From a323c28331a4807252b11a7a078dc68af82399ef Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 22 Oct 2019 20:06:11 +0200 Subject: xshared: Share print_fragment() with legacy Also add a fake mode to make it suitable for ip6tables. This is required because IPT_F_FRAG value clashes with IP6T_F_PROTO, so ip6tables rules might seem to have IPT_F_FRAG bit set. While being at it, drop the local variable 'flags' from print_firewall(). Signed-off-by: Phil Sutter --- iptables/iptables.c | 10 +--------- 1 file changed, 1 insertion(+), 9 deletions(-) (limited to 'iptables/iptables.c') diff --git a/iptables/iptables.c b/iptables/iptables.c index 29da40b1..12a5423e 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -311,7 +311,6 @@ print_firewall(const struct ipt_entry *fw, { struct xtables_target *target, *tg; const struct xt_entry_target *t; - uint8_t flags; if (!iptc_is_chain(targname, handle)) target = xtables_find_target(targname, XTF_TRY_LOAD); @@ -320,18 +319,11 @@ print_firewall(const struct ipt_entry *fw, XTF_LOAD_MUST_SUCCEED); t = ipt_get_target((struct ipt_entry *)fw); - flags = fw->ip.flags; print_rule_details(num, &fw->counters, targname, fw->ip.proto, fw->ip.flags, fw->ip.invflags, format); - if (format & FMT_OPTIONS) { - if (format & FMT_NOTABLE) - fputs("opt ", stdout); - fputc(fw->ip.invflags & IPT_INV_FRAG ? '!' : '-', stdout); - fputc(flags & IPT_F_FRAG ? 'f' : '-', stdout); - fputc(' ', stdout); - } + print_fragment(fw->ip.flags, fw->ip.invflags, format, false); print_ifaces(fw->ip.iniface, fw->ip.outiface, fw->ip.invflags, format); -- cgit v1.2.3