On Wed, Dec 23, 2015 at 3:31 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote:
> On Wed, Dec 23, 2015 at 03:23:47PM +0530, Shivani Bhardwaj wrote:
>> Add translation for helper module to nftables.
>>
>> Examples:
>>
>> $ sudo iptables-translate -A FORWARD -m helper --helper sip
>> nft add rule ip filter FORWARD ct helper \"sip\" counter
>>
>> $ sudo iptables-translate -A FORWARD -m helper ! --helper ftp
>> nft add rule ip filter FORWARD ct helper != \"ftp\" counter
>>
>> Signed-off-by: Shivani Bhardwaj <shivanib134@xxxxxxxxx>
>> ---
>> extensions/libxt_helper.c | 14 ++++++++++++++
>> 1 file changed, 14 insertions(+)
>>
>> diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
>> index c9f9435..5f1d8b1 100644
>> --- a/extensions/libxt_helper.c
>> +++ b/extensions/libxt_helper.c
>> @@ -45,6 +45,19 @@ static void helper_save(const void *ip, const struct xt_entry_match *match)
>> xtables_save_string(info->name);
>> }
>>
>> +static int helper_xlate(const struct xt_entry_match *match,
>> + struct xt_buf *buf, int numeric)
>> +{
>> + const struct xt_helper_info *info = (const void *)match->data;
>> +
>> + xt_buf_add(buf, "ct helper");
>> +
>> + xt_buf_add(buf, "%s \\\"%s\\\" ",
>> + info->invert ? " !=" : "", info->name);
>
> You can place this in one single call of xt_buf_add(), right?
Sending v2.
Thank you
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
