summaryrefslogtreecommitdiffstats
path: root/extensions/libebt_among.c
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/libebt_among.c')
-rw-r--r--extensions/libebt_among.c44
1 files changed, 20 insertions, 24 deletions
diff --git a/extensions/libebt_among.c b/extensions/libebt_among.c
index 7eb898f9..85f9bee4 100644
--- a/extensions/libebt_among.c
+++ b/extensions/libebt_among.c
@@ -43,10 +43,10 @@ static void bramong_print_help(void)
{
printf(
"`among' options:\n"
-"--among-dst [!] list : matches if ether dst is in list\n"
-"--among-src [!] list : matches if ether src is in list\n"
-"--among-dst-file [!] file : obtain dst list from file\n"
-"--among-src-file [!] file : obtain src list from file\n"
+"[!] --among-dst list : matches if ether dst is in list\n"
+"[!] --among-src list : matches if ether src is in list\n"
+"[!] --among-dst-file file : obtain dst list from file\n"
+"[!] --among-src-file file : obtain src list from file\n"
"list has form:\n"
" xx:xx:xx:xx:xx:xx[=ip.ip.ip.ip],yy:yy:yy:yy:yy:yy[=ip.ip.ip.ip]"
",...,zz:zz:zz:zz:zz:zz[=ip.ip.ip.ip][,]\n"
@@ -68,12 +68,12 @@ parse_nft_among_pair(char *buf, struct nft_among_pair *pair, bool have_ip)
if (!inet_pton(AF_INET, sep + 1, &pair->in))
xtables_error(PARAMETER_PROBLEM,
- "Invalid IP address '%s'\n", sep + 1);
+ "Invalid IP address '%s'", sep + 1);
}
ether = ether_aton(buf);
if (!ether)
xtables_error(PARAMETER_PROBLEM,
- "Invalid MAC address '%s'\n", buf);
+ "Invalid MAC address '%s'", buf);
memcpy(&pair->ether, ether, sizeof(*ether));
}
@@ -119,7 +119,6 @@ static int bramong_parse(int c, char **argv, int invert,
struct xt_entry_match **match)
{
struct nft_among_data *data = (struct nft_among_data *)(*match)->data;
- struct xt_entry_match *new_match;
bool have_ip, dst = false;
size_t new_size, cnt;
struct stat stats;
@@ -152,10 +151,9 @@ static int bramong_parse(int c, char **argv, int invert,
xtables_error(PARAMETER_PROBLEM,
"File should only contain one line");
optarg[flen-1] = '\0';
- /* fall through */
+ break;
case AMONG_DST:
- if (c == AMONG_DST)
- dst = true;
+ dst = true;
/* fall through */
case AMONG_SRC:
break;
@@ -171,18 +169,17 @@ static int bramong_parse(int c, char **argv, int invert,
new_size *= sizeof(struct nft_among_pair);
new_size += XT_ALIGN(sizeof(struct xt_entry_match)) +
sizeof(struct nft_among_data);
- new_match = xtables_calloc(1, new_size);
- memcpy(new_match, *match, (*match)->u.match_size);
- new_match->u.match_size = new_size;
- data = (struct nft_among_data *)new_match->data;
+ if (new_size > (*match)->u.match_size) {
+ *match = xtables_realloc(*match, new_size);
+ (*match)->u.match_size = new_size;
+ data = (struct nft_among_data *)(*match)->data;
+ }
+
have_ip = nft_among_pairs_have_ip(optarg);
poff = nft_among_prepare_data(data, dst, cnt, invert, have_ip);
parse_nft_among_pairs(data->pairs + poff, optarg, cnt, have_ip);
- free(*match);
- *match = new_match;
-
if (c == AMONG_DST_F || c == AMONG_SRC_F) {
munmap(argv, flen);
close(fd);
@@ -191,10 +188,10 @@ static int bramong_parse(int c, char **argv, int invert,
}
static void __bramong_print(struct nft_among_pair *pairs,
- int cnt, bool inv, bool have_ip)
+ int cnt, bool have_ip)
{
- const char *isep = inv ? "! " : "";
char abuf[INET_ADDRSTRLEN];
+ const char *isep = "";
int i;
for (i = 0; i < cnt; i++) {
@@ -215,14 +212,13 @@ static void bramong_print(const void *ip, const struct xt_entry_match *match,
struct nft_among_data *data = (struct nft_among_data *)match->data;
if (data->src.cnt) {
- printf("--among-src ");
- __bramong_print(data->pairs,
- data->src.cnt, data->src.inv, data->src.ip);
+ printf("%s--among-src ", data->src.inv ? "! " : "");
+ __bramong_print(data->pairs, data->src.cnt, data->src.ip);
}
if (data->dst.cnt) {
- printf("--among-dst ");
+ printf("%s--among-dst ", data->dst.inv ? "! " : "");
__bramong_print(data->pairs + data->src.cnt,
- data->dst.cnt, data->dst.inv, data->dst.ip);
+ data->dst.cnt, data->dst.ip);
}
}