[PATCH 09/11] src: move jump option handling from do_command6 into its own function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
---
 ip6tables.c |   72 ++++++++++++++++++++++++++++-------------------------
 iptables.c  |   79 ++++++++++++++++++++++++++++++----------------------------
 xshared.h   |    1 +
 3 files changed, 80 insertions(+), 72 deletions(-)

diff --git a/ip6tables.c b/ip6tables.c
index c475bf2..eb28dc0 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1302,6 +1302,33 @@ static void command_default(struct iptables_command_state *cs)
 	xtables_error(PARAMETER_PROBLEM, "Unknown arg \"%s\"", optarg);
 }
 
+static void command_jump(struct iptables_command_state *cs)
+{
+	size_t size;
+
+	set_option(&cs->options, OPT_JUMP, &cs->fw6.ipv6.invflags, cs->invert);
+	cs->jumpto = parse_target(optarg);
+	/* TRY_LOAD (may be chain name) */
+	cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
+
+	if (cs->target == NULL)
+		return;
+
+	size = IP6T_ALIGN(sizeof(struct ip6t_entry_target)) + cs->target->size;
+
+	cs->target->t = xtables_calloc(1, size);
+	cs->target->t->u.target_size = size;
+	strcpy(cs->target->t->u.user.name, cs->jumpto);
+	cs->target->t->u.user.revision = cs->target->revision;
+	if (cs->target->init != NULL)
+		cs->target->init(cs->target->t);
+	opts = xtables_merge_options(ip6tables_globals.orig_opts, opts,
+				     cs->target->extra_opts,
+				     &cs->target->option_offset);
+	if (opts == NULL)
+		xtables_error(OTHER_PROBLEM, "can't alloc memory!");
+}
+
 int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **handle)
 {
 	struct iptables_command_state cs;
@@ -1320,10 +1347,10 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 	struct xtables_match *m;
 	struct xtables_rule_match *matchp;
 	struct xtables_target *t;
-	const char *jumpto = "";
 	unsigned long long cnt;
 
 	memset(&cs, 0, sizeof(cs));
+	cs.jumpto = "";
 	cs.argv = argv;
 
 	/* re-set optind to 0 in case do_command gets called
@@ -1548,36 +1575,12 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 			set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
 					cs.invert);
 			cs.fw6.ipv6.flags |= IP6T_F_GOTO;
-			jumpto = parse_target(optarg);
+			cs.jumpto = parse_target(optarg);
 			break;
 #endif
 
 		case 'j':
-			set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
-				   cs.invert);
-			jumpto = parse_target(optarg);
-			/* TRY_LOAD (may be chain name) */
-			cs.target = xtables_find_target(jumpto, XTF_TRY_LOAD);
-
-			if (cs.target) {
-				size_t size;
-
-				size = IP6T_ALIGN(sizeof(struct ip6t_entry_target))
-					+ cs.target->size;
-
-				cs.target->t = xtables_calloc(1, size);
-				cs.target->t->u.target_size = size;
-				strcpy(cs.target->t->u.user.name, jumpto);
-				cs.target->t->u.user.revision = cs.target->revision;
-				if (cs.target->init != NULL)
-					cs.target->init(cs.target->t);
-				opts = xtables_merge_options(ip6tables_globals.orig_opts, opts,
-						     cs.target->extra_opts,
-						     &cs.target->option_offset);
-				if (opts == NULL)
-					xtables_error(OTHER_PROBLEM,
-						   "can't alloc memory!");
-			}
+			command_jump(&cs);
 			break;
 
 
@@ -1806,10 +1809,10 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 					   chain);
 		}
 
-		if (cs.target && ip6tc_is_chain(jumpto, *handle)) {
+		if (cs.target && ip6tc_is_chain(cs.jumpto, *handle)) {
 			fprintf(stderr,
 				"Warning: using chain %s, not extension\n",
-				jumpto);
+				cs.jumpto);
 
 			if (cs.target->t)
 				free(cs.target->t);
@@ -1820,8 +1823,8 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 		/* If they didn't specify a target, or it's a chain
 		   name, use standard. */
 		if (!cs.target
-		    && (strlen(jumpto) == 0
-			|| ip6tc_is_chain(jumpto, *handle))) {
+		    && (strlen(cs.jumpto) == 0
+			|| ip6tc_is_chain(cs.jumpto, *handle))) {
 			size_t size;
 
 			cs.target = xtables_find_target(IP6T_STANDARD_TARGET,
@@ -1831,7 +1834,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 				+ cs.target->size;
 			cs.target->t = xtables_calloc(1, size);
 			cs.target->t->u.target_size = size;
-			strcpy(cs.target->t->u.user.name, jumpto);
+			strcpy(cs.target->t->u.user.name, cs.jumpto);
 			if (cs.target->init != NULL)
 				cs.target->init(cs.target->t);
 		}
@@ -1844,9 +1847,10 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
 #ifdef IP6T_F_GOTO
 			if (cs.fw6.ipv6.flags & IP6T_F_GOTO)
 				xtables_error(PARAMETER_PROBLEM,
-						"goto '%s' is not a chain\n", jumpto);
+						"goto '%s' is not a chain\n",
+						cs.jumpto);
 #endif
-			xtables_find_target(jumpto, XTF_LOAD_MUST_SUCCEED);
+			xtables_find_target(cs.jumpto, XTF_LOAD_MUST_SUCCEED);
 		} else {
 			e = generate_entry(&cs.fw6, cs.matches, cs.target->t);
 			free(cs.target->t);
diff --git a/iptables.c b/iptables.c
index 96732b4..354bc9c 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1328,6 +1328,34 @@ static void command_default(struct iptables_command_state *cs)
 	xtables_error(PARAMETER_PROBLEM, "Unknown arg \"%s\"", optarg);
 }
 
+static void command_jump(struct iptables_command_state *cs)
+{
+	size_t size;
+
+	set_option(&cs->options, OPT_JUMP, &cs->fw.ip.invflags, cs->invert);
+	cs->jumpto = parse_target(optarg);
+	/* TRY_LOAD (may be chain name) */
+	cs->target = xtables_find_target(cs->jumpto, XTF_TRY_LOAD);
+
+	if (cs->target == NULL)
+		return;
+
+	size = IPT_ALIGN(sizeof(struct ipt_entry_target))
+		+ cs->target->size;
+
+	cs->target->t = xtables_calloc(1, size);
+	cs->target->t->u.target_size = size;
+	strcpy(cs->target->t->u.user.name, cs->jumpto);
+	cs->target->t->u.user.revision = cs->target->revision;
+	if (cs->target->init != NULL)
+		cs->target->init(cs->target->t);
+	opts = xtables_merge_options(iptables_globals.orig_opts, opts,
+				     cs->target->extra_opts,
+				     &cs->target->option_offset);
+	if (opts == NULL)
+		xtables_error(OTHER_PROBLEM, "can't alloc memory!");
+}
+
 int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle)
 {
 	struct iptables_command_state cs;
@@ -1346,10 +1374,10 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 	struct xtables_match *m;
 	struct xtables_rule_match *matchp;
 	struct xtables_target *t;
-	const char *jumpto = "";
 	unsigned long long cnt;
 
 	memset(&cs, 0, sizeof(cs));
+	cs.jumpto = "";
 	cs.argv = argv;
 
 	/* re-set optind to 0 in case do_command gets called
@@ -1566,38 +1594,12 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 			set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags,
 				   cs.invert);
 			cs.fw.ip.flags |= IPT_F_GOTO;
-			jumpto = parse_target(optarg);
+			cs.jumpto = parse_target(optarg);
 			break;
 #endif
 
 		case 'j':
-			set_option(&cs.options, OPT_JUMP, &cs.fw.ip.invflags,
-				   cs.invert);
-			jumpto = parse_target(optarg);
-			/* TRY_LOAD (may be chain name) */
-			cs.target = xtables_find_target(jumpto, XTF_TRY_LOAD);
-
-			if (cs.target) {
-				size_t size;
-
-				size = IPT_ALIGN(sizeof(struct ipt_entry_target))
-					+ cs.target->size;
-
-				cs.target->t = xtables_calloc(1, size);
-				cs.target->t->u.target_size = size;
-				strcpy(cs.target->t->u.user.name, jumpto);
-				cs.target->t->u.user.revision = cs.target->revision;
-				if (cs.target->init != NULL)
-					cs.target->init(cs.target->t);
-				opts = xtables_merge_options(
-						     iptables_globals.orig_opts,
-						     opts,
-						     cs.target->extra_opts,
-						     &cs.target->option_offset);
-				if (opts == NULL)
-					xtables_error(OTHER_PROBLEM,
-						   "can't alloc memory!");
-			}
+			command_jump(&cs);
 			break;
 
 
@@ -1757,7 +1759,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 
 	if (strcmp(*table, "nat") == 0 &&
 	    ((policy != NULL && strcmp(policy, "DROP") == 0) ||
-	    (jumpto != NULL && strcmp(jumpto, "DROP") == 0)))
+	    (cs.jumpto != NULL && strcmp(cs.jumpto, "DROP") == 0)))
 		xtables_error(PARAMETER_PROBLEM,
 			"\nThe \"nat\" table is not intended for filtering, "
 		        "the use of DROP is therefore inhibited.\n\n");
@@ -1848,10 +1850,10 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 					   chain);
 		}
 
-		if (cs.target && iptc_is_chain(jumpto, *handle)) {
+		if (cs.target && iptc_is_chain(cs.jumpto, *handle)) {
 			fprintf(stderr,
 				"Warning: using chain %s, not extension\n",
-				jumpto);
+				cs.jumpto);
 
 			if (cs.target->t)
 				free(cs.target->t);
@@ -1862,8 +1864,8 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 		/* If they didn't specify a target, or it's a chain
 		   name, use standard. */
 		if (!cs.target
-		    && (strlen(jumpto) == 0
-			|| iptc_is_chain(jumpto, *handle))) {
+		    && (strlen(cs.jumpto) == 0
+			|| iptc_is_chain(cs.jumpto, *handle))) {
 			size_t size;
 
 			cs.target = xtables_find_target(IPT_STANDARD_TARGET,
@@ -1873,8 +1875,8 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 				+ cs.target->size;
 			cs.target->t = xtables_calloc(1, size);
 			cs.target->t->u.target_size = size;
-			strcpy(cs.target->t->u.user.name, jumpto);
-			if (!iptc_is_chain(jumpto, *handle))
+			strcpy(cs.target->t->u.user.name, cs.jumpto);
+			if (!iptc_is_chain(cs.jumpto, *handle))
 				cs.target->t->u.user.revision = cs.target->revision;
 			if (cs.target->init != NULL)
 				cs.target->init(cs.target->t);
@@ -1888,9 +1890,10 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
 #ifdef IPT_F_GOTO
 			if (cs.fw.ip.flags & IPT_F_GOTO)
 				xtables_error(PARAMETER_PROBLEM,
-					   "goto '%s' is not a chain\n", jumpto);
+					   "goto '%s' is not a chain\n",
+					   cs.jumpto);
 #endif
-			xtables_find_target(jumpto, XTF_LOAD_MUST_SUCCEED);
+			xtables_find_target(cs.jumpto, XTF_LOAD_MUST_SUCCEED);
 		} else {
 			e = generate_entry(&cs.fw, cs.matches, cs.target->t);
 			free(cs.target->t);
diff --git a/xshared.h b/xshared.h
index d0cb516..a08e6d9 100644
--- a/xshared.h
+++ b/xshared.h
@@ -35,6 +35,7 @@ struct iptables_command_state {
 	struct xtables_target *target;
 	char *protocol;
 	int proto_used;
+	const char *jumpto;
 	char **argv;
 };
 
-- 
1.7.1

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux