diff options
author | Phil Sutter <phil@nwl.cc> | 2018-09-19 15:16:59 +0200 |
---|---|---|
committer | Florian Westphal <fw@strlen.de> | 2018-09-24 11:24:14 +0200 |
commit | 8da04ffdca1931402a6bc22c43c1a2fa1c6f1e14 (patch) | |
tree | 0da5d47d5f8d071c79ba0817c2a2be5dcf4f4bb2 /iptables/nft-ipv4.c | |
parent | b686594b976ddbfb1809ecfe016784bb53bbe9ac (diff) |
Share print_ipv{4,6}_addr() from xtables
These functions contain code which occurs in legacy's print_firewall()
functions, so use them there.
Rename them to at least make clear they print more than a single
address.
Also introduce ipv{4,6}_addr_to_string() which take care of converting
an address/netmask pair into string representation in a way which
doesn't upset covscan (since that didn't detect that 'buf' may not be
exceeded by the strings written into it.
Signed-off-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Florian Westphal <fw@strlen.de>
Diffstat (limited to 'iptables/nft-ipv4.c')
-rw-r--r-- | iptables/nft-ipv4.c | 32 |
1 files changed, 1 insertions, 31 deletions
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c index 2d1bd10e..20ed9428 100644 --- a/iptables/nft-ipv4.c +++ b/iptables/nft-ipv4.c @@ -255,36 +255,6 @@ static void nft_ipv4_parse_immediate(const char *jumpto, bool nft_goto, cs->fw.ip.flags |= IPT_F_GOTO; } -static void print_ipv4_addr(const struct iptables_command_state *cs, - unsigned int format) -{ - char buf[BUFSIZ]; - - fputc(cs->fw.ip.invflags & IPT_INV_SRCIP ? '!' : ' ', stdout); - if (cs->fw.ip.smsk.s_addr == 0L && !(format & FMT_NUMERIC)) - printf(FMT("%-19s ","%s "), "anywhere"); - else { - if (format & FMT_NUMERIC) - strcpy(buf, xtables_ipaddr_to_numeric(&cs->fw.ip.src)); - else - strcpy(buf, xtables_ipaddr_to_anyname(&cs->fw.ip.src)); - strcat(buf, xtables_ipmask_to_numeric(&cs->fw.ip.smsk)); - printf(FMT("%-19s ","%s "), buf); - } - - fputc(cs->fw.ip.invflags & IPT_INV_DSTIP ? '!' : ' ', stdout); - if (cs->fw.ip.dmsk.s_addr == 0L && !(format & FMT_NUMERIC)) - printf(FMT("%-19s ","-> %s"), "anywhere"); - else { - if (format & FMT_NUMERIC) - strcpy(buf, xtables_ipaddr_to_numeric(&cs->fw.ip.dst)); - else - strcpy(buf, xtables_ipaddr_to_anyname(&cs->fw.ip.dst)); - strcat(buf, xtables_ipmask_to_numeric(&cs->fw.ip.dmsk)); - printf(FMT("%-19s ","-> %s"), buf); - } -} - static void print_fragment(unsigned int flags, unsigned int invflags, unsigned int format) { @@ -310,7 +280,7 @@ static void nft_ipv4_print_rule(struct nftnl_rule *r, unsigned int num, print_fragment(cs.fw.ip.flags, cs.fw.ip.invflags, format); print_ifaces(cs.fw.ip.iniface, cs.fw.ip.outiface, cs.fw.ip.invflags, format); - print_ipv4_addr(&cs, format); + print_ipv4_addresses(&cs.fw, format); if (format & FMT_NOTABLE) fputs(" ", stdout); |