xshared: Share print_header() with legacy iptables

Legacy iptables fetches the relevant data via libiptc before calling the
shared routine which merely prints data as requested.

Drop the 'basechain' parameter, instead make sure a policy name is
passed only with base chains. Since the function is not shared with
ebtables (which uses a very rudimental header instead), this is safe.

In order to support legacy iptables' checking of iptc_get_references()
return code (printing an error message instead of the reference count),
make refs parameter signed and print the error message if it's negative.

Signed-off-by: Phil Sutter <phil@nwl.cc>

1 files changed, 3 insertions, 4 deletions

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index b7536e61..b211a309 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -308,11 +308,10 @@ static void nft_arp_parse_payload(struct nft_xt_ctx *ctx,
 static void nft_arp_print_header(unsigned int format, const char *chain,
 				 const char *pol,
 				 const struct xt_counters *counters,
-				 bool basechain, uint32_t refs,
-				 uint32_t entries)
+				 int refs, uint32_t entries)
 {
 	printf("Chain %s", chain);
-	if (basechain && pol) {
+	if (pol) {
 		printf(" (policy %s", pol);
 		if (!(format & FMT_NOCOUNTS)) {
 			fputc(' ', stdout);
@@ -323,7 +322,7 @@ static void nft_arp_print_header(unsigned int format, const char *chain,
 		}
 		printf(")\n");
 	} else {
-		printf(" (%u references)\n", refs);
+		printf(" (%d references)\n", refs);
 	}
 }