diff options
| author | Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com> | 2013-08-01 20:44:35 +0300 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2013-12-30 23:50:42 +0100 |
| commit | 8aa384a7d54734fd830840a2593cd4f07749976f (patch) | |
| tree | 143b678eb108dfdffbbe434f26d49db2fd5390d6 | |
| parent | b08836a33bac28860400e1e34c8244249f651a6f (diff) | |
nft: Make internal rule listing callback more generic
This will be useful for reusing nft_rule_list in other tools such as
xtables-arptables.
Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
| -rw-r--r-- | iptables/nft.c | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/iptables/nft.c b/iptables/nft.c index cd7f4f1f..a87d3031 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -2318,9 +2318,9 @@ print_match(struct nft_rule_expr *expr, int numeric) } static void -print_firewall(const struct iptables_command_state *cs, struct nft_rule *r, - unsigned int num, unsigned int format) +print_firewall(struct nft_rule *r, unsigned int num, unsigned int format) { + struct iptables_command_state cs = {}; const struct xtables_target *target = NULL; const char *targname = NULL; const void *targinfo = NULL; @@ -2332,6 +2332,8 @@ print_firewall(const struct iptables_command_state *cs, struct nft_rule *r, struct xt_entry_target *t; size_t target_len = 0; + nft_rule_to_iptables_command_state(r, &cs); + iter = nft_rule_expr_iter_create(r); if (iter == NULL) return; @@ -2378,7 +2380,7 @@ print_firewall(const struct iptables_command_state *cs, struct nft_rule *r, family = nft_rule_attr_get_u8(r, NFT_RULE_ATTR_FAMILY); ops = nft_family_ops_lookup(family); - flags = ops->print_firewall(cs, targname, num, format); + flags = ops->print_firewall(&cs, targname, num, format); if (format & FMT_NOTABLE) fputs(" ", stdout); @@ -2430,8 +2432,7 @@ print_firewall(const struct iptables_command_state *cs, struct nft_rule *r, static int __nft_rule_list(struct nft_handle *h, const char *chain, const char *table, int rulenum, unsigned int format, - void (*cb)(const struct iptables_command_state *cs, - struct nft_rule *r, unsigned int num, + void (*cb)(struct nft_rule *r, unsigned int num, unsigned int format)) { struct nft_rule_list *list; @@ -2465,11 +2466,7 @@ __nft_rule_list(struct nft_handle *h, const char *chain, const char *table, goto next; } - struct iptables_command_state cs = {}; - /* Show all rules case */ - nft_rule_to_iptables_command_state(r, &cs); - - cb(&cs, r, rule_ctr, format); + cb(r, rule_ctr, format); if (rulenum > 0 && rule_ctr == rulenum) { ret = 1; break; @@ -2565,8 +2562,7 @@ err: } static void -list_save(const struct iptables_command_state *cs, struct nft_rule *r, - unsigned int num, unsigned int format) +list_save(struct nft_rule *r, unsigned int num, unsigned int format) { nft_rule_print_save(r, NFT_RULE_APPEND, !(format & FMT_NOCOUNTS)); } |