[PATCH 5/8] extensions: S/DNPT: add missing save function

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Jean-Michel DILLY reports that `ip6tables -S` exits with

	Target `DNPT' is missing save function

when a DNPT rule is invoked. Fix this omission.

References: http://marc.info/?l=netfilter&m=135904831220440&w=2
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxx>
---
 extensions/libip6t_DNPT.c |   19 +++++++++++++++++++
 extensions/libip6t_SNPT.c |   19 +++++++++++++++++++
 2 files changed, 38 insertions(+)

diff --git a/extensions/libip6t_DNPT.c b/extensions/libip6t_DNPT.c
index 7439816..703adf6 100644
--- a/extensions/libip6t_DNPT.c
+++ b/extensions/libip6t_DNPT.c
@@ -1,4 +1,5 @@
 #include <stdio.h>
+#include <string.h>
 #include <xtables.h>
 #include <linux/netfilter_ipv6/ip6_tables.h>
 #include <linux/netfilter_ipv6/ip6t_NPT.h>
@@ -53,6 +54,23 @@ static void DNPT_print(const void *ip, const struct xt_entry_target *target,
 				 npt->dst_pfx_len);
 }
 
+static void DNPT_save(const void *ip, const struct xt_entry_target *target)
+{
+	static const struct in6_addr zero_addr;
+	const struct ip6t_npt_tginfo *info = (const void *)target->data;
+
+	if (memcmp(&info->src_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+	    info->src_pfx_len != 0)
+		printf("--src-pfx %s/%u ",
+		       xtables_ip6addr_to_numeric(&info->src_pfx.in6),
+		       info->src_pfx_len);
+	if (memcmp(&info->dst_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+	    info->dst_pfx_len != 0)
+		printf("--dst-pfx %s/%u ",
+		       xtables_ip6addr_to_numeric(&info->dst_pfx.in6),
+		       info->dst_pfx_len);
+}
+
 static struct xtables_target snpt_tg_reg = {
 	.name		= "DNPT",
 	.version	= XTABLES_VERSION,
@@ -62,6 +80,7 @@ static struct xtables_target snpt_tg_reg = {
 	.help		= DNPT_help,
 	.x6_parse	= DNPT_parse,
 	.print		= DNPT_print,
+	.save		= DNPT_save,
 	.x6_options	= DNPT_options,
 };
 
diff --git a/extensions/libip6t_SNPT.c b/extensions/libip6t_SNPT.c
index 26a86c5..7ed80b2 100644
--- a/extensions/libip6t_SNPT.c
+++ b/extensions/libip6t_SNPT.c
@@ -1,4 +1,5 @@
 #include <stdio.h>
+#include <string.h>
 #include <xtables.h>
 #include <linux/netfilter_ipv6/ip6_tables.h>
 #include <linux/netfilter_ipv6/ip6t_NPT.h>
@@ -53,6 +54,23 @@ static void SNPT_print(const void *ip, const struct xt_entry_target *target,
 				 npt->dst_pfx_len);
 }
 
+static void SNPT_save(const void *ip, const struct xt_entry_target *target)
+{
+	static const struct in6_addr zero_addr;
+	const struct ip6t_npt_tginfo *info = (const void *)target->data;
+
+	if (memcmp(&info->src_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+	    info->src_pfx_len != 0)
+		printf("--src-pfx %s/%u ",
+		       xtables_ip6addr_to_numeric(&info->src_pfx.in6),
+		       info->src_pfx_len);
+	if (memcmp(&info->dst_pfx.in6, &zero_addr, sizeof(zero_addr)) != 0 ||
+	    info->dst_pfx_len != 0)
+		printf("--dst-pfx %s/%u ",
+		       xtables_ip6addr_to_numeric(&info->dst_pfx.in6),
+		       info->dst_pfx_len);
+}
+
 static struct xtables_target snpt_tg_reg = {
 	.name		= "SNPT",
 	.version	= XTABLES_VERSION,
@@ -62,6 +80,7 @@ static struct xtables_target snpt_tg_reg = {
 	.help		= SNPT_help,
 	.x6_parse	= SNPT_parse,
 	.print		= SNPT_print,
+	.save		= SNPT_save,
 	.x6_options	= SNPT_options,
 };
 
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html


[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux