xshared: Share print_fragment() with legacy

Also add a fake mode to make it suitable for ip6tables. This is required because IPT_F_FRAG value clashes with IP6T_F_PROTO, so ip6tables rules might seem to have IPT_F_FRAG bit set. While being at it, drop the local variable 'flags' from print_firewall(). Signed-off-by: Phil Sutter <phil@nwl.cc>
author: Phil Sutter <phil@nwl.cc> 2019-10-22 20:06:11 +0200
committer: Phil Sutter <phil@nwl.cc> 2021-11-23 15:01:23 +0100
commit: a323c28331a4807252b11a7a078dc68af82399ef (patch)
tree: 2ff3f5d9f69c5897adb4bb515c452497b0f75f54 /iptables/xshared.c
parent: 1d73cec02c8d9a0f5bfbd2983c36cc1228b78f45 (diff)
1 files changed, 18 insertions, 0 deletions
diff --git a/iptables/xshared.c b/iptables/xshared.c
index 7f2e1a32..e8c8939c 100644
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -669,6 +669,24 @@ void save_ipv6_addr(char letter, const struct in6_addr *addr,
 		printf("/%d", l);
 }
 
+void print_fragment(unsigned int flags, unsigned int invflags,
+		    unsigned int format, bool fake)
+{
+	if (!(format & FMT_OPTIONS))
+		return;
+
+	if (format & FMT_NOTABLE)
+		fputs("opt ", stdout);
+
+	if (fake) {
+		fputs("  ", stdout);
+	} else {
+		fputc(invflags & IPT_INV_FRAG ? '!' : '-', stdout);
+		fputc(flags & IPT_F_FRAG ? 'f' : '-', stdout);
+	}
+	fputc(' ', stdout);
+}
+
 /* Luckily, IPT_INV_VIA_IN and IPT_INV_VIA_OUT
  * have the same values as IP6T_INV_VIA_IN and IP6T_INV_VIA_OUT
  * so this function serves for both iptables and ip6tables */
author	Phil Sutter <phil@nwl.cc>	2019-10-22 20:06:11 +0200
committer	Phil Sutter <phil@nwl.cc>	2021-11-23 15:01:23 +0100
commit	a323c28331a4807252b11a7a078dc68af82399ef (patch)
tree	2ff3f5d9f69c5897adb4bb515c452497b0f75f54 /iptables/xshared.c
parent	1d73cec02c8d9a0f5bfbd2983c36cc1228b78f45 (diff)