diff options
author | Phil Sutter <phil@nwl.cc> | 2024-02-29 17:55:32 +0100 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2024-02-29 18:07:19 +0100 |
commit | fcaa99ca9e3c18f831fe523a0ad79fb1da34b0ec (patch) | |
tree | 0150ec243d5b966ac8b58f6a4aefab45a216f31f /iptables/nft-ipv6.c | |
parent | bb1a7a5b297aa271f7f59abbcb891cd94d7fb305 (diff) |
xtables-translate: Leverage stored protocol names
Align output of ip(6)tables-translate for --protocol arguments with that
of ip(6)tables -L/-S by calling proto_to_name() from xshared.c. The
latter will consult xtables_chain_protos list first to make sure (the
right) names are used for "common" protocol values and otherwise falls
back to getprotobynumber() which it replaces here.
Link: https://bugzilla.netfilter.org/show_bug.cgi?id=1738
Signed-off-by: Phil Sutter <phil@nwl.cc>
Diffstat (limited to 'iptables/nft-ipv6.c')
-rw-r--r-- | iptables/nft-ipv6.c | 25 |
1 files changed, 10 insertions, 15 deletions
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c index e4b1714d..c371ba8c 100644 --- a/iptables/nft-ipv6.c +++ b/iptables/nft-ipv6.c @@ -193,22 +193,17 @@ static int nft_ipv6_xlate(const struct iptables_command_state *cs, cs->fw6.ipv6.invflags & IP6T_INV_VIA_OUT); if (cs->fw6.ipv6.proto != 0) { - const struct protoent *pent = - getprotobynumber(cs->fw6.ipv6.proto); - char protonum[sizeof("65535")]; - const char *name = protonum; - - snprintf(protonum, sizeof(protonum), "%u", - cs->fw6.ipv6.proto); - - if (!pent || !xlate_find_match(cs, pent->p_name)) { - if (pent) - name = pent->p_name; - xt_xlate_add(xl, "meta l4proto %s%s ", - cs->fw6.ipv6.invflags & IP6T_INV_PROTO ? - "!= " : "", name); + const char *pname = proto_to_name(cs->fw6.ipv6.proto, 0); + + if (!pname || !xlate_find_match(cs, pname)) { + xt_xlate_add(xl, "meta l4proto"); + if (cs->fw6.ipv6.invflags & IP6T_INV_PROTO) + xt_xlate_add(xl, " !="); + if (pname) + xt_xlate_add(xl, "%s", pname); + else + xt_xlate_add(xl, "%hu", cs->fw6.ipv6.proto); } - } xlate_ipv6_addr("ip6 saddr", &cs->fw6.ipv6.src, &cs->fw6.ipv6.smsk, |