diff options
author | Florian Westphal <fw@strlen.de> | 2018-11-12 12:49:11 +0100 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-11-12 14:31:37 +0100 |
commit | 5f508b76a0cebaf91965ffa678089222e2d47964 (patch) | |
tree | 87ce013ac39490afc89811f34308820805d33fac /extensions/libebt_ip.c | |
parent | 583b27eabcad6588ef6c923551df444c4e30a210 (diff) |
ebtables: use extrapositioned negation consistently
in the iptables universe, we enforce extrapositioned negation:
! -i foo
"-i ! foo" is not even supported anymore.
At least make sure that ebtables prints the former syntax everywhere as
well so we don't have a mix of both ways.
Parsing of --option ! 42 will still work for backwards compat reasons.
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'extensions/libebt_ip.c')
-rw-r--r-- | extensions/libebt_ip.c | 16 |
1 files changed, 8 insertions, 8 deletions
diff --git a/extensions/libebt_ip.c b/extensions/libebt_ip.c index acb9bfcd..d48704fe 100644 --- a/extensions/libebt_ip.c +++ b/extensions/libebt_ip.c @@ -472,35 +472,35 @@ static void brip_print(const void *ip, const struct xt_entry_match *match, struct in_addr *addrp, *maskp; if (info->bitmask & EBT_IP_SOURCE) { - printf("--ip-src "); if (info->invflags & EBT_IP_SOURCE) printf("! "); + printf("--ip-src "); addrp = (struct in_addr *)&info->saddr; maskp = (struct in_addr *)&info->smsk; printf("%s%s ", xtables_ipaddr_to_numeric(addrp), xtables_ipmask_to_numeric(maskp)); } if (info->bitmask & EBT_IP_DEST) { - printf("--ip-dst "); if (info->invflags & EBT_IP_DEST) printf("! "); + printf("--ip-dst "); addrp = (struct in_addr *)&info->daddr; maskp = (struct in_addr *)&info->dmsk; printf("%s%s ", xtables_ipaddr_to_numeric(addrp), xtables_ipmask_to_numeric(maskp)); } if (info->bitmask & EBT_IP_TOS) { - printf("--ip-tos "); if (info->invflags & EBT_IP_TOS) printf("! "); + printf("--ip-tos "); printf("0x%02X ", info->tos); } if (info->bitmask & EBT_IP_PROTO) { struct protoent *pe; - printf("--ip-proto "); if (info->invflags & EBT_IP_PROTO) printf("! "); + printf("--ip-proto "); pe = getprotobynumber(info->protocol); if (pe == NULL) { printf("%d ", info->protocol); @@ -509,28 +509,28 @@ static void brip_print(const void *ip, const struct xt_entry_match *match, } } if (info->bitmask & EBT_IP_SPORT) { - printf("--ip-sport "); if (info->invflags & EBT_IP_SPORT) printf("! "); + printf("--ip-sport "); print_port_range(info->sport); } if (info->bitmask & EBT_IP_DPORT) { - printf("--ip-dport "); if (info->invflags & EBT_IP_DPORT) printf("! "); + printf("--ip-dport "); print_port_range(info->dport); } if (info->bitmask & EBT_IP_ICMP) { - printf("--ip-icmp-type "); if (info->invflags & EBT_IP_ICMP) printf("! "); + printf("--ip-icmp-type "); ebt_print_icmp_type(icmp_codes, ARRAY_SIZE(icmp_codes), info->icmp_type, info->icmp_code); } if (info->bitmask & EBT_IP_IGMP) { - printf("--ip-igmp-type "); if (info->invflags & EBT_IP_IGMP) printf("! "); + printf("--ip-igmp-type "); ebt_print_icmp_type(igmp_types, ARRAY_SIZE(igmp_types), info->igmp_type, NULL); } |