On Mon, Oct 29, 2018 at 05:49:56PM +0100, Pablo Neira Ayuso wrote:
> On Mon, Oct 29, 2018 at 05:46:29PM +0100, Phil Sutter wrote:
> > Hi,
> >
> > On Mon, Oct 29, 2018 at 02:10:27PM +0100, Pablo Neira Ayuso wrote:
> > > We keep printing layer 4 protocols as literals since we do not use
> > > /etc/protocols. Add -p option to print layer 4 protocols numerically.
> > >
> > > Signed-off-by: Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>
> >
> > Acked-by: Phil Sutter <phil@xxxxxx>
> >
> > One question:
> >
> > [...]
> > > diff --git a/src/datatype.c b/src/datatype.c
> > > index 48eaca277757..2e957e60bb71 100644
> > > --- a/src/datatype.c
> > > +++ b/src/datatype.c
> > > @@ -564,7 +564,7 @@ static void inet_protocol_type_print(const struct expr *expr,
> > > {
> > > struct protoent *p;
> > >
> > > - if (octx->numeric < NFT_NUMERIC_ALL) {
> > > + if (!nft_output_numeric_protocol(octx)) {
> > > p = getprotobynumber(mpz_get_uint8(expr->value));
> > > if (p != NULL) {
> > > nft_print(octx, "%s", p->p_name);
> >
> > In range_expression_print(), we did:
> >
> > | octx->numeric += NFT_NUMERIC_ALL + 1
> >
> > to avoid confusion with names containing dashes. I see that now the same
> > function just removes NFT_CTX_OUTPUT_SERVICE bit instead. Is that
> > sufficient? I guess users could still turn on reverse DNS while listing
> > interval sets with IP addresses, right?
>
> Right, reverse dns listing was broken before this patch, we should
> disable it too. Sending a patch for this.
Oh, indeed. Actually I broke it with this patch :-), since
octx->numeric < NFT_NUMERIC_ALL was covering that case. Will included
a Fixes: tag in http://patchwork.ozlabs.org/patch/990427/
Thanks!
