Also one int -> uint here on the way through.
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
ip6tables.c | 27 ++++++++++++++-------------
iptables.c | 25 +++++++++++++------------
2 files changed, 27 insertions(+), 25 deletions(-)
diff --git a/ip6tables.c b/ip6tables.c
index 9b1629e..0284791 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -160,7 +160,7 @@ struct xtables_globals ip6tables_globals = {
* optional
*/
-static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
+static const char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
/* Well, it's better than "Re: Linux vs FreeBSD" */
{
/* -n -s -d -p -j -v -x -i -o --line -c */
@@ -180,7 +180,7 @@ static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
/*LIST_RULES*/{'x','x','x','x','x',' ','x','x','x','x','x'}
};
-static int inverse_for_options[NUMBER_OF_OPT] =
+static const unsigned int inverse_for_options[NUMBER_OF_OPT] =
{
/* -n */ 0,
/* -s */ IP6T_INV_SRCIP,
@@ -201,7 +201,7 @@ static int inverse_for_options[NUMBER_OF_OPT] =
/* A few hardcoded protocols for 'all' and in case the user has no
/etc/protocols */
struct pprot {
- char *name;
+ const char *name;
u_int8_t num;
};
@@ -211,7 +211,7 @@ proto_to_name(u_int8_t proto, int nolookup)
unsigned int i;
if (proto && !nolookup) {
- struct protoent *pent = getprotobynumber(proto);
+ const struct protoent *pent = getprotobynumber(proto);
if (pent)
return pent->p_name;
}
@@ -235,7 +235,7 @@ exit_tryhelp(int status)
}
static void
-exit_printhelp(struct xtables_rule_match *matches)
+exit_printhelp(const struct xtables_rule_match *matches)
{
printf("%s v%s\n\n"
"Usage: %s -[AD] chain rule-specification [options]\n"
@@ -569,7 +569,7 @@ print_match(const struct ip6t_entry_match *m,
const struct ip6t_ip6 *ip,
int numeric)
{
- struct xtables_match *match =
+ const struct xtables_match *match =
xtables_find_match(m->u.user.name, XTF_TRY_LOAD, NULL);
if (match) {
@@ -593,7 +593,7 @@ print_firewall(const struct ip6t_entry *fw,
unsigned int format,
struct ip6tc_handle *const handle)
{
- struct xtables_target *target = NULL;
+ const struct xtables_target *target = NULL;
const struct ip6t_entry_target *t;
u_int8_t flags;
char buf[BUFSIZ];
@@ -804,12 +804,12 @@ insert_entry(const ip6t_chainlabel chain,
}
static unsigned char *
-make_delete_mask(struct xtables_rule_match *matches,
+make_delete_mask(const struct xtables_rule_match *matches,
const struct xtables_target *target)
{
/* Establish mask for comparison */
unsigned int size;
- struct xtables_rule_match *matchp;
+ const struct xtables_rule_match *matchp;
unsigned char *mask, *mptr;
size = sizeof(struct ip6t_entry);
@@ -1035,7 +1035,7 @@ static void print_proto(u_int16_t proto, int invert)
unsigned int i;
const char *invertstr = invert ? "! " : "";
- struct protoent *pent = getprotobynumber(proto);
+ const struct protoent *pent = getprotobynumber(proto);
if (pent) {
printf("%s-p %s ",
invertstr, pent->p_name);
@@ -1056,7 +1056,7 @@ static void print_proto(u_int16_t proto, int invert)
static int print_match_save(const struct ip6t_entry_match *e,
const struct ip6t_ip6 *ip)
{
- struct xtables_match *match =
+ const struct xtables_match *match =
xtables_find_match(e->u.user.name, XTF_TRY_LOAD, NULL);
if (match) {
@@ -1077,7 +1077,8 @@ static int print_match_save(const struct ip6t_entry_match *e,
}
/* print a given ip including mask if neccessary */
-static void print_ip(char *prefix, const struct in6_addr *ip, const struct in6_addr *mask, int invert)
+static void print_ip(const char *prefix, const struct in6_addr *ip,
+ const struct in6_addr *mask, int invert)
{
char buf[51];
int l = ipv6_prefix_length(mask);
@@ -1101,7 +1102,7 @@ static void print_ip(char *prefix, const struct in6_addr *ip, const struct in6_a
void print_rule(const struct ip6t_entry *e,
struct ip6tc_handle *h, const char *chain, int counters)
{
- struct ip6t_entry_target *t;
+ const struct ip6t_entry_target *t;
const char *target_name;
/* print counters for iptables-save */
diff --git a/iptables.c b/iptables.c
index 1127bdd..342ea04 100644
--- a/iptables.c
+++ b/iptables.c
@@ -160,7 +160,7 @@ struct xtables_globals iptables_globals = {
* optional
*/
-static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
+static const char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
/* Well, it's better than "Re: Linux vs FreeBSD" */
{
/* -n -s -d -p -j -v -x -i -o -f --line -c */
@@ -180,7 +180,7 @@ static char commands_v_options[NUMBER_OF_CMD][NUMBER_OF_OPT] =
/*LIST_RULES*/{'x','x','x','x','x',' ','x','x','x','x','x','x'}
};
-static int inverse_for_options[NUMBER_OF_OPT] =
+static const int inverse_for_options[NUMBER_OF_OPT] =
{
/* -n */ 0,
/* -s */ IPT_INV_SRCIP,
@@ -248,7 +248,7 @@ exit_tryhelp(int status)
}
static void
-exit_printhelp(struct xtables_rule_match *matches)
+exit_printhelp(const struct xtables_rule_match *matches)
{
printf("%s v%s\n\n"
"Usage: %s -[AD] chain rule-specification [options]\n"
@@ -573,7 +573,7 @@ print_match(const struct ipt_entry_match *m,
const struct ipt_ip *ip,
int numeric)
{
- struct xtables_match *match =
+ const struct xtables_match *match =
xtables_find_match(m->u.user.name, XTF_TRY_LOAD, NULL);
if (match) {
@@ -597,7 +597,7 @@ print_firewall(const struct ipt_entry *fw,
unsigned int format,
struct iptc_handle *const handle)
{
- struct xtables_target *target = NULL;
+ const struct xtables_target *target = NULL;
const struct ipt_entry_target *t;
u_int8_t flags;
char buf[BUFSIZ];
@@ -806,12 +806,12 @@ insert_entry(const ipt_chainlabel chain,
}
static unsigned char *
-make_delete_mask(struct xtables_rule_match *matches,
+make_delete_mask(const struct xtables_rule_match *matches,
const struct xtables_target *target)
{
/* Establish mask for comparison */
unsigned int size;
- struct xtables_rule_match *matchp;
+ const struct xtables_rule_match *matchp;
unsigned char *mask, *mptr;
size = sizeof(struct ipt_entry);
@@ -1008,7 +1008,7 @@ static void print_proto(u_int16_t proto, int invert)
unsigned int i;
const char *invertstr = invert ? "! " : "";
- struct protoent *pent = getprotobynumber(proto);
+ const struct protoent *pent = getprotobynumber(proto);
if (pent) {
printf("%s-p %s ", invertstr, pent->p_name);
return;
@@ -1064,7 +1064,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
static int print_match_save(const struct ipt_entry_match *e,
const struct ipt_ip *ip)
{
- struct xtables_match *match =
+ const struct xtables_match *match =
xtables_find_match(e->u.user.name, XTF_TRY_LOAD, NULL);
if (match) {
@@ -1085,7 +1085,8 @@ static int print_match_save(const struct ipt_entry_match *e,
}
/* print a given ip including mask if neccessary */
-static void print_ip(char *prefix, u_int32_t ip, u_int32_t mask, int invert)
+static void print_ip(const char *prefix, u_int32_t ip,
+ u_int32_t mask, int invert)
{
u_int32_t bits, hmask = ntohl(mask);
int i;
@@ -1118,7 +1119,7 @@ static void print_ip(char *prefix, u_int32_t ip, u_int32_t mask, int invert)
void print_rule(const struct ipt_entry *e,
struct iptc_handle *h, const char *chain, int counters)
{
- struct ipt_entry_target *t;
+ const struct ipt_entry_target *t;
const char *target_name;
/* print counters for iptables-save */
@@ -1168,7 +1169,7 @@ void print_rule(const struct ipt_entry *e,
/* Print targinfo part */
t = ipt_get_target((struct ipt_entry *)e);
if (t->u.user.name[0]) {
- struct xtables_target *target =
+ const struct xtables_target *target =
xtables_find_target(t->u.user.name, XTF_TRY_LOAD);
if (!target) {
--
1.7.1
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
