On Friday 2008-06-06 14:02, Patrick McHardy wrote: > Lutz Jaenicke wrote: >> Hi, >> >> please find attached the re-post of a patch wrt iptables-save output >> of xt_owner patch. > > > Applied, thanks. Please remember to sign off your patches in the > future. Given enough eyeballs ... we also need the following (not compile-tested, I'm in a bad position right now) :-) commit a7761fa1fd45f26d048f899c4f64ceae30f7b86d Author: Jan Engelhardt <jengelh@xxxxxxxxxx> Date: Fri Jun 6 14:08:41 2008 +0200 libxt_owner: add spaces to output It could happen that --<arg><value> was printed on iptables-save with owner rules (owner_mt_save() function) without the obligatory space inbetween. Also transfer printing of the space character into owner_mt_print_item(). Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx> --- extensions/libxt_owner.c | 46 +++++++++++++++++++------------------- 1 files changed, 23 insertions(+), 23 deletions(-) diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index 55666e9..e8a03b5 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -419,7 +419,7 @@ owner_mt_print_item(const struct xt_owner_match_info *info, const char *label, return; if (info->invert & flag) printf("! "); - printf(label); + printf("%s ", label); switch (info->match & flag) { case XT_OWNER_UID: @@ -462,12 +462,12 @@ owner_mt_print_v0(const void *ip, const struct xt_entry_match *match, { const struct ipt_owner_info *info = (void *)match->data; - owner_mt_print_item_v0(info, "owner UID match ", IPT_OWNER_UID, numeric); - owner_mt_print_item_v0(info, "owner GID match ", IPT_OWNER_GID, numeric); - owner_mt_print_item_v0(info, "owner PID match ", IPT_OWNER_PID, numeric); - owner_mt_print_item_v0(info, "owner SID match ", IPT_OWNER_SID, numeric); + owner_mt_print_item_v0(info, "owner UID match", IPT_OWNER_UID, numeric); + owner_mt_print_item_v0(info, "owner GID match", IPT_OWNER_GID, numeric); + owner_mt_print_item_v0(info, "owner PID match", IPT_OWNER_PID, numeric); + owner_mt_print_item_v0(info, "owner SID match", IPT_OWNER_SID, numeric); #ifdef IPT_OWNER_COMM - owner_mt_print_item_v0(info, "owner CMD match ", IPT_OWNER_COMM, numeric); + owner_mt_print_item_v0(info, "owner CMD match", IPT_OWNER_COMM, numeric); #endif } @@ -477,10 +477,10 @@ owner_mt6_print_v0(const void *ip, const struct xt_entry_match *match, { const struct ip6t_owner_info *info = (void *)match->data; - owner_mt6_print_item_v0(info, "owner UID match ", IPT_OWNER_UID, numeric); - owner_mt6_print_item_v0(info, "owner GID match ", IPT_OWNER_GID, numeric); - owner_mt6_print_item_v0(info, "owner PID match ", IPT_OWNER_PID, numeric); - owner_mt6_print_item_v0(info, "owner SID match ", IPT_OWNER_SID, numeric); + owner_mt6_print_item_v0(info, "owner UID match", IPT_OWNER_UID, numeric); + owner_mt6_print_item_v0(info, "owner GID match", IPT_OWNER_GID, numeric); + owner_mt6_print_item_v0(info, "owner PID match", IPT_OWNER_PID, numeric); + owner_mt6_print_item_v0(info, "owner SID match", IPT_OWNER_SID, numeric); } static void owner_mt_print(const void *ip, const struct xt_entry_match *match, @@ -488,9 +488,9 @@ static void owner_mt_print(const void *ip, const struct xt_entry_match *match, { const struct xt_owner_match_info *info = (void *)match->data; - owner_mt_print_item(info, "owner socket exists ", XT_OWNER_SOCKET, numeric); - owner_mt_print_item(info, "owner UID match ", XT_OWNER_UID, numeric); - owner_mt_print_item(info, "owner GID match ", XT_OWNER_GID, numeric); + owner_mt_print_item(info, "owner socket exists", XT_OWNER_SOCKET, numeric); + owner_mt_print_item(info, "owner UID match", XT_OWNER_UID, numeric); + owner_mt_print_item(info, "owner GID match", XT_OWNER_GID, numeric); } static void @@ -498,12 +498,12 @@ owner_mt_save_v0(const void *ip, const struct xt_entry_match *match) { const struct ipt_owner_info *info = (void *)match->data; - owner_mt_print_item_v0(info, "--uid-owner ", IPT_OWNER_UID, true); - owner_mt_print_item_v0(info, "--gid-owner ", IPT_OWNER_GID, true); - owner_mt_print_item_v0(info, "--pid-owner ", IPT_OWNER_PID, true); - owner_mt_print_item_v0(info, "--sid-owner ", IPT_OWNER_SID, true); + owner_mt_print_item_v0(info, "--uid-owner", IPT_OWNER_UID, true); + owner_mt_print_item_v0(info, "--gid-owner", IPT_OWNER_GID, true); + owner_mt_print_item_v0(info, "--pid-owner", IPT_OWNER_PID, true); + owner_mt_print_item_v0(info, "--sid-owner", IPT_OWNER_SID, true); #ifdef IPT_OWNER_COMM - owner_mt_print_item_v0(info, "--cmd-owner ", IPT_OWNER_COMM, true); + owner_mt_print_item_v0(info, "--cmd-owner", IPT_OWNER_COMM, true); #endif } @@ -512,17 +512,17 @@ owner_mt6_save_v0(const void *ip, const struct xt_entry_match *match) { const struct ip6t_owner_info *info = (void *)match->data; - owner_mt6_print_item_v0(info, "--uid-owner ", IPT_OWNER_UID, true); - owner_mt6_print_item_v0(info, "--gid-owner ", IPT_OWNER_GID, true); - owner_mt6_print_item_v0(info, "--pid-owner ", IPT_OWNER_PID, true); - owner_mt6_print_item_v0(info, "--sid-owner ", IPT_OWNER_SID, true); + owner_mt6_print_item_v0(info, "--uid-owner", IPT_OWNER_UID, true); + owner_mt6_print_item_v0(info, "--gid-owner", IPT_OWNER_GID, true); + owner_mt6_print_item_v0(info, "--pid-owner", IPT_OWNER_PID, true); + owner_mt6_print_item_v0(info, "--sid-owner", IPT_OWNER_SID, true); } static void owner_mt_save(const void *ip, const struct xt_entry_match *match) { const struct xt_owner_match_info *info = (void *)match->data; - owner_mt_print_item(info, "--socket-exists ", XT_OWNER_SOCKET, false); + owner_mt_print_item(info, "--socket-exists", XT_OWNER_SOCKET, false); owner_mt_print_item(info, "--uid-owner", XT_OWNER_UID, false); owner_mt_print_item(info, "--gid-owner", XT_OWNER_GID, false); } -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html