src: honor /etc/services

This partial patch reverts:

ccc5da470e76 ("datatype: Replace getnameinfo() by internal lookup table")
f0f99006d34b ("datatype: Replace getaddrinfo() by internal lookup table")

so /etc/services is used to interpret service names, eg.

	# nft add rule x y tcp dport \"ssh\"

Then, listing looks like:

	# nft list ruleset -l
	table x {
		chain y {
			...
			tcp dport "ssh"
		}
	}

Major changes with regards to the original approach are:

1) Services are displayed in text via `-l' option.
2) Services are user-defined, just like mappings in /etc/iproute2/*
   files and connlabel.conf, so they are displayed enclosed in quotes.

Note that original service name code was broken since it parses both udp
and tcp service names but it only displays tcp services names as
literal. This is because NI_DGRAM is missing. This patch makes nft falls
back on udp services if no literal was found in the initial tcp service
name query. Proper way to handle would be to add infrastructure to store
protocol context information in struct output_ctx.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

1 files changed, 2 insertions, 1 deletions

diff --git a/include/datatype.h b/include/datatype.h
index b641f0ed..eab505ba 100644
--- a/include/datatype.h
+++ b/include/datatype.h
@@ -221,7 +221,6 @@ extern void symbol_table_print(const struct symbol_table *tbl,
 extern struct symbol_table *rt_symbol_table_init(const char *filename);
 extern void rt_symbol_table_free(struct symbol_table *tbl);
 
-extern const struct symbol_table inet_service_tbl;
 extern struct symbol_table *mark_tbl;
 
 extern const struct datatype invalid_type;
@@ -246,6 +245,8 @@ extern const struct datatype icmpx_code_type;
 extern const struct datatype time_type;
 extern const struct datatype boolean_type;
 
+void inet_service_type_print(const struct expr *expr, struct output_ctx *octx);
+
 extern const struct datatype *concat_type_alloc(uint32_t type);
 extern void concat_type_destroy(const struct datatype *dtype);