On Mon, Sep 30, 2019 at 06:30:53PM +0200, Pablo Neira Ayuso wrote:
> On Wed, Sep 25, 2019 at 11:25:58PM +0200, Phil Sutter wrote:
> > This is a requirement for outsourcing line parsing code into a dedicated
> > function.
> >
> > Signed-off-by: Phil Sutter <phil@xxxxxx>
> > ---
> > iptables/nft-shared.h | 1 +
> > iptables/xtables-restore.c | 17 ++++++++---------
> > 2 files changed, 9 insertions(+), 9 deletions(-)
> >
> > diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
> > index 9d62913461fa4..facad6d02a7ec 100644
> > --- a/iptables/nft-shared.h
> > +++ b/iptables/nft-shared.h
> > @@ -237,6 +237,7 @@ struct nft_xt_restore_parse {
> > int testing;
> > const char *tablename;
> > bool commit;
> > + bool in_table;
>
> I don't think this belong here.
>
> If you want to add a structure, then add something like:
>
> struct nft_xt_parse_ctx {
> char buffer[10240];
> char *curtable;
> int in_table;
> };
>
> to store all the internal context, not mix things like internal
> parsing context with the object that describes the parser
> configuration.
Attaching a patch to constify nft_xt_restore_parse.
diff --git a/iptables/nft-shared.h b/iptables/nft-shared.h
index de889ead7b60..ea9e5bfa6ae1 100644
--- a/iptables/nft-shared.h
+++ b/iptables/nft-shared.h
@@ -261,7 +261,7 @@ struct nft_xt_restore_cb {
};
void xtables_restore_parse(struct nft_handle *h,
- struct nft_xt_restore_parse *p,
+ const struct nft_xt_restore_parse *p,
struct nft_xt_restore_cb *cb,
int argc, char *argv[]);
diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index 601c842feab3..d34fad43e0b3 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -85,7 +85,7 @@ static const struct xtc_ops xtc_ops = {
};
void xtables_restore_parse(struct nft_handle *h,
- struct nft_xt_restore_parse *p,
+ const struct nft_xt_restore_parse *p,
struct nft_xt_restore_cb *cb,
int argc, char *argv[])
{
