summaryrefslogtreecommitdiffstats
path: root/iptables/ip6tables.c
diff options
context:
space:
mode:
authorPhil Sutter <phil@nwl.cc>2018-09-19 15:16:59 +0200
committerFlorian Westphal <fw@strlen.de>2018-09-24 11:24:14 +0200
commit8da04ffdca1931402a6bc22c43c1a2fa1c6f1e14 (patch)
tree0da5d47d5f8d071c79ba0817c2a2be5dcf4f4bb2 /iptables/ip6tables.c
parentb686594b976ddbfb1809ecfe016784bb53bbe9ac (diff)
Share print_ipv{4,6}_addr() from xtables
These functions contain code which occurs in legacy's print_firewall() functions, so use them there. Rename them to at least make clear they print more than a single address. Also introduce ipv{4,6}_addr_to_string() which take care of converting an address/netmask pair into string representation in a way which doesn't upset covscan (since that didn't detect that 'buf' may not be exceeded by the strings written into it. Signed-off-by: Phil Sutter <phil@nwl.cc> Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/ip6tables.c')
-rw-r--r--iptables/ip6tables.c27
1 files changed, 1 insertions, 26 deletions
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 3bd1e5fa..f5f73fe3 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -550,7 +550,6 @@ print_firewall(const struct ip6t_entry *fw,
{
struct xtables_target *target, *tg;
const struct xt_entry_target *t;
- char buf[BUFSIZ];
if (!ip6tc_is_chain(targname, handle))
target = xtables_find_target(targname, XTF_TRY_LOAD);
@@ -618,31 +617,7 @@ print_firewall(const struct ip6t_entry *fw,
printf(FMT("%-6s ","out %s "), iface);
}
- fputc(fw->ipv6.invflags & IP6T_INV_SRCIP ? '!' : ' ', stdout);
- if (!memcmp(&fw->ipv6.smsk, &in6addr_any, sizeof in6addr_any)
- && !(format & FMT_NUMERIC))
- printf(FMT("%-19s ","%s "), "anywhere");
- else {
- if (format & FMT_NUMERIC)
- strcpy(buf, xtables_ip6addr_to_numeric(&fw->ipv6.src));
- else
- strcpy(buf, xtables_ip6addr_to_anyname(&fw->ipv6.src));
- strcat(buf, xtables_ip6mask_to_numeric(&fw->ipv6.smsk));
- printf(FMT("%-19s ","%s "), buf);
- }
-
- fputc(fw->ipv6.invflags & IP6T_INV_DSTIP ? '!' : ' ', stdout);
- if (!memcmp(&fw->ipv6.dmsk, &in6addr_any, sizeof in6addr_any)
- && !(format & FMT_NUMERIC))
- printf(FMT("%-19s ","-> %s"), "anywhere");
- else {
- if (format & FMT_NUMERIC)
- strcpy(buf, xtables_ip6addr_to_numeric(&fw->ipv6.dst));
- else
- strcpy(buf, xtables_ip6addr_to_anyname(&fw->ipv6.dst));
- strcat(buf, xtables_ip6mask_to_numeric(&fw->ipv6.dmsk));
- printf(FMT("%-19s ","-> %s"), buf);
- }
+ print_ipv6_addresses(fw, format);
if (format & FMT_NOTABLE)
fputs(" ", stdout);