diff options
Diffstat (limited to 'extensions')
90 files changed, 902 insertions, 954 deletions
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c index 74304545..900564c4 100644 --- a/extensions/libip6t_HL.c +++ b/extensions/libip6t_HL.c @@ -93,17 +93,17 @@ static void HL_save(const void *ip, const struct xt_entry_target *target) switch (info->mode) { case IP6T_HL_SET: - printf("--hl-set "); + printf(" --hl-set"); break; case IP6T_HL_DEC: - printf("--hl-dec "); + printf(" --hl-dec"); break; case IP6T_HL_INC: - printf("--hl-inc "); + printf(" --hl-inc"); break; } - printf("%u ", info->hop_limit); + printf(" %u", info->hop_limit); } static void HL_print(const void *ip, const struct xt_entry_target *target, @@ -112,19 +112,19 @@ static void HL_print(const void *ip, const struct xt_entry_target *target, const struct ip6t_HL_info *info = (struct ip6t_HL_info *) target->data; - printf("HL "); + printf(" HL "); switch (info->mode) { case IP6T_HL_SET: - printf("set to "); + printf("set to"); break; case IP6T_HL_DEC: - printf("decrement by "); + printf("decrement by"); break; case IP6T_HL_INC: - printf("increment by "); + printf("increment by"); break; } - printf("%u ", info->hop_limit); + printf(" %u", info->hop_limit); } static const struct option HL_opts[] = { diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c index a33d5705..af537050 100644 --- a/extensions/libip6t_LOG.c +++ b/extensions/libip6t_LOG.c @@ -203,34 +203,34 @@ static void LOG_print(const void *ip, const struct xt_entry_target *target, = (const struct ip6t_log_info *)target->data; unsigned int i = 0; - printf("LOG "); + printf(" LOG"); if (numeric) - printf("flags %u level %u ", + printf(" flags %u level %u", loginfo->logflags, loginfo->level); else { for (i = 0; i < ARRAY_SIZE(ip6t_log_names); ++i) if (loginfo->level == ip6t_log_names[i].level) { - printf("level %s ", ip6t_log_names[i].name); + printf(" level %s", ip6t_log_names[i].name); break; } if (i == ARRAY_SIZE(ip6t_log_names)) - printf("UNKNOWN level %u ", loginfo->level); + printf(" UNKNOWN level %u", loginfo->level); if (loginfo->logflags & IP6T_LOG_TCPSEQ) - printf("tcp-sequence "); + printf(" tcp-sequence"); if (loginfo->logflags & IP6T_LOG_TCPOPT) - printf("tcp-options "); + printf(" tcp-options"); if (loginfo->logflags & IP6T_LOG_IPOPT) - printf("ip-options "); + printf(" ip-options"); if (loginfo->logflags & IP6T_LOG_UID) - printf("uid "); + printf(" uid"); if (loginfo->logflags & IP6T_LOG_MACDECODE) - printf("macdecode "); + printf(" macdecode"); if (loginfo->logflags & ~(IP6T_LOG_MASK)) - printf("unknown-flags "); + printf(" unknown-flags"); } if (strcmp(loginfo->prefix, "") != 0) - printf("prefix `%s' ", loginfo->prefix); + printf(" prefix \"%s\"", loginfo->prefix); } static void LOG_save(const void *ip, const struct xt_entry_target *target) @@ -239,21 +239,21 @@ static void LOG_save(const void *ip, const struct xt_entry_target *target) = (const struct ip6t_log_info *)target->data; if (strcmp(loginfo->prefix, "") != 0) - printf("--log-prefix \"%s\" ", loginfo->prefix); + printf(" --log-prefix \"%s\"", loginfo->prefix); if (loginfo->level != LOG_DEFAULT_LEVEL) - printf("--log-level %d ", loginfo->level); + printf(" --log-level %d", loginfo->level); if (loginfo->logflags & IP6T_LOG_TCPSEQ) - printf("--log-tcp-sequence "); + printf(" --log-tcp-sequence"); if (loginfo->logflags & IP6T_LOG_TCPOPT) - printf("--log-tcp-options "); + printf(" --log-tcp-options"); if (loginfo->logflags & IP6T_LOG_IPOPT) - printf("--log-ip-options "); + printf(" --log-ip-options"); if (loginfo->logflags & IP6T_LOG_UID) - printf("--log-uid "); + printf(" --log-uid"); if (loginfo->logflags & IP6T_LOG_MACDECODE) - printf("--log-macdecode "); + printf(" --log-macdecode"); } static struct xtables_target log_tg6_reg = { diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c index 9a4334f5..f906ab81 100644 --- a/extensions/libip6t_REJECT.c +++ b/extensions/libip6t_REJECT.c @@ -108,7 +108,7 @@ static void REJECT_print(const void *ip, const struct xt_entry_target *target, for (i = 0; i < ARRAY_SIZE(reject_table); ++i) if (reject_table[i].with == reject->with) break; - printf("reject-with %s ", reject_table[i].name); + printf(" reject-with %s", reject_table[i].name); } static void REJECT_save(const void *ip, const struct xt_entry_target *target) @@ -121,7 +121,7 @@ static void REJECT_save(const void *ip, const struct xt_entry_target *target) if (reject_table[i].with == reject->with) break; - printf("--reject-with %s ", reject_table[i].name); + printf(" --reject-with %s", reject_table[i].name); } static struct xtables_target reject_tg6_reg = { diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c index 839f14d6..693a4f8f 100644 --- a/extensions/libip6t_ah.c +++ b/extensions/libip6t_ah.c @@ -123,9 +123,9 @@ print_spis(const char *name, uint32_t min, uint32_t max, if (min != 0 || max != 0xFFFFFFFF || invert) { if (min == max) - printf("%s:%s%u ", name, inv, min); + printf("%s:%s%u", name, inv, min); else - printf("%ss:%s%u:%u ", name, inv, min, max); + printf("%ss:%s%u:%u", name, inv, min, max); } } @@ -135,7 +135,7 @@ print_len(const char *name, uint32_t len, int invert) const char *inv = invert ? "!" : ""; if (len != 0 || invert) - printf("%s:%s%u ", name, inv, len); + printf("%s:%s%u", name, inv, len); } static void ah_print(const void *ip, const struct xt_entry_match *match, @@ -143,17 +143,17 @@ static void ah_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_ah *ah = (struct ip6t_ah *)match->data; - printf("ah "); + printf(" ah "); print_spis("spi", ah->spis[0], ah->spis[1], ah->invflags & IP6T_AH_INV_SPI); print_len("length", ah->hdrlen, ah->invflags & IP6T_AH_INV_LEN); if (ah->hdrres) - printf("reserved "); + printf(" reserved"); if (ah->invflags & ~IP6T_AH_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", ah->invflags & ~IP6T_AH_INV_MASK); } @@ -163,26 +163,26 @@ static void ah_save(const void *ip, const struct xt_entry_match *match) if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) { - printf("%s--ahspi ", - (ahinfo->invflags & IP6T_AH_INV_SPI) ? "! " : ""); + printf("%s --ahspi ", + (ahinfo->invflags & IP6T_AH_INV_SPI) ? " !" : ""); if (ahinfo->spis[0] != ahinfo->spis[1]) - printf("%u:%u ", + printf("%u:%u", ahinfo->spis[0], ahinfo->spis[1]); else - printf("%u ", + printf("%u", ahinfo->spis[0]); } if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN) ) { - printf("%s--ahlen %u ", - (ahinfo->invflags & IP6T_AH_INV_LEN) ? "! " : "", + printf("%s --ahlen %u", + (ahinfo->invflags & IP6T_AH_INV_LEN) ? " !" : "", ahinfo->hdrlen); } if (ahinfo->hdrres != 0 ) - printf("--ahres "); + printf(" --ahres"); } static struct xtables_match ah_mt6_reg = { diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c index e4cf431e..3ba804fe 100644 --- a/extensions/libip6t_dst.c +++ b/extensions/libip6t_dst.c @@ -166,6 +166,7 @@ print_options(unsigned int optsnr, uint16_t *optsp) { unsigned int i; + printf(" "); for(i = 0; i < optsnr; i++) { printf("%d", (optsp[i] & 0xFF00) >> 8); @@ -181,22 +182,22 @@ static void dst_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data; - printf("dst "); + printf(" dst"); if (optinfo->flags & IP6T_OPTS_LEN) - printf("length:%s%u ", + printf(" length:%s%u", optinfo->invflags & IP6T_OPTS_INV_LEN ? "!" : "", optinfo->hdrlen); if (optinfo->flags & IP6T_OPTS_OPTS) - printf("opts "); + printf(" opts"); print_options(optinfo->optsnr, (uint16_t *)optinfo->opts); if (optinfo->flags & IP6T_OPTS_NSTRICT) - printf("not-strict "); + printf(" not-strict"); if (optinfo->invflags & ~IP6T_OPTS_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", optinfo->invflags & ~IP6T_OPTS_INV_MASK); } @@ -205,18 +206,18 @@ static void dst_save(const void *ip, const struct xt_entry_match *match) const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data; if (optinfo->flags & IP6T_OPTS_LEN) { - printf("%s--dst-len %u ", - (optinfo->invflags & IP6T_OPTS_INV_LEN) ? "! " : "", + printf("%s --dst-len %u", + (optinfo->invflags & IP6T_OPTS_INV_LEN) ? " !" : "", optinfo->hdrlen); } if (optinfo->flags & IP6T_OPTS_OPTS) - printf("--dst-opts "); + printf(" --dst-opts"); print_options(optinfo->optsnr, (uint16_t *)optinfo->opts); if (optinfo->flags & IP6T_OPTS_NSTRICT) - printf("--dst-not-strict "); + printf(" --dst-not-strict"); } static struct xtables_match dst_mt6_reg = { diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c index c342dd86..ed13c1f9 100644 --- a/extensions/libip6t_frag.c +++ b/extensions/libip6t_frag.c @@ -155,9 +155,9 @@ print_ids(const char *name, uint32_t min, uint32_t max, if (min != 0 || max != 0xFFFFFFFF || invert) { printf("%s", name); if (min == max) - printf(":%s%u ", inv, min); + printf(":%s%u", inv, min); else - printf("s:%s%u:%u ", inv, min, max); + printf("s:%s%u:%u", inv, min, max); } } @@ -166,30 +166,30 @@ static void frag_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_frag *frag = (struct ip6t_frag *)match->data; - printf("frag "); + printf(" frag "); print_ids("id", frag->ids[0], frag->ids[1], frag->invflags & IP6T_FRAG_INV_IDS); if (frag->flags & IP6T_FRAG_LEN) { - printf("length:%s%u ", + printf(" length:%s%u", frag->invflags & IP6T_FRAG_INV_LEN ? "!" : "", frag->hdrlen); } if (frag->flags & IP6T_FRAG_RES) - printf("reserved "); + printf(" reserved"); if (frag->flags & IP6T_FRAG_FST) - printf("first "); + printf(" first"); if (frag->flags & IP6T_FRAG_MF) - printf("more "); + printf(" more"); if (frag->flags & IP6T_FRAG_NMF) - printf("last "); + printf(" last"); if (frag->invflags & ~IP6T_FRAG_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", frag->invflags & ~IP6T_FRAG_INV_MASK); } @@ -199,35 +199,35 @@ static void frag_save(const void *ip, const struct xt_entry_match *match) if (!(fraginfo->ids[0] == 0 && fraginfo->ids[1] == 0xFFFFFFFF)) { - printf("%s--fragid ", - (fraginfo->invflags & IP6T_FRAG_INV_IDS) ? "! " : ""); + printf("%s --fragid ", + (fraginfo->invflags & IP6T_FRAG_INV_IDS) ? " !" : ""); if (fraginfo->ids[0] != fraginfo->ids[1]) - printf("%u:%u ", + printf("%u:%u", fraginfo->ids[0], fraginfo->ids[1]); else - printf("%u ", + printf("%u", fraginfo->ids[0]); } if (fraginfo->flags & IP6T_FRAG_LEN) { - printf("%s--fraglen %u ", - (fraginfo->invflags & IP6T_FRAG_INV_LEN) ? "! " : "", + printf("%s --fraglen %u", + (fraginfo->invflags & IP6T_FRAG_INV_LEN) ? " !" : "", fraginfo->hdrlen); } if (fraginfo->flags & IP6T_FRAG_RES) - printf("--fragres "); + printf(" --fragres"); if (fraginfo->flags & IP6T_FRAG_FST) - printf("--fragfirst "); + printf(" --fragfirst"); if (fraginfo->flags & IP6T_FRAG_MF) - printf("--fragmore "); + printf(" --fragmore"); if (fraginfo->flags & IP6T_FRAG_NMF) - printf("--fraglast "); + printf(" --fraglast"); } static struct xtables_match frag_mt6_reg = { diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c index f9d59df9..e51569ef 100644 --- a/extensions/libip6t_hbh.c +++ b/extensions/libip6t_hbh.c @@ -160,11 +160,11 @@ print_options(unsigned int optsnr, uint16_t *optsp) unsigned int i; for(i=0; i<optsnr; i++){ + printf("%c", (i==0)?' ':','); printf("%d", (optsp[i] & 0xFF00)>>8); if ((optsp[i] & 0x00FF) != 0x00FF){ printf(":%d", (optsp[i] & 0x00FF)); } - printf("%c", (i!=optsnr-1)?',':' '); } } @@ -173,18 +173,17 @@ static void hbh_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data; - printf("hbh "); + printf(" hbh"); if (optinfo->flags & IP6T_OPTS_LEN) { - printf("length"); + printf(" length"); printf(":%s", optinfo->invflags & IP6T_OPTS_INV_LEN ? "!" : ""); printf("%u", optinfo->hdrlen); - printf(" "); } - if (optinfo->flags & IP6T_OPTS_OPTS) printf("opts "); + if (optinfo->flags & IP6T_OPTS_OPTS) printf(" opts"); print_options(optinfo->optsnr, (uint16_t *)optinfo->opts); - if (optinfo->flags & IP6T_OPTS_NSTRICT) printf("not-strict "); + if (optinfo->flags & IP6T_OPTS_NSTRICT) printf(" not-strict"); if (optinfo->invflags & ~IP6T_OPTS_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", optinfo->invflags & ~IP6T_OPTS_INV_MASK); } @@ -193,16 +192,16 @@ static void hbh_save(const void *ip, const struct xt_entry_match *match) const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data; if (optinfo->flags & IP6T_OPTS_LEN) { - printf("%s--hbh-len %u ", - (optinfo->invflags & IP6T_OPTS_INV_LEN) ? "! " : "", + printf("%s --hbh-len %u", + (optinfo->invflags & IP6T_OPTS_INV_LEN) ? " !" : "", optinfo->hdrlen); } if (optinfo->flags & IP6T_OPTS_OPTS) - printf("--hbh-opts "); + printf(" --hbh-opts"); print_options(optinfo->optsnr, (uint16_t *)optinfo->opts); if (optinfo->flags & IP6T_OPTS_NSTRICT) - printf("--hbh-not-strict "); + printf(" --hbh-not-strict"); } static struct xtables_match hbh_mt6_reg = { diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c index daefea11..5da3210a 100644 --- a/extensions/libip6t_hl.c +++ b/extensions/libip6t_hl.c @@ -96,7 +96,7 @@ static void hl_print(const void *ip, const struct xt_entry_match *match, const struct ip6t_hl_info *info = (struct ip6t_hl_info *) match->data; - printf("HL match HL %s %u ", op[info->mode], info->hop_limit); + printf(" HL match HL %s %u", op[info->mode], info->hop_limit); } static void hl_save(const void *ip, const struct xt_entry_match *match) @@ -110,7 +110,7 @@ static void hl_save(const void *ip, const struct xt_entry_match *match) const struct ip6t_hl_info *info = (struct ip6t_hl_info *) match->data; - printf("%s %u ", op[info->mode], info->hop_limit); + printf(" %s %u", op[info->mode], info->hop_limit); } static const struct option hl_opts[] = { diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c index 8c39488e..fa87b696 100644 --- a/extensions/libip6t_icmp6.c +++ b/extensions/libip6t_icmp6.c @@ -186,7 +186,7 @@ static void print_icmpv6type(uint8_t type, break; if (i != ARRAY_SIZE(icmpv6_codes)) { - printf("%s%s ", + printf(" %s%s", invert ? "!" : "", icmpv6_codes[i].name); return; @@ -194,15 +194,13 @@ static void print_icmpv6type(uint8_t type, } if (invert) - printf("!"); + printf(" !"); printf("type %u", type); - if (code_min == 0 && code_max == 0xFF) - printf(" "); - else if (code_min == code_max) - printf(" code %u ", code_min); - else - printf(" codes %u-%u ", code_min, code_max); + if (code_min == code_max) + printf(" code %u", code_min); + else if (code_min != 0 || code_max != 0xFF) + printf(" codes %u-%u", code_min, code_max); } static void icmp6_print(const void *ip, const struct xt_entry_match *match, @@ -210,13 +208,13 @@ static void icmp6_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_icmp *icmpv6 = (struct ip6t_icmp *)match->data; - printf("ipv6-icmp "); + printf(" ipv6-icmp"); print_icmpv6type(icmpv6->type, icmpv6->code[0], icmpv6->code[1], icmpv6->invflags & IP6T_ICMP_INV, numeric); if (icmpv6->invflags & ~IP6T_ICMP_INV) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", icmpv6->invflags & ~IP6T_ICMP_INV); } @@ -225,12 +223,11 @@ static void icmp6_save(const void *ip, const struct xt_entry_match *match) const struct ip6t_icmp *icmpv6 = (struct ip6t_icmp *)match->data; if (icmpv6->invflags & IP6T_ICMP_INV) - printf("! "); + printf(" !"); - printf("--icmpv6-type %u", icmpv6->type); + printf(" --icmpv6-type %u", icmpv6->type); if (icmpv6->code[0] != 0 || icmpv6->code[1] != 0xFF) printf("/%u", icmpv6->code[0]); - printf(" "); } static void icmp6_check(unsigned int flags) diff --git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c index 7d2a97f8..da832e21 100644 --- a/extensions/libip6t_ipv6header.c +++ b/extensions/libip6t_ipv6header.c @@ -240,20 +240,19 @@ static void ipv6header_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct ip6t_ipv6header_info *info = (const struct ip6t_ipv6header_info *)match->data; - printf("ipv6header "); + printf(" ipv6header"); if (info->matchflags || info->invflags) { - printf("flags:%s", info->invflags ? "!" : ""); + printf(" flags:%s", info->invflags ? "!" : ""); if (numeric) - printf("0x%02X ", info->matchflags); + printf("0x%02X", info->matchflags); else { print_header(info->matchflags); - printf(" "); } } if (info->modeflag) - printf("soft "); + printf(" soft"); } static void ipv6header_save(const void *ip, const struct xt_entry_match *match) @@ -261,11 +260,10 @@ static void ipv6header_save(const void *ip, const struct xt_entry_match *match) const struct ip6t_ipv6header_info *info = (const struct ip6t_ipv6header_info *)match->data; - printf("%s--header ", info->invflags ? "! " : ""); + printf("%s --header ", info->invflags ? " !" : ""); print_header(info->matchflags); - printf(" "); if (info->modeflag) - printf("--soft "); + printf(" --soft"); } static struct xtables_match ipv6header_mt6_reg = { diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c index f41c4f43..460f9e47 100644 --- a/extensions/libip6t_mh.c +++ b/extensions/libip6t_mh.c @@ -170,6 +170,7 @@ static void print_types(uint8_t min, uint8_t max, int invert, int numeric) const char *inv = invert ? "!" : ""; if (min != 0 || max != 0xFF || invert) { + printf(" "); if (min == max) { printf("%s", inv); print_type(min, numeric); @@ -179,7 +180,6 @@ static void print_types(uint8_t min, uint8_t max, int invert, int numeric) printf(":"); print_type(max, numeric); } - printf(" "); } } @@ -188,12 +188,12 @@ static void mh_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_mh *mhinfo = (struct ip6t_mh *)match->data; - printf("mh "); + printf(" mh"); print_types(mhinfo->types[0], mhinfo->types[1], mhinfo->invflags & IP6T_MH_INV_TYPE, numeric); if (mhinfo->invflags & ~IP6T_MH_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", mhinfo->invflags & ~IP6T_MH_INV_MASK); } @@ -205,12 +205,12 @@ static void mh_save(const void *ip, const struct xt_entry_match *match) return; if (mhinfo->invflags & IP6T_MH_INV_TYPE) - printf("! "); + printf(" !"); if (mhinfo->types[0] != mhinfo->types[1]) - printf("--mh-type %u:%u ", mhinfo->types[0], mhinfo->types[1]); + printf(" --mh-type %u:%u", mhinfo->types[0], mhinfo->types[1]); else - printf("--mh-type %u ", mhinfo->types[0]); + printf(" --mh-type %u", mhinfo->types[0]); } static const struct option mh_opts[] = { diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c index 4e27f8ae..bd2da59f 100644 --- a/extensions/libip6t_rt.c +++ b/extensions/libip6t_rt.c @@ -235,7 +235,7 @@ print_nums(const char *name, uint32_t min, uint32_t max, const char *inv = invert ? "!" : ""; if (min != 0 || max != 0xFFFFFFFF || invert) { - printf("%s", name); + printf(" %s", name); if (min == max) { printf(":%s", inv); printf("%u", min); @@ -245,7 +245,6 @@ print_nums(const char *name, uint32_t min, uint32_t max, printf(":"); printf("%u",max); } - printf(" "); } } @@ -255,7 +254,7 @@ print_addresses(unsigned int addrnr, struct in6_addr *addrp) unsigned int i; for(i=0; i<addrnr; i++){ - printf("%s%c", addr_to_numeric(&(addrp[i])), (i!=addrnr-1)?',':' '); + printf("%c%s", (i==0)?' ':',', addr_to_numeric(&(addrp[i]))); } } @@ -264,24 +263,23 @@ static void rt_print(const void *ip, const struct xt_entry_match *match, { const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data; - printf("rt "); + printf(" rt"); if (rtinfo->flags & IP6T_RT_TYP) - printf("type:%s%d ", rtinfo->invflags & IP6T_RT_INV_TYP ? "!" : "", + printf(" type:%s%d", rtinfo->invflags & IP6T_RT_INV_TYP ? "!" : "", rtinfo->rt_type); print_nums("segsleft", rtinfo->segsleft[0], rtinfo->segsleft[1], rtinfo->invflags & IP6T_RT_INV_SGS); if (rtinfo->flags & IP6T_RT_LEN) { - printf("length"); + printf(" length"); printf(":%s", rtinfo->invflags & IP6T_RT_INV_LEN ? "!" : ""); printf("%u", rtinfo->hdrlen); - printf(" "); } - if (rtinfo->flags & IP6T_RT_RES) printf("reserved "); - if (rtinfo->flags & IP6T_RT_FST) printf("0-addrs "); + if (rtinfo->flags & IP6T_RT_RES) printf(" reserved"); + if (rtinfo->flags & IP6T_RT_FST) printf(" 0-addrs"); print_addresses(rtinfo->addrnr, (struct in6_addr *)rtinfo->addrs); - if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf("0-not-strict "); + if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf(" 0-not-strict"); if (rtinfo->invflags & ~IP6T_RT_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", rtinfo->invflags & ~IP6T_RT_INV_MASK); } @@ -290,35 +288,35 @@ static void rt_save(const void *ip, const struct xt_entry_match *match) const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data; if (rtinfo->flags & IP6T_RT_TYP) { - printf("%s--rt-type %u ", - (rtinfo->invflags & IP6T_RT_INV_TYP) ? "! " : "", + printf("%s --rt-type %u", + (rtinfo->invflags & IP6T_RT_INV_TYP) ? " !" : "", rtinfo->rt_type); } if (!(rtinfo->segsleft[0] == 0 && rtinfo->segsleft[1] == 0xFFFFFFFF)) { - printf("%s--rt-segsleft ", - (rtinfo->invflags & IP6T_RT_INV_SGS) ? "! " : ""); + printf("%s --rt-segsleft ", + (rtinfo->invflags & IP6T_RT_INV_SGS) ? " !" : ""); if (rtinfo->segsleft[0] != rtinfo->segsleft[1]) - printf("%u:%u ", + printf("%u:%u", rtinfo->segsleft[0], rtinfo->segsleft[1]); else - printf("%u ", + printf("%u", rtinfo->segsleft[0]); } if (rtinfo->flags & IP6T_RT_LEN) { - printf("%s--rt-len %u ", - (rtinfo->invflags & IP6T_RT_INV_LEN) ? "! " : "", + printf("%s --rt-len %u", + (rtinfo->invflags & IP6T_RT_INV_LEN) ? " !" : "", rtinfo->hdrlen); } - if (rtinfo->flags & IP6T_RT_RES) printf("--rt-0-res "); - if (rtinfo->flags & IP6T_RT_FST) printf("--rt-0-addrs "); + if (rtinfo->flags & IP6T_RT_RES) printf(" --rt-0-res"); + if (rtinfo->flags & IP6T_RT_FST) printf(" --rt-0-addrs"); print_addresses(rtinfo->addrnr, (struct in6_addr *)rtinfo->addrs); - if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf("--rt-0-not-strict "); + if (rtinfo->flags & IP6T_RT_FST_NSTRICT) printf(" --rt-0-not-strict"); } diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c index 9f4c9929..f7f46d1c 100644 --- a/extensions/libipt_CLUSTERIP.c +++ b/extensions/libipt_CLUSTERIP.c @@ -198,11 +198,11 @@ static void CLUSTERIP_print(const void *ip, (const struct ipt_clusterip_tgt_info *)target->data; if (!cipinfo->flags & CLUSTERIP_FLAG_NEW) { - printf("CLUSTERIP"); + printf(" CLUSTERIP"); return; } - printf("CLUSTERIP hashmode=%s clustermac=%s total_nodes=%u local_node=%u hash_init=%u", + printf(" CLUSTERIP hashmode=%s clustermac=%s total_nodes=%u local_node=%u hash_init=%u", hashmode2str(cipinfo->hash_mode), mac2str(cipinfo->clustermac), cipinfo->num_total_nodes, @@ -220,7 +220,7 @@ static void CLUSTERIP_save(const void *ip, const struct xt_entry_target *target) if (!cipinfo->flags & CLUSTERIP_FLAG_NEW) return; - printf("--new --hashmode %s --clustermac %s --total-nodes %d --local-node %d --hash-init %u", + printf(" --new --hashmode %s --clustermac %s --total-nodes %d --local-node %d --hash-init %u", hashmode2str(cipinfo->hash_mode), mac2str(cipinfo->clustermac), cipinfo->num_total_nodes, diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c index 32b94b26..34d3777a 100644 --- a/extensions/libipt_DNAT.c +++ b/extensions/libipt_DNAT.c @@ -221,14 +221,13 @@ static void DNAT_print(const void *ip, const struct xt_entry_target *target, const struct ipt_natinfo *info = (const void *)target; unsigned int i = 0; - printf("to:"); + printf(" to:"); for (i = 0; i < info->mr.rangesize; i++) { print_range(&info->mr.range[i]); - printf(" "); if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("random "); + printf(" random"); if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT) - printf("persistent "); + printf(" persistent"); } } @@ -238,13 +237,12 @@ static void DNAT_save(const void *ip, const struct xt_entry_target *target) unsigned int i = 0; for (i = 0; i < info->mr.rangesize; i++) { - printf("--to-destination "); + printf(" --to-destination "); print_range(&info->mr.range[i]); - printf(" "); if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("--random "); + printf(" --random"); if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT) - printf("--persistent "); + printf(" --persistent"); } } diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c index cad20a86..216a9963 100644 --- a/extensions/libipt_ECN.c +++ b/extensions/libipt_ECN.c @@ -108,21 +108,21 @@ static void ECN_print(const void *ip, const struct xt_entry_target *target, const struct ipt_ECN_info *einfo = (const struct ipt_ECN_info *)target->data; - printf("ECN "); + printf(" ECN"); if (einfo->operation == (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR) && einfo->proto.tcp.ece == 0 && einfo->proto.tcp.cwr == 0) - printf("TCP remove "); + printf(" TCP remove"); else { if (einfo->operation & IPT_ECN_OP_SET_ECE) - printf("ECE=%u ", einfo->proto.tcp.ece); + printf(" ECE=%u", einfo->proto.tcp.ece); if (einfo->operation & IPT_ECN_OP_SET_CWR) - printf("CWR=%u ", einfo->proto.tcp.cwr); + printf(" CWR=%u", einfo->proto.tcp.cwr); if (einfo->operation & IPT_ECN_OP_SET_IP) - printf("ECT codepoint=%u ", einfo->ip_ect); + printf(" ECT codepoint=%u", einfo->ip_ect); } } @@ -134,17 +134,17 @@ static void ECN_save(const void *ip, const struct xt_entry_target *target) if (einfo->operation == (IPT_ECN_OP_SET_ECE|IPT_ECN_OP_SET_CWR) && einfo->proto.tcp.ece == 0 && einfo->proto.tcp.cwr == 0) - printf("--ecn-tcp-remove "); + printf(" --ecn-tcp-remove"); else { if (einfo->operation & IPT_ECN_OP_SET_ECE) - printf("--ecn-tcp-ece %d ", einfo->proto.tcp.ece); + printf(" --ecn-tcp-ece %d", einfo->proto.tcp.ece); if (einfo->operation & IPT_ECN_OP_SET_CWR) - printf("--ecn-tcp-cwr %d ", einfo->proto.tcp.cwr); + printf(" --ecn-tcp-cwr %d", einfo->proto.tcp.cwr); if (einfo->operation & IPT_ECN_OP_SET_IP) - printf("--ecn-ip-ect %d ", einfo->ip_ect); + printf(" --ecn-ip-ect %d", einfo->ip_ect); } } diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c index e6ccb3bf..233bd9a9 100644 --- a/extensions/libipt_LOG.c +++ b/extensions/libipt_LOG.c @@ -203,34 +203,34 @@ static void LOG_print(const void *ip, const struct xt_entry_target *target, = (const struct ipt_log_info *)target->data; unsigned int i = 0; - printf("LOG "); + printf(" LOG"); if (numeric) - printf("flags %u level %u ", + printf(" flags %u level %u", loginfo->logflags, loginfo->level); else { for (i = 0; i < ARRAY_SIZE(ipt_log_names); ++i) if (loginfo->level == ipt_log_names[i].level) { - printf("level %s ", ipt_log_names[i].name); + printf(" level %s", ipt_log_names[i].name); break; } if (i == ARRAY_SIZE(ipt_log_names)) - printf("UNKNOWN level %u ", loginfo->level); + printf(" UNKNOWN level %u", loginfo->level); if (loginfo->logflags & IPT_LOG_TCPSEQ) - printf("tcp-sequence "); + printf(" tcp-sequence"); if (loginfo->logflags & IPT_LOG_TCPOPT) - printf("tcp-options "); + printf(" tcp-options"); if (loginfo->logflags & IPT_LOG_IPOPT) - printf("ip-options "); + printf(" ip-options"); if (loginfo->logflags & IPT_LOG_UID) - printf("uid "); + printf(" uid"); if (loginfo->logflags & IPT_LOG_MACDECODE) - printf("macdecode "); + printf(" macdecode"); if (loginfo->logflags & ~(IPT_LOG_MASK)) - printf("unknown-flags "); + printf(" unknown-flags"); } if (strcmp(loginfo->prefix, "") != 0) - printf("prefix `%s' ", loginfo->prefix); + printf(" prefix \"%s\"", loginfo->prefix); } static void LOG_save(const void *ip, const struct xt_entry_target *target) @@ -239,23 +239,23 @@ static void LOG_save(const void *ip, const struct xt_entry_target *target) = (const struct ipt_log_info *)target->data; if (strcmp(loginfo->prefix, "") != 0) { - printf("--log-prefix "); + printf(" --log-prefix"); xtables_save_string(loginfo->prefix); } if (loginfo->level != LOG_DEFAULT_LEVEL) - printf("--log-level %d ", loginfo->level); + printf(" --log-level %d", loginfo->level); if (loginfo->logflags & IPT_LOG_TCPSEQ) - printf("--log-tcp-sequence "); + printf(" --log-tcp-sequence"); if (loginfo->logflags & IPT_LOG_TCPOPT) - printf("--log-tcp-options "); + printf(" --log-tcp-options"); if (loginfo->logflags & IPT_LOG_IPOPT) - printf("--log-ip-options "); + printf(" --log-ip-options"); if (loginfo->logflags & IPT_LOG_UID) - printf("--log-uid "); + printf(" --log-uid"); if (loginfo->logflags & IPT_LOG_MACDECODE) - printf("--log-macdecode "); + printf(" --log-macdecode"); } static struct xtables_target log_tg_reg = { diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c index 3b059ace..00baf25e 100644 --- a/extensions/libipt_MASQUERADE.c +++ b/extensions/libipt_MASQUERADE.c @@ -114,15 +114,14 @@ MASQUERADE_print(const void *ip, const struct xt_entry_target *target, const struct nf_nat_range *r = &mr->range[0]; if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) { - printf("masq ports: "); + printf(" masq ports: "); printf("%hu", ntohs(r->min.tcp.port)); if (r->max.tcp.port != r->min.tcp.port) printf("-%hu", ntohs(r->max.tcp.port)); - printf(" "); } if (r->flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("random "); + printf(" random"); } static void @@ -132,14 +131,13 @@ MASQUERADE_save(const void *ip, const struct xt_entry_target *target) const struct nf_nat_range *r = &mr->range[0]; if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) { - printf("--to-ports %hu", ntohs(r->min.tcp.port)); + printf(" --to-ports %hu", ntohs(r->min.tcp.port)); if (r->max.tcp.port != r->min.tcp.port) printf("-%hu", ntohs(r->max.tcp.port)); - printf(" "); } if (r->flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("--random "); + printf(" --random"); } static struct xtables_target masquerade_tg_reg = { diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c index c7d0307b..0e85dec1 100644 --- a/extensions/libipt_NETMAP.c +++ b/extensions/libipt_NETMAP.c @@ -155,7 +155,7 @@ static void NETMAP_print(const void *ip, const struct xt_entry_target *target, static void NETMAP_save(const void *ip, const struct xt_entry_target *target) { - printf("--%s ", NETMAP_opts[0].name); + printf(" --%s ", NETMAP_opts[0].name); NETMAP_print(ip, target, 0); } diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c index 74b3aa13..471ff29a 100644 --- a/extensions/libipt_REDIRECT.c +++ b/extensions/libipt_REDIRECT.c @@ -124,13 +124,12 @@ static void REDIRECT_print(const void *ip, const struct xt_entry_target *target, const struct nf_nat_range *r = &mr->range[0]; if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) { - printf("redir ports "); + printf(" redir ports "); printf("%hu", ntohs(r->min.tcp.port)); if (r->max.tcp.port != r->min.tcp.port) printf("-%hu", ntohs(r->max.tcp.port)); - printf(" "); if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("random "); + printf(" random"); } } @@ -140,13 +139,12 @@ static void REDIRECT_save(const void *ip, const struct xt_entry_target *target) const struct nf_nat_range *r = &mr->range[0]; if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) { - printf("--to-ports "); + printf(" --to-ports "); printf("%hu", ntohs(r->min.tcp.port)); if (r->max.tcp.port != r->min.tcp.port) printf("-%hu", ntohs(r->max.tcp.port)); - printf(" "); if (mr->range[0].flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("--random "); + printf(" --random"); } } diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c index 4bd5f4a0..0ed58cbd 100644 --- a/extensions/libipt_REJECT.c +++ b/extensions/libipt_REJECT.c @@ -130,7 +130,7 @@ static void REJECT_print(const void *ip, const struct xt_entry_target *target, for (i = 0; i < ARRAY_SIZE(reject_table); ++i) if (reject_table[i].with == reject->with) break; - printf("reject-with %s ", reject_table[i].name); + printf(" reject-with %s", reject_table[i].name); } static void REJECT_save(const void *ip, const struct xt_entry_target *target) @@ -143,7 +143,7 @@ static void REJECT_save(const void *ip, const struct xt_entry_target *target) if (reject_table[i].with == reject->with) break; - printf("--reject-with %s ", reject_table[i].name); + printf(" --reject-with %s", reject_table[i].name); } static struct xtables_target reject_tg_reg = { diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c index 9531a3bc..9c548f5f 100644 --- a/extensions/libipt_SAME.c +++ b/extensions/libipt_SAME.c @@ -139,8 +139,8 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target, const struct ipt_same_info *mr = (const void *)target->data; int random_selection = 0; - printf("same:"); - + printf(" same:"); + for (count = 0; count < mr->rangesize; count++) { const struct nf_nat_range *r = &mr->range[count]; struct in_addr a; @@ -150,19 +150,17 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target, printf("%s", xtables_ipaddr_to_numeric(&a)); a.s_addr = r->max_ip; - if (r->min_ip == r->max_ip) - printf(" "); - else - printf("-%s ", xtables_ipaddr_to_numeric(&a)); + if (r->min_ip != r->max_ip) + printf("-%s", xtables_ipaddr_to_numeric(&a)); if (r->flags & IP_NAT_RANGE_PROTO_RANDOM) random_selection = 1; } if (mr->info & IPT_SAME_NODST) - printf("nodst "); + printf(" nodst"); if (random_selection) - printf("random "); + printf(" random"); } static void SAME_save(const void *ip, const struct xt_entry_target *target) @@ -176,22 +174,20 @@ static void SAME_save(const void *ip, const struct xt_entry_target *target) struct in_addr a; a.s_addr = r->min_ip; - printf("--to %s", xtables_ipaddr_to_numeric(&a)); + printf(" --to %s", xtables_ipaddr_to_numeric(&a)); a.s_addr = r->max_ip; - if (r->min_ip == r->max_ip) - printf(" "); - else - printf("-%s ", xtables_ipaddr_to_numeric(&a)); + if (r->min_ip != r->max_ip) + printf("-%s", xtables_ipaddr_to_numeric(&a)); if (r->flags & IP_NAT_RANGE_PROTO_RANDOM) random_selection = 1; } if (mr->info & IPT_SAME_NODST) - printf("--nodst "); + printf(" --nodst"); if (random_selection) - printf("--random "); + printf(" --random"); } static struct xtables_target same_tg_reg = { diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c index 2700bcc8..532770da 100644 --- a/extensions/libipt_SNAT.c +++ b/extensions/libipt_SNAT.c @@ -221,14 +221,13 @@ static void SNAT_print(const void *ip, const struct xt_entry_target *target, const struct ipt_natinfo *info = (const void *)target; unsigned int i = 0; - printf("to:"); + printf(" to:"); for (i = 0; i < info->mr.rangesize; i++) { print_range(&info->mr.range[i]); - printf(" "); if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("random "); + printf(" random"); if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT) - printf("persistent "); + printf(" persistent"); } } @@ -238,13 +237,12 @@ static void SNAT_save(const void *ip, const struct xt_entry_target *target) unsigned int i = 0; for (i = 0; i < info->mr.rangesize; i++) { - printf("--to-source "); + printf(" --to-source "); print_range(&info->mr.range[i]); - printf(" "); if (info->mr.range[i].flags & IP_NAT_RANGE_PROTO_RANDOM) - printf("--random "); + printf(" --random"); if (info->mr.range[i].flags & IP_NAT_RANGE_PERSISTENT) - printf("--persistent "); + printf(" --persistent"); } } diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c index c8e55242..f13d9c34 100644 --- a/extensions/libipt_TTL.c +++ b/extensions/libipt_TTL.c @@ -93,17 +93,17 @@ static void TTL_save(const void *ip, const struct xt_entry_target *target) switch (info->mode) { case IPT_TTL_SET: - printf("--ttl-set "); + printf(" --ttl-set"); break; case IPT_TTL_DEC: - printf("--ttl-dec "); + printf(" --ttl-dec"); break; case IPT_TTL_INC: - printf("--ttl-inc "); + printf(" --ttl-inc"); break; } - printf("%u ", info->ttl); + printf(" %u", info->ttl); } static void TTL_print(const void *ip, const struct xt_entry_target *target, @@ -112,19 +112,19 @@ static void TTL_print(const void *ip, const struct xt_entry_target *target, const struct ipt_TTL_info *info = (struct ipt_TTL_info *) target->data; - printf("TTL "); + printf(" TTL "); switch (info->mode) { case IPT_TTL_SET: - printf("set to "); + printf("set to"); break; case IPT_TTL_DEC: - printf("decrement by "); + printf("decrement by"); break; case IPT_TTL_INC: - printf("increment by "); + printf("increment by"); break; } - printf("%u ", info->ttl); + printf(" %u", info->ttl); } static const struct option TTL_opts[] = { diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c index 0185f98c..8eeccf00 100644 --- a/extensions/libipt_ULOG.c +++ b/extensions/libipt_ULOG.c @@ -29,7 +29,7 @@ static void print_groups(unsigned int gmask) for (b = 31; b >= 0; b--) { test = (1 << b); if (gmask & test) - printf("%d ", b + 1); + printf(" %d", b + 1); } } @@ -148,19 +148,19 @@ static void ULOG_save(const void *ip, const struct xt_entry_target *target) = (const struct ipt_ulog_info *) target->data; if (strcmp(loginfo->prefix, "") != 0) { - fputs("--ulog-prefix ", stdout); + fputs(" --ulog-prefix", stdout); xtables_save_string(loginfo->prefix); } if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) { - printf("--ulog-nlgroup "); + printf(" --ulog-nlgroup"); print_groups(loginfo->nl_group); } if (loginfo->copy_range) - printf("--ulog-cprange %u ", (unsigned int)loginfo->copy_range); + printf(" --ulog-cprange %u", (unsigned int)loginfo->copy_range); if (loginfo->qthreshold != ULOG_DEFAULT_QTHRESHOLD) - printf("--ulog-qthreshold %u ", (unsigned int)loginfo->qthreshold); + printf(" --ulog-qthreshold %u", (unsigned int)loginfo->qthreshold); } static void ULOG_print(const void *ip, const struct xt_entry_target *target, @@ -169,12 +169,12 @@ static void ULOG_print(const void *ip, const struct xt_entry_target *target, const struct ipt_ulog_info *loginfo = (const struct ipt_ulog_info *) target->data; - printf("ULOG "); - printf("copy_range %u nlgroup ", (unsigned int)loginfo->copy_range); + printf(" ULOG "); + printf("copy_range %u nlgroup", (unsigned int)loginfo->copy_range); print_groups(loginfo->nl_group); if (strcmp(loginfo->prefix, "") != 0) - printf("prefix `%s' ", loginfo->prefix); - printf("queue_threshold %u ", (unsigned int)loginfo->qthreshold); + printf(" prefix \"%s\"", loginfo->prefix); + printf(" queue_threshold %u", (unsigned int)loginfo->qthreshold); } static struct xtables_target ulog_tg_reg = { diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c index fa6cc1e4..a592f0d5 100644 --- a/extensions/libipt_addrtype.c +++ b/extensions/libipt_addrtype.c @@ -203,8 +203,6 @@ static void print_types(uint16_t mask) printf("%s%s", sep, rtn_names[i]); sep = ","; } - - printf(" "); } static void addrtype_print_v0(const void *ip, const struct xt_entry_match *match, @@ -213,15 +211,15 @@ static void addrtype_print_v0(const void *ip, const struct xt_entry_match *match const struct ipt_addrtype_info *info = (struct ipt_addrtype_info *) match->data; - printf("ADDRTYPE match "); + printf(" ADDRTYPE match"); if (info->source) { - printf("src-type "); + printf(" src-type "); if (info->invert_source) printf("!"); print_types(info->source); } if (info->dest) { - printf("dst-type "); + printf(" dst-type"); if (info->invert_dest) printf("!"); print_types(info->dest); @@ -234,24 +232,24 @@ static void addrtype_print_v1(const void *ip, const struct xt_entry_match *match const struct ipt_addrtype_info_v1 *info = (struct ipt_addrtype_info_v1 *) match->data; - printf("ADDRTYPE match "); + printf(" ADDRTYPE match"); if (info->source) { - printf("src-type "); + printf(" src-type "); if (info->flags & IPT_ADDRTYPE_INVERT_SOURCE) printf("!"); print_types(info->source); } if (info->dest) { - printf("dst-type "); + printf(" dst-type "); if (info->flags & IPT_ADDRTYPE_INVERT_DEST) printf("!"); print_types(info->dest); } if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_IN) { - printf("limit-in "); + printf(" limit-in"); } if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_OUT) { - printf("limit-out "); + printf(" limit-out"); } } @@ -262,14 +260,14 @@ static void addrtype_save_v0(const void *ip, const struct xt_entry_match *match) if (info->source) { if (info->invert_source) - printf("! "); - printf("--src-type "); + printf(" !"); + printf(" --src-type "); print_types(info->source); } if (info->dest) { if (info->invert_dest) - printf("! "); - printf("--dst-type "); + printf(" !"); + printf(" --dst-type "); print_types(info->dest); } } @@ -281,21 +279,21 @@ static void addrtype_save_v1(const void *ip, const struct xt_entry_match *match) if (info->source) { if (info->flags & IPT_ADDRTYPE_INVERT_SOURCE) - printf("! "); - printf("--src-type "); + printf(" !"); + printf(" --src-type "); print_types(info->source); } if (info->dest) { if (info->flags & IPT_ADDRTYPE_INVERT_DEST) - printf("! "); - printf("--dst-type "); + printf(" !"); + printf(" --dst-type "); print_types(info->dest); } if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_IN) { - printf("--limit-iface-in "); + printf(" --limit-iface-in"); } if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_OUT) { - printf("--limit-iface-out "); + printf(" --limit-iface-out"); } } diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c index 93590620..c50eecc4 100644 --- a/extensions/libipt_ah.c +++ b/extensions/libipt_ah.c @@ -111,7 +111,6 @@ print_spis(const char *name, uint32_t min, uint32_t max, printf(":"); printf("%u",max); } - printf(" "); } } @@ -120,11 +119,11 @@ static void ah_print(const void *ip, const struct xt_entry_match *match, { const struct ipt_ah *ah = (struct ipt_ah *)match->data; - printf("ah "); + printf(" ah "); print_spis("spi", ah->spis[0], ah->spis[1], ah->invflags & IPT_AH_INV_SPI); if (ah->invflags & ~IPT_AH_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", ah->invflags & ~IPT_AH_INV_MASK); } @@ -134,15 +133,15 @@ static void ah_save(const void *ip, const struct xt_entry_match *match) if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) { - printf("%s--ahspi ", - (ahinfo->invflags & IPT_AH_INV_SPI) ? "! " : ""); + printf("%s --ahspi ", + (ahinfo->invflags & IPT_AH_INV_SPI) ? " !" : ""); if (ahinfo->spis[0] != ahinfo->spis[1]) - printf("%u:%u ", + printf("%u:%u", ahinfo->spis[0], ahinfo->spis[1]); else - printf("%u ", + printf("%u", ahinfo->spis[0]); } diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c index 27e46b3d..81d7b58b 100644 --- a/extensions/libipt_ecn.c +++ b/extensions/libipt_ecn.c @@ -94,24 +94,22 @@ static void ecn_print(const void *ip, const struct xt_entry_match *match, const struct ipt_ecn_info *einfo = (const struct ipt_ecn_info *)match->data; - printf("ECN match "); + printf(" ECN match"); if (einfo->operation & IPT_ECN_OP_MATCH_ECE) { - if (einfo->invert & IPT_ECN_OP_MATCH_ECE) - fputc('!', stdout); - printf("ECE "); + printf(" %sECE", + (einfo->invert & IPT_ECN_OP_MATCH_ECE) ? "!" : ""); } if (einfo->operation & IPT_ECN_OP_MATCH_CWR) { - if (einfo->invert & IPT_ECN_OP_MATCH_CWR) - fputc('!', stdout); - printf("CWR "); + printf(" %sCWR", + (einfo->invert & IPT_ECN_OP_MATCH_CWR) ? "!" : ""); } if (einfo->operation & IPT_ECN_OP_MATCH_IP) { - if (einfo->invert & IPT_ECN_OP_MATCH_IP) - fputc('!', stdout); - printf("ECT=%d ", einfo->ip_ect); + printf(" %sECT=%d", + (einfo->invert & IPT_ECN_OP_MATCH_IP) ? "!" : "", + einfo->ip_ect); } } @@ -122,20 +120,20 @@ static void ecn_save(const void *ip, const struct xt_entry_match *match) if (einfo->operation & IPT_ECN_OP_MATCH_ECE) { if (einfo->invert & IPT_ECN_OP_MATCH_ECE) - printf("! "); - printf("--ecn-tcp-ece "); + printf(" !"); + printf(" --ecn-tcp-ece"); } if (einfo->operation & IPT_ECN_OP_MATCH_CWR) { if (einfo->invert & IPT_ECN_OP_MATCH_CWR) - printf("! "); - printf("--ecn-tcp-cwr "); + printf(" !"); + printf(" --ecn-tcp-cwr"); } if (einfo->operation & IPT_ECN_OP_MATCH_IP) { if (einfo->invert & IPT_ECN_OP_MATCH_IP) - printf("! "); - printf("--ecn-ip-ect %d", einfo->ip_ect); + printf(" !"); + printf(" --ecn-ip-ect %d", einfo->ip_ect); } } diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c index a233520e..c75713d2 100644 --- a/extensions/libipt_icmp.c +++ b/extensions/libipt_icmp.c @@ -211,7 +211,7 @@ static void print_icmptype(uint8_t type, break; if (i != ARRAY_SIZE(icmp_codes)) { - printf("%s%s ", + printf(" %s%s", invert ? "!" : "", icmp_codes[i].name); return; @@ -219,15 +219,13 @@ static void print_icmptype(uint8_t type, } if (invert) - printf("!"); + printf(" !"); printf("type %u", type); - if (code_min == 0 && code_max == 0xFF) - printf(" "); - else if (code_min == code_max) - printf(" code %u ", code_min); - else - printf(" codes %u-%u ", code_min, code_max); + if (code_min == code_max) + printf(" code %u", code_min); + else if (code_min != 0 || code_max != 0xFF) + printf(" codes %u-%u", code_min, code_max); } static void icmp_print(const void *ip, const struct xt_entry_match *match, @@ -235,13 +233,13 @@ static void icmp_print(const void *ip, const struct xt_entry_match *match, { const struct ipt_icmp *icmp = (struct ipt_icmp *)match->data; - printf("icmp "); + printf(" icmp"); print_icmptype(icmp->type, icmp->code[0], icmp->code[1], icmp->invflags & IPT_ICMP_INV, numeric); if (icmp->invflags & ~IPT_ICMP_INV) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", icmp->invflags & ~IPT_ICMP_INV); } @@ -250,16 +248,15 @@ static void icmp_save(const void *ip, const struct xt_entry_match *match) const struct ipt_icmp *icmp = (struct ipt_icmp *)match->data; if (icmp->invflags & IPT_ICMP_INV) - printf("! "); + printf(" !"); /* special hack for 'any' case */ if (icmp->type == 0xFF) { - printf("--icmp-type any "); + printf(" --icmp-type any"); } else { - printf("--icmp-type %u", icmp->type); + printf(" --icmp-type %u", icmp->type); if (icmp->code[0] != 0 || icmp->code[1] != 0xFF) printf("/%u", icmp->code[0]); - printf(" "); } } diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c index a5ec6d8c..a2505706 100644 --- a/extensions/libipt_realm.c +++ b/extensions/libipt_realm.c @@ -190,14 +190,14 @@ print_realm(unsigned long id, unsigned long mask, int numeric) const char* name = NULL; if (mask != 0xffffffff) - printf("0x%lx/0x%lx ", id, mask); + printf(" 0x%lx/0x%lx", id, mask); else { if (numeric == 0) name = realm_id2name(id); if (name) - printf("%s ", name); + printf(" %s", name); else - printf("0x%lx ", id); + printf(" 0x%lx", id); } } @@ -207,9 +207,9 @@ static void realm_print(const void *ip, const struct xt_entry_match *match, const struct ipt_realm_info *ri = (const void *)match->data; if (ri->invert) - printf("! "); + printf(" !"); - printf("realm "); + printf(" realm"); print_realm(ri->id, ri->mask, numeric); } @@ -218,9 +218,9 @@ static void realm_save(const void *ip, const struct xt_entry_match *match) const struct ipt_realm_info *ri = (const void *)match->data; if (ri->invert) - printf("! "); + printf(" !"); - printf("--realm "); + printf(" --realm"); print_realm(ri->id, ri->mask, 0); } diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c index 05de9f79..07fa3c40 100644 --- a/extensions/libipt_ttl.c +++ b/extensions/libipt_ttl.c @@ -92,22 +92,22 @@ static void ttl_print(const void *ip, const struct xt_entry_match *match, const struct ipt_ttl_info *info = (struct ipt_ttl_info *) match->data; - printf("TTL match "); + printf(" TTL match "); switch (info->mode) { case IPT_TTL_EQ: - printf("TTL == "); + printf("TTL =="); break; case IPT_TTL_NE: - printf("TTL != "); + printf("TTL !="); break; case IPT_TTL_LT: - printf("TTL < "); + printf("TTL <"); break; case IPT_TTL_GT: - printf("TTL > "); + printf("TTL >"); break; } - printf("%u ", info->ttl); + printf(" %u", info->ttl); } static void ttl_save(const void *ip, const struct xt_entry_match *match) @@ -117,22 +117,22 @@ static void ttl_save(const void *ip, const struct xt_entry_match *match) switch (info->mode) { case IPT_TTL_EQ: - printf("--ttl-eq "); + printf(" --ttl-eq"); break; case IPT_TTL_NE: - printf("! --ttl-eq "); + printf(" ! --ttl-eq"); break; case IPT_TTL_LT: - printf("--ttl-lt "); + printf(" --ttl-lt"); break; case IPT_TTL_GT: - printf("--ttl-gt "); + printf(" --ttl-gt"); break; default: /* error */ break; } - printf("%u ", info->ttl); + printf(" %u", info->ttl); } static const struct option ttl_opts[] = { diff --git a/extensions/libxt_AUDIT.c b/extensions/libxt_AUDIT.c index 1f2dee44..a6ab37f9 100644 --- a/extensions/libxt_AUDIT.c +++ b/extensions/libxt_AUDIT.c @@ -70,7 +70,7 @@ static void audit_print(const void *ip, const struct xt_entry_target *target, const struct xt_audit_info *einfo = (const struct xt_audit_info *)target->data; - printf("AUDIT "); + printf(" AUDIT "); switch(einfo->type) { case XT_AUDIT_TYPE_ACCEPT: @@ -92,13 +92,13 @@ static void audit_save(const void *ip, const struct xt_entry_target *target) switch(einfo->type) { case XT_AUDIT_TYPE_ACCEPT: - printf("--type=accept"); + printf(" --type accept"); break; case XT_AUDIT_TYPE_DROP: - printf("--type=drop"); + printf(" --type drop"); break; case XT_AUDIT_TYPE_REJECT: - printf("--type=reject"); + printf(" --type reject"); break; } } diff --git a/extensions/libxt_CHECKSUM.c b/extensions/libxt_CHECKSUM.c index a4a60b33..83b3d699 100644 --- a/extensions/libxt_CHECKSUM.c +++ b/extensions/libxt_CHECKSUM.c @@ -60,10 +60,10 @@ static void CHECKSUM_print(const void *ip, const struct xt_entry_target *target, const struct xt_CHECKSUM_info *einfo = (const struct xt_CHECKSUM_info *)target->data; - printf("CHECKSUM "); + printf(" CHECKSUM"); if (einfo->operation & XT_CHECKSUM_OP_FILL) - printf("fill "); + printf(" fill"); } static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target) @@ -72,7 +72,7 @@ static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target) (const struct xt_CHECKSUM_info *)target->data; if (einfo->operation & XT_CHECKSUM_OP_FILL) - printf("--checksum-fill "); + printf(" --checksum-fill"); } static struct xtables_target checksum_tg_reg = { diff --git a/extensions/libxt_CLASSIFY.c b/extensions/libxt_CLASSIFY.c index 2920ee8d..e9a03650 100644 --- a/extensions/libxt_CLASSIFY.c +++ b/extensions/libxt_CLASSIFY.c @@ -69,7 +69,7 @@ CLASSIFY_final_check(unsigned int flags) static void CLASSIFY_print_class(unsigned int priority, int numeric) { - printf("%x:%x ", TC_H_MAJ(priority)>>16, TC_H_MIN(priority)); + printf(" %x:%x", TC_H_MAJ(priority)>>16, TC_H_MIN(priority)); } static void @@ -79,7 +79,7 @@ CLASSIFY_print(const void *ip, { const struct xt_classify_target_info *clinfo = (const struct xt_classify_target_info *)target->data; - printf("CLASSIFY set "); + printf(" CLASSIFY set"); CLASSIFY_print_class(clinfo->priority, numeric); } @@ -89,7 +89,7 @@ CLASSIFY_save(const void *ip, const struct xt_entry_target *target) const struct xt_classify_target_info *clinfo = (const struct xt_classify_target_info *)target->data; - printf("--set-class %.4x:%.4x ", + printf(" --set-class %.4x:%.4x", TC_H_MAJ(clinfo->priority)>>16, TC_H_MIN(clinfo->priority)); } diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c index 4657411b..dbb9dc50 100644 --- a/extensions/libxt_CONNMARK.c +++ b/extensions/libxt_CONNMARK.c @@ -282,22 +282,20 @@ static void CONNMARK_print(const void *ip, (const struct xt_connmark_target_info *)target->data; switch (markinfo->mode) { case XT_CONNMARK_SET: - printf("CONNMARK set "); + printf(" CONNMARK set "); print_mark(markinfo->mark); print_mask("/", markinfo->mask); - printf(" "); break; case XT_CONNMARK_SAVE: - printf("CONNMARK save "); + printf(" CONNMARK save "); print_mask("mask ", markinfo->mask); - printf(" "); break; case XT_CONNMARK_RESTORE: - printf("CONNMARK restore "); + printf(" CONNMARK restore "); print_mask("mask ", markinfo->mask); break; default: - printf("ERROR: UNKNOWN CONNMARK MODE "); + printf(" ERROR: UNKNOWN CONNMARK MODE"); break; } } @@ -311,39 +309,39 @@ connmark_tg_print(const void *ip, const struct xt_entry_target *target, switch (info->mode) { case XT_CONNMARK_SET: if (info->ctmark == 0) - printf("CONNMARK and 0x%x ", + printf(" CONNMARK and 0x%x", (unsigned int)(uint32_t)~info->ctmask); else if (info->ctmark == info->ctmask) - printf("CONNMARK or 0x%x ", info->ctmark); + printf(" CONNMARK or 0x%x", info->ctmark); else if (info->ctmask == 0) - printf("CONNMARK xor 0x%x ", info->ctmark); + printf(" CONNMARK xor 0x%x", info->ctmark); else if (info->ctmask == 0xFFFFFFFFU) - printf("CONNMARK set 0x%x ", info->ctmark); + printf(" CONNMARK set 0x%x", info->ctmark); else - printf("CONNMARK xset 0x%x/0x%x ", + printf(" CONNMARK xset 0x%x/0x%x", info->ctmark, info->ctmask); break; case XT_CONNMARK_SAVE: if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX) - printf("CONNMARK save "); + printf(" CONNMARK save"); else if (info->nfmask == info->ctmask) - printf("CONNMARK save mask 0x%x ", info->nfmask); + printf(" CONNMARK save mask 0x%x", info->nfmask); else - printf("CONNMARK save nfmask 0x%x ctmask ~0x%x ", + printf(" CONNMARK save nfmask 0x%x ctmask ~0x%x", info->nfmask, info->ctmask); break; case XT_CONNMARK_RESTORE: if (info->ctmask == UINT32_MAX && info->nfmask == UINT32_MAX) - printf("CONNMARK restore "); + printf(" CONNMARK restore"); else if (info->ctmask == info->nfmask) - printf("CONNMARK restore mask 0x%x ", info->ctmask); + printf(" CONNMARK restore mask 0x%x", info->ctmask); else - printf("CONNMARK restore ctmask 0x%x nfmask ~0x%x ", + printf(" CONNMARK restore ctmask 0x%x nfmask ~0x%x", info->ctmask, info->nfmask); break; default: - printf("ERROR: UNKNOWN CONNMARK MODE"); + printf(" ERROR: UNKNOWN CONNMARK MODE"); break; } } @@ -355,21 +353,20 @@ static void CONNMARK_save(const void *ip, const struct xt_entry_target *target) switch (markinfo->mode) { case XT_CONNMARK_SET: - printf("--set-mark "); + printf(" --set-mark "); print_mark(markinfo->mark); print_mask("/", markinfo->mask); - printf(" "); break; case XT_CONNMARK_SAVE: - printf("--save-mark "); + printf(" --save-mark "); print_mask("--mask ", markinfo->mask); break; case XT_CONNMARK_RESTORE: - printf("--restore-mark "); + printf(" --restore-mark "); print_mask("--mask ", markinfo->mask); break; default: - printf("ERROR: UNKNOWN CONNMARK MODE "); + printf(" ERROR: UNKNOWN CONNMARK MODE"); break; } } @@ -389,18 +386,18 @@ connmark_tg_save(const void *ip, const struct xt_entry_target *target) switch (info->mode) { case XT_CONNMARK_SET: - printf("--set-xmark 0x%x/0x%x ", info->ctmark, info->ctmask); + printf(" --set-xmark 0x%x/0x%x", info->ctmark, info->ctmask); break; case XT_CONNMARK_SAVE: - printf("--save-mark --nfmask 0x%x --ctmask 0x%x ", + printf(" --save-mark --nfmask 0x%x --ctmask 0x%x", info->nfmask, info->ctmask); break; case XT_CONNMARK_RESTORE: - printf("--restore-mark --nfmask 0x%x --ctmask 0x%x ", + printf(" --restore-mark --nfmask 0x%x --ctmask 0x%x", info->nfmask, info->ctmask); break; default: - printf("ERROR: UNKNOWN CONNMARK MODE"); + printf(" ERROR: UNKNOWN CONNMARK MODE"); break; } } diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c index 75d0e3b1..6b161f3b 100644 --- a/extensions/libxt_CONNSECMARK.c +++ b/extensions/libxt_CONNSECMARK.c @@ -71,11 +71,11 @@ static void print_connsecmark(const struct xt_connsecmark_target_info *info) { switch (info->mode) { case CONNSECMARK_SAVE: - printf("save "); + printf("save"); break; case CONNSECMARK_RESTORE: - printf("restore "); + printf("restore"); break; default: @@ -90,7 +90,7 @@ CONNSECMARK_print(const void *ip, const struct xt_entry_target *target, const struct xt_connsecmark_target_info *info = (struct xt_connsecmark_target_info*)(target)->data; - printf("CONNSECMARK "); + printf(" CONNSECMARK "); print_connsecmark(info); } diff --git a/extensions/libxt_CT.c b/extensions/libxt_CT.c index 682dd831..38ee17b1 100644 --- a/extensions/libxt_CT.c +++ b/extensions/libxt_CT.c @@ -87,14 +87,13 @@ static void ct_print_events(const char *pfx, const struct event_tbl *tbl, const char *sep = ""; unsigned int i; - printf("%s ", pfx); + printf(" %s ", pfx); for (i = 0; i < size; i++) { if (mask & (1 << tbl[i].event)) { printf("%s%s", sep, tbl[i].name); sep = ","; } } - printf(" "); } static int ct_parse(int c, char **argv, int invert, unsigned int *flags, @@ -138,11 +137,11 @@ static void ct_print(const void *ip, const struct xt_entry_target *target, int n const struct xt_ct_target_info *info = (const struct xt_ct_target_info *)target->data; - printf("CT "); + printf(" CT"); if (info->flags & XT_CT_NOTRACK) - printf("notrack "); + printf(" notrack"); if (info->helper[0]) - printf("helper %s ", info->helper); + printf(" helper %s", info->helper); if (info->ct_events) ct_print_events("ctevents", ct_event_tbl, ARRAY_SIZE(ct_event_tbl), info->ct_events); @@ -159,9 +158,9 @@ static void ct_save(const void *ip, const struct xt_entry_target *target) (const struct xt_ct_target_info *)target->data; if (info->flags & XT_CT_NOTRACK) - printf("--notrack "); + printf(" --notrack"); if (info->helper[0]) - printf("--helper %s ", info->helper); + printf(" --helper %s", info->helper); if (info->ct_events) ct_print_events("--ctevents", ct_event_tbl, ARRAY_SIZE(ct_event_tbl), info->ct_events); @@ -169,7 +168,7 @@ static void ct_save(const void *ip, const struct xt_entry_target *target) ct_print_events("--expevents", exp_event_tbl, ARRAY_SIZE(exp_event_tbl), info->exp_events); if (info->zone) - printf("--zone %u ", info->zone); + printf(" --zone %u", info->zone); } static struct xtables_target ct_target = { diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c index 468516c1..db27d68f 100644 --- a/extensions/libxt_DSCP.c +++ b/extensions/libxt_DSCP.c @@ -107,7 +107,7 @@ static void DSCP_check(unsigned int flags) static void print_dscp(uint8_t dscp, int numeric) { - printf("0x%02x ", dscp); + printf(" 0x%02x", dscp); } static void DSCP_print(const void *ip, const struct xt_entry_target *target, @@ -115,7 +115,7 @@ static void DSCP_print(const void *ip, const struct xt_entry_target *target, { const struct xt_DSCP_info *dinfo = (const struct xt_DSCP_info *)target->data; - printf("DSCP set "); + printf(" DSCP set"); print_dscp(dinfo->dscp, numeric); } @@ -124,7 +124,7 @@ static void DSCP_save(const void *ip, const struct xt_entry_target *target) const struct xt_DSCP_info *dinfo = (const struct xt_DSCP_info *)target->data; - printf("--set-dscp 0x%02x ", dinfo->dscp); + printf(" --set-dscp 0x%02x", dinfo->dscp); } static struct xtables_target dscp_target = { diff --git a/extensions/libxt_IDLETIMER.c b/extensions/libxt_IDLETIMER.c index 05db0e91..847ab180 100644 --- a/extensions/libxt_IDLETIMER.c +++ b/extensions/libxt_IDLETIMER.c @@ -100,8 +100,8 @@ static void idletimer_tg_print(const void *ip, struct idletimer_tg_info *info = (struct idletimer_tg_info *) target->data; - printf("timeout:%u ", info->timeout); - printf("label:%s ", info->label); + printf(" timeout:%u", info->timeout); + printf(" label:%s", info->label); } static void idletimer_tg_save(const void *ip, @@ -110,8 +110,8 @@ static void idletimer_tg_save(const void *ip, struct idletimer_tg_info *info = (struct idletimer_tg_info *) target->data; - printf("--timeout %u ", info->timeout); - printf("--label %s ", info->label); + printf(" --timeout %u", info->timeout); + printf(" --label %s", info->label); } static struct xtables_target idletimer_tg_reg = { diff --git a/extensions/libxt_LED.c b/extensions/libxt_LED.c index ca1b6ed4..9e8b9b01 100644 --- a/extensions/libxt_LED.c +++ b/extensions/libxt_LED.c @@ -91,22 +91,22 @@ static void LED_print(const void *ip, const struct xt_entry_target *target, const struct xt_led_info *led = (void *)target->data; const char *id = led->id + strlen("netfilter-"); /* trim off prefix */ - printf("led-trigger-id:\""); + printf(" led-trigger-id:\""); /* Escape double quotes and backslashes in the ID */ while (*id != '\0') { if (*id == '"' || *id == '\\') printf("\\"); printf("%c", *id++); } - printf("\" "); + printf("\""); if (led->delay == -1) - printf("led-delay:inf "); + printf(" led-delay:inf"); else - printf("led-delay:%dms ", led->delay); + printf(" led-delay:%dms", led->delay); if (led->always_blink) - printf("led-always-blink "); + printf(" led-always-blink"); } static void LED_save(const void *ip, const struct xt_entry_target *target) @@ -114,24 +114,24 @@ static void LED_save(const void *ip, const struct xt_entry_target *target) const struct xt_led_info *led = (void *)target->data; const char *id = led->id + strlen("netfilter-"); /* trim off prefix */ - printf("--led-trigger-id \""); + printf(" --led-trigger-id \""); /* Escape double quotes and backslashes in the ID */ while (*id != '\0') { if (*id == '"' || *id == '\\') printf("\\"); printf("%c", *id++); } - printf("\" "); + printf("\""); /* Only print the delay if it's not zero (the default) */ if (led->delay > 0) - printf("--led-delay %d ", led->delay); + printf(" --led-delay %d", led->delay); else if (led->delay == -1) - printf("--led-delay inf "); + printf(" --led-delay inf"); /* Only print always_blink if it's not set to the default */ if (led->always_blink) - printf("--led-always-blink "); + printf(" --led-always-blink"); } static struct xtables_target led_tg_reg = { diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c index cbb18bad..885cf2f2 100644 --- a/extensions/libxt_MARK.c +++ b/extensions/libxt_MARK.c @@ -205,7 +205,7 @@ static void mark_tg_check(unsigned int flags) static void print_mark(unsigned long mark) { - printf("0x%lx ", mark); + printf(" 0x%lx", mark); } static void MARK_print_v0(const void *ip, @@ -213,7 +213,7 @@ static void MARK_print_v0(const void *ip, { const struct xt_mark_target_info *markinfo = (const struct xt_mark_target_info *)target->data; - printf("MARK set "); + printf(" MARK set"); print_mark(markinfo->mark); } @@ -222,7 +222,7 @@ static void MARK_save_v0(const void *ip, const struct xt_entry_target *target) const struct xt_mark_target_info *markinfo = (const struct xt_mark_target_info *)target->data; - printf("--set-mark "); + printf(" --set-mark"); print_mark(markinfo->mark); } @@ -234,13 +234,13 @@ static void MARK_print_v1(const void *ip, const struct xt_entry_target *target, switch (markinfo->mode) { case XT_MARK_SET: - printf("MARK set "); + printf(" MARK set"); break; case XT_MARK_AND: - printf("MARK and "); + printf(" MARK and"); break; case XT_MARK_OR: - printf("MARK or "); + printf(" MARK or"); break; } print_mark(markinfo->mark); @@ -252,15 +252,15 @@ static void mark_tg_print(const void *ip, const struct xt_entry_target *target, const struct xt_mark_tginfo2 *info = (const void *)target->data; if (info->mark == 0) - printf("MARK and 0x%x ", (unsigned int)(uint32_t)~info->mask); + printf(" MARK and 0x%x", (unsigned int)(uint32_t)~info->mask); else if (info->mark == info->mask) - printf("MARK or 0x%x ", info->mark); + printf(" MARK or 0x%x", info->mark); else if (info->mask == 0) - printf("MARK xor 0x%x ", info->mark); + printf(" MARK xor 0x%x", info->mark); else if (info->mask == 0xffffffffU) - printf("MARK set 0x%x ", info->mark); + printf(" MARK set 0x%x", info->mark); else - printf("MARK xset 0x%x/0x%x ", info->mark, info->mask); + printf(" MARK xset 0x%x/0x%x", info->mark, info->mask); } static void MARK_save_v1(const void *ip, const struct xt_entry_target *target) @@ -270,13 +270,13 @@ static void MARK_save_v1(const void *ip, const struct xt_entry_target *target) switch (markinfo->mode) { case XT_MARK_SET: - printf("--set-mark "); + printf(" --set-mark"); break; case XT_MARK_AND: - printf("--and-mark "); + printf(" --and-mark"); break; case XT_MARK_OR: - printf("--or-mark "); + printf(" --or-mark"); break; } print_mark(markinfo->mark); @@ -286,7 +286,7 @@ static void mark_tg_save(const void *ip, const struct xt_entry_target *target) { const struct xt_mark_tginfo2 *info = (const void *)target->data; - printf("--set-xmark 0x%x/0x%x ", info->mark, info->mask); + printf(" --set-xmark 0x%x/0x%x", info->mark, info->mask); } static struct xtables_target mark_tg_reg[] = { diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c index 2da5d641..b4fdc482 100644 --- a/extensions/libxt_NFLOG.c +++ b/extensions/libxt_NFLOG.c @@ -111,15 +111,15 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags, static void nflog_print(const struct xt_nflog_info *info, char *prefix) { if (info->prefix[0] != '\0') { - printf("%snflog-prefix ", prefix); + printf(" %snflog-prefix ", prefix); xtables_save_string(info->prefix); } if (info->group) - printf("%snflog-group %u ", prefix, info->group); + printf(" %snflog-group %u", prefix, info->group); if (info->len) - printf("%snflog-range %u ", prefix, info->len); + printf(" %snflog-range %u", prefix, info->len); if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD) - printf("%snflog-threshold %u ", prefix, info->threshold); + printf(" %snflog-threshold %u", prefix, info->threshold); } static void NFLOG_print(const void *ip, const struct xt_entry_target *target, diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c index 6c448425..7f2aab16 100644 --- a/extensions/libxt_NFQUEUE.c +++ b/extensions/libxt_NFQUEUE.c @@ -142,7 +142,7 @@ static void NFQUEUE_print(const void *ip, { const struct xt_NFQ_info *tinfo = (const struct xt_NFQ_info *)target->data; - printf("NFQUEUE num %u", tinfo->queuenum); + printf(" NFQUEUE num %u", tinfo->queuenum); } static void NFQUEUE_print_v1(const void *ip, @@ -153,9 +153,9 @@ static void NFQUEUE_print_v1(const void *ip, if (last > 1) { last += tinfo->queuenum - 1; - printf("NFQUEUE balance %u:%u", tinfo->queuenum, last); + printf(" NFQUEUE balance %u:%u", tinfo->queuenum, last); } else { - printf("NFQUEUE num %u", tinfo->queuenum); + printf(" NFQUEUE num %u", tinfo->queuenum); } } @@ -174,7 +174,7 @@ static void NFQUEUE_save(const void *ip, const struct xt_entry_target *target) const struct xt_NFQ_info *tinfo = (const struct xt_NFQ_info *)target->data; - printf("--queue-num %u ", tinfo->queuenum); + printf(" --queue-num %u", tinfo->queuenum); } static void NFQUEUE_save_v1(const void *ip, const struct xt_entry_target *target) @@ -184,9 +184,9 @@ static void NFQUEUE_save_v1(const void *ip, const struct xt_entry_target *target if (last > 1) { last += tinfo->queuenum - 1; - printf("--queue-balance %u:%u ", tinfo->queuenum, last); + printf(" --queue-balance %u:%u", tinfo->queuenum, last); } else { - printf("--queue-num %u ", tinfo->queuenum); + printf(" --queue-num %u", tinfo->queuenum); } } diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c index 173fee36..eb3cdd95 100644 --- a/extensions/libxt_RATEEST.c +++ b/extensions/libxt_RATEEST.c @@ -75,11 +75,11 @@ RATEEST_print_time(unsigned int time) double tmp = time; if (tmp >= TIME_UNITS_PER_SEC) - printf("%.1fs ", tmp/TIME_UNITS_PER_SEC); + printf(" %.1fs", tmp / TIME_UNITS_PER_SEC); else if (tmp >= TIME_UNITS_PER_SEC/1000) - printf("%.1fms ", tmp/(TIME_UNITS_PER_SEC/1000)); + printf(" %.1fms", tmp / (TIME_UNITS_PER_SEC / 1000)); else - printf("%uus ", time); + printf(" %uus", time); } static void @@ -179,10 +179,10 @@ __RATEEST_print(const struct xt_entry_target *target, const char *prefix) local_interval = (TIME_UNITS_PER_SEC << (info->interval + 2)) / 4; local_ewma_log = local_interval * (1 << (info->ewma_log)); - printf("%sname %s ", prefix, info->name); - printf("%sinterval ", prefix); + printf(" %sname %s", prefix, info->name); + printf(" %sinterval", prefix); RATEEST_print_time(local_interval); - printf("%sewmalog ", prefix); + printf(" %sewmalog", prefix); RATEEST_print_time(local_ewma_log); } diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c index b800d4a4..5ad84866 100644 --- a/extensions/libxt_SECMARK.c +++ b/extensions/libxt_SECMARK.c @@ -64,7 +64,7 @@ static void print_secmark(const struct xt_secmark_target_info *info) { switch (info->mode) { case SECMARK_MODE_SEL: - printf("selctx %s ", info->secctx); + printf("selctx %s", info->secctx); break; default: @@ -78,7 +78,7 @@ static void SECMARK_print(const void *ip, const struct xt_entry_target *target, const struct xt_secmark_target_info *info = (struct xt_secmark_target_info*)(target)->data; - printf("SECMARK "); + printf(" SECMARK "); print_secmark(info); } @@ -87,7 +87,7 @@ static void SECMARK_save(const void *ip, const struct xt_entry_target *target) const struct xt_secmark_target_info *info = (struct xt_secmark_target_info*)target->data; - printf("--"); + printf(" --"); print_secmark(info); } diff --git a/extensions/libxt_SET.c b/extensions/libxt_SET.c index 37da6ec1..2f915bcd 100644 --- a/extensions/libxt_SET.c +++ b/extensions/libxt_SET.c @@ -115,7 +115,7 @@ print_target_v0(const char *prefix, const struct xt_set_info_v0 *info) if (info->index == IPSET_INVALID_ID) return; get_set_byid(setname, info->index); - printf("%s %s", prefix, setname); + printf(" %s %s", prefix, setname); for (i = 0; i < IPSET_DIM_MAX; i++) { if (!info->u.flags[i]) break; @@ -123,7 +123,6 @@ print_target_v0(const char *prefix, const struct xt_set_info_v0 *info) i == 0 ? " " : ",", info->u.flags[i] & IPSET_SRC ? "src" : "dst"); } - printf(" "); } static void @@ -214,13 +213,12 @@ print_target(const char *prefix, const struct xt_set_info *info) if (info->index == IPSET_INVALID_ID) return; get_set_byid(setname, info->index); - printf("%s %s", prefix, setname); + printf(" %s %s", prefix, setname); for (i = 1; i <= info->dim; i++) { printf("%s%s", i == 1 ? " " : ",", info->flags & (1 << i) ? "src" : "dst"); } - printf(" "); } static void diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c index 1468deeb..e15e87a8 100644 --- a/extensions/libxt_TCPMSS.c +++ b/extensions/libxt_TCPMSS.c @@ -101,9 +101,9 @@ static void TCPMSS_print(const void *ip, const struct xt_entry_target *target, const struct xt_tcpmss_info *mssinfo = (const struct xt_tcpmss_info *)target->data; if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU) - printf("TCPMSS clamp to PMTU "); + printf(" TCPMSS clamp to PMTU"); else - printf("TCPMSS set %u ", mssinfo->mss); + printf(" TCPMSS set %u", mssinfo->mss); } static void TCPMSS_save(const void *ip, const struct xt_entry_target *target) @@ -112,9 +112,9 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target) (const struct xt_tcpmss_info *)target->data; if(mssinfo->mss == XT_TCPMSS_CLAMP_PMTU) - printf("--clamp-mss-to-pmtu "); + printf(" --clamp-mss-to-pmtu"); else - printf("--set-mss %u ", mssinfo->mss); + printf(" --set-mss %u", mssinfo->mss); } static struct xtables_target tcpmss_target = { diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c index 66ab46d2..34f3562b 100644 --- a/extensions/libxt_TCPOPTSTRIP.c +++ b/extensions/libxt_TCPOPTSTRIP.c @@ -163,7 +163,7 @@ tcpoptstrip_tg_print(const void *ip, const struct xt_entry_target *target, const struct xt_tcpoptstrip_target_info *info = (const void *)target->data; - printf("TCPOPTSTRIP options "); + printf(" TCPOPTSTRIP options "); tcpoptstrip_print_list(info, numeric); } @@ -173,7 +173,7 @@ tcpoptstrip_tg_save(const void *ip, const struct xt_entry_target *target) const struct xt_tcpoptstrip_target_info *info = (const void *)target->data; - printf("--strip-options "); + printf(" --strip-options "); tcpoptstrip_print_list(info, true); } diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c index e4c0607e..00a4de67 100644 --- a/extensions/libxt_TEE.c +++ b/extensions/libxt_TEE.c @@ -127,11 +127,11 @@ static void tee_tg_print(const void *ip, const struct xt_entry_target *target, const struct xt_tee_tginfo *info = (const void *)target->data; if (numeric) - printf("TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in)); + printf(" TEE gw:%s", xtables_ipaddr_to_numeric(&info->gw.in)); else - printf("TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in)); + printf(" TEE gw:%s", xtables_ipaddr_to_anyname(&info->gw.in)); if (*info->oif != '\0') - printf("oif=%s ", info->oif); + printf(" oif=%s", info->oif); } static void tee_tg6_print(const void *ip, const struct xt_entry_target *target, @@ -140,29 +140,29 @@ static void tee_tg6_print(const void *ip, const struct xt_entry_target *target, const struct xt_tee_tginfo *info = (const void *)target->data; if (numeric) - printf("TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6)); + printf(" TEE gw:%s", xtables_ip6addr_to_numeric(&info->gw.in6)); else - printf("TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6)); + printf(" TEE gw:%s", xtables_ip6addr_to_anyname(&info->gw.in6)); if (*info->oif != '\0') - printf("oif=%s ", info->oif); + printf(" oif=%s", info->oif); } static void tee_tg_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tee_tginfo *info = (const void *)target->data; - printf("--gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in)); + printf(" --gateway %s", xtables_ipaddr_to_numeric(&info->gw.in)); if (*info->oif != '\0') - printf("--oif %s ", info->oif); + printf(" --oif %s", info->oif); } static void tee_tg6_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tee_tginfo *info = (const void *)target->data; - printf("--gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6)); + printf(" --gateway %s", xtables_ip6addr_to_numeric(&info->gw.in6)); if (*info->oif != '\0') - printf("--oif %s ", info->oif); + printf(" --oif %s", info->oif); } static struct xtables_target tee_tg_reg = { diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c index 29bc6937..58ff2fc7 100644 --- a/extensions/libxt_TOS.c +++ b/extensions/libxt_TOS.c @@ -163,9 +163,9 @@ static void tos_tg_print_v0(const void *ip, { const struct ipt_tos_target_info *info = (const void *)target->data; - printf("TOS set "); + printf(" TOS set "); if (numeric || !tos_try_print_symbolic("", info->tos, 0xFF)) - printf("0x%02x ", info->tos); + printf("0x%02x", info->tos); } static void tos_tg_print(const void *ip, const struct xt_entry_target *target, @@ -174,21 +174,21 @@ static void tos_tg_print(const void *ip, const struct xt_entry_target *target, const struct xt_tos_target_info *info = (const void *)target->data; if (numeric) - printf("TOS set 0x%02x/0x%02x ", + printf(" TOS set 0x%02x/0x%02x", info->tos_value, info->tos_mask); - else if (tos_try_print_symbolic("TOS set ", + else if (tos_try_print_symbolic(" TOS set", info->tos_value, info->tos_mask)) /* already printed by call */ return; else if (info->tos_value == 0) - printf("TOS and 0x%02x ", + printf(" TOS and 0x%02x", (unsigned int)(uint8_t)~info->tos_mask); else if (info->tos_value == info->tos_mask) - printf("TOS or 0x%02x ", info->tos_value); + printf(" TOS or 0x%02x", info->tos_value); else if (info->tos_mask == 0) - printf("TOS xor 0x%02x ", info->tos_value); + printf(" TOS xor 0x%02x", info->tos_value); else - printf("TOS set 0x%02x/0x%02x ", + printf(" TOS set 0x%02x/0x%02x", info->tos_value, info->tos_mask); } @@ -196,14 +196,14 @@ static void tos_tg_save_v0(const void *ip, const struct xt_entry_target *target) { const struct ipt_tos_target_info *info = (const void *)target->data; - printf("--set-tos 0x%02x ", info->tos); + printf(" --set-tos 0x%02x", info->tos); } static void tos_tg_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tos_target_info *info = (const void *)target->data; - printf("--set-tos 0x%02x/0x%02x ", info->tos_value, info->tos_mask); + printf(" --set-tos 0x%02x/0x%02x", info->tos_value, info->tos_mask); } static struct xtables_target tos_tg_reg[] = { diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c index 26419f5d..890dd866 100644 --- a/extensions/libxt_TPROXY.c +++ b/extensions/libxt_TPROXY.c @@ -169,7 +169,7 @@ static void tproxy_tg_print(const void *ip, const struct xt_entry_target *target int numeric) { const struct xt_tproxy_target_info *info = (const void *)target->data; - printf("TPROXY redirect %s:%u mark 0x%x/0x%x", + printf(" TPROXY redirect %s:%u mark 0x%x/0x%x", xtables_ipaddr_to_numeric((const struct in_addr *)&info->laddr), ntohs(info->lport), (unsigned int)info->mark_value, (unsigned int)info->mark_mask); @@ -182,7 +182,7 @@ tproxy_tg_print4(const void *ip, const struct xt_entry_target *target, const struct xt_tproxy_target_info_v1 *info = (const void *)target->data; - printf("TPROXY redirect %s:%u mark 0x%x/0x%x", + printf(" TPROXY redirect %s:%u mark 0x%x/0x%x", xtables_ipaddr_to_numeric(&info->laddr.in), ntohs(info->lport), (unsigned int)info->mark_value, (unsigned int)info->mark_mask); @@ -195,7 +195,7 @@ tproxy_tg_print6(const void *ip, const struct xt_entry_target *target, const struct xt_tproxy_target_info_v1 *info = (const void *)target->data; - printf("TPROXY redirect %s:%u mark 0x%x/0x%x", + printf(" TPROXY redirect %s:%u mark 0x%x/0x%x", xtables_ip6addr_to_numeric(&info->laddr.in6), ntohs(info->lport), (unsigned int)info->mark_value, (unsigned int)info->mark_mask); @@ -205,10 +205,10 @@ static void tproxy_tg_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tproxy_target_info *info = (const void *)target->data; - printf("--on-port %u ", ntohs(info->lport)); - printf("--on-ip %s ", + printf(" --on-port %u", ntohs(info->lport)); + printf(" --on-ip %s", xtables_ipaddr_to_numeric((const struct in_addr *)&info->laddr)); - printf("--tproxy-mark 0x%x/0x%x ", + printf(" --tproxy-mark 0x%x/0x%x", (unsigned int)info->mark_value, (unsigned int)info->mark_mask); } @@ -218,9 +218,9 @@ tproxy_tg_save4(const void *ip, const struct xt_entry_target *target) const struct xt_tproxy_target_info_v1 *info; info = (const void *)target->data; - printf("--on-port %u ", ntohs(info->lport)); - printf("--on-ip %s ", xtables_ipaddr_to_numeric(&info->laddr.in)); - printf("--tproxy-mark 0x%x/0x%x ", + printf(" --on-port %u", ntohs(info->lport)); + printf(" --on-ip %s", xtables_ipaddr_to_numeric(&info->laddr.in)); + printf(" --tproxy-mark 0x%x/0x%x", (unsigned int)info->mark_value, (unsigned int)info->mark_mask); } @@ -230,9 +230,9 @@ tproxy_tg_save6(const void *ip, const struct xt_entry_target *target) const struct xt_tproxy_target_info_v1 *info; info = (const void *)target->data; - printf("--on-port %u ", ntohs(info->lport)); - printf("--on-ip %s ", xtables_ip6addr_to_numeric(&info->laddr.in6)); - printf("--tproxy-mark 0x%x/0x%x ", + printf(" --on-port %u", ntohs(info->lport)); + printf(" --on-ip %s", xtables_ip6addr_to_numeric(&info->laddr.in6)); + printf(" --tproxy-mark 0x%x/0x%x", (unsigned int)info->mark_value, (unsigned int)info->mark_mask); } diff --git a/extensions/libxt_cluster.c b/extensions/libxt_cluster.c index c94741fc..edc14d36 100644 --- a/extensions/libxt_cluster.c +++ b/extensions/libxt_cluster.c @@ -193,13 +193,13 @@ cluster_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_cluster_match_info *info = (void *)match->data; - printf("cluster "); + printf(" cluster "); if (info->flags & XT_CLUSTER_F_INV) - printf("!node_mask=0x%08x ", info->node_mask); + printf("!node_mask=0x%08x", info->node_mask); else - printf("node_mask=0x%08x ", info->node_mask); + printf("node_mask=0x%08x", info->node_mask); - printf("total_nodes=%u hash_seed=0x%08x ", + printf(" total_nodes=%u hash_seed=0x%08x", info->total_nodes, info->hash_seed); } @@ -209,11 +209,11 @@ cluster_save(const void *ip, const struct xt_entry_match *match) const struct xt_cluster_match_info *info = (void *)match->data; if (info->flags & XT_CLUSTER_F_INV) - printf("! --cluster-local-nodemask 0x%08x ", info->node_mask); + printf(" ! --cluster-local-nodemask 0x%08x", info->node_mask); else - printf("--cluster-local-nodemask 0x%08x ", info->node_mask); + printf(" --cluster-local-nodemask 0x%08x", info->node_mask); - printf("--cluster-total-nodes %u --cluster-hash-seed 0x%08x ", + printf(" --cluster-total-nodes %u --cluster-hash-seed 0x%08x", info->total_nodes, info->hash_seed); } diff --git a/extensions/libxt_comment.c b/extensions/libxt_comment.c index bfdccb27..c10a2540 100644 --- a/extensions/libxt_comment.c +++ b/extensions/libxt_comment.c @@ -72,7 +72,7 @@ comment_print(const void *ip, const struct xt_entry_match *match, int numeric) struct xt_comment_info *commentinfo = (void *)match->data; commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; - printf("/* %s */ ", commentinfo->comment); + printf(" /* %s */", commentinfo->comment); } /* Saves the union ipt_matchinfo in parsable form to stdout. */ @@ -82,7 +82,7 @@ comment_save(const void *ip, const struct xt_entry_match *match) struct xt_comment_info *commentinfo = (void *)match->data; commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0'; - printf("--comment "); + printf(" --comment"); xtables_save_string(commentinfo->comment); } diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c index 7c96c321..1d3391ae 100644 --- a/extensions/libxt_connbytes.c +++ b/extensions/libxt_connbytes.c @@ -105,16 +105,16 @@ static void print_mode(const struct xt_connbytes_info *sinfo) { switch (sinfo->what) { case XT_CONNBYTES_PKTS: - fputs("packets ", stdout); + fputs(" packets", stdout); break; case XT_CONNBYTES_BYTES: - fputs("bytes ", stdout); + fputs(" bytes", stdout); break; case XT_CONNBYTES_AVGPKT: - fputs("avgpkt ", stdout); + fputs(" avgpkt", stdout); break; default: - fputs("unknown ", stdout); + fputs(" unknown", stdout); break; } } @@ -123,16 +123,16 @@ static void print_direction(const struct xt_connbytes_info *sinfo) { switch (sinfo->direction) { case XT_CONNBYTES_DIR_ORIGINAL: - fputs("original ", stdout); + fputs(" original", stdout); break; case XT_CONNBYTES_DIR_REPLY: - fputs("reply ", stdout); + fputs(" reply", stdout); break; case XT_CONNBYTES_DIR_BOTH: - fputs("both ", stdout); + fputs(" both", stdout); break; default: - fputs("unknown ", stdout); + fputs(" unknown", stdout); break; } } @@ -143,18 +143,18 @@ connbytes_print(const void *ip, const struct xt_entry_match *match, int numeric) const struct xt_connbytes_info *sinfo = (const void *)match->data; if (sinfo->count.from > sinfo->count.to) - printf("connbytes ! %llu:%llu ", + printf(" connbytes ! %llu:%llu", (unsigned long long)sinfo->count.to, (unsigned long long)sinfo->count.from); else - printf("connbytes %llu:%llu ", + printf(" connbytes %llu:%llu", (unsigned long long)sinfo->count.from, (unsigned long long)sinfo->count.to); - fputs("connbytes mode ", stdout); + fputs(" connbytes mode", stdout); print_mode(sinfo); - fputs("connbytes direction ", stdout); + fputs(" connbytes direction", stdout); print_direction(sinfo); } @@ -163,18 +163,18 @@ static void connbytes_save(const void *ip, const struct xt_entry_match *match) const struct xt_connbytes_info *sinfo = (const void *)match->data; if (sinfo->count.from > sinfo->count.to) - printf("! --connbytes %llu:%llu ", + printf(" ! --connbytes %llu:%llu", (unsigned long long)sinfo->count.to, (unsigned long long)sinfo->count.from); else - printf("--connbytes %llu:%llu ", + printf(" --connbytes %llu:%llu", (unsigned long long)sinfo->count.from, (unsigned long long)sinfo->count.to); - fputs("--connbytes-mode ", stdout); + fputs(" --connbytes-mode", stdout); print_mode(sinfo); - fputs("--connbytes-dir ", stdout); + fputs(" --connbytes-dir", stdout); print_direction(sinfo); } diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c index 75eadf97..badf68c0 100644 --- a/extensions/libxt_connlimit.c +++ b/extensions/libxt_connlimit.c @@ -176,7 +176,7 @@ static void connlimit_print4(const void *ip, { const struct xt_connlimit_info *info = (const void *)match->data; - printf("#conn %s/%u %s %u ", + printf(" #conn %s/%u %s %u", (info->flags & XT_CONNLIMIT_DADDR) ? "dst" : "src", count_bits4(info->v4_mask), (info->flags & XT_CONNLIMIT_INVERT) ? "<=" : ">", info->limit); @@ -187,7 +187,7 @@ static void connlimit_print6(const void *ip, { const struct xt_connlimit_info *info = (const void *)match->data; - printf("#conn %s/%u %s %u ", + printf(" #conn %s/%u %s %u", (info->flags & XT_CONNLIMIT_DADDR) ? "dst" : "src", count_bits6(info->v6_mask), (info->flags & XT_CONNLIMIT_INVERT) ? "<=" : ">", info->limit); @@ -199,15 +199,15 @@ static void connlimit_save4(const void *ip, const struct xt_entry_match *match) const int revision = match->u.user.revision; if (info->flags & XT_CONNLIMIT_INVERT) - printf("--connlimit-upto %u ", info->limit); + printf(" --connlimit-upto %u", info->limit); else - printf("--connlimit-above %u ", info->limit); - printf("--connlimit-mask %u ", count_bits4(info->v4_mask)); + printf(" --connlimit-above %u", info->limit); + printf(" --connlimit-mask %u", count_bits4(info->v4_mask)); if (revision >= 1) { if (info->flags & XT_CONNLIMIT_DADDR) - printf("--connlimit-daddr "); + printf(" --connlimit-daddr"); else - printf("--connlimit-saddr "); + printf(" --connlimit-saddr"); } } @@ -217,15 +217,15 @@ static void connlimit_save6(const void *ip, const struct xt_entry_match *match) const int revision = match->u.user.revision; if (info->flags & XT_CONNLIMIT_INVERT) - printf("--connlimit-upto %u ", info->limit); + printf(" --connlimit-upto %u", info->limit); else - printf("--connlimit-above %u ", info->limit); - printf("--connlimit-mask %u ", count_bits6(info->v6_mask)); + printf(" --connlimit-above %u", info->limit); + printf(" --connlimit-mask %u", count_bits6(info->v6_mask)); if (revision >= 1) { if (info->flags & XT_CONNLIMIT_DADDR) - printf("--connlimit-daddr "); + printf(" --connlimit-daddr"); else - printf("--connlimit-saddr "); + printf(" --connlimit-saddr"); } } diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c index 4cc59acd..a0e89fe7 100644 --- a/extensions/libxt_connmark.c +++ b/extensions/libxt_connmark.c @@ -109,9 +109,9 @@ connmark_parse(int c, char **argv, int invert, unsigned int *flags, static void print_mark(unsigned int mark, unsigned int mask) { if (mask != 0xffffffffU) - printf("0x%x/0x%x ", mark, mask); + printf(" 0x%x/0x%x", mark, mask); else - printf("0x%x ", mark); + printf(" 0x%x", mark); } static void connmark_mt_check(unsigned int flags) @@ -126,7 +126,7 @@ connmark_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_connmark_info *info = (const void *)match->data; - printf("CONNMARK match "); + printf(" CONNMARK match "); if (info->invert) printf("!"); print_mark(info->mark, info->mask); @@ -137,7 +137,7 @@ connmark_mt_print(const void *ip, const struct xt_entry_match *match, int numeri { const struct xt_connmark_mtinfo1 *info = (const void *)match->data; - printf("connmark match "); + printf(" connmark match "); if (info->invert) printf("!"); print_mark(info->mark, info->mask); @@ -148,9 +148,9 @@ static void connmark_save(const void *ip, const struct xt_entry_match *match) const struct xt_connmark_info *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mark "); + printf(" --mark"); print_mark(info->mark, info->mask); } @@ -160,9 +160,9 @@ connmark_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_connmark_mtinfo1 *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mark "); + printf(" --mark"); print_mark(info->mark, info->mask); } diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c index 8d8e1b23..8312d042 100644 --- a/extensions/libxt_conntrack.c +++ b/extensions/libxt_conntrack.c @@ -820,7 +820,7 @@ static void conntrack_mt_check(unsigned int flags) static void print_state(unsigned int statemask) { - const char *sep = ""; + const char *sep = " "; if (statemask & XT_CONNTRACK_STATE_INVALID) { printf("%sINVALID", sep); @@ -850,13 +850,12 @@ print_state(unsigned int statemask) printf("%sDNAT", sep); sep = ","; } - printf(" "); } static void print_status(unsigned int statusmask) { - const char *sep = ""; + const char *sep = " "; if (statusmask & IPS_EXPECTED) { printf("%sEXPECTED", sep); @@ -876,7 +875,6 @@ print_status(unsigned int statusmask) } if (statusmask == 0) printf("%sNONE", sep); - printf(" "); } static void @@ -886,29 +884,29 @@ conntrack_dump_addr(const union nf_inet_addr *addr, { if (family == NFPROTO_IPV4) { if (!numeric && addr->ip == 0) { - printf("anywhere "); + printf(" anywhere"); return; } if (numeric) - printf("%s%s ", + printf(" %s%s", xtables_ipaddr_to_numeric(&addr->in), xtables_ipmask_to_numeric(&mask->in)); else - printf("%s%s ", + printf(" %s%s", xtables_ipaddr_to_anyname(&addr->in), xtables_ipmask_to_numeric(&mask->in)); } else if (family == NFPROTO_IPV6) { if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 && addr->ip6[2] == 0 && addr->ip6[3] == 0) { - printf("anywhere "); + printf(" anywhere"); return; } if (numeric) - printf("%s%s ", + printf(" %s%s", xtables_ip6addr_to_numeric(&addr->in6), xtables_ip6mask_to_numeric(&mask->in6)); else - printf("%s%s ", + printf(" %s%s", xtables_ip6addr_to_anyname(&addr->in6), xtables_ip6mask_to_numeric(&mask->in6)); } @@ -921,17 +919,17 @@ print_addr(const struct in_addr *addr, const struct in_addr *mask, char buf[BUFSIZ]; if (inv) - printf("! "); + printf(" !"); if (mask->s_addr == 0L && !numeric) - printf("%s ", "anywhere"); + printf(" %s", "anywhere"); else { if (numeric) strcpy(buf, xtables_ipaddr_to_numeric(addr)); else strcpy(buf, xtables_ipaddr_to_anyname(addr)); strcat(buf, xtables_ipmask_to_numeric(mask)); - printf("%s ", buf); + printf(" %s", buf); } } @@ -942,22 +940,22 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, if(sinfo->flags & XT_CONNTRACK_STATE) { if (sinfo->invflags & XT_CONNTRACK_STATE) - printf("! "); - printf("%sctstate ", optpfx); + printf(" !"); + printf(" %sctstate", optpfx); print_state(sinfo->statemask); } if(sinfo->flags & XT_CONNTRACK_PROTO) { if (sinfo->invflags & XT_CONNTRACK_PROTO) - printf("! "); - printf("%sctproto ", optpfx); - printf("%u ", sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum); + printf(" !"); + printf(" %sctproto", optpfx); + printf(" %u", sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum); } if(sinfo->flags & XT_CONNTRACK_ORIGSRC) { if (sinfo->invflags & XT_CONNTRACK_ORIGSRC) - printf("! "); - printf("%sctorigsrc ", optpfx); + printf(" !"); + printf(" %sctorigsrc", optpfx); print_addr( (struct in_addr *)&sinfo->tuple[IP_CT_DIR_ORIGINAL].src.ip, @@ -968,8 +966,8 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, if(sinfo->flags & XT_CONNTRACK_ORIGDST) { if (sinfo->invflags & XT_CONNTRACK_ORIGDST) - printf("! "); - printf("%sctorigdst ", optpfx); + printf(" !"); + printf(" %sctorigdst", optpfx); print_addr( (struct in_addr *)&sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.ip, @@ -980,8 +978,8 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, if(sinfo->flags & XT_CONNTRACK_REPLSRC) { if (sinfo->invflags & XT_CONNTRACK_REPLSRC) - printf("! "); - printf("%sctreplsrc ", optpfx); + printf(" !"); + printf(" %sctreplsrc", optpfx); print_addr( (struct in_addr *)&sinfo->tuple[IP_CT_DIR_REPLY].src.ip, @@ -992,8 +990,8 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, if(sinfo->flags & XT_CONNTRACK_REPLDST) { if (sinfo->invflags & XT_CONNTRACK_REPLDST) - printf("! "); - printf("%sctrepldst ", optpfx); + printf(" !"); + printf(" %sctrepldst", optpfx); print_addr( (struct in_addr *)&sinfo->tuple[IP_CT_DIR_REPLY].dst.ip, @@ -1004,27 +1002,27 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, if(sinfo->flags & XT_CONNTRACK_STATUS) { if (sinfo->invflags & XT_CONNTRACK_STATUS) - printf("! "); - printf("%sctstatus ", optpfx); + printf(" !"); + printf(" %sctstatus", optpfx); print_status(sinfo->statusmask); } if(sinfo->flags & XT_CONNTRACK_EXPIRES) { if (sinfo->invflags & XT_CONNTRACK_EXPIRES) - printf("! "); - printf("%sctexpire ", optpfx); + printf(" !"); + printf(" %sctexpire ", optpfx); if (sinfo->expires_max == sinfo->expires_min) - printf("%lu ", sinfo->expires_min); + printf("%lu", sinfo->expires_min); else - printf("%lu:%lu ", sinfo->expires_min, sinfo->expires_max); + printf("%lu:%lu", sinfo->expires_min, sinfo->expires_max); } if (sinfo->flags & XT_CONNTRACK_DIRECTION) { if (sinfo->invflags & XT_CONNTRACK_DIRECTION) - printf("%sctdir REPLY ", optpfx); + printf(" %sctdir REPLY", optpfx); else - printf("%sctdir ORIGINAL ", optpfx); + printf(" %sctdir ORIGINAL", optpfx); } } @@ -1034,9 +1032,9 @@ conntrack_dump_ports(const char *prefix, const char *opt, u_int16_t port_low, u_int16_t port_high) { if (port_high == 0 || port_low == port_high) - printf("%s%s %u ", prefix, opt, port_low); + printf(" %s%s %u", prefix, opt, port_low); else - printf("%s%s %u:%u ", prefix, opt, port_low, port_high); + printf(" %s%s %u:%u", prefix, opt, port_low, port_high); } static void @@ -1045,52 +1043,52 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix, { if (info->match_flags & XT_CONNTRACK_STATE) { if (info->invert_flags & XT_CONNTRACK_STATE) - printf("! "); - printf("%sctstate ", prefix); + printf(" !"); + printf(" %sctstate", prefix); print_state(info->state_mask); } if (info->match_flags & XT_CONNTRACK_PROTO) { if (info->invert_flags & XT_CONNTRACK_PROTO) - printf("! "); - printf("%sctproto %u ", prefix, info->l4proto); + printf(" !"); + printf(" %sctproto %u", prefix, info->l4proto); } if (info->match_flags & XT_CONNTRACK_ORIGSRC) { if (info->invert_flags & XT_CONNTRACK_ORIGSRC) - printf("! "); - printf("%sctorigsrc ", prefix); + printf(" !"); + printf(" %sctorigsrc", prefix); conntrack_dump_addr(&info->origsrc_addr, &info->origsrc_mask, family, numeric); } if (info->match_flags & XT_CONNTRACK_ORIGDST) { if (info->invert_flags & XT_CONNTRACK_ORIGDST) - printf("! "); - printf("%sctorigdst ", prefix); + printf(" !"); + printf(" %sctorigdst", prefix); conntrack_dump_addr(&info->origdst_addr, &info->origdst_mask, family, numeric); } if (info->match_flags & XT_CONNTRACK_REPLSRC) { if (info->invert_flags & XT_CONNTRACK_REPLSRC) - printf("! "); - printf("%sctreplsrc ", prefix); + printf(" !"); + printf(" %sctreplsrc", prefix); conntrack_dump_addr(&info->replsrc_addr, &info->replsrc_mask, family, numeric); } if (info->match_flags & XT_CONNTRACK_REPLDST) { if (info->invert_flags & XT_CONNTRACK_REPLDST) - printf("! "); - printf("%sctrepldst ", prefix); + printf(" !"); + printf(" %sctrepldst", prefix); conntrack_dump_addr(&info->repldst_addr, &info->repldst_mask, family, numeric); } if (info->match_flags & XT_CONNTRACK_ORIGSRC_PORT) { if (info->invert_flags & XT_CONNTRACK_ORIGSRC_PORT) - printf("! "); + printf(" !"); conntrack_dump_ports(prefix, "ctorigsrcport", v3 ? info->origsrc_port : ntohs(info->origsrc_port), v3 ? info->origsrc_port_high : 0); @@ -1098,7 +1096,7 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix, if (info->match_flags & XT_CONNTRACK_ORIGDST_PORT) { if (info->invert_flags & XT_CONNTRACK_ORIGDST_PORT) - printf("! "); + printf(" !"); conntrack_dump_ports(prefix, "ctorigdstport", v3 ? info->origdst_port : ntohs(info->origdst_port), v3 ? info->origdst_port_high : 0); @@ -1106,7 +1104,7 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix, if (info->match_flags & XT_CONNTRACK_REPLSRC_PORT) { if (info->invert_flags & XT_CONNTRACK_REPLSRC_PORT) - printf("! "); + printf(" !"); conntrack_dump_ports(prefix, "ctreplsrcport", v3 ? info->replsrc_port : ntohs(info->replsrc_port), v3 ? info->replsrc_port_high : 0); @@ -1114,7 +1112,7 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix, if (info->match_flags & XT_CONNTRACK_REPLDST_PORT) { if (info->invert_flags & XT_CONNTRACK_REPLDST_PORT) - printf("! "); + printf(" !"); conntrack_dump_ports(prefix, "ctrepldstport", v3 ? info->repldst_port : ntohs(info->repldst_port), v3 ? info->repldst_port_high : 0); @@ -1122,28 +1120,28 @@ conntrack_dump(const struct xt_conntrack_mtinfo3 *info, const char *prefix, if (info->match_flags & XT_CONNTRACK_STATUS) { if (info->invert_flags & XT_CONNTRACK_STATUS) - printf("! "); - printf("%sctstatus ", prefix); + printf(" !"); + printf(" %sctstatus", prefix); print_status(info->status_mask); } if (info->match_flags & XT_CONNTRACK_EXPIRES) { if (info->invert_flags & XT_CONNTRACK_EXPIRES) - printf("! "); - printf("%sctexpire ", prefix); + printf(" !"); + printf(" %sctexpire ", prefix); if (info->expires_max == info->expires_min) - printf("%u ", (unsigned int)info->expires_min); + printf("%u", (unsigned int)info->expires_min); else - printf("%u:%u ", (unsigned int)info->expires_min, + printf("%u:%u", (unsigned int)info->expires_min, (unsigned int)info->expires_max); } if (info->match_flags & XT_CONNTRACK_DIRECTION) { if (info->invert_flags & XT_CONNTRACK_DIRECTION) - printf("%sctdir REPLY ", prefix); + printf(" %sctdir REPLY", prefix); else - printf("%sctdir ORIGINAL ", prefix); + printf(" %sctdir ORIGINAL", prefix); } } diff --git a/extensions/libxt_cpu.c b/extensions/libxt_cpu.c index b4ad4561..77efec7f 100644 --- a/extensions/libxt_cpu.c +++ b/extensions/libxt_cpu.c @@ -66,14 +66,14 @@ cpu_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_cpu_info *info = (void *)match->data; - printf("cpu %s%u ", info->invert ? "! ":"", info->cpu); + printf(" cpu %s%u", info->invert ? "! ":"", info->cpu); } static void cpu_save(const void *ip, const struct xt_entry_match *match) { const struct xt_cpu_info *info = (void *)match->data; - printf("%s--cpu %u ", info->invert ? "! ":"", info->cpu); + printf("%s --cpu %u", info->invert ? " !" : "", info->cpu); } static struct xtables_match cpu_match = { diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c index 7a0e96b5..3b2dc6b8 100644 --- a/extensions/libxt_dccp.c +++ b/extensions/libxt_dccp.c @@ -216,7 +216,7 @@ print_ports(const char *name, uint16_t min, uint16_t max, const char *inv = invert ? "!" : ""; if (min != 0 || max != 0xFFFF || invert) { - printf("%s", name); + printf(" %s", name); if (min == max) { printf(":%s", inv); print_port(min, numeric); @@ -226,7 +226,6 @@ print_ports(const char *name, uint16_t min, uint16_t max, printf(":"); print_port(max, numeric); } - printf(" "); } } @@ -236,8 +235,9 @@ print_types(uint16_t types, int inverted, int numeric) int have_type = 0; if (inverted) - printf("! "); + printf(" !"); + printf(" "); while (types) { unsigned int i; @@ -261,7 +261,7 @@ static void print_option(uint8_t option, int invert, int numeric) { if (option || invert) - printf("option=%s%u ", invert ? "!" : "", option); + printf(" option=%s%u", invert ? "!" : "", option); } static void @@ -270,7 +270,7 @@ dccp_print(const void *ip, const struct xt_entry_match *match, int numeric) const struct xt_dccp_info *einfo = (const struct xt_dccp_info *)match->data; - printf("dccp "); + printf(" dccp"); if (einfo->flags & XT_DCCP_SRC_PORTS) { print_ports("spt", einfo->spts[0], einfo->spts[1], @@ -303,31 +303,31 @@ static void dccp_save(const void *ip, const struct xt_entry_match *match) if (einfo->flags & XT_DCCP_SRC_PORTS) { if (einfo->invflags & XT_DCCP_SRC_PORTS) - printf("! "); + printf(" !"); if (einfo->spts[0] != einfo->spts[1]) - printf("--sport %u:%u ", + printf(" --sport %u:%u", einfo->spts[0], einfo->spts[1]); else - printf("--sport %u ", einfo->spts[0]); + printf(" --sport %u", einfo->spts[0]); } if (einfo->flags & XT_DCCP_DEST_PORTS) { if (einfo->invflags & XT_DCCP_DEST_PORTS) - printf("! "); + printf(" !"); if (einfo->dpts[0] != einfo->dpts[1]) - printf("--dport %u:%u ", + printf(" --dport %u:%u", einfo->dpts[0], einfo->dpts[1]); else - printf("--dport %u ", einfo->dpts[0]); + printf(" --dport %u", einfo->dpts[0]); } if (einfo->flags & XT_DCCP_TYPE) { - printf("--dccp-type "); + printf(" --dccp-type"); print_types(einfo->typemask, einfo->invflags & XT_DCCP_TYPE,0); } if (einfo->flags & XT_DCCP_OPTION) { - printf("--dccp-option %s%u ", + printf(" --dccp-option %s%u", einfo->typemask & XT_DCCP_OPTION ? "! " : "", einfo->option); } diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c index 1d7fadf3..b07f83b0 100644 --- a/extensions/libxt_dscp.c +++ b/extensions/libxt_dscp.c @@ -117,7 +117,7 @@ dscp_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_dscp_info *dinfo = (const struct xt_dscp_info *)match->data; - printf("DSCP match %s0x%02x", dinfo->invert ? "!" : "", dinfo->dscp); + printf(" DSCP match %s0x%02x", dinfo->invert ? "!" : "", dinfo->dscp); } static void dscp_save(const void *ip, const struct xt_entry_match *match) @@ -125,7 +125,7 @@ static void dscp_save(const void *ip, const struct xt_entry_match *match) const struct xt_dscp_info *dinfo = (const struct xt_dscp_info *)match->data; - printf("%s--dscp 0x%02x ", dinfo->invert ? "! " : "", dinfo->dscp); + printf("%s --dscp 0x%02x", dinfo->invert ? " !" : "", dinfo->dscp); } static struct xtables_match dscp_match = { diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c index 82ca3018..17698683 100644 --- a/extensions/libxt_esp.c +++ b/extensions/libxt_esp.c @@ -108,9 +108,9 @@ print_spis(const char *name, uint32_t min, uint32_t max, if (min != 0 || max != 0xFFFFFFFF || invert) { if (min == max) - printf("%s:%s%u ", name, inv, min); + printf(" %s:%s%u", name, inv, min); else - printf("%ss:%s%u:%u ", name, inv, min, max); + printf(" %ss:%s%u:%u", name, inv, min, max); } } @@ -119,11 +119,11 @@ esp_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_esp *esp = (struct xt_esp *)match->data; - printf("esp "); + printf(" esp"); print_spis("spi", esp->spis[0], esp->spis[1], esp->invflags & XT_ESP_INV_SPI); if (esp->invflags & ~XT_ESP_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", esp->invflags & ~XT_ESP_INV_MASK); } @@ -133,15 +133,15 @@ static void esp_save(const void *ip, const struct xt_entry_match *match) if (!(espinfo->spis[0] == 0 && espinfo->spis[1] == 0xFFFFFFFF)) { - printf("%s--espspi ", - (espinfo->invflags & XT_ESP_INV_SPI) ? "! " : ""); + printf("%s --espspi ", + (espinfo->invflags & XT_ESP_INV_SPI) ? " !" : ""); if (espinfo->spis[0] != espinfo->spis[1]) - printf("%u:%u ", + printf("%u:%u", espinfo->spis[0], espinfo->spis[1]); else - printf("%u ", + printf("%u", espinfo->spis[0]); } diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c index 352e5303..d766987e 100644 --- a/extensions/libxt_hashlimit.c +++ b/extensions/libxt_hashlimit.c @@ -488,13 +488,14 @@ static void print_rate(uint32_t period) || rates[i].mult/period < rates[i].mult%period) break; - printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name); + printf(" %u/%s", rates[i-1].mult / period, rates[i-1].name); } static void print_mode(unsigned int mode, char separator) { bool prevmode = false; + putchar(' '); if (mode & XT_HASHLIMIT_HASH_SIP) { fputs("srcip", stdout); prevmode = 1; @@ -516,54 +517,53 @@ static void print_mode(unsigned int mode, char separator) putchar(separator); fputs("dstport", stdout); } - putchar(' '); } static void hashlimit_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_hashlimit_info *r = (const void *)match->data; - fputs("limit: avg ", stdout); print_rate(r->cfg.avg); - printf("burst %u ", r->cfg.burst); - fputs("mode ", stdout); + fputs(" limit: avg", stdout); print_rate(r->cfg.avg); + printf(" burst %u", r->cfg.burst); + fputs(" mode", stdout); print_mode(r->cfg.mode, '-'); if (r->cfg.size) - printf("htable-size %u ", r->cfg.size); + printf(" htable-size %u", r->cfg.size); if (r->cfg.max) - printf("htable-max %u ", r->cfg.max); + printf(" htable-max %u", r->cfg.max); if (r->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL) - printf("htable-gcinterval %u ", r->cfg.gc_interval); + printf(" htable-gcinterval %u", r->cfg.gc_interval); if (r->cfg.expire != XT_HASHLIMIT_EXPIRE) - printf("htable-expire %u ", r->cfg.expire); + printf(" htable-expire %u", r->cfg.expire); } static void hashlimit_mt_print(const struct xt_hashlimit_mtinfo1 *info, unsigned int dmask) { if (info->cfg.mode & XT_HASHLIMIT_INVERT) - fputs("limit: above ", stdout); + fputs(" limit: above", stdout); else - fputs("limit: up to ", stdout); + fputs(" limit: up to", stdout); print_rate(info->cfg.avg); - printf("burst %u ", info->cfg.burst); + printf(" burst %u", info->cfg.burst); if (info->cfg.mode & (XT_HASHLIMIT_HASH_SIP | XT_HASHLIMIT_HASH_SPT | XT_HASHLIMIT_HASH_DIP | XT_HASHLIMIT_HASH_DPT)) { - fputs("mode ", stdout); + fputs(" mode", stdout); print_mode(info->cfg.mode, '-'); } if (info->cfg.size != 0) - printf("htable-size %u ", info->cfg.size); + printf(" htable-size %u", info->cfg.size); if (info->cfg.max != 0) - printf("htable-max %u ", info->cfg.max); + printf(" htable-max %u", info->cfg.max); if (info->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL) - printf("htable-gcinterval %u ", info->cfg.gc_interval); + printf(" htable-gcinterval %u", info->cfg.gc_interval); if (info->cfg.expire != XT_HASHLIMIT_EXPIRE) - printf("htable-expire %u ", info->cfg.expire); + printf(" htable-expire %u", info->cfg.expire); if (info->cfg.srcmask != dmask) - printf("srcmask %u ", info->cfg.srcmask); + printf(" srcmask %u", info->cfg.srcmask); if (info->cfg.dstmask != dmask) - printf("dstmask %u ", info->cfg.dstmask); + printf(" dstmask %u", info->cfg.dstmask); } static void @@ -588,55 +588,55 @@ static void hashlimit_save(const void *ip, const struct xt_entry_match *match) { const struct xt_hashlimit_info *r = (const void *)match->data; - fputs("--hashlimit ", stdout); print_rate(r->cfg.avg); - printf("--hashlimit-burst %u ", r->cfg.burst); + fputs(" --hashlimit", stdout); print_rate(r->cfg.avg); + printf(" --hashlimit-burst %u", r->cfg.burst); - fputs("--hashlimit-mode ", stdout); + fputs(" --hashlimit-mode", stdout); print_mode(r->cfg.mode, ','); - printf("--hashlimit-name %s ", r->name); + printf(" --hashlimit-name %s", r->name); if (r->cfg.size) - printf("--hashlimit-htable-size %u ", r->cfg.size); + printf(" --hashlimit-htable-size %u", r->cfg.size); if (r->cfg.max) - printf("--hashlimit-htable-max %u ", r->cfg.max); + printf(" --hashlimit-htable-max %u", r->cfg.max); if (r->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL) - printf("--hashlimit-htable-gcinterval %u ", r->cfg.gc_interval); + printf(" --hashlimit-htable-gcinterval %u", r->cfg.gc_interval); if (r->cfg.expire != XT_HASHLIMIT_EXPIRE) - printf("--hashlimit-htable-expire %u ", r->cfg.expire); + printf(" --hashlimit-htable-expire %u", r->cfg.expire); } static void hashlimit_mt_save(const struct xt_hashlimit_mtinfo1 *info, unsigned int dmask) { if (info->cfg.mode & XT_HASHLIMIT_INVERT) - fputs("--hashlimit-above ", stdout); + fputs(" --hashlimit-above", stdout); else - fputs("--hashlimit-upto ", stdout); + fputs(" --hashlimit-upto", stdout); print_rate(info->cfg.avg); - printf("--hashlimit-burst %u ", info->cfg.burst); + printf(" --hashlimit-burst %u", info->cfg.burst); if (info->cfg.mode & (XT_HASHLIMIT_HASH_SIP | XT_HASHLIMIT_HASH_SPT | XT_HASHLIMIT_HASH_DIP | XT_HASHLIMIT_HASH_DPT)) { - fputs("--hashlimit-mode ", stdout); + fputs(" --hashlimit-mode", stdout); print_mode(info->cfg.mode, ','); } - printf("--hashlimit-name %s ", info->name); + printf(" --hashlimit-name %s", info->name); if (info->cfg.size != 0) - printf("--hashlimit-htable-size %u ", info->cfg.size); + printf(" --hashlimit-htable-size %u", info->cfg.size); if (info->cfg.max != 0) - printf("--hashlimit-htable-max %u ", info->cfg.max); + printf(" --hashlimit-htable-max %u", info->cfg.max); if (info->cfg.gc_interval != XT_HASHLIMIT_GCINTERVAL) - printf("--hashlimit-htable-gcinterval %u ", info->cfg.gc_interval); + printf(" --hashlimit-htable-gcinterval %u", info->cfg.gc_interval); if (info->cfg.expire != XT_HASHLIMIT_EXPIRE) - printf("--hashlimit-htable-expire %u ", info->cfg.expire); + printf(" --hashlimit-htable-expire %u", info->cfg.expire); if (info->cfg.srcmask != dmask) - printf("--hashlimit-srcmask %u ", info->cfg.srcmask); + printf(" --hashlimit-srcmask %u", info->cfg.srcmask); if (info->cfg.dstmask != dmask) - printf("--hashlimit-dstmask %u ", info->cfg.dstmask); + printf(" --hashlimit-dstmask %u", info->cfg.dstmask); } static void diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c index 3c744c9f..1761b4d9 100644 --- a/extensions/libxt_helper.c +++ b/extensions/libxt_helper.c @@ -55,14 +55,14 @@ helper_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_helper_info *info = (const void *)match->data; - printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name); + printf(" helper match %s\"%s\"", info->invert ? "! " : "", info->name); } static void helper_save(const void *ip, const struct xt_entry_match *match) { const struct xt_helper_info *info = (const void *)match->data; - printf("%s--helper ",info->invert ? "! " : ""); + printf("%s --helper", info->invert ? " !" : ""); xtables_save_string(info->name); } diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c index 2ac2fa4d..2a914165 100644 --- a/extensions/libxt_iprange.c +++ b/extensions/libxt_iprange.c @@ -202,7 +202,7 @@ print_iprange(const struct ipt_iprange *range) byte_min = (const unsigned char *)&range->min_ip; byte_max = (const unsigned char *)&range->max_ip; - printf("%u.%u.%u.%u-%u.%u.%u.%u ", + printf(" %u.%u.%u.%u-%u.%u.%u.%u", byte_min[0], byte_min[1], byte_min[2], byte_min[3], byte_max[0], byte_max[1], byte_max[2], byte_max[3]); } @@ -213,15 +213,15 @@ static void iprange_print(const void *ip, const struct xt_entry_match *match, const struct ipt_iprange_info *info = (const void *)match->data; if (info->flags & IPRANGE_SRC) { - printf("source IP range "); + printf(" source IP range"); if (info->flags & IPRANGE_SRC_INV) - printf("! "); + printf(" !"); print_iprange(&info->src); } if (info->flags & IPRANGE_DST) { - printf("destination IP range "); + printf(" destination IP range"); if (info->flags & IPRANGE_DST_INV) - printf("! "); + printf(" !"); print_iprange(&info->dst); } } @@ -233,22 +233,22 @@ iprange_mt4_print(const void *ip, const struct xt_entry_match *match, const struct xt_iprange_mtinfo *info = (const void *)match->data; if (info->flags & IPRANGE_SRC) { - printf("source IP range "); + printf(" source IP range"); if (info->flags & IPRANGE_SRC_INV) - printf("! "); + printf(" !"); /* * ipaddr_to_numeric() uses a static buffer, so cannot * combine the printf() calls. */ - printf("%s", xtables_ipaddr_to_numeric(&info->src_min.in)); - printf("-%s ", xtables_ipaddr_to_numeric(&info->src_max.in)); + printf(" %s", xtables_ipaddr_to_numeric(&info->src_min.in)); + printf("-%s", xtables_ipaddr_to_numeric(&info->src_max.in)); } if (info->flags & IPRANGE_DST) { - printf("destination IP range "); + printf(" destination IP range"); if (info->flags & IPRANGE_DST_INV) - printf("! "); - printf("%s", xtables_ipaddr_to_numeric(&info->dst_min.in)); - printf("-%s ", xtables_ipaddr_to_numeric(&info->dst_max.in)); + printf(" !"); + printf(" %s", xtables_ipaddr_to_numeric(&info->dst_min.in)); + printf("-%s", xtables_ipaddr_to_numeric(&info->dst_max.in)); } } @@ -259,22 +259,22 @@ iprange_mt6_print(const void *ip, const struct xt_entry_match *match, const struct xt_iprange_mtinfo *info = (const void *)match->data; if (info->flags & IPRANGE_SRC) { - printf("source IP range "); + printf(" source IP range"); if (info->flags & IPRANGE_SRC_INV) - printf("! "); + printf(" !"); /* * ipaddr_to_numeric() uses a static buffer, so cannot * combine the printf() calls. */ - printf("%s", xtables_ip6addr_to_numeric(&info->src_min.in6)); - printf("-%s ", xtables_ip6addr_to_numeric(&info->src_max.in6)); + printf(" %s", xtables_ip6addr_to_numeric(&info->src_min.in6)); + printf("-%s", xtables_ip6addr_to_numeric(&info->src_max.in6)); } if (info->flags & IPRANGE_DST) { - printf("destination IP range "); + printf(" destination IP range"); if (info->flags & IPRANGE_DST_INV) - printf("! "); - printf("%s", xtables_ip6addr_to_numeric(&info->dst_min.in6)); - printf("-%s ", xtables_ip6addr_to_numeric(&info->dst_max.in6)); + printf(" !"); + printf(" %s", xtables_ip6addr_to_numeric(&info->dst_min.in6)); + printf("-%s", xtables_ip6addr_to_numeric(&info->dst_max.in6)); } } @@ -284,16 +284,14 @@ static void iprange_save(const void *ip, const struct xt_entry_match *match) if (info->flags & IPRANGE_SRC) { if (info->flags & IPRANGE_SRC_INV) - printf("! "); - printf("--src-range "); + printf(" !"); + printf(" --src-range"); print_iprange(&info->src); - if (info->flags & IPRANGE_DST) - fputc(' ', stdout); } if (info->flags & IPRANGE_DST) { if (info->flags & IPRANGE_DST_INV) - printf("! "); - printf("--dst-range "); + printf(" !"); + printf(" --dst-range"); print_iprange(&info->dst); } } @@ -304,15 +302,15 @@ static void iprange_mt4_save(const void *ip, const struct xt_entry_match *match) if (info->flags & IPRANGE_SRC) { if (info->flags & IPRANGE_SRC_INV) - printf("! "); - printf("--src-range %s", xtables_ipaddr_to_numeric(&info->src_min.in)); - printf("-%s ", xtables_ipaddr_to_numeric(&info->src_max.in)); + printf(" !"); + printf(" --src-range %s", xtables_ipaddr_to_numeric(&info->src_min.in)); + printf("-%s", xtables_ipaddr_to_numeric(&info->src_max.in)); } if (info->flags & IPRANGE_DST) { if (info->flags & IPRANGE_DST_INV) - printf("! "); - printf("--dst-range %s", xtables_ipaddr_to_numeric(&info->dst_min.in)); - printf("-%s ", xtables_ipaddr_to_numeric(&info->dst_max.in)); + printf(" !"); + printf(" --dst-range %s", xtables_ipaddr_to_numeric(&info->dst_min.in)); + printf("-%s", xtables_ipaddr_to_numeric(&info->dst_max.in)); } } @@ -322,15 +320,15 @@ static void iprange_mt6_save(const void *ip, const struct xt_entry_match *match) if (info->flags & IPRANGE_SRC) { if (info->flags & IPRANGE_SRC_INV) - printf("! "); - printf("--src-range %s", xtables_ip6addr_to_numeric(&info->src_min.in6)); - printf("-%s ", xtables_ip6addr_to_numeric(&info->src_max.in6)); + printf(" !"); + printf(" --src-range %s", xtables_ip6addr_to_numeric(&info->src_min.in6)); + printf("-%s", xtables_ip6addr_to_numeric(&info->src_max.in6)); } if (info->flags & IPRANGE_DST) { if (info->flags & IPRANGE_DST_INV) - printf("! "); - printf("--dst-range %s", xtables_ip6addr_to_numeric(&info->dst_min.in6)); - printf("-%s ", xtables_ip6addr_to_numeric(&info->dst_max.in6)); + printf(" !"); + printf(" --dst-range %s", xtables_ip6addr_to_numeric(&info->dst_min.in6)); + printf("-%s", xtables_ip6addr_to_numeric(&info->dst_max.in6)); } } diff --git a/extensions/libxt_ipvs.c b/extensions/libxt_ipvs.c index 3001417d..89303a11 100644 --- a/extensions/libxt_ipvs.c +++ b/extensions/libxt_ipvs.c @@ -206,7 +206,7 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr, if (family == NFPROTO_IPV4) { if (!numeric && addr->ip == 0) { - printf("anywhere "); + printf(" anywhere"); return; } if (numeric) @@ -214,11 +214,11 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr, else strcpy(buf, xtables_ipaddr_to_anyname(&addr->in)); strcat(buf, xtables_ipmask_to_numeric(&mask->in)); - printf("%s ", buf); + printf(" %s", buf); } else if (family == NFPROTO_IPV6) { if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 && addr->ip6[2] == 0 && addr->ip6[3] == 0) { - printf("anywhere "); + printf(" anywhere"); return; } if (numeric) @@ -226,7 +226,7 @@ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr, else strcpy(buf, xtables_ip6addr_to_anyname(&addr->in6)); strcat(buf, xtables_ip6mask_to_numeric(&mask->in6)); - printf("%s ", buf); + printf(" %s", buf); } } @@ -235,65 +235,65 @@ static void ipvs_mt_dump(const void *ip, const struct xt_ipvs_mtinfo *data, { if (data->bitmask == XT_IPVS_IPVS_PROPERTY) { if (data->invert & XT_IPVS_IPVS_PROPERTY) - printf("! "); - printf("%sipvs ", prefix); + printf(" !"); + printf(" %sipvs", prefix); } if (data->bitmask & XT_IPVS_PROTO) { if (data->invert & XT_IPVS_PROTO) - printf("! "); - printf("%sproto %u ", prefix, data->l4proto); + printf(" !"); + printf(" %sproto %u", prefix, data->l4proto); } if (data->bitmask & XT_IPVS_VADDR) { if (data->invert & XT_IPVS_VADDR) - printf("! "); + printf(" !"); - printf("%svaddr ", prefix); + printf(" %svaddr", prefix); ipvs_mt_dump_addr(&data->vaddr, &data->vmask, family, numeric); } if (data->bitmask & XT_IPVS_VPORT) { if (data->invert & XT_IPVS_VPORT) - printf("! "); + printf(" !"); - printf("%svport %u ", prefix, ntohs(data->vport)); + printf(" %svport %u", prefix, ntohs(data->vport)); } if (data->bitmask & XT_IPVS_DIR) { if (data->invert & XT_IPVS_DIR) - printf("%svdir REPLY ", prefix); + printf(" %svdir REPLY", prefix); else - printf("%svdir ORIGINAL ", prefix); + printf(" %svdir ORIGINAL", prefix); } if (data->bitmask & XT_IPVS_METHOD) { if (data->invert & XT_IPVS_METHOD) - printf("! "); + printf(" !"); - printf("%svmethod ", prefix); + printf(" %svmethod", prefix); switch (data->fwd_method) { case IP_VS_CONN_F_DROUTE: - printf("GATE "); + printf(" GATE"); break; case IP_VS_CONN_F_TUNNEL: - printf("IPIP "); + printf(" IPIP"); break; case IP_VS_CONN_F_MASQ: - printf("MASQ "); + printf(" MASQ"); break; default: /* Hu? */ - printf("UNKNOWN "); + printf(" UNKNOWN"); break; } } if (data->bitmask & XT_IPVS_VPORTCTL) { if (data->invert & XT_IPVS_VPORTCTL) - printf("! "); + printf(" !"); - printf("%svportctl %u ", prefix, ntohs(data->vportctl)); + printf(" %svportctl %u", prefix, ntohs(data->vportctl)); } } diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c index 86ccba07..a12aefef 100644 --- a/extensions/libxt_length.c +++ b/extensions/libxt_length.c @@ -93,22 +93,22 @@ length_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_length_info *info = (void *)match->data; - printf("length %s", info->invert ? "!" : ""); + printf(" length %s", info->invert ? "!" : ""); if (info->min == info->max) - printf("%u ", info->min); + printf("%u", info->min); else - printf("%u:%u ", info->min, info->max); + printf("%u:%u", info->min, info->max); } static void length_save(const void *ip, const struct xt_entry_match *match) { const struct xt_length_info *info = (void *)match->data; - printf("%s--length ", info->invert ? "! " : ""); + printf("%s --length ", info->invert ? " !" : ""); if (info->min == info->max) - printf("%u ", info->min); + printf("%u", info->min); else - printf("%u:%u ", info->min, info->max); + printf("%u:%u", info->min, info->max); } static struct xtables_match length_match = { diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c index a62d1990..c4ba58bb 100644 --- a/extensions/libxt_limit.c +++ b/extensions/libxt_limit.c @@ -134,24 +134,24 @@ static void print_rate(uint32_t period) || rates[i].mult/period < rates[i].mult%period) break; - printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name); + printf(" %u/%s", rates[i-1].mult / period, rates[i-1].name); } static void limit_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_rateinfo *r = (const void *)match->data; - printf("limit: avg "); print_rate(r->avg); - printf("burst %u ", r->burst); + printf(" limit: avg"); print_rate(r->avg); + printf(" burst %u", r->burst); } static void limit_save(const void *ip, const struct xt_entry_match *match) { const struct xt_rateinfo *r = (const void *)match->data; - printf("--limit "); print_rate(r->avg); + printf(" --limit"); print_rate(r->avg); if (r->burst != XT_LIMIT_BURST) - printf("--limit-burst %u ", r->burst); + printf(" --limit-burst %u", r->burst); } static struct xtables_match limit_match = { diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c index 15a7f3c1..d7e65dac 100644 --- a/extensions/libxt_mac.c +++ b/extensions/libxt_mac.c @@ -73,10 +73,9 @@ static void print_mac(const unsigned char macaddress[ETH_ALEN]) { unsigned int i; - printf("%02X", macaddress[0]); + printf(" %02X", macaddress[0]); for (i = 1; i < ETH_ALEN; i++) printf(":%02X", macaddress[i]); - printf(" "); } static void mac_check(unsigned int flags) @@ -90,10 +89,10 @@ static void mac_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_mac_info *info = (void *)match->data; - printf("MAC "); + printf(" MAC"); if (info->invert) - printf("! "); + printf(" !"); print_mac(info->srcaddr); } @@ -103,9 +102,9 @@ static void mac_save(const void *ip, const struct xt_entry_match *match) const struct xt_mac_info *info = (void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mac-source "); + printf(" --mac-source"); print_mac(info->srcaddr); } diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c index 15b08b9a..d3c17277 100644 --- a/extensions/libxt_mark.c +++ b/extensions/libxt_mark.c @@ -86,9 +86,9 @@ mark_parse(int c, char **argv, int invert, unsigned int *flags, static void print_mark(unsigned int mark, unsigned int mask) { if (mask != 0xffffffffU) - printf("0x%x/0x%x ", mark, mask); + printf(" 0x%x/0x%x", mark, mask); else - printf("0x%x ", mark); + printf(" 0x%x", mark); } static void mark_mt_check(unsigned int flags) @@ -103,9 +103,9 @@ mark_mt_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_mark_mtinfo1 *info = (const void *)match->data; - printf("mark match "); + printf(" mark match"); if (info->invert) - printf("!"); + printf(" !"); print_mark(info->mark, info->mask); } @@ -114,10 +114,10 @@ mark_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_mark_info *info = (const void *)match->data; - printf("MARK match "); + printf(" MARK match"); if (info->invert) - printf("!"); + printf(" !"); print_mark(info->mark, info->mask); } @@ -127,9 +127,9 @@ static void mark_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_mark_mtinfo1 *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mark "); + printf(" --mark"); print_mark(info->mark, info->mask); } @@ -139,9 +139,9 @@ mark_save(const void *ip, const struct xt_entry_match *match) const struct xt_mark_info *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); - printf("--mark "); + printf(" --mark"); print_mark(info->mark, info->mask); } diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c index 2f523837..163c7dc5 100644 --- a/extensions/libxt_multiport.c +++ b/extensions/libxt_multiport.c @@ -316,7 +316,7 @@ __multiport_print(const struct xt_entry_match *match, int numeric, = (const struct xt_multiport *)match->data; unsigned int i; - printf("multiport "); + printf(" multiport "); switch (multiinfo->flags) { case XT_MULTIPORT_SOURCE: @@ -340,7 +340,6 @@ __multiport_print(const struct xt_entry_match *match, int numeric, printf("%s", i ? "," : ""); print_port(multiinfo->ports[i], proto, numeric); } - printf(" "); } static void multiport_print(const void *ip_void, @@ -364,7 +363,7 @@ static void __multiport_print_v1(const struct xt_entry_match *match, = (const struct xt_multiport_v1 *)match->data; unsigned int i; - printf("multiport "); + printf(" multiport "); switch (multiinfo->flags) { case XT_MULTIPORT_SOURCE: @@ -385,7 +384,7 @@ static void __multiport_print_v1(const struct xt_entry_match *match, } if (multiinfo->invert) - printf("! "); + printf(" !"); for (i=0; i < multiinfo->count; i++) { printf("%s", i ? "," : ""); @@ -395,7 +394,6 @@ static void __multiport_print_v1(const struct xt_entry_match *match, print_port(multiinfo->ports[++i], proto, numeric); } } - printf(" "); } static void multiport_print_v1(const void *ip_void, @@ -422,15 +420,15 @@ static void __multiport_save(const struct xt_entry_match *match, switch (multiinfo->flags) { case XT_MULTIPORT_SOURCE: - printf("--sports "); + printf(" --sports "); break; case XT_MULTIPORT_DESTINATION: - printf("--dports "); + printf(" --dports "); break; case XT_MULTIPORT_EITHER: - printf("--ports "); + printf(" --ports "); break; } @@ -438,7 +436,6 @@ static void __multiport_save(const struct xt_entry_match *match, printf("%s", i ? "," : ""); print_port(multiinfo->ports[i], proto, 1); } - printf(" "); } static void multiport_save(const void *ip_void, @@ -463,19 +460,19 @@ static void __multiport_save_v1(const struct xt_entry_match *match, unsigned int i; if (multiinfo->invert) - printf("! "); + printf(" !"); switch (multiinfo->flags) { case XT_MULTIPORT_SOURCE: - printf("--sports "); + printf(" --sports "); break; case XT_MULTIPORT_DESTINATION: - printf("--dports "); + printf(" --dports "); break; case XT_MULTIPORT_EITHER: - printf("--ports "); + printf(" --ports "); break; } @@ -487,7 +484,6 @@ static void __multiport_save_v1(const struct xt_entry_match *match, print_port(multiinfo->ports[++i], proto, 1); } } - printf(" "); } static void multiport_save_v1(const void *ip_void, diff --git a/extensions/libxt_osf.c b/extensions/libxt_osf.c index 38c4705e..a97884b9 100644 --- a/extensions/libxt_osf.c +++ b/extensions/libxt_osf.c @@ -123,14 +123,14 @@ static void osf_print(const void *ip, const struct xt_entry_match *match, int nu { const struct xt_osf_info *info = (const struct xt_osf_info*) match->data; - printf("OS fingerprint match %s%s ", (info->flags & XT_OSF_INVERT) ? "! " : "", info->genre); + printf(" OS fingerprint match %s%s", (info->flags & XT_OSF_INVERT) ? "! " : "", info->genre); } static void osf_save(const void *ip, const struct xt_entry_match *match) { const struct xt_osf_info *info = (const struct xt_osf_info*) match->data; - printf("--genre %s%s ", (info->flags & XT_OSF_INVERT) ? "! ": "", info->genre); + printf(" --genre %s%s", (info->flags & XT_OSF_INVERT) ? "! ": "", info->genre); } static struct xtables_match osf_match = { diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index b9b11043..5cc7b7a6 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -358,8 +358,8 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label, if (!(info->match & flag)) return; if (info->invert & flag) - printf("! "); - printf("%s ", label); + printf(" !"); + printf(" %s", label); switch (info->match & flag) { case IPT_OWNER_UID: @@ -367,11 +367,11 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label, struct passwd *pwd = getpwuid(info->uid); if (pwd != NULL && pwd->pw_name != NULL) { - printf("%s ", pwd->pw_name); + printf(" %s", pwd->pw_name); break; } } - printf("%u ", (unsigned int)info->uid); + printf(" %u", (unsigned int)info->uid); break; case IPT_OWNER_GID: @@ -379,24 +379,24 @@ owner_mt_print_item_v0(const struct ipt_owner_info *info, const char *label, struct group *grp = getgrgid(info->gid); if (grp != NULL && grp->gr_name != NULL) { - printf("%s ", grp->gr_name); + printf(" %s", grp->gr_name); break; } } - printf("%u ", (unsigned int)info->gid); + printf(" %u", (unsigned int)info->gid); break; case IPT_OWNER_PID: - printf("%u ", (unsigned int)info->pid); + printf(" %u", (unsigned int)info->pid); break; case IPT_OWNER_SID: - printf("%u ", (unsigned int)info->sid); + printf(" %u", (unsigned int)info->sid); break; #ifdef IPT_OWNER_COMM case IPT_OWNER_COMM: - printf("%.*s ", (int)sizeof(info->comm), info->comm); + printf(" %.*s", (int)sizeof(info->comm), info->comm); break; #endif } @@ -409,8 +409,8 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label, if (!(info->match & flag)) return; if (info->invert & flag) - printf("! "); - printf("%s ", label); + printf(" !"); + printf(" %s", label); switch (info->match & flag) { case IP6T_OWNER_UID: @@ -418,11 +418,11 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label, struct passwd *pwd = getpwuid(info->uid); if (pwd != NULL && pwd->pw_name != NULL) { - printf("%s ", pwd->pw_name); + printf(" %s", pwd->pw_name); break; } } - printf("%u ", (unsigned int)info->uid); + printf(" %u", (unsigned int)info->uid); break; case IP6T_OWNER_GID: @@ -430,19 +430,19 @@ owner_mt6_print_item_v0(const struct ip6t_owner_info *info, const char *label, struct group *grp = getgrgid(info->gid); if (grp != NULL && grp->gr_name != NULL) { - printf("%s ", grp->gr_name); + printf(" %s", grp->gr_name); break; } } - printf("%u ", (unsigned int)info->gid); + printf(" %u", (unsigned int)info->gid); break; case IP6T_OWNER_PID: - printf("%u ", (unsigned int)info->pid); + printf(" %u", (unsigned int)info->pid); break; case IP6T_OWNER_SID: - printf("%u ", (unsigned int)info->sid); + printf(" %u", (unsigned int)info->sid); break; } } @@ -454,40 +454,40 @@ owner_mt_print_item(const struct xt_owner_match_info *info, const char *label, if (!(info->match & flag)) return; if (info->invert & flag) - printf("! "); - printf("%s ", label); + printf(" !"); + printf(" %s", label); switch (info->match & flag) { case XT_OWNER_UID: if (info->uid_min != info->uid_max) { - printf("%u-%u ", (unsigned int)info->uid_min, + printf(" %u-%u", (unsigned int)info->uid_min, (unsigned int)info->uid_max); break; } else if (!numeric) { const struct passwd *pwd = getpwuid(info->uid_min); if (pwd != NULL && pwd->pw_name != NULL) { - printf("%s ", pwd->pw_name); + printf(" %s", pwd->pw_name); break; } } - printf("%u ", (unsigned int)info->uid_min); + printf(" %u", (unsigned int)info->uid_min); break; case XT_OWNER_GID: if (info->gid_min != info->gid_max) { - printf("%u-%u ", (unsigned int)info->gid_min, + printf(" %u-%u", (unsigned int)info->gid_min, (unsigned int)info->gid_max); break; } else if (!numeric) { const struct group *grp = getgrgid(info->gid_min); if (grp != NULL && grp->gr_name != NULL) { - printf("%s ", grp->gr_name); + printf(" %s", grp->gr_name); break; } } - printf("%u ", (unsigned int)info->gid_min); + printf(" %u", (unsigned int)info->gid_min); break; } } diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c index abd182c2..1c0de97d 100644 --- a/extensions/libxt_physdev.c +++ b/extensions/libxt_physdev.c @@ -114,7 +114,7 @@ physdev_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_physdev_info *info = (const void *)match->data; - printf("PHYSDEV match"); + printf(" PHYSDEV match"); if (info->bitmask & XT_PHYSDEV_OP_ISIN) printf("%s --physdev-is-in", info->invert & XT_PHYSDEV_OP_ISIN ? " !":""); @@ -131,7 +131,6 @@ physdev_print(const void *ip, const struct xt_entry_match *match, int numeric) if (info->bitmask & XT_PHYSDEV_OP_BRIDGED) printf("%s --physdev-is-bridged", info->invert & XT_PHYSDEV_OP_BRIDGED ? " !":""); - printf(" "); } static void physdev_save(const void *ip, const struct xt_entry_match *match) @@ -139,23 +138,23 @@ static void physdev_save(const void *ip, const struct xt_entry_match *match) const struct xt_physdev_info *info = (const void *)match->data; if (info->bitmask & XT_PHYSDEV_OP_ISIN) - printf("%s--physdev-is-in ", - (info->invert & XT_PHYSDEV_OP_ISIN) ? "! " : ""); + printf("%s --physdev-is-in", + (info->invert & XT_PHYSDEV_OP_ISIN) ? " !" : ""); if (info->bitmask & XT_PHYSDEV_OP_IN) - printf("%s--physdev-in %s ", - (info->invert & XT_PHYSDEV_OP_IN) ? "! " : "", + printf("%s --physdev-in %s", + (info->invert & XT_PHYSDEV_OP_IN) ? " !" : "", info->physindev); if (info->bitmask & XT_PHYSDEV_OP_ISOUT) - printf("%s--physdev-is-out ", - (info->invert & XT_PHYSDEV_OP_ISOUT) ? "! " : ""); + printf("%s --physdev-is-out", + (info->invert & XT_PHYSDEV_OP_ISOUT) ? " !" : ""); if (info->bitmask & XT_PHYSDEV_OP_OUT) - printf("%s--physdev-out %s ", - (info->invert & XT_PHYSDEV_OP_OUT) ? "! " : "", + printf("%s --physdev-out %s", + (info->invert & XT_PHYSDEV_OP_OUT) ? " !" : "", info->physoutdev); if (info->bitmask & XT_PHYSDEV_OP_BRIDGED) - printf("%s--physdev-is-bridged ", - (info->invert & XT_PHYSDEV_OP_BRIDGED) ? "! " : ""); + printf("%s --physdev-is-bridged", + (info->invert & XT_PHYSDEV_OP_BRIDGED) ? " !" : ""); } static struct xtables_match physdev_match = { diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c index 8aefd92f..f5de3ef0 100644 --- a/extensions/libxt_pkttype.c +++ b/extensions/libxt_pkttype.c @@ -112,11 +112,11 @@ static void print_pkttype(const struct xt_pkttype_info *info) for (i = 0; i < ARRAY_SIZE(supported_types); ++i) if(supported_types[i].pkttype==info->pkttype) { - printf("%s ", supported_types[i].name); + printf("%s", supported_types[i].name); return; } - printf("%d ", info->pkttype); /* in case we didn't find an entry in named-packtes */ + printf("%d", info->pkttype); /* in case we didn't find an entry in named-packtes */ } static void pkttype_print(const void *ip, const struct xt_entry_match *match, @@ -124,7 +124,7 @@ static void pkttype_print(const void *ip, const struct xt_entry_match *match, { const struct xt_pkttype_info *info = (const void *)match->data; - printf("PKTTYPE %s= ", info->invert?"!":""); + printf(" PKTTYPE %s= ", info->invert ? "!" : ""); print_pkttype(info); } @@ -132,7 +132,7 @@ static void pkttype_save(const void *ip, const struct xt_entry_match *match) { const struct xt_pkttype_info *info = (const void *)match->data; - printf("%s--pkt-type ", info->invert ? "! " : ""); + printf("%s --pkt-type ", info->invert ? " !" : ""); print_pkttype(info); } diff --git a/extensions/libxt_policy.c b/extensions/libxt_policy.c index 565f8a30..646d3330 100644 --- a/extensions/libxt_policy.c +++ b/extensions/libxt_policy.c @@ -330,17 +330,17 @@ static void policy_check(unsigned int flags) static void print_mode(const char *prefix, uint8_t mode, int numeric) { - printf("%smode ", prefix); + printf(" %smode ", prefix); switch (mode) { case XT_POLICY_MODE_TRANSPORT: - printf("transport "); + printf("transport"); break; case XT_POLICY_MODE_TUNNEL: - printf("tunnel "); + printf("tunnel"); break; default: - printf("??? "); + printf("???"); break; } } @@ -349,19 +349,19 @@ static void print_proto(const char *prefix, uint8_t proto, int numeric) { struct protoent *p = NULL; - printf("%sproto ", prefix); + printf(" %sproto ", prefix); if (!numeric) p = getprotobynumber(proto); if (p != NULL) - printf("%s ", p->p_name); + printf("%s", p->p_name); else - printf("%u ", proto); + printf("%u", proto); } #define PRINT_INVERT(x) \ do { \ if (x) \ - printf("! "); \ + printf(" !"); \ } while(0) static void print_entry(const char *prefix, const struct xt_policy_elem *e, @@ -369,11 +369,11 @@ static void print_entry(const char *prefix, const struct xt_policy_elem *e, { if (e->match.reqid) { PRINT_INVERT(e->invert.reqid); - printf("%sreqid %u ", prefix, e->reqid); + printf(" %sreqid %u", prefix, e->reqid); } if (e->match.spi) { PRINT_INVERT(e->invert.spi); - printf("%sspi 0x%x ", prefix, e->spi); + printf(" %sspi 0x%x", prefix, e->spi); } if (e->match.proto) { PRINT_INVERT(e->invert.proto); @@ -386,22 +386,22 @@ static void print_entry(const char *prefix, const struct xt_policy_elem *e, if (e->match.daddr) { PRINT_INVERT(e->invert.daddr); if (family == NFPROTO_IPV6) - printf("%stunnel-dst %s%s ", prefix, + printf(" %stunnel-dst %s%s", prefix, xtables_ip6addr_to_numeric(&e->daddr.a6), xtables_ip6mask_to_numeric(&e->dmask.a6)); else - printf("%stunnel-dst %s%s ", prefix, + printf(" %stunnel-dst %s%s", prefix, xtables_ipaddr_to_numeric(&e->daddr.a4), xtables_ipmask_to_numeric(&e->dmask.a4)); } if (e->match.saddr) { PRINT_INVERT(e->invert.saddr); if (family == NFPROTO_IPV6) - printf("%stunnel-src %s%s ", prefix, + printf(" %stunnel-src %s%s", prefix, xtables_ip6addr_to_numeric(&e->saddr.a6), xtables_ip6mask_to_numeric(&e->smask.a6)); else - printf("%stunnel-src %s%s ", prefix, + printf(" %stunnel-src %s%s", prefix, xtables_ipaddr_to_numeric(&e->saddr.a4), xtables_ipmask_to_numeric(&e->smask.a4)); } @@ -410,17 +410,17 @@ static void print_entry(const char *prefix, const struct xt_policy_elem *e, static void print_flags(char *prefix, const struct xt_policy_info *info) { if (info->flags & XT_POLICY_MATCH_IN) - printf("%sdir in ", prefix); + printf(" %sdir in", prefix); else - printf("%sdir out ", prefix); + printf(" %sdir out", prefix); if (info->flags & XT_POLICY_MATCH_NONE) - printf("%spol none ", prefix); + printf(" %spol none", prefix); else - printf("%spol ipsec ", prefix); + printf(" %spol ipsec", prefix); if (info->flags & XT_POLICY_MATCH_STRICT) - printf("%sstrict ", prefix); + printf(" %sstrict", prefix); } static void policy4_print(const void *ip, const struct xt_entry_match *match, @@ -429,11 +429,11 @@ static void policy4_print(const void *ip, const struct xt_entry_match *match, const struct xt_policy_info *info = (void *)match->data; unsigned int i; - printf("policy match "); + printf(" policy match"); print_flags("", info); for (i = 0; i < info->len; i++) { if (info->len > 1) - printf("[%u] ", i); + printf(" [%u]", i); print_entry("", &info->pol[i], numeric, NFPROTO_IPV4); } } @@ -444,11 +444,11 @@ static void policy6_print(const void *ip, const struct xt_entry_match *match, const struct xt_policy_info *info = (void *)match->data; unsigned int i; - printf("policy match "); + printf(" policy match"); print_flags("", info); for (i = 0; i < info->len; i++) { if (info->len > 1) - printf("[%u] ", i); + printf(" [%u]", i); print_entry("", &info->pol[i], numeric, NFPROTO_IPV6); } } @@ -462,7 +462,7 @@ static void policy4_save(const void *ip, const struct xt_entry_match *match) for (i = 0; i < info->len; i++) { print_entry("--", &info->pol[i], false, NFPROTO_IPV4); if (i + 1 < info->len) - printf("--next "); + printf(" --next"); } } @@ -475,7 +475,7 @@ static void policy6_save(const void *ip, const struct xt_entry_match *match) for (i = 0; i < info->len; i++) { print_entry("--", &info->pol[i], false, NFPROTO_IPV6); if (i + 1 < info->len) - printf("--next "); + printf(" --next"); } } diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c index 75da2d6d..e6ed9bc7 100644 --- a/extensions/libxt_quota.c +++ b/extensions/libxt_quota.c @@ -27,7 +27,7 @@ static void quota_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_quota_info *q = (const void *)match->data; - printf("quota: %llu bytes", (unsigned long long) q->quota); + printf(" quota: %llu bytes", (unsigned long long)q->quota); } static void @@ -37,7 +37,7 @@ quota_save(const void *ip, const struct xt_entry_match *match) if (q->flags & XT_QUOTA_INVERT) printf("! "); - printf("--quota %llu ", (unsigned long long) q->quota); + printf(" --quota %llu", (unsigned long long) q->quota); } /* parse quota option */ diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c index 7b6ba005..6998c016 100644 --- a/extensions/libxt_rateest.c +++ b/extensions/libxt_rateest.c @@ -320,13 +320,13 @@ rateest_print_rate(uint32_t rate, int numeric) double tmp = (double)rate*8; if (numeric) - printf("%u ", rate); + printf(" %u", rate); else if (tmp >= 1000.0*1000000.0) - printf("%.0fMbit ", tmp/1000000.0); + printf(" %.0fMbit", tmp/1000000.0); else if (tmp >= 1000.0 * 1000.0) - printf("%.0fKbit ", tmp/1000.0); + printf(" %.0fKbit", tmp/1000.0); else - printf("%.0fbit ", tmp); + printf(" %.0fbit", tmp); } static void @@ -334,17 +334,17 @@ rateest_print_mode(const struct xt_rateest_match_info *info, const char *prefix) { if (info->flags & XT_RATEEST_MATCH_INVERT) - printf("! "); + printf(" !"); switch (info->mode) { case XT_RATEEST_MATCH_EQ: - printf("%seq ", prefix); + printf(" %seq", prefix); break; case XT_RATEEST_MATCH_LT: - printf("%slt ", prefix); + printf(" %slt", prefix); break; case XT_RATEEST_MATCH_GT: - printf("%sgt ", prefix); + printf(" %sgt", prefix); break; default: exit(1); @@ -356,14 +356,14 @@ rateest_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_rateest_match_info *info = (const void *)match->data; - printf("rateest match "); + printf(" rateest match "); - printf("%s ", info->name1); + printf("%s", info->name1); if (info->flags & XT_RATEEST_MATCH_DELTA) - printf("delta "); + printf(" delta"); if (info->flags & XT_RATEEST_MATCH_BPS) { - printf("bps "); + printf(" bps"); if (info->flags & XT_RATEEST_MATCH_DELTA) rateest_print_rate(info->bps1, numeric); if (info->flags & XT_RATEEST_MATCH_ABS) { @@ -372,31 +372,31 @@ rateest_print(const void *ip, const struct xt_entry_match *match, int numeric) } } if (info->flags & XT_RATEEST_MATCH_PPS) { - printf("pps "); + printf(" pps"); if (info->flags & XT_RATEEST_MATCH_DELTA) - printf("%u ", info->pps1); + printf(" %u", info->pps1); if (info->flags & XT_RATEEST_MATCH_ABS) { rateest_print_mode(info, ""); - printf("%u ", info->pps2); + printf(" %u", info->pps2); } } if (info->flags & XT_RATEEST_MATCH_REL) { rateest_print_mode(info, ""); - printf("%s ", info->name2); + printf(" %s", info->name2); if (info->flags & XT_RATEEST_MATCH_DELTA) - printf("delta "); + printf(" delta"); if (info->flags & XT_RATEEST_MATCH_BPS) { - printf("bps "); + printf(" bps"); if (info->flags & XT_RATEEST_MATCH_DELTA) rateest_print_rate(info->bps2, numeric); } if (info->flags & XT_RATEEST_MATCH_PPS) { - printf("pps "); + printf(" pps"); if (info->flags & XT_RATEEST_MATCH_DELTA) - printf("%u ", info->pps2); + printf(" %u", info->pps2); } } } @@ -407,26 +407,26 @@ rateest_save(const void *ip, const struct xt_entry_match *match) const struct xt_rateest_match_info *info = (const void *)match->data; if (info->flags & XT_RATEEST_MATCH_REL) { - printf("--rateest1 %s ", info->name1); + printf(" --rateest1 %s", info->name1); if (info->flags & XT_RATEEST_MATCH_BPS) - printf("--rateest-bps "); + printf(" --rateest-bps"); if (info->flags & XT_RATEEST_MATCH_PPS) - printf("--rateest-pps "); - rateest_print_mode(info, "--rateest-"); - printf("--rateest2 %s ", info->name2); + printf(" --rateest-pps"); + rateest_print_mode(info, " --rateest-"); + printf(" --rateest2 %s", info->name2); } else { - printf("--rateest %s ", info->name1); + printf(" --rateest %s", info->name1); if (info->flags & XT_RATEEST_MATCH_BPS) { - printf("--rateest-bps1 "); + printf(" --rateest-bps1"); rateest_print_rate(info->bps1, 0); - printf("--rateest-bps2 "); + printf(" --rateest-bps2"); rateest_print_rate(info->bps2, 0); rateest_print_mode(info, "--rateest-"); } if (info->flags & XT_RATEEST_MATCH_PPS) { - printf("--rateest-pps "); + printf(" --rateest-pps"); rateest_print_mode(info, "--rateest-"); - printf("%u ", info->pps2); + printf(" %u", info->pps2); } } } diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c index 85f3613d..e4a7f4d4 100644 --- a/extensions/libxt_recent.c +++ b/extensions/libxt_recent.c @@ -162,26 +162,26 @@ static void recent_print(const void *ip, const struct xt_entry_match *match, const struct xt_recent_mtinfo *info = (const void *)match->data; if (info->invert) - fputc('!', stdout); + printf(" !"); - printf("recent: "); + printf(" recent:"); if (info->check_set & XT_RECENT_SET) - printf("SET "); + printf(" SET"); if (info->check_set & XT_RECENT_CHECK) - printf("CHECK "); + printf(" CHECK"); if (info->check_set & XT_RECENT_UPDATE) - printf("UPDATE "); + printf(" UPDATE"); if (info->check_set & XT_RECENT_REMOVE) - printf("REMOVE "); - if(info->seconds) printf("seconds: %d ",info->seconds); - if(info->hit_count) printf("hit_count: %d ",info->hit_count); + printf(" REMOVE"); + if(info->seconds) printf(" seconds: %d", info->seconds); + if(info->hit_count) printf(" hit_count: %d", info->hit_count); if (info->check_set & XT_RECENT_TTL) - printf("TTL-Match "); - if(info->name) printf("name: %s ",info->name); + printf(" TTL-Match"); + if(info->name) printf(" name: %s", info->name); if (info->side == XT_RECENT_SOURCE) - printf("side: source "); + printf(" side: source"); if (info->side == XT_RECENT_DEST) - printf("side: dest "); + printf(" side: dest"); } static void recent_save(const void *ip, const struct xt_entry_match *match) @@ -189,25 +189,25 @@ static void recent_save(const void *ip, const struct xt_entry_match *match) const struct xt_recent_mtinfo *info = (const void *)match->data; if (info->invert) - printf("! "); + printf(" !"); if (info->check_set & XT_RECENT_SET) - printf("--set "); + printf(" --set"); if (info->check_set & XT_RECENT_CHECK) - printf("--rcheck "); + printf(" --rcheck"); if (info->check_set & XT_RECENT_UPDATE) - printf("--update "); + printf(" --update"); if (info->check_set & XT_RECENT_REMOVE) - printf("--remove "); - if(info->seconds) printf("--seconds %d ",info->seconds); - if(info->hit_count) printf("--hitcount %d ",info->hit_count); + printf(" --remove"); + if(info->seconds) printf(" --seconds %d", info->seconds); + if(info->hit_count) printf(" --hitcount %d", info->hit_count); if (info->check_set & XT_RECENT_TTL) - printf("--rttl "); - if(info->name) printf("--name %s ",info->name); + printf(" --rttl"); + if(info->name) printf(" --name %s",info->name); if (info->side == XT_RECENT_SOURCE) - printf("--rsource "); + printf(" --rsource"); if (info->side == XT_RECENT_DEST) - printf("--rdest "); + printf(" --rdest"); } static struct xtables_match recent_mt_reg = { diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c index 016a9f9e..718d4c42 100644 --- a/extensions/libxt_sctp.c +++ b/extensions/libxt_sctp.c @@ -329,7 +329,7 @@ print_ports(const char *name, uint16_t min, uint16_t max, const char *inv = invert ? "!" : ""; if (min != 0 || max != 0xFFFF || invert) { - printf("%s", name); + printf(" %s", name); if (min == max) { printf(":%s", inv); print_port(min, numeric); @@ -339,7 +339,6 @@ print_ports(const char *name, uint16_t min, uint16_t max, printf(":"); print_port(max, numeric); } - printf(" "); } } @@ -391,19 +390,19 @@ print_chunks(const struct xt_sctp_info *einfo, int numeric) int flag; switch (chunk_match_type) { - case SCTP_CHUNK_MATCH_ANY: printf("any "); break; - case SCTP_CHUNK_MATCH_ALL: printf("all "); break; - case SCTP_CHUNK_MATCH_ONLY: printf("only "); break; + case SCTP_CHUNK_MATCH_ANY: printf(" any"); break; + case SCTP_CHUNK_MATCH_ALL: printf(" all"); break; + case SCTP_CHUNK_MATCH_ONLY: printf(" only"); break; default: printf("Never reach here\n"); break; } if (SCTP_CHUNKMAP_IS_CLEAR(einfo->chunkmap)) { - printf("NONE "); + printf(" NONE"); goto out; } if (SCTP_CHUNKMAP_IS_ALL_SET(einfo->chunkmap)) { - printf("ALL "); + printf(" ALL"); goto out; } @@ -412,6 +411,8 @@ print_chunks(const struct xt_sctp_info *einfo, int numeric) if (SCTP_CHUNKMAP_IS_SET(einfo->chunkmap, i)) { if (flag) printf(","); + else + putchar(' '); flag = 1; print_chunk(i, numeric); for (j = 0; j < flag_count; j++) { @@ -422,9 +423,6 @@ print_chunks(const struct xt_sctp_info *einfo, int numeric) } } } - - if (flag) - printf(" "); out: return; } @@ -435,7 +433,7 @@ sctp_print(const void *ip, const struct xt_entry_match *match, int numeric) const struct xt_sctp_info *einfo = (const struct xt_sctp_info *)match->data; - printf("sctp "); + printf(" sctp"); if (einfo->flags & XT_SCTP_SRC_PORTS) { print_ports("spt", einfo->spts[0], einfo->spts[1], @@ -453,7 +451,7 @@ sctp_print(const void *ip, const struct xt_entry_match *match, int numeric) /* FIXME: print_chunks() is used in save() where the printing of '!' s taken care of, so we need to do that here as well */ if (einfo->invflags & XT_SCTP_CHUNK_TYPES) { - printf("! "); + printf(" !"); } print_chunks(einfo, numeric); } @@ -466,28 +464,28 @@ static void sctp_save(const void *ip, const struct xt_entry_match *match) if (einfo->flags & XT_SCTP_SRC_PORTS) { if (einfo->invflags & XT_SCTP_SRC_PORTS) - printf("! "); + printf(" !"); if (einfo->spts[0] != einfo->spts[1]) - printf("--sport %u:%u ", + printf(" --sport %u:%u", einfo->spts[0], einfo->spts[1]); else - printf("--sport %u ", einfo->spts[0]); + printf(" --sport %u", einfo->spts[0]); } if (einfo->flags & XT_SCTP_DEST_PORTS) { if (einfo->invflags & XT_SCTP_DEST_PORTS) - printf("! "); + printf(" !"); if (einfo->dpts[0] != einfo->dpts[1]) - printf("--dport %u:%u ", + printf(" --dport %u:%u", einfo->dpts[0], einfo->dpts[1]); else - printf("--dport %u ", einfo->dpts[0]); + printf(" --dport %u", einfo->dpts[0]); } if (einfo->flags & XT_SCTP_CHUNK_TYPES) { if (einfo->invflags & XT_SCTP_CHUNK_TYPES) - printf("! "); - printf("--chunk-types "); + printf(" !"); + printf(" --chunk-types"); print_chunks(einfo, 0); } diff --git a/extensions/libxt_set.c b/extensions/libxt_set.c index 6364011f..78bf7c10 100644 --- a/extensions/libxt_set.c +++ b/extensions/libxt_set.c @@ -97,8 +97,8 @@ print_match_v0(const char *prefix, const struct xt_set_info_v0 *info) char setname[IPSET_MAXNAMELEN]; get_set_byid(setname, info->index); - printf("%s%s %s", - (info->u.flags[0] & IPSET_MATCH_INV) ? "! " : "", + printf("%s %s %s", + (info->u.flags[0] & IPSET_MATCH_INV) ? " !" : "", prefix, setname); for (i = 0; i < IPSET_DIM_MAX; i++) { @@ -108,7 +108,6 @@ print_match_v0(const char *prefix, const struct xt_set_info_v0 *info) i == 0 ? " " : ",", info->u.flags[i] & IPSET_SRC ? "src" : "dst"); } - printf(" "); } /* Prints out the matchinfo. */ @@ -179,8 +178,8 @@ print_match(const char *prefix, const struct xt_set_info *info) char setname[IPSET_MAXNAMELEN]; get_set_byid(setname, info->index); - printf("%s%s %s", - (info->flags & IPSET_INV_MATCH) ? "! " : "", + printf("%s %s %s", + (info->flags & IPSET_INV_MATCH) ? " !" : "", prefix, setname); for (i = 1; i <= info->dim; i++) { @@ -188,7 +187,6 @@ print_match(const char *prefix, const struct xt_set_info *info) i == 1 ? " " : ",", info->flags & (1 << i) ? "src" : "dst"); } - printf(" "); } /* Prints out the matchinfo. */ diff --git a/extensions/libxt_socket.c b/extensions/libxt_socket.c index e4dff78b..e89d1c56 100644 --- a/extensions/libxt_socket.c +++ b/extensions/libxt_socket.c @@ -40,14 +40,14 @@ socket_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_socket_mtinfo1 *info = (const void *)match->data; if (info->flags & XT_SOCKET_TRANSPARENT) - printf("--transparent "); + printf(" --transparent"); } static void socket_mt_print(const void *ip, const struct xt_entry_match *match, int numeric) { - printf("socket "); + printf(" socket"); socket_mt_save(ip, match); } diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c index a236a3f0..9a631aa7 100644 --- a/extensions/libxt_state.c +++ b/extensions/libxt_state.c @@ -114,7 +114,6 @@ static void state_print_state(unsigned int statemask) printf("%sUNTRACKED", sep); sep = ","; } - printf(" "); } static void @@ -124,7 +123,7 @@ state_print(const void *ip, { const struct xt_state_info *sinfo = (const void *)match->data; - printf("state "); + printf(" state "); state_print_state(sinfo->statemask); } @@ -132,7 +131,7 @@ static void state_save(const void *ip, const struct xt_entry_match *match) { const struct xt_state_info *sinfo = (const void *)match->data; - printf("--state "); + printf(" --state "); state_print_state(sinfo->statemask); } diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c index f6fbd3b8..b4171b11 100644 --- a/extensions/libxt_statistic.c +++ b/extensions/libxt_statistic.c @@ -126,18 +126,18 @@ static void statistic_check(unsigned int flags) static void print_match(const struct xt_statistic_info *info, char *prefix) { if (info->flags & XT_STATISTIC_INVERT) - printf("! "); + printf(" !"); switch (info->mode) { case XT_STATISTIC_MODE_RANDOM: - printf("%smode random %sprobability %f ", prefix, prefix, + printf( "%smode random %sprobability %f", prefix, prefix, 1.0 * info->u.random.probability / 0x80000000); break; case XT_STATISTIC_MODE_NTH: - printf("%smode nth %severy %u ", prefix, prefix, + printf(" %smode nth %severy %u", prefix, prefix, info->u.nth.every + 1); if (info->u.nth.packet) - printf("%spacket %u ", prefix, info->u.nth.packet); + printf(" %spacket %u", prefix, info->u.nth.packet); break; } } @@ -147,7 +147,7 @@ statistic_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_statistic_info *info = (const void *)match->data; - printf("statistic "); + printf(" statistic"); print_match(info, ""); } diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c index c78f9cd8..4f757575 100644 --- a/extensions/libxt_string.c +++ b/extensions/libxt_string.c @@ -289,13 +289,13 @@ static void print_string(const char *str, const unsigned short int len) { unsigned int i; - printf("\""); + printf(" \""); for (i=0; i < len; i++) { if ((unsigned char) str[i] == 0x22) /* escape any embedded quotes */ printf("%c", 0x5c); printf("%c", (unsigned char) str[i]); } - printf("\" "); /* closing space and quote */ + printf("\""); /* closing quote */ } static void @@ -308,19 +308,19 @@ string_print(const void *ip, const struct xt_entry_match *match, int numeric) info->u.v1.flags & XT_STRING_FLAG_INVERT); if (is_hex_string(info->pattern, info->patlen)) { - printf("STRING match %s", invert ? "!" : ""); + printf(" STRING match %s", invert ? "!" : ""); print_hex_string(info->pattern, info->patlen); } else { - printf("STRING match %s", invert ? "!" : ""); + printf(" STRING match %s", invert ? "!" : ""); print_string(info->pattern, info->patlen); } - printf("ALGO name %s ", info->algo); + printf(" ALGO name %s", info->algo); if (info->from_offset != 0) - printf("FROM %u ", info->from_offset); + printf(" FROM %u", info->from_offset); if (info->to_offset != 0) - printf("TO %u ", info->to_offset); + printf(" TO %u", info->to_offset); if (revision > 0 && info->u.v1.flags & XT_STRING_FLAG_IGNORECASE) - printf("ICASE "); + printf(" ICASE"); } static void string_save(const void *ip, const struct xt_entry_match *match) @@ -332,19 +332,19 @@ static void string_save(const void *ip, const struct xt_entry_match *match) info->u.v1.flags & XT_STRING_FLAG_INVERT); if (is_hex_string(info->pattern, info->patlen)) { - printf("%s--hex-string ", (invert) ? "! ": ""); + printf("%s --hex-string", (invert) ? " !" : ""); print_hex_string(info->pattern, info->patlen); } else { - printf("%s--string ", (invert) ? "! ": ""); + printf("%s --string", (invert) ? " !": ""); print_string(info->pattern, info->patlen); } - printf("--algo %s ", info->algo); + printf(" --algo %s", info->algo); if (info->from_offset != 0) - printf("--from %u ", info->from_offset); + printf(" --from %u", info->from_offset); if (info->to_offset != 0) - printf("--to %u ", info->to_offset); + printf(" --to %u", info->to_offset); if (revision > 0 && info->u.v1.flags & XT_STRING_FLAG_IGNORECASE) - printf("--icase "); + printf(" --icase"); } diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c index 8bcb0dd5..d9bcbd0e 100644 --- a/extensions/libxt_tcp.c +++ b/extensions/libxt_tcp.c @@ -237,7 +237,7 @@ print_ports(const char *name, uint16_t min, uint16_t max, const char *inv = invert ? "!" : ""; if (min != 0 || max != 0xFFFF || invert) { - printf("%s", name); + printf(" %s", name); if (min == max) { printf(":%s", inv); print_port(min, numeric); @@ -247,7 +247,6 @@ print_ports(const char *name, uint16_t min, uint16_t max, printf(":"); print_port(max, numeric); } - printf(" "); } } @@ -255,7 +254,7 @@ static void print_option(uint8_t option, int invert, int numeric) { if (option || invert) - printf("option=%s%u ", invert ? "!" : "", option); + printf(" option=%s%u", invert ? "!" : "", option); } static void @@ -286,12 +285,12 @@ print_flags(uint8_t mask, uint8_t cmp, int invert, int numeric) if (mask || invert) { printf("flags:%s", invert ? "!" : ""); if (numeric) - printf("0x%02X/0x%02X ", mask, cmp); + printf(" 0x%02X/0x%02X", mask, cmp); else { + printf(" "); print_tcpf(mask); printf("/"); print_tcpf(cmp); - printf(" "); } } } @@ -301,7 +300,7 @@ tcp_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_tcp *tcp = (struct xt_tcp *)match->data; - printf("tcp "); + printf(" tcp"); print_ports("spt", tcp->spts[0], tcp->spts[1], tcp->invflags & XT_TCP_INV_SRCPT, numeric); @@ -315,7 +314,7 @@ tcp_print(const void *ip, const struct xt_entry_match *match, int numeric) tcp->invflags & XT_TCP_INV_FLAGS, numeric); if (tcp->invflags & ~XT_TCP_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", tcp->invflags & ~XT_TCP_INV_MASK); } @@ -326,49 +325,48 @@ static void tcp_save(const void *ip, const struct xt_entry_match *match) if (tcpinfo->spts[0] != 0 || tcpinfo->spts[1] != 0xFFFF) { if (tcpinfo->invflags & XT_TCP_INV_SRCPT) - printf("! "); + printf(" !"); if (tcpinfo->spts[0] != tcpinfo->spts[1]) - printf("--sport %u:%u ", + printf(" --sport %u:%u", tcpinfo->spts[0], tcpinfo->spts[1]); else - printf("--sport %u ", + printf(" --sport %u", tcpinfo->spts[0]); } if (tcpinfo->dpts[0] != 0 || tcpinfo->dpts[1] != 0xFFFF) { if (tcpinfo->invflags & XT_TCP_INV_DSTPT) - printf("! "); + printf(" !"); if (tcpinfo->dpts[0] != tcpinfo->dpts[1]) - printf("--dport %u:%u ", + printf(" --dport %u:%u", tcpinfo->dpts[0], tcpinfo->dpts[1]); else - printf("--dport %u ", + printf(" --dport %u", tcpinfo->dpts[0]); } if (tcpinfo->option || (tcpinfo->invflags & XT_TCP_INV_OPTION)) { if (tcpinfo->invflags & XT_TCP_INV_OPTION) - printf("! "); - printf("--tcp-option %u ", tcpinfo->option); + printf(" !"); + printf(" --tcp-option %u", tcpinfo->option); } if (tcpinfo->flg_mask || (tcpinfo->invflags & XT_TCP_INV_FLAGS)) { if (tcpinfo->invflags & XT_TCP_INV_FLAGS) - printf("! "); - printf("--tcp-flags "); + printf(" !"); + printf(" --tcp-flags "); if (tcpinfo->flg_mask != 0xFF) { print_tcpf(tcpinfo->flg_mask); } printf(" "); print_tcpf(tcpinfo->flg_cmp); - printf(" "); } } diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c index 35d6d189..3dc35286 100644 --- a/extensions/libxt_tcpmss.c +++ b/extensions/libxt_tcpmss.c @@ -89,22 +89,22 @@ tcpmss_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_tcpmss_match_info *info = (void *)match->data; - printf("tcpmss match %s", info->invert ? "!" : ""); + printf(" tcpmss match %s", info->invert ? "!" : ""); if (info->mss_min == info->mss_max) - printf("%u ", info->mss_min); + printf("%u", info->mss_min); else - printf("%u:%u ", info->mss_min, info->mss_max); + printf("%u:%u", info->mss_min, info->mss_max); } static void tcpmss_save(const void *ip, const struct xt_entry_match *match) { const struct xt_tcpmss_match_info *info = (void *)match->data; - printf("%s--mss ", info->invert ? "! " : ""); + printf("%s --mss ", info->invert ? " !" : ""); if (info->mss_min == info->mss_max) - printf("%u ", info->mss_min); + printf("%u", info->mss_min); else - printf("%u:%u ", info->mss_min, info->mss_max); + printf("%u:%u", info->mss_min, info->mss_max); } static struct xtables_match tcpmss_match = { diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c index b2e6ffa6..56fb135a 100644 --- a/extensions/libxt_time.c +++ b/extensions/libxt_time.c @@ -344,11 +344,11 @@ static void time_print_date(time_t date, const char *command) * Need a contiguous string (no whitespaces), hence using * the ISO 8601 "T" variant. */ - printf("%s %04u-%02u-%02uT%02u:%02u:%02u ", + printf(" %s %04u-%02u-%02uT%02u:%02u:%02u", command, t->tm_year + 1900, t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); else - printf("%04u-%02u-%02u %02u:%02u:%02u ", + printf(" %04u-%02u-%02u %02u:%02u:%02u", t->tm_year + 1900, t->tm_mon + 1, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec); } @@ -357,6 +357,7 @@ static void time_print_monthdays(uint32_t mask, bool human_readable) { unsigned int i, nbdays = 0; + printf(" "); for (i = 1; i <= 31; ++i) if (mask & (1 << i)) { if (nbdays++ > 0) @@ -378,13 +379,13 @@ static void time_print_monthdays(uint32_t mask, bool human_readable) break; } } - printf(" "); } static void time_print_weekdays(unsigned int mask) { unsigned int i, nbdays = 0; + printf(" "); for (i = 1; i <= 7; ++i) if (mask & (1 << i)) { if (nbdays > 0) @@ -393,7 +394,6 @@ static void time_print_weekdays(unsigned int mask) printf("%s", week_days[i]); ++nbdays; } - printf(" "); } static inline void divide_time(unsigned int fulltime, unsigned int *hours, @@ -411,33 +411,33 @@ static void time_print(const void *ip, const struct xt_entry_match *match, const struct xt_time_info *info = (const void *)match->data; unsigned int h, m, s; - printf("TIME "); + printf(" TIME"); if (info->daytime_start != XT_TIME_MIN_DAYTIME || info->daytime_stop != XT_TIME_MAX_DAYTIME) { divide_time(info->daytime_start, &h, &m, &s); - printf("from %02u:%02u:%02u ", h, m, s); + printf(" from %02u:%02u:%02u", h, m, s); divide_time(info->daytime_stop, &h, &m, &s); - printf("to %02u:%02u:%02u ", h, m, s); + printf(" to %02u:%02u:%02u", h, m, s); } if (info->weekdays_match != XT_TIME_ALL_WEEKDAYS) { - printf("on "); + printf(" on"); time_print_weekdays(info->weekdays_match); } if (info->monthdays_match != XT_TIME_ALL_MONTHDAYS) { - printf("on "); + printf(" on"); time_print_monthdays(info->monthdays_match, true); } if (info->date_start != 0) { - printf("starting from "); + printf(" starting from"); time_print_date(info->date_start, NULL); } if (info->date_stop != INT_MAX) { - printf("until date "); + printf(" until date"); time_print_date(info->date_stop, NULL); } if (!(info->flags & XT_TIME_LOCAL_TZ)) - printf("UTC "); + printf(" UTC"); } static void time_save(const void *ip, const struct xt_entry_match *match) @@ -448,23 +448,22 @@ static void time_save(const void *ip, const struct xt_entry_match *match) if (info->daytime_start != XT_TIME_MIN_DAYTIME || info->daytime_stop != XT_TIME_MAX_DAYTIME) { divide_time(info->daytime_start, &h, &m, &s); - printf("--timestart %02u:%02u:%02u ", h, m, s); + printf(" --timestart %02u:%02u:%02u", h, m, s); divide_time(info->daytime_stop, &h, &m, &s); - printf("--timestop %02u:%02u:%02u ", h, m, s); + printf(" --timestop %02u:%02u:%02u", h, m, s); } if (info->monthdays_match != XT_TIME_ALL_MONTHDAYS) { - printf("--monthdays "); + printf(" --monthdays"); time_print_monthdays(info->monthdays_match, false); } if (info->weekdays_match != XT_TIME_ALL_WEEKDAYS) { - printf("--weekdays "); + printf(" --weekdays"); time_print_weekdays(info->weekdays_match); - printf(" "); } time_print_date(info->date_start, "--datestart"); time_print_date(info->date_stop, "--datestop"); if (!(info->flags & XT_TIME_LOCAL_TZ)) - printf("--utc "); + printf(" --utc"); } static struct xtables_match time_match = { diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c index 435f68e8..8b83e180 100644 --- a/extensions/libxt_tos.c +++ b/extensions/libxt_tos.c @@ -103,11 +103,11 @@ static void tos_mt_print_v0(const void *ip, const struct xt_entry_match *match, { const struct ipt_tos_info *info = (const void *)match->data; - printf("tos match "); + printf(" tos match "); if (info->invert) printf("!"); if (numeric || !tos_try_print_symbolic("", info->tos, 0x3F)) - printf("0x%02x ", info->tos); + printf("0x%02x", info->tos); } static void tos_mt_print(const void *ip, const struct xt_entry_match *match, @@ -115,12 +115,12 @@ static void tos_mt_print(const void *ip, const struct xt_entry_match *match, { const struct xt_tos_match_info *info = (const void *)match->data; - printf("tos match "); + printf(" tos match"); if (info->invert) printf("!"); if (numeric || !tos_try_print_symbolic("", info->tos_value, info->tos_mask)) - printf("0x%02x/0x%02x ", info->tos_value, info->tos_mask); + printf("0x%02x/0x%02x", info->tos_value, info->tos_mask); } static void tos_mt_save_v0(const void *ip, const struct xt_entry_match *match) @@ -128,8 +128,8 @@ static void tos_mt_save_v0(const void *ip, const struct xt_entry_match *match) const struct ipt_tos_info *info = (const void *)match->data; if (info->invert) - printf("! "); - printf("--tos 0x%02x ", info->tos); + printf(" !"); + printf(" --tos 0x%02x", info->tos); } static void tos_mt_save(const void *ip, const struct xt_entry_match *match) @@ -137,8 +137,8 @@ static void tos_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_tos_match_info *info = (const void *)match->data; if (info->invert) - printf("! "); - printf("--tos 0x%02x/0x%02x ", info->tos_value, info->tos_mask); + printf(" !"); + printf(" --tos 0x%02x/0x%02x", info->tos_value, info->tos_mask); } static struct xtables_match tos_mt_reg[] = { diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c index 378de0c9..7f102d49 100644 --- a/extensions/libxt_u32.c +++ b/extensions/libxt_u32.c @@ -45,7 +45,7 @@ static void u32_dump(const struct xt_u32 *data) const struct xt_u32_test *ct; unsigned int testind, i; - putchar('\"'); + printf(" \""); for (testind = 0; testind < data->ntests; ++testind) { ct = &data->tests[testind]; @@ -82,7 +82,7 @@ static void u32_dump(const struct xt_u32 *data) ct->value[i].max); } } - printf("\" "); + putchar('\"'); } /* string_to_number() is not quite what we need here ... */ @@ -252,9 +252,9 @@ static void u32_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_u32 *data = (const void *)match->data; - printf("u32 "); + printf(" u32"); if (data->invert) - printf("! "); + printf(" !"); u32_dump(data); } @@ -262,8 +262,8 @@ static void u32_save(const void *ip, const struct xt_entry_match *match) { const struct xt_u32 *data = (const void *)match->data; if (data->invert) - printf("! "); - printf("--u32 "); + printf(" !"); + printf(" --u32"); u32_dump(data); } diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c index 2550d71f..505b3c88 100644 --- a/extensions/libxt_udp.c +++ b/extensions/libxt_udp.c @@ -124,7 +124,7 @@ print_ports(const char *name, uint16_t min, uint16_t max, const char *inv = invert ? "!" : ""; if (min != 0 || max != 0xFFFF || invert) { - printf("%s", name); + printf(" %s", name); if (min == max) { printf(":%s", inv); print_port(min, numeric); @@ -134,7 +134,6 @@ print_ports(const char *name, uint16_t min, uint16_t max, printf(":"); print_port(max, numeric); } - printf(" "); } } @@ -143,7 +142,7 @@ udp_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_udp *udp = (struct xt_udp *)match->data; - printf("udp "); + printf(" udp"); print_ports("spt", udp->spts[0], udp->spts[1], udp->invflags & XT_UDP_INV_SRCPT, numeric); @@ -151,7 +150,7 @@ udp_print(const void *ip, const struct xt_entry_match *match, int numeric) udp->invflags & XT_UDP_INV_DSTPT, numeric); if (udp->invflags & ~XT_UDP_INV_MASK) - printf("Unknown invflags: 0x%X ", + printf(" Unknown invflags: 0x%X", udp->invflags & ~XT_UDP_INV_MASK); } @@ -162,28 +161,28 @@ static void udp_save(const void *ip, const struct xt_entry_match *match) if (udpinfo->spts[0] != 0 || udpinfo->spts[1] != 0xFFFF) { if (udpinfo->invflags & XT_UDP_INV_SRCPT) - printf("! "); + printf(" !"); if (udpinfo->spts[0] != udpinfo->spts[1]) - printf("--sport %u:%u ", + printf(" --sport %u:%u", udpinfo->spts[0], udpinfo->spts[1]); else - printf("--sport %u ", + printf(" --sport %u", udpinfo->spts[0]); } if (udpinfo->dpts[0] != 0 || udpinfo->dpts[1] != 0xFFFF) { if (udpinfo->invflags & XT_UDP_INV_DSTPT) - printf("! "); + printf(" !"); if (udpinfo->dpts[0] != udpinfo->dpts[1]) - printf("--dport %u:%u ", + printf(" --dport %u:%u", udpinfo->dpts[0], udpinfo->dpts[1]); else - printf("--dport %u ", + printf(" --dport %u", udpinfo->dpts[0]); } } diff --git a/extensions/tos_values.c b/extensions/tos_values.c index 129203b2..c5efd9d7 100644 --- a/extensions/tos_values.c +++ b/extensions/tos_values.c @@ -91,7 +91,7 @@ static bool tos_try_print_symbolic(const char *prefix, for (symbol = tos_symbol_names; symbol->name != NULL; ++symbol) if (value == symbol->value) { - printf("%s%s ", prefix, symbol->name); + printf(" %s%s", prefix, symbol->name); return true; } |