On Tue, Dec 22, 2015 at 03:48:34PM +0530, Shivani Bhardwaj wrote:
> Add translation for comment module to nftables.
>
> Examples:
>
> $ sudo iptables-translate -A INPUT -m comment --comment "random comment"
> nft add rule ip filter INPUT counter comment \"random comment\"
>
> $ sudo iptables-translate -A INPUT -i eth1 -m comment --comment "Local LAN"
> nft add rule ip filter INPUT iifname eth1 counter comment \"Local LAN\"
>
> Signed-off-by: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
> ---
> extensions/libxt_comment.c | 17 +++++++++++++++--
> 1 file changed, 15 insertions(+), 2 deletions(-)
>
> diff --git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
> index 6ed2ff9..bbbd6cb 100644
> --- a/extensions/libxt_comment.c
> +++ b/extensions/libxt_comment.c
> @@ -48,6 +48,18 @@ comment_save(const void *ip, const struct xt_entry_match *match)
> xtables_save_string(commentinfo->comment);
> }
>
> +static int
> +comment_xlate(const struct xt_entry_match *match,
> + struct xt_buf *buf, int numeric)
> +{
> + struct xt_comment_info *commentinfo = (void *)match->data;
> +
> + commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0';
> + xt_buf_add(buf, "counter comment \\\"%s\\\" ", commentinfo->comment);
^^^^^^^
We have to find a better way to fix this from the core infrastructure.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
