Re: Resend: [PATCH] Fix iptables-save output of libxt_owner match

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Friday 2008-06-06 14:02, Patrick McHardy wrote:

> Lutz Jaenicke wrote:
>> Hi,
>> 
>> please find attached the re-post of a patch wrt iptables-save output
>> of xt_owner patch.
>
>
> Applied, thanks. Please remember to sign off your patches in the
> future.

Given enough eyeballs ... we also need the following (not compile-tested,
I'm in a bad position right now) :-)


commit a7761fa1fd45f26d048f899c4f64ceae30f7b86d
Author: Jan Engelhardt <jengelh@xxxxxxxxxx>
Date:   Fri Jun 6 14:08:41 2008 +0200

libxt_owner: add spaces to output
    
It could happen that --<arg><value> was printed on iptables-save with
owner rules (owner_mt_save() function) without the obligatory space
inbetween. Also transfer printing of the space character into
owner_mt_print_item().
    
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
 extensions/libxt_owner.c |   46 +++++++++++++++++++-------------------
 1 files changed, 23 insertions(+), 23 deletions(-)

diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index 55666e9..e8a03b5 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -419,7 +419,7 @@ owner_mt_print_item(const struct xt_owner_match_info *info, const char *label,
 		return;
 	if (info->invert & flag)
 		printf("! ");
-	printf(label);
+	printf("%s ", label);
 
 	switch (info->match & flag) {
 	case XT_OWNER_UID:
@@ -462,12 +462,12 @@ owner_mt_print_v0(const void *ip, const struct xt_entry_match *match,
 {
 	const struct ipt_owner_info *info = (void *)match->data;
 
-	owner_mt_print_item_v0(info, "owner UID match ", IPT_OWNER_UID, numeric);
-	owner_mt_print_item_v0(info, "owner GID match ", IPT_OWNER_GID, numeric);
-	owner_mt_print_item_v0(info, "owner PID match ", IPT_OWNER_PID, numeric);
-	owner_mt_print_item_v0(info, "owner SID match ", IPT_OWNER_SID, numeric);
+	owner_mt_print_item_v0(info, "owner UID match", IPT_OWNER_UID, numeric);
+	owner_mt_print_item_v0(info, "owner GID match", IPT_OWNER_GID, numeric);
+	owner_mt_print_item_v0(info, "owner PID match", IPT_OWNER_PID, numeric);
+	owner_mt_print_item_v0(info, "owner SID match", IPT_OWNER_SID, numeric);
 #ifdef IPT_OWNER_COMM
-	owner_mt_print_item_v0(info, "owner CMD match ", IPT_OWNER_COMM, numeric);
+	owner_mt_print_item_v0(info, "owner CMD match", IPT_OWNER_COMM, numeric);
 #endif
 }
 
@@ -477,10 +477,10 @@ owner_mt6_print_v0(const void *ip, const struct xt_entry_match *match,
 {
 	const struct ip6t_owner_info *info = (void *)match->data;
 
-	owner_mt6_print_item_v0(info, "owner UID match ", IPT_OWNER_UID, numeric);
-	owner_mt6_print_item_v0(info, "owner GID match ", IPT_OWNER_GID, numeric);
-	owner_mt6_print_item_v0(info, "owner PID match ", IPT_OWNER_PID, numeric);
-	owner_mt6_print_item_v0(info, "owner SID match ", IPT_OWNER_SID, numeric);
+	owner_mt6_print_item_v0(info, "owner UID match", IPT_OWNER_UID, numeric);
+	owner_mt6_print_item_v0(info, "owner GID match", IPT_OWNER_GID, numeric);
+	owner_mt6_print_item_v0(info, "owner PID match", IPT_OWNER_PID, numeric);
+	owner_mt6_print_item_v0(info, "owner SID match", IPT_OWNER_SID, numeric);
 }
 
 static void owner_mt_print(const void *ip, const struct xt_entry_match *match,
@@ -488,9 +488,9 @@ static void owner_mt_print(const void *ip, const struct xt_entry_match *match,
 {
 	const struct xt_owner_match_info *info = (void *)match->data;
 
-	owner_mt_print_item(info, "owner socket exists ", XT_OWNER_SOCKET, numeric);
-	owner_mt_print_item(info, "owner UID match ",     XT_OWNER_UID,    numeric);
-	owner_mt_print_item(info, "owner GID match ",     XT_OWNER_GID,    numeric);
+	owner_mt_print_item(info, "owner socket exists", XT_OWNER_SOCKET, numeric);
+	owner_mt_print_item(info, "owner UID match",     XT_OWNER_UID,    numeric);
+	owner_mt_print_item(info, "owner GID match",     XT_OWNER_GID,    numeric);
 }
 
 static void
@@ -498,12 +498,12 @@ owner_mt_save_v0(const void *ip, const struct xt_entry_match *match)
 {
 	const struct ipt_owner_info *info = (void *)match->data;
 
-	owner_mt_print_item_v0(info, "--uid-owner ", IPT_OWNER_UID, true);
-	owner_mt_print_item_v0(info, "--gid-owner ", IPT_OWNER_GID, true);
-	owner_mt_print_item_v0(info, "--pid-owner ", IPT_OWNER_PID, true);
-	owner_mt_print_item_v0(info, "--sid-owner ", IPT_OWNER_SID, true);
+	owner_mt_print_item_v0(info, "--uid-owner", IPT_OWNER_UID, true);
+	owner_mt_print_item_v0(info, "--gid-owner", IPT_OWNER_GID, true);
+	owner_mt_print_item_v0(info, "--pid-owner", IPT_OWNER_PID, true);
+	owner_mt_print_item_v0(info, "--sid-owner", IPT_OWNER_SID, true);
 #ifdef IPT_OWNER_COMM
-	owner_mt_print_item_v0(info, "--cmd-owner ", IPT_OWNER_COMM, true);
+	owner_mt_print_item_v0(info, "--cmd-owner", IPT_OWNER_COMM, true);
 #endif
 }
 
@@ -512,17 +512,17 @@ owner_mt6_save_v0(const void *ip, const struct xt_entry_match *match)
 {
 	const struct ip6t_owner_info *info = (void *)match->data;
 
-	owner_mt6_print_item_v0(info, "--uid-owner ", IPT_OWNER_UID, true);
-	owner_mt6_print_item_v0(info, "--gid-owner ", IPT_OWNER_GID, true);
-	owner_mt6_print_item_v0(info, "--pid-owner ", IPT_OWNER_PID, true);
-	owner_mt6_print_item_v0(info, "--sid-owner ", IPT_OWNER_SID, true);
+	owner_mt6_print_item_v0(info, "--uid-owner", IPT_OWNER_UID, true);
+	owner_mt6_print_item_v0(info, "--gid-owner", IPT_OWNER_GID, true);
+	owner_mt6_print_item_v0(info, "--pid-owner", IPT_OWNER_PID, true);
+	owner_mt6_print_item_v0(info, "--sid-owner", IPT_OWNER_SID, true);
 }
 
 static void owner_mt_save(const void *ip, const struct xt_entry_match *match)
 {
 	const struct xt_owner_match_info *info = (void *)match->data;
 
-	owner_mt_print_item(info, "--socket-exists ", XT_OWNER_SOCKET, false);
+	owner_mt_print_item(info, "--socket-exists",  XT_OWNER_SOCKET, false);
 	owner_mt_print_item(info, "--uid-owner",      XT_OWNER_UID,    false);
 	owner_mt_print_item(info, "--gid-owner",      XT_OWNER_GID,    false);
 }
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux