diff options
| author | Pablo M. Bermudo Garay <pablombg@gmail.com> | 2016-08-31 09:59:16 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2016-09-05 19:10:35 +0200 |
| commit | 3105ed4f38752eafc4340dfa402cc12226107aa1 (patch) | |
| tree | 84ffad3787671c3ea98eee40ee2fe83d6b555502 /iptables | |
| parent | ef2a7e9fe0d82c691aeee1cbd61095841231974f (diff) | |
xtables-translate-restore: do not escape quotes
If quotes are escaped, nft -f is unable to parse and load the translated
ruleset.
Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/xshared.h | 1 | ||||
| -rw-r--r-- | iptables/xtables-translate.c | 6 |
2 files changed, 5 insertions, 2 deletions
diff --git a/iptables/xshared.h b/iptables/xshared.h index 6eb8eb86..18b1cf37 100644 --- a/iptables/xshared.h +++ b/iptables/xshared.h @@ -63,6 +63,7 @@ struct iptables_command_state { int proto_used; const char *jumpto; char **argv; + bool restore; }; typedef int (*mainfunc_t)(int, char **); diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index 3c577ed2..689533f3 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -70,7 +70,7 @@ int xlate_action(const struct iptables_command_state *cs, bool goto_set, .ip = (const void *)&cs->fw, .target = cs->target->t, .numeric = numeric, - .escape_quotes = true, + .escape_quotes = !cs->restore, }; ret = cs->target->xlate(xl, ¶ms); } @@ -97,7 +97,7 @@ int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl) .ip = (const void *)&cs->fw, .match = matchp->match->m, .numeric = numeric, - .escape_quotes = true, + .escape_quotes = !cs->restore, }; if (!matchp->match->xlate) @@ -226,6 +226,8 @@ static int do_command_xlate(struct nft_handle *h, int argc, char *argv[], do_parse(h, argc, argv, &p, &cs, &args); + cs.restore = restore; + if (!restore) printf("nft "); |