From 7373297262eef6754570a5cb05c18332c801370f Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Mon, 24 Sep 2018 19:25:23 +0200 Subject: Combine command_match() implementations This merges the basically identical implementations of command_match() from xtables, iptables and ip6tables into one. The only required adjustment was to make use of xt_params instead of the different *_globals objects. Signed-off-by: Phil Sutter Signed-off-by: Florian Westphal --- iptables/ip6tables.c | 35 ----------------------------------- iptables/iptables.c | 37 ------------------------------------- iptables/xshared.c | 38 ++++++++++++++++++++++++++++++++++++++ iptables/xshared.h | 2 ++ iptables/xtables.c | 36 ------------------------------------ 5 files changed, 40 insertions(+), 108 deletions(-) diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index f447bc74..1137256a 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -1261,41 +1261,6 @@ static void command_jump(struct iptables_command_state *cs) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } -static void command_match(struct iptables_command_state *cs) -{ - struct xtables_match *m; - size_t size; - - if (cs->invert) - xtables_error(PARAMETER_PROBLEM, - "unexpected ! flag before --match"); - - m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); - size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; - m->m = xtables_calloc(1, size); - m->m->u.match_size = size; - if (m->real_name == NULL) { - strcpy(m->m->u.user.name, m->name); - } else { - strcpy(m->m->u.user.name, m->real_name); - if (!(m->ext_flags & XTABLES_EXT_ALIAS)) - fprintf(stderr, "Notice: The %s match is converted into %s match " - "in rule listing and saving.\n", m->name, m->real_name); - } - m->m->u.user.revision = m->revision; - - xs_init_match(m); - if (m == m->next) - return; - /* Merge options for non-cloned matches */ - if (m->x6_options != NULL) - opts = xtables_options_xfrm(ip6tables_globals.orig_opts, opts, - m->x6_options, &m->option_offset); - else if (m->extra_opts != NULL) - opts = xtables_merge_options(ip6tables_globals.orig_opts, opts, - m->extra_opts, &m->option_offset); -} - int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle, bool restore) { diff --git a/iptables/iptables.c b/iptables/iptables.c index 144550fc..70ba67c9 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -1254,43 +1254,6 @@ static void command_jump(struct iptables_command_state *cs) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } -static void command_match(struct iptables_command_state *cs) -{ - struct xtables_match *m; - size_t size; - - if (cs->invert) - xtables_error(PARAMETER_PROBLEM, - "unexpected ! flag before --match"); - - m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); - size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; - m->m = xtables_calloc(1, size); - m->m->u.match_size = size; - if (m->real_name == NULL) { - strcpy(m->m->u.user.name, m->name); - } else { - strcpy(m->m->u.user.name, m->real_name); - if (!(m->ext_flags & XTABLES_EXT_ALIAS)) - fprintf(stderr, "Notice: the %s match is converted into %s match " - "in rule listing and saving.\n", m->name, m->real_name); - } - m->m->u.user.revision = m->revision; - - xs_init_match(m); - if (m == m->next) - return; - /* Merge options for non-cloned matches */ - if (m->x6_options != NULL) - opts = xtables_options_xfrm(iptables_globals.orig_opts, opts, - m->x6_options, &m->option_offset); - else if (m->extra_opts != NULL) - opts = xtables_merge_options(iptables_globals.orig_opts, opts, - m->extra_opts, &m->option_offset); - if (opts == NULL) - xtables_error(OTHER_PROBLEM, "can't alloc memory!"); -} - int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle, bool restore) { diff --git a/iptables/xshared.c b/iptables/xshared.c index a10e425c..860373cb 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -593,3 +593,41 @@ void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags, printf(FMT("%-6s ", "out %s "), iface); } + +void command_match(struct iptables_command_state *cs) +{ + struct option *opts = xt_params->opts; + struct xtables_match *m; + size_t size; + + if (cs->invert) + xtables_error(PARAMETER_PROBLEM, + "unexpected ! flag before --match"); + + m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); + size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; + m->m = xtables_calloc(1, size); + m->m->u.match_size = size; + if (m->real_name == NULL) { + strcpy(m->m->u.user.name, m->name); + } else { + strcpy(m->m->u.user.name, m->real_name); + if (!(m->ext_flags & XTABLES_EXT_ALIAS)) + fprintf(stderr, "Notice: the %s match is converted into %s match " + "in rule listing and saving.\n", m->name, m->real_name); + } + m->m->u.user.revision = m->revision; + xs_init_match(m); + if (m == m->next) + return; + /* Merge options for non-cloned matches */ + if (m->x6_options != NULL) + opts = xtables_options_xfrm(xt_params->orig_opts, opts, + m->x6_options, &m->option_offset); + else if (m->extra_opts != NULL) + opts = xtables_merge_options(xt_params->orig_opts, opts, + m->extra_opts, &m->option_offset); + if (opts == NULL) + xtables_error(OTHER_PROBLEM, "can't alloc memory!"); + xt_params->opts = opts; +} diff --git a/iptables/xshared.h b/iptables/xshared.h index ee0183c8..9039a24b 100644 --- a/iptables/xshared.h +++ b/iptables/xshared.h @@ -174,4 +174,6 @@ void print_ipv6_addresses(const struct ip6t_entry *fw6, unsigned int format); void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags, unsigned int format); +void command_match(struct iptables_command_state *cs); + #endif /* IPTABLES_XSHARED_H */ diff --git a/iptables/xtables.c b/iptables/xtables.c index d6afada9..423be37f 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -644,42 +644,6 @@ static void command_jump(struct iptables_command_state *cs) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } -static void command_match(struct iptables_command_state *cs) -{ - struct xtables_match *m; - size_t size; - - if (cs->invert) - xtables_error(PARAMETER_PROBLEM, - "unexpected ! flag before --match"); - - m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); - size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size; - m->m = xtables_calloc(1, size); - m->m->u.match_size = size; - if (m->real_name == NULL) { - strcpy(m->m->u.user.name, m->name); - } else { - strcpy(m->m->u.user.name, m->real_name); - if (!(m->ext_flags & XTABLES_EXT_ALIAS)) - fprintf(stderr, "Notice: the %s match is converted into %s match " - "in rule listing and saving.\n", m->name, m->real_name); - } - m->m->u.user.revision = m->revision; - xs_init_match(m); - if (m == m->next) - return; - /* Merge options for non-cloned matches */ - if (m->x6_options != NULL) - opts = xtables_options_xfrm(xtables_globals.orig_opts, opts, - m->x6_options, &m->option_offset); - else if (m->extra_opts != NULL) - opts = xtables_merge_options(xtables_globals.orig_opts, opts, - m->extra_opts, &m->option_offset); - if (opts == NULL) - xtables_error(OTHER_PROBLEM, "can't alloc memory!"); -} - void do_parse(struct nft_handle *h, int argc, char *argv[], struct nft_xt_cmd_parse *p, struct iptables_command_state *cs, struct xtables_args *args) -- cgit v1.2.3