diff options
| author | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-07-09 00:13:56 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2025-07-10 00:12:58 +0200 |
| commit | eb30f236d91a8d61ece789e28e6540b3a3fa2a6a (patch) | |
| tree | b3f7d15ce422d6f04da0c9598b90fe292305b7c0 /src | |
| parent | cfd768615235bb89650f15498c70d19813502825 (diff) | |
rule: print chain and flowtable devices in quotes
Print devices in quotes, for consistency with:
- the existing chain listing with single device:
type filter hook ingress device "lo" priority filter; policy accept
- the ifname datatype used in sets.
In general, tokens that are user-defined, not coming in the datatype
symbol list, are enclosed in quotes.
Fixes: 3fdc7541fba0 ("src: add multidevice support for netdev chain")
Acked-by: Florian Westphal <fw@strlen.de>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/rule.c | 4 |
1 files changed, 2 insertions, 2 deletions
@@ -1062,7 +1062,7 @@ static void chain_print_declaration(const struct chain *chain, } else if (chain->dev_array_len > 1) { nft_print(octx, " devices = { "); for (i = 0; i < chain->dev_array_len; i++) { - nft_print(octx, "%s", chain->dev_array[i]); + nft_print(octx, "\"%s\"", chain->dev_array[i]); if (i + 1 != chain->dev_array_len) nft_print(octx, ", "); } @@ -2149,7 +2149,7 @@ static void flowtable_print_declaration(const struct flowtable *flowtable, if (flowtable->dev_array_len > 0) { nft_print(octx, "%s%sdevices = { ", opts->tab, opts->tab); for (i = 0; i < flowtable->dev_array_len; i++) { - nft_print(octx, "%s", flowtable->dev_array[i]); + nft_print(octx, "\"%s\"", flowtable->dev_array[i]); if (i + 1 != flowtable->dev_array_len) nft_print(octx, ", "); } |