[iptables PATCH 12/17] xtables: Rename {print,save}_rule functions

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



The name is quite misleading, since these functions/callbacks are not
about the whole ruleset but just a single rule. So rename them to
reflect this.

Signed-off-by: Phil Sutter <phil@xxxxxx>
---
 iptables/nft-arp.c    | 12 ++++++------
 iptables/nft-bridge.c |  8 ++++----
 iptables/nft-ipv4.c   | 21 ++++++++++-----------
 iptables/nft-ipv6.c   | 23 +++++++++++------------
 iptables/nft-shared.c | 20 ++++++++++----------
 iptables/nft-shared.h | 26 +++++++++++++-------------
 iptables/nft.c        |  8 ++++----
 7 files changed, 58 insertions(+), 60 deletions(-)

diff --git a/iptables/nft-arp.c b/iptables/nft-arp.c
index a6241498c08e6..328c791db42a8 100644
--- a/iptables/nft-arp.c
+++ b/iptables/nft-arp.c
@@ -436,7 +436,8 @@ static void nft_arp_print_header(unsigned int format, const char *chain,
 	}
 }
 
-static void print_fw_details(struct arpt_entry *fw, unsigned int format)
+static void nft_arp_print_rule_details(struct arpt_entry *fw,
+				       unsigned int format)
 {
 	char buf[BUFSIZ];
 	char iface[IFNAMSIZ+2];
@@ -578,8 +579,7 @@ after_devdst:
 }
 
 static void
-nft_arp_print_firewall(struct nftnl_rule *r, unsigned int num,
-		       unsigned int format)
+nft_arp_print_rule(struct nftnl_rule *r, unsigned int num, unsigned int format)
 {
 	struct iptables_command_state cs = {};
 
@@ -588,7 +588,7 @@ nft_arp_print_firewall(struct nftnl_rule *r, unsigned int num,
 	if (format & FMT_LINENUMBERS)
 		printf("%u ", num);
 
-	print_fw_details(&cs.arp, format);
+	nft_arp_print_rule_details(&cs.arp, format);
 
 	if (cs.jumpto != NULL && strcmp(cs.jumpto, "") != 0) {
 		printf("-j %s", cs.jumpto);
@@ -663,8 +663,8 @@ struct nft_family_ops nft_family_ops_arp = {
 	.parse_payload		= nft_arp_parse_payload,
 	.parse_immediate	= nft_arp_parse_immediate,
 	.print_header		= nft_arp_print_header,
-	.print_firewall		= nft_arp_print_firewall,
-	.save_firewall		= NULL,
+	.print_rule		= nft_arp_print_rule,
+	.save_rule		= NULL,
 	.save_counters		= NULL,
 	.post_parse		= NULL,
 	.rule_to_cs		= nft_arp_rule_to_cs,
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index 3834d6dd805bd..b3bb366651155 100644
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -435,8 +435,8 @@ static void print_protocol(uint16_t ethproto, bool invert, unsigned int bitmask)
 		printf("%s ", ent->e_name);
 }
 
-static void nft_bridge_print_firewall(struct nftnl_rule *r, unsigned int num,
-				      unsigned int format)
+static void nft_bridge_print_rule(struct nftnl_rule *r, unsigned int num,
+				  unsigned int format)
 {
 	struct iptables_command_state cs = {};
 
@@ -729,8 +729,8 @@ struct nft_family_ops nft_family_ops_bridge = {
 	.parse_target		= nft_bridge_parse_target,
 	.print_table_header	= nft_bridge_print_table_header,
 	.print_header		= nft_bridge_print_header,
-	.print_firewall		= nft_bridge_print_firewall,
-	.save_firewall		= NULL,
+	.print_rule		= nft_bridge_print_rule,
+	.save_rule		= NULL,
 	.save_counters		= NULL,
 	.post_parse		= NULL,
 	.rule_to_cs		= nft_rule_to_ebtables_command_state,
diff --git a/iptables/nft-ipv4.c b/iptables/nft-ipv4.c
index f118dcb8a695d..cbc4be737cd18 100644
--- a/iptables/nft-ipv4.c
+++ b/iptables/nft-ipv4.c
@@ -289,16 +289,15 @@ static void print_fragment(unsigned int flags, unsigned int invflags,
 	fputc(' ', stdout);
 }
 
-static void nft_ipv4_print_firewall(struct nftnl_rule *r, unsigned int num,
-				    unsigned int format)
+static void nft_ipv4_print_rule(struct nftnl_rule *r, unsigned int num,
+				unsigned int format)
 {
 	struct iptables_command_state cs = {};
 
 	nft_rule_to_iptables_command_state(r, &cs);
 
-	print_firewall_details(&cs, cs.jumpto, cs.fw.ip.flags,
-			       cs.fw.ip.invflags, cs.fw.ip.proto,
-			       num, format);
+	print_rule_details(&cs, cs.jumpto, cs.fw.ip.flags,
+			   cs.fw.ip.invflags, cs.fw.ip.proto, num, format);
 	print_fragment(cs.fw.ip.flags, cs.fw.ip.invflags, format);
 	print_ifaces(cs.fw.ip.iniface, cs.fw.ip.outiface, cs.fw.ip.invflags,
 		     format);
@@ -330,7 +329,7 @@ static void save_ipv4_addr(char letter, const struct in_addr *addr,
 	       mask_to_str(mask));
 }
 
-static void nft_ipv4_save_firewall(const void *data, unsigned int format)
+static void nft_ipv4_save_rule(const void *data, unsigned int format)
 {
 	const struct iptables_command_state *cs = data;
 
@@ -339,9 +338,9 @@ static void nft_ipv4_save_firewall(const void *data, unsigned int format)
 	save_ipv4_addr('d', &cs->fw.ip.dst, cs->fw.ip.dmsk.s_addr,
 		       cs->fw.ip.invflags & IPT_INV_DSTIP);
 
-	save_firewall_details(cs, cs->fw.ip.invflags, cs->fw.ip.proto,
-			      cs->fw.ip.iniface, cs->fw.ip.iniface_mask,
-			      cs->fw.ip.outiface, cs->fw.ip.outiface_mask);
+	save_rule_details(cs, cs->fw.ip.invflags, cs->fw.ip.proto,
+			  cs->fw.ip.iniface, cs->fw.ip.iniface_mask,
+			  cs->fw.ip.outiface, cs->fw.ip.outiface_mask);
 
 	if (cs->fw.ip.flags & IPT_F_FRAG) {
 		if (cs->fw.ip.invflags & IPT_INV_FRAG)
@@ -483,8 +482,8 @@ struct nft_family_ops nft_family_ops_ipv4 = {
 	.parse_payload		= nft_ipv4_parse_payload,
 	.parse_immediate	= nft_ipv4_parse_immediate,
 	.print_header		= print_header,
-	.print_firewall		= nft_ipv4_print_firewall,
-	.save_firewall		= nft_ipv4_save_firewall,
+	.print_rule		= nft_ipv4_print_rule,
+	.save_rule		= nft_ipv4_save_rule,
 	.save_counters		= save_counters,
 	.proto_parse		= nft_ipv4_proto_parse,
 	.post_parse		= nft_ipv4_post_parse,
diff --git a/iptables/nft-ipv6.c b/iptables/nft-ipv6.c
index 9e9049f393959..6aa913edc21c3 100644
--- a/iptables/nft-ipv6.c
+++ b/iptables/nft-ipv6.c
@@ -220,16 +220,16 @@ static void print_ipv6_addr(const struct iptables_command_state *cs,
 	}
 }
 
-static void nft_ipv6_print_firewall(struct nftnl_rule *r, unsigned int num,
-				    unsigned int format)
+static void nft_ipv6_print_rule(struct nftnl_rule *r, unsigned int num,
+				unsigned int format)
 {
 	struct iptables_command_state cs = {};
 
 	nft_rule_to_iptables_command_state(r, &cs);
 
-	print_firewall_details(&cs, cs.jumpto, cs.fw6.ipv6.flags,
-			       cs.fw6.ipv6.invflags, cs.fw6.ipv6.proto,
-			       num, format);
+	print_rule_details(&cs, cs.jumpto, cs.fw6.ipv6.flags,
+			   cs.fw6.ipv6.invflags, cs.fw6.ipv6.proto,
+			   num, format);
 	print_ifaces(cs.fw6.ipv6.iniface, cs.fw6.ipv6.outiface,
 		     cs.fw6.ipv6.invflags, format);
 	print_ipv6_addr(&cs, format);
@@ -268,7 +268,7 @@ static void save_ipv6_addr(char letter, const struct in6_addr *addr,
 		printf("/%d ", l);
 }
 
-static void nft_ipv6_save_firewall(const void *data, unsigned int format)
+static void nft_ipv6_save_rule(const void *data, unsigned int format)
 {
 	const struct iptables_command_state *cs = data;
 
@@ -277,10 +277,9 @@ static void nft_ipv6_save_firewall(const void *data, unsigned int format)
 	save_ipv6_addr('d', &cs->fw6.ipv6.dst, &cs->fw6.ipv6.dmsk,
 		       cs->fw6.ipv6.invflags & IP6T_INV_DSTIP);
 
-	save_firewall_details(cs, cs->fw6.ipv6.invflags, cs->fw6.ipv6.proto,
-			      cs->fw6.ipv6.iniface, cs->fw6.ipv6.iniface_mask,
-			      cs->fw6.ipv6.outiface,
-			      cs->fw6.ipv6.outiface_mask);
+	save_rule_details(cs, cs->fw6.ipv6.invflags, cs->fw6.ipv6.proto,
+			  cs->fw6.ipv6.iniface, cs->fw6.ipv6.iniface_mask,
+			  cs->fw6.ipv6.outiface, cs->fw6.ipv6.outiface_mask);
 
 	save_matches_and_target(cs->matches, cs->target,
 				cs->jumpto, cs->fw6.ipv6.flags, &cs->fw6);
@@ -438,8 +437,8 @@ struct nft_family_ops nft_family_ops_ipv6 = {
 	.parse_payload		= nft_ipv6_parse_payload,
 	.parse_immediate	= nft_ipv6_parse_immediate,
 	.print_header		= print_header,
-	.print_firewall		= nft_ipv6_print_firewall,
-	.save_firewall		= nft_ipv6_save_firewall,
+	.print_rule		= nft_ipv6_print_rule,
+	.save_rule		= nft_ipv6_save_rule,
 	.save_counters		= save_counters,
 	.proto_parse		= nft_ipv6_proto_parse,
 	.post_parse		= nft_ipv6_post_parse,
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index 1018b6319cb39..60b539c89b194 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -675,10 +675,10 @@ void print_header(unsigned int format, const char *chain, const char *pol,
 	printf("\n");
 }
 
-void print_firewall_details(const struct iptables_command_state *cs,
-			    const char *targname, uint8_t flags,
-			    uint8_t invflags, uint8_t proto,
-			    unsigned int num, unsigned int format)
+void print_rule_details(const struct iptables_command_state *cs,
+			const char *targname, uint8_t flags,
+			uint8_t invflags, uint8_t proto,
+			unsigned int num, unsigned int format)
 {
 	if (format & FMT_LINENUMBERS)
 		printf(FMT("%-4u ", "%u "), num);
@@ -765,12 +765,12 @@ print_iface(char letter, const char *iface, const unsigned char *mask, int inv)
 	printf(" ");
 }
 
-void save_firewall_details(const struct iptables_command_state *cs,
-			   uint8_t invflags, uint16_t proto,
-			   const char *iniface,
-			   unsigned const char *iniface_mask,
-			   const char *outiface,
-			   unsigned const char *outiface_mask)
+void save_rule_details(const struct iptables_command_state *cs,
+		       uint8_t invflags, uint16_t proto,
+		       const char *iniface,
+		       unsigned const char *iniface_mask,
+		       const char *outiface,
+		       unsigned const char *outiface_mask)
 {
 	if (iniface != NULL) {
 		print_iface('i', iniface, iniface_mask,
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index 578726d040e2d..20c198631a23e 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -91,9 +91,9 @@ struct nft_family_ops {
 			     const char *pol,
 			     const struct xt_counters *counters, bool basechain,
 			     uint32_t refs);
-	void (*print_firewall)(struct nftnl_rule *r, unsigned int num,
-			       unsigned int format);
-	void (*save_firewall)(const void *data, unsigned int format);
+	void (*print_rule)(struct nftnl_rule *r, unsigned int num,
+			   unsigned int format);
+	void (*save_rule)(const void *data, unsigned int format);
 	void (*save_counters)(const void *data);
 	void (*proto_parse)(struct iptables_command_state *cs,
 			    struct xtables_args *args);
@@ -151,20 +151,20 @@ void nft_clear_iptables_command_state(struct iptables_command_state *cs);
 void print_header(unsigned int format, const char *chain, const char *pol,
 		  const struct xt_counters *counters, bool basechain,
 		  uint32_t refs);
-void print_firewall_details(const struct iptables_command_state *cs,
-			    const char *targname, uint8_t flags,
-			    uint8_t invflags, uint8_t proto,
-			    unsigned int num, unsigned int format);
+void print_rule_details(const struct iptables_command_state *cs,
+			const char *targname, uint8_t flags,
+			uint8_t invflags, uint8_t proto,
+			unsigned int num, unsigned int format);
 void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags,
 		  unsigned int format);
 void print_matches_and_target(struct iptables_command_state *cs,
 			      unsigned int format);
-void save_firewall_details(const struct iptables_command_state *cs,
-			   uint8_t invflags, uint16_t proto,
-			   const char *iniface,
-			   unsigned const char *iniface_mask,
-			   const char *outiface,
-			   unsigned const char *outiface_mask);
+void save_rule_details(const struct iptables_command_state *cs,
+		       uint8_t invflags, uint16_t proto,
+		       const char *iniface,
+		       unsigned const char *iniface_mask,
+		       const char *outiface,
+		       unsigned const char *outiface_mask);
 void save_counters(const void *data);
 void save_matches_and_target(struct xtables_rule_match *m,
 			     struct xtables_target *target,
diff --git a/iptables/nft.c b/iptables/nft.c
index d94c5e9e0d247..fc3a7bf058629 100644
--- a/iptables/nft.c
+++ b/iptables/nft.c
@@ -1209,8 +1209,8 @@ nft_rule_print_save(const struct nftnl_rule *r, enum nft_rule_print type,
 		break;
 	}
 
-	if (ops->save_firewall)
-		ops->save_firewall(&cs, format);
+	if (ops->save_rule)
+		ops->save_rule(&cs, format);
 
 	if (ops->clear_cs)
 		ops->clear_cs(&cs);
@@ -2218,7 +2218,7 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
 
 	if (chain && rulenum) {
 		__nft_rule_list(h, chain, table,
-				rulenum, format, ops->print_firewall);
+				rulenum, format, ops->print_rule);
 		return 1;
 	}
 
@@ -2262,7 +2262,7 @@ int nft_rule_list(struct nft_handle *h, const char *chain, const char *table,
 				  &ctrs, basechain, refs);
 
 		__nft_rule_list(h, chain_name, table,
-				rulenum, format, ops->print_firewall);
+				rulenum, format, ops->print_rule);
 
 		/* we printed the chain we wanted, stop processing. */
 		if (chain)
-- 
2.18.0

--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux