Use a more generic name for this object to prepare the introduction of
other translation specific fields.
Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
extensions/libip6t_DNAT.c | 20 +++++++++----------
extensions/libip6t_LOG.c | 8 ++++----
extensions/libip6t_REDIRECT.c | 8 ++++----
extensions/libip6t_REJECT.c | 6 +++---
extensions/libip6t_SNAT.c | 22 ++++++++++-----------
extensions/libip6t_ah.c | 12 +++++------
extensions/libip6t_hl.c | 4 ++--
extensions/libipt_DNAT.c | 20 +++++++++----------
extensions/libipt_LOG.c | 8 ++++----
extensions/libipt_REDIRECT.c | 8 ++++----
extensions/libipt_REJECT.c | 6 +++---
extensions/libipt_SNAT.c | 24 +++++++++++-----------
extensions/libipt_ah.c | 8 ++++----
extensions/libipt_realm.c | 14 ++++++-------
extensions/libipt_ttl.c | 12 +++++------
extensions/libxt_NFLOG.c | 16 +++++++--------
extensions/libxt_connmark.c | 18 ++++++++---------
extensions/libxt_conntrack.c | 20 +++++++++----------
extensions/libxt_cpu.c | 4 ++--
extensions/libxt_devgroup.c | 22 ++++++++++-----------
extensions/libxt_esp.c | 8 ++++----
extensions/libxt_helper.c | 4 ++--
extensions/libxt_iprange.c | 46 +++++++++++++++++++++----------------------
extensions/libxt_length.c | 8 ++++----
extensions/libxt_limit.c | 14 ++++++-------
extensions/libxt_mac.c | 14 ++++++-------
extensions/libxt_mark.c | 18 ++++++++---------
extensions/libxt_pkttype.c | 12 +++++------
extensions/libxt_tcp.c | 28 +++++++++++++-------------
extensions/libxt_udp.c | 10 +++++-----
include/xtables.h | 16 +++++++--------
iptables/nft-ipv4.c | 20 +++++++++----------
iptables/nft-ipv6.c | 22 ++++++++++-----------
iptables/nft-shared.h | 4 ++--
iptables/nft.h | 4 ++--
iptables/xtables-translate.c | 30 ++++++++++++++--------------
libxtables/xtables.c | 42 +++++++++++++++++++--------------------
37 files changed, 280 insertions(+), 280 deletions(-)
diff --git a/extensions/libip6t_DNAT.c b/extensions/libip6t_DNAT.c
index 3959755..7fc21a3 100644
--- a/extensions/libip6t_DNAT.c
+++ b/extensions/libip6t_DNAT.c
@@ -232,43 +232,43 @@ static void DNAT_save(const void *ip, const struct xt_entry_target *target)
}
static void print_range_xlate(const struct nf_nat_range *range,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
if (range->flags & NF_NAT_RANGE_MAP_IPS) {
- xt_buf_add(buf, "%s",
+ xt_xlate_add(xl, "%s",
xtables_ip6addr_to_numeric(&range->min_addr.in6));
if (memcmp(&range->min_addr, &range->max_addr,
sizeof(range->min_addr)))
- xt_buf_add(buf, "-%s",
+ xt_xlate_add(xl, "-%s",
xtables_ip6addr_to_numeric(&range->max_addr.in6));
}
if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- xt_buf_add(buf, " :%hu", ntohs(range->min_proto.tcp.port));
+ xt_xlate_add(xl, " :%hu", ntohs(range->min_proto.tcp.port));
if (range->max_proto.tcp.port != range->min_proto.tcp.port)
- xt_buf_add(buf, "-%hu",
+ xt_xlate_add(xl, "-%hu",
ntohs(range->max_proto.tcp.port));
}
}
static int DNAT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct nf_nat_range *range = (const void *)target->data;
bool sep_need = false;
const char *sep = " ";
- xt_buf_add(buf, "dnat ");
- print_range_xlate(range, buf);
+ xt_xlate_add(xl, "dnat ");
+ print_range_xlate(range, xl);
if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) {
- xt_buf_add(buf, " random");
+ xt_xlate_add(xl, " random");
sep_need = true;
}
if (range->flags & NF_NAT_RANGE_PERSISTENT) {
if (sep_need)
sep = ",";
- xt_buf_add(buf, "%spersistent", sep);
+ xt_xlate_add(xl, "%spersistent", sep);
}
return 1;
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 9df86fd..17d76a8 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -183,19 +183,19 @@ static const struct ip6t_log_xlate ip6t_log_xlate_names[] = {
};
static int LOG_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
unsigned int i = 0;
const struct ip6t_log_info *loginfo =
(const struct ip6t_log_info *)target->data;
- xt_buf_add(buf, "log ");
+ xt_xlate_add(xl, "log ");
if (strcmp(loginfo->prefix, "") != 0)
- xt_buf_add(buf, "prefix \\\"%s\\\" ", loginfo->prefix);
+ xt_xlate_add(xl, "prefix \\\"%s\\\" ", loginfo->prefix);
for (i = 0; i < ARRAY_SIZE(ip6t_log_xlate_names); ++i)
if (loginfo->level == ip6t_log_xlate_names[i].level) {
- xt_buf_add(buf, "level %s",
+ xt_xlate_add(xl, "level %s",
ip6t_log_xlate_names[i].name);
break;
}
diff --git a/extensions/libip6t_REDIRECT.c b/extensions/libip6t_REDIRECT.c
index d907d94..fc4a4d8 100644
--- a/extensions/libip6t_REDIRECT.c
+++ b/extensions/libip6t_REDIRECT.c
@@ -133,18 +133,18 @@ static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
}
static int REDIRECT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct nf_nat_range *range = (const void *)target->data;
if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- xt_buf_add(buf, "redirect to %hu",
+ xt_xlate_add(xl, "redirect to %hu",
ntohs(range->min_proto.tcp.port));
if (range->max_proto.tcp.port != range->min_proto.tcp.port)
- xt_buf_add(buf, "-%hu ",
+ xt_xlate_add(xl, "-%hu ",
ntohs(range->max_proto.tcp.port));
if (range->flags & NF_NAT_RANGE_PROTO_RANDOM)
- xt_buf_add(buf, " random ");
+ xt_xlate_add(xl, " random ");
}
return 1;
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 3b8431c..ad2a8ec 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -140,7 +140,7 @@ static const struct reject_names_xlate reject_table_xlate[] = {
};
static int REJECT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ip6t_reject_info *reject =
(const struct ip6t_reject_info *)target->data;
@@ -150,9 +150,9 @@ static int REJECT_xlate(const struct xt_entry_target *target,
if (reject_table_xlate[i].with == reject->with)
break;
if (reject->with == IP6T_TCP_RESET)
- xt_buf_add(buf, "reject with %s", reject_table_xlate[i].name);
+ xt_xlate_add(xl, "reject with %s", reject_table_xlate[i].name);
else
- xt_buf_add(buf, "reject with icmpv6 type %s",
+ xt_xlate_add(xl, "reject with icmpv6 type %s",
reject_table_xlate[i].name);
return 1;
diff --git a/extensions/libip6t_SNAT.c b/extensions/libip6t_SNAT.c
index b85c86c..28e29da 100644
--- a/extensions/libip6t_SNAT.c
+++ b/extensions/libip6t_SNAT.c
@@ -242,49 +242,49 @@ static void SNAT_save(const void *ip, const struct xt_entry_target *target)
}
static void print_range_xlate(const struct nf_nat_range *range,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
if (range->flags & NF_NAT_RANGE_MAP_IPS) {
- xt_buf_add(buf, "%s",
+ xt_xlate_add(xl, "%s",
xtables_ip6addr_to_numeric(&range->min_addr.in6));
if (memcmp(&range->min_addr, &range->max_addr,
sizeof(range->min_addr)))
- xt_buf_add(buf, "-%s",
+ xt_xlate_add(xl, "-%s",
xtables_ip6addr_to_numeric(&range->max_addr.in6));
}
if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- xt_buf_add(buf, " :%hu", ntohs(range->min_proto.tcp.port));
+ xt_xlate_add(xl, " :%hu", ntohs(range->min_proto.tcp.port));
if (range->max_proto.tcp.port != range->min_proto.tcp.port)
- xt_buf_add(buf, "-%hu",
+ xt_xlate_add(xl, "-%hu",
ntohs(range->max_proto.tcp.port));
}
}
static int SNAT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct nf_nat_range *range = (const void *)target->data;
bool sep_need = false;
const char *sep = " ";
- xt_buf_add(buf, "snat ");
- print_range_xlate(range, buf);
+ xt_xlate_add(xl, "snat ");
+ print_range_xlate(range, xl);
if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) {
- xt_buf_add(buf, " random");
+ xt_xlate_add(xl, " random");
sep_need = true;
}
if (range->flags & NF_NAT_RANGE_PROTO_RANDOM_FULLY) {
if (sep_need)
sep = ",";
- xt_buf_add(buf, "%sfully-random", sep);
+ xt_xlate_add(xl, "%sfully-random", sep);
sep_need = true;
}
if (range->flags & NF_NAT_RANGE_PERSISTENT) {
if (sep_need)
sep = ",";
- xt_buf_add(buf, "%spersistent", sep);
+ xt_xlate_add(xl, "%spersistent", sep);
}
return 1;
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index f7c30f4..087b3ac 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -129,27 +129,27 @@ static void ah_save(const void *ip, const struct xt_entry_match *match)
}
static int ah_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ip6t_ah *ahinfo = (struct ip6t_ah *)match->data;
if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) {
- xt_buf_add(buf, "ah spi%s ",
+ xt_xlate_add(xl, "ah spi%s ",
(ahinfo->invflags & IP6T_AH_INV_SPI) ? " !=" : "");
if (ahinfo->spis[0] != ahinfo->spis[1])
- xt_buf_add(buf, "%u-%u ", ahinfo->spis[0], ahinfo->spis[1]);
+ xt_xlate_add(xl, "%u-%u ", ahinfo->spis[0], ahinfo->spis[1]);
else
- xt_buf_add(buf, "%u ", ahinfo->spis[0]);
+ xt_xlate_add(xl, "%u ", ahinfo->spis[0]);
}
if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN)) {
- xt_buf_add(buf, "ah hdrlength%s %u ",
+ xt_xlate_add(xl, "ah hdrlength%s %u ",
(ahinfo->invflags & IP6T_AH_INV_LEN) ? " !=" : "",
ahinfo->hdrlen);
}
if (ahinfo->hdrres != 0)
- xt_buf_add(buf, "ah reserved %u ", ahinfo->hdrres);
+ xt_xlate_add(xl, "ah reserved %u ", ahinfo->hdrres);
return 1;
}
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index 226b69c..9fe893a 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -84,7 +84,7 @@ static void hl_save(const void *ip, const struct xt_entry_match *match)
}
static int hl_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
static const char *const op[] = {
[IP6T_HL_EQ] = "",
@@ -95,7 +95,7 @@ static int hl_xlate(const struct xt_entry_match *match,
const struct ip6t_hl_info *info =
(struct ip6t_hl_info *) match->data;
- xt_buf_add(buf, "ip6 hoplimit %s%u ", op[info->mode], info->hop_limit);
+ xt_xlate_add(xl, "ip6 hoplimit %s%u ", op[info->mode], info->hop_limit);
return 1;
}
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index e529141..45835a9 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -243,27 +243,27 @@ static void DNAT_save(const void *ip, const struct xt_entry_target *target)
}
static void print_range_xlate(const struct nf_nat_ipv4_range *r,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
if (r->flags & NF_NAT_RANGE_MAP_IPS) {
struct in_addr a;
a.s_addr = r->min_ip;
- xt_buf_add(buf, "%s", xtables_ipaddr_to_numeric(&a));
+ xt_xlate_add(xl, "%s", xtables_ipaddr_to_numeric(&a));
if (r->max_ip != r->min_ip) {
a.s_addr = r->max_ip;
- xt_buf_add(buf, "-%s", xtables_ipaddr_to_numeric(&a));
+ xt_xlate_add(xl, "-%s", xtables_ipaddr_to_numeric(&a));
}
}
if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- xt_buf_add(buf, ":%hu", ntohs(r->min.tcp.port));
+ xt_xlate_add(xl, ":%hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
- xt_buf_add(buf, "-%hu", ntohs(r->max.tcp.port));
+ xt_xlate_add(xl, "-%hu", ntohs(r->max.tcp.port));
}
}
static int DNAT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
@@ -271,16 +271,16 @@ static int DNAT_xlate(const struct xt_entry_target *target,
const char *sep = " ";
for (i = 0; i < info->mr.rangesize; i++) {
- xt_buf_add(buf, "dnat ");
- print_range_xlate(&info->mr.range[i], buf);
+ xt_xlate_add(xl, "dnat ");
+ print_range_xlate(&info->mr.range[i], xl);
if (info->mr.range[i].flags & NF_NAT_RANGE_PROTO_RANDOM) {
- xt_buf_add(buf, " random");
+ xt_xlate_add(xl, " random");
sep_need = true;
}
if (info->mr.range[i].flags & NF_NAT_RANGE_PERSISTENT) {
if (sep_need)
sep = ",";
- xt_buf_add(buf, "%spersistent", sep);
+ xt_xlate_add(xl, "%spersistent", sep);
}
}
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index f2beee3..f3875b6 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -183,19 +183,19 @@ static const struct ipt_log_xlate ipt_log_xlate_names[] = {
};
static int LOG_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
unsigned int i = 0;
const struct ipt_log_info *loginfo =
(const struct ipt_log_info *)target->data;
- xt_buf_add(buf, "log ");
+ xt_xlate_add(xl, "log ");
if (strcmp(loginfo->prefix, "") != 0)
- xt_buf_add(buf, "prefix \\\"%s\\\" ", loginfo->prefix);
+ xt_xlate_add(xl, "prefix \\\"%s\\\" ", loginfo->prefix);
for (i = 0; i < ARRAY_SIZE(ipt_log_xlate_names); ++i)
if (loginfo->level == ipt_log_xlate_names[i].level) {
- xt_buf_add(buf, "level %s ",
+ xt_xlate_add(xl, "level %s ",
ipt_log_xlate_names[i].name);
break;
}
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 2e5b33d..68efe96 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -136,18 +136,18 @@ static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
}
static int REDIRECT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct nf_nat_ipv4_multi_range_compat *mr =
(const void *)target->data;
const struct nf_nat_ipv4_range *r = &mr->range[0];
if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- xt_buf_add(buf, "redirect to %hu", ntohs(r->min.tcp.port));
+ xt_xlate_add(xl, "redirect to %hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
- xt_buf_add(buf, "-%hu ", ntohs(r->max.tcp.port));
+ xt_xlate_add(xl, "-%hu ", ntohs(r->max.tcp.port));
if (mr->range[0].flags & NF_NAT_RANGE_PROTO_RANDOM)
- xt_buf_add(buf, " random ");
+ xt_xlate_add(xl, " random ");
}
return 1;
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index dd4ac62..56fc346 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -160,7 +160,7 @@ static const struct reject_names_xlate reject_table_xlate[] = {
};
static int REJECT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ipt_reject_info *reject =
(const struct ipt_reject_info *)target->data;
@@ -172,10 +172,10 @@ static int REJECT_xlate(const struct xt_entry_target *target,
}
if (reject->with == IPT_TCP_RESET)
- xt_buf_add(buf, "reject with %s",
+ xt_xlate_add(xl, "reject with %s",
reject_table_xlate[i].name);
else
- xt_buf_add(buf, "reject with icmp type %s",
+ xt_xlate_add(xl, "reject with icmp type %s",
reject_table_xlate[i].name);
return 1;
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 42fe92d..1962e66 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -253,28 +253,28 @@ static void SNAT_save(const void *ip, const struct xt_entry_target *target)
}
static void print_range_xlate(const struct nf_nat_ipv4_range *r,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
if (r->flags & NF_NAT_RANGE_MAP_IPS) {
struct in_addr a;
a.s_addr = r->min_ip;
- xt_buf_add(buf, "%s", xtables_ipaddr_to_numeric(&a));
+ xt_xlate_add(xl, "%s", xtables_ipaddr_to_numeric(&a));
if (r->max_ip != r->min_ip) {
a.s_addr = r->max_ip;
- xt_buf_add(buf, "-%s", xtables_ipaddr_to_numeric(&a));
+ xt_xlate_add(xl, "-%s", xtables_ipaddr_to_numeric(&a));
}
}
if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- xt_buf_add(buf, ":");
- xt_buf_add(buf, "%hu", ntohs(r->min.tcp.port));
+ xt_xlate_add(xl, ":");
+ xt_xlate_add(xl, "%hu", ntohs(r->min.tcp.port));
if (r->max.tcp.port != r->min.tcp.port)
- xt_buf_add(buf, "-%hu", ntohs(r->max.tcp.port));
+ xt_xlate_add(xl, "-%hu", ntohs(r->max.tcp.port));
}
}
static int SNAT_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
@@ -282,22 +282,22 @@ static int SNAT_xlate(const struct xt_entry_target *target,
const char *sep = " ";
for (i = 0; i < info->mr.rangesize; i++) {
- xt_buf_add(buf, "snat ");
- print_range_xlate(&info->mr.range[i], buf);
+ xt_xlate_add(xl, "snat ");
+ print_range_xlate(&info->mr.range[i], xl);
if (info->mr.range[i].flags & NF_NAT_RANGE_PROTO_RANDOM) {
- xt_buf_add(buf, " random");
+ xt_xlate_add(xl, " random");
sep_need = true;
}
if (info->mr.range[i].flags & NF_NAT_RANGE_PROTO_RANDOM_FULLY) {
if (sep_need)
sep = ",";
- xt_buf_add(buf, "%sfully-random", sep);
+ xt_xlate_add(xl, "%sfully-random", sep);
sep_need = true;
}
if (info->mr.range[i].flags & NF_NAT_RANGE_PERSISTENT) {
if (sep_need)
sep = ",";
- xt_buf_add(buf, "%spersistent", sep);
+ xt_xlate_add(xl, "%spersistent", sep);
}
}
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index 8973e49..a7d1193 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -93,18 +93,18 @@ static void ah_save(const void *ip, const struct xt_entry_match *match)
}
static int ah_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ipt_ah *ahinfo = (struct ipt_ah *)match->data;
if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) {
- xt_buf_add(buf, "ah spi%s ",
+ xt_xlate_add(xl, "ah spi%s ",
(ahinfo->invflags & IPT_AH_INV_SPI) ? " !=" : "");
if (ahinfo->spis[0] != ahinfo->spis[1])
- xt_buf_add(buf, "%u-%u ", ahinfo->spis[0],
+ xt_xlate_add(xl, "%u-%u ", ahinfo->spis[0],
ahinfo->spis[1]);
else
- xt_buf_add(buf, "%u ", ahinfo->spis[0]);
+ xt_xlate_add(xl, "%u ", ahinfo->spis[0]);
}
return 1;
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index d016040..7dba93f 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -110,27 +110,27 @@ static void realm_save(const void *ip, const struct xt_entry_match *match)
static void
print_realm_xlate(unsigned long id, unsigned long mask,
- int numeric, struct xt_buf *buf, uint32_t op)
+ int numeric, struct xt_xlate *xl, uint32_t op)
{
const char *name = NULL;
if (mask != 0xffffffff)
- xt_buf_add(buf, " and 0x%lx %s 0x%lx ", id,
+ xt_xlate_add(xl, " and 0x%lx %s 0x%lx ", id,
op == XT_OP_EQ ? "==" : "!=", mask);
else {
if (numeric == 0)
name = xtables_lmap_id2name(realms, id);
if (name)
- xt_buf_add(buf, "%s%s ",
+ xt_xlate_add(xl, "%s%s ",
op == XT_OP_EQ ? "" : "!= ", name);
else
- xt_buf_add(buf, " %s0x%lx ",
+ xt_xlate_add(xl, " %s0x%lx ",
op == XT_OP_EQ ? "" : "!= ", id);
}
}
static int realm_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_realm_info *ri = (const void *)match->data;
enum xt_op op = XT_OP_EQ;
@@ -138,8 +138,8 @@ static int realm_xlate(const struct xt_entry_match *match,
if (ri->invert)
op = XT_OP_NEQ;
- xt_buf_add(buf, "rtclassid");
- print_realm_xlate(ri->id, ri->mask, 0, buf, op);
+ xt_xlate_add(xl, "rtclassid");
+ print_realm_xlate(ri->id, ri->mask, 0, xl, op);
return 1;
}
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index c952502..bd19cd2 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -101,30 +101,30 @@ static void ttl_save(const void *ip, const struct xt_entry_match *match)
}
static int ttl_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ipt_ttl_info *info =
(struct ipt_ttl_info *) match->data;
switch (info->mode) {
case IPT_TTL_EQ:
- xt_buf_add(buf, "ip ttl");
+ xt_xlate_add(xl, "ip ttl");
break;
case IPT_TTL_NE:
- xt_buf_add(buf, "ip ttl !=");
+ xt_xlate_add(xl, "ip ttl !=");
break;
case IPT_TTL_LT:
- xt_buf_add(buf, "ip ttl lt");
+ xt_xlate_add(xl, "ip ttl lt");
break;
case IPT_TTL_GT:
- xt_buf_add(buf, "ip ttl gt");
+ xt_xlate_add(xl, "ip ttl gt");
break;
default:
/* Should not happen. */
break;
}
- xt_buf_add(buf, " %u ", info->ttl);
+ xt_xlate_add(xl, " %u ", info->ttl);
return 1;
}
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 4f9024a..e31a3c4 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -87,24 +87,24 @@ static void NFLOG_save(const void *ip, const struct xt_entry_target *target)
}
static void nflog_print_xlate(const struct xt_nflog_info *info,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
- xt_buf_add(buf, "log ");
+ xt_xlate_add(xl, "log ");
if (info->prefix[0] != '\0')
- xt_buf_add(buf, "prefix \\\"%s\\\" ", info->prefix);
+ xt_xlate_add(xl, "prefix \\\"%s\\\" ", info->prefix);
if (info->len)
- xt_buf_add(buf, "snaplen %u ", info->len);
+ xt_xlate_add(xl, "snaplen %u ", info->len);
if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
- xt_buf_add(buf, "queue-threshold %u ", info->threshold);
- xt_buf_add(buf, "group %u ", info->group);
+ xt_xlate_add(xl, "queue-threshold %u ", info->threshold);
+ xt_xlate_add(xl, "group %u ", info->group);
}
static int NFLOG_xlate(const struct xt_entry_target *target,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
- nflog_print_xlate(info, buf);
+ nflog_print_xlate(info, xl);
return 1;
}
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 087d4bf..3d1926f 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -124,18 +124,18 @@ connmark_mt_save(const void *ip, const struct xt_entry_match *match)
}
static void print_mark_xlate(unsigned int mark, unsigned int mask,
- struct xt_buf *buf, uint32_t op)
+ struct xt_xlate *xl, uint32_t op)
{
if (mask != 0xffffffffU)
- xt_buf_add(buf, " and 0x%x %s 0x%x ", mark,
+ xt_xlate_add(xl, " and 0x%x %s 0x%x ", mark,
op == XT_OP_EQ ? "==" : "!=", mask);
else
- xt_buf_add(buf, " %s0x%x ",
+ xt_xlate_add(xl, " %s0x%x ",
op == XT_OP_EQ ? "" : "!= ", mark);
}
static int connmark_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_connmark_info *info = (const void *)match->data;
enum xt_op op = XT_OP_EQ;
@@ -143,15 +143,15 @@ static int connmark_xlate(const struct xt_entry_match *match,
if (info->invert)
op = XT_OP_NEQ;
- xt_buf_add(buf, "ct mark");
- print_mark_xlate(info->mark, info->mask, buf, op);
+ xt_xlate_add(xl, "ct mark");
+ print_mark_xlate(info->mark, info->mask, xl, op);
return 1;
}
static int
connmark_mt_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_connmark_mtinfo1 *info = (const void *)match->data;
enum xt_op op = XT_OP_EQ;
@@ -159,8 +159,8 @@ connmark_mt_xlate(const struct xt_entry_match *match,
if (info->invert)
op = XT_OP_NEQ;
- xt_buf_add(buf, "ct mark");
- print_mark_xlate(info->mark, info->mask, buf, op);
+ xt_xlate_add(xl, "ct mark");
+ print_mark_xlate(info->mark, info->mask, xl, op);
return 1;
}
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 4c5b6e9..7f66895 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -1156,41 +1156,41 @@ static void state_save(const void *ip, const struct xt_entry_match *match)
state_print_state(sinfo->statemask);
}
-static void state_xlate_print(struct xt_buf *buf, unsigned int statemask)
+static void state_xlate_print(struct xt_xlate *xl, unsigned int statemask)
{
const char *sep = "";
if (statemask & XT_CONNTRACK_STATE_INVALID) {
- xt_buf_add(buf, "%s%s", sep, "invalid");
+ xt_xlate_add(xl, "%s%s", sep, "invalid");
sep = ",";
}
if (statemask & XT_CONNTRACK_STATE_BIT(IP_CT_NEW)) {
- xt_buf_add(buf, "%s%s", sep, "new");
+ xt_xlate_add(xl, "%s%s", sep, "new");
sep = ",";
}
if (statemask & XT_CONNTRACK_STATE_BIT(IP_CT_RELATED)) {
- xt_buf_add(buf, "%s%s", sep, "related");
+ xt_xlate_add(xl, "%s%s", sep, "related");
sep = ",";
}
if (statemask & XT_CONNTRACK_STATE_BIT(IP_CT_ESTABLISHED)) {
- xt_buf_add(buf, "%s%s", sep, "established");
+ xt_xlate_add(xl, "%s%s", sep, "established");
sep = ",";
}
if (statemask & XT_CONNTRACK_STATE_UNTRACKED) {
- xt_buf_add(buf, "%s%s", sep, "untracked");
+ xt_xlate_add(xl, "%s%s", sep, "untracked");
sep = ",";
}
}
-static int state_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
+static int state_xlate(const struct xt_entry_match *match, struct xt_xlate *xl,
int numeric)
{
const struct xt_conntrack_mtinfo3 *sinfo = (const void *)match->data;
- xt_buf_add(buf, "ct state %s", sinfo->invert_flags & XT_CONNTRACK_STATE ?
+ xt_xlate_add(xl, "ct state %s", sinfo->invert_flags & XT_CONNTRACK_STATE ?
"!= " : "");
- state_xlate_print(buf, sinfo->state_mask);
- xt_buf_add(buf, " ");
+ state_xlate_print(xl, sinfo->state_mask);
+ xt_xlate_add(xl, " ");
return 1;
}
diff --git a/extensions/libxt_cpu.c b/extensions/libxt_cpu.c
index 74e6077..02286c2 100644
--- a/extensions/libxt_cpu.c
+++ b/extensions/libxt_cpu.c
@@ -45,11 +45,11 @@ static void cpu_save(const void *ip, const struct xt_entry_match *match)
}
static int cpu_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_cpu_info *info = (void *)match->data;
- xt_buf_add(buf, "cpu%s %u ", info->invert ? " !=" : "", info->cpu);
+ xt_xlate_add(xl, "cpu%s %u ", info->invert ? " !=" : "", info->cpu);
return 1;
}
diff --git a/extensions/libxt_devgroup.c b/extensions/libxt_devgroup.c
index 645f2f3..fd67bc3 100644
--- a/extensions/libxt_devgroup.c
+++ b/extensions/libxt_devgroup.c
@@ -153,52 +153,52 @@ static void devgroup_check(struct xt_fcheck_call *cb)
static void
print_devgroup_xlate(unsigned int id, uint32_t op, unsigned int mask,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const char *name = NULL;
if (mask != 0xffffffff)
- xt_buf_add(buf, "and 0x%x %s 0x%x ", id,
+ xt_xlate_add(xl, "and 0x%x %s 0x%x ", id,
op == XT_OP_EQ ? "==" : "!=", mask);
else {
if (numeric == 0)
name = xtables_lmap_id2name(devgroups, id);
if (name)
- xt_buf_add(buf, "%s ", name);
+ xt_xlate_add(xl, "%s ", name);
else
- xt_buf_add(buf, "%s0x%x ",
+ xt_xlate_add(xl, "%s0x%x ",
op == XT_OP_EQ ? "" : "!= ", id);
}
}
static void devgroup_show_xlate(const struct xt_devgroup_info *info,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
enum xt_op op = XT_OP_EQ;
if (info->flags & XT_DEVGROUP_MATCH_SRC) {
if (info->flags & XT_DEVGROUP_INVERT_SRC)
op = XT_OP_NEQ;
- xt_buf_add(buf, "iifgroup ");
+ xt_xlate_add(xl, "iifgroup ");
print_devgroup_xlate(info->src_group, op,
- info->src_mask, buf, numeric);
+ info->src_mask, xl, numeric);
}
if (info->flags & XT_DEVGROUP_MATCH_DST) {
if (info->flags & XT_DEVGROUP_INVERT_DST)
op = XT_OP_NEQ;
- xt_buf_add(buf, "oifgroup ");
+ xt_xlate_add(xl, "oifgroup ");
print_devgroup_xlate(info->dst_group, op,
- info->dst_mask, buf, numeric);
+ info->dst_mask, xl, numeric);
}
}
static int devgroup_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_devgroup_info *info = (const void *)match->data;
- devgroup_show_xlate(info, buf, 0);
+ devgroup_show_xlate(info, xl, 0);
return 1;
}
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index e04daf8..b5219fd 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -87,18 +87,18 @@ static void esp_save(const void *ip, const struct xt_entry_match *match)
}
static int esp_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_esp *espinfo = (struct xt_esp *)match->data;
if (!(espinfo->spis[0] == 0 && espinfo->spis[1] == 0xFFFFFFFF)) {
- xt_buf_add(buf, "esp spi%s",
+ xt_xlate_add(xl, "esp spi%s",
(espinfo->invflags & XT_ESP_INV_SPI) ? " !=" : "");
if (espinfo->spis[0] != espinfo->spis[1])
- xt_buf_add(buf, " %u-%u ", espinfo->spis[0],
+ xt_xlate_add(xl, " %u-%u ", espinfo->spis[0],
espinfo->spis[1]);
else
- xt_buf_add(buf, " %u ", espinfo->spis[0]);
+ xt_xlate_add(xl, " %u ", espinfo->spis[0]);
}
return 1;
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index 971ce4a..9df4163 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -46,11 +46,11 @@ static void helper_save(const void *ip, const struct xt_entry_match *match)
}
static int helper_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_helper_info *info = (const void *)match->data;
- xt_buf_add(buf, "ct helper%s \\\"%s\\\" ",
+ xt_xlate_add(xl, "ct helper%s \\\"%s\\\" ",
info->invert ? " !=" : "", info->name);
return 1;
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 9cf6225..0b05651 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -304,57 +304,57 @@ static void iprange_mt6_save(const void *ip, const struct xt_entry_match *match)
static void
print_iprange_xlate(const struct ipt_iprange *range,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
const unsigned char *byte_min, *byte_max;
byte_min = (const unsigned char *)&range->min_ip;
byte_max = (const unsigned char *)&range->max_ip;
- xt_buf_add(buf, " %u.%u.%u.%u-%u.%u.%u.%u ",
+ xt_xlate_add(xl, " %u.%u.%u.%u-%u.%u.%u.%u ",
byte_min[0], byte_min[1], byte_min[2], byte_min[3],
byte_max[0], byte_max[1], byte_max[2], byte_max[3]);
}
static int iprange_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct ipt_iprange_info *info = (const void *)match->data;
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
- xt_buf_add(buf, " !=");
- xt_buf_add(buf, " ip saddr");
- print_iprange_xlate(&info->src, buf);
+ xt_xlate_add(xl, " !=");
+ xt_xlate_add(xl, " ip saddr");
+ print_iprange_xlate(&info->src, xl);
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
- xt_buf_add(buf, " !=");
- xt_buf_add(buf, " ip daddr");
- print_iprange_xlate(&info->dst, buf);
+ xt_xlate_add(xl, " !=");
+ xt_xlate_add(xl, " ip daddr");
+ print_iprange_xlate(&info->dst, xl);
}
return 1;
}
static int iprange_mt4_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_iprange_mtinfo *info = (const void *)match->data;
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
- xt_buf_add(buf, " !=");
- xt_buf_add(buf, " ip saddr %s",
+ xt_xlate_add(xl, " !=");
+ xt_xlate_add(xl, " ip saddr %s",
xtables_ipaddr_to_numeric(&info->src_min.in));
- xt_buf_add(buf, "-%s ",
+ xt_xlate_add(xl, "-%s ",
xtables_ipaddr_to_numeric(&info->src_max.in));
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
- xt_buf_add(buf, " !=");
- xt_buf_add(buf, " ip daddr %s",
+ xt_xlate_add(xl, " !=");
+ xt_xlate_add(xl, " ip daddr %s",
xtables_ipaddr_to_numeric(&info->dst_min.in));
- xt_buf_add(buf, "-%s ",
+ xt_xlate_add(xl, "-%s ",
xtables_ipaddr_to_numeric(&info->dst_max.in));
}
@@ -362,24 +362,24 @@ static int iprange_mt4_xlate(const struct xt_entry_match *match,
}
static int iprange_mt6_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_iprange_mtinfo *info = (const void *)match->data;
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
- xt_buf_add(buf, " !=");
- xt_buf_add(buf, " ip saddr %s",
+ xt_xlate_add(xl, " !=");
+ xt_xlate_add(xl, " ip saddr %s",
xtables_ip6addr_to_numeric(&info->src_min.in6));
- xt_buf_add(buf, "-%s ",
+ xt_xlate_add(xl, "-%s ",
xtables_ip6addr_to_numeric(&info->src_max.in6));
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
- xt_buf_add(buf, " !=");
- xt_buf_add(buf, " ip daddr %s",
+ xt_xlate_add(xl, " !=");
+ xt_xlate_add(xl, " ip daddr %s",
xtables_ip6addr_to_numeric(&info->dst_min.in6));
- xt_buf_add(buf, "-%s ",
+ xt_xlate_add(xl, "-%s ",
xtables_ip6addr_to_numeric(&info->dst_max.in6));
}
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 96dab0c..00acae0 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -57,15 +57,15 @@ static void length_save(const void *ip, const struct xt_entry_match *match)
}
static int length_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_length_info *info = (void *)match->data;
- xt_buf_add(buf, "meta length %s", info->invert ? "!= " : "");
+ xt_xlate_add(xl, "meta length %s", info->invert ? "!= " : "");
if (info->min == info->max)
- xt_buf_add(buf, "%u ", info->min);
+ xt_xlate_add(xl, "%u ", info->min);
else
- xt_buf_add(buf, "%u-%u ", info->min, info->max);
+ xt_xlate_add(xl, "%u-%u ", info->min, info->max);
return 1;
}
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index a018f87..9ad00c1 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -159,12 +159,12 @@ static const struct rates rates_xlate[] = {
{ "second", XT_LIMIT_SCALE }
};
-static void print_rate_xlate(uint32_t period, struct xt_buf *buf)
+static void print_rate_xlate(uint32_t period, struct xt_xlate *xl)
{
unsigned int i;
if (period == 0) {
- xt_buf_add(buf, " %f ", INFINITY);
+ xt_xlate_add(xl, " %f ", INFINITY);
return;
}
@@ -173,19 +173,19 @@ static void print_rate_xlate(uint32_t period, struct xt_buf *buf)
rates_xlate[i].mult / period < rates_xlate[i].mult % period)
break;
- xt_buf_add(buf, " %u/%s ", rates_xlate[i - 1].mult / period,
+ xt_xlate_add(xl, " %u/%s ", rates_xlate[i - 1].mult / period,
rates_xlate[i - 1].name);
}
static int limit_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_rateinfo *r = (const void *)match->data;
- xt_buf_add(buf, "limit rate");
- print_rate_xlate(r->avg, buf);
+ xt_xlate_add(xl, "limit rate");
+ print_rate_xlate(r->avg, xl);
if (r->burst != XT_LIMIT_BURST)
- xt_buf_add(buf, "burst %u packets ", r->burst);
+ xt_xlate_add(xl, "burst %u packets ", r->burst);
return 1;
}
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index d730344..85ed1b5 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -71,23 +71,23 @@ static void mac_save(const void *ip, const struct xt_entry_match *match)
}
static void print_mac_xlate(const unsigned char *macaddress,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
unsigned int i;
- xt_buf_add(buf, "%02x", macaddress[0]);
+ xt_xlate_add(xl, "%02x", macaddress[0]);
for (i = 1; i < ETH_ALEN; ++i)
- xt_buf_add(buf, ":%02x", macaddress[i]);
- xt_buf_add(buf, " ");
+ xt_xlate_add(xl, ":%02x", macaddress[i]);
+ xt_xlate_add(xl, " ");
}
static int mac_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_mac_info *info = (void *)match->data;
- xt_buf_add(buf, "ether saddr%s ", info->invert ? " !=" : "");
- print_mac_xlate(info->srcaddr, buf);
+ xt_xlate_add(xl, "ether saddr%s ", info->invert ? " !=" : "");
+ print_mac_xlate(info->srcaddr, xl);
return 1;
}
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 93d38d9..b8c0ed6 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -103,20 +103,20 @@ mark_save(const void *ip, const struct xt_entry_match *match)
}
static void
-print_mark_xlate(struct xt_buf *buf, unsigned int mark,
+print_mark_xlate(struct xt_xlate *xl, unsigned int mark,
unsigned int mask, uint32_t op)
{
if (mask != 0xffffffffU)
- xt_buf_add(buf, " and 0x%x %s 0x%x ", mark,
+ xt_xlate_add(xl, " and 0x%x %s 0x%x ", mark,
op == XT_OP_EQ ? "==" : "!=", mask);
else
- xt_buf_add(buf, " %s0x%x ",
+ xt_xlate_add(xl, " %s0x%x ",
op == XT_OP_EQ ? "" : "!= ", mark);
}
static int
mark_mt_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_mark_mtinfo1 *info = (const void *)match->data;
enum xt_op op = XT_OP_EQ;
@@ -124,15 +124,15 @@ mark_mt_xlate(const struct xt_entry_match *match,
if (info->invert)
op = XT_OP_NEQ;
- xt_buf_add(buf, "mark");
- print_mark_xlate(buf, info->mark, info->mask, op);
+ xt_xlate_add(xl, "mark");
+ print_mark_xlate(xl, info->mark, info->mask, op);
return 1;
}
static int
mark_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_mark_info *info = (const void *)match->data;
enum xt_op op = XT_OP_EQ;
@@ -140,8 +140,8 @@ mark_xlate(const struct xt_entry_match *match,
if (info->invert)
op = XT_OP_NEQ;
- xt_buf_add(buf, "mark");
- print_mark_xlate(buf, info->mark, info->mask, op);
+ xt_xlate_add(xl, "mark");
+ print_mark_xlate(xl, info->mark, info->mask, op);
return 1;
}
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index f572e83..55edf27 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -127,26 +127,26 @@ static const struct pkttypes_xlate supported_types_xlate[] = {
};
static void print_pkttype_xlate(const struct xt_pkttype_info *info,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
unsigned int i;
for (i = 0; i < ARRAY_SIZE(supported_types_xlate); ++i) {
if (supported_types_xlate[i].pkttype == info->pkttype) {
- xt_buf_add(buf, "%s ", supported_types_xlate[i].name);
+ xt_xlate_add(xl, "%s ", supported_types_xlate[i].name);
return;
}
}
- xt_buf_add(buf, "%d", info->pkttype);
+ xt_xlate_add(xl, "%d", info->pkttype);
}
static int pkttype_xlate(const struct xt_entry_match *match,
- struct xt_buf *buf, int numeric)
+ struct xt_xlate *xl, int numeric)
{
const struct xt_pkttype_info *info = (const void *)match->data;
- xt_buf_add(buf, "pkttype%s ", info->invert ? " !=" : "");
- print_pkttype_xlate(info, buf);
+ xt_xlate_add(xl, "pkttype%s ", info->invert ? " !=" : "");
+ print_pkttype_xlate(info, xl);
return 1;
}
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index 2a454ea..bd4ca77 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -371,7 +371,7 @@ static const struct tcp_flag_names tcp_flag_names_xlate[] = {
{ "urg", 0x20 },
};
-static void print_tcp_xlate(struct xt_buf *buf, uint8_t flags)
+static void print_tcp_xlate(struct xt_xlate *xl, uint8_t flags)
{
int have_flag = 0;
@@ -381,31 +381,31 @@ static void print_tcp_xlate(struct xt_buf *buf, uint8_t flags)
for (i = 0; (flags & tcp_flag_names_xlate[i].flag) == 0; i++);
if (have_flag)
- xt_buf_add(buf, "|");
+ xt_xlate_add(xl, "|");
- xt_buf_add(buf, "%s", tcp_flag_names_xlate[i].name);
+ xt_xlate_add(xl, "%s", tcp_flag_names_xlate[i].name);
have_flag = 1;
flags &= ~tcp_flag_names_xlate[i].flag;
}
if (!have_flag)
- xt_buf_add(buf, "none");
+ xt_xlate_add(xl, "none");
}
-static int tcp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
+static int tcp_xlate(const struct xt_entry_match *match, struct xt_xlate *xl,
int numeric)
{
const struct xt_tcp *tcpinfo = (const struct xt_tcp *)match->data;
if (tcpinfo->spts[0] != 0 || tcpinfo->spts[1] != 0xffff) {
if (tcpinfo->spts[0] != tcpinfo->spts[1]) {
- xt_buf_add(buf, "tcp sport %s%u-%u ",
+ xt_xlate_add(xl, "tcp sport %s%u-%u ",
tcpinfo->invflags & XT_TCP_INV_SRCPT ?
"!= " : "",
tcpinfo->spts[0], tcpinfo->spts[1]);
} else {
- xt_buf_add(buf, "tcp sport %s%u ",
+ xt_xlate_add(xl, "tcp sport %s%u ",
tcpinfo->invflags & XT_TCP_INV_SRCPT ?
"!= " : "",
tcpinfo->spts[0]);
@@ -414,12 +414,12 @@ static int tcp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
if (tcpinfo->dpts[0] != 0 || tcpinfo->dpts[1] != 0xffff) {
if (tcpinfo->dpts[0] != tcpinfo->dpts[1]) {
- xt_buf_add(buf, "tcp dport %s%u-%u ",
+ xt_xlate_add(xl, "tcp dport %s%u-%u ",
tcpinfo->invflags & XT_TCP_INV_DSTPT ?
"!= " : "",
tcpinfo->dpts[0], tcpinfo->dpts[1]);
} else {
- xt_buf_add(buf, "tcp dport %s%u ",
+ xt_xlate_add(xl, "tcp dport %s%u ",
tcpinfo->invflags & XT_TCP_INV_DSTPT ?
"!= " : "",
tcpinfo->dpts[0]);
@@ -431,12 +431,12 @@ static int tcp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
return 0;
if (tcpinfo->flg_mask || (tcpinfo->invflags & XT_TCP_INV_FLAGS)) {
- xt_buf_add(buf, "tcp flags & ");
- print_tcp_xlate(buf, tcpinfo->flg_mask);
- xt_buf_add(buf, " %s ",
+ xt_xlate_add(xl, "tcp flags & ");
+ print_tcp_xlate(xl, tcpinfo->flg_mask);
+ xt_xlate_add(xl, " %s ",
tcpinfo->invflags & XT_TCP_INV_FLAGS ? "!=": "==");
- print_tcp_xlate(buf, tcpinfo->flg_cmp);
- xt_buf_add(buf, " ");
+ print_tcp_xlate(xl, tcpinfo->flg_cmp);
+ xt_xlate_add(xl, " ");
}
return 1;
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 0b89df4..47c29e9 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -152,19 +152,19 @@ static void udp_save(const void *ip, const struct xt_entry_match *match)
}
}
-static int udp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
+static int udp_xlate(const struct xt_entry_match *match, struct xt_xlate *xl,
int numeric)
{
const struct xt_udp *udpinfo = (struct xt_udp *)match->data;
if (udpinfo->spts[0] != 0 || udpinfo->spts[1] != 0xFFFF) {
if (udpinfo->spts[0] != udpinfo->spts[1]) {
- xt_buf_add(buf,"udp sport %s%u-%u ",
+ xt_xlate_add(xl,"udp sport %s%u-%u ",
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->spts[0], udpinfo->spts[1]);
} else {
- xt_buf_add(buf, "udp sport %s%u ",
+ xt_xlate_add(xl, "udp sport %s%u ",
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->spts[0]);
@@ -173,12 +173,12 @@ static int udp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
if (udpinfo->dpts[0] != 0 || udpinfo->dpts[1] != 0xFFFF) {
if (udpinfo->dpts[0] != udpinfo->dpts[1]) {
- xt_buf_add(buf,"udp dport %s%u-%u ",
+ xt_xlate_add(xl,"udp dport %s%u-%u ",
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->dpts[0], udpinfo->dpts[1]);
} else {
- xt_buf_add(buf,"udp dport %s%u ",
+ xt_xlate_add(xl,"udp dport %s%u ",
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->dpts[0]);
diff --git a/include/xtables.h b/include/xtables.h
index 175ae50..82aa2bb 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -205,7 +205,7 @@ enum xtables_ext_flags {
XTABLES_EXT_ALIAS = 1 << 0,
};
-struct xt_buf;
+struct xt_xlate;
/* Include file for additions: new matches and targets. */
struct xtables_match
@@ -272,7 +272,7 @@ struct xtables_match
const struct xt_option_entry *x6_options;
/* Translate iptables to nft */
- int (*xlate)(const struct xt_entry_match *match, struct xt_buf *buf,
+ int (*xlate)(const struct xt_entry_match *match, struct xt_xlate *xl,
int numeric);
/* Size of per-extension instance extra "global" scratch space */
@@ -353,7 +353,7 @@ struct xtables_target
const struct xt_option_entry *x6_options;
/* Translate iptables to nft */
- int (*xlate)(const struct xt_entry_target *target, struct xt_buf *buf,
+ int (*xlate)(const struct xt_entry_target *target, struct xt_xlate *xl,
int numeric);
size_t udata_size;
@@ -569,11 +569,11 @@ extern void xtables_lmap_free(struct xtables_lmap *);
extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *);
extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int);
-/* generic buffer */
-struct xt_buf *xt_buf_alloc(int size);
-void xt_buf_free(struct xt_buf *buf);
-void xt_buf_add(struct xt_buf *buf, const char *fmt, ...);
-const char *xt_buf_get(struct xt_buf *buf);
+/* xlate infrastructure */
+struct xt_xlate *xt_xlate_alloc(int size);
+void xt_xlate_free(struct xt_xlate *xl);
+void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...);
+const char *xt_xlate_get(struct xt_xlate *xl);
#ifdef XTABLES_INTERNAL
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
index ede8f17..5e2857d 100644
--- a/iptables/nft-ipv4.c
+++ b/iptables/nft-ipv4.c
@@ -429,24 +429,24 @@ static void nft_ipv4_save_counters(const void *data)
save_counters(cs->counters.pcnt, cs->counters.bcnt);
}
-static int nft_ipv4_xlate(const void *data, struct xt_buf *buf)
+static int nft_ipv4_xlate(const void *data, struct xt_xlate *xl)
{
const struct iptables_command_state *cs = data;
int ret;
if (cs->fw.ip.iniface[0] != '\0') {
- xt_buf_add(buf, "iifname %s%s ",
+ xt_xlate_add(xl, "iifname %s%s ",
cs->fw.ip.invflags & IPT_INV_VIA_IN ? "!= " : "",
cs->fw.ip.iniface);
}
if (cs->fw.ip.outiface[0] != '\0') {
- xt_buf_add(buf, "oifname %s%s ",
+ xt_xlate_add(xl, "oifname %s%s ",
cs->fw.ip.invflags & IPT_INV_VIA_OUT? "!= " : "",
cs->fw.ip.outiface);
}
if (cs->fw.ip.flags & IPT_F_FRAG) {
- xt_buf_add(buf, "ip frag-off %s%x ",
+ xt_xlate_add(xl, "ip frag-off %s%x ",
cs->fw.ip.invflags & IPT_INV_FRAG? "" : "!= ", 0);
}
@@ -459,7 +459,7 @@ static int nft_ipv4_xlate(const void *data, struct xt_buf *buf)
snprintf(protonum, sizeof(protonum), "%u",
cs->fw.ip.proto);
protonum[sizeof(protonum) - 1] = '\0';
- xt_buf_add(buf, "ip protocol %s%s ",
+ xt_xlate_add(xl, "ip protocol %s%s ",
cs->fw.ip.invflags & IPT_INV_PROTO ?
"!= " : "",
pent ? pent->p_name : protonum);
@@ -467,24 +467,24 @@ static int nft_ipv4_xlate(const void *data, struct xt_buf *buf)
}
if (cs->fw.ip.src.s_addr != 0) {
- xt_buf_add(buf, "ip saddr %s%s ",
+ xt_xlate_add(xl, "ip saddr %s%s ",
cs->fw.ip.invflags & IPT_INV_SRCIP ? "!= " : "",
inet_ntoa(cs->fw.ip.src));
}
if (cs->fw.ip.dst.s_addr != 0) {
- xt_buf_add(buf, "ip daddr %s%s ",
+ xt_xlate_add(xl, "ip daddr %s%s ",
cs->fw.ip.invflags & IPT_INV_DSTIP ? "!= " : "",
inet_ntoa(cs->fw.ip.dst));
}
- ret = xlate_matches(cs, buf);
+ ret = xlate_matches(cs, xl);
if (!ret)
return ret;
/* Always add counters per rule, as in iptables */
- xt_buf_add(buf, "counter ");
+ xt_xlate_add(xl, "counter ");
- ret = xlate_action(cs, !!(cs->fw.ip.flags & IPT_F_GOTO), buf);
+ ret = xlate_action(cs, !!(cs->fw.ip.flags & IPT_F_GOTO), xl);
return ret;
}
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index 0b6ff97..77ac5b8 100644
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -378,7 +378,7 @@ static void nft_ipv6_save_counters(const void *data)
}
static void xlate_ipv6_addr(const char *selector, const struct in6_addr *addr,
- int invert, struct xt_buf *buf)
+ int invert, struct xt_xlate *xl)
{
char addr_str[INET6_ADDRSTRLEN];
@@ -386,22 +386,22 @@ static void xlate_ipv6_addr(const char *selector, const struct in6_addr *addr,
return;
inet_ntop(AF_INET6, addr, addr_str, INET6_ADDRSTRLEN);
- xt_buf_add(buf, "%s %s%s ", selector, invert ? "!= " : "", addr_str);
+ xt_xlate_add(xl, "%s %s%s ", selector, invert ? "!= " : "", addr_str);
}
-static int nft_ipv6_xlate(const void *data, struct xt_buf *buf)
+static int nft_ipv6_xlate(const void *data, struct xt_xlate *xl)
{
const struct iptables_command_state *cs = data;
int ret;
if (cs->fw6.ipv6.iniface[0] != '\0') {
- xt_buf_add(buf, "iifname %s%s ",
+ xt_xlate_add(xl, "iifname %s%s ",
cs->fw6.ipv6.invflags & IP6T_INV_VIA_IN ?
"!= " : "",
cs->fw6.ipv6.iniface);
}
if (cs->fw6.ipv6.outiface[0] != '\0') {
- xt_buf_add(buf, "oifname %s%s ",
+ xt_xlate_add(xl, "oifname %s%s ",
cs->fw6.ipv6.invflags & IP6T_INV_VIA_OUT ?
"!= " : "",
cs->fw6.ipv6.outiface);
@@ -416,7 +416,7 @@ static int nft_ipv6_xlate(const void *data, struct xt_buf *buf)
snprintf(protonum, sizeof(protonum), "%u",
cs->fw6.ipv6.proto);
protonum[sizeof(protonum) - 1] = '\0';
- xt_buf_add(buf, "ip6 nexthdr %s%s ",
+ xt_xlate_add(xl, "ip6 nexthdr %s%s ",
cs->fw6.ipv6.invflags & IP6T_INV_PROTO ?
"!= " : "",
pent ? pent->p_name : protonum);
@@ -424,18 +424,18 @@ static int nft_ipv6_xlate(const void *data, struct xt_buf *buf)
}
xlate_ipv6_addr("ip6 saddr", &cs->fw6.ipv6.src,
- cs->fw6.ipv6.invflags & IP6T_INV_SRCIP, buf);
+ cs->fw6.ipv6.invflags & IP6T_INV_SRCIP, xl);
xlate_ipv6_addr("ip6 daddr", &cs->fw6.ipv6.dst,
- cs->fw6.ipv6.invflags & IP6T_INV_DSTIP, buf);
+ cs->fw6.ipv6.invflags & IP6T_INV_DSTIP, xl);
- ret = xlate_matches(cs, buf);
+ ret = xlate_matches(cs, xl);
if (!ret)
return ret;
/* Always add counters per rule, as in iptables */
- xt_buf_add(buf, "counter ");
+ xt_xlate_add(xl, "counter ");
- ret = xlate_action(cs, !!(cs->fw6.ipv6.flags & IP6T_F_GOTO), buf);
+ ret = xlate_action(cs, !!(cs->fw6.ipv6.flags & IP6T_F_GOTO), xl);
return ret;
}
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 7386183..c0948fd 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -37,7 +37,7 @@
#define FMT(tab,notab) ((format) & FMT_NOTABLE ? (notab) : (tab))
struct xtables_args;
-struct xt_buf;
+struct xt_xlate;
enum {
NFT_XT_CTX_PAYLOAD = (1 << 0),
@@ -102,7 +102,7 @@ struct nft_family_ops {
void (*parse_target)(struct xtables_target *t, void *data);
bool (*rule_find)(struct nft_family_ops *ops, struct nftnl_rule *r,
void *data);
- int (*xlate)(const void *data, struct xt_buf *buf);
+ int (*xlate)(const void *data, struct xt_xlate *xl);
};
void add_meta(struct nftnl_rule *r, uint32_t key);
diff --git a/iptables/nft.h b/iptables/nft.h
index 192050a..281e1c6 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -161,9 +161,9 @@ int nft_xtables_config_load(struct nft_handle *h, const char *filename, uint32_t
struct xt_buf;
bool xlate_find_match(const struct iptables_command_state *cs, const char *p_name);
-int xlate_matches(const struct iptables_command_state *cs, struct xt_buf *buf);
+int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl);
int xlate_action(const struct iptables_command_state *cs, bool goto_set,
- struct xt_buf *buf);
+ struct xt_xlate *xl);
/*
* ARP
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 30028c3..9e2c6ae 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -35,7 +35,7 @@
#include "nft-shared.h"
int xlate_action(const struct iptables_command_state *cs, bool goto_set,
- struct xt_buf *buf)
+ struct xt_xlate *xl)
{
int ret = 1, numeric = cs->options & OPT_NUMERIC;
@@ -43,27 +43,27 @@ int xlate_action(const struct iptables_command_state *cs, bool goto_set,
if (cs->target != NULL) {
/* Standard target? */
if (strcmp(cs->jumpto, XTC_LABEL_ACCEPT) == 0)
- xt_buf_add(buf, "accept");
+ xt_xlate_add(xl, "accept");
else if (strcmp(cs->jumpto, XTC_LABEL_DROP) == 0)
- xt_buf_add(buf, "drop");
+ xt_xlate_add(xl, "drop");
else if (strcmp(cs->jumpto, XTC_LABEL_RETURN) == 0)
- xt_buf_add(buf, "return");
+ xt_xlate_add(xl, "return");
else if (cs->target->xlate)
- ret = cs->target->xlate(cs->target->t, buf, numeric);
+ ret = cs->target->xlate(cs->target->t, xl, numeric);
else
return 0;
} else if (strlen(cs->jumpto) > 0) {
/* Not standard, then it's a go / jump to chain */
if (goto_set)
- xt_buf_add(buf, "goto %s", cs->jumpto);
+ xt_xlate_add(xl, "goto %s", cs->jumpto);
else
- xt_buf_add(buf, "jump %s", cs->jumpto);
+ xt_xlate_add(xl, "jump %s", cs->jumpto);
}
return ret;
}
-int xlate_matches(const struct iptables_command_state *cs, struct xt_buf *buf)
+int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl)
{
struct xtables_rule_match *matchp;
int ret = 1, numeric = cs->options & OPT_NUMERIC;
@@ -72,7 +72,7 @@ int xlate_matches(const struct iptables_command_state *cs, struct xt_buf *buf)
if (!matchp->match->xlate)
return 0;
- ret = matchp->match->xlate(matchp->match->m, buf, numeric);
+ ret = matchp->match->xlate(matchp->match->m, xl, numeric);
if (!ret)
break;
}
@@ -101,22 +101,22 @@ static int nft_rule_xlate_add(struct nft_handle *h,
const struct iptables_command_state *cs,
bool append)
{
- struct xt_buf *buf = xt_buf_alloc(10240);
+ struct xt_xlate *xl = xt_xlate_alloc(10240);
int ret;
if (append) {
- xt_buf_add(buf, "add rule %s %s %s ",
+ xt_xlate_add(xl, "add rule %s %s %s ",
family2str[h->family], p->table, p->chain);
} else {
- xt_buf_add(buf, "insert rule %s %s %s ",
+ xt_xlate_add(xl, "insert rule %s %s %s ",
family2str[h->family], p->table, p->chain);
}
- ret = h->ops->xlate(cs, buf);
+ ret = h->ops->xlate(cs, xl);
if (ret)
- printf("%s\n", xt_buf_get(buf));
+ printf("%s\n", xt_xlate_get(xl));
- xt_buf_free(buf);
+ xt_xlate_free(xl);
return ret;
}
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 21e515d..32d6a5a 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -1987,54 +1987,54 @@ void get_kernel_version(void)
kernel_version = LINUX_VERSION(x, y, z);
}
-struct xt_buf {
+struct xt_xlate {
char *data;
int size;
int rem;
int off;
};
-struct xt_buf *xt_buf_alloc(int size)
+struct xt_xlate *xt_xlate_alloc(int size)
{
- struct xt_buf *buf;
+ struct xt_xlate *xl;
- buf = malloc(sizeof(struct xt_buf));
- if (buf == NULL)
+ xl = malloc(sizeof(struct xt_xlate));
+ if (xl == NULL)
xtables_error(RESOURCE_PROBLEM, "OOM");
- buf->data = malloc(size);
- if (buf->data == NULL)
+ xl->data = malloc(size);
+ if (xl->data == NULL)
xtables_error(RESOURCE_PROBLEM, "OOM");
- buf->size = size;
- buf->rem = size;
- buf->off = 0;
+ xl->size = size;
+ xl->rem = size;
+ xl->off = 0;
- return buf;
+ return xl;
}
-void xt_buf_free(struct xt_buf *buf)
+void xt_xlate_free(struct xt_xlate *xl)
{
- free(buf->data);
- free(buf);
+ free(xl->data);
+ free(xl);
}
-void xt_buf_add(struct xt_buf *buf, const char *fmt, ...)
+void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...)
{
va_list ap;
int len;
va_start(ap, fmt);
- len = vsnprintf(buf->data + buf->off, buf->rem, fmt, ap);
- if (len < 0 || len >= buf->rem)
+ len = vsnprintf(xl->data + xl->off, xl->rem, fmt, ap);
+ if (len < 0 || len >= xl->rem)
xtables_error(RESOURCE_PROBLEM, "OOM");
va_end(ap);
- buf->rem -= len;
- buf->off += len;
+ xl->rem -= len;
+ xl->off += len;
}
-const char *xt_buf_get(struct xt_buf *buf)
+const char *xt_xlate_get(struct xt_xlate *xl)
{
- return buf->data;
+ return xl->data;
}
--
2.1.4
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
