Dump extension data if it differs.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/nft-shared.c | 2 ++
iptables/xshared.h | 7 +++++++
2 files changed, 9 insertions(+)
diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index 0cd082b5396d0..34ca9d16569d0 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -398,6 +398,8 @@ bool compare_matches(struct xtables_rule_match *mt1,
if (memcmp(m1->data, m2->data, cmplen) != 0) {
DEBUGP("mismatch match data\n");
+ DEBUG_HEXDUMP("m1->data", m1->data, cmplen);
+ DEBUG_HEXDUMP("m2->data", m2->data, cmplen);
return false;
}
}
diff --git a/iptables/xshared.h b/iptables/xshared.h
index 0ed9f3c29c600..a200e0d620ad3 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -12,8 +12,15 @@
#ifdef DEBUG
#define DEBUGP(x, args...) fprintf(stderr, x, ## args)
+#define DEBUG_HEXDUMP(pfx, data, len) \
+ for (int __i = 0; __i < (len); __i++) { \
+ if (__i % 16 == 0) \
+ printf("%s%s: ", __i ? "\n" : "", (pfx)); \
+ printf("%02x ", ((const unsigned char *)data)[__i]); \
+ } printf("\n")
#else
#define DEBUGP(x, args...)
+#define DEBUG_HEXDUMP(pfx, data, len)
#endif
enum {
--
2.40.0
