Hi,
On Mon, Oct 29, 2018 at 02:10:27PM +0100, Pablo Neira Ayuso wrote:
> We keep printing layer 4 protocols as literals since we do not use
> /etc/protocols. Add -p option to print layer 4 protocols numerically.
>
> Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
Acked-by: Phil Sutter <phil@xxxxxx>
One question:
[...]
> diff --git a/src/datatype.c b/src/datatype.c
> index 48eaca277757..2e957e60bb71 100644
> --- a/src/datatype.c
> +++ b/src/datatype.c
> @@ -564,7 +564,7 @@ static void inet_protocol_type_print(const struct expr *expr,
> {
> struct protoent *p;
>
> - if (octx->numeric < NFT_NUMERIC_ALL) {
> + if (!nft_output_numeric_protocol(octx)) {
> p = getprotobynumber(mpz_get_uint8(expr->value));
> if (p != NULL) {
> nft_print(octx, "%s", p->p_name);
In range_expression_print(), we did:
| octx->numeric += NFT_NUMERIC_ALL + 1
to avoid confusion with names containing dashes. I see that now the same
function just removes NFT_CTX_OUTPUT_SERVICE bit instead. Is that
sufficient? I guess users could still turn on reverse DNS while listing
interval sets with IP addresses, right?
Cheers, Phil
