xtables-translate: Leverage stored protocol names

Align output of ip(6)tables-translate for --protocol arguments with that
of ip(6)tables -L/-S by calling proto_to_name() from xshared.c. The
latter will consult xtables_chain_protos list first to make sure (the
right) names are used for "common" protocol values and otherwise falls
back to getprotobynumber() which it replaces here.

Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1738
Signed-off-by: Phil Sutter <phil@nwl.cc>

1 files changed, 10 insertions, 15 deletions

diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index e4b1714d..c371ba8c 100644
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -193,22 +193,17 @@ static int nft_ipv6_xlate(const struct iptables_command_state *cs,
 		     cs->fw6.ipv6.invflags & IP6T_INV_VIA_OUT);
 
 	if (cs->fw6.ipv6.proto != 0) {
-		const struct protoent *pent =
-			getprotobynumber(cs->fw6.ipv6.proto);
-		char protonum[sizeof("65535")];
-		const char *name = protonum;
-
-		snprintf(protonum, sizeof(protonum), "%u",
-			 cs->fw6.ipv6.proto);
-
-		if (!pent || !xlate_find_match(cs, pent->p_name)) {
-			if (pent)
-				name = pent->p_name;
-			xt_xlate_add(xl, "meta l4proto %s%s ",
-				   cs->fw6.ipv6.invflags & IP6T_INV_PROTO ?
-					"!= " : "", name);
+		const char *pname = proto_to_name(cs->fw6.ipv6.proto, 0);
+
+		if (!pname || !xlate_find_match(cs, pname)) {
+			xt_xlate_add(xl, "meta l4proto");
+			if (cs->fw6.ipv6.invflags & IP6T_INV_PROTO)
+				xt_xlate_add(xl, " !=");
+			if (pname)
+				xt_xlate_add(xl, "%s", pname);
+			else
+				xt_xlate_add(xl, "%hu", cs->fw6.ipv6.proto);
 		}
-
 	}
 
 	xlate_ipv6_addr("ip6 saddr", &cs->fw6.ipv6.src, &cs->fw6.ipv6.smsk,