On Sun, Sep 11, 2011 at 05:35:51PM +0200, Jan Engelhardt wrote:
> Was never implemented, kill it.
>
> Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx>
> ---
> iptables/ip6tables-save.c | 80 +++++++++++++++++++--------------------------
> iptables/iptables-save.c | 80 +++++++++++++++++++--------------------------
> 2 files changed, 68 insertions(+), 92 deletions(-)
>
> diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c
> index ad0e70f..38b0c2f 100644
> --- a/iptables/ip6tables-save.c
> +++ b/iptables/ip6tables-save.c
> @@ -22,10 +22,9 @@
> #include <dlfcn.h>
> #endif
>
> -static int show_binary = 0, show_counters = 0;
> +static int show_counters = 0;
>
> static const struct option options[] = {
> - {.name = "binary", .has_arg = false, .val = 'b'},
Please, better something less agressive like displaying a message
telling "-b option was never implemented, ignoring it".
So if anyone, for some strange reason, is using it, their scripts will
not break.
I know this may sound a bit nitpicking but I think it's good to make
sure that we don't break anything.
Thanks.
> {.name = "counters", .has_arg = false, .val = 'c'},
> {.name = "dump", .has_arg = false, .val = 'd'},
> {.name = "table", .has_arg = true, .val = 't'},
> @@ -76,52 +75,45 @@ static int do_output(const char *tablename)
> xtables_error(OTHER_PROBLEM, "Cannot initialize: %s\n",
> ip6tc_strerror(errno));
>
> - if (!show_binary) {
> - time_t now = time(NULL);
> -
> - printf("# Generated by ip6tables-save v%s on %s",
> - IPTABLES_VERSION, ctime(&now));
> - printf("*%s\n", tablename);
> -
> - /* Dump out chain names first,
> - * thereby preventing dependency conflicts */
> - for (chain = ip6tc_first_chain(h);
> - chain;
> - chain = ip6tc_next_chain(h)) {
> -
> - printf(":%s ", chain);
> - if (ip6tc_builtin(chain, h)) {
> - struct ip6t_counters count;
> - printf("%s ",
> - ip6tc_get_policy(chain, &count, h));
> - printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt);
> - } else {
> - printf("- [0:0]\n");
> - }
> + time_t now = time(NULL);
> +
> + printf("# Generated by ip6tables-save v%s on %s",
> + IPTABLES_VERSION, ctime(&now));
> + printf("*%s\n", tablename);
> +
> + /* Dump out chain names first,
> + * thereby preventing dependency conflicts */
> + for (chain = ip6tc_first_chain(h);
> + chain;
> + chain = ip6tc_next_chain(h)) {
> +
> + printf(":%s ", chain);
> + if (ip6tc_builtin(chain, h)) {
> + struct ip6t_counters count;
> + printf("%s ",
> + ip6tc_get_policy(chain, &count, h));
> + printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt);
> + } else {
> + printf("- [0:0]\n");
> }
> + }
>
> + for (chain = ip6tc_first_chain(h);
> + chain;
> + chain = ip6tc_next_chain(h)) {
> + const struct ip6t_entry *e;
>
> - for (chain = ip6tc_first_chain(h);
> - chain;
> - chain = ip6tc_next_chain(h)) {
> - const struct ip6t_entry *e;
> -
> - /* Dump out rules */
> - e = ip6tc_first_rule(chain, h);
> - while(e) {
> - print_rule6(e, h, chain, show_counters);
> - e = ip6tc_next_rule(e, h);
> - }
> + /* Dump out rules */
> + e = ip6tc_first_rule(chain, h);
> + while(e) {
> + print_rule6(e, h, chain, show_counters);
> + e = ip6tc_next_rule(e, h);
> }
> -
> - now = time(NULL);
> - printf("COMMIT\n");
> - printf("# Completed on %s", ctime(&now));
> - } else {
> - /* Binary, huh? OK. */
> - xtables_error(OTHER_PROBLEM, "Binary NYI\n");
> }
>
> + now = time(NULL);
> + printf("COMMIT\n");
> + printf("# Completed on %s", ctime(&now));
> ip6tc_free(h);
>
> return 1;
> @@ -151,10 +143,6 @@ int ip6tables_save_main(int argc, char *argv[])
>
> while ((c = getopt_long(argc, argv, "bcdt:", options, NULL)) != -1) {
> switch (c) {
> - case 'b':
> - show_binary = 1;
> - break;
> -
> case 'c':
> show_counters = 1;
> break;
> diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c
> index 73fba12..a25a186 100644
> --- a/iptables/iptables-save.c
> +++ b/iptables/iptables-save.c
> @@ -21,10 +21,9 @@
> #include <dlfcn.h>
> #endif
>
> -static int show_binary = 0, show_counters = 0;
> +static int show_counters = 0;
>
> static const struct option options[] = {
> - {.name = "binary", .has_arg = false, .val = 'b'},
> {.name = "counters", .has_arg = false, .val = 'c'},
> {.name = "dump", .has_arg = false, .val = 'd'},
> {.name = "table", .has_arg = true, .val = 't'},
> @@ -74,52 +73,45 @@ static int do_output(const char *tablename)
> xtables_error(OTHER_PROBLEM, "Cannot initialize: %s\n",
> iptc_strerror(errno));
>
> - if (!show_binary) {
> - time_t now = time(NULL);
> -
> - printf("# Generated by iptables-save v%s on %s",
> - IPTABLES_VERSION, ctime(&now));
> - printf("*%s\n", tablename);
> -
> - /* Dump out chain names first,
> - * thereby preventing dependency conflicts */
> - for (chain = iptc_first_chain(h);
> - chain;
> - chain = iptc_next_chain(h)) {
> -
> - printf(":%s ", chain);
> - if (iptc_builtin(chain, h)) {
> - struct ipt_counters count;
> - printf("%s ",
> - iptc_get_policy(chain, &count, h));
> - printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt);
> - } else {
> - printf("- [0:0]\n");
> - }
> + time_t now = time(NULL);
> +
> + printf("# Generated by iptables-save v%s on %s",
> + IPTABLES_VERSION, ctime(&now));
> + printf("*%s\n", tablename);
> +
> + /* Dump out chain names first,
> + * thereby preventing dependency conflicts */
> + for (chain = iptc_first_chain(h);
> + chain;
> + chain = iptc_next_chain(h)) {
> +
> + printf(":%s ", chain);
> + if (iptc_builtin(chain, h)) {
> + struct ipt_counters count;
> + printf("%s ",
> + iptc_get_policy(chain, &count, h));
> + printf("[%llu:%llu]\n", (unsigned long long)count.pcnt, (unsigned long long)count.bcnt);
> + } else {
> + printf("- [0:0]\n");
> }
> + }
>
> + for (chain = iptc_first_chain(h);
> + chain;
> + chain = iptc_next_chain(h)) {
> + const struct ipt_entry *e;
>
> - for (chain = iptc_first_chain(h);
> - chain;
> - chain = iptc_next_chain(h)) {
> - const struct ipt_entry *e;
> -
> - /* Dump out rules */
> - e = iptc_first_rule(chain, h);
> - while(e) {
> - print_rule4(e, h, chain, show_counters);
> - e = iptc_next_rule(e, h);
> - }
> + /* Dump out rules */
> + e = iptc_first_rule(chain, h);
> + while(e) {
> + print_rule4(e, h, chain, show_counters);
> + e = iptc_next_rule(e, h);
> }
> -
> - now = time(NULL);
> - printf("COMMIT\n");
> - printf("# Completed on %s", ctime(&now));
> - } else {
> - /* Binary, huh? OK. */
> - xtables_error(OTHER_PROBLEM, "Binary NYI\n");
> }
>
> + now = time(NULL);
> + printf("COMMIT\n");
> + printf("# Completed on %s", ctime(&now));
> iptc_free(h);
>
> return 1;
> @@ -150,10 +142,6 @@ iptables_save_main(int argc, char *argv[])
>
> while ((c = getopt_long(argc, argv, "bcdt:", options, NULL)) != -1) {
> switch (c) {
> - case 'b':
> - show_binary = 1;
> - break;
> -
> case 'c':
> show_counters = 1;
> break;
> --
> 1.7.3.4
>
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
> the body of a message to majordomo@xxxxxxxxxxxxxxx
> More majordomo info at http://vger.kernel.org/majordomo-info.html
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
