ printf(" PHYSDEV match");
if (info->bitmask & XT_PHYSDEV_OP_ISIN)
printf("%s --physdev-is-in",
info->invert & XT_PHYSDEV_OP_ISIN ? " !":"");
@@ -131,7 +131,6 @@ physdev_print(const void *ip, const struct xt_entry_match *match, int numeric)
if (info->bitmask & XT_PHYSDEV_OP_BRIDGED)
printf("%s --physdev-is-bridged",
info->invert & XT_PHYSDEV_OP_BRIDGED ? " !":"");
- printf(" ");
}
static void physdev_save(const void *ip, const struct xt_entry_match *match)
@@ -139,23 +138,23 @@ static void physdev_save(const void *ip, const struct xt_entry_match *match)
const struct xt_physdev_info *info = (const void *)match->data;
if (info->bitmask & XT_PHYSDEV_OP_ISIN)
- printf("%s--physdev-is-in ",
- (info->invert & XT_PHYSDEV_OP_ISIN) ? "! " : "");
+ printf("%s --physdev-is-in",
+ (info->invert & XT_PHYSDEV_OP_ISIN) ? " !" : "");
if (info->bitmask & XT_PHYSDEV_OP_IN)
- printf("%s--physdev-in %s ",
- (info->invert & XT_PHYSDEV_OP_IN) ? "! " : "",
+ printf("%s --physdev-in %s",
+ (info->invert & XT_PHYSDEV_OP_IN) ? " !" : "",
info->physindev);
if (info->bitmask & XT_PHYSDEV_OP_ISOUT)
- printf("%s--physdev-is-out ",
- (info->invert & XT_PHYSDEV_OP_ISOUT) ? "! " : "");
+ printf("%s --physdev-is-out",
+ (info->invert & XT_PHYSDEV_OP_ISOUT) ? " !" : "");
if (info->bitmask & XT_PHYSDEV_OP_OUT)
- printf("%s--physdev-out %s ",
- (info->invert & XT_PHYSDEV_OP_OUT) ? "! " : "",
+ printf("%s --physdev-out %s",
+ (info->invert & XT_PHYSDEV_OP_OUT) ? " !" : "",
info->physoutdev);
if (info->bitmask & XT_PHYSDEV_OP_BRIDGED)
- printf("%s--physdev-is-bridged ",
- (info->invert & XT_PHYSDEV_OP_BRIDGED) ? "! " : "");
+ printf("%s --physdev-is-bridged",
+ (info->invert & XT_PHYSDEV_OP_BRIDGED) ? " !" : "");
}
static struct xtables_match physdev_match = {
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index 8aefd92f..f5de3ef0 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -112,11 +112,11 @@ static void print_pkttype(const struct xt_pkttype_info *info)
for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
if(supported_types[i].pkttype==info->pkttype)
{
- printf("%s ", supported_types[i].name);
+ printf("%s", supported_types[i].name);
return;
}
- printf("%d ", info->pkttype); /* in case we didn't find an entry in named-packtes */
+ printf("%d", info->pkttype); /* in case we didn't find an entry in named-packtes */
}
static void pkttype_print(const void *ip, const struct xt_entry_match *match,
@@ -124,7 +124,7 @@ static void pkttype_print(const void *ip, const struct xt_entry_match *match,
{
const struct xt_pkttype_info *info = (const void *)match->data;
- printf("PKTTYPE %s= ", info->invert?"!":"");
+ printf(" PKTTYPE %s= ", info->invert ? "!" : "");
print_pkttype(info);
}
@@ -132,7 +132,7 @@ static void pkttype_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_pkttype_info *info = (const void *)match->data;
- printf("%s--pkt-type ", info->invert ? "! " : "");
+ printf("%s --pkt-type ", info->invert ? " !" : "");
print_pkttype(info);
}
diff --git a/extensions/libxt_policy.c b/extensions/libxt_policy.c
index 565f8a30..646d3330 100644
--- a/extensions/libxt_policy.c
+++ b/extensions/libxt_policy.c
@@ -330,17 +330,17 @@ static void policy_check(unsigned int flags)
static void print_mode(const char *prefix, uint8_t mode, int numeric)
{
- printf("%smode ", prefix);
+ printf(" %smode ", prefix);
switch (mode) {
case XT_POLICY_MODE_TRANSPORT:
- printf("transport ");
+ printf("transport");
break;
case XT_POLICY_MODE_TUNNEL:
- printf("tunnel ");
+ printf("tunnel");
break;
default:
- printf("??? ");
+ printf("???");
break;
}
}
@@ -349,19 +349,19 @@ static void print_proto(const char *prefix, uint8_t proto, int numeric)
{
struct protoent *p = NULL;
- printf("%sproto ", prefix);
+ printf(" %sproto ", prefix);
if (!numeric)
p = getprotobynumber(proto);
if (p != NULL)
- printf("%s ", p->p_name);
+ printf("%s", p->p_name);
else
- printf("%u ", proto);
+ printf("%u", proto);
}
#define PRINT_INVERT(x) \
do { \
if (x) \
- printf("! "); \
+ printf(" !"); \
} while(0)
static void print_entry(const char *prefix, const struct xt_policy_elem *e,
@@ -369,11 +369,11 @@ static void print_entry(const char *prefix, const struct xt_policy_elem *e,
{
if (e->match.reqid) {
PRINT_INVERT(e->invert.reqid);
- printf("%sreqid %u ", prefix, e->reqid);
+ printf(" %sreqid %u", prefix, e->reqid);
}
if (e->match.spi) {
PRINT_INVERT(e->invert.spi);
- printf("%sspi 0x%x ", prefix, e->spi);
+ printf(" %sspi 0x%x", prefix, e->spi);
}
if (e->match.proto) {
PRINT_INVERT(e->invert.proto);
@@ -386,22 +386,22 @@ static void print_entry(const char *prefix, const struct xt_policy_elem *e,
if (e->match.daddr) {
PRINT_INVERT(e->invert.daddr);
if (family == NFPROTO_IPV6)
- printf("%stunnel-dst %s%s ", prefix,
+ printf(" %stunnel-dst %s%s", prefix,
xtables_ip6addr_to_numeric(&e->daddr.a6),
xtables_ip6mask_to_numeric(&e->dmask.a6));
else
- printf("%stunnel-dst %s%s ", prefix,
+ printf(" %stunnel-dst %s%s", prefix,
xtables_ipaddr_to_numeric(&e->daddr.a4),
xtables_ipmask_to_numeric(&e->dmask.a4));
}
if (e->match.saddr) {
PRINT_INVERT(e->invert.saddr);
if (family == NFPROTO_IPV6)
- printf("%stunnel-src %s%s ", prefix,
+ printf(" %stunnel-src %s%s", prefix,
xtables_ip6addr_to_numeric(&e->saddr.a6),
xtables_ip6mask_to_numeric(&e->smask.a6));
else
- printf("%stunnel-src %s%s ", prefix,
+ printf(" %stunnel-src %s%s", prefix,
xtables_ipaddr_to_numeric(&e->saddr.a4),
xtables_ipmask_to_numeric(&e->smask.a4));
}
@@ -410,17 +410,17 @@ static void print_entry(const char *prefix, const struct xt_policy_elem *e,
static void print_flags(char *prefix, const struct xt_policy_info *info)
{
if (info->flags & XT_POLICY_MATCH_IN)
- printf("%sdir in ", prefix);
+ printf(" %sdir in", prefix);
else
- printf("%sdir out ", prefix);
+ printf(" %sdir out", prefix);
if (info->flags & XT_POLICY_MATCH_NONE)
- printf("%spol none ", prefix);
+ printf(" %spol none", prefix);
else
- printf("%spol ipsec ", prefix);
+ printf(" %spol ipsec", prefix);
if (info->flags & XT_POLICY_MATCH_STRICT)
- printf("%sstrict ", prefix);
+ printf(" %sstrict", prefix);
}
static void policy4_print(const void *ip, const struct xt_entry_match *match,
@@ -429,11 +429,11 @@ static void policy4_print(const void *ip, const struct xt_entry_match *match,
const struct xt_policy_info *info = (void *)match->data;
unsigned int i;
- printf("policy match ");
+ printf(" policy match");
print_flags("", info);
for (i = 0; i < info->len; i++) {
if (info->len > 1)
- printf("[%u] ", i);
+ printf(" [%u]", i);
print_entry("", &info->pol[i], numeric, NFPROTO_IPV4);
}
}
@@ -444,11 +444,11 @@ static void policy6_print(const void *ip, const struct xt_entry_match *match,
const struct xt_policy_info *info = (void *)match->data;
unsigned int i;
- printf("policy match ");
+ printf(" policy match");
print_flags("", info);
for (i = 0; i < info->len; i++) {
if (info->len > 1)
- printf("[%u] ", i);
+ printf(" [%u]", i);
print_entry("", &info->pol[i], numeric, NFPROTO_IPV6);
}
}
@@ -462,7 +462,7 @@ static void policy4_save(const void *ip, const struct xt_entry_match *match)
for (i = 0; i < info->len; i++) {
print_entry("--", &info->pol[i], false, NFPROTO_IPV4);
if (i + 1 < info->len)
- printf("--next ");
+ printf(" --next");
}
}
@@ -475,7 +475,7 @@ static void policy6_save(const void *ip, const struct xt_entry_match *match)
for (i = 0; i < info->len; i++) {
print_entry("--", &info->pol[i], false, NFPROTO_IPV6);
if (i + 1 < info->len)
- printf("--next ");
+ printf(" --next");
}
}
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index 75da2d6d..e6ed9bc7 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -27,7 +27,7 @@ static void
quota_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_quota_info *q = (const void *)match->data;
- printf("quota: %llu bytes", (unsigned long long) q->quota);
+ printf(" quota: %llu bytes", (unsigned long long)q->quota);
}
static void
@@ -37,7 +37,7 @@ quota_save(const void *ip, const struct xt_entry_match *match)
if (q->flags & XT_QUOTA_INVERT)
printf("! ");
- printf("--quota %llu ", (unsigned long long) q->quota);
+ printf(" --quota %llu", (unsigned long long) q->quota);
}
/* parse quota option */
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index 7b6ba005..6998c016 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -320,13 +320,13 @@ rateest_print_rate(uint32_t rate, int numeric)
double tmp = (double)rate*8;
if (numeric)
- printf("%u ", rate);
+ printf(" %u", rate);
else if (tmp >= 1000.0*1000000.0)
- printf("%.0fMbit ", tmp/1000000.0);
+ printf(" %.0fMbit", tmp/1000000.0);
else if (tmp >= 1000.0 * 1000.0)
- printf("%.0fKbit ", tmp/1000.0);
+ printf(" %.0fKbit", tmp/1000.0);
else
- printf("%.0fbit ", tmp);
+ printf(" %.0fbit", tmp);
}
static void
@@ -334,17 +334,17 @@ rateest_print_mode(const struct xt_rateest_match_info *info,
const char *prefix)
{
if (info->flags & XT_RATEEST_MATCH_INVERT)
- printf("! ");
+ printf(" !");
switch (info->mode) {
case XT_RATEEST_MATCH_EQ:
- printf("%seq ", prefix);
+ printf(" %seq", prefix);
break;
case XT_RATEEST_MATCH_LT:
- printf("%slt ", prefix);
+ printf(" %slt", prefix);
break;
case XT_RATEEST_MATCH_GT:
- printf("%sgt ", prefix);
+ printf(" %sgt", prefix);
break;
default:
exit(1);
@@ -356,14 +356,14 @@ rateest_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_rateest_match_info *info = (const void *)match->data;
- printf("rateest match ");
+ printf(" rateest match ");
- printf("%s ", info->name1);
+ printf("%s", info->name1);
if (info->flags & XT_RATEEST_MATCH_DELTA)
- printf("delta ");
+ printf(" delta");
if (info->flags & XT_RATEEST_MATCH_BPS) {
- printf("bps ");
+ printf(" bps");
if (info->flags & XT_RATEEST_MATCH_DELTA)
rateest_print_rate(info->bps1, numeric);
if (info->flags & XT_RATEEST_MATCH_ABS) {
@@ -372,31 +372,31 @@ rateest_print(const void *ip, const struct xt_entry_match *match, int numeric)
}
}
if (info->flags & XT_RATEEST_MATCH_PPS) {
- printf("pps ");
+ printf(" pps");
if (info->flags & XT_RATEEST_MATCH_DELTA)
- printf("%u ", info->pps1);
+ printf(" %u", info->pps1);
if (info->flags & XT_RATEEST_MATCH_ABS) {
rateest_print_mode(info, "");
- printf("%u ", info->pps2);
+ printf(" %u", info->pps2);
}
}
if (info->flags & XT_RATEEST_MATCH_REL) {
rateest_print_mode(info, "");
- printf("%s ", info->name2);
+ printf(" %s", info->name2);
if (info->flags & XT_RATEEST_MATCH_DELTA)
- printf("delta ");
+ printf(" delta");
if (info->flags & XT_RATEEST_MATCH_BPS) {
- printf("bps ");
+ printf(" bps");
if (info->flags & XT_RATEEST_MATCH_DELTA)
rateest_print_rate(info->bps2, numeric);
}
if (info->flags & XT_RATEEST_MATCH_PPS) {
- printf("pps ");
+ printf(" pps");
if (info->flags & XT_RATEEST_MATCH_DELTA)
- printf("%u ", info->pps2);
+ printf(" %u", info->pps2);
}
}
}
@@ -407,26 +407,26 @@ rateest_save(const void *ip, const struct xt_entry_match *match)
const struct xt_rateest_match_info *info = (const void *)match->data;
if (info->flags & XT_RATEEST_MATCH_REL) {
- printf("--rateest1 %s ", info->name1);
+ printf(" --rateest1 %s", info->name1);
if (info->flags & XT_RATEEST_MATCH_BPS)
- printf("--rateest-bps ");
+ printf(" --rateest-bps");
if (info->flags & XT_RATEEST_MATCH_PPS)
- printf("--rateest-pps ");
- rateest_print_mode(info, "--rateest-");
- printf("--rateest2 %s ", info->name2);
+ printf(" --rateest-pps");
+ rateest_print_mode(info, " --rateest-");
+ printf(" --rateest2 %s", info->name2);
} else {
- printf("--rateest %s ", info->name1);
+ printf(" --rateest %s", info->name1);
if (info->flags & XT_RATEEST_MATCH_BPS) {
- printf("--rateest-bps1 ");
+ printf(" --rateest-bps1");
rateest_print_rate(info->bps1, 0);
- printf("--rateest-bps2 ");
+ printf(" --rateest-bps2");
rateest_print_rate(info->bps2, 0);
rateest_print_mode(info, "--rateest-");
}
if (info->flags & XT_RATEEST_MATCH_PPS) {
- printf("--rateest-pps ");
+ printf(" --rateest-pps");
rateest_print_mode(info, "--rateest-");
- printf("%u ", info->pps2);
+ printf(" %u", info->pps2);
}
}
}
diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c
index 85f3613d..e4a7f4d4 100644
--- a/extensions/libxt_recent.c
+++ b/extensions/libxt_recent.c
@@ -162,26 +162,26 @@ static void recent_print(const void *ip, const struct xt_entry_match *match,
const struct xt_recent_mtinfo *info = (const void *)match->data;
if (info->invert)
- fputc('!', stdout);
+ printf(" !");
- printf("recent: ");
+ printf(" recent:");
if (info->check_set & XT_RECENT_SET)
- printf("SET ");
+ printf(" SET");
if (info->check_set & XT_RECENT_CHECK)
- printf("CHECK ");
+ printf(" CHECK");
if (info->check_set & XT_RECENT_UPDATE)
- printf("UPDATE ");
+ printf(" UPDATE");
if (info->check_set & XT_RECENT_REMOVE)
- printf("REMOVE ");
- if(info->seconds) printf("seconds: %d ",info->seconds);
- if(info->hit_count) printf("hit_count: %d ",info->hit_count);
+ printf(" REMOVE");
+ if(info->seconds) printf(" seconds: %d", info->seconds);
+ if(info->hit_count) printf(" hit_count: %d", info->hit_count);
if (info->check_set & XT_RECENT_TTL)
- printf("TTL-Match ");
- if(info->name) printf("name: %s ",info->name);
+ printf(" TTL-Match");
+ if(info->name) printf(" name: %s", info->name);
if (info->side == XT_RECENT_SOURCE)
- printf("side: source ");
+ printf(" side: source");
if (info->side == XT_RECENT_DEST)
- printf("side: dest ");
+ printf(" side: dest");
}
static void recent_save(const void *ip, const struct xt_entry_match *match)
@@ -189,25 +189,25 @@ static void recent_save(const void *ip, const struct xt_entry_match *match)
const struct xt_recent_mtinfo *info = (const void *)match->data;
if (info->invert)
- printf("! ");
+ printf(" !");
if (info->check_set & XT_RECENT_SET)
- printf("--set ");
+ printf(" --set");
if (info->check_set & XT_RECENT_CHECK)
- printf("--rcheck ");
+ printf(" --rcheck");
if (info->check_set & XT_RECENT_UPDATE)
- printf("--update ");
+ printf(" --update");
if (info->check_set & XT_RECENT_REMOVE)
- printf("--remove ");
- if(info->seconds) printf("--seconds %d ",info->seconds);
- if(info->hit_count) printf("--hitcount %d ",info->hit_count);
+ printf(" --remove");
+ if(info->seconds) printf(" --seconds %d", info->seconds);
+ if(info->hit_count) printf(" --hitcount %d", info->hit_count);
if (info->check_set & XT_RECENT_TTL)
- printf("--rttl ");
- if(info->name) printf("--name %s ",info->name);
+ printf(" --rttl");
+ if(info->name) printf(" --name %s",info->name);
if (info->side == XT_RECENT_SOURCE)
- printf("--rsource ");
+ printf(" --rsource");
if (info->side == XT_RECENT_DEST)
- printf("--rdest ");
+ printf(" --rdest");
}
static struct xtables_match recent_mt_reg = {
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 016a9f9e..718d4c42 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -329,7 +329,7 @@ print_ports(const char *name, uint16_t min, uint16_t max,
const char *inv = invert ? "!" : "";
if (min != 0 || max != 0xFFFF || invert) {
- printf("%s", name);
+ printf(" %s", name);
if (min == max) {
printf(":%s", inv);
print_port(min, numeric);
@@ -339,7 +339,6 @@ print_ports(const char *name, uint16_t min, uint16_t max,
printf(":");
print_port(max, numeric);
}
- printf(" ");
}
}
@@ -391,19 +390,19 @@ print_chunks(const struct xt_sctp_info *einfo, int numeric)
int flag;
switch (chunk_match_type) {
- case SCTP_CHUNK_MATCH_ANY: printf("any "); break;
- case SCTP_CHUNK_MATCH_ALL: printf("all "); break;
- case SCTP_CHUNK_MATCH_ONLY: printf("only "); break;
+ case SCTP_CHUNK_MATCH_ANY: printf(" any"); break;
+ case SCTP_CHUNK_MATCH_ALL: printf(" all"); break;
+ case SCTP_CHUNK_MATCH_ONLY: printf(" only"); break;
default: printf("Never reach here\n"); break;
}
if (SCTP_CHUNKMAP_IS_CLEAR(einfo->chunkmap)) {
- printf("NONE ");
+ printf(" NONE");
goto out;
}
if (SCTP_CHUNKMAP_IS_ALL_SET(einfo->chunkmap)) {
- printf("ALL ");
+ printf(" ALL");
goto out;
}
@@ -412,6 +411,8 @@ print_chunks(const struct xt_sctp_info *einfo, int numeric)
if (SCTP_CHUNKMAP_IS_SET(einfo->chunkmap, i)) {
if (flag)
printf(",");
+ else
+ putchar(' ');
flag = 1;
print_chunk(i, numeric);
for (j = 0; j < flag_count; j++) {
@@ -422,9 +423,6 @@ print_chunks(const struct xt_sctp_info *einfo, int numeric)
}
}
}
-
- if (flag)
- printf(" ");
out:
return;
}
@@ -435,7 +433,7 @@ sctp_print(const void *ip, const struct xt_entry_match *match, int numeric)
const struct xt_sctp_info *einfo =
(const struct xt_sctp_info *)match->data;
- printf("sctp ");
+ printf(" sctp");
if (einfo->flags & XT_SCTP_SRC_PORTS) {
print_ports("spt", einfo->spts[0], einfo->spts[1],
@@ -453,7 +451,7 @@ sctp_print(const void *ip, const struct xt_entry_match *match, int numeric)
/* FIXME: print_chunks() is used in save() where the printing of '!'
s taken care of, so we need to do that here as well */
if (einfo->invflags & XT_SCTP_CHUNK_TYPES) {
- printf("! ");
+ printf(" !");
}
print_chunks(einfo, numeric);
}
@@ -466,28 +464,28 @@ static void sctp_save(const void *ip, const struct xt_entry_match *match)
if (einfo->flags & XT_SCTP_SRC_PORTS) {
if (einfo->invflags & XT_SCTP_SRC_PORTS)
- printf("! ");
+ printf(" !");
if (einfo->spts[0] != einfo->spts[1])
- printf("--sport %u:%u ",
+ printf(" --sport %u:%u",
einfo->spts[0], einfo->spts[1]);
else
- printf("--sport %u ", einfo->spts[0]);
+ printf(" --sport %u", einfo->spts[0]);
}
if (einfo->flags & XT_SCTP_DEST_PORTS) {
if (einfo->invflags & XT_SCTP_DEST_PORTS)
- printf("! ");
+ printf(" !");
if (einfo->dpts[0] != einfo->dpts[1])
- printf("--dport %u:%u ",
+ printf(" --dport %u:%u",
einfo->dpts[0], einfo->dpts[1]);
else
- printf("--dport %u ", einfo->dpts[0]);
+ printf(" --dport %u", einfo->dpts[0]);
}
if (einfo->flags & XT_SCTP_CHUNK_TYPES) {
if (einfo->invflags & XT_SCTP_CHUNK_TYPES)
- printf("! ");
- printf("--chunk-types ");
+ printf(" !");
+ printf(" --chunk-types");
print_chunks(einfo, 0);
}
diff --git a/extensions/libxt_set.c b/extensions/libxt_set.c
index 6364011f..78bf7c10 100644
--- a/extensions/libxt_set.c
+++ b/extensions/libxt_set.c
@@ -97,8 +97,8 @@ print_match_v0(const char *prefix, const struct xt_set_info_v0 *info)
char setname[IPSET_MAXNAMELEN];
get_set_byid(setname, info->index);
- printf("%s%s %s",
- (info->u.flags[0] & IPSET_MATCH_INV) ? "! " : "",
+ printf("%s %s %s",
+ (info->u.flags[0] & IPSET_MATCH_INV) ? " !" : "",
prefix,
setname);
for (i = 0; i < IPSET_DIM_MAX; i++) {
@@ -108,7 +108,6 @@ print_match_v0(const char *prefix, const struct xt_set_info_v0 *info)
i == 0 ? " " : ",",
info->u.flags[i] & IPSET_SRC ? "src" : "dst");
}
- printf(" ");
}
/* Prints out the matchinfo. */
@@ -179,8 +178,8 @@ print_match(const char *prefix, const struct xt_set_info *info)
char setname[IPSET_MAXNAMELEN];
get_set_byid(setname, info->index);
- printf("%s%s %s",
- (info->flags & IPSET_INV_MATCH) ? "! " : "",
+ printf("%s %s %s",
+ (info->flags & IPSET_INV_MATCH) ? " !" : "",
prefix,
setname);
for (i = 1; i <= info->dim; i++) {
@@ -188,7 +187,6 @@ print_match(const char *prefix, const struct xt_set_info *info)
i == 1 ? " " : ",",
info->flags & (1 << i) ? "src" : "dst");
}
- printf(" ");
}
/* Prints out the matchinfo. */
diff --git a/extensions/libxt_socket.c b/extensions/libxt_socket.c
index e4dff78b..e89d1c56 100644
--- a/extensions/libxt_socket.c
+++ b/extensions/libxt_socket.c
@@ -40,14 +40,14 @@ socket_mt_save(const void *ip, const struct xt_entry_match *match)
const struct xt_socket_mtinfo1 *info = (const void *)match->data;
if (info->flags & XT_SOCKET_TRANSPARENT)
- printf("--transparent ");
+ printf(" --transparent");
}
static void
socket_mt_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
- printf("socket ");
+ printf(" socket");
socket_mt_save(ip, match);
}
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index a236a3f0..9a631aa7 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -114,7 +114,6 @@ static void state_print_state(unsigned int statemask)
printf("%sUNTRACKED", sep);
sep = ",";
}
- printf(" ");
}
static void
@@ -124,7 +123,7 @@ state_print(const void *ip,
{
const struct xt_state_info *sinfo = (const void *)match->data;
- printf("state ");
+ printf(" state ");
state_print_state(sinfo->statemask);
}
@@ -132,7 +131,7 @@ static void state_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_state_info *sinfo = (const void *)match->data;
- printf("--state ");
+ printf(" --state ");
state_print_state(sinfo->statemask);
}
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index f6fbd3b8..b4171b11 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -126,18 +126,18 @@ static void statistic_check(unsigned int flags)
static void print_match(const struct xt_statistic_info *info, char *prefix)
{
if (info->flags & XT_STATISTIC_INVERT)
- printf("! ");
+ printf(" !");
switch (info->mode) {
case XT_STATISTIC_MODE_RANDOM:
- printf("%smode random %sprobability %f ", prefix, prefix,
+ printf( "%smode random %sprobability %f", prefix, prefix,
1.0 * info->u.random.probability / 0x80000000);
break;
case XT_STATISTIC_MODE_NTH:
- printf("%smode nth %severy %u ", prefix, prefix,
+ printf(" %smode nth %severy %u", prefix, prefix,
info->u.nth.every + 1);
if (info->u.nth.packet)
- printf("%spacket %u ", prefix, info->u.nth.packet);
+ printf(" %spacket %u", prefix, info->u.nth.packet);
break;
}
}
@@ -147,7 +147,7 @@ statistic_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_statistic_info *info = (const void *)match->data;
- printf("statistic ");
+ printf(" statistic");
print_match(info, "");
}
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index c78f9cd8..4f757575 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -289,13 +289,13 @@ static void
print_string(const char *str, const unsigned short int len)
{
unsigned int i;
- printf("\"");
+ printf(" \"");
for (i=0; i < len; i++) {
if ((unsigned char) str[i] == 0x22) /* escape any embedded quotes */
printf("%c", 0x5c);
printf("%c", (unsigned char) str[i]);
}
- printf("\" "); /* closing space and quote */
+ printf("\""); /* closing quote */
}
static void
@@ -308,19 +308,19 @@ string_print(const void *ip, const struct xt_entry_match *match, int numeric)
info->u.v1.flags & XT_STRING_FLAG_INVERT);
if (is_hex_string(info->pattern, info->patlen)) {
- printf("STRING match %s", invert ? "!" : "");
+ printf(" STRING match %s", invert ? "!" : "");
print_hex_string(info->pattern, info->patlen);
} else {
- printf("STRING match %s", invert ? "!" : "");
+ printf(" STRING match %s", invert ? "!" : "");
print_string(info->pattern, info->patlen);
}
- printf("ALGO name %s ", info->algo);
+ printf(" ALGO name %s", info->algo);
if (info->from_offset != 0)
- printf("FROM %u ", info->from_offset);
+ printf(" FROM %u", info->from_offset);
if (info->to_offset != 0)
- printf("TO %u ", info->to_offset);
+ printf(" TO %u", info->to_offset);
if (revision > 0 && info->u.v1.flags & XT_STRING_FLAG_IGNORECASE)
- printf("ICASE ");
+ printf(" ICASE");
}
static void string_save(const void *ip, const struct xt_entry_match *match)
@@ -332,19 +332,19 @@ static void string_save(const void *ip, const struct xt_entry_match *match)
info->u.v1.flags & XT_STRING_FLAG_INVERT);
if (is_hex_string(info->pattern, info->patlen)) {
- printf("%s--hex-string ", (invert) ? "! ": "");
+ printf("%s --hex-string", (invert) ? " !" : "");
print_hex_string(info->pattern, info->patlen);
} else {
- printf("%s--string ", (invert) ? "! ": "");
+ printf("%s --string", (invert) ? " !": "");
print_string(info->pattern, info->patlen);
}
- printf("--algo %s ", info->algo);
+ printf(" --algo %s", info->algo);
if (info->from_offset != 0)
- printf("--from %u ", info->from_offset);
+ printf(" --from %u", info->from_offset);
if (info->to_offset != 0)
- printf("--to %u ", info->to_offset);
+ printf(" --to %u", info->to_offset);
if (revision > 0 && info->u.v1.flags & XT_STRING_FLAG_IGNORECASE)
- printf("--icase ");
+ printf(" --icase");
}
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index 8bcb0dd5..d9bcbd0e 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -237,7 +237,7 @@ print_ports(const char *name, uint16_t min, uint16_t max,
const char *inv = invert ? "!" : "";
if (min != 0 || max != 0xFFFF || invert) {
- printf("%s", name);
+ printf(" %s", name);
if (min == max) {
printf(":%s", inv);
print_port(min, numeric);
@@ -247,7 +247,6 @@ print_ports(const char *name, uint16_t min, uint16_t max,
printf(":");
print_port(max, numeric);
}
- printf(" ");
}
}
@@ -255,7 +254,7 @@ static void
print_option(uint8_t option, int invert, int numeric)
{
if (option || invert)
- printf("option=%s%u ", invert ? "!" : "", option);
+ printf(" option=%s%u", invert ? "!" : "", option);
}
static void
@@ -286,12 +285,12 @@ print_flags(uint8_t mask, uint8_t cmp, int invert, int numeric)
if (mask || invert) {
printf("flags:%s", invert ? "!" : "");
if (numeric)
- printf("0x%02X/0x%02X ", mask, cmp);
+ printf(" 0x%02X/0x%02X", mask, cmp);
else {
+ printf(" ");
print_tcpf(mask);
printf("/");
print_tcpf(cmp);
- printf(" ");
}
}
}
@@ -301,7 +300,7 @@ tcp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_tcp *tcp = (struct xt_tcp *)match->data;
- printf("tcp ");
+ printf(" tcp");
print_ports("spt", tcp->spts[0], tcp->spts[1],
tcp->invflags & XT_TCP_INV_SRCPT,
numeric);
@@ -315,7 +314,7 @@ tcp_print(const void *ip, const struct xt_entry_match *match, int numeric)
tcp->invflags & XT_TCP_INV_FLAGS,
numeric);
if (tcp->invflags & ~XT_TCP_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
tcp->invflags & ~XT_TCP_INV_MASK);
}
@@ -326,49 +325,48 @@ static void tcp_save(const void *ip, const struct xt_entry_match *match)
if (tcpinfo->spts[0] != 0
|| tcpinfo->spts[1] != 0xFFFF) {
if (tcpinfo->invflags & XT_TCP_INV_SRCPT)
- printf("! ");
+ printf(" !");
if (tcpinfo->spts[0]
!= tcpinfo->spts[1])
- printf("--sport %u:%u ",
+ printf(" --sport %u:%u",
tcpinfo->spts[0],
tcpinfo->spts[1]);
else
- printf("--sport %u ",
+ printf(" --sport %u",
tcpinfo->spts[0]);
}
if (tcpinfo->dpts[0] != 0
|| tcpinfo->dpts[1] != 0xFFFF) {
if (tcpinfo->invflags & XT_TCP_INV_DSTPT)
- printf("! ");
+ printf(" !");
if (tcpinfo->dpts[0]
!= tcpinfo->dpts[1])
- printf("--dport %u:%u ",
+ printf(" --dport %u:%u",
tcpinfo->dpts[0],
tcpinfo->dpts[1]);
else
- printf("--dport %u ",
+ printf(" --dport %u",
tcpinfo->dpts[0]);
}
if (tcpinfo->option
|| (tcpinfo->invflags & XT_TCP_INV_OPTION)) {
if (tcpinfo->invflags & XT_TCP_INV_OPTION)
- printf("! ");
- printf("--tcp-option %u ", tcpinfo->option);
+ printf(" !");
+ printf(" --tcp-option %u", tcpinfo->option);
}
if (tcpinfo->flg_mask
|| (tcpinfo->invflags & XT_TCP_INV_FLAGS)) {
if (tcpinfo->invflags & XT_TCP_INV_FLAGS)
- printf("! ");
- printf("--tcp-flags ");
+ printf(" !");
+ printf(" --tcp-flags ");
if (tcpinfo->flg_mask != 0xFF) {
print_tcpf(tcpinfo->flg_mask);
}
printf(" ");
print_tcpf(tcpinfo->flg_cmp);
- printf(" ");
}
}
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index 35d6d189..3dc35286 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -89,22 +89,22 @@ tcpmss_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_tcpmss_match_info *info = (void *)match->data;
- printf("tcpmss match %s", info->invert ? "!" : "");
+ printf(" tcpmss match %s", info->invert ? "!" : "");
if (info->mss_min == info->mss_max)
- printf("%u ", info->mss_min);
+ printf("%u", info->mss_min);
else
- printf("%u:%u ", info->mss_min, info->mss_max);
+ printf("%u:%u", info->mss_min, info->mss_max);
}
static void tcpmss_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_tcpmss_match_info *info = (void *)match->data;
- printf("%s--mss ", info->invert ? "! " : "");
+ printf("%s --mss ", info->invert ? " !" : "");
if (info->mss_min == info->mss_max)
- printf("%u ", info->mss_min);
+ printf("%u", info->mss_min);
else
- printf("%u:%u ", info->mss_min, info->mss_max);
+ printf("%u:%u", info->mss_min, info->mss_max);
}
static struct xtables_match tcpmss_match = {
diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c
index b2e6ffa6..56fb135a 100644
--- a/extensions/libxt_time.c
+++ b/extensions/libxt_time.c
@@ -344,11 +344,11 @@ static void time_print_date(time_t date, const char *command)
* Need a contiguous string (no whitespaces), hence using
* the ISO 8601 "T" variant.
*/
- printf("%s %04u-%02u-%02uT%02u:%02u:%02u ",
+ printf(" %s %04u-%02u-%02uT%02u:%02u:%02u",
command, t->tm_year + 1900, t->tm_mon + 1,
t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec);
else
- printf("%04u-%02u-%02u %02u:%02u:%02u ",
+ printf(" %04u-%02u-%02u %02u:%02u:%02u",
t->tm_year + 1900, t->tm_mon + 1, t->tm_mday,
t->tm_hour, t->tm_min, t->tm_sec);
}
@@ -357,6 +357,7 @@ static void time_print_monthdays(uint32_t mask, bool human_readable)
{
unsigned int i, nbdays = 0;
+ printf(" ");
for (i = 1; i <= 31; ++i)
if (mask & (1 << i)) {
if (nbdays++ > 0)
@@ -378,13 +379,13 @@ static void time_print_monthdays(uint32_t mask, bool human_readable)
break;
}
}
- printf(" ");
}
static void time_print_weekdays(unsigned int mask)
{
unsigned int i, nbdays = 0;
+ printf(" ");
for (i = 1; i <= 7; ++i)
if (mask & (1 << i)) {
if (nbdays > 0)
@@ -393,7 +394,6 @@ static void time_print_weekdays(unsigned int mask)
printf("%s", week_days[i]);
++nbdays;
}
- printf(" ");
}
static inline void divide_time(unsigned int fulltime, unsigned int *hours,
@@ -411,33 +411,33 @@ static void time_print(const void *ip, const struct xt_entry_match *match,
const struct xt_time_info *info = (const void *)match->data;
unsigned int h, m, s;
- printf("TIME ");
+ printf(" TIME");
if (info->daytime_start != XT_TIME_MIN_DAYTIME ||
info->daytime_stop != XT_TIME_MAX_DAYTIME) {
divide_time(info->daytime_start, &h, &m, &s);
- printf("from %02u:%02u:%02u ", h, m, s);
+ printf(" from %02u:%02u:%02u", h, m, s);
divide_time(info->daytime_stop, &h, &m, &s);
- printf("to %02u:%02u:%02u ", h, m, s);
+ printf(" to %02u:%02u:%02u", h, m, s);
}
if (info->weekdays_match != XT_TIME_ALL_WEEKDAYS) {
- printf("on ");
+ printf(" on");
time_print_weekdays(info->weekdays_match);
}
if (info->monthdays_match != XT_TIME_ALL_MONTHDAYS) {
- printf("on ");
+ printf(" on");
time_print_monthdays(info->monthdays_match, true);
}
if (info->date_start != 0) {
- printf("starting from ");
+ printf(" starting from");
time_print_date(info->date_start, NULL);
}
if (info->date_stop != INT_MAX) {
- printf("until date ");
+ printf(" until date");
time_print_date(info->date_stop, NULL);
}
if (!(info->flags & XT_TIME_LOCAL_TZ))
- printf("UTC ");
+ printf(" UTC");
}
static void time_save(const void *ip, const struct xt_entry_match *match)
@@ -448,23 +448,22 @@ static void time_save(const void *ip, const struct xt_entry_match *match)
if (info->daytime_start != XT_TIME_MIN_DAYTIME ||
info->daytime_stop != XT_TIME_MAX_DAYTIME) {
divide_time(info->daytime_start, &h, &m, &s);
- printf("--timestart %02u:%02u:%02u ", h, m, s);
+ printf(" --timestart %02u:%02u:%02u", h, m, s);
divide_time(info->daytime_stop, &h, &m, &s);
- printf("--timestop %02u:%02u:%02u ", h, m, s);
+ printf(" --timestop %02u:%02u:%02u", h, m, s);
}
if (info->monthdays_match != XT_TIME_ALL_MONTHDAYS) {
- printf("--monthdays ");
+ printf(" --monthdays");
time_print_monthdays(info->monthdays_match, false);
}
if (info->weekdays_match != XT_TIME_ALL_WEEKDAYS) {
- printf("--weekdays ");
+ printf(" --weekdays");
time_print_weekdays(info->weekdays_match);
- printf(" ");
}
time_print_date(info->date_start, "--datestart");
time_print_date(info->date_stop, "--datestop");
if (!(info->flags & XT_TIME_LOCAL_TZ))
- printf("--utc ");
+ printf(" --utc");
}
static struct xtables_match time_match = {
diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c
index 435f68e8..8b83e180 100644
--- a/extensions/libxt_tos.c
+++ b/extensions/libxt_tos.c
@@ -103,11 +103,11 @@ static void tos_mt_print_v0(const void *ip, const struct xt_entry_match *match,
{
const struct ipt_tos_info *info = (const void *)match->data;
- printf("tos match ");
+ printf(" tos match ");
if (info->invert)
printf("!");
if (numeric || !tos_try_print_symbolic("", info->tos, 0x3F))
- printf("0x%02x ", info->tos);
+ printf("0x%02x", info->tos);
}
static void tos_mt_print(const void *ip, const struct xt_entry_match *match,
@@ -115,12 +115,12 @@ static void tos_mt_print(const void *ip, const struct xt_entry_match *match,
{
const struct xt_tos_match_info *info = (const void *)match->data;
- printf("tos match ");
+ printf(" tos match");
if (info->invert)
printf("!");
if (numeric ||
!tos_try_print_symbolic("", info->tos_value, info->tos_mask))
- printf("0x%02x/0x%02x ", info->tos_value, info->tos_mask);
+ printf("0x%02x/0x%02x", info->tos_value, info->tos_mask);
}
static void tos_mt_save_v0(const void *ip, const struct xt_entry_match *match)
@@ -128,8 +128,8 @@ static void tos_mt_save_v0(const void *ip, const struct xt_entry_match *match)
const struct ipt_tos_info *info = (const void *)match->data;
if (info->invert)
- printf("! ");
- printf("--tos 0x%02x ", info->tos);
+ printf(" !");
+ printf(" --tos 0x%02x", info->tos);
}
static void tos_mt_save(const void *ip, const struct xt_entry_match *match)
@@ -137,8 +137,8 @@ static void tos_mt_save(const void *ip, const struct xt_entry_match *match)
const struct xt_tos_match_info *info = (const void *)match->data;
if (info->invert)
- printf("! ");
- printf("--tos 0x%02x/0x%02x ", info->tos_value, info->tos_mask);
+ printf(" !");
+ printf(" --tos 0x%02x/0x%02x", info->tos_value, info->tos_mask);
}
static struct xtables_match tos_mt_reg[] = {
diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c
index 378de0c9..7f102d49 100644
--- a/extensions/libxt_u32.c
+++ b/extensions/libxt_u32.c
@@ -45,7 +45,7 @@ static void u32_dump(const struct xt_u32 *data)
const struct xt_u32_test *ct;
unsigned int testind, i;
- putchar('\"');
+ printf(" \"");
for (testind = 0; testind < data->ntests; ++testind) {
ct = &data->tests[testind];
@@ -82,7 +82,7 @@ static void u32_dump(const struct xt_u32 *data)
ct->value[i].max);
}
}
- printf("\" ");
+ putchar('\"');
}
/* string_to_number() is not quite what we need here ... */
@@ -252,9 +252,9 @@ static void u32_print(const void *ip, const struct xt_entry_match *match,
int numeric)
{
const struct xt_u32 *data = (const void *)match->data;
- printf("u32 ");
+ printf(" u32");
if (data->invert)
- printf("! ");
+ printf(" !");
u32_dump(data);
}
@@ -262,8 +262,8 @@ static void u32_save(const void *ip, const struct xt_entry_match *match)
{
const struct xt_u32 *data = (const void *)match->data;
if (data->invert)
- printf("! ");
- printf("--u32 ");
+ printf(" !");
+ printf(" --u32");
u32_dump(data);
}
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 2550d71f..505b3c88 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -124,7 +124,7 @@ print_ports(const char *name, uint16_t min, uint16_t max,
const char *inv = invert ? "!" : "";
if (min != 0 || max != 0xFFFF || invert) {
- printf("%s", name);
+ printf(" %s", name);
if (min == max) {
printf(":%s", inv);
print_port(min, numeric);
@@ -134,7 +134,6 @@ print_ports(const char *name, uint16_t min, uint16_t max,
printf(":");
print_port(max, numeric);
}
- printf(" ");
}
}
@@ -143,7 +142,7 @@ udp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_udp *udp = (struct xt_udp *)match->data;
- printf("udp ");
+ printf(" udp");
print_ports("spt", udp->spts[0], udp->spts[1],
udp->invflags & XT_UDP_INV_SRCPT,
numeric);
@@ -151,7 +150,7 @@ udp_print(const void *ip, const struct xt_entry_match *match, int numeric)
udp->invflags & XT_UDP_INV_DSTPT,
numeric);
if (udp->invflags & ~XT_UDP_INV_MASK)
- printf("Unknown invflags: 0x%X ",
+ printf(" Unknown invflags: 0x%X",
udp->invflags & ~XT_UDP_INV_MASK);
}
@@ -162,28 +161,28 @@ static void udp_save(const void *ip, const struct xt_entry_match *match)
if (udpinfo->spts[0] != 0
|| udpinfo->spts[1] != 0xFFFF) {
if (udpinfo->invflags & XT_UDP_INV_SRCPT)
- printf("! ");
+ printf(" !");
if (udpinfo->spts[0]
!= udpinfo->spts[1])
- printf("--sport %u:%u ",
+ printf(" --sport %u:%u",
udpinfo->spts[0],
udpinfo->spts[1]);
else
- printf("--sport %u ",
+ printf(" --sport %u",
udpinfo->spts[0]);
}
if (udpinfo->dpts[0] != 0
|| udpinfo->dpts[1] != 0xFFFF) {
if (udpinfo->invflags & XT_UDP_INV_DSTPT)
- printf("! ");
+ printf(" !");
if (udpinfo->dpts[0]
!= udpinfo->dpts[1])
- printf("--dport %u:%u ",
+ printf(" --dport %u:%u",
udpinfo->dpts[0],
udpinfo->dpts[1]);
else
- printf("--dport %u ",
+ printf(" --dport %u",
udpinfo->dpts[0]);
}
}
diff --git a/extensions/tos_values.c b/extensions/tos_values.c
index 129203b2..c5efd9d7 100644
--- a/extensions/tos_values.c
+++ b/extensions/tos_values.c
@@ -91,7 +91,7 @@ static bool tos_try_print_symbolic(const char *prefix,
for (symbol = tos_symbol_names; symbol->name != NULL; ++symbol)
if (value == symbol->value) {
- printf("%s%s ", prefix, symbol->name);
+ printf(" %s%s", prefix, symbol->name);
return true;
}
diff --git a/ip6tables.c b/ip6tables.c
index d4c2339b..8c1b5049 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1010,7 +1010,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
if (mask[0] == 0)
return;
- printf("%s-%c ", invert ? "! " : "", letter);
+ printf("%s -%c", invert ? " !" : "", letter);
for (i = 0; i < IFNAMSIZ; i++) {
if (mask[i] != 0) {
@@ -1024,8 +1024,6 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
break;
}
}
-
- printf(" ");
}
/* The ip6tables looks up the /etc/protocols. */
@@ -1033,23 +1031,23 @@ static void print_proto(uint16_t proto, int invert)
{
if (proto) {
unsigned int i;
- const char *invertstr = invert ? "! " : "";
+ const char *invertstr = invert ? " !" : "";
const struct protoent *pent = getprotobynumber(proto);
if (pent) {
- printf("%s-p %s ",
+ printf("%s -p %s",
invertstr, pent->p_name);
return;
}
for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
if (xtables_chain_protos[i].num == proto) {
- printf("%s-p %s ",
+ printf("%s -p %s",
invertstr, xtables_chain_protos[i].name);
return;
}
- printf("%s-p %u ", invertstr, proto);
+ printf("%s -p %u", invertstr, proto);
}
}
@@ -1060,7 +1058,7 @@ static int print_match_save(const struct ip6t_entry_match *e,
xtables_find_match(e->u.user.name, XTF_TRY_LOAD, NULL);
if (match) {
- printf("-m %s ", e->u.user.name);
+ printf(" -m %s", e->u.user.name);
/* some matches don't provide a save function */
if (match->save)
@@ -1086,15 +1084,15 @@ static void print_ip(const char *prefix, const struct in6_addr *ip,
if (l == 0 && !invert)
return;
- printf("%s%s %s",
- invert ? "! " : "",
+ printf("%s %s %s",
+ invert ? " !" : "",
prefix,
inet_ntop(AF_INET6, ip, buf, sizeof buf));
if (l == -1)
- printf("/%s ", inet_ntop(AF_INET6, mask, buf, sizeof buf));
+ printf("/%s", inet_ntop(AF_INET6, mask, buf, sizeof buf));
else
- printf("/%d ", l);
+ printf("/%d", l);
}
/* We want this to be readable, so only print out neccessary fields.
@@ -1110,7 +1108,7 @@ void print_rule(const struct ip6t_entry *e,
printf("[%llu:%llu] ", (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
/* print chain name */
- printf("-A %s ", chain);
+ printf("-A %s", chain);
/* Print IP part. */
print_ip("-s", &(e->ipv6.src), &(e->ipv6.smsk),
@@ -1131,13 +1129,13 @@ void print_rule(const struct ip6t_entry *e,
/* not definied in ipv6
* FIXME: linux/netfilter_ipv6/ip6_tables: IP6T_INV_FRAG why definied? */
if (e->ipv6.flags & IPT_F_FRAG)
- printf("%s-f ",
- e->ipv6.invflags & IP6T_INV_FRAG ? "! " : "");
+ printf("%s -f",
+ e->ipv6.invflags & IP6T_INV_FRAG ? " !" : "");
#endif
if (e->ipv6.flags & IP6T_F_TOS)
- printf("%s-? %d ",
- e->ipv6.invflags & IP6T_INV_TOS ? "! " : "",
+ printf("%s -? %d",
+ e->ipv6.invflags & IP6T_INV_TOS ? " !" : "",
e->ipv6.tos);
/* Print matchinfo part */
@@ -1147,15 +1145,15 @@ void print_rule(const struct ip6t_entry *e,
/* print counters for iptables -R */
if (counters < 0)
- printf("-c %llu %llu ", (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
+ printf(" -c %llu %llu", (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
/* Print target name */
target_name = ip6tc_get_target(e, h);
if (target_name && (*target_name != '\0'))
#ifdef IP6T_F_GOTO
- printf("-%c %s ", e->ipv6.flags & IP6T_F_GOTO ? 'g' : 'j', target_name);
+ printf(" -%c %s", e->ipv6.flags & IP6T_F_GOTO ? 'g' : 'j', target_name);
#else
- printf("-j %s ", target_name);
+ printf(" -j %s", target_name);
#endif
/* Print targinfo part */
diff --git a/iptables.c b/iptables.c
index b45211a9..2459b648 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1006,22 +1006,22 @@ static void print_proto(uint16_t proto, int invert)
{
if (proto) {
unsigned int i;
- const char *invertstr = invert ? "! " : "";
+ const char *invertstr = invert ? " !" : "";
const struct protoent *pent = getprotobynumber(proto);
if (pent) {
- printf("%s-p %s ", invertstr, pent->p_name);
+ printf("%s -p %s", invertstr, pent->p_name);
return;
}
for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
if (xtables_chain_protos[i].num == proto) {
- printf("%s-p %s ",
+ printf("%s -p %s",
invertstr, xtables_chain_protos[i].name);
return;
}
- printf("%s-p %u ", invertstr, proto);
+ printf("%s -p %u", invertstr, proto);
}
}
@@ -1043,7 +1043,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
if (mask[0] == 0)
return;
- printf("%s-%c ", invert ? "! " : "", letter);
+ printf("%s -%c ", invert ? " !" : "", letter);
for (i = 0; i < IFNAMSIZ; i++) {
if (mask[i] != 0) {
@@ -1057,8 +1057,6 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
break;
}
}
-
- printf(" ");
}
static int print_match_save(const struct ipt_entry_match *e,
@@ -1068,7 +1066,7 @@ static int print_match_save(const struct ipt_entry_match *e,
xtables_find_match(e->u.user.name, XTF_TRY_LOAD, NULL);
if (match) {
- printf("-m %s ", e->u.user.name);
+ printf(" -m %s", e->u.user.name);
/* some matches don't provide a save function */
if (match->save)
@@ -1094,13 +1092,13 @@ static void print_ip(const char *prefix, uint32_t ip,
if (!mask && !ip && !invert)
return;
- printf("%s%s %u.%u.%u.%u",
- invert ? "! " : "",
+ printf("%s %s %u.%u.%u.%u",
+ invert ? " !" : "",
prefix,
IP_PARTS(ip));
if (mask == 0xFFFFFFFFU) {
- printf("/32 ");
+ printf("/32");
return;
}
@@ -1109,9 +1107,9 @@ static void print_ip(const char *prefix, uint32_t ip,
while (--i >= 0 && hmask != bits)
bits <<= 1;
if (i >= 0)
- printf("/%u ", i);
+ printf("/%u", i);
else
- printf("/%u.%u.%u.%u ", IP_PARTS(mask));
+ printf("/%u.%u.%u.%u", IP_PARTS(mask));
}
/* We want this to be readable, so only print out neccessary fields.
@@ -1127,7 +1125,7 @@ void print_rule(const struct ipt_entry *e,
printf("[%llu:%llu] ", (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
/* print chain name */
- printf("-A %s ", chain);
+ printf("-A %s", chain);
/* Print IP part. */
print_ip("-s", e->ip.src.s_addr,e->ip.smsk.s_addr,
@@ -1145,8 +1143,8 @@ void print_rule(const struct ipt_entry *e,
print_proto(e->ip.proto, e->ip.invflags & IPT_INV_PROTO);
if (e->ip.flags & IPT_F_FRAG)
- printf("%s-f ",
- e->ip.invflags & IPT_INV_FRAG ? "! " : "");
+ printf("%s -f",
+ e->ip.invflags & IPT_INV_FRAG ? " !" : "");
/* Print matchinfo part */
if (e->target_offset) {
@@ -1155,15 +1153,15 @@ void print_rule(const struct ipt_entry *e,
/* print counters for iptables -R */
if (counters < 0)
- printf("-c %llu %llu ", (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
+ printf(" -c %llu %llu", (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
/* Print target name */
target_name = iptc_get_target(e, h);
if (target_name && (*target_name != '\0'))
#ifdef IPT_F_GOTO
- printf("-%c %s ", e->ip.flags & IPT_F_GOTO ? 'g' : 'j', target_name);
+ printf(" -%c %s", e->ip.flags & IPT_F_GOTO ? 'g' : 'j', target_name);
#else
- printf("-j %s ", target_name);
+ printf(" -j %s", target_name);
#endif
/* Print targinfo part */
diff --git a/xtables.c b/xtables.c
index be103d75..fc59f753 100644
--- a/xtables.c
+++ b/xtables.c
@@ -1641,14 +1641,14 @@ void xtables_save_string(const char *value)
length = strcspn(value, no_quote_chars);
if (length > 0 && value[length] == 0) {
/* no quoting required */
- fputs(value, stdout);
putchar(' ');
+ fputs(value, stdout);
} else {
/* there is at least one dangerous character in the
value, which we have to quote. Write double quotes
around the value and escape special characters with
a backslash */
- putchar('"');
+ printf(" \"");
for (p = strpbrk(value, escape_chars); p != NULL;
p = strpbrk(value, escape_chars)) {
@@ -1662,7 +1662,7 @@ void xtables_save_string(const char *value)
/* print the rest and finish the double quoted
string */
fputs(value, stdout);
- printf("\" ");
+ putchar('\"');
}
}