[PATCH 2/3 iptables,xlate4] extensions: rename xt_buf to xt_xlate

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Use a more generic name for this object to prepare the introduction of
other translation specific fields.

Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
---
 extensions/libip6t_DNAT.c     | 20 +++++++++----------
 extensions/libip6t_LOG.c      |  8 ++++----
 extensions/libip6t_REDIRECT.c |  8 ++++----
 extensions/libip6t_REJECT.c   |  6 +++---
 extensions/libip6t_SNAT.c     | 22 ++++++++++-----------
 extensions/libip6t_ah.c       | 12 +++++------
 extensions/libip6t_hl.c       |  4 ++--
 extensions/libipt_DNAT.c      | 20 +++++++++----------
 extensions/libipt_LOG.c       |  8 ++++----
 extensions/libipt_REDIRECT.c  |  8 ++++----
 extensions/libipt_REJECT.c    |  6 +++---
 extensions/libipt_SNAT.c      | 24 +++++++++++-----------
 extensions/libipt_ah.c        |  8 ++++----
 extensions/libipt_realm.c     | 14 ++++++-------
 extensions/libipt_ttl.c       | 12 +++++------
 extensions/libxt_NFLOG.c      | 16 +++++++--------
 extensions/libxt_connmark.c   | 18 ++++++++---------
 extensions/libxt_conntrack.c  | 20 +++++++++----------
 extensions/libxt_cpu.c        |  4 ++--
 extensions/libxt_devgroup.c   | 22 ++++++++++-----------
 extensions/libxt_esp.c        |  8 ++++----
 extensions/libxt_helper.c     |  4 ++--
 extensions/libxt_iprange.c    | 46 +++++++++++++++++++++----------------------
 extensions/libxt_length.c     |  8 ++++----
 extensions/libxt_limit.c      | 14 ++++++-------
 extensions/libxt_mac.c        | 14 ++++++-------
 extensions/libxt_mark.c       | 18 ++++++++---------
 extensions/libxt_pkttype.c    | 12 +++++------
 extensions/libxt_tcp.c        | 28 +++++++++++++-------------
 extensions/libxt_udp.c        | 10 +++++-----
 include/xtables.h             | 16 +++++++--------
 iptables/nft-ipv4.c           | 20 +++++++++----------
 iptables/nft-ipv6.c           | 22 ++++++++++-----------
 iptables/nft-shared.h         |  4 ++--
 iptables/nft.h                |  4 ++--
 iptables/xtables-translate.c  | 30 ++++++++++++++--------------
 libxtables/xtables.c          | 42 +++++++++++++++++++--------------------
 37 files changed, 280 insertions(+), 280 deletions(-)

diff --git a/extensions/libip6t_DNAT.c b/extensions/libip6t_DNAT.c
index 3959755..7fc21a3 100644
--- a/extensions/libip6t_DNAT.c
+++ b/extensions/libip6t_DNAT.c
@@ -232,43 +232,43 @@ static void DNAT_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static void print_range_xlate(const struct nf_nat_range *range,
-			      struct xt_buf *buf)
+			      struct xt_xlate *xl)
 {
 	if (range->flags & NF_NAT_RANGE_MAP_IPS) {
-		xt_buf_add(buf, "%s",
+		xt_xlate_add(xl, "%s",
 			   xtables_ip6addr_to_numeric(&range->min_addr.in6));
 
 		if (memcmp(&range->min_addr, &range->max_addr,
 			   sizeof(range->min_addr)))
-			xt_buf_add(buf, "-%s",
+			xt_xlate_add(xl, "-%s",
 			     xtables_ip6addr_to_numeric(&range->max_addr.in6));
 	}
 	if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_buf_add(buf, " :%hu", ntohs(range->min_proto.tcp.port));
+		xt_xlate_add(xl, " :%hu", ntohs(range->min_proto.tcp.port));
 
 		if (range->max_proto.tcp.port != range->min_proto.tcp.port)
-			xt_buf_add(buf, "-%hu",
+			xt_xlate_add(xl, "-%hu",
 				   ntohs(range->max_proto.tcp.port));
 	}
 }
 
 static int DNAT_xlate(const struct xt_entry_target *target,
-		       struct xt_buf *buf, int numeric)
+		      struct xt_xlate *xl, int numeric)
 {
 	const struct nf_nat_range *range = (const void *)target->data;
 	bool sep_need = false;
 	const char *sep = " ";
 
-	xt_buf_add(buf, "dnat ");
-	print_range_xlate(range, buf);
+	xt_xlate_add(xl, "dnat ");
+	print_range_xlate(range, xl);
 	if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) {
-		xt_buf_add(buf, " random");
+		xt_xlate_add(xl, " random");
 		sep_need = true;
 	}
 	if (range->flags & NF_NAT_RANGE_PERSISTENT) {
 		if (sep_need)
 			sep = ",";
-		xt_buf_add(buf, "%spersistent", sep);
+		xt_xlate_add(xl, "%spersistent", sep);
 	}
 
 	return 1;
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 9df86fd..17d76a8 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -183,19 +183,19 @@ static const struct ip6t_log_xlate ip6t_log_xlate_names[] = {
 };
 
 static int LOG_xlate(const struct xt_entry_target *target,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	unsigned int i = 0;
 	const struct ip6t_log_info *loginfo =
 			(const struct ip6t_log_info *)target->data;
 
-	xt_buf_add(buf, "log ");
+	xt_xlate_add(xl, "log ");
 	if (strcmp(loginfo->prefix, "") != 0)
-		xt_buf_add(buf, "prefix \\\"%s\\\" ", loginfo->prefix);
+		xt_xlate_add(xl, "prefix \\\"%s\\\" ", loginfo->prefix);
 
 	for (i = 0; i < ARRAY_SIZE(ip6t_log_xlate_names); ++i)
 		if (loginfo->level == ip6t_log_xlate_names[i].level) {
-			xt_buf_add(buf, "level %s",
+			xt_xlate_add(xl, "level %s",
 				   ip6t_log_xlate_names[i].name);
 			break;
 		}
diff --git a/extensions/libip6t_REDIRECT.c b/extensions/libip6t_REDIRECT.c
index d907d94..fc4a4d8 100644
--- a/extensions/libip6t_REDIRECT.c
+++ b/extensions/libip6t_REDIRECT.c
@@ -133,18 +133,18 @@ static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static int REDIRECT_xlate(const struct xt_entry_target *target,
-			  struct xt_buf *buf, int numeric)
+			  struct xt_xlate *xl, int numeric)
 {
 	const struct nf_nat_range *range = (const void *)target->data;
 
 	if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_buf_add(buf, "redirect to %hu",
+		xt_xlate_add(xl, "redirect to %hu",
 			   ntohs(range->min_proto.tcp.port));
 		if (range->max_proto.tcp.port != range->min_proto.tcp.port)
-			xt_buf_add(buf, "-%hu ",
+			xt_xlate_add(xl, "-%hu ",
 				   ntohs(range->max_proto.tcp.port));
 		if (range->flags & NF_NAT_RANGE_PROTO_RANDOM)
-			xt_buf_add(buf, " random ");
+			xt_xlate_add(xl, " random ");
 	}
 
 	return 1;
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 3b8431c..ad2a8ec 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -140,7 +140,7 @@ static const struct reject_names_xlate reject_table_xlate[] = {
 };
 
 static int REJECT_xlate(const struct xt_entry_target *target,
-			struct xt_buf *buf, int numeric)
+			struct xt_xlate *xl, int numeric)
 {
 	const struct ip6t_reject_info *reject =
 				(const struct ip6t_reject_info *)target->data;
@@ -150,9 +150,9 @@ static int REJECT_xlate(const struct xt_entry_target *target,
 		if (reject_table_xlate[i].with == reject->with)
 			break;
 	if (reject->with == IP6T_TCP_RESET)
-		xt_buf_add(buf, "reject with %s", reject_table_xlate[i].name);
+		xt_xlate_add(xl, "reject with %s", reject_table_xlate[i].name);
 	else
-		xt_buf_add(buf, "reject with icmpv6 type %s",
+		xt_xlate_add(xl, "reject with icmpv6 type %s",
 			   reject_table_xlate[i].name);
 
 	return 1;
diff --git a/extensions/libip6t_SNAT.c b/extensions/libip6t_SNAT.c
index b85c86c..28e29da 100644
--- a/extensions/libip6t_SNAT.c
+++ b/extensions/libip6t_SNAT.c
@@ -242,49 +242,49 @@ static void SNAT_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static void print_range_xlate(const struct nf_nat_range *range,
-			      struct xt_buf *buf)
+			      struct xt_xlate *xl)
 {
 	if (range->flags & NF_NAT_RANGE_MAP_IPS) {
-		xt_buf_add(buf, "%s",
+		xt_xlate_add(xl, "%s",
 			   xtables_ip6addr_to_numeric(&range->min_addr.in6));
 
 		if (memcmp(&range->min_addr, &range->max_addr,
 			   sizeof(range->min_addr)))
-			xt_buf_add(buf, "-%s",
+			xt_xlate_add(xl, "-%s",
 			     xtables_ip6addr_to_numeric(&range->max_addr.in6));
 	}
 	if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_buf_add(buf, " :%hu", ntohs(range->min_proto.tcp.port));
+		xt_xlate_add(xl, " :%hu", ntohs(range->min_proto.tcp.port));
 
 		if (range->max_proto.tcp.port != range->min_proto.tcp.port)
-			xt_buf_add(buf, "-%hu",
+			xt_xlate_add(xl, "-%hu",
 				   ntohs(range->max_proto.tcp.port));
 	}
 }
 
 static int SNAT_xlate(const struct xt_entry_target *target,
-		      struct xt_buf *buf, int numeric)
+		      struct xt_xlate *xl, int numeric)
 {
 	const struct nf_nat_range *range = (const void *)target->data;
 	bool sep_need = false;
 	const char *sep = " ";
 
-	xt_buf_add(buf, "snat ");
-	print_range_xlate(range, buf);
+	xt_xlate_add(xl, "snat ");
+	print_range_xlate(range, xl);
 	if (range->flags & NF_NAT_RANGE_PROTO_RANDOM) {
-		xt_buf_add(buf, " random");
+		xt_xlate_add(xl, " random");
 		sep_need = true;
 	}
 	if (range->flags & NF_NAT_RANGE_PROTO_RANDOM_FULLY) {
 		if (sep_need)
 			sep = ",";
-		xt_buf_add(buf, "%sfully-random", sep);
+		xt_xlate_add(xl, "%sfully-random", sep);
 		sep_need = true;
 	}
 	if (range->flags & NF_NAT_RANGE_PERSISTENT) {
 		if (sep_need)
 			sep = ",";
-		xt_buf_add(buf, "%spersistent", sep);
+		xt_xlate_add(xl, "%spersistent", sep);
 	}
 
 	return 1;
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index f7c30f4..087b3ac 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -129,27 +129,27 @@ static void ah_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int ah_xlate(const struct xt_entry_match *match,
-		    struct xt_buf *buf, int numeric)
+		    struct xt_xlate *xl, int numeric)
 {
 	const struct ip6t_ah *ahinfo = (struct ip6t_ah *)match->data;
 
 	if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) {
-		xt_buf_add(buf, "ah spi%s ",
+		xt_xlate_add(xl, "ah spi%s ",
 			   (ahinfo->invflags & IP6T_AH_INV_SPI) ? " !=" : "");
 	if (ahinfo->spis[0] != ahinfo->spis[1])
-		xt_buf_add(buf, "%u-%u ", ahinfo->spis[0], ahinfo->spis[1]);
+		xt_xlate_add(xl, "%u-%u ", ahinfo->spis[0], ahinfo->spis[1]);
 	else
-		xt_buf_add(buf, "%u ", ahinfo->spis[0]);
+		xt_xlate_add(xl, "%u ", ahinfo->spis[0]);
 	}
 
 	if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN)) {
-		xt_buf_add(buf, "ah hdrlength%s %u ",
+		xt_xlate_add(xl, "ah hdrlength%s %u ",
 			   (ahinfo->invflags & IP6T_AH_INV_LEN) ? " !=" : "",
 			   ahinfo->hdrlen);
 	}
 
 	if (ahinfo->hdrres != 0)
-		xt_buf_add(buf, "ah reserved %u ", ahinfo->hdrres);
+		xt_xlate_add(xl, "ah reserved %u ", ahinfo->hdrres);
 
 	return 1;
 }
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index 226b69c..9fe893a 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -84,7 +84,7 @@ static void hl_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int hl_xlate(const struct xt_entry_match *match,
-		    struct xt_buf *buf, int numeric)
+		    struct xt_xlate *xl, int numeric)
 {
 	static const char *const op[] = {
 		[IP6T_HL_EQ] = "",
@@ -95,7 +95,7 @@ static int hl_xlate(const struct xt_entry_match *match,
 	const struct ip6t_hl_info *info =
 		(struct ip6t_hl_info *) match->data;
 
-	xt_buf_add(buf, "ip6 hoplimit %s%u ", op[info->mode], info->hop_limit);
+	xt_xlate_add(xl, "ip6 hoplimit %s%u ", op[info->mode], info->hop_limit);
 
 	return 1;
 }
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index e529141..45835a9 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -243,27 +243,27 @@ static void DNAT_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static void print_range_xlate(const struct nf_nat_ipv4_range *r,
-			struct xt_buf *buf)
+			struct xt_xlate *xl)
 {
 	if (r->flags & NF_NAT_RANGE_MAP_IPS) {
 		struct in_addr a;
 
 		a.s_addr = r->min_ip;
-		xt_buf_add(buf, "%s", xtables_ipaddr_to_numeric(&a));
+		xt_xlate_add(xl, "%s", xtables_ipaddr_to_numeric(&a));
 		if (r->max_ip != r->min_ip) {
 			a.s_addr = r->max_ip;
-			xt_buf_add(buf, "-%s", xtables_ipaddr_to_numeric(&a));
+			xt_xlate_add(xl, "-%s", xtables_ipaddr_to_numeric(&a));
 		}
 	}
 	if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_buf_add(buf, ":%hu", ntohs(r->min.tcp.port));
+		xt_xlate_add(xl, ":%hu", ntohs(r->min.tcp.port));
 		if (r->max.tcp.port != r->min.tcp.port)
-			xt_buf_add(buf, "-%hu", ntohs(r->max.tcp.port));
+			xt_xlate_add(xl, "-%hu", ntohs(r->max.tcp.port));
 	}
 }
 
 static int DNAT_xlate(const struct xt_entry_target *target,
-		      struct xt_buf *buf, int numeric)
+		      struct xt_xlate *xl, int numeric)
 {
 	const struct ipt_natinfo *info = (const void *)target;
 	unsigned int i = 0;
@@ -271,16 +271,16 @@ static int DNAT_xlate(const struct xt_entry_target *target,
 	const char *sep = " ";
 
 	for (i = 0; i < info->mr.rangesize; i++) {
-		xt_buf_add(buf, "dnat ");
-		print_range_xlate(&info->mr.range[i], buf);
+		xt_xlate_add(xl, "dnat ");
+		print_range_xlate(&info->mr.range[i], xl);
 		if (info->mr.range[i].flags & NF_NAT_RANGE_PROTO_RANDOM) {
-			xt_buf_add(buf, " random");
+			xt_xlate_add(xl, " random");
 			sep_need = true;
 		}
 		if (info->mr.range[i].flags & NF_NAT_RANGE_PERSISTENT) {
 			if (sep_need)
 				sep = ",";
-			xt_buf_add(buf, "%spersistent", sep);
+			xt_xlate_add(xl, "%spersistent", sep);
 		}
 	}
 
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index f2beee3..f3875b6 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -183,19 +183,19 @@ static const struct ipt_log_xlate ipt_log_xlate_names[] = {
 };
 
 static int LOG_xlate(const struct xt_entry_target *target,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	unsigned int i = 0;
 	const struct ipt_log_info *loginfo =
 			(const struct ipt_log_info *)target->data;
 
-	xt_buf_add(buf, "log ");
+	xt_xlate_add(xl, "log ");
 	if (strcmp(loginfo->prefix, "") != 0)
-		xt_buf_add(buf, "prefix \\\"%s\\\" ", loginfo->prefix);
+		xt_xlate_add(xl, "prefix \\\"%s\\\" ", loginfo->prefix);
 
 	for (i = 0; i < ARRAY_SIZE(ipt_log_xlate_names); ++i)
 		if (loginfo->level == ipt_log_xlate_names[i].level) {
-			xt_buf_add(buf, "level %s ",
+			xt_xlate_add(xl, "level %s ",
 				   ipt_log_xlate_names[i].name);
 			break;
 		}
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 2e5b33d..68efe96 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -136,18 +136,18 @@ static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static int REDIRECT_xlate(const struct xt_entry_target *target,
-			  struct xt_buf *buf, int numeric)
+			  struct xt_xlate *xl, int numeric)
 {
 	const struct nf_nat_ipv4_multi_range_compat *mr =
 					(const void *)target->data;
 	const struct nf_nat_ipv4_range *r = &mr->range[0];
 
 	if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_buf_add(buf, "redirect to %hu", ntohs(r->min.tcp.port));
+		xt_xlate_add(xl, "redirect to %hu", ntohs(r->min.tcp.port));
 		if (r->max.tcp.port != r->min.tcp.port)
-			xt_buf_add(buf, "-%hu ", ntohs(r->max.tcp.port));
+			xt_xlate_add(xl, "-%hu ", ntohs(r->max.tcp.port));
 		if (mr->range[0].flags & NF_NAT_RANGE_PROTO_RANDOM)
-			xt_buf_add(buf, " random ");
+			xt_xlate_add(xl, " random ");
 	}
 
 	return 1;
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index dd4ac62..56fc346 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -160,7 +160,7 @@ static const struct reject_names_xlate reject_table_xlate[] = {
 };
 
 static int REJECT_xlate(const struct xt_entry_target *target,
-			struct xt_buf *buf, int numeric)
+			struct xt_xlate *xl, int numeric)
 {
 	const struct ipt_reject_info *reject =
 		(const struct ipt_reject_info *)target->data;
@@ -172,10 +172,10 @@ static int REJECT_xlate(const struct xt_entry_target *target,
 	}
 
 	if (reject->with == IPT_TCP_RESET)
-		xt_buf_add(buf, "reject with %s",
+		xt_xlate_add(xl, "reject with %s",
 			   reject_table_xlate[i].name);
 	else
-		xt_buf_add(buf, "reject with icmp type %s",
+		xt_xlate_add(xl, "reject with icmp type %s",
 			   reject_table_xlate[i].name);
 
 	return 1;
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 42fe92d..1962e66 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -253,28 +253,28 @@ static void SNAT_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static void print_range_xlate(const struct nf_nat_ipv4_range *r,
-			      struct xt_buf *buf)
+			      struct xt_xlate *xl)
 {
 	if (r->flags & NF_NAT_RANGE_MAP_IPS) {
 		struct in_addr a;
 
 		a.s_addr = r->min_ip;
-		xt_buf_add(buf, "%s", xtables_ipaddr_to_numeric(&a));
+		xt_xlate_add(xl, "%s", xtables_ipaddr_to_numeric(&a));
 		if (r->max_ip != r->min_ip) {
 			a.s_addr = r->max_ip;
-			xt_buf_add(buf, "-%s", xtables_ipaddr_to_numeric(&a));
+			xt_xlate_add(xl, "-%s", xtables_ipaddr_to_numeric(&a));
 		}
 	}
 	if (r->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
-		xt_buf_add(buf, ":");
-		xt_buf_add(buf, "%hu", ntohs(r->min.tcp.port));
+		xt_xlate_add(xl, ":");
+		xt_xlate_add(xl, "%hu", ntohs(r->min.tcp.port));
 		if (r->max.tcp.port != r->min.tcp.port)
-			xt_buf_add(buf, "-%hu", ntohs(r->max.tcp.port));
+			xt_xlate_add(xl, "-%hu", ntohs(r->max.tcp.port));
 	}
 }
 
 static int SNAT_xlate(const struct xt_entry_target *target,
-		      struct xt_buf *buf, int numeric)
+		      struct xt_xlate *xl, int numeric)
 {
 	const struct ipt_natinfo *info = (const void *)target;
 	unsigned int i = 0;
@@ -282,22 +282,22 @@ static int SNAT_xlate(const struct xt_entry_target *target,
 	const char *sep = " ";
 
 	for (i = 0; i < info->mr.rangesize; i++) {
-		xt_buf_add(buf, "snat ");
-		print_range_xlate(&info->mr.range[i], buf);
+		xt_xlate_add(xl, "snat ");
+		print_range_xlate(&info->mr.range[i], xl);
 		if (info->mr.range[i].flags & NF_NAT_RANGE_PROTO_RANDOM) {
-			xt_buf_add(buf, " random");
+			xt_xlate_add(xl, " random");
 			sep_need = true;
 		}
 		if (info->mr.range[i].flags & NF_NAT_RANGE_PROTO_RANDOM_FULLY) {
 			if (sep_need)
 				sep = ",";
-			xt_buf_add(buf, "%sfully-random", sep);
+			xt_xlate_add(xl, "%sfully-random", sep);
 			sep_need = true;
 		}
 		if (info->mr.range[i].flags & NF_NAT_RANGE_PERSISTENT) {
 			if (sep_need)
 				sep = ",";
-			xt_buf_add(buf, "%spersistent", sep);
+			xt_xlate_add(xl, "%spersistent", sep);
 		}
 	}
 
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index 8973e49..a7d1193 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -93,18 +93,18 @@ static void ah_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int ah_xlate(const struct xt_entry_match *match,
-		    struct xt_buf *buf, int numeric)
+		    struct xt_xlate *xl, int numeric)
 {
 	const struct ipt_ah *ahinfo = (struct ipt_ah *)match->data;
 
 	if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) {
-		xt_buf_add(buf, "ah spi%s ",
+		xt_xlate_add(xl, "ah spi%s ",
 			   (ahinfo->invflags & IPT_AH_INV_SPI) ? " !=" : "");
 		if (ahinfo->spis[0] != ahinfo->spis[1])
-			xt_buf_add(buf, "%u-%u ", ahinfo->spis[0],
+			xt_xlate_add(xl, "%u-%u ", ahinfo->spis[0],
 				   ahinfo->spis[1]);
 		else
-			xt_buf_add(buf, "%u ", ahinfo->spis[0]);
+			xt_xlate_add(xl, "%u ", ahinfo->spis[0]);
 	}
 
 	return 1;
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index d016040..7dba93f 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -110,27 +110,27 @@ static void realm_save(const void *ip, const struct xt_entry_match *match)
 
 static void
 print_realm_xlate(unsigned long id, unsigned long mask,
-		  int numeric, struct xt_buf *buf, uint32_t op)
+		  int numeric, struct xt_xlate *xl, uint32_t op)
 {
 	const char *name = NULL;
 
 	if (mask != 0xffffffff)
-		xt_buf_add(buf, " and 0x%lx %s 0x%lx ", id,
+		xt_xlate_add(xl, " and 0x%lx %s 0x%lx ", id,
 			   op == XT_OP_EQ ? "==" : "!=", mask);
 	else {
 		if (numeric == 0)
 			name = xtables_lmap_id2name(realms, id);
 		if (name)
-			xt_buf_add(buf, "%s%s ",
+			xt_xlate_add(xl, "%s%s ",
 				   op == XT_OP_EQ ? "" : "!= ", name);
 		else
-			xt_buf_add(buf, " %s0x%lx ",
+			xt_xlate_add(xl, " %s0x%lx ",
 				   op == XT_OP_EQ ? "" : "!= ", id);
 	}
 }
 
 static int realm_xlate(const struct xt_entry_match *match,
-		       struct xt_buf *buf, int numeric)
+		       struct xt_xlate *xl, int numeric)
 {
 	const struct xt_realm_info *ri = (const void *)match->data;
 	enum xt_op op = XT_OP_EQ;
@@ -138,8 +138,8 @@ static int realm_xlate(const struct xt_entry_match *match,
 	if (ri->invert)
 		op = XT_OP_NEQ;
 
-	xt_buf_add(buf, "rtclassid");
-	print_realm_xlate(ri->id, ri->mask, 0, buf, op);
+	xt_xlate_add(xl, "rtclassid");
+	print_realm_xlate(ri->id, ri->mask, 0, xl, op);
 
 	return 1;
 }
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index c952502..bd19cd2 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -101,30 +101,30 @@ static void ttl_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int ttl_xlate(const struct xt_entry_match *match,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	const struct ipt_ttl_info *info =
 			(struct ipt_ttl_info *) match->data;
 
 		switch (info->mode) {
 		case IPT_TTL_EQ:
-			xt_buf_add(buf, "ip ttl");
+			xt_xlate_add(xl, "ip ttl");
 			break;
 		case IPT_TTL_NE:
-			xt_buf_add(buf, "ip ttl !=");
+			xt_xlate_add(xl, "ip ttl !=");
 			break;
 		case IPT_TTL_LT:
-			xt_buf_add(buf, "ip ttl lt");
+			xt_xlate_add(xl, "ip ttl lt");
 			break;
 		case IPT_TTL_GT:
-			xt_buf_add(buf, "ip ttl gt");
+			xt_xlate_add(xl, "ip ttl gt");
 			break;
 		default:
 			/* Should not happen. */
 			break;
 	}
 
-	xt_buf_add(buf, " %u ", info->ttl);
+	xt_xlate_add(xl, " %u ", info->ttl);
 
 	return 1;
 }
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 4f9024a..e31a3c4 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -87,24 +87,24 @@ static void NFLOG_save(const void *ip, const struct xt_entry_target *target)
 }
 
 static void nflog_print_xlate(const struct xt_nflog_info *info,
-			      struct xt_buf *buf)
+			      struct xt_xlate *xl)
 {
-	xt_buf_add(buf, "log ");
+	xt_xlate_add(xl, "log ");
 	if (info->prefix[0] != '\0')
-		xt_buf_add(buf, "prefix \\\"%s\\\" ", info->prefix);
+		xt_xlate_add(xl, "prefix \\\"%s\\\" ", info->prefix);
 	if (info->len)
-		xt_buf_add(buf, "snaplen %u ", info->len);
+		xt_xlate_add(xl, "snaplen %u ", info->len);
 	if (info->threshold != XT_NFLOG_DEFAULT_THRESHOLD)
-		xt_buf_add(buf, "queue-threshold %u ", info->threshold);
-	xt_buf_add(buf, "group %u ", info->group);
+		xt_xlate_add(xl, "queue-threshold %u ", info->threshold);
+	xt_xlate_add(xl, "group %u ", info->group);
 }
 
 static int NFLOG_xlate(const struct xt_entry_target *target,
-		       struct xt_buf *buf, int numeric)
+		       struct xt_xlate *xl, int numeric)
 {
 	const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
 
-	nflog_print_xlate(info, buf);
+	nflog_print_xlate(info, xl);
 
 	return 1;
 }
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 087d4bf..3d1926f 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -124,18 +124,18 @@ connmark_mt_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static void print_mark_xlate(unsigned int mark, unsigned int mask,
-			     struct xt_buf *buf, uint32_t op)
+			     struct xt_xlate *xl, uint32_t op)
 {
 	if (mask != 0xffffffffU)
-		xt_buf_add(buf, " and 0x%x %s 0x%x ", mark,
+		xt_xlate_add(xl, " and 0x%x %s 0x%x ", mark,
 			   op == XT_OP_EQ ? "==" : "!=", mask);
 	else
-		xt_buf_add(buf, " %s0x%x ",
+		xt_xlate_add(xl, " %s0x%x ",
 			   op == XT_OP_EQ ? "" : "!= ", mark);
 }
 
 static int connmark_xlate(const struct xt_entry_match *match,
-			  struct xt_buf *buf, int numeric)
+			  struct xt_xlate *xl, int numeric)
 {
 	const struct xt_connmark_info *info = (const void *)match->data;
 	enum xt_op op = XT_OP_EQ;
@@ -143,15 +143,15 @@ static int connmark_xlate(const struct xt_entry_match *match,
 	if (info->invert)
 		op = XT_OP_NEQ;
 
-	xt_buf_add(buf, "ct mark");
-	print_mark_xlate(info->mark, info->mask, buf, op);
+	xt_xlate_add(xl, "ct mark");
+	print_mark_xlate(info->mark, info->mask, xl, op);
 
 	return 1;
 }
 
 static int
 connmark_mt_xlate(const struct xt_entry_match *match,
-		 struct xt_buf *buf, int numeric)
+		 struct xt_xlate *xl, int numeric)
 {
 	const struct xt_connmark_mtinfo1 *info = (const void *)match->data;
 	enum xt_op op = XT_OP_EQ;
@@ -159,8 +159,8 @@ connmark_mt_xlate(const struct xt_entry_match *match,
 	if (info->invert)
 		op = XT_OP_NEQ;
 
-	xt_buf_add(buf, "ct mark");
-	print_mark_xlate(info->mark, info->mask, buf, op);
+	xt_xlate_add(xl, "ct mark");
+	print_mark_xlate(info->mark, info->mask, xl, op);
 
 	return 1;
 }
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 4c5b6e9..7f66895 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -1156,41 +1156,41 @@ static void state_save(const void *ip, const struct xt_entry_match *match)
 	state_print_state(sinfo->statemask);
 }
 
-static void state_xlate_print(struct xt_buf *buf, unsigned int statemask)
+static void state_xlate_print(struct xt_xlate *xl, unsigned int statemask)
 {
 	const char *sep = "";
 
 	if (statemask & XT_CONNTRACK_STATE_INVALID) {
-		xt_buf_add(buf, "%s%s", sep, "invalid");
+		xt_xlate_add(xl, "%s%s", sep, "invalid");
 		sep = ",";
 	}
 	if (statemask & XT_CONNTRACK_STATE_BIT(IP_CT_NEW)) {
-		xt_buf_add(buf, "%s%s", sep, "new");
+		xt_xlate_add(xl, "%s%s", sep, "new");
 		sep = ",";
 	}
 	if (statemask & XT_CONNTRACK_STATE_BIT(IP_CT_RELATED)) {
-		xt_buf_add(buf, "%s%s", sep, "related");
+		xt_xlate_add(xl, "%s%s", sep, "related");
 		sep = ",";
 	}
 	if (statemask & XT_CONNTRACK_STATE_BIT(IP_CT_ESTABLISHED)) {
-		xt_buf_add(buf, "%s%s", sep, "established");
+		xt_xlate_add(xl, "%s%s", sep, "established");
 		sep = ",";
 	}
 	if (statemask & XT_CONNTRACK_STATE_UNTRACKED) {
-		xt_buf_add(buf, "%s%s", sep, "untracked");
+		xt_xlate_add(xl, "%s%s", sep, "untracked");
 		sep = ",";
 	}
 }
 
-static int state_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
+static int state_xlate(const struct xt_entry_match *match, struct xt_xlate *xl,
 		       int numeric)
 {
 	const struct xt_conntrack_mtinfo3 *sinfo = (const void *)match->data;
 
-	xt_buf_add(buf, "ct state %s", sinfo->invert_flags & XT_CONNTRACK_STATE ?
+	xt_xlate_add(xl, "ct state %s", sinfo->invert_flags & XT_CONNTRACK_STATE ?
 					"!= " : "");
-	state_xlate_print(buf, sinfo->state_mask);
-	xt_buf_add(buf, " ");
+	state_xlate_print(xl, sinfo->state_mask);
+	xt_xlate_add(xl, " ");
 	return 1;
 }
 
diff --git a/extensions/libxt_cpu.c b/extensions/libxt_cpu.c
index 74e6077..02286c2 100644
--- a/extensions/libxt_cpu.c
+++ b/extensions/libxt_cpu.c
@@ -45,11 +45,11 @@ static void cpu_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int cpu_xlate(const struct xt_entry_match *match,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	const struct xt_cpu_info *info = (void *)match->data;
 
-	xt_buf_add(buf, "cpu%s %u ", info->invert ? " !=" : "", info->cpu);
+	xt_xlate_add(xl, "cpu%s %u ", info->invert ? " !=" : "", info->cpu);
 
 	return 1;
 }
diff --git a/extensions/libxt_devgroup.c b/extensions/libxt_devgroup.c
index 645f2f3..fd67bc3 100644
--- a/extensions/libxt_devgroup.c
+++ b/extensions/libxt_devgroup.c
@@ -153,52 +153,52 @@ static void devgroup_check(struct xt_fcheck_call *cb)
 
 static void
 print_devgroup_xlate(unsigned int id, uint32_t op,  unsigned int mask,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	const char *name = NULL;
 
 	if (mask != 0xffffffff)
-		xt_buf_add(buf, "and 0x%x %s 0x%x ", id,
+		xt_xlate_add(xl, "and 0x%x %s 0x%x ", id,
 			   op == XT_OP_EQ ? "==" : "!=", mask);
 	else {
 		if (numeric == 0)
 			name = xtables_lmap_id2name(devgroups, id);
 		if (name)
-			xt_buf_add(buf, "%s ", name);
+			xt_xlate_add(xl, "%s ", name);
 		else
-			xt_buf_add(buf, "%s0x%x ",
+			xt_xlate_add(xl, "%s0x%x ",
 				   op == XT_OP_EQ ? "" : "!= ", id);
 	}
 }
 
 static void devgroup_show_xlate(const struct xt_devgroup_info *info,
-				struct xt_buf *buf, int numeric)
+				struct xt_xlate *xl, int numeric)
 {
 	enum xt_op op = XT_OP_EQ;
 
 	if (info->flags & XT_DEVGROUP_MATCH_SRC) {
 		if (info->flags & XT_DEVGROUP_INVERT_SRC)
 			op = XT_OP_NEQ;
-		xt_buf_add(buf, "iifgroup ");
+		xt_xlate_add(xl, "iifgroup ");
 		print_devgroup_xlate(info->src_group, op,
-				     info->src_mask, buf, numeric);
+				     info->src_mask, xl, numeric);
 	}
 
 	if (info->flags & XT_DEVGROUP_MATCH_DST) {
 		if (info->flags & XT_DEVGROUP_INVERT_DST)
 			op = XT_OP_NEQ;
-		xt_buf_add(buf, "oifgroup ");
+		xt_xlate_add(xl, "oifgroup ");
 		print_devgroup_xlate(info->dst_group, op,
-				     info->dst_mask, buf, numeric);
+				     info->dst_mask, xl, numeric);
 	}
 }
 
 static int devgroup_xlate(const struct xt_entry_match *match,
-			  struct xt_buf *buf, int numeric)
+			  struct xt_xlate *xl, int numeric)
 {
 	const struct xt_devgroup_info *info = (const void *)match->data;
 
-	devgroup_show_xlate(info, buf, 0);
+	devgroup_show_xlate(info, xl, 0);
 
 	return 1;
 }
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index e04daf8..b5219fd 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -87,18 +87,18 @@ static void esp_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int esp_xlate(const struct xt_entry_match *match,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	const struct xt_esp *espinfo = (struct xt_esp *)match->data;
 
 	if (!(espinfo->spis[0] == 0 && espinfo->spis[1] == 0xFFFFFFFF)) {
-		xt_buf_add(buf, "esp spi%s",
+		xt_xlate_add(xl, "esp spi%s",
 			   (espinfo->invflags & XT_ESP_INV_SPI) ? " !=" : "");
 		if (espinfo->spis[0] != espinfo->spis[1])
-			xt_buf_add(buf, " %u-%u ", espinfo->spis[0],
+			xt_xlate_add(xl, " %u-%u ", espinfo->spis[0],
 				   espinfo->spis[1]);
 		else
-			xt_buf_add(buf, " %u ", espinfo->spis[0]);
+			xt_xlate_add(xl, " %u ", espinfo->spis[0]);
 	}
 
 	return 1;
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index 971ce4a..9df4163 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -46,11 +46,11 @@ static void helper_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int helper_xlate(const struct xt_entry_match *match,
-			struct xt_buf *buf, int numeric)
+			struct xt_xlate *xl, int numeric)
 {
 	const struct xt_helper_info *info = (const void *)match->data;
 
-	xt_buf_add(buf, "ct helper%s \\\"%s\\\" ",
+	xt_xlate_add(xl, "ct helper%s \\\"%s\\\" ",
 		   info->invert ? " !=" : "", info->name);
 
 	return 1;
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 9cf6225..0b05651 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -304,57 +304,57 @@ static void iprange_mt6_save(const void *ip, const struct xt_entry_match *match)
 
 static void
 print_iprange_xlate(const struct ipt_iprange *range,
-		    struct xt_buf *buf)
+		    struct xt_xlate *xl)
 {
 	const unsigned char *byte_min, *byte_max;
 
 	byte_min = (const unsigned char *)&range->min_ip;
 	byte_max = (const unsigned char *)&range->max_ip;
-	xt_buf_add(buf, " %u.%u.%u.%u-%u.%u.%u.%u ",
+	xt_xlate_add(xl, " %u.%u.%u.%u-%u.%u.%u.%u ",
 		   byte_min[0], byte_min[1], byte_min[2], byte_min[3],
 		   byte_max[0], byte_max[1], byte_max[2], byte_max[3]);
 }
 
 static int iprange_xlate(const struct xt_entry_match *match,
-			 struct xt_buf *buf, int numeric)
+			 struct xt_xlate *xl, int numeric)
 {
 	const struct ipt_iprange_info *info = (const void *)match->data;
 
 	if (info->flags & IPRANGE_SRC) {
 		if (info->flags & IPRANGE_SRC_INV)
-			xt_buf_add(buf, " !=");
-		xt_buf_add(buf, " ip saddr");
-		print_iprange_xlate(&info->src, buf);
+			xt_xlate_add(xl, " !=");
+		xt_xlate_add(xl, " ip saddr");
+		print_iprange_xlate(&info->src, xl);
 	}
 	if (info->flags & IPRANGE_DST) {
 		if (info->flags & IPRANGE_DST_INV)
-			xt_buf_add(buf, " !=");
-		xt_buf_add(buf, " ip daddr");
-		print_iprange_xlate(&info->dst, buf);
+			xt_xlate_add(xl, " !=");
+		xt_xlate_add(xl, " ip daddr");
+		print_iprange_xlate(&info->dst, xl);
 	}
 
 	return 1;
 }
 
 static int iprange_mt4_xlate(const struct xt_entry_match *match,
-			     struct xt_buf *buf, int numeric)
+			     struct xt_xlate *xl, int numeric)
 {
 	const struct xt_iprange_mtinfo *info = (const void *)match->data;
 
 	if (info->flags & IPRANGE_SRC) {
 		if (info->flags & IPRANGE_SRC_INV)
-			xt_buf_add(buf, " !=");
-		xt_buf_add(buf, " ip saddr %s",
+			xt_xlate_add(xl, " !=");
+		xt_xlate_add(xl, " ip saddr %s",
 			   xtables_ipaddr_to_numeric(&info->src_min.in));
-		xt_buf_add(buf, "-%s ",
+		xt_xlate_add(xl, "-%s ",
 			   xtables_ipaddr_to_numeric(&info->src_max.in));
 	}
 	if (info->flags & IPRANGE_DST) {
 		if (info->flags & IPRANGE_DST_INV)
-			xt_buf_add(buf, " !=");
-		xt_buf_add(buf, " ip daddr %s",
+			xt_xlate_add(xl, " !=");
+		xt_xlate_add(xl, " ip daddr %s",
 			   xtables_ipaddr_to_numeric(&info->dst_min.in));
-		xt_buf_add(buf, "-%s ",
+		xt_xlate_add(xl, "-%s ",
 			   xtables_ipaddr_to_numeric(&info->dst_max.in));
 	}
 
@@ -362,24 +362,24 @@ static int iprange_mt4_xlate(const struct xt_entry_match *match,
 }
 
 static int iprange_mt6_xlate(const struct xt_entry_match *match,
-			     struct xt_buf *buf, int numeric)
+			     struct xt_xlate *xl, int numeric)
 {
 	const struct xt_iprange_mtinfo *info = (const void *)match->data;
 
 	if (info->flags & IPRANGE_SRC) {
 		if (info->flags & IPRANGE_SRC_INV)
-			xt_buf_add(buf, " !=");
-		xt_buf_add(buf, " ip saddr %s",
+			xt_xlate_add(xl, " !=");
+		xt_xlate_add(xl, " ip saddr %s",
 			   xtables_ip6addr_to_numeric(&info->src_min.in6));
-		xt_buf_add(buf, "-%s ",
+		xt_xlate_add(xl, "-%s ",
 			   xtables_ip6addr_to_numeric(&info->src_max.in6));
 	}
 	if (info->flags & IPRANGE_DST) {
 		if (info->flags & IPRANGE_DST_INV)
-			xt_buf_add(buf, " !=");
-		xt_buf_add(buf, " ip daddr %s",
+			xt_xlate_add(xl, " !=");
+		xt_xlate_add(xl, " ip daddr %s",
 			   xtables_ip6addr_to_numeric(&info->dst_min.in6));
-		xt_buf_add(buf, "-%s ",
+		xt_xlate_add(xl, "-%s ",
 			   xtables_ip6addr_to_numeric(&info->dst_max.in6));
 	}
 
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 96dab0c..00acae0 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -57,15 +57,15 @@ static void length_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static int length_xlate(const struct xt_entry_match *match,
-			struct xt_buf *buf, int numeric)
+			struct xt_xlate *xl, int numeric)
 {
 	const struct xt_length_info *info = (void *)match->data;
 
-	xt_buf_add(buf, "meta length %s", info->invert ? "!= " : "");
+	xt_xlate_add(xl, "meta length %s", info->invert ? "!= " : "");
 	if (info->min == info->max)
-		xt_buf_add(buf, "%u ", info->min);
+		xt_xlate_add(xl, "%u ", info->min);
 	else
-		xt_buf_add(buf, "%u-%u ", info->min, info->max);
+		xt_xlate_add(xl, "%u-%u ", info->min, info->max);
 
 	return 1;
 }
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index a018f87..9ad00c1 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -159,12 +159,12 @@ static const struct rates rates_xlate[] = {
 	{ "second",	XT_LIMIT_SCALE }
 };
 
-static void print_rate_xlate(uint32_t period, struct xt_buf *buf)
+static void print_rate_xlate(uint32_t period, struct xt_xlate *xl)
 {
 	unsigned int i;
 
 	if (period == 0) {
-		xt_buf_add(buf, " %f ", INFINITY);
+		xt_xlate_add(xl, " %f ", INFINITY);
 		return;
 	}
 
@@ -173,19 +173,19 @@ static void print_rate_xlate(uint32_t period, struct xt_buf *buf)
 		    rates_xlate[i].mult / period < rates_xlate[i].mult % period)
 			break;
 
-	xt_buf_add(buf, " %u/%s ", rates_xlate[i - 1].mult / period,
+	xt_xlate_add(xl, " %u/%s ", rates_xlate[i - 1].mult / period,
 		   rates_xlate[i - 1].name);
 }
 
 static int limit_xlate(const struct xt_entry_match *match,
-		       struct xt_buf *buf, int numeric)
+		       struct xt_xlate *xl, int numeric)
 {
 	const struct xt_rateinfo *r = (const void *)match->data;
 
-	xt_buf_add(buf, "limit rate");
-	print_rate_xlate(r->avg, buf);
+	xt_xlate_add(xl, "limit rate");
+	print_rate_xlate(r->avg, xl);
 	if (r->burst != XT_LIMIT_BURST)
-		xt_buf_add(buf, "burst %u packets ", r->burst);
+		xt_xlate_add(xl, "burst %u packets ", r->burst);
 
 	return 1;
 }
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index d730344..85ed1b5 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -71,23 +71,23 @@ static void mac_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static void print_mac_xlate(const unsigned char *macaddress,
-			    struct xt_buf *buf)
+			    struct xt_xlate *xl)
 {
 	unsigned int i;
 
-	xt_buf_add(buf, "%02x", macaddress[0]);
+	xt_xlate_add(xl, "%02x", macaddress[0]);
 	for (i = 1; i < ETH_ALEN; ++i)
-		xt_buf_add(buf, ":%02x", macaddress[i]);
-	xt_buf_add(buf, " ");
+		xt_xlate_add(xl, ":%02x", macaddress[i]);
+	xt_xlate_add(xl, " ");
 }
 
 static int mac_xlate(const struct xt_entry_match *match,
-		     struct xt_buf *buf, int numeric)
+		     struct xt_xlate *xl, int numeric)
 {
 	const struct xt_mac_info *info = (void *)match->data;
 
-	xt_buf_add(buf, "ether saddr%s ", info->invert ? " !=" : "");
-	print_mac_xlate(info->srcaddr, buf);
+	xt_xlate_add(xl, "ether saddr%s ", info->invert ? " !=" : "");
+	print_mac_xlate(info->srcaddr, xl);
 
 	return 1;
 }
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 93d38d9..b8c0ed6 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -103,20 +103,20 @@ mark_save(const void *ip, const struct xt_entry_match *match)
 }
 
 static void
-print_mark_xlate(struct xt_buf *buf, unsigned int mark,
+print_mark_xlate(struct xt_xlate *xl, unsigned int mark,
 		 unsigned int mask, uint32_t op)
 {
 	if (mask != 0xffffffffU)
-		xt_buf_add(buf, " and 0x%x %s 0x%x ", mark,
+		xt_xlate_add(xl, " and 0x%x %s 0x%x ", mark,
 			   op == XT_OP_EQ ? "==" : "!=", mask);
 	else
-		xt_buf_add(buf, " %s0x%x ",
+		xt_xlate_add(xl, " %s0x%x ",
 			   op == XT_OP_EQ ? "" : "!= ", mark);
 }
 
 static int
 mark_mt_xlate(const struct xt_entry_match *match,
-	      struct xt_buf *buf, int numeric)
+	      struct xt_xlate *xl, int numeric)
 {
 	const struct xt_mark_mtinfo1 *info = (const void *)match->data;
 	enum xt_op op = XT_OP_EQ;
@@ -124,15 +124,15 @@ mark_mt_xlate(const struct xt_entry_match *match,
 	if (info->invert)
 		op = XT_OP_NEQ;
 
-	xt_buf_add(buf, "mark");
-	print_mark_xlate(buf, info->mark, info->mask, op);
+	xt_xlate_add(xl, "mark");
+	print_mark_xlate(xl, info->mark, info->mask, op);
 
 	return 1;
 }
 
 static int
 mark_xlate(const struct xt_entry_match *match,
-	   struct xt_buf *buf, int numeric)
+	   struct xt_xlate *xl, int numeric)
 {
 	const struct xt_mark_info *info = (const void *)match->data;
 	enum xt_op op = XT_OP_EQ;
@@ -140,8 +140,8 @@ mark_xlate(const struct xt_entry_match *match,
 	if (info->invert)
 		op = XT_OP_NEQ;
 
-	xt_buf_add(buf, "mark");
-	print_mark_xlate(buf, info->mark, info->mask, op);
+	xt_xlate_add(xl, "mark");
+	print_mark_xlate(xl, info->mark, info->mask, op);
 
 	return 1;
 }
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index f572e83..55edf27 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -127,26 +127,26 @@ static const struct pkttypes_xlate supported_types_xlate[] = {
 };
 
 static void print_pkttype_xlate(const struct xt_pkttype_info *info,
-				struct xt_buf *buf)
+				struct xt_xlate *xl)
 {
 	unsigned int i;
 
 	for (i = 0; i < ARRAY_SIZE(supported_types_xlate); ++i) {
 		if (supported_types_xlate[i].pkttype == info->pkttype) {
-			xt_buf_add(buf, "%s ", supported_types_xlate[i].name);
+			xt_xlate_add(xl, "%s ", supported_types_xlate[i].name);
 			return;
 		}
 	}
-	xt_buf_add(buf, "%d", info->pkttype);
+	xt_xlate_add(xl, "%d", info->pkttype);
 }
 
 static int pkttype_xlate(const struct xt_entry_match *match,
-			  struct xt_buf *buf, int numeric)
+			  struct xt_xlate *xl, int numeric)
 {
 	const struct xt_pkttype_info *info = (const void *)match->data;
 
-	xt_buf_add(buf, "pkttype%s ", info->invert ? " !=" : "");
-	print_pkttype_xlate(info, buf);
+	xt_xlate_add(xl, "pkttype%s ", info->invert ? " !=" : "");
+	print_pkttype_xlate(info, xl);
 
 	return 1;
 }
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index 2a454ea..bd4ca77 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -371,7 +371,7 @@ static const struct tcp_flag_names tcp_flag_names_xlate[] = {
 	{ "urg", 0x20 },
 };
 
-static void print_tcp_xlate(struct xt_buf *buf, uint8_t flags)
+static void print_tcp_xlate(struct xt_xlate *xl, uint8_t flags)
 {
 	int have_flag = 0;
 
@@ -381,31 +381,31 @@ static void print_tcp_xlate(struct xt_buf *buf, uint8_t flags)
 		for (i = 0; (flags & tcp_flag_names_xlate[i].flag) == 0; i++);
 
 		if (have_flag)
-			xt_buf_add(buf, "|");
+			xt_xlate_add(xl, "|");
 
-		xt_buf_add(buf, "%s", tcp_flag_names_xlate[i].name);
+		xt_xlate_add(xl, "%s", tcp_flag_names_xlate[i].name);
 		have_flag = 1;
 
 		flags &= ~tcp_flag_names_xlate[i].flag;
 	}
 
 	if (!have_flag)
-		xt_buf_add(buf, "none");
+		xt_xlate_add(xl, "none");
 }
 
-static int tcp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
+static int tcp_xlate(const struct xt_entry_match *match, struct xt_xlate *xl,
 		     int numeric)
 {
 	const struct xt_tcp *tcpinfo = (const struct xt_tcp *)match->data;
 
 	if (tcpinfo->spts[0] != 0 || tcpinfo->spts[1] != 0xffff) {
 		if (tcpinfo->spts[0] != tcpinfo->spts[1]) {
-			xt_buf_add(buf, "tcp sport %s%u-%u ",
+			xt_xlate_add(xl, "tcp sport %s%u-%u ",
 				   tcpinfo->invflags & XT_TCP_INV_SRCPT ?
 					"!= " : "",
 				   tcpinfo->spts[0], tcpinfo->spts[1]);
 		} else {
-			xt_buf_add(buf, "tcp sport %s%u ",
+			xt_xlate_add(xl, "tcp sport %s%u ",
 				   tcpinfo->invflags & XT_TCP_INV_SRCPT ?
 					"!= " : "",
 				   tcpinfo->spts[0]);
@@ -414,12 +414,12 @@ static int tcp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
 
 	if (tcpinfo->dpts[0] != 0 || tcpinfo->dpts[1] != 0xffff) {
 		if (tcpinfo->dpts[0] != tcpinfo->dpts[1]) {
-			xt_buf_add(buf, "tcp dport %s%u-%u ",
+			xt_xlate_add(xl, "tcp dport %s%u-%u ",
 				   tcpinfo->invflags & XT_TCP_INV_DSTPT ?
 					"!= " : "",
 				   tcpinfo->dpts[0], tcpinfo->dpts[1]);
 		} else {
-			xt_buf_add(buf, "tcp dport %s%u ",
+			xt_xlate_add(xl, "tcp dport %s%u ",
 				   tcpinfo->invflags & XT_TCP_INV_DSTPT ?
 					"!= " : "",
 				   tcpinfo->dpts[0]);
@@ -431,12 +431,12 @@ static int tcp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
 		return 0;
 
 	if (tcpinfo->flg_mask || (tcpinfo->invflags & XT_TCP_INV_FLAGS)) {
-		xt_buf_add(buf, "tcp flags & ");
-		print_tcp_xlate(buf, tcpinfo->flg_mask);
-		xt_buf_add(buf, " %s ",
+		xt_xlate_add(xl, "tcp flags & ");
+		print_tcp_xlate(xl, tcpinfo->flg_mask);
+		xt_xlate_add(xl, " %s ",
 			   tcpinfo->invflags & XT_TCP_INV_FLAGS ? "!=": "==");
-		print_tcp_xlate(buf, tcpinfo->flg_cmp);
-		xt_buf_add(buf, " ");
+		print_tcp_xlate(xl, tcpinfo->flg_cmp);
+		xt_xlate_add(xl, " ");
 	}
 
 	return 1;
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 0b89df4..47c29e9 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -152,19 +152,19 @@ static void udp_save(const void *ip, const struct xt_entry_match *match)
 	}
 }
 
-static int udp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
+static int udp_xlate(const struct xt_entry_match *match, struct xt_xlate *xl,
 		     int numeric)
 {
 	const struct xt_udp *udpinfo = (struct xt_udp *)match->data;
 
 	if (udpinfo->spts[0] != 0 || udpinfo->spts[1] != 0xFFFF) {
 		if (udpinfo->spts[0] != udpinfo->spts[1]) {
-			xt_buf_add(buf,"udp sport %s%u-%u ",
+			xt_xlate_add(xl,"udp sport %s%u-%u ",
 				   udpinfo->invflags & XT_UDP_INV_SRCPT ?
 					 "!= ": "",
 				   udpinfo->spts[0], udpinfo->spts[1]);
 		} else {
-			xt_buf_add(buf, "udp sport %s%u ",
+			xt_xlate_add(xl, "udp sport %s%u ",
 				   udpinfo->invflags & XT_UDP_INV_SRCPT ?
 					 "!= ": "",
 				   udpinfo->spts[0]);
@@ -173,12 +173,12 @@ static int udp_xlate(const struct xt_entry_match *match, struct xt_buf *buf,
 
 	if (udpinfo->dpts[0] != 0 || udpinfo->dpts[1] != 0xFFFF) {
 		if (udpinfo->dpts[0]  != udpinfo->dpts[1]) {
-			xt_buf_add(buf,"udp dport %s%u-%u ",
+			xt_xlate_add(xl,"udp dport %s%u-%u ",
 				   udpinfo->invflags & XT_UDP_INV_SRCPT ?
 					 "!= ": "",
 				   udpinfo->dpts[0], udpinfo->dpts[1]);
 		} else {
-			xt_buf_add(buf,"udp dport %s%u ",
+			xt_xlate_add(xl,"udp dport %s%u ",
 				   udpinfo->invflags & XT_UDP_INV_SRCPT ?
 					 "!= ": "",
 				   udpinfo->dpts[0]);
diff --git a/include/xtables.h b/include/xtables.h
index 175ae50..82aa2bb 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -205,7 +205,7 @@ enum xtables_ext_flags {
 	XTABLES_EXT_ALIAS = 1 << 0,
 };
 
-struct xt_buf;
+struct xt_xlate;
 
 /* Include file for additions: new matches and targets. */
 struct xtables_match
@@ -272,7 +272,7 @@ struct xtables_match
 	const struct xt_option_entry *x6_options;
 
 	/* Translate iptables to nft */
-	int (*xlate)(const struct xt_entry_match *match, struct xt_buf *buf,
+	int (*xlate)(const struct xt_entry_match *match, struct xt_xlate *xl,
 		     int numeric);
 
 	/* Size of per-extension instance extra "global" scratch space */
@@ -353,7 +353,7 @@ struct xtables_target
 	const struct xt_option_entry *x6_options;
 
 	/* Translate iptables to nft */
-	int (*xlate)(const struct xt_entry_target *target, struct xt_buf *buf,
+	int (*xlate)(const struct xt_entry_target *target, struct xt_xlate *xl,
 		     int numeric);
 
 	size_t udata_size;
@@ -569,11 +569,11 @@ extern void xtables_lmap_free(struct xtables_lmap *);
 extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *);
 extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int);
 
-/* generic buffer */
-struct xt_buf *xt_buf_alloc(int size);
-void xt_buf_free(struct xt_buf *buf);
-void xt_buf_add(struct xt_buf *buf, const char *fmt, ...);
-const char *xt_buf_get(struct xt_buf *buf);
+/* xlate infrastructure */
+struct xt_xlate *xt_xlate_alloc(int size);
+void xt_xlate_free(struct xt_xlate *xl);
+void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...);
+const char *xt_xlate_get(struct xt_xlate *xl);
 
 #ifdef XTABLES_INTERNAL
 
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
index ede8f17..5e2857d 100644
--- a/iptables/nft-ipv4.c
+++ b/iptables/nft-ipv4.c
@@ -429,24 +429,24 @@ static void nft_ipv4_save_counters(const void *data)
 	save_counters(cs->counters.pcnt, cs->counters.bcnt);
 }
 
-static int nft_ipv4_xlate(const void *data, struct xt_buf *buf)
+static int nft_ipv4_xlate(const void *data, struct xt_xlate *xl)
 {
 	const struct iptables_command_state *cs = data;
 	int ret;
 
 	if (cs->fw.ip.iniface[0] != '\0') {
-		xt_buf_add(buf, "iifname %s%s ",
+		xt_xlate_add(xl, "iifname %s%s ",
 			   cs->fw.ip.invflags & IPT_INV_VIA_IN ? "!= " : "",
 			   cs->fw.ip.iniface);
 	}
 	if (cs->fw.ip.outiface[0] != '\0') {
-		xt_buf_add(buf, "oifname %s%s ",
+		xt_xlate_add(xl, "oifname %s%s ",
 			   cs->fw.ip.invflags & IPT_INV_VIA_OUT? "!= " : "",
 			   cs->fw.ip.outiface);
 	}
 
 	if (cs->fw.ip.flags & IPT_F_FRAG) {
-		xt_buf_add(buf, "ip frag-off %s%x ",
+		xt_xlate_add(xl, "ip frag-off %s%x ",
 			   cs->fw.ip.invflags & IPT_INV_FRAG? "" : "!= ", 0);
 	}
 
@@ -459,7 +459,7 @@ static int nft_ipv4_xlate(const void *data, struct xt_buf *buf)
 			snprintf(protonum, sizeof(protonum), "%u",
 				 cs->fw.ip.proto);
 			protonum[sizeof(protonum) - 1] = '\0';
-			xt_buf_add(buf, "ip protocol %s%s ",
+			xt_xlate_add(xl, "ip protocol %s%s ",
 				   cs->fw.ip.invflags & IPT_INV_PROTO ?
 					"!= " : "",
 				   pent ? pent->p_name : protonum);
@@ -467,24 +467,24 @@ static int nft_ipv4_xlate(const void *data, struct xt_buf *buf)
 	}
 
 	if (cs->fw.ip.src.s_addr != 0) {
-		xt_buf_add(buf, "ip saddr %s%s ",
+		xt_xlate_add(xl, "ip saddr %s%s ",
 			   cs->fw.ip.invflags & IPT_INV_SRCIP ? "!= " : "",
 			   inet_ntoa(cs->fw.ip.src));
 	}
 	if (cs->fw.ip.dst.s_addr != 0) {
-		xt_buf_add(buf, "ip daddr %s%s ",
+		xt_xlate_add(xl, "ip daddr %s%s ",
 			   cs->fw.ip.invflags & IPT_INV_DSTIP ? "!= " : "",
 			   inet_ntoa(cs->fw.ip.dst));
 	}
 
-	ret = xlate_matches(cs, buf);
+	ret = xlate_matches(cs, xl);
 	if (!ret)
 		return ret;
 
 	/* Always add counters per rule, as in iptables */
-	xt_buf_add(buf, "counter ");
+	xt_xlate_add(xl, "counter ");
 
-	ret = xlate_action(cs, !!(cs->fw.ip.flags & IPT_F_GOTO), buf);
+	ret = xlate_action(cs, !!(cs->fw.ip.flags & IPT_F_GOTO), xl);
 
 	return ret;
 }
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index 0b6ff97..77ac5b8 100644
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -378,7 +378,7 @@ static void nft_ipv6_save_counters(const void *data)
 }
 
 static void xlate_ipv6_addr(const char *selector, const struct in6_addr *addr,
-			    int invert, struct xt_buf *buf)
+			    int invert, struct xt_xlate *xl)
 {
 	char addr_str[INET6_ADDRSTRLEN];
 
@@ -386,22 +386,22 @@ static void xlate_ipv6_addr(const char *selector, const struct in6_addr *addr,
 		return;
 
 	inet_ntop(AF_INET6, addr, addr_str, INET6_ADDRSTRLEN);
-	xt_buf_add(buf, "%s %s%s ", selector, invert ? "!= " : "", addr_str);
+	xt_xlate_add(xl, "%s %s%s ", selector, invert ? "!= " : "", addr_str);
 }
 
-static int nft_ipv6_xlate(const void *data, struct xt_buf *buf)
+static int nft_ipv6_xlate(const void *data, struct xt_xlate *xl)
 {
 	const struct iptables_command_state *cs = data;
 	int ret;
 
 	if (cs->fw6.ipv6.iniface[0] != '\0') {
-		xt_buf_add(buf, "iifname %s%s ",
+		xt_xlate_add(xl, "iifname %s%s ",
 			   cs->fw6.ipv6.invflags & IP6T_INV_VIA_IN ?
 				"!= " : "",
 			   cs->fw6.ipv6.iniface);
 	}
 	if (cs->fw6.ipv6.outiface[0] != '\0') {
-		xt_buf_add(buf, "oifname %s%s ",
+		xt_xlate_add(xl, "oifname %s%s ",
 			   cs->fw6.ipv6.invflags & IP6T_INV_VIA_OUT ?
 				"!= " : "",
 			   cs->fw6.ipv6.outiface);
@@ -416,7 +416,7 @@ static int nft_ipv6_xlate(const void *data, struct xt_buf *buf)
 			snprintf(protonum, sizeof(protonum), "%u",
 				 cs->fw6.ipv6.proto);
 			protonum[sizeof(protonum) - 1] = '\0';
-			xt_buf_add(buf, "ip6 nexthdr %s%s ",
+			xt_xlate_add(xl, "ip6 nexthdr %s%s ",
 				   cs->fw6.ipv6.invflags & IP6T_INV_PROTO ?
 					"!= " : "",
 				   pent ? pent->p_name : protonum);
@@ -424,18 +424,18 @@ static int nft_ipv6_xlate(const void *data, struct xt_buf *buf)
 	}
 
 	xlate_ipv6_addr("ip6 saddr", &cs->fw6.ipv6.src,
-			cs->fw6.ipv6.invflags & IP6T_INV_SRCIP, buf);
+			cs->fw6.ipv6.invflags & IP6T_INV_SRCIP, xl);
 	xlate_ipv6_addr("ip6 daddr", &cs->fw6.ipv6.dst,
-			cs->fw6.ipv6.invflags & IP6T_INV_DSTIP, buf);
+			cs->fw6.ipv6.invflags & IP6T_INV_DSTIP, xl);
 
-	ret = xlate_matches(cs, buf);
+	ret = xlate_matches(cs, xl);
 	if (!ret)
 		return ret;
 
 	/* Always add counters per rule, as in iptables */
-	xt_buf_add(buf, "counter ");
+	xt_xlate_add(xl, "counter ");
 
-	ret = xlate_action(cs, !!(cs->fw6.ipv6.flags & IP6T_F_GOTO), buf);
+	ret = xlate_action(cs, !!(cs->fw6.ipv6.flags & IP6T_F_GOTO), xl);
 
 	return ret;
 }
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 7386183..c0948fd 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -37,7 +37,7 @@
 #define FMT(tab,notab) ((format) & FMT_NOTABLE ? (notab) : (tab))
 
 struct xtables_args;
-struct xt_buf;
+struct xt_xlate;
 
 enum {
 	NFT_XT_CTX_PAYLOAD	= (1 << 0),
@@ -102,7 +102,7 @@ struct nft_family_ops {
 	void (*parse_target)(struct xtables_target *t, void *data);
 	bool (*rule_find)(struct nft_family_ops *ops, struct nftnl_rule *r,
 			  void *data);
-	int (*xlate)(const void *data, struct xt_buf *buf);
+	int (*xlate)(const void *data, struct xt_xlate *xl);
 };
 
 void add_meta(struct nftnl_rule *r, uint32_t key);
diff --git a/iptables/nft.h b/iptables/nft.h
index 192050a..281e1c6 100644
--- a/iptables/nft.h
+++ b/iptables/nft.h
@@ -161,9 +161,9 @@ int nft_xtables_config_load(struct nft_handle *h, const char *filename, uint32_t
 struct xt_buf;
 
 bool xlate_find_match(const struct iptables_command_state *cs, const char *p_name);
-int xlate_matches(const struct iptables_command_state *cs, struct xt_buf *buf);
+int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl);
 int xlate_action(const struct iptables_command_state *cs, bool goto_set,
-		 struct xt_buf *buf);
+		 struct xt_xlate *xl);
 
 /*
  * ARP
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 30028c3..9e2c6ae 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -35,7 +35,7 @@
 #include "nft-shared.h"
 
 int xlate_action(const struct iptables_command_state *cs, bool goto_set,
-		 struct xt_buf *buf)
+		 struct xt_xlate *xl)
 {
 	int ret = 1, numeric = cs->options & OPT_NUMERIC;
 
@@ -43,27 +43,27 @@ int xlate_action(const struct iptables_command_state *cs, bool goto_set,
 	if (cs->target != NULL) {
 		/* Standard target? */
 		if (strcmp(cs->jumpto, XTC_LABEL_ACCEPT) == 0)
-			xt_buf_add(buf, "accept");
+			xt_xlate_add(xl, "accept");
 		else if (strcmp(cs->jumpto, XTC_LABEL_DROP) == 0)
-			xt_buf_add(buf, "drop");
+			xt_xlate_add(xl, "drop");
 		else if (strcmp(cs->jumpto, XTC_LABEL_RETURN) == 0)
-			xt_buf_add(buf, "return");
+			xt_xlate_add(xl, "return");
 		else if (cs->target->xlate)
-			ret = cs->target->xlate(cs->target->t, buf, numeric);
+			ret = cs->target->xlate(cs->target->t, xl, numeric);
 		else
 			return 0;
 	} else if (strlen(cs->jumpto) > 0) {
 		/* Not standard, then it's a go / jump to chain */
 		if (goto_set)
-			xt_buf_add(buf, "goto %s", cs->jumpto);
+			xt_xlate_add(xl, "goto %s", cs->jumpto);
 		else
-			xt_buf_add(buf, "jump %s", cs->jumpto);
+			xt_xlate_add(xl, "jump %s", cs->jumpto);
 	}
 
 	return ret;
 }
 
-int xlate_matches(const struct iptables_command_state *cs, struct xt_buf *buf)
+int xlate_matches(const struct iptables_command_state *cs, struct xt_xlate *xl)
 {
 	struct xtables_rule_match *matchp;
 	int ret = 1, numeric = cs->options & OPT_NUMERIC;
@@ -72,7 +72,7 @@ int xlate_matches(const struct iptables_command_state *cs, struct xt_buf *buf)
 		if (!matchp->match->xlate)
 			return 0;
 
-		ret = matchp->match->xlate(matchp->match->m, buf, numeric);
+		ret = matchp->match->xlate(matchp->match->m, xl, numeric);
 		if (!ret)
 			break;
 	}
@@ -101,22 +101,22 @@ static int nft_rule_xlate_add(struct nft_handle *h,
 			      const struct iptables_command_state *cs,
 			      bool append)
 {
-	struct xt_buf *buf = xt_buf_alloc(10240);
+	struct xt_xlate *xl = xt_xlate_alloc(10240);
 	int ret;
 
 	if (append) {
-		xt_buf_add(buf, "add rule %s %s %s ",
+		xt_xlate_add(xl, "add rule %s %s %s ",
 			   family2str[h->family], p->table, p->chain);
 	} else {
-		xt_buf_add(buf, "insert rule %s %s %s ",
+		xt_xlate_add(xl, "insert rule %s %s %s ",
 			   family2str[h->family], p->table, p->chain);
 	}
 
-	ret = h->ops->xlate(cs, buf);
+	ret = h->ops->xlate(cs, xl);
 	if (ret)
-		printf("%s\n", xt_buf_get(buf));
+		printf("%s\n", xt_xlate_get(xl));
 
-	xt_buf_free(buf);
+	xt_xlate_free(xl);
 	return ret;
 }
 
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 21e515d..32d6a5a 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -1987,54 +1987,54 @@ void get_kernel_version(void)
 	kernel_version = LINUX_VERSION(x, y, z);
 }
 
-struct xt_buf {
+struct xt_xlate {
 	char	*data;
 	int	size;
 	int	rem;
 	int	off;
 };
 
-struct xt_buf *xt_buf_alloc(int size)
+struct xt_xlate *xt_xlate_alloc(int size)
 {
-	struct xt_buf *buf;
+	struct xt_xlate *xl;
 
-	buf = malloc(sizeof(struct xt_buf));
-	if (buf == NULL)
+	xl = malloc(sizeof(struct xt_xlate));
+	if (xl == NULL)
 		xtables_error(RESOURCE_PROBLEM, "OOM");
 
-	buf->data = malloc(size);
-	if (buf->data == NULL)
+	xl->data = malloc(size);
+	if (xl->data == NULL)
 		xtables_error(RESOURCE_PROBLEM, "OOM");
 
-	buf->size = size;
-	buf->rem = size;
-	buf->off = 0;
+	xl->size = size;
+	xl->rem = size;
+	xl->off = 0;
 
-	return buf;
+	return xl;
 }
 
-void xt_buf_free(struct xt_buf *buf)
+void xt_xlate_free(struct xt_xlate *xl)
 {
-	free(buf->data);
-	free(buf);
+	free(xl->data);
+	free(xl);
 }
 
-void xt_buf_add(struct xt_buf *buf, const char *fmt, ...)
+void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...)
 {
 	va_list ap;
 	int len;
 
 	va_start(ap, fmt);
-	len = vsnprintf(buf->data + buf->off, buf->rem, fmt, ap);
-	if (len < 0 || len >= buf->rem)
+	len = vsnprintf(xl->data + xl->off, xl->rem, fmt, ap);
+	if (len < 0 || len >= xl->rem)
 		xtables_error(RESOURCE_PROBLEM, "OOM");
 
 	va_end(ap);
-	buf->rem -= len;
-	buf->off += len;
+	xl->rem -= len;
+	xl->off += len;
 }
 
-const char *xt_buf_get(struct xt_buf *buf)
+const char *xt_xlate_get(struct xt_xlate *xl)
 {
-	return buf->data;
+	return xl->data;
 }
-- 
2.1.4

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux