Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx> --- ip6tables.c | 48 ++++++++++++++++++++++++++---------------------- iptables.c | 59 +++++++++++++++++++++++++++++------------------------------ 2 files changed, 55 insertions(+), 52 deletions(-) diff --git a/ip6tables.c b/ip6tables.c index eb28dc0..5a550bf 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -1329,6 +1329,29 @@ static void command_jump(struct iptables_command_state *cs) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } +static void command_match(struct iptables_command_state *cs) +{ + struct xtables_match *m; + size_t size; + + if (cs->invert) + xtables_error(PARAMETER_PROBLEM, + "unexpected ! flag before --match"); + + m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); + size = IP6T_ALIGN(sizeof(struct ip6t_entry_match)) + m->size; + m->m = xtables_calloc(1, size); + m->m->u.match_size = size; + strcpy(m->m->u.user.name, m->name); + m->m->u.user.revision = m->revision; + if (m->init != NULL) + m->init(m->m); + if (m != m->next) + /* Merge options for non-cloned matches */ + opts = xtables_merge_options(ip6tables_globals.orig_opts, opts, + m->extra_opts, &m->option_offset); +} + int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **handle) { struct iptables_command_state cs; @@ -1617,28 +1640,9 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand verbose++; break; - case 'm': { - size_t size; - - if (cs.invert) - xtables_error(PARAMETER_PROBLEM, - "unexpected ! flag before --match"); - - m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, - &cs.matches); - size = IP6T_ALIGN(sizeof(struct ip6t_entry_match)) - + m->size; - m->m = xtables_calloc(1, size); - m->m->u.match_size = size; - strcpy(m->m->u.user.name, m->name); - m->m->u.user.revision = m->revision; - if (m->init != NULL) - m->init(m->m); - if (m != m->next) - /* Merge options for non-cloned matches */ - opts = xtables_merge_options(ip6tables_globals.orig_opts, opts, m->extra_opts, &m->option_offset); - } - break; + case 'm': + command_match(&cs); + break; case 'n': set_option(&cs.options, OPT_NUMERIC, &cs.fw6.ipv6.invflags, diff --git a/iptables.c b/iptables.c index 354bc9c..6f5616b 100644 --- a/iptables.c +++ b/iptables.c @@ -1356,6 +1356,32 @@ static void command_jump(struct iptables_command_state *cs) xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } +static void command_match(struct iptables_command_state *cs) +{ + struct xtables_match *m; + size_t size; + + if (cs->invert) + xtables_error(PARAMETER_PROBLEM, + "unexpected ! flag before --match"); + + m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, &cs->matches); + size = IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size; + m->m = xtables_calloc(1, size); + m->m->u.match_size = size; + strcpy(m->m->u.user.name, m->name); + m->m->u.user.revision = m->revision; + if (m->init != NULL) + m->init(m->m); + if (m != m->next) { + /* Merge options for non-cloned matches */ + opts = xtables_merge_options(iptables_globals.orig_opts, opts, + m->extra_opts, &m->option_offset); + if (opts == NULL) + xtables_error(OTHER_PROBLEM, "can't alloc memory!"); + } +} + int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle) { struct iptables_command_state cs; @@ -1642,36 +1668,9 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle verbose++; break; - case 'm': { - size_t size; - - if (cs.invert) - xtables_error(PARAMETER_PROBLEM, - "unexpected ! flag before --match"); - - m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, - &cs.matches); - size = IPT_ALIGN(sizeof(struct ipt_entry_match)) - + m->size; - m->m = xtables_calloc(1, size); - m->m->u.match_size = size; - strcpy(m->m->u.user.name, m->name); - m->m->u.user.revision = m->revision; - if (m->init != NULL) - m->init(m->m); - if (m != m->next) { - /* Merge options for non-cloned matches */ - opts = xtables_merge_options( - iptables_globals.orig_opts, - opts, - m->extra_opts, - &m->option_offset); - if (opts == NULL) - xtables_error(OTHER_PROBLEM, - "can't alloc memory!"); - } - } - break; + case 'm': + command_match(&cs); + break; case 'n': set_option(&cs.options, OPT_NUMERIC, &cs.fw.ip.invflags, -- 1.7.1 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html