From b5881e7f22d42a8b00acbdbab296b71572ddb903 Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Fri, 5 Nov 2021 17:45:48 +0100 Subject: nft: Change whitespace printing in save_rule callback This aligns whitespace printing with legacy iptables' print_rule4() in order to prepare for further code-sharing. Signed-off-by: Phil Sutter --- iptables/nft-arp.c | 1 + iptables/nft-bridge.c | 10 ++++++++-- iptables/nft-ipv4.c | 6 +++--- iptables/nft-ipv6.c | 8 ++++---- iptables/nft-shared.c | 26 ++++++++++++-------------- iptables/nft.c | 4 ++-- 6 files changed, 30 insertions(+), 25 deletions(-) diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c index 32eb91ad..b7536e61 100644 --- a/iptables/nft-arp.c +++ b/iptables/nft-arp.c @@ -479,6 +479,7 @@ nft_arp_save_rule(const void *data, unsigned int format) format |= FMT_NUMERIC; + printf(" "); nft_arp_print_rule_details(cs, format); if (cs->target && cs->target->save) cs->target->save(&cs->fw, cs->target->t); diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c index 11f3df35..cc2a48db 100644 --- a/iptables/nft-bridge.c +++ b/iptables/nft-bridge.c @@ -601,7 +601,7 @@ static void print_protocol(uint16_t ethproto, bool invert, unsigned int bitmask) printf("%s ", ent->e_name); } -static void nft_bridge_save_rule(const void *data, unsigned int format) +static void __nft_bridge_save_rule(const void *data, unsigned int format) { const struct iptables_command_state *cs = data; @@ -652,6 +652,12 @@ static void nft_bridge_save_rule(const void *data, unsigned int format) fputc('\n', stdout); } +static void nft_bridge_save_rule(const void *data, unsigned int format) +{ + printf(" "); + __nft_bridge_save_rule(data, format); +} + static void nft_bridge_print_rule(struct nft_handle *h, struct nftnl_rule *r, unsigned int num, unsigned int format) { @@ -661,7 +667,7 @@ static void nft_bridge_print_rule(struct nft_handle *h, struct nftnl_rule *r, printf("%d ", num); nft_rule_to_ebtables_command_state(h, r, &cs); - nft_bridge_save_rule(&cs, format); + __nft_bridge_save_rule(&cs, format); ebt_cs_clean(&cs); } diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c index febd7673..287112d0 100644 --- a/iptables/nft-ipv4.c +++ b/iptables/nft-ipv4.c @@ -303,7 +303,7 @@ static void save_ipv4_addr(char letter, const struct in_addr *addr, if (!mask && !invert && !addr->s_addr) return; - printf("%s-%c %s/%s ", invert ? "! " : "", letter, + printf("%s -%c %s/%s", invert ? " !" : "", letter, inet_ntop(AF_INET, addr, addrbuf, sizeof(addrbuf)), mask_to_str(mask)); } @@ -323,8 +323,8 @@ static void nft_ipv4_save_rule(const void *data, unsigned int format) if (cs->fw.ip.flags & IPT_F_FRAG) { if (cs->fw.ip.invflags & IPT_INV_FRAG) - printf("! "); - printf("-f "); + printf(" !"); + printf(" -f"); } save_matches_and_target(cs, cs->fw.ip.flags & IPT_F_GOTO, diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c index f0e64bbd..845937b1 100644 --- a/iptables/nft-ipv6.c +++ b/iptables/nft-ipv6.c @@ -234,14 +234,14 @@ static void save_ipv6_addr(char letter, const struct in6_addr *addr, if (!invert && l == 0) return; - printf("%s-%c %s", - invert ? "! " : "", letter, + printf("%s -%c %s", + invert ? " !" : "", letter, inet_ntop(AF_INET6, addr, addr_str, sizeof(addr_str))); if (l == -1) - printf("/%s ", inet_ntop(AF_INET6, mask, addr_str, sizeof(addr_str))); + printf("/%s", inet_ntop(AF_INET6, mask, addr_str, sizeof(addr_str))); else - printf("/%d ", l); + printf("/%d", l); } static void nft_ipv6_save_rule(const void *data, unsigned int format) diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index 72727270..082cc0e2 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -793,7 +793,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask, int inv) if (mask[0] == 0) return; - printf("%s-%c ", inv ? "! " : "", letter); + printf("%s -%c ", inv ? " !" : "", letter); for (i = 0; i < IFNAMSIZ; i++) { if (mask[i] != 0) { @@ -805,8 +805,6 @@ print_iface(char letter, const char *iface, const unsigned char *mask, int inv) break; } } - - printf(" "); } void save_rule_details(const struct iptables_command_state *cs, @@ -829,12 +827,12 @@ void save_rule_details(const struct iptables_command_state *cs, const char *pname = proto_to_name(proto, 0); if (invflags & XT_INV_PROTO) - printf("! "); + printf(" !"); if (pname) - printf("-p %s ", pname); + printf(" -p %s", pname); else - printf("-p %u ", proto); + printf(" -p %u", proto); } } @@ -856,33 +854,33 @@ void save_matches_and_target(const struct iptables_command_state *cs, for (matchp = cs->matches; matchp; matchp = matchp->next) { if (matchp->match->alias) { - printf("-m %s", + printf(" -m %s", matchp->match->alias(matchp->match->m)); } else - printf("-m %s", matchp->match->name); + printf(" -m %s", matchp->match->name); if (matchp->match->save != NULL) { /* cs->fw union makes the trick */ matchp->match->save(fw, matchp->match->m); } - printf(" "); } if ((format & (FMT_NOCOUNTS | FMT_C_COUNTS)) == FMT_C_COUNTS) - printf("-c %llu %llu ", + printf(" -c %llu %llu", (unsigned long long)cs->counters.pcnt, (unsigned long long)cs->counters.bcnt); if (cs->target != NULL) { if (cs->target->alias) { - printf("-j %s", cs->target->alias(cs->target->t)); + printf(" -j %s", cs->target->alias(cs->target->t)); } else - printf("-j %s", cs->jumpto); + printf(" -j %s", cs->jumpto); - if (cs->target->save != NULL) + if (cs->target->save != NULL) { cs->target->save(fw, cs->target->t); + } } else if (strlen(cs->jumpto) > 0) { - printf("-%c %s", goto_flag ? 'g' : 'j', cs->jumpto); + printf(" -%c %s", goto_flag ? 'g' : 'j', cs->jumpto); } printf("\n"); diff --git a/iptables/nft.c b/iptables/nft.c index 1d3f3a3d..282d417f 100644 --- a/iptables/nft.c +++ b/iptables/nft.c @@ -1513,10 +1513,10 @@ nft_rule_print_save(struct nft_handle *h, const struct nftnl_rule *r, /* print chain name */ switch(type) { case NFT_RULE_APPEND: - printf("-A %s ", chain); + printf("-A %s", chain); break; case NFT_RULE_DEL: - printf("-D %s ", chain); + printf("-D %s", chain); break; } -- cgit v1.2.3