From 788c986343bc24bd0272e8aa409121ffe51f1ef3 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Mon, 15 Aug 2016 13:14:18 +0200
Subject: src: quote user-defined strings when used from rule selectors

The following selectors display strings using quotes:

* meta iifname
* meta oifname
* meta ibriport
* meta obriport

However, the following do not:

* meta oif
* meta iif
* meta skuid
* meta skgid
* meta iifgroup
* meta oifgroup
* meta rtclassid
* ct label

Given they refer to user-defined values, neither keywords nor internal
built-in known values, let's quote the output of this.

This patch modifies symbolic_constant_print() so we can signal this to
indicate if the string needs to be quoted.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/ct.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src/ct.c')

diff --git a/src/ct.c b/src/ct.c
index f6018d87..35755962 100644
--- a/src/ct.c
+++ b/src/ct.c
@@ -108,7 +108,7 @@ static void ct_label_type_print(const struct expr *expr)
 	for (s = ct_label_tbl->symbols; s->identifier != NULL; s++) {
 		if (bit != s->value)
 			continue;
-		printf("%s", s->identifier);
+		printf("\"%s\"", s->identifier);
 		return;
 	}
 	/* can happen when connlabel.conf is altered after rules were added */
-- 
cgit v1.2.3