* libxtables rework
@ 2009-02-09 17:34 Jan Engelhardt
2009-02-09 17:34 ` [PATCH 01/16] src: remove redundant returns at end of void-returning functions Jan Engelhardt
` (16 more replies)
0 siblings, 17 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Patrick McHardy wrote on 2009-02-09 15:39:16:
>So I prefer a resubmission in any case.
Jan Engelhardt (16):
src: remove redundant returns at end of void-returning functions
src: remove redundant casts
libxt_owner: use correct UID/GID boundaries
extensions: use UINT_MAX constants over open-coded bits (1/2)
extensions: use UINT_MAX constants over open-coded numbers (2/2)
libxtables: prefix/order - libdir
libxtables: prefix/order - strtoui
libxtables: prefix/order - program_name
libxtables: prefix/order - param_act
libxtables: prefix/order - ipaddr/ipmask to ascii output
libxtables: prefix/order - ascii to ipaddr/ipmask input
libxtables: prefix - misc functions
libxtables: prefix - parse and escaped output func
libxtables: prefix/order - move check_inverse to xtables.c
libxtables: prefix/order - move parse_protocol to xtables.c
libxtables: move afinfo around
.gitignore | 1 +
Makefile.am | 2 +-
configure.ac | 26 +--
extensions/libip6t_HL.c | 4 +-
extensions/libip6t_LOG.c | 8 +-
extensions/libip6t_REJECT.c | 2 +-
extensions/libip6t_ah.c | 6 +-
extensions/libip6t_dst.c | 11 +-
extensions/libip6t_frag.c | 6 +-
extensions/libip6t_hbh.c | 11 +-
extensions/libip6t_hl.c | 2 +-
extensions/libip6t_icmp6.c | 6 +-
extensions/libip6t_ipv6header.c | 8 +-
extensions/libip6t_mh.c | 4 +-
extensions/libip6t_policy.c | 8 +-
extensions/libip6t_rt.c | 10 +-
extensions/libipt_CLUSTERIP.c | 10 +-
extensions/libipt_DNAT.c | 10 +-
extensions/libipt_ECN.c | 6 +-
extensions/libipt_LOG.c | 10 +-
extensions/libipt_MASQUERADE.c | 2 +-
extensions/libipt_NETMAP.c | 12 +-
extensions/libipt_REDIRECT.c | 4 +-
extensions/libipt_REJECT.c | 2 +-
extensions/libipt_SAME.c | 14 +-
extensions/libipt_SET.c | 2 +-
extensions/libipt_SNAT.c | 10 +-
extensions/libipt_TTL.c | 4 +-
extensions/libipt_ULOG.c | 6 +-
extensions/libipt_addrtype.c | 8 +-
extensions/libipt_ah.c | 4 +-
extensions/libipt_ecn.c | 8 +-
extensions/libipt_icmp.c | 6 +-
extensions/libipt_policy.c | 16 +-
extensions/libipt_realm.c | 4 +-
extensions/libipt_set.c | 2 +-
extensions/libipt_ttl.c | 8 +-
extensions/libxt_CONNMARK.c | 56 +++---
extensions/libxt_DSCP.c | 7 +-
extensions/libxt_MARK.c | 50 +++---
extensions/libxt_NFLOG.c | 6 +-
extensions/libxt_NFQUEUE.c | 3 +-
extensions/libxt_TCPMSS.c | 3 +-
extensions/libxt_TCPOPTSTRIP.c | 3 +-
extensions/libxt_TOS.c | 36 ++--
extensions/libxt_TPROXY.c | 36 ++--
extensions/libxt_comment.c | 2 +-
extensions/libxt_connbytes.c | 2 +-
extensions/libxt_connlimit.c | 2 +-
extensions/libxt_connmark.c | 16 +-
extensions/libxt_conntrack.c | 91 +++++-----
extensions/libxt_dccp.c | 18 +-
extensions/libxt_dscp.c | 11 +-
extensions/libxt_esp.c | 4 +-
extensions/libxt_hashlimit.c | 98 +++++-----
extensions/libxt_helper.c | 4 +-
extensions/libxt_iprange.c | 80 ++++----
extensions/libxt_length.c | 6 +-
extensions/libxt_limit.c | 6 +-
extensions/libxt_mac.c | 2 +-
extensions/libxt_mark.c | 16 +-
extensions/libxt_multiport.c | 18 +-
extensions/libxt_owner.c | 73 ++++----
extensions/libxt_physdev.c | 14 +-
extensions/libxt_pkttype.c | 2 +-
extensions/libxt_quota.c | 4 +-
extensions/libxt_rateest.c | 27 ++--
extensions/libxt_recent.c | 8 +-
extensions/libxt_sctp.c | 12 +-
extensions/libxt_state.c | 2 +-
extensions/libxt_statistic.c | 9 +-
extensions/libxt_string.c | 6 +-
extensions/libxt_tcp.c | 18 +-
extensions/libxt_tcpmss.c | 6 +-
extensions/libxt_time.c | 1 -
extensions/libxt_tos.c | 8 +-
extensions/libxt_u32.c | 2 -
extensions/libxt_udp.c | 10 +-
extensions/tos_values.c | 8 +-
include/xtables.h.in | 115 +++++++------
include/xtables/internal.h | 36 ----
include/xtables/internal.h.in | 17 ++
ip6tables-restore.c | 17 +--
ip6tables-save.c | 17 +--
ip6tables-standalone.c | 15 +-
ip6tables.c | 149 +++------------
iptables-restore.c | 17 +--
iptables-save.c | 17 +--
iptables-standalone.c | 15 +-
iptables-xml.c | 8 +-
iptables.c | 140 +++-----------
xtables.c | 387 +++++++++++++++++++++++++++------------
92 files changed, 963 insertions(+), 1036 deletions(-)
^ permalink raw reply [flat|nested] 24+ messages in thread
* [PATCH 01/16] src: remove redundant returns at end of void-returning functions
2009-02-09 17:34 libxtables rework Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 02/16] src: remove redundant casts Jan Engelhardt
` (15 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
| 4 ----
extensions/libxt_DSCP.c | 1 -
extensions/libxt_NFQUEUE.c | 1 -
extensions/libxt_dscp.c | 1 -
extensions/libxt_u32.c | 2 --
iptables-xml.c | 2 --
6 files changed, 0 insertions(+), 11 deletions(-)
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index 3006124..1fc9b7e 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -262,8 +262,6 @@ static void ipv6header_print(const void *ip,
if (info->modeflag)
printf("soft ");
-
- return;
}
static void ipv6header_save(const void *ip, const struct xt_entry_match *match)
@@ -276,8 +274,6 @@ static void ipv6header_save(const void *ip, const struct xt_entry_match *match)
printf(" ");
if (info->modeflag)
printf("--soft ");
-
- return;
}
static struct xtables_match ipv6header_mt6_reg = {
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index 6625db1..c9b0327 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -57,7 +57,6 @@ parse_dscp(const char *s, struct xt_DSCP_info *dinfo)
"DSCP `%d` out of range\n", dscp);
dinfo->dscp = (u_int8_t )dscp;
- return;
}
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index 7daed18..5880785 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -38,7 +38,6 @@ parse_num(const char *s, struct xt_NFQ_info *tinfo)
"Invalid queue number `%s'\n", s);
tinfo->queuenum = num & 0xffff;
- return;
}
static int
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index eefb186..bb794f5 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -57,7 +57,6 @@ parse_dscp(const char *s, struct xt_dscp_info *dinfo)
"DSCP `%d` out of range\n", dscp);
dinfo->dscp = (u_int8_t )dscp;
- return;
}
diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c
index 256d15f..f0bb61a 100644
--- a/extensions/libxt_u32.c
+++ b/extensions/libxt_u32.c
@@ -254,7 +254,6 @@ static void u32_print(const void *ip, const struct xt_entry_match *match,
if (data->invert)
printf("! ");
u32_dump(data);
- return;
}
static void u32_save(const void *ip, const struct xt_entry_match *match)
@@ -264,7 +263,6 @@ static void u32_save(const void *ip, const struct xt_entry_match *match)
printf("! ");
printf("--u32 ");
u32_dump(data);
- return;
}
static struct xtables_match u32_match = {
diff --git a/iptables-xml.c b/iptables-xml.c
index 8aee5c2..6481b8e 100644
--- a/iptables-xml.c
+++ b/iptables-xml.c
@@ -531,8 +531,6 @@ do_rule_part(char *leveltag1, char *leveltag2, int part, int argc,
if (level1)
printf("%s", leveli1);
CLOSE_LEVEL(1);
-
- return;
}
static int
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 02/16] src: remove redundant casts
2009-02-09 17:34 libxtables rework Jan Engelhardt
2009-02-09 17:34 ` [PATCH 01/16] src: remove redundant returns at end of void-returning functions Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 03/16] libxt_owner: use correct UID/GID boundaries Jan Engelhardt
` (14 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
All of them are implicitly convertable without any wanted side effects.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_LOG.c | 2 +-
extensions/libip6t_ah.c | 2 +-
extensions/libip6t_dst.c | 7 +++----
extensions/libip6t_frag.c | 2 +-
extensions/libip6t_hbh.c | 7 +++----
| 2 +-
extensions/libip6t_rt.c | 2 +-
extensions/libipt_CLUSTERIP.c | 4 ++--
extensions/libipt_LOG.c | 2 +-
extensions/libipt_ah.c | 2 +-
extensions/libipt_realm.c | 2 +-
extensions/libxt_DSCP.c | 4 ++--
extensions/libxt_dccp.c | 2 +-
extensions/libxt_dscp.c | 4 ++--
extensions/libxt_esp.c | 2 +-
extensions/libxt_length.c | 2 +-
extensions/libxt_tcp.c | 2 +-
extensions/libxt_tcpmss.c | 2 +-
xtables.c | 2 +-
19 files changed, 26 insertions(+), 28 deletions(-)
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 40a551f..1b21d5d 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -91,7 +91,7 @@ parse_level(const char *level)
"log-level `%s' unknown", level);
}
- return (u_int8_t)lev;
+ return lev;
}
#define IP6T_LOG_OPT_LEVEL 0x01
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index 0bbd475..63d1573 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -45,7 +45,7 @@ parse_ah_spi(const char *spistr, const char *typestr)
exit_error(PARAMETER_PROBLEM,
"AH error parsing %s `%s'", typestr, spistr);
- return (u_int32_t) spi;
+ return spi;
}
static void
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
index 215e2d9..43562c1 100644
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -49,7 +49,7 @@ parse_opts_num(const char *idstr, const char *typestr)
exit_error(PARAMETER_PROBLEM,
"dst: error parsing %s `%s'", typestr, idstr);
}
- return (u_int32_t) id;
+ return id;
}
static int
@@ -78,13 +78,12 @@ parse_options(const char *optsstr, u_int16_t *opts)
*range++ = '\0';
}
- opts[i] = (u_int16_t)((parse_opts_num(cp,"opt") & 0x000000FF)<<8);
+ opts[i] = (parse_opts_num(cp, "opt") & 0xFF) << 8;
if (range) {
if (opts[i] == 0)
exit_error(PARAMETER_PROBLEM,
"PAD0 hasn't got length");
- opts[i] |= (u_int16_t)(parse_opts_num(range,"length") &
- 0x000000FF);
+ opts[i] |= parse_opts_num(range, "length") & 0xFF;
} else
opts[i] |= (0x00FF);
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c
index 5ded1c6..7c22429 100644
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -51,7 +51,7 @@ parse_frag_id(const char *idstr, const char *typestr)
exit_error(PARAMETER_PROBLEM,
"FRAG error parsing %s `%s'", typestr, idstr);
}
- return (u_int32_t) id;
+ return id;
}
static void
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index 419c250..6c7458d 100644
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -52,7 +52,7 @@ parse_opts_num(const char *idstr, const char *typestr)
exit_error(PARAMETER_PROBLEM,
"hbh: error parsing %s `%s'", typestr, idstr);
}
- return (u_int32_t) id;
+ return id;
}
static int
@@ -75,12 +75,11 @@ parse_options(const char *optsstr, u_int16_t *opts)
"too many ports specified");
*range++ = '\0';
}
- opts[i] = (u_int16_t)((parse_opts_num(cp,"opt") & 0x000000FF)<<8);
+ opts[i] = (parse_opts_num(cp, "opt") & 0xFF) << 8;
if (range) {
if (opts[i] == 0)
exit_error(PARAMETER_PROBLEM, "PAD0 hasn't got length");
- opts[i] |= (u_int16_t)(parse_opts_num(range,"length") &
- 0x000000FF);
+ opts[i] |= parse_opts_num(range, "length") & 0xFF;
} else {
opts[i] |= (0x00FF);
}
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index 1fc9b7e..ea8870a 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -110,7 +110,7 @@ name_to_proto(const char *s)
s);
}
- return (u_int16_t)proto;
+ return proto;
}
static unsigned int
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index 9468da1..49d86fa 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -58,7 +58,7 @@ parse_rt_num(const char *idstr, const char *typestr)
exit_error(PARAMETER_PROBLEM,
"RT error parsing %s `%s'", typestr, idstr);
}
- return (u_int32_t) id;
+ return id;
}
static void
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c
index 4718496..e93290a 100644
--- a/extensions/libipt_CLUSTERIP.c
+++ b/extensions/libipt_CLUSTERIP.c
@@ -122,7 +122,7 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM, "Can only specify total node number once\n");
if (string_to_number(optarg, 1, CLUSTERIP_MAX_NODES, &num) < 0)
exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg);
- cipinfo->num_total_nodes = (u_int16_t)num;
+ cipinfo->num_total_nodes = num;
*flags |= PARAM_TOTALNODE;
break;
case '5':
@@ -133,7 +133,7 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags,
if (string_to_number(optarg, 1, CLUSTERIP_MAX_NODES, &num) < 0)
exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg);
cipinfo->num_local_nodes = 1;
- cipinfo->local_nodes[0] = (u_int16_t)num;
+ cipinfo->local_nodes[0] = num;
*flags |= PARAM_LOCALNODE;
break;
case '6':
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 668b565..2aee910 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -91,7 +91,7 @@ parse_level(const char *level)
"log-level `%s' unknown", level);
}
- return (u_int8_t)lev;
+ return lev;
}
#define IPT_LOG_OPT_LEVEL 0x01
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index fec87a7..10998d8 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -41,7 +41,7 @@ parse_ah_spi(const char *spistr)
exit_error(PARAMETER_PROBLEM,
"AH error parsing spi `%s'", spistr);
}
- return (u_int32_t) spi;
+ return spi;
}
static void
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index 5af2fd4..22cbe27 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -173,7 +173,7 @@ static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
if (id == -1)
exit_error(PARAMETER_PROBLEM,
"Realm `%s' not found", optarg);
- realminfo->id = (u_int32_t)id;
+ realminfo->id = id;
realminfo->mask = 0xffffffff;
}
if (invert)
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index c9b0327..409fa19 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -56,7 +56,7 @@ parse_dscp(const char *s, struct xt_DSCP_info *dinfo)
exit_error(PARAMETER_PROBLEM,
"DSCP `%d` out of range\n", dscp);
- dinfo->dscp = (u_int8_t )dscp;
+ dinfo->dscp = dscp;
}
@@ -66,7 +66,7 @@ parse_class(const char *s, struct xt_DSCP_info *dinfo)
unsigned int dscp = class_to_dscp(s);
/* Assign the value */
- dinfo->dscp = (u_int8_t)dscp;
+ dinfo->dscp = dscp;
}
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index 24bf6f7..b1ae62e 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -125,7 +125,7 @@ static u_int8_t parse_dccp_option(char *optstring)
exit_error(PARAMETER_PROBLEM, "Bad DCCP option `%s'",
optstring);
- return (u_int8_t)ret;
+ return ret;
}
static int
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index bb794f5..315e219 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -56,7 +56,7 @@ parse_dscp(const char *s, struct xt_dscp_info *dinfo)
exit_error(PARAMETER_PROBLEM,
"DSCP `%d` out of range\n", dscp);
- dinfo->dscp = (u_int8_t )dscp;
+ dinfo->dscp = dscp;
}
@@ -66,7 +66,7 @@ parse_class(const char *s, struct xt_dscp_info *dinfo)
unsigned int dscp = class_to_dscp(s);
/* Assign the value */
- dinfo->dscp = (u_int8_t)dscp;
+ dinfo->dscp = dscp;
}
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index 999733c..34df876 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -43,7 +43,7 @@ parse_esp_spi(const char *spistr)
exit_error(PARAMETER_PROBLEM,
"ESP error parsing spi `%s'", spistr);
}
- return (u_int32_t) spi;
+ return spi;
}
static void
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 98e8167..e350431 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -29,7 +29,7 @@ parse_length(const char *s)
if (string_to_number(s, 0, 0xFFFF, &len) == -1)
exit_error(PARAMETER_PROBLEM, "length invalid: `%s'\n", s);
else
- return (u_int16_t )len;
+ return len;
}
/* If a single value is provided, min and max are both set to the value */
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index 14d8c18..a9039f0 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -124,7 +124,7 @@ parse_tcp_option(const char *option, u_int8_t *result)
if (string_to_number(option, 1, 255, &ret) == -1)
exit_error(PARAMETER_PROBLEM, "Bad TCP option `%s'", option);
- *result = (u_int8_t)ret;
+ *result = ret;
}
static void tcp_init(struct xt_entry_match *m)
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index 000d85a..a720c42 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -27,7 +27,7 @@ parse_tcp_mssvalue(const char *mssvalue)
unsigned int mssvaluenum;
if (string_to_number(mssvalue, 0, 65535, &mssvaluenum) != -1)
- return (u_int16_t)mssvaluenum;
+ return mssvaluenum;
exit_error(PARAMETER_PROBLEM,
"Invalid mss `%s' specified", mssvalue);
diff --git a/xtables.c b/xtables.c
index 849dc7d..10a2268 100644
--- a/xtables.c
+++ b/xtables.c
@@ -265,7 +265,7 @@ u_int16_t parse_port(const char *port, const char *proto)
if ((string_to_number(port, 0, 65535, &portnum)) != -1 ||
(portnum = service_to_port(port, proto)) != (unsigned)-1)
- return (u_int16_t)portnum;
+ return portnum;
exit_error(PARAMETER_PROBLEM,
"invalid port/service `%s' specified", port);
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 03/16] libxt_owner: use correct UID/GID boundaries
2009-02-09 17:34 libxtables rework Jan Engelhardt
2009-02-09 17:34 ` [PATCH 01/16] src: remove redundant returns at end of void-returning functions Jan Engelhardt
2009-02-09 17:34 ` [PATCH 02/16] src: remove redundant casts Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 04/16] extensions: use UINT_MAX constants over open-coded bits (1/2) Jan Engelhardt
` (13 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
-1 is a reserved number (chown uses it to denote "do not change"),
so the maximum libxt_owner should permit is up to UINT32_MAX-1.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libxt_owner.c | 14 +++++++-------
1 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index 4cd173e..c8677a8 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -110,7 +110,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "owner", "--uid-owner", *flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
id = pwd->pw_uid;
- else if (!strtonum(optarg, NULL, &id, 0, ~(uid_t)0))
+ else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--uid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_UID;
@@ -123,7 +123,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "owner", "--gid-owner", *flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
id = grp->gr_gid;
- else if (!strtonum(optarg, NULL, &id, 0, ~(gid_t)0))
+ else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--gid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_GID;
@@ -190,7 +190,7 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
*flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
id = pwd->pw_uid;
- else if (!strtonum(optarg, NULL, &id, 0, ~(uid_t)0))
+ else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--uid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_UID;
@@ -204,7 +204,7 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
*flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
id = grp->gr_gid;
- else if (!strtonum(optarg, NULL, &id, 0, ~(gid_t)0))
+ else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--gid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_GID;
@@ -245,12 +245,12 @@ static void owner_parse_range(const char *s, unsigned int *from,
{
char *end;
- /* 4294967295 is reserved, so subtract one from ~0 */
- if (!strtonum(s, &end, from, 0, (~(uid_t)0) - 1))
+ /* -1 is reversed, so the max is one less than that. */
+ if (!strtonum(s, &end, from, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", opt, s);
*to = *from;
if (*end == '-' || *end == ':')
- if (!strtonum(end + 1, &end, to, 0, (~(uid_t)0) - 1))
+ if (!strtonum(end + 1, &end, to, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", opt, s);
if (*end != '\0')
param_act(P_BAD_VALUE, "owner", opt, s);
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 04/16] extensions: use UINT_MAX constants over open-coded bits (1/2)
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (2 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 03/16] libxt_owner: use correct UID/GID boundaries Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 05/16] extensions: use UINT_MAX constants over open-coded numbers (2/2) Jan Engelhardt
` (12 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
~0 depends on the sizeof(int), so it is better to use UINT32_MAX.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libxt_CONNMARK.c | 26 +++++++++++++-------------
extensions/libxt_MARK.c | 12 ++++++------
extensions/libxt_TPROXY.c | 2 +-
extensions/libxt_connmark.c | 6 +++---
extensions/libxt_conntrack.c | 10 +++++-----
extensions/libxt_mark.c | 6 +++---
extensions/libxt_quota.c | 2 +-
extensions/libxt_string.c | 2 +-
8 files changed, 33 insertions(+), 33 deletions(-)
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index 2ad2759..d5d963d 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -90,8 +90,8 @@ static void connmark_tg_init(struct xt_entry_target *target)
* Need these defaults for --save-mark/--restore-mark if no
* --ctmark or --nfmask is given.
*/
- info->ctmask = ~0U;
- info->nfmask = ~0U;
+ info->ctmask = UINT32_MAX;
+ info->nfmask = UINT32_MAX;
}
static int
@@ -152,17 +152,17 @@ static int connmark_tg_parse(int c, char **argv, int invert,
struct xt_entry_target **target)
{
struct xt_connmark_tginfo1 *info = (void *)(*target)->data;
- unsigned int value, mask = ~0U;
+ unsigned int value, mask = UINT32_MAX;
char *end;
switch (c) {
case '=': /* --set-xmark */
case '-': /* --set-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, &end, &value, 0, ~0U))
+ if (!strtonum(optarg, &end, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, ~0U))
+ if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
@@ -176,7 +176,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '&': /* --and-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, NULL, &mask, 0, ~0U))
+ if (!strtonum(optarg, NULL, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--and-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = 0;
@@ -186,7 +186,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '|': /* --or-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--or-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
@@ -196,7 +196,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '^': /* --xor-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--xor-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
@@ -221,7 +221,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
"or --restore-mark is required for "
"--nfmask");
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--nfmask", optarg);
info->nfmask = value;
return true;
@@ -231,7 +231,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
"or --restore-mark is required for "
"--ctmask");
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--ctmask", optarg);
info->ctmask = value;
return true;
@@ -241,7 +241,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
"or --restore-mark is required for "
"--mask");
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--mask", optarg);
info->nfmask = info->ctmask = value;
return true;
@@ -317,7 +317,7 @@ connmark_tg_print(const void *ip, const struct xt_entry_target *target,
info->ctmark, info->ctmask);
break;
case XT_CONNMARK_SAVE:
- if (info->nfmask == ~0U && info->ctmask == ~0U)
+ if (info->nfmask == UINT32_MAX && info->ctmask == UINT32_MAX)
printf("CONNMARK save ");
else if (info->nfmask == info->ctmask)
printf("CONNMARK save mask 0x%x ", info->nfmask);
@@ -326,7 +326,7 @@ connmark_tg_print(const void *ip, const struct xt_entry_target *target,
info->nfmask, info->ctmask);
break;
case XT_CONNMARK_RESTORE:
- if (info->ctmask == ~0U && info->nfmask == ~0U)
+ if (info->ctmask == UINT32_MAX && info->nfmask == UINT32_MAX)
printf("CONNMARK restore ");
else if (info->ctmask == info->nfmask)
printf("CONNMARK restore mask 0x%x ", info->ctmask);
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index 95bce89..b02322b 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -126,7 +126,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_mark_tginfo2 *info = (void *)(*target)->data;
- unsigned int value, mask = ~0U;
+ unsigned int value, mask = UINT32_MAX;
char *end;
switch (c) {
@@ -134,10 +134,10 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '=': /* --set-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--set-xmark/--set-mark", invert);
- if (!strtonum(optarg, &end, &value, 0, ~0U))
+ if (!strtonum(optarg, &end, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, ~0U))
+ if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
@@ -151,7 +151,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '&': /* --and-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--and-mark", invert);
- if (!strtonum(optarg, NULL, &mask, 0, ~0U))
+ if (!strtonum(optarg, NULL, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--and-mark", optarg);
info->mark = 0;
info->mask = ~mask;
@@ -160,7 +160,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '|': /* --or-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--or-mark", invert);
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--or-mark", optarg);
info->mark = value;
info->mask = value;
@@ -169,7 +169,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '^': /* --xor-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--xor-mark", invert);
- if (!strtonum(optarg, NULL, &value, 0, ~0U))
+ if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--xor-mark", optarg);
info->mark = value;
info->mask = 0;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index deb214f..e9a41a1 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -58,7 +58,7 @@ static void parse_tproxy_laddr(const char *s, struct xt_tproxy_target_info *info
static void parse_tproxy_mark(char *s, struct xt_tproxy_target_info *info)
{
- unsigned int value, mask = ~0U;
+ unsigned int value, mask = UINT32_MAX;
char *end;
if (!strtonum(s, &end, &value, 0, UINT_MAX))
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index bc7ef45..fbd3e62 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -49,16 +49,16 @@ connmark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_connmark_mtinfo1 *info = (void *)(*match)->data;
- unsigned int mark, mask = ~0U;
+ unsigned int mark, mask = UINT32_MAX;
char *end;
switch (c) {
case '1': /* --mark */
param_act(P_ONLY_ONCE, "connmark", "--mark", *flags & F_MARK);
- if (!strtonum(optarg, &end, &mark, 0, ~0U))
+ if (!strtonum(optarg, &end, &mark, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, ~0U))
+ if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index d5dee7e..532f5ee 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -272,7 +272,7 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo1 *info, const char *s)
param_act(P_BAD_VALUE, "conntrack", "--expires", s);
max = min;
if (*end == ':')
- if (!strtonum(s, &end, &max, 0, ~0U))
+ if (!strtonum(s, &end, &max, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "conntrack", "--expires", s);
if (*end != '\0')
param_act(P_BAD_VALUE, "conntrack", "--expires", s);
@@ -481,7 +481,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'a': /* --ctorigsrcport */
- if (!strtonum(optarg, NULL, &port, 0, ~(u_int16_t)0))
+ if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctorigsrcport", optarg);
info->match_flags |= XT_CONNTRACK_ORIGSRC_PORT;
@@ -491,7 +491,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'b': /* --ctorigdstport */
- if (!strtonum(optarg, NULL, &port, 0, ~(u_int16_t)0))
+ if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctorigdstport", optarg);
info->match_flags |= XT_CONNTRACK_ORIGDST_PORT;
@@ -501,7 +501,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'c': /* --ctreplsrcport */
- if (!strtonum(optarg, NULL, &port, 0, ~(u_int16_t)0))
+ if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctreplsrcport", optarg);
info->match_flags |= XT_CONNTRACK_REPLSRC_PORT;
@@ -511,7 +511,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'd': /* --ctrepldstport */
- if (!strtonum(optarg, NULL, &port, 0, ~(u_int16_t)0))
+ if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctrepldstport", optarg);
info->match_flags |= XT_CONNTRACK_REPLDST_PORT;
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 811cc77..5a95d51 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -29,16 +29,16 @@ static int mark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_mark_mtinfo1 *info = (void *)(*match)->data;
- unsigned int mark, mask = ~0U;
+ unsigned int mark, mask = UINT32_MAX;
char *end;
switch (c) {
case '1': /* --mark */
param_act(P_ONLY_ONCE, "mark", "--mark", *flags & F_MARK);
- if (!strtonum(optarg, &end, &mark, 0, ~0U))
+ if (!strtonum(optarg, &end, &mark, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "mark", "--mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, ~0U))
+ if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "mark", "--mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "mark", "--mark", optarg);
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index 5007f7c..90da1cd 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -46,7 +46,7 @@ parse_quota(const char *s, u_int64_t * quota)
printf("Quota: %llu\n", *quota);
#endif
- if (*quota == (u_int64_t)-1)
+ if (*quota == UINT64_MAX)
exit_error(PARAMETER_PROBLEM, "quota invalid: '%s'\n", s);
else
return 1;
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index b440fc9..0408c23 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -57,7 +57,7 @@ static void string_init(struct xt_entry_match *m)
struct xt_string_info *i = (struct xt_string_info *) m->data;
if (i->to_offset == 0)
- i->to_offset = (u_int16_t) ~0UL;
+ i->to_offset = UINT16_MAX;
}
static void
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 05/16] extensions: use UINT_MAX constants over open-coded numbers (2/2)
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (3 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 04/16] extensions: use UINT_MAX constants over open-coded bits (1/2) Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 06/16] libxtables: prefix/order - libdir Jan Engelhardt
` (11 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Use the handy constants for ranges.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_HL.c | 2 +-
extensions/libip6t_icmp6.c | 4 ++--
extensions/libip6t_mh.c | 2 +-
extensions/libipt_TTL.c | 2 +-
extensions/libipt_icmp.c | 4 ++--
extensions/libipt_ttl.c | 6 +++---
extensions/libxt_DSCP.c | 2 +-
extensions/libxt_NFQUEUE.c | 2 +-
extensions/libxt_TCPMSS.c | 2 +-
extensions/libxt_TCPOPTSTRIP.c | 2 +-
extensions/libxt_TOS.c | 6 +++---
extensions/libxt_TPROXY.c | 2 +-
extensions/libxt_dccp.c | 2 +-
extensions/libxt_dscp.c | 2 +-
extensions/libxt_hashlimit.c | 16 ++++++++--------
extensions/libxt_length.c | 2 +-
extensions/libxt_statistic.c | 4 ++--
extensions/libxt_tcp.c | 2 +-
extensions/libxt_tcpmss.c | 2 +-
extensions/tos_values.c | 2 +-
ip6tables.c | 4 ++--
iptables.c | 4 ++--
xtables.c | 8 ++++----
23 files changed, 42 insertions(+), 42 deletions(-)
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 92266e4..8f55572 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -44,7 +44,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"HL: unexpected `!'");
- if (string_to_number(optarg, 0, 255, &value) == -1)
+ if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
exit_error(PARAMETER_PROBLEM,
"HL: Expected value between 0 and 255");
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index b87538f..17567df 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -123,12 +123,12 @@ parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[])
if (slash)
*slash = '\0';
- if (string_to_number(buffer, 0, 255, &number) == -1)
+ if (string_to_number(buffer, 0, UINT8_MAX, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMPv6 type `%s'\n", buffer);
*type = number;
if (slash) {
- if (string_to_number(slash+1, 0, 255, &number) == -1)
+ if (string_to_number(slash+1, 0, UINT8_MAX, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMPv6 code `%s'\n",
slash+1);
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index e76d7c3..8b58bcd 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -93,7 +93,7 @@ static unsigned int name_to_type(const char *name)
} else {
unsigned int number;
- if (string_to_number(name, 0, 255, &number) == -1)
+ if (string_to_number(name, 0, UINT8_MAX, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid MH type `%s'\n", name);
return number;
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index 7647f2f..e124381 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -44,7 +44,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"TTL: unexpected `!'");
- if (string_to_number(optarg, 0, 255, &value) == -1)
+ if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
exit_error(PARAMETER_PROBLEM,
"TTL: Expected value between 0 and 255");
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index fa5a540..7aff9ca 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -147,12 +147,12 @@ parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[])
if (slash)
*slash = '\0';
- if (string_to_number(buffer, 0, 255, &number) == -1)
+ if (string_to_number(buffer, 0, UINT8_MAX, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMP type `%s'\n", buffer);
*type = number;
if (slash) {
- if (string_to_number(slash+1, 0, 255, &number) == -1)
+ if (string_to_number(slash+1, 0, UINT8_MAX, &number) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid ICMP code `%s'\n",
slash+1);
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 055c92e..a8455e1 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -33,7 +33,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '2':
- if (string_to_number(optarg, 0, 255, &value) == -1)
+ if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
exit_error(PARAMETER_PROBLEM,
"ttl: Expected value between 0 and 255");
@@ -46,7 +46,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
info->ttl = value;
break;
case '3':
- if (string_to_number(optarg, 0, 255, &value) == -1)
+ if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
exit_error(PARAMETER_PROBLEM,
"ttl: Expected value between 0 and 255");
@@ -58,7 +58,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
info->ttl = value;
break;
case '4':
- if (string_to_number(optarg, 0, 255, &value) == -1)
+ if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
exit_error(PARAMETER_PROBLEM,
"ttl: Expected value between 0 and 255");
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index 409fa19..92a6de5 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -48,7 +48,7 @@ parse_dscp(const char *s, struct xt_DSCP_info *dinfo)
{
unsigned int dscp;
- if (string_to_number(s, 0, 255, &dscp) == -1)
+ if (string_to_number(s, 0, UINT8_MAX, &dscp) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid dscp `%s'\n", s);
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index 5880785..1a58760 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -33,7 +33,7 @@ parse_num(const char *s, struct xt_NFQ_info *tinfo)
{
unsigned int num;
- if (string_to_number(s, 0, 65535, &num) == -1)
+ if (string_to_number(s, 0, UINT16_MAX, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid queue number `%s'\n", s);
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 2227eb4..9b62a56 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -55,7 +55,7 @@ static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
exit_error(PARAMETER_PROBLEM,
"TCPMSS target: Only one option may be specified");
- if (string_to_number(optarg, 0, 65535 - hdrsize, &mssval) == -1)
+ if (string_to_number(optarg, 0, UINT16_MAX - hdrsize, &mssval) == -1)
exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg);
mssinfo->mss = mssval;
diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c
index 758f847..7211288 100644
--- a/extensions/libxt_TCPOPTSTRIP.c
+++ b/extensions/libxt_TCPOPTSTRIP.c
@@ -82,7 +82,7 @@ static void parse_list(struct xt_tcpoptstrip_target_info *info, char *arg)
break;
}
- if (option == 0 && string_to_number(arg, 0, 255, &option) == -1)
+ if (option == 0 && string_to_number(arg, 0, UINT8_MAX, &option) == -1)
exit_error(PARAMETER_PROBLEM,
"Bad TCP option value \"%s\"", arg);
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index c185681..a04f741 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -118,7 +118,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '&': /* --and-tos */
param_act(P_ONLY_ONCE, "TOS", "--and-tos", *flags & FLAG_TOS);
param_act(P_NO_INVERT, "TOS", "--and-tos", invert);
- if (!strtonum(optarg, NULL, &bits, 0, 0xFF))
+ if (!strtonum(optarg, NULL, &bits, 0, UINT8_MAX))
param_act(P_BAD_VALUE, "TOS", "--and-tos", optarg);
info->tos_value = 0;
info->tos_mask = ~bits;
@@ -127,7 +127,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '|': /* --or-tos */
param_act(P_ONLY_ONCE, "TOS", "--or-tos", *flags & FLAG_TOS);
param_act(P_NO_INVERT, "TOS", "--or-tos", invert);
- if (!strtonum(optarg, NULL, &bits, 0, 0xFF))
+ if (!strtonum(optarg, NULL, &bits, 0, UINT8_MAX))
param_act(P_BAD_VALUE, "TOS", "--or-tos", optarg);
info->tos_value = bits;
info->tos_mask = bits;
@@ -136,7 +136,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '^': /* --xor-tos */
param_act(P_ONLY_ONCE, "TOS", "--xor-tos", *flags & FLAG_TOS);
param_act(P_NO_INVERT, "TOS", "--xor-tos", invert);
- if (!strtonum(optarg, NULL, &bits, 0, 0xFF))
+ if (!strtonum(optarg, NULL, &bits, 0, UINT8_MAX))
param_act(P_BAD_VALUE, "TOS", "--xor-tos", optarg);
info->tos_value = bits;
info->tos_mask = 0;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index e9a41a1..41ca243 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -40,7 +40,7 @@ static void parse_tproxy_lport(const char *s, struct xt_tproxy_target_info *info
{
unsigned int lport;
- if (string_to_number(s, 0, 65535, &lport) != -1)
+ if (string_to_number(s, 0, UINT16_MAX, &lport) != -1)
info->lport = htons(lport);
else
param_act(P_BAD_VALUE, "TPROXY", "--on-port", s);
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index b1ae62e..0eb95ce 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -121,7 +121,7 @@ static u_int8_t parse_dccp_option(char *optstring)
{
unsigned int ret;
- if (string_to_number(optstring, 1, 255, &ret) == -1)
+ if (string_to_number(optstring, 1, UINT8_MAX, &ret) == -1)
exit_error(PARAMETER_PROBLEM, "Bad DCCP option `%s'",
optstring);
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index 315e219..ae5a624 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -48,7 +48,7 @@ parse_dscp(const char *s, struct xt_dscp_info *dinfo)
{
unsigned int dscp;
- if (string_to_number(s, 0, 255, &dscp) == -1)
+ if (string_to_number(s, 0, UINT8_MAX, &dscp) == -1)
exit_error(PARAMETER_PROBLEM,
"Invalid dscp `%s'\n", s);
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 1c50685..278e098 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -240,7 +240,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, 0xffffffff, &num) == -1)
+ if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-size: `%s'", optarg);
r->cfg.size = num;
@@ -250,7 +250,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, 0xffffffff, &num) == -1)
+ if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-max: `%s'", optarg);
r->cfg.max = num;
@@ -261,7 +261,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, 0xffffffff, &num) == -1)
+ if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-gcinterval: `%s'",
optarg);
@@ -273,7 +273,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, 0xffffffff, &num) == -1)
+ if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-expire: `%s'", optarg);
/* FIXME: not HZ dependent */
@@ -351,7 +351,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '&': /* --hashlimit-htable-size */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
- if (!strtonum(optarg, NULL, &num, 0, 0xffffffff))
+ if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-size", optarg);
info->cfg.size = num;
@@ -361,7 +361,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '*': /* --hashlimit-htable-max */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
- if (!strtonum(optarg, NULL, &num, 0, 0xffffffff))
+ if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-max", optarg);
info->cfg.max = num;
@@ -372,7 +372,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
- if (!strtonum(optarg, NULL, &num, 0, 0xffffffff))
+ if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-gcinterval", optarg);
/* FIXME: not HZ dependent!! */
@@ -383,7 +383,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case ')': /* --hashlimit-htable-expire */
param_act(P_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
- if (!strtonum(optarg, NULL, &num, 0, 0xffffffff))
+ if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-expire", optarg);
/* FIXME: not HZ dependent */
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index e350431..0e196d7 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -26,7 +26,7 @@ parse_length(const char *s)
{
unsigned int len;
- if (string_to_number(s, 0, 0xFFFF, &len) == -1)
+ if (string_to_number(s, 0, UINT16_MAX, &len) == -1)
exit_error(PARAMETER_PROBLEM, "length invalid: `%s'\n", s);
else
return len;
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index d85aacb..e43de7d 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -70,7 +70,7 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags,
case '3':
if (*flags & 0x4)
exit_error(PARAMETER_PROBLEM, "double --every");
- if (string_to_number(optarg, 0, 0xFFFFFFFF,
+ if (string_to_number(optarg, 0, UINT32_MAX,
&info->u.nth.every) == -1)
exit_error(PARAMETER_PROBLEM,
"cannot parse --every `%s'", optarg);
@@ -82,7 +82,7 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags,
case '4':
if (*flags & 0x8)
exit_error(PARAMETER_PROBLEM, "double --packet");
- if (string_to_number(optarg, 0, 0xFFFFFFFF,
+ if (string_to_number(optarg, 0, UINT32_MAX,
&info->u.nth.packet) == -1)
exit_error(PARAMETER_PROBLEM,
"cannot parse --packet `%s'", optarg);
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index a9039f0..82954a4 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -121,7 +121,7 @@ parse_tcp_option(const char *option, u_int8_t *result)
{
unsigned int ret;
- if (string_to_number(option, 1, 255, &ret) == -1)
+ if (string_to_number(option, 1, UINT8_MAX, &ret) == -1)
exit_error(PARAMETER_PROBLEM, "Bad TCP option `%s'", option);
*result = ret;
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index a720c42..e64a1b3 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -26,7 +26,7 @@ parse_tcp_mssvalue(const char *mssvalue)
{
unsigned int mssvaluenum;
- if (string_to_number(mssvalue, 0, 65535, &mssvaluenum) != -1)
+ if (string_to_number(mssvalue, 0, UINT16_MAX, &mssvaluenum) != -1)
return mssvaluenum;
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/tos_values.c b/extensions/tos_values.c
index 0ab784d..2d5b431 100644
--- a/extensions/tos_values.c
+++ b/extensions/tos_values.c
@@ -55,7 +55,7 @@ static bool tos_parse_numeric(const char *str, struct tos_value_mask *tvm,
static bool tos_parse_symbolic(const char *str, struct tos_value_mask *tvm,
unsigned int def_mask)
{
- const unsigned int max = 255;
+ const unsigned int max = UINT8_MAX;
const struct tos_symbol_info *symbol;
char *tmp;
diff --git a/ip6tables.c b/ip6tables.c
index 0a6f75b..6d1277b 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -486,7 +486,7 @@ find_proto(const char *pname, enum xtables_tryload tryload,
{
unsigned int proto;
- if (string_to_number(pname, 0, 255, &proto) != -1) {
+ if (string_to_number(pname, 0, UINT8_MAX, &proto) != -1) {
char *protoname = proto_to_name(proto, nolookup);
if (protoname)
@@ -502,7 +502,7 @@ parse_protocol(const char *s)
{
unsigned int proto;
- if (string_to_number(s, 0, 255, &proto) == -1) {
+ if (string_to_number(s, 0, UINT8_MAX, &proto) == -1) {
struct protoent *pent;
/* first deal with the special case of 'all' to prevent
diff --git a/iptables.c b/iptables.c
index 7b8d239..07ace19 100644
--- a/iptables.c
+++ b/iptables.c
@@ -488,7 +488,7 @@ find_proto(const char *pname, enum xtables_tryload tryload,
{
unsigned int proto;
- if (string_to_number(pname, 0, 255, &proto) != -1) {
+ if (string_to_number(pname, 0, UINT8_MAX, &proto) != -1) {
char *protoname = proto_to_name(proto, nolookup);
if (protoname)
@@ -504,7 +504,7 @@ parse_protocol(const char *s)
{
unsigned int proto;
- if (string_to_number(s, 0, 255, &proto) == -1) {
+ if (string_to_number(s, 0, UINT8_MAX, &proto) == -1) {
struct protoent *pent;
/* first deal with the special case of 'all' to prevent
diff --git a/xtables.c b/xtables.c
index 10a2268..fb5cc62 100644
--- a/xtables.c
+++ b/xtables.c
@@ -263,7 +263,7 @@ u_int16_t parse_port(const char *port, const char *proto)
{
unsigned int portnum;
- if ((string_to_number(port, 0, 65535, &portnum)) != -1 ||
+ if (string_to_number(port, 0, UINT16_MAX, &portnum) != -1 ||
(portnum = service_to_port(port, proto)) != (unsigned)-1)
return portnum;
@@ -817,7 +817,7 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
return NULL;
/* autocomplete, this is a network address */
- if (!strtonum(p, NULL, &onebyte, 0, 255))
+ if (!strtonum(p, NULL, &onebyte, 0, UINT8_MAX))
return NULL;
addrp[i] = onebyte;
@@ -828,7 +828,7 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
}
*q = '\0';
- if (!strtonum(p, NULL, &onebyte, 0, 255))
+ if (!strtonum(p, NULL, &onebyte, 0, UINT8_MAX))
return NULL;
addrp[i] = onebyte;
@@ -836,7 +836,7 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
}
/* we have checked 3 bytes, now we check the last one */
- if (!strtonum(p, NULL, &onebyte, 0, 255))
+ if (!strtonum(p, NULL, &onebyte, 0, UINT8_MAX))
return NULL;
addrp[3] = onebyte;
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 06/16] libxtables: prefix/order - libdir
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (4 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 05/16] extensions: use UINT_MAX constants over open-coded numbers (2/2) Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-10 6:38 ` Amos Jeffries
2009-02-09 17:34 ` [PATCH 07/16] libxtables: prefix/order - strtoui Jan Engelhardt
` (10 subsequent siblings)
16 siblings, 1 reply; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Consolidate the libdir variable initialization code into xtables.c.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
include/xtables.h.in | 1 +
include/xtables/internal.h | 2 --
ip6tables-restore.c | 11 +----------
ip6tables-save.c | 11 +----------
ip6tables-standalone.c | 11 +----------
iptables-restore.c | 11 +----------
iptables-save.c | 11 +----------
iptables-standalone.c | 11 +----------
xtables.c | 23 ++++++++++++++++++++---
9 files changed, 27 insertions(+), 65 deletions(-)
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 02a832d..268c42e 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -159,6 +159,7 @@ extern const char *xtables_modprobe_program;
extern struct xtables_match *xtables_matches;
extern struct xtables_target *xtables_targets;
+extern void xtables_init(void);
extern void *xtables_calloc(size_t, size_t);
extern void *xtables_malloc(size_t);
diff --git a/include/xtables/internal.h b/include/xtables/internal.h
index 60375cd..21c4401 100644
--- a/include/xtables/internal.h
+++ b/include/xtables/internal.h
@@ -26,8 +26,6 @@ struct afinfo {
int so_rev_target;
};
-extern char *lib_dir;
-
/* This is decleared in ip[6]tables.c */
extern struct afinfo afinfo;
diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index 097711f..6be1a36 100644
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -130,16 +130,7 @@ int main(int argc, char *argv[])
program_version = XTABLES_VERSION;
line = 0;
- lib_dir = getenv("XTABLES_LIBDIR");
- if (lib_dir == NULL) {
- lib_dir = getenv("IP6TABLES_LIB_DIR");
- if (lib_dir != NULL)
- fprintf(stderr, "IP6TABLES_LIB_DIR is deprecated, "
- "use XTABLES_LIBDIR.\n");
- }
- if (lib_dir == NULL)
- lib_dir = XTABLES_LIBDIR;
-
+ xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/ip6tables-save.c b/ip6tables-save.c
index 11ef8c4..1b9d00a 100644
--- a/ip6tables-save.c
+++ b/ip6tables-save.c
@@ -139,16 +139,7 @@ int main(int argc, char *argv[])
program_name = "ip6tables-save";
program_version = XTABLES_VERSION;
- lib_dir = getenv("XTABLES_LIBDIR");
- if (lib_dir == NULL) {
- lib_dir = getenv("IP6TABLES_LIB_DIR");
- if (lib_dir != NULL)
- fprintf(stderr, "IP6TABLES_LIB_DIR is deprecated, "
- "use XTABLES_LIBDIR.\n");
- }
- if (lib_dir == NULL)
- lib_dir = XTABLES_LIBDIR;
-
+ xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/ip6tables-standalone.c b/ip6tables-standalone.c
index f4b1f18..9543557 100644
--- a/ip6tables-standalone.c
+++ b/ip6tables-standalone.c
@@ -52,16 +52,7 @@ main(int argc, char *argv[])
program_name = "ip6tables";
program_version = XTABLES_VERSION;
- lib_dir = getenv("XTABLES_LIBDIR");
- if (lib_dir == NULL) {
- lib_dir = getenv("IP6TABLES_LIB_DIR");
- if (lib_dir != NULL)
- fprintf(stderr, "IP6TABLES_LIB_DIR is deprecated, "
- "use XTABLES_LIBDIR.\n");
- }
- if (lib_dir == NULL)
- lib_dir = XTABLES_LIBDIR;
-
+ xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/iptables-restore.c b/iptables-restore.c
index 3fbc908..d982fca 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -132,16 +132,7 @@ main(int argc, char *argv[])
program_version = XTABLES_VERSION;
line = 0;
- lib_dir = getenv("XTABLES_LIBDIR");
- if (lib_dir == NULL) {
- lib_dir = getenv("IPTABLES_LIB_DIR");
- if (lib_dir != NULL)
- fprintf(stderr, "IPTABLES_LIB_DIR is deprecated, "
- "use XTABLES_LIBDIR.\n");
- }
- if (lib_dir == NULL)
- lib_dir = XTABLES_LIBDIR;
-
+ xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/iptables-save.c b/iptables-save.c
index 7118d1f..e615de9 100644
--- a/iptables-save.c
+++ b/iptables-save.c
@@ -139,16 +139,7 @@ main(int argc, char *argv[])
program_name = "iptables-save";
program_version = XTABLES_VERSION;
- lib_dir = getenv("XTABLES_LIBDIR");
- if (lib_dir == NULL) {
- lib_dir = getenv("IPTABLES_LIB_DIR");
- if (lib_dir != NULL)
- fprintf(stderr, "IPTABLES_LIB_DIR is deprecated, "
- "use XTABLES_LIBDIR.\n");
- }
- if (lib_dir == NULL)
- lib_dir = XTABLES_LIBDIR;
-
+ xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/iptables-standalone.c b/iptables-standalone.c
index 3f2432f..c06b286 100644
--- a/iptables-standalone.c
+++ b/iptables-standalone.c
@@ -53,16 +53,7 @@ main(int argc, char *argv[])
program_name = "iptables";
program_version = XTABLES_VERSION;
- lib_dir = getenv("XTABLES_LIBDIR");
- if (lib_dir == NULL) {
- lib_dir = getenv("IPTABLES_LIB_DIR");
- if (lib_dir != NULL)
- fprintf(stderr, "IPTABLES_LIB_DIR is deprecated, "
- "use XTABLES_LIBDIR.\n");
- }
- if (lib_dir == NULL)
- lib_dir = XTABLES_LIBDIR;
-
+ xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/xtables.c b/xtables.c
index fb5cc62..85bd76c 100644
--- a/xtables.c
+++ b/xtables.c
@@ -44,7 +44,8 @@
#define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe"
#endif
-char *lib_dir;
+/* Search path for Xtables .so files */
+static const char *xtables_libdir;
/* the path to command to load kernel module */
const char *xtables_modprobe_program;
@@ -53,6 +54,20 @@ const char *xtables_modprobe_program;
struct xtables_match *xtables_matches;
struct xtables_target *xtables_targets;
+void xtables_init(void)
+{
+ xtables_libdir = getenv("XTABLES_LIBDIR");
+ if (xtables_libdir != NULL)
+ return;
+ xtables_libdir = getenv("IPTABLES_LIB_DIR");
+ if (xtables_libdir != NULL) {
+ fprintf(stderr, "IPTABLES_LIB_DIR is deprecated, "
+ "use XTABLES_LIBDIR.\n");
+ return;
+ }
+ xtables_libdir = XTABLES_LIBDIR;
+}
+
/**
* xtables_*alloc - wrappers that exit on failure
*/
@@ -398,7 +413,8 @@ xtables_find_match(const char *name, enum xtables_tryload tryload,
#ifndef NO_SHARED_LIBS
if (!ptr && tryload != XTF_DONT_LOAD && tryload != XTF_DURING_LOAD) {
- ptr = load_extension(lib_dir, afinfo.libprefix, name, false);
+ ptr = load_extension(xtables_libdir, afinfo.libprefix,
+ name, false);
if (ptr == NULL && tryload == XTF_LOAD_MUST_SUCCEED)
exit_error(PARAMETER_PROBLEM,
@@ -457,7 +473,8 @@ xtables_find_target(const char *name, enum xtables_tryload tryload)
#ifndef NO_SHARED_LIBS
if (!ptr && tryload != XTF_DONT_LOAD && tryload != XTF_DURING_LOAD) {
- ptr = load_extension(lib_dir, afinfo.libprefix, name, true);
+ ptr = load_extension(xtables_libdir, afinfo.libprefix,
+ name, true);
if (ptr == NULL && tryload == XTF_LOAD_MUST_SUCCEED)
exit_error(PARAMETER_PROBLEM,
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 07/16] libxtables: prefix/order - strtoui
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (5 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 06/16] libxtables: prefix/order - libdir Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 08/16] libxtables: prefix/order - program_name Jan Engelhardt
` (9 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
This commit also throws out the redundant string_to_number_*.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_HL.c | 2 +-
extensions/libip6t_LOG.c | 2 +-
extensions/libip6t_icmp6.c | 4 +-
extensions/libip6t_mh.c | 2 +-
extensions/libipt_CLUSTERIP.c | 6 +-
extensions/libipt_ECN.c | 6 +-
extensions/libipt_LOG.c | 2 +-
extensions/libipt_NETMAP.c | 2 +-
extensions/libipt_TTL.c | 2 +-
extensions/libipt_ecn.c | 2 +-
extensions/libipt_icmp.c | 4 +-
extensions/libipt_ttl.c | 6 +-
extensions/libxt_CONNMARK.c | 16 ++++----
extensions/libxt_DSCP.c | 2 +-
extensions/libxt_MARK.c | 20 +++++----
extensions/libxt_NFQUEUE.c | 2 +-
extensions/libxt_TCPMSS.c | 3 +-
extensions/libxt_TCPOPTSTRIP.c | 3 +-
extensions/libxt_TOS.c | 6 +-
extensions/libxt_TPROXY.c | 6 +-
extensions/libxt_connmark.c | 4 +-
extensions/libxt_conntrack.c | 14 +++---
extensions/libxt_dccp.c | 2 +-
extensions/libxt_dscp.c | 2 +-
extensions/libxt_hashlimit.c | 24 ++++++------
extensions/libxt_length.c | 2 +-
extensions/libxt_limit.c | 2 +-
extensions/libxt_mark.c | 4 +-
extensions/libxt_owner.c | 25 +++++++-----
extensions/libxt_rateest.c | 7 ++-
extensions/libxt_statistic.c | 9 ++--
extensions/libxt_tcp.c | 2 +-
extensions/libxt_tcpmss.c | 2 +-
extensions/tos_values.c | 6 +-
include/xtables.h.in | 16 +-------
ip6tables.c | 6 +-
iptables.c | 6 +-
xtables.c | 83 ++++++++++++----------------------------
38 files changed, 141 insertions(+), 173 deletions(-)
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 8f55572..4aed4fd 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -44,7 +44,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"HL: unexpected `!'");
- if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"HL: Expected value between 0 and 255");
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 1b21d5d..a8ac135 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -70,7 +70,7 @@ parse_level(const char *level)
unsigned int lev = -1;
unsigned int set = 0;
- if (string_to_number(level, 0, 7, &lev) == -1) {
+ if (!xtables_strtoui(level, NULL, &lev, 0, 7)) {
unsigned int i = 0;
for (i = 0;
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index 17567df..401c278 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -123,12 +123,12 @@ parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[])
if (slash)
*slash = '\0';
- if (string_to_number(buffer, 0, UINT8_MAX, &number) == -1)
+ if (!xtables_strtoui(buffer, NULL, &number, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid ICMPv6 type `%s'\n", buffer);
*type = number;
if (slash) {
- if (string_to_number(slash+1, 0, UINT8_MAX, &number) == -1)
+ if (!xtables_strtoui(slash+1, NULL, &number, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid ICMPv6 code `%s'\n",
slash+1);
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index 8b58bcd..f8c4e24 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -93,7 +93,7 @@ static unsigned int name_to_type(const char *name)
} else {
unsigned int number;
- if (string_to_number(name, 0, UINT8_MAX, &number) == -1)
+ if (!xtables_strtoui(name, NULL, &number, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid MH type `%s'\n", name);
return number;
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c
index e93290a..38909ea 100644
--- a/extensions/libipt_CLUSTERIP.c
+++ b/extensions/libipt_CLUSTERIP.c
@@ -120,7 +120,7 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM, "Can only specify node number combined with `--new'\n");
if (*flags & PARAM_TOTALNODE)
exit_error(PARAMETER_PROBLEM, "Can only specify total node number once\n");
- if (string_to_number(optarg, 1, CLUSTERIP_MAX_NODES, &num) < 0)
+ if (!xtables_strtoui(optarg, NULL, &num, 1, CLUSTERIP_MAX_NODES))
exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg);
cipinfo->num_total_nodes = num;
*flags |= PARAM_TOTALNODE;
@@ -130,7 +130,7 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM, "Can only specify node number combined with `--new'\n");
if (*flags & PARAM_LOCALNODE)
exit_error(PARAMETER_PROBLEM, "Can only specify local node number once\n");
- if (string_to_number(optarg, 1, CLUSTERIP_MAX_NODES, &num) < 0)
+ if (!xtables_strtoui(optarg, NULL, &num, 1, CLUSTERIP_MAX_NODES))
exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg);
cipinfo->num_local_nodes = 1;
cipinfo->local_nodes[0] = num;
@@ -141,7 +141,7 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM, "Can only specify hash init value combined with `--new'\n");
if (*flags & PARAM_HASHINIT)
exit_error(PARAMETER_PROBLEM, "Can specify hash init value only once\n");
- if (string_to_number(optarg, 0, UINT_MAX, &num) < 0)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT_MAX))
exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg);
cipinfo->hash_initval = num;
*flags |= PARAM_HASHINIT;
diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c
index e9312f0..c4e8e34 100644
--- a/extensions/libipt_ECN.c
+++ b/extensions/libipt_ECN.c
@@ -61,7 +61,7 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ECN_OP_SET_CWR)
exit_error(PARAMETER_PROBLEM,
"ECN target: Only use --ecn-tcp-cwr ONCE!");
- if (string_to_number(optarg, 0, 1, &result))
+ if (!xtables_strtoui(optarg, NULL, &result, 0, 1))
exit_error(PARAMETER_PROBLEM,
"ECN target: Value out of range");
einfo->operation |= IPT_ECN_OP_SET_CWR;
@@ -72,7 +72,7 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ECN_OP_SET_ECE)
exit_error(PARAMETER_PROBLEM,
"ECN target: Only use --ecn-tcp-ece ONCE!");
- if (string_to_number(optarg, 0, 1, &result))
+ if (!xtables_strtoui(optarg, NULL, &result, 0, 1))
exit_error(PARAMETER_PROBLEM,
"ECN target: Value out of range");
einfo->operation |= IPT_ECN_OP_SET_ECE;
@@ -83,7 +83,7 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ECN_OP_SET_IP)
exit_error(PARAMETER_PROBLEM,
"ECN target: Only use --ecn-ip-ect ONCE!");
- if (string_to_number(optarg, 0, 3, &result))
+ if (!xtables_strtoui(optarg, NULL, &result, 0, 3))
exit_error(PARAMETER_PROBLEM,
"ECN target: Value out of range");
einfo->operation |= IPT_ECN_OP_SET_IP;
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 2aee910..aefb54a 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -70,7 +70,7 @@ parse_level(const char *level)
unsigned int lev = -1;
unsigned int set = 0;
- if (string_to_number(level, 0, 7, &lev) == -1) {
+ if (!xtables_strtoui(level, NULL, &lev, 0, 7)) {
unsigned int i = 0;
for (i = 0;
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index f6c688d..d8f34cc 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -89,7 +89,7 @@ parse_to(char *arg, struct ip_nat_range *range)
netmask = ip->s_addr;
}
else {
- if (string_to_number(slash+1, 0, 32, &bits) == -1)
+ if (!xtables_strtoui(slash+1, NULL, &bits, 0, 32))
exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n",
slash+1);
netmask = bits2netmask(bits);
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index e124381..6036161 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -44,7 +44,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"TTL: unexpected `!'");
- if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"TTL: Expected value between 0 and 255");
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c
index 72353d5..c2276e9 100644
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -71,7 +71,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
einfo->invert |= IPT_ECN_OP_MATCH_IP;
*flags |= IPT_ECN_OP_MATCH_IP;
einfo->operation |= IPT_ECN_OP_MATCH_IP;
- if (string_to_number(optarg, 0, 3, &result))
+ if (!xtables_strtoui(optarg, NULL, &result, 0, 3))
exit_error(PARAMETER_PROBLEM,
"ECN match: Value out of range");
einfo->ip_ect = result;
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index 7aff9ca..de4c338 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -147,12 +147,12 @@ parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[])
if (slash)
*slash = '\0';
- if (string_to_number(buffer, 0, UINT8_MAX, &number) == -1)
+ if (!xtables_strtoui(buffer, NULL, &number, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid ICMP type `%s'\n", buffer);
*type = number;
if (slash) {
- if (string_to_number(slash+1, 0, UINT8_MAX, &number) == -1)
+ if (!xtables_strtoui(slash+1, NULL, &number, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid ICMP code `%s'\n",
slash+1);
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index a8455e1..1fa7bd3 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -33,7 +33,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '2':
- if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"ttl: Expected value between 0 and 255");
@@ -46,7 +46,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
info->ttl = value;
break;
case '3':
- if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"ttl: Expected value between 0 and 255");
@@ -58,7 +58,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
info->ttl = value;
break;
case '4':
- if (string_to_number(optarg, 0, UINT8_MAX, &value) == -1)
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"ttl: Expected value between 0 and 255");
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index d5d963d..f979f28 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -159,10 +159,10 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '=': /* --set-xmark */
case '-': /* --set-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, &end, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, &end, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
+ if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
@@ -176,7 +176,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '&': /* --and-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, NULL, &mask, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--and-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = 0;
@@ -186,7 +186,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '|': /* --or-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--or-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
@@ -196,7 +196,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
case '^': /* --xor-mark */
param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--xor-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
@@ -221,7 +221,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
"or --restore-mark is required for "
"--nfmask");
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--nfmask", optarg);
info->nfmask = value;
return true;
@@ -231,7 +231,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
"or --restore-mark is required for "
"--ctmask");
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--ctmask", optarg);
info->ctmask = value;
return true;
@@ -241,7 +241,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark "
"or --restore-mark is required for "
"--mask");
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "CONNMARK", "--mask", optarg);
info->nfmask = info->ctmask = value;
return true;
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index 92a6de5..aac8f9b 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -48,7 +48,7 @@ parse_dscp(const char *s, struct xt_DSCP_info *dinfo)
{
unsigned int dscp;
- if (string_to_number(s, 0, UINT8_MAX, &dscp) == -1)
+ if (!xtables_strtoui(s, NULL, &dscp, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid dscp `%s'\n", s);
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index b02322b..fd28196 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -58,12 +58,13 @@ MARK_parse_v0(int c, char **argv, int invert, unsigned int *flags,
{
struct xt_mark_target_info *markinfo
= (struct xt_mark_target_info *)(*target)->data;
+ unsigned int mark = 0;
switch (c) {
case '1':
- if (string_to_number_l(optarg, 0, 0,
- &markinfo->mark))
+ if (!xtables_strtoui(optarg, NULL, &mark, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
+ markinfo->mark = mark;
if (*flags)
exit_error(PARAMETER_PROBLEM,
"MARK target: Can't specify --set-mark twice");
@@ -96,6 +97,7 @@ MARK_parse_v1(int c, char **argv, int invert, unsigned int *flags,
{
struct xt_mark_target_info_v1 *markinfo
= (struct xt_mark_target_info_v1 *)(*target)->data;
+ unsigned int mark = 0;
switch (c) {
case '1':
@@ -111,9 +113,9 @@ MARK_parse_v1(int c, char **argv, int invert, unsigned int *flags,
return 0;
}
- if (string_to_number_l(optarg, 0, 0, &markinfo->mark))
+ if (!xtables_strtoui(optarg, NULL, &mark, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
-
+ markinfo->mark = mark;
if (*flags)
exit_error(PARAMETER_PROBLEM,
"MARK target: Can't specify --set-mark twice");
@@ -134,10 +136,10 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '=': /* --set-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--set-xmark/--set-mark", invert);
- if (!strtonum(optarg, &end, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, &end, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
+ if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
@@ -151,7 +153,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '&': /* --and-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--and-mark", invert);
- if (!strtonum(optarg, NULL, &mask, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--and-mark", optarg);
info->mark = 0;
info->mask = ~mask;
@@ -160,7 +162,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '|': /* --or-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--or-mark", invert);
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--or-mark", optarg);
info->mark = value;
info->mask = value;
@@ -169,7 +171,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '^': /* --xor-mark */
param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
param_act(P_NO_INVERT, "MARK", "--xor-mark", invert);
- if (!strtonum(optarg, NULL, &value, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "MARK", "--xor-mark", optarg);
info->mark = value;
info->mask = 0;
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index 1a58760..1c0c23d 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -33,7 +33,7 @@ parse_num(const char *s, struct xt_NFQ_info *tinfo)
{
unsigned int num;
- if (string_to_number(s, 0, UINT16_MAX, &num) == -1)
+ if (!xtables_strtoui(s, NULL, &num, 0, UINT16_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid queue number `%s'\n", s);
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 9b62a56..33fc71c 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -55,7 +55,8 @@ static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
exit_error(PARAMETER_PROBLEM,
"TCPMSS target: Only one option may be specified");
- if (string_to_number(optarg, 0, UINT16_MAX - hdrsize, &mssval) == -1)
+ if (!xtables_strtoui(optarg, NULL, &mssval,
+ 0, UINT16_MAX - hdrsize))
exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg);
mssinfo->mss = mssval;
diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c
index 7211288..c053a8b 100644
--- a/extensions/libxt_TCPOPTSTRIP.c
+++ b/extensions/libxt_TCPOPTSTRIP.c
@@ -82,7 +82,8 @@ static void parse_list(struct xt_tcpoptstrip_target_info *info, char *arg)
break;
}
- if (option == 0 && string_to_number(arg, 0, UINT8_MAX, &option) == -1)
+ if (option == 0 &&
+ !xtables_strtoui(arg, NULL, &option, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Bad TCP option value \"%s\"", arg);
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index a04f741..96eb420 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -118,7 +118,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '&': /* --and-tos */
param_act(P_ONLY_ONCE, "TOS", "--and-tos", *flags & FLAG_TOS);
param_act(P_NO_INVERT, "TOS", "--and-tos", invert);
- if (!strtonum(optarg, NULL, &bits, 0, UINT8_MAX))
+ if (!xtables_strtoui(optarg, NULL, &bits, 0, UINT8_MAX))
param_act(P_BAD_VALUE, "TOS", "--and-tos", optarg);
info->tos_value = 0;
info->tos_mask = ~bits;
@@ -127,7 +127,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '|': /* --or-tos */
param_act(P_ONLY_ONCE, "TOS", "--or-tos", *flags & FLAG_TOS);
param_act(P_NO_INVERT, "TOS", "--or-tos", invert);
- if (!strtonum(optarg, NULL, &bits, 0, UINT8_MAX))
+ if (!xtables_strtoui(optarg, NULL, &bits, 0, UINT8_MAX))
param_act(P_BAD_VALUE, "TOS", "--or-tos", optarg);
info->tos_value = bits;
info->tos_mask = bits;
@@ -136,7 +136,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
case '^': /* --xor-tos */
param_act(P_ONLY_ONCE, "TOS", "--xor-tos", *flags & FLAG_TOS);
param_act(P_NO_INVERT, "TOS", "--xor-tos", invert);
- if (!strtonum(optarg, NULL, &bits, 0, UINT8_MAX))
+ if (!xtables_strtoui(optarg, NULL, &bits, 0, UINT8_MAX))
param_act(P_BAD_VALUE, "TOS", "--xor-tos", optarg);
info->tos_value = bits;
info->tos_mask = 0;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index 41ca243..6c5c6b7 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -40,7 +40,7 @@ static void parse_tproxy_lport(const char *s, struct xt_tproxy_target_info *info
{
unsigned int lport;
- if (string_to_number(s, 0, UINT16_MAX, &lport) != -1)
+ if (xtables_strtoui(s, NULL, &lport, 0, UINT16_MAX))
info->lport = htons(lport);
else
param_act(P_BAD_VALUE, "TPROXY", "--on-port", s);
@@ -61,10 +61,10 @@ static void parse_tproxy_mark(char *s, struct xt_tproxy_target_info *info)
unsigned int value, mask = UINT32_MAX;
char *end;
- if (!strtonum(s, &end, &value, 0, UINT_MAX))
+ if (!xtables_strtoui(s, &end, &value, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, UINT_MAX))
+ if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
if (*end != '\0')
param_act(P_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index fbd3e62..afa63e3 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -55,10 +55,10 @@ connmark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1': /* --mark */
param_act(P_ONLY_ONCE, "connmark", "--mark", *flags & F_MARK);
- if (!strtonum(optarg, &end, &mark, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, &end, &mark, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
+ if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 532f5ee..2b98ab0 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -228,7 +228,7 @@ parse_expire(const char *s)
{
unsigned int len;
- if (string_to_number(s, 0, 0, &len) == -1)
+ if (!xtables_strtoui(s, NULL, &len, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM, "expire value invalid: `%s'\n", s);
else
return len;
@@ -268,11 +268,11 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo1 *info, const char *s)
unsigned int min, max;
char *end;
- if (!strtonum(s, &end, &min, 0, ~0))
+ if (!xtables_strtoui(s, &end, &min, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "conntrack", "--expires", s);
max = min;
if (*end == ':')
- if (!strtonum(s, &end, &max, 0, UINT32_MAX))
+ if (!xtables_strtoui(s, &end, &max, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "conntrack", "--expires", s);
if (*end != '\0')
param_act(P_BAD_VALUE, "conntrack", "--expires", s);
@@ -481,7 +481,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'a': /* --ctorigsrcport */
- if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
+ if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctorigsrcport", optarg);
info->match_flags |= XT_CONNTRACK_ORIGSRC_PORT;
@@ -491,7 +491,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'b': /* --ctorigdstport */
- if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
+ if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctorigdstport", optarg);
info->match_flags |= XT_CONNTRACK_ORIGDST_PORT;
@@ -501,7 +501,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'c': /* --ctreplsrcport */
- if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
+ if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctreplsrcport", optarg);
info->match_flags |= XT_CONNTRACK_REPLSRC_PORT;
@@ -511,7 +511,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'd': /* --ctrepldstport */
- if (!strtonum(optarg, NULL, &port, 0, UINT16_MAX))
+ if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
param_act(P_BAD_VALUE, "conntrack",
"--ctrepldstport", optarg);
info->match_flags |= XT_CONNTRACK_REPLDST_PORT;
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index 0eb95ce..b7b55e2 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -121,7 +121,7 @@ static u_int8_t parse_dccp_option(char *optstring)
{
unsigned int ret;
- if (string_to_number(optstring, 1, UINT8_MAX, &ret) == -1)
+ if (!xtables_strtoui(optstring, NULL, &ret, 1, UINT8_MAX))
exit_error(PARAMETER_PROBLEM, "Bad DCCP option `%s'",
optstring);
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index ae5a624..fce14c2 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -48,7 +48,7 @@ parse_dscp(const char *s, struct xt_dscp_info *dinfo)
{
unsigned int dscp;
- if (string_to_number(s, 0, UINT8_MAX, &dscp) == -1)
+ if (!xtables_strtoui(s, NULL, &dscp, 0, UINT8_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid dscp `%s'\n", s);
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 278e098..06d026a 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -230,7 +230,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
*flags & PARAM_BURST);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, 10000, &num) == -1)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-burst `%s'", optarg);
r->cfg.burst = num;
@@ -240,7 +240,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-size: `%s'", optarg);
r->cfg.size = num;
@@ -250,7 +250,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-max: `%s'", optarg);
r->cfg.max = num;
@@ -261,7 +261,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-gcinterval: `%s'",
optarg);
@@ -273,7 +273,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, UINT32_MAX, &num) == -1)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-expire: `%s'", optarg);
/* FIXME: not HZ dependent */
@@ -341,7 +341,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '$': /* --hashlimit-burst */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
*flags & PARAM_BURST);
- if (!strtonum(optarg, NULL, &num, 0, 10000))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-burst", optarg);
info->cfg.burst = num;
@@ -351,7 +351,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '&': /* --hashlimit-htable-size */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
- if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-size", optarg);
info->cfg.size = num;
@@ -361,7 +361,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '*': /* --hashlimit-htable-max */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
- if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-max", optarg);
info->cfg.max = num;
@@ -372,7 +372,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
param_act(P_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
- if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-gcinterval", optarg);
/* FIXME: not HZ dependent!! */
@@ -383,7 +383,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case ')': /* --hashlimit-htable-expire */
param_act(P_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
- if (!strtonum(optarg, NULL, &num, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-htable-expire", optarg);
/* FIXME: not HZ dependent */
@@ -413,7 +413,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '<': /* --hashlimit-srcmask */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-srcmask",
*flags & PARAM_SRCMASK);
- if (!strtonum(optarg, NULL, &num, 0, maxmask))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, maxmask))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-srcmask", optarg);
info->cfg.srcmask = num;
@@ -423,7 +423,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '>': /* --hashlimit-dstmask */
param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-dstmask",
*flags & PARAM_DSTMASK);
- if (!strtonum(optarg, NULL, &num, 0, maxmask))
+ if (!xtables_strtoui(optarg, NULL, &num, 0, maxmask))
param_act(P_BAD_VALUE, "hashlimit",
"--hashlimit-dstmask", optarg);
info->cfg.dstmask = num;
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 0e196d7..d039904 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -26,7 +26,7 @@ parse_length(const char *s)
{
unsigned int len;
- if (string_to_number(s, 0, UINT16_MAX, &len) == -1)
+ if (!xtables_strtoui(s, NULL, &len, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM, "length invalid: `%s'\n", s);
else
return len;
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index 3ed7b96..1df9114 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -102,7 +102,7 @@ limit_parse(int c, char **argv, int invert, unsigned int *flags,
case '$':
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (string_to_number(optarg, 0, 10000, &num) == -1)
+ if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
exit_error(PARAMETER_PROBLEM,
"bad --limit-burst `%s'", optarg);
r->burst = num;
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 5a95d51..31957e7 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -35,10 +35,10 @@ static int mark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1': /* --mark */
param_act(P_ONLY_ONCE, "mark", "--mark", *flags & F_MARK);
- if (!strtonum(optarg, &end, &mark, 0, UINT32_MAX))
+ if (!xtables_strtoui(optarg, &end, &mark, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "mark", "--mark", optarg);
if (*end == '/')
- if (!strtonum(end + 1, &end, &mask, 0, UINT32_MAX))
+ if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
param_act(P_BAD_VALUE, "mark", "--mark", optarg);
if (*end != '\0')
param_act(P_BAD_VALUE, "mark", "--mark", optarg);
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index c8677a8..54d841c 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -19,6 +19,11 @@
#include <linux/netfilter_ipv4/ipt_owner.h>
#include <linux/netfilter_ipv6/ip6t_owner.h>
+/*
+ * Note: "UINT32_MAX - 1" is used in the code because -1 is a reserved
+ * UID/GID value anyway.
+ */
+
enum {
FLAG_UID_OWNER = 1 << 0,
FLAG_GID_OWNER = 1 << 1,
@@ -110,7 +115,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "owner", "--uid-owner", *flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
id = pwd->pw_uid;
- else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
+ else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--uid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_UID;
@@ -123,7 +128,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
param_act(P_ONLY_ONCE, "owner", "--gid-owner", *flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
id = grp->gr_gid;
- else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
+ else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--gid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_GID;
@@ -134,7 +139,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
case 'p':
param_act(P_ONLY_ONCE, "owner", "--pid-owner", *flags & FLAG_PID_OWNER);
- if (!strtonum(optarg, NULL, &id, 0, INT_MAX))
+ if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
param_act(P_BAD_VALUE, "owner", "--pid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_PID;
@@ -145,7 +150,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
case 's':
param_act(P_ONLY_ONCE, "owner", "--sid-owner", *flags & FLAG_SID_OWNER);
- if (!strtonum(optarg, NULL, &id, 0, INT_MAX))
+ if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
param_act(P_BAD_VALUE, "owner", "--sid-value", optarg);
if (invert)
info->invert |= IPT_OWNER_SID;
@@ -190,7 +195,7 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
*flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
id = pwd->pw_uid;
- else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
+ else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--uid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_UID;
@@ -204,7 +209,7 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
*flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
id = grp->gr_gid;
- else if (!strtonum(optarg, NULL, &id, 0, UINT32_MAX - 1))
+ else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", "--gid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_GID;
@@ -216,7 +221,7 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
case 'p':
param_act(P_ONLY_ONCE, "owner", "--pid-owner",
*flags & FLAG_PID_OWNER);
- if (!strtonum(optarg, NULL, &id, 0, INT_MAX))
+ if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
param_act(P_BAD_VALUE, "owner", "--pid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_PID;
@@ -228,7 +233,7 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
case 's':
param_act(P_ONLY_ONCE, "owner", "--sid-owner",
*flags & FLAG_SID_OWNER);
- if (!strtonum(optarg, NULL, &id, 0, INT_MAX))
+ if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
param_act(P_BAD_VALUE, "owner", "--sid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_SID;
@@ -246,11 +251,11 @@ static void owner_parse_range(const char *s, unsigned int *from,
char *end;
/* -1 is reversed, so the max is one less than that. */
- if (!strtonum(s, &end, from, 0, UINT32_MAX - 1))
+ if (!xtables_strtoui(s, &end, from, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", opt, s);
*to = *from;
if (*end == '-' || *end == ':')
- if (!strtonum(end + 1, &end, to, 0, UINT32_MAX - 1))
+ if (!xtables_strtoui(end + 1, &end, to, 0, UINT32_MAX - 1))
param_act(P_BAD_VALUE, "owner", opt, s);
if (*end != '\0')
param_act(P_BAD_VALUE, "owner", opt, s);
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index 333239d..285b7ba 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -112,6 +112,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_rateest_match_info *info = (void *)(*match)->data;
+ unsigned int val;
rateest_info = info;
@@ -186,10 +187,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
break;
- if (string_to_number(argv[optind], 0, 0, &info->pps1) < 0)
+ if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"rateest: could not parse pps `%s'",
argv[optind]);
+ info->pps1 = val;
optind++;
break;
@@ -234,10 +236,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
break;
- if (string_to_number(argv[optind], 0, 0, &info->pps2) < 0)
+ if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"rateest: could not parse pps `%s'",
argv[optind]);
+ info->pps2 = val;
optind++;
break;
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index e43de7d..574f8f7 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -40,6 +40,7 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_statistic_info *info = (void *)(*match)->data;
+ unsigned int val;
double prob;
if (invert)
@@ -70,10 +71,10 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags,
case '3':
if (*flags & 0x4)
exit_error(PARAMETER_PROBLEM, "double --every");
- if (string_to_number(optarg, 0, UINT32_MAX,
- &info->u.nth.every) == -1)
+ if (!xtables_strtoui(optarg, NULL, &val, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"cannot parse --every `%s'", optarg);
+ info->u.nth.every = val;
if (info->u.nth.every == 0)
exit_error(PARAMETER_PROBLEM, "--every cannot be 0");
info->u.nth.every--;
@@ -82,10 +83,10 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags,
case '4':
if (*flags & 0x8)
exit_error(PARAMETER_PROBLEM, "double --packet");
- if (string_to_number(optarg, 0, UINT32_MAX,
- &info->u.nth.packet) == -1)
+ if (!xtables_strtoui(optarg, NULL, &val, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"cannot parse --packet `%s'", optarg);
+ info->u.nth.packet = val;
*flags |= 0x8;
break;
default:
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index 82954a4..56bdba5 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -121,7 +121,7 @@ parse_tcp_option(const char *option, u_int8_t *result)
{
unsigned int ret;
- if (string_to_number(option, 1, UINT8_MAX, &ret) == -1)
+ if (!xtables_strtoui(option, NULL, &ret, 1, UINT8_MAX))
exit_error(PARAMETER_PROBLEM, "Bad TCP option `%s'", option);
*result = ret;
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index e64a1b3..d30aa24 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -26,7 +26,7 @@ parse_tcp_mssvalue(const char *mssvalue)
{
unsigned int mssvaluenum;
- if (string_to_number(mssvalue, 0, UINT16_MAX, &mssvaluenum) != -1)
+ if (!xtables_strtoui(mssvalue, NULL, &mssvaluenum, 0, UINT16_MAX))
return mssvaluenum;
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/tos_values.c b/extensions/tos_values.c
index 2d5b431..81f6de1 100644
--- a/extensions/tos_values.c
+++ b/extensions/tos_values.c
@@ -34,14 +34,14 @@ static bool tos_parse_numeric(const char *str, struct tos_value_mask *tvm,
unsigned int value;
char *end;
- strtonum(str, &end, &value, 0, max);
+ xtables_strtoui(str, &end, &value, 0, max);
tvm->value = value;
tvm->mask = max;
if (*end == '/') {
const char *p = end + 1;
- if (!strtonum(p, &end, &value, 0, max))
+ if (!xtables_strtoui(p, &end, &value, 0, max))
exit_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"",
str);
tvm->mask = value;
@@ -59,7 +59,7 @@ static bool tos_parse_symbolic(const char *str, struct tos_value_mask *tvm,
const struct tos_symbol_info *symbol;
char *tmp;
- if (strtonum(str, &tmp, NULL, 0, max))
+ if (xtables_strtoui(str, &tmp, NULL, 0, max))
return tos_parse_numeric(str, tvm, max);
/* Do not consider ECN bits */
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 268c42e..f372d33 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -175,21 +175,9 @@ extern struct xtables_target *xtables_find_target(const char *name,
extern void xtables_register_match(struct xtables_match *me);
extern void xtables_register_target(struct xtables_target *me);
-extern int string_to_number_ll(const char *s,
- unsigned long long min,
- unsigned long long max,
- unsigned long long *ret);
-extern int string_to_number_l(const char *s,
- unsigned long min,
- unsigned long max,
- unsigned long *ret);
-extern int string_to_number(const char *s,
- unsigned int min,
- unsigned int max,
- unsigned int *ret);
-extern bool strtonuml(const char *, char **, unsigned long *,
+extern bool xtables_strtoul(const char *, char **, unsigned long *,
unsigned long, unsigned long);
-extern bool strtonum(const char *, char **, unsigned int *,
+extern bool xtables_strtoui(const char *, char **, unsigned int *,
unsigned int, unsigned int);
extern int service_to_port(const char *name, const char *proto);
extern u_int16_t parse_port(const char *port, const char *proto);
diff --git a/ip6tables.c b/ip6tables.c
index 6d1277b..0464185 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -486,7 +486,7 @@ find_proto(const char *pname, enum xtables_tryload tryload,
{
unsigned int proto;
- if (string_to_number(pname, 0, UINT8_MAX, &proto) != -1) {
+ if (xtables_strtoui(pname, NULL, &proto, 0, UINT8_MAX)) {
char *protoname = proto_to_name(proto, nolookup);
if (protoname)
@@ -502,7 +502,7 @@ parse_protocol(const char *s)
{
unsigned int proto;
- if (string_to_number(s, 0, UINT8_MAX, &proto) == -1) {
+ if (!xtables_strtoui(s, NULL, &proto, 0, UINT8_MAX)) {
struct protoent *pent;
/* first deal with the special case of 'all' to prevent
@@ -549,7 +549,7 @@ parse_rulenumber(const char *rule)
{
unsigned int rulenum;
- if (string_to_number(rule, 1, INT_MAX, &rulenum) == -1)
+ if (!xtables_strtoui(rule, NULL, &rulenum, 1, INT_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid rule number `%s'", rule);
diff --git a/iptables.c b/iptables.c
index 07ace19..15b5b6f 100644
--- a/iptables.c
+++ b/iptables.c
@@ -488,7 +488,7 @@ find_proto(const char *pname, enum xtables_tryload tryload,
{
unsigned int proto;
- if (string_to_number(pname, 0, UINT8_MAX, &proto) != -1) {
+ if (xtables_strtoui(pname, NULL, &proto, 0, UINT8_MAX)) {
char *protoname = proto_to_name(proto, nolookup);
if (protoname)
@@ -504,7 +504,7 @@ parse_protocol(const char *s)
{
unsigned int proto;
- if (string_to_number(s, 0, UINT8_MAX, &proto) == -1) {
+ if (!xtables_strtoui(s, NULL, &proto, 0, UINT8_MAX)) {
struct protoent *pent;
/* first deal with the special case of 'all' to prevent
@@ -542,7 +542,7 @@ parse_rulenumber(const char *rule)
{
unsigned int rulenum;
- if (string_to_number(rule, 1, INT_MAX, &rulenum) == -1)
+ if (!xtables_strtoui(rule, NULL, &rulenum, 1, INT_MAX))
exit_error(PARAMETER_PROBLEM,
"Invalid rule number `%s'", rule);
diff --git a/xtables.c b/xtables.c
index 85bd76c..9e57679 100644
--- a/xtables.c
+++ b/xtables.c
@@ -178,57 +178,24 @@ int xtables_load_ko(const char *modprobe, bool quiet)
return ret;
}
-int string_to_number_ll(const char *s, unsigned long long min,
- unsigned long long max, unsigned long long *ret)
-{
- unsigned long long number;
- char *end;
-
- /* Handle hex, octal, etc. */
- errno = 0;
- number = strtoull(s, &end, 0);
- if (*end == '\0' && end != s) {
- /* we parsed a number, let's see if we want this */
- if (errno != ERANGE && min <= number && (!max || number <= max)) {
- *ret = number;
- return 0;
- }
- }
- return -1;
-}
-
-int string_to_number_l(const char *s, unsigned long min, unsigned long max,
- unsigned long *ret)
-{
- int result;
- unsigned long long number;
-
- result = string_to_number_ll(s, min, max, &number);
- *ret = (unsigned long)number;
-
- return result;
-}
-
-int string_to_number(const char *s, unsigned int min, unsigned int max,
- unsigned int *ret)
-{
- int result;
- unsigned long number;
-
- result = string_to_number_l(s, min, max, &number);
- *ret = (unsigned int)number;
-
- return result;
-}
-
-/*
- * strtonum{,l} - string to number conversion
+/**
+ * xtables_strtou{i,l} - string to number conversion
+ * @s: input string
+ * @end: like strtoul's "end" pointer
+ * @value: pointer for result
+ * @min: minimum accepted value
+ * @max: maximum accepted value
+ *
+ * If @end is NULL, we assume the caller wants a "strict strtoul", and hence
+ * "15a" is rejected.
+ * In either case, the value obtained is compared for min-max compliance.
+ * Base is always 0, i.e. autodetect depending on @s.
*
- * If @end is NULL, we assume the caller does not want
- * a case like "15a", so reject it.
+ * Returns true/false whether number was accepted. On failure, *value has
+ * undefined contents.
*/
-bool strtonuml(const char *s, char **end, unsigned long *value,
- unsigned long min, unsigned long max)
+bool xtables_strtoul(const char *s, char **end, unsigned long *value,
+ unsigned long min, unsigned long max)
{
unsigned long v;
char *my_end;
@@ -252,13 +219,13 @@ bool strtonuml(const char *s, char **end, unsigned long *value,
return false;
}
-bool strtonum(const char *s, char **end, unsigned int *value,
- unsigned int min, unsigned int max)
+bool xtables_strtoui(const char *s, char **end, unsigned int *value,
+ unsigned int min, unsigned int max)
{
unsigned long v;
bool ret;
- ret = strtonuml(s, end, &v, min, max);
+ ret = xtables_strtoul(s, end, &v, min, max);
if (value != NULL)
*value = v;
return ret;
@@ -278,7 +245,7 @@ u_int16_t parse_port(const char *port, const char *proto)
{
unsigned int portnum;
- if (string_to_number(port, 0, UINT16_MAX, &portnum) != -1 ||
+ if (xtables_strtoui(port, NULL, &portnum, 0, UINT16_MAX) ||
(portnum = service_to_port(port, proto)) != (unsigned)-1)
return portnum;
@@ -834,7 +801,7 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
return NULL;
/* autocomplete, this is a network address */
- if (!strtonum(p, NULL, &onebyte, 0, UINT8_MAX))
+ if (!xtables_strtoui(p, NULL, &onebyte, 0, UINT8_MAX))
return NULL;
addrp[i] = onebyte;
@@ -845,7 +812,7 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
}
*q = '\0';
- if (!strtonum(p, NULL, &onebyte, 0, UINT8_MAX))
+ if (!xtables_strtoui(p, NULL, &onebyte, 0, UINT8_MAX))
return NULL;
addrp[i] = onebyte;
@@ -853,7 +820,7 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
}
/* we have checked 3 bytes, now we check the last one */
- if (!strtonum(p, NULL, &onebyte, 0, UINT8_MAX))
+ if (!xtables_strtoui(p, NULL, &onebyte, 0, UINT8_MAX))
return NULL;
addrp[3] = onebyte;
@@ -941,7 +908,7 @@ static struct in_addr *parse_ipmask(const char *mask)
if ((addrp = numeric_to_ipmask(mask)) != NULL)
/* dotted_to_addr already returns a network byte order addr */
return addrp;
- if (string_to_number(mask, 0, 32, &bits) == -1)
+ if (!xtables_strtoui(mask, NULL, &bits, 0, 32))
exit_error(PARAMETER_PROBLEM,
"invalid mask `%s' specified", mask);
if (bits != 0) {
@@ -1162,7 +1129,7 @@ static struct in6_addr *parse_ip6mask(char *mask)
}
if ((addrp = numeric_to_ip6addr(mask)) != NULL)
return addrp;
- if (string_to_number(mask, 0, 128, &bits) == -1)
+ if (!xtables_strtoui(mask, NULL, &bits, 0, 128))
exit_error(PARAMETER_PROBLEM,
"invalid mask `%s' specified", mask);
if (bits != 0) {
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 08/16] libxtables: prefix/order - program_name
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (6 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 07/16] libxtables: prefix/order - strtoui Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 09/16] libxtables: prefix/order - param_act Jan Engelhardt
` (8 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Split XTABLES_VERSION into xtables and iptables, and encode the
xtables soversion into the extensions instead. This makes it possible
to upgrade iptables without having to recompile 3rd-party extensions
(if the libxtables version matches, of course).
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
.gitignore | 1 +
Makefile.am | 2 +-
configure.ac | 26 ++++++++++----------------
include/xtables.h.in | 13 ++++++++-----
include/xtables/internal.h | 34 ----------------------------------
include/xtables/internal.h.in | 41 +++++++++++++++++++++++++++++++++++++++++
ip6tables-restore.c | 5 +++--
ip6tables-save.c | 5 +++--
ip6tables-standalone.c | 3 ++-
iptables-restore.c | 5 +++--
iptables-save.c | 5 +++--
iptables-standalone.c | 3 ++-
iptables-xml.c | 4 ++--
xtables.c | 37 +++++++++++++++++++++++--------------
14 files changed, 102 insertions(+), 82 deletions(-)
delete mode 100644 include/xtables/internal.h
create mode 100644 include/xtables/internal.h.in
diff --git a/.gitignore b/.gitignore
index 741f972..116de2c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -18,6 +18,7 @@ Makefile.in
/extensions/targets?.man
/include/xtables.h
+/include/xtables/internal.h
/aclocal.m4
/autom4te*.cache
diff --git a/Makefile.am b/Makefile.am
index 83ab3bb..0ffb978 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -14,7 +14,7 @@ libiptc_libiptc_a_SOURCES = libiptc/libip4tc.c libiptc/libip6tc.c
lib_LTLIBRARIES = libxtables.la
libxtables_la_SOURCES = xtables.c
-libxtables_la_LDFLAGS = -version-info 1:0:0
+libxtables_la_LDFLAGS = -version-info ${libxtables_vcurrent}:0:${libxtables_vage}
# iptables, dynamic
iptables_SOURCES = iptables-standalone.c iptables.c
diff --git a/configure.ac b/configure.ac
index 8c9c30d..bb32130 100644
--- a/configure.ac
+++ b/configure.ac
@@ -1,11 +1,10 @@
-define([_XTABLES_VERSION_MAJOR], 1)
-define([_XTABLES_VERSION_MINOR], 4)
-define([_XTABLES_VERSION_PATCH], 3)
-define([_XTABLES_VERSION_EXTRA], -rc1)
-define([_XTABLES_VERSION],_XTABLES_VERSION_MAJOR._XTABLES_VERSION_MINOR._XTABLES_VERSION_PATCH[]_XTABLES_VERSION_EXTRA)
+AC_INIT([iptables], [1.4.3-rc1])
+
+# See libtool.info "Libtool's versioning system"
+libxtables_vcurrent=1
+libxtables_vage=0
-AC_INIT([iptables], _XTABLES_VERSION)
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_MACRO_DIR([m4])
AC_PROG_INSTALL
@@ -74,16 +73,11 @@ AC_SUBST([kbuilddir])
AC_SUBST([ksourcedir])
AC_SUBST([xtlibdir])
AC_SUBST([pkgconfigdir])
-
-XTABLES_VERSION_MAJOR=_XTABLES_VERSION_MAJOR
-XTABLES_VERSION_MINOR=_XTABLES_VERSION_MINOR
-XTABLES_VERSION_PATCH=_XTABLES_VERSION_PATCH
-XTABLES_VERSION_EXTRA=_XTABLES_VERSION_EXTRA
-AC_SUBST([XTABLES_VERSION_MAJOR])
-AC_SUBST([XTABLES_VERSION_MINOR])
-AC_SUBST([XTABLES_VERSION_PATCH])
-AC_SUBST([XTABLES_VERSION_EXTRA])
+AC_SUBST([libxtables_vcurrent])
+AC_SUBST([libxtables_vage])
+libxtables_vmajor=$(($libxtables_vcurrent - $libxtables_vage));
+AC_SUBST([libxtables_vmajor])
AC_CONFIG_FILES([Makefile extensions/GNUmakefile libipq/Makefile
- include/xtables.h xtables.pc])
+ include/xtables.h include/xtables/internal.h xtables.pc])
AC_OUTPUT
diff --git a/include/xtables.h.in b/include/xtables.h.in
index f372d33..e1f9c92 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -1,6 +1,11 @@
#ifndef _XTABLES_H
#define _XTABLES_H
+/*
+ * Changing any structs/functions may incur a needed change
+ * in libxtables_vcurrent/vage too.
+ */
+
#include <sys/socket.h> /* PF_* */
#include <sys/types.h>
#include <stdbool.h>
@@ -20,10 +25,8 @@
#define IPPROTO_UDPLITE 136
#endif
-#define XTABLES_VERSION "@PACKAGE_VERSION@"
-#define XTABLES_VERSION_CODE (0x10000 * @XTABLES_VERSION_MAJOR@ + 0x100 * @XTABLES_VERSION_MINOR@ + @XTABLES_VERSION_PATCH@)
-
-#define XTABLES_API_VERSION(x,y,z) (0x10000*(x) + 0x100*(y) + z)
+#define XTABLES_VERSION "libxtables.so.@libxtables_vmajor@"
+#define XTABLES_VERSION_CODE @libxtables_vmajor@
struct in_addr;
@@ -155,6 +158,7 @@ enum xtables_tryload {
XTF_LOAD_MUST_SUCCEED,
};
+extern const char *xtables_program_name;
extern const char *xtables_modprobe_program;
extern struct xtables_match *xtables_matches;
extern struct xtables_target *xtables_targets;
@@ -202,7 +206,6 @@ int check_inverse(const char option[], int *invert, int *my_optind, int argc);
void exit_error(enum exittype, const char *, ...)__attribute__((noreturn,
format(printf,2,3)));
extern void param_act(unsigned int, const char *, ...);
-extern const char *program_name, *program_version;
extern const char *ipaddr_to_numeric(const struct in_addr *);
extern const char *ipaddr_to_anyname(const struct in_addr *);
diff --git a/include/xtables/internal.h b/include/xtables/internal.h
deleted file mode 100644
index 21c4401..0000000
--- a/include/xtables/internal.h
+++ /dev/null
@@ -1,34 +0,0 @@
-#ifndef _XTABLES_INTERNAL_H
-#define _XTABLES_INTERNAL_H 1
-
-#ifndef XT_LIB_DIR
-# define XT_LIB_DIR "/usr/local/lib/iptables"
-#endif
-
-/* protocol family dependent informations */
-struct afinfo {
- /* protocol family */
- int family;
-
- /* prefix of library name (ex "libipt_" */
- char *libprefix;
-
- /* used by setsockopt (ex IPPROTO_IP */
- int ipproto;
-
- /* kernel module (ex "ip_tables" */
- char *kmod;
-
- /* optname to check revision support of match */
- int so_rev_match;
-
- /* optname to check revision support of match */
- int so_rev_target;
-};
-
-/* This is decleared in ip[6]tables.c */
-extern struct afinfo afinfo;
-
-extern void _init(void);
-
-#endif /* _XTABLES_INTERNAL_H */
diff --git a/include/xtables/internal.h.in b/include/xtables/internal.h.in
new file mode 100644
index 0000000..2143829
--- /dev/null
+++ b/include/xtables/internal.h.in
@@ -0,0 +1,41 @@
+#ifndef _XTABLES_INTERNAL_H
+#define _XTABLES_INTERNAL_H 1
+
+#define IPTABLES_VERSION "@PACKAGE_VERSION@"
+
+#ifndef XT_LIB_DIR
+# define XT_LIB_DIR "/usr/local/lib/iptables"
+#endif
+
+/* protocol family dependent informations */
+struct afinfo {
+ /* protocol family */
+ int family;
+
+ /* prefix of library name (ex "libipt_" */
+ char *libprefix;
+
+ /* used by setsockopt (ex IPPROTO_IP */
+ int ipproto;
+
+ /* kernel module (ex "ip_tables" */
+ char *kmod;
+
+ /* optname to check revision support of match */
+ int so_rev_match;
+
+ /* optname to check revision support of match */
+ int so_rev_target;
+};
+
+/* This is decleared in ip[6]tables.c */
+extern struct afinfo afinfo;
+
+/**
+ * Program's own name and version.
+ */
+extern const char *program_name, *program_version;
+
+extern void _init(void);
+
+#endif /* _XTABLES_INTERNAL_H */
diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index 6be1a36..beb640b 100644
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -127,9 +127,10 @@ int main(int argc, char *argv[])
int in_table = 0, testing = 0;
program_name = "ip6tables-restore";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
line = 0;
+ xtables_program_name = program_name;
xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
@@ -151,7 +152,7 @@ int main(int argc, char *argv[])
break;
case 'h':
print_usage("ip6tables-restore",
- XTABLES_VERSION);
+ IPTABLES_VERSION);
break;
case 'n':
noflush = 1;
diff --git a/ip6tables-save.c b/ip6tables-save.c
index 1b9d00a..86ec6b2 100644
--- a/ip6tables-save.c
+++ b/ip6tables-save.c
@@ -76,7 +76,7 @@ static int do_output(const char *tablename)
time_t now = time(NULL);
printf("# Generated by ip6tables-save v%s on %s",
- XTABLES_VERSION, ctime(&now));
+ IPTABLES_VERSION, ctime(&now));
printf("*%s\n", tablename);
/* Dump out chain names first,
@@ -137,8 +137,9 @@ int main(int argc, char *argv[])
int c;
program_name = "ip6tables-save";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
+ xtables_program_name = program_name;
xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
diff --git a/ip6tables-standalone.c b/ip6tables-standalone.c
index 9543557..3ab114e 100644
--- a/ip6tables-standalone.c
+++ b/ip6tables-standalone.c
@@ -50,8 +50,9 @@ main(int argc, char *argv[])
struct ip6tc_handle *handle = NULL;
program_name = "ip6tables";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
+ xtables_program_name = program_name;
xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
diff --git a/iptables-restore.c b/iptables-restore.c
index d982fca..56812ee 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -129,9 +129,10 @@ main(int argc, char *argv[])
const char *tablename = NULL;
program_name = "iptables-restore";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
line = 0;
+ xtables_program_name = program_name;
xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
@@ -153,7 +154,7 @@ main(int argc, char *argv[])
break;
case 'h':
print_usage("iptables-restore",
- XTABLES_VERSION);
+ IPTABLES_VERSION);
break;
case 'n':
noflush = 1;
diff --git a/iptables-save.c b/iptables-save.c
index e615de9..d08ec4b 100644
--- a/iptables-save.c
+++ b/iptables-save.c
@@ -74,7 +74,7 @@ static int do_output(const char *tablename)
time_t now = time(NULL);
printf("# Generated by iptables-save v%s on %s",
- XTABLES_VERSION, ctime(&now));
+ IPTABLES_VERSION, ctime(&now));
printf("*%s\n", tablename);
/* Dump out chain names first,
@@ -137,8 +137,9 @@ main(int argc, char *argv[])
int c;
program_name = "iptables-save";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
+ xtables_program_name = program_name;
xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
diff --git a/iptables-standalone.c b/iptables-standalone.c
index c06b286..9190873 100644
--- a/iptables-standalone.c
+++ b/iptables-standalone.c
@@ -51,8 +51,9 @@ main(int argc, char *argv[])
struct iptc_handle *handle = NULL;
program_name = "iptables";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
+ xtables_program_name = program_name;
xtables_init();
#ifdef NO_SHARED_LIBS
init_extensions();
diff --git a/iptables-xml.c b/iptables-xml.c
index 6481b8e..a3f6987 100644
--- a/iptables-xml.c
+++ b/iptables-xml.c
@@ -643,7 +643,7 @@ main(int argc, char *argv[])
FILE *in;
program_name = "iptables-xml";
- program_version = XTABLES_VERSION;
+ program_version = IPTABLES_VERSION;
line = 0;
while ((c = getopt_long(argc, argv, "cvh", options, NULL)) != -1) {
@@ -656,7 +656,7 @@ main(int argc, char *argv[])
verbose = 1;
break;
case 'h':
- print_usage("iptables-xml", XTABLES_VERSION);
+ print_usage("iptables-xml", IPTABLES_VERSION);
break;
}
}
diff --git a/xtables.c b/xtables.c
index 9e57679..642c04b 100644
--- a/xtables.c
+++ b/xtables.c
@@ -44,6 +44,11 @@
#define PROC_SYS_MODPROBE "/proc/sys/kernel/modprobe"
#endif
+/**
+ * Program will set this to its own name.
+ */
+const char *xtables_program_name;
+
/* Search path for Xtables .so files */
static const char *xtables_libdir;
@@ -529,23 +534,25 @@ void xtables_register_match(struct xtables_match *me)
{
struct xtables_match **i, *old;
- if (strcmp(me->version, program_version) != 0) {
- fprintf(stderr, "%s: match `%s' v%s (I'm v%s).\n",
- program_name, me->name, me->version, program_version);
+ if (strcmp(me->version, XTABLES_VERSION) != 0) {
+ fprintf(stderr, "%s: match \"%s\" has version \"%s\", "
+ "but \"%s\" is required.\n",
+ xtables_program_name, me->name,
+ me->version, XTABLES_VERSION);
exit(1);
}
/* Revision field stole a char from name. */
if (strlen(me->name) >= XT_FUNCTION_MAXNAMELEN-1) {
fprintf(stderr, "%s: target `%s' has invalid name\n",
- program_name, me->name);
+ xtables_program_name, me->name);
exit(1);
}
if (me->family >= NPROTO) {
fprintf(stderr,
"%s: BUG: match %s has invalid protocol family\n",
- program_name, me->name);
+ xtables_program_name, me->name);
exit(1);
}
@@ -559,7 +566,7 @@ void xtables_register_match(struct xtables_match *me)
old->family == me->family) {
fprintf(stderr,
"%s: match `%s' already registered.\n",
- program_name, me->name);
+ xtables_program_name, me->name);
exit(1);
}
@@ -583,7 +590,7 @@ void xtables_register_match(struct xtables_match *me)
if (me->size != XT_ALIGN(me->size)) {
fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
- program_name, me->name, (unsigned int)me->size);
+ xtables_program_name, me->name, (unsigned int)me->size);
exit(1);
}
@@ -600,23 +607,25 @@ void xtables_register_target(struct xtables_target *me)
{
struct xtables_target *old;
- if (strcmp(me->version, program_version) != 0) {
- fprintf(stderr, "%s: target `%s' v%s (I'm v%s).\n",
- program_name, me->name, me->version, program_version);
+ if (strcmp(me->version, XTABLES_VERSION) != 0) {
+ fprintf(stderr, "%s: target \"%s\" has version \"%s\", "
+ "but \"%s\" is required.\n",
+ xtables_program_name, me->name,
+ me->version, XTABLES_VERSION);
exit(1);
}
/* Revision field stole a char from name. */
if (strlen(me->name) >= XT_FUNCTION_MAXNAMELEN-1) {
fprintf(stderr, "%s: target `%s' has invalid name\n",
- program_name, me->name);
+ xtables_program_name, me->name);
exit(1);
}
if (me->family >= NPROTO) {
fprintf(stderr,
"%s: BUG: target %s has invalid protocol family\n",
- program_name, me->name);
+ xtables_program_name, me->name);
exit(1);
}
@@ -632,7 +641,7 @@ void xtables_register_target(struct xtables_target *me)
old->family == me->family) {
fprintf(stderr,
"%s: target `%s' already registered.\n",
- program_name, me->name);
+ xtables_program_name, me->name);
exit(1);
}
@@ -656,7 +665,7 @@ void xtables_register_target(struct xtables_target *me)
if (me->size != XT_ALIGN(me->size)) {
fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
- program_name, me->name, (unsigned int)me->size);
+ xtables_program_name, me->name, (unsigned int)me->size);
exit(1);
}
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 09/16] libxtables: prefix/order - param_act
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (7 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 08/16] libxtables: prefix/order - program_name Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 10/16] libxtables: prefix/order - ipaddr/ipmask to ascii output Jan Engelhardt
` (7 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Changes:
exittype -> xtables_exittype
P_* -> XTF_* flags
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libxt_CONNMARK.c | 30 +++++++++++-----------
extensions/libxt_MARK.c | 28 ++++++++++----------
extensions/libxt_TOS.c | 30 +++++++++++-----------
extensions/libxt_TPROXY.c | 22 ++++++++--------
extensions/libxt_connmark.c | 8 +++---
extensions/libxt_conntrack.c | 18 ++++++------
extensions/libxt_hashlimit.c | 58 +++++++++++++++++++++---------------------
extensions/libxt_iprange.c | 24 ++++++++--------
extensions/libxt_mark.c | 8 +++---
extensions/libxt_owner.c | 46 ++++++++++++++++----------------
extensions/libxt_tos.c | 8 +++---
include/xtables.h.in | 28 ++++++++++----------
ip6tables.c | 2 +-
iptables-xml.c | 2 +-
iptables.c | 2 +-
xtables.c | 34 +++++++++++++++++++++---
16 files changed, 186 insertions(+), 162 deletions(-)
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index f979f28..e426e4f 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -158,14 +158,14 @@ static int connmark_tg_parse(int c, char **argv, int invert,
switch (c) {
case '=': /* --set-xmark */
case '-': /* --set-mark */
- param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
+ xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
if (!xtables_strtoui(optarg, &end, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
if (*end == '/')
if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
if (*end != '\0')
- param_act(P_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--set-xmark/--set-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
info->ctmask = mask;
@@ -175,9 +175,9 @@ static int connmark_tg_parse(int c, char **argv, int invert,
return true;
case '&': /* --and-mark */
- param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
+ xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
if (!xtables_strtoui(optarg, NULL, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--and-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--and-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = 0;
info->ctmask = ~mask;
@@ -185,9 +185,9 @@ static int connmark_tg_parse(int c, char **argv, int invert,
return true;
case '|': /* --or-mark */
- param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
+ xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--or-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--or-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
info->ctmask = value;
@@ -195,9 +195,9 @@ static int connmark_tg_parse(int c, char **argv, int invert,
return true;
case '^': /* --xor-mark */
- param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
+ xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--xor-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--xor-mark", optarg);
info->mode = XT_CONNMARK_SET;
info->ctmark = value;
info->ctmask = 0;
@@ -205,13 +205,13 @@ static int connmark_tg_parse(int c, char **argv, int invert,
return true;
case 'S': /* --save-mark */
- param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
+ xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
info->mode = XT_CONNMARK_SAVE;
*flags |= F_MARK | F_SR_MARK;
return true;
case 'R': /* --restore-mark */
- param_act(P_ONE_ACTION, "CONNMARK", *flags & F_MARK);
+ xtables_param_act(XTF_ONE_ACTION, "CONNMARK", *flags & F_MARK);
info->mode = XT_CONNMARK_RESTORE;
*flags |= F_MARK | F_SR_MARK;
return true;
@@ -222,7 +222,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
"or --restore-mark is required for "
"--nfmask");
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--nfmask", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--nfmask", optarg);
info->nfmask = value;
return true;
@@ -232,7 +232,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
"or --restore-mark is required for "
"--ctmask");
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--ctmask", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--ctmask", optarg);
info->ctmask = value;
return true;
@@ -242,7 +242,7 @@ static int connmark_tg_parse(int c, char **argv, int invert,
"or --restore-mark is required for "
"--mask");
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "CONNMARK", "--mask", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "CONNMARK", "--mask", optarg);
info->nfmask = info->ctmask = value;
return true;
}
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index fd28196..8f04e8e 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -134,15 +134,15 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 'X': /* --set-xmark */
case '=': /* --set-mark */
- param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
- param_act(P_NO_INVERT, "MARK", "--set-xmark/--set-mark", invert);
+ xtables_param_act(XTF_ONE_ACTION, "MARK", *flags & F_MARK);
+ xtables_param_act(XTF_NO_INVERT, "MARK", "--set-xmark/--set-mark", invert);
if (!xtables_strtoui(optarg, &end, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
if (*end == '/')
if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
if (*end != '\0')
- param_act(P_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "MARK", "--set-xmark/--set-mark", optarg);
info->mark = value;
info->mask = mask;
@@ -151,28 +151,28 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '&': /* --and-mark */
- param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
- param_act(P_NO_INVERT, "MARK", "--and-mark", invert);
+ xtables_param_act(XTF_ONE_ACTION, "MARK", *flags & F_MARK);
+ xtables_param_act(XTF_NO_INVERT, "MARK", "--and-mark", invert);
if (!xtables_strtoui(optarg, NULL, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "MARK", "--and-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "MARK", "--and-mark", optarg);
info->mark = 0;
info->mask = ~mask;
break;
case '|': /* --or-mark */
- param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
- param_act(P_NO_INVERT, "MARK", "--or-mark", invert);
+ xtables_param_act(XTF_ONE_ACTION, "MARK", *flags & F_MARK);
+ xtables_param_act(XTF_NO_INVERT, "MARK", "--or-mark", invert);
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "MARK", "--or-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "MARK", "--or-mark", optarg);
info->mark = value;
info->mask = value;
break;
case '^': /* --xor-mark */
- param_act(P_ONE_ACTION, "MARK", *flags & F_MARK);
- param_act(P_NO_INVERT, "MARK", "--xor-mark", invert);
+ xtables_param_act(XTF_ONE_ACTION, "MARK", *flags & F_MARK);
+ xtables_param_act(XTF_NO_INVERT, "MARK", "--xor-mark", invert);
if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "MARK", "--xor-mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "MARK", "--xor-mark", optarg);
info->mark = value;
info->mask = 0;
break;
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index 96eb420..7b1f7f8 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -82,10 +82,10 @@ static int tos_tg_parse_v0(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '=':
- param_act(P_ONLY_ONCE, "TOS", "--set-tos", *flags & FLAG_TOS);
- param_act(P_NO_INVERT, "TOS", "--set-tos", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TOS", "--set-tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_NO_INVERT, "TOS", "--set-tos", invert);
if (!tos_parse_symbolic(optarg, &tvm, 0xFF))
- param_act(P_BAD_VALUE, "TOS", "--set-tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "TOS", "--set-tos", optarg);
if (tvm.mask != 0xFF)
exit_error(PARAMETER_PROBLEM, "tos match: Your kernel "
"is too old to support anything besides "
@@ -107,37 +107,37 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '=': /* --set-tos */
- param_act(P_ONLY_ONCE, "TOS", "--set-tos", *flags & FLAG_TOS);
- param_act(P_NO_INVERT, "TOS", "--set-tos", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TOS", "--set-tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_NO_INVERT, "TOS", "--set-tos", invert);
if (!tos_parse_symbolic(optarg, &tvm, 0x3F))
- param_act(P_BAD_VALUE, "TOS", "--set-tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "TOS", "--set-tos", optarg);
info->tos_value = tvm.value;
info->tos_mask = tvm.mask;
break;
case '&': /* --and-tos */
- param_act(P_ONLY_ONCE, "TOS", "--and-tos", *flags & FLAG_TOS);
- param_act(P_NO_INVERT, "TOS", "--and-tos", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TOS", "--and-tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_NO_INVERT, "TOS", "--and-tos", invert);
if (!xtables_strtoui(optarg, NULL, &bits, 0, UINT8_MAX))
- param_act(P_BAD_VALUE, "TOS", "--and-tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "TOS", "--and-tos", optarg);
info->tos_value = 0;
info->tos_mask = ~bits;
break;
case '|': /* --or-tos */
- param_act(P_ONLY_ONCE, "TOS", "--or-tos", *flags & FLAG_TOS);
- param_act(P_NO_INVERT, "TOS", "--or-tos", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TOS", "--or-tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_NO_INVERT, "TOS", "--or-tos", invert);
if (!xtables_strtoui(optarg, NULL, &bits, 0, UINT8_MAX))
- param_act(P_BAD_VALUE, "TOS", "--or-tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "TOS", "--or-tos", optarg);
info->tos_value = bits;
info->tos_mask = bits;
break;
case '^': /* --xor-tos */
- param_act(P_ONLY_ONCE, "TOS", "--xor-tos", *flags & FLAG_TOS);
- param_act(P_NO_INVERT, "TOS", "--xor-tos", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TOS", "--xor-tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_NO_INVERT, "TOS", "--xor-tos", invert);
if (!xtables_strtoui(optarg, NULL, &bits, 0, UINT8_MAX))
- param_act(P_BAD_VALUE, "TOS", "--xor-tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "TOS", "--xor-tos", optarg);
info->tos_value = bits;
info->tos_mask = 0;
break;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index 6c5c6b7..d0933ae 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -43,7 +43,7 @@ static void parse_tproxy_lport(const char *s, struct xt_tproxy_target_info *info
if (xtables_strtoui(s, NULL, &lport, 0, UINT16_MAX))
info->lport = htons(lport);
else
- param_act(P_BAD_VALUE, "TPROXY", "--on-port", s);
+ xtables_param_act(XTF_BAD_VALUE, "TPROXY", "--on-port", s);
}
static void parse_tproxy_laddr(const char *s, struct xt_tproxy_target_info *info)
@@ -51,7 +51,7 @@ static void parse_tproxy_laddr(const char *s, struct xt_tproxy_target_info *info
struct in_addr *laddr;
if ((laddr = numeric_to_ipaddr(s)) == NULL)
- param_act(P_BAD_VALUE, "TPROXY", "--on-ip", s);
+ xtables_param_act(XTF_BAD_VALUE, "TPROXY", "--on-ip", s);
info->laddr = laddr->s_addr;
}
@@ -62,12 +62,12 @@ static void parse_tproxy_mark(char *s, struct xt_tproxy_target_info *info)
char *end;
if (!xtables_strtoui(s, &end, &value, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
+ xtables_param_act(XTF_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
if (*end == '/')
if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
+ xtables_param_act(XTF_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
if (*end != '\0')
- param_act(P_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
+ xtables_param_act(XTF_BAD_VALUE, "TPROXY", "--tproxy-mark", s);
info->mark_mask = mask;
info->mark_value = value;
@@ -80,20 +80,20 @@ static int tproxy_tg_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- param_act(P_ONLY_ONCE, "TPROXY", "--on-port", *flags & PARAM_ONPORT);
- param_act(P_NO_INVERT, "TPROXY", "--on-port", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TPROXY", "--on-port", *flags & PARAM_ONPORT);
+ xtables_param_act(XTF_NO_INVERT, "TPROXY", "--on-port", invert);
parse_tproxy_lport(optarg, tproxyinfo);
*flags |= PARAM_ONPORT;
return 1;
case '2':
- param_act(P_ONLY_ONCE, "TPROXY", "--on-ip", *flags & PARAM_ONIP);
- param_act(P_NO_INVERT, "TPROXY", "--on-ip", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TPROXY", "--on-ip", *flags & PARAM_ONIP);
+ xtables_param_act(XTF_NO_INVERT, "TPROXY", "--on-ip", invert);
parse_tproxy_laddr(optarg, tproxyinfo);
*flags |= PARAM_ONIP;
return 1;
case '3':
- param_act(P_ONLY_ONCE, "TPROXY", "--tproxy-mark", *flags & PARAM_MARK);
- param_act(P_NO_INVERT, "TPROXY", "--tproxy-mark", invert);
+ xtables_param_act(XTF_ONLY_ONCE, "TPROXY", "--tproxy-mark", *flags & PARAM_MARK);
+ xtables_param_act(XTF_NO_INVERT, "TPROXY", "--tproxy-mark", invert);
parse_tproxy_mark(optarg, tproxyinfo);
*flags |= PARAM_MARK;
return 1;
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index afa63e3..0f47a8f 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -54,14 +54,14 @@ connmark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1': /* --mark */
- param_act(P_ONLY_ONCE, "connmark", "--mark", *flags & F_MARK);
+ xtables_param_act(XTF_ONLY_ONCE, "connmark", "--mark", *flags & F_MARK);
if (!xtables_strtoui(optarg, &end, &mark, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "connmark", "--mark", optarg);
if (*end == '/')
if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "connmark", "--mark", optarg);
if (*end != '\0')
- param_act(P_BAD_VALUE, "connmark", "--mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "connmark", "--mark", optarg);
if (invert)
info->invert = true;
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 2b98ab0..facd0fc 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -269,13 +269,13 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo1 *info, const char *s)
char *end;
if (!xtables_strtoui(s, &end, &min, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "conntrack", "--expires", s);
+ xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
max = min;
if (*end == ':')
if (!xtables_strtoui(s, &end, &max, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "conntrack", "--expires", s);
+ xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
if (*end != '\0')
- param_act(P_BAD_VALUE, "conntrack", "--expires", s);
+ xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s);
if (min > max)
exit_error(PARAMETER_PROBLEM,
@@ -482,7 +482,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
case 'a': /* --ctorigsrcport */
if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
- param_act(P_BAD_VALUE, "conntrack",
+ xtables_param_act(XTF_BAD_VALUE, "conntrack",
"--ctorigsrcport", optarg);
info->match_flags |= XT_CONNTRACK_ORIGSRC_PORT;
info->origsrc_port = htons(port);
@@ -492,7 +492,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
case 'b': /* --ctorigdstport */
if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
- param_act(P_BAD_VALUE, "conntrack",
+ xtables_param_act(XTF_BAD_VALUE, "conntrack",
"--ctorigdstport", optarg);
info->match_flags |= XT_CONNTRACK_ORIGDST_PORT;
info->origdst_port = htons(port);
@@ -502,7 +502,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
case 'c': /* --ctreplsrcport */
if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
- param_act(P_BAD_VALUE, "conntrack",
+ xtables_param_act(XTF_BAD_VALUE, "conntrack",
"--ctreplsrcport", optarg);
info->match_flags |= XT_CONNTRACK_REPLSRC_PORT;
info->replsrc_port = htons(port);
@@ -512,7 +512,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
case 'd': /* --ctrepldstport */
if (!xtables_strtoui(optarg, NULL, &port, 0, UINT16_MAX))
- param_act(P_BAD_VALUE, "conntrack",
+ xtables_param_act(XTF_BAD_VALUE, "conntrack",
"--ctrepldstport", optarg);
info->match_flags |= XT_CONNTRACK_REPLDST_PORT;
info->repldst_port = htons(port);
@@ -521,7 +521,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 'e': /* --ctdir */
- param_act(P_NO_INVERT, "conntrack", "--ctdir", invert);
+ xtables_param_act(XTF_NO_INVERT, "conntrack", "--ctdir", invert);
if (strcasecmp(optarg, "ORIGINAL") == 0) {
info->match_flags |= XT_CONNTRACK_DIRECTION;
info->invert_flags &= ~XT_CONNTRACK_DIRECTION;
@@ -529,7 +529,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
info->match_flags |= XT_CONNTRACK_DIRECTION;
info->invert_flags |= XT_CONNTRACK_DIRECTION;
} else {
- param_act(P_BAD_VALUE, "conntrack", "--ctdir", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "conntrack", "--ctdir", optarg);
}
break;
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 06d026a..f63db64 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -217,7 +217,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
switch(c) {
case '%':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit",
*flags & PARAM_LIMIT);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!parse_rate(optarg, &r->cfg.avg))
@@ -227,7 +227,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '$':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
*flags & PARAM_BURST);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
@@ -237,7 +237,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= PARAM_BURST;
break;
case '&':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
@@ -247,7 +247,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= PARAM_SIZE;
break;
case '*':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
@@ -257,7 +257,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= PARAM_MAX;
break;
case '(':
- param_act(P_ONLY_ONCE, "hashlimit",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
@@ -270,7 +270,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= PARAM_GCINTERVAL;
break;
case ')':
- param_act(P_ONLY_ONCE, "hashlimit",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
@@ -281,7 +281,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= PARAM_EXPIRE;
break;
case '_':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
*flags & PARAM_MODE);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (parse_mode(&r->cfg.mode, optarg) < 0)
@@ -290,7 +290,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= PARAM_MODE;
break;
case '"':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-name",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-name",
*flags & PARAM_NAME);
if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (strlen(optarg) == 0)
@@ -317,63 +317,63 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
switch(c) {
case '%': /* --hashlimit / --hashlimit-below */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-upto",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-upto",
*flags & PARAM_LIMIT);
if (invert)
info->cfg.mode |= XT_HASHLIMIT_INVERT;
if (!parse_rate(optarg, &info->cfg.avg))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-upto", optarg);
*flags |= PARAM_LIMIT;
return true;
case '^': /* --hashlimit-above == !--hashlimit-below */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-above",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-above",
*flags & PARAM_LIMIT);
if (!invert)
info->cfg.mode |= XT_HASHLIMIT_INVERT;
if (!parse_rate(optarg, &info->cfg.avg))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-above", optarg);
*flags |= PARAM_LIMIT;
return true;
case '$': /* --hashlimit-burst */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
*flags & PARAM_BURST);
if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-burst", optarg);
info->cfg.burst = num;
*flags |= PARAM_BURST;
return true;
case '&': /* --hashlimit-htable-size */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-htable-size", optarg);
info->cfg.size = num;
*flags |= PARAM_SIZE;
return true;
case '*': /* --hashlimit-htable-max */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-htable-max", optarg);
info->cfg.max = num;
*flags |= PARAM_MAX;
return true;
case '(': /* --hashlimit-htable-gcinterval */
- param_act(P_ONLY_ONCE, "hashlimit",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-htable-gcinterval", optarg);
/* FIXME: not HZ dependent!! */
info->cfg.gc_interval = num;
@@ -381,10 +381,10 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
return true;
case ')': /* --hashlimit-htable-expire */
- param_act(P_ONLY_ONCE, "hashlimit",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-htable-expire", optarg);
/* FIXME: not HZ dependent */
info->cfg.expire = num;
@@ -392,16 +392,16 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
return true;
case '_':
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
*flags & PARAM_MODE);
if (parse_mode(&info->cfg.mode, optarg) < 0)
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-mode", optarg);
*flags |= PARAM_MODE;
return true;
case '"': /* --hashlimit-name */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-name",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-name",
*flags & PARAM_NAME);
if (strlen(optarg) == 0)
exit_error(PARAMETER_PROBLEM, "Zero-length name?");
@@ -411,20 +411,20 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
return true;
case '<': /* --hashlimit-srcmask */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-srcmask",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-srcmask",
*flags & PARAM_SRCMASK);
if (!xtables_strtoui(optarg, NULL, &num, 0, maxmask))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-srcmask", optarg);
info->cfg.srcmask = num;
*flags |= PARAM_SRCMASK;
return true;
case '>': /* --hashlimit-dstmask */
- param_act(P_ONLY_ONCE, "hashlimit", "--hashlimit-dstmask",
+ xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-dstmask",
*flags & PARAM_DSTMASK);
if (!xtables_strtoui(optarg, NULL, &num, 0, maxmask))
- param_act(P_BAD_VALUE, "hashlimit",
+ xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-dstmask", optarg);
info->cfg.dstmask = num;
*flags |= PARAM_DSTMASK;
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 09e9fb7..0fe2b4f 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -110,15 +110,15 @@ iprange_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
case '1': /* --src-range */
end = strchr(optarg, '-');
if (end == NULL)
- param_act(P_BAD_VALUE, "iprange", "--src-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
*end = '\0';
ia = numeric_to_ipaddr(optarg);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--src-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
memcpy(&info->src_min.in, ia, sizeof(*ia));
ia = numeric_to_ipaddr(end+1);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--src-range", end + 1);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", end + 1);
memcpy(&info->src_max.in, ia, sizeof(*ia));
info->flags |= IPRANGE_SRC;
if (invert)
@@ -129,15 +129,15 @@ iprange_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
case '2': /* --dst-range */
end = strchr(optarg, '-');
if (end == NULL)
- param_act(P_BAD_VALUE, "iprange", "--dst-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
*end = '\0';
ia = numeric_to_ipaddr(optarg);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--dst-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
memcpy(&info->dst_min.in, ia, sizeof(*ia));
ia = numeric_to_ipaddr(end + 1);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--dst-range", end + 1);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", end + 1);
memcpy(&info->dst_max.in, ia, sizeof(*ia));
info->flags |= IPRANGE_DST;
if (invert)
@@ -160,15 +160,15 @@ iprange_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
case '1': /* --src-range */
end = strchr(optarg, '-');
if (end == NULL)
- param_act(P_BAD_VALUE, "iprange", "--src-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
*end = '\0';
ia = numeric_to_ip6addr(optarg);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--src-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
memcpy(&info->src_min.in, ia, sizeof(*ia));
ia = numeric_to_ip6addr(end+1);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--src-range", end + 1);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", end + 1);
memcpy(&info->src_max.in, ia, sizeof(*ia));
info->flags |= IPRANGE_SRC;
if (invert)
@@ -179,15 +179,15 @@ iprange_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
case '2': /* --dst-range */
end = strchr(optarg, '-');
if (end == NULL)
- param_act(P_BAD_VALUE, "iprange", "--dst-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
*end = '\0';
ia = numeric_to_ip6addr(optarg);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--dst-range", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
memcpy(&info->dst_min.in, ia, sizeof(*ia));
ia = numeric_to_ip6addr(end + 1);
if (ia == NULL)
- param_act(P_BAD_VALUE, "iprange", "--dst-range", end + 1);
+ xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", end + 1);
memcpy(&info->dst_max.in, ia, sizeof(*ia));
info->flags |= IPRANGE_DST;
if (invert)
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 31957e7..08bc9d9 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -34,14 +34,14 @@ static int mark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1': /* --mark */
- param_act(P_ONLY_ONCE, "mark", "--mark", *flags & F_MARK);
+ xtables_param_act(XTF_ONLY_ONCE, "mark", "--mark", *flags & F_MARK);
if (!xtables_strtoui(optarg, &end, &mark, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "mark", "--mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "mark", "--mark", optarg);
if (*end == '/')
if (!xtables_strtoui(end + 1, &end, &mask, 0, UINT32_MAX))
- param_act(P_BAD_VALUE, "mark", "--mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "mark", "--mark", optarg);
if (*end != '\0')
- param_act(P_BAD_VALUE, "mark", "--mark", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "mark", "--mark", optarg);
if (invert)
info->invert = true;
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index 54d841c..bf26f35 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -112,11 +112,11 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 'u':
- param_act(P_ONLY_ONCE, "owner", "--uid-owner", *flags & FLAG_UID_OWNER);
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--uid-owner", *flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
id = pwd->pw_uid;
else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
- param_act(P_BAD_VALUE, "owner", "--uid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--uid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_UID;
info->match |= IPT_OWNER_UID;
@@ -125,11 +125,11 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return true;
case 'g':
- param_act(P_ONLY_ONCE, "owner", "--gid-owner", *flags & FLAG_GID_OWNER);
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--gid-owner", *flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
id = grp->gr_gid;
else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
- param_act(P_BAD_VALUE, "owner", "--gid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--gid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_GID;
info->match |= IPT_OWNER_GID;
@@ -138,9 +138,9 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return true;
case 'p':
- param_act(P_ONLY_ONCE, "owner", "--pid-owner", *flags & FLAG_PID_OWNER);
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--pid-owner", *flags & FLAG_PID_OWNER);
if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
- param_act(P_BAD_VALUE, "owner", "--pid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--pid-owner", optarg);
if (invert)
info->invert |= IPT_OWNER_PID;
info->match |= IPT_OWNER_PID;
@@ -149,9 +149,9 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return true;
case 's':
- param_act(P_ONLY_ONCE, "owner", "--sid-owner", *flags & FLAG_SID_OWNER);
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--sid-owner", *flags & FLAG_SID_OWNER);
if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
- param_act(P_BAD_VALUE, "owner", "--sid-value", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--sid-value", optarg);
if (invert)
info->invert |= IPT_OWNER_SID;
info->match |= IPT_OWNER_SID;
@@ -161,7 +161,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
#ifdef IPT_OWNER_COMM
case 'c':
- param_act(P_ONLY_ONCE, "owner", "--cmd-owner", *flags & FLAG_COMM);
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--cmd-owner", *flags & FLAG_COMM);
if (strlen(optarg) > sizeof(info->comm))
exit_error(PARAMETER_PROBLEM, "owner match: command "
"\"%s\" too long, max. %zu characters",
@@ -191,12 +191,12 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 'u':
- param_act(P_ONLY_ONCE, "owner", "--uid-owner",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--uid-owner",
*flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
id = pwd->pw_uid;
else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
- param_act(P_BAD_VALUE, "owner", "--uid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--uid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_UID;
info->match |= IP6T_OWNER_UID;
@@ -205,12 +205,12 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return true;
case 'g':
- param_act(P_ONLY_ONCE, "owner", "--gid-owner",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--gid-owner",
*flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
id = grp->gr_gid;
else if (!xtables_strtoui(optarg, NULL, &id, 0, UINT32_MAX - 1))
- param_act(P_BAD_VALUE, "owner", "--gid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--gid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_GID;
info->match |= IP6T_OWNER_GID;
@@ -219,10 +219,10 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return true;
case 'p':
- param_act(P_ONLY_ONCE, "owner", "--pid-owner",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--pid-owner",
*flags & FLAG_PID_OWNER);
if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
- param_act(P_BAD_VALUE, "owner", "--pid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--pid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_PID;
info->match |= IP6T_OWNER_PID;
@@ -231,10 +231,10 @@ owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return true;
case 's':
- param_act(P_ONLY_ONCE, "owner", "--sid-owner",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--sid-owner",
*flags & FLAG_SID_OWNER);
if (!xtables_strtoui(optarg, NULL, &id, 0, INT_MAX))
- param_act(P_BAD_VALUE, "owner", "--sid-owner", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "owner", "--sid-owner", optarg);
if (invert)
info->invert |= IP6T_OWNER_SID;
info->match |= IP6T_OWNER_SID;
@@ -252,13 +252,13 @@ static void owner_parse_range(const char *s, unsigned int *from,
/* -1 is reversed, so the max is one less than that. */
if (!xtables_strtoui(s, &end, from, 0, UINT32_MAX - 1))
- param_act(P_BAD_VALUE, "owner", opt, s);
+ xtables_param_act(XTF_BAD_VALUE, "owner", opt, s);
*to = *from;
if (*end == '-' || *end == ':')
if (!xtables_strtoui(end + 1, &end, to, 0, UINT32_MAX - 1))
- param_act(P_BAD_VALUE, "owner", opt, s);
+ xtables_param_act(XTF_BAD_VALUE, "owner", opt, s);
if (*end != '\0')
- param_act(P_BAD_VALUE, "owner", opt, s);
+ xtables_param_act(XTF_BAD_VALUE, "owner", opt, s);
}
static int owner_mt_parse(int c, char **argv, int invert, unsigned int *flags,
@@ -271,7 +271,7 @@ static int owner_mt_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 'u':
- param_act(P_ONLY_ONCE, "owner", "--uid-owner",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--uid-owner",
*flags & FLAG_UID_OWNER);
if ((pwd = getpwnam(optarg)) != NULL)
from = to = pwd->pw_uid;
@@ -286,7 +286,7 @@ static int owner_mt_parse(int c, char **argv, int invert, unsigned int *flags,
return true;
case 'g':
- param_act(P_ONLY_ONCE, "owner", "--gid-owner",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--gid-owner",
*flags & FLAG_GID_OWNER);
if ((grp = getgrnam(optarg)) != NULL)
from = to = grp->gr_gid;
@@ -301,7 +301,7 @@ static int owner_mt_parse(int c, char **argv, int invert, unsigned int *flags,
return true;
case 'k':
- param_act(P_ONLY_ONCE, "owner", "--socket-exists",
+ xtables_param_act(XTF_ONLY_ONCE, "owner", "--socket-exists",
*flags & FLAG_SOCKET_EXISTS);
if (invert)
info->invert |= XT_OWNER_SOCKET;
diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c
index 9f8d6fa..a611840 100644
--- a/extensions/libxt_tos.c
+++ b/extensions/libxt_tos.c
@@ -50,9 +50,9 @@ static int tos_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 't':
- param_act(P_ONLY_ONCE, "tos", "--tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_ONLY_ONCE, "tos", "--tos", *flags & FLAG_TOS);
if (!tos_parse_symbolic(optarg, &tvm, 0xFF))
- param_act(P_BAD_VALUE, "tos", "--tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "tos", "--tos", optarg);
if (tvm.mask != 0xFF)
exit_error(PARAMETER_PROBLEM, "tos: Your kernel is "
"too old to support anything besides /0xFF "
@@ -74,9 +74,9 @@ static int tos_mt_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 't':
- param_act(P_ONLY_ONCE, "tos", "--tos", *flags & FLAG_TOS);
+ xtables_param_act(XTF_ONLY_ONCE, "tos", "--tos", *flags & FLAG_TOS);
if (!tos_parse_symbolic(optarg, &tvm, 0x3F))
- param_act(P_BAD_VALUE, "tos", "--tos", optarg);
+ xtables_param_act(XTF_BAD_VALUE, "tos", "--tos", optarg);
info->tos_value = tvm.value;
info->tos_mask = tvm.mask;
if (invert)
diff --git a/include/xtables.h.in b/include/xtables.h.in
index e1f9c92..e5737cb 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -158,6 +158,17 @@ enum xtables_tryload {
XTF_LOAD_MUST_SUCCEED,
};
+enum xtables_exittype {
+ OTHER_PROBLEM = 1,
+ PARAMETER_PROBLEM,
+ VERSION_PROBLEM,
+ RESOURCE_PROBLEM,
+ XTF_ONLY_ONCE,
+ XTF_NO_INVERT,
+ XTF_BAD_VALUE,
+ XTF_ONE_ACTION,
+};
+
extern const char *xtables_program_name;
extern const char *xtables_modprobe_program;
extern struct xtables_match *xtables_matches;
@@ -188,24 +199,13 @@ extern u_int16_t parse_port(const char *port, const char *proto);
extern void
parse_interface(const char *arg, char *vianame, unsigned char *mask);
-enum exittype {
- OTHER_PROBLEM = 1,
- PARAMETER_PROBLEM,
- VERSION_PROBLEM,
- RESOURCE_PROBLEM,
- P_ONLY_ONCE,
- P_NO_INVERT,
- P_BAD_VALUE,
- P_ONE_ACTION,
-};
-
/* this is a special 64bit data type that is 8-byte aligned */
#define aligned_u64 u_int64_t __attribute__((aligned(8)))
int check_inverse(const char option[], int *invert, int *my_optind, int argc);
-void exit_error(enum exittype, const char *, ...)__attribute__((noreturn,
- format(printf,2,3)));
-extern void param_act(unsigned int, const char *, ...);
+void exit_error(enum xtables_exittype, const char *, ...)
+ __attribute__((noreturn, format(printf,2,3)));
+extern void xtables_param_act(unsigned int, const char *, ...);
extern const char *ipaddr_to_numeric(const struct in_addr *);
extern const char *ipaddr_to_anyname(const struct in_addr *);
diff --git a/ip6tables.c b/ip6tables.c
index 0464185..cbacd89 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -365,7 +365,7 @@ exit_printhelp(struct ip6tables_rule_match *matches)
}
void
-exit_error(enum exittype status, const char *msg, ...)
+exit_error(enum xtables_exittype status, const char *msg, ...)
{
va_list args;
diff --git a/iptables-xml.c b/iptables-xml.c
index a3f6987..307845c 100644
--- a/iptables-xml.c
+++ b/iptables-xml.c
@@ -30,7 +30,7 @@ const char *program_version;
#ifndef IPTABLES_MULTI
int line = 0;
-void exit_error(enum exittype status, const char *msg, ...)
+void exit_error(enum xtables_exittype status, const char *msg, ...)
{
va_list args;
diff --git a/iptables.c b/iptables.c
index 15b5b6f..9adc209 100644
--- a/iptables.c
+++ b/iptables.c
@@ -367,7 +367,7 @@ exit_printhelp(struct iptables_rule_match *matches)
}
void
-exit_error(enum exittype status, const char *msg, ...)
+exit_error(enum xtables_exittype status, const char *msg, ...)
{
va_list args;
diff --git a/xtables.c b/xtables.c
index 642c04b..3ffefa2 100644
--- a/xtables.c
+++ b/xtables.c
@@ -676,7 +676,31 @@ void xtables_register_target(struct xtables_target *me)
me->tflags = 0;
}
-void param_act(unsigned int status, const char *p1, ...)
+/**
+ * xtables_param_act - act on condition
+ * @status: a constant from enum xtables_exittype
+ *
+ * %XTF_ONLY_ONCE: print error message that option may only be used once.
+ * @p1: module name (e.g. "mark")
+ * @p2(...): option in conflict (e.g. "--mark")
+ * @p3(...): condition to match on (see extensions/ for examples)
+ *
+ * %XTF_NO_INVERT: option does not support inversion
+ * @p1: module name
+ * @p2: option in conflict
+ * @p3: condition to match on
+ *
+ * %XTF_BAD_VALUE: bad value for option
+ * @p1: module name
+ * @p2: option with which the problem occured (e.g. "--mark")
+ * @p3: string the user passed in (e.g. "99999999999999")
+ *
+ * %XTF_ONE_ACTION: two mutually exclusive actions have been specified
+ * @p1: module name
+ *
+ * Displays an error message and exits the program.
+ */
+void xtables_param_act(unsigned int status, const char *p1, ...)
{
const char *p2, *p3;
va_list args;
@@ -685,7 +709,7 @@ void param_act(unsigned int status, const char *p1, ...)
va_start(args, p1);
switch (status) {
- case P_ONLY_ONCE:
+ case XTF_ONLY_ONCE:
p2 = va_arg(args, const char *);
b = va_arg(args, unsigned int);
if (!b)
@@ -694,7 +718,7 @@ void param_act(unsigned int status, const char *p1, ...)
"%s: \"%s\" option may only be specified once",
p1, p2);
break;
- case P_NO_INVERT:
+ case XTF_NO_INVERT:
p2 = va_arg(args, const char *);
b = va_arg(args, unsigned int);
if (!b)
@@ -702,14 +726,14 @@ void param_act(unsigned int status, const char *p1, ...)
exit_error(PARAMETER_PROBLEM,
"%s: \"%s\" option cannot be inverted", p1, p2);
break;
- case P_BAD_VALUE:
+ case XTF_BAD_VALUE:
p2 = va_arg(args, const char *);
p3 = va_arg(args, const char *);
exit_error(PARAMETER_PROBLEM,
"%s: Bad value for \"%s\" option: \"%s\"",
p1, p2, p3);
break;
- case P_ONE_ACTION:
+ case XTF_ONE_ACTION:
b = va_arg(args, unsigned int);
if (!b)
return;
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 10/16] libxtables: prefix/order - ipaddr/ipmask to ascii output
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (8 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 09/16] libxtables: prefix/order - param_act Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 11/16] libxtables: prefix/order - ascii to ipaddr/ipmask input Jan Engelhardt
` (6 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libipt_DNAT.c | 4 ++--
extensions/libipt_NETMAP.c | 4 ++--
extensions/libipt_SAME.c | 8 ++++----
extensions/libipt_SNAT.c | 4 ++--
extensions/libipt_policy.c | 8 ++++----
extensions/libxt_TPROXY.c | 4 ++--
extensions/libxt_conntrack.c | 14 +++++++-------
extensions/libxt_iprange.c | 32 ++++++++++++++++----------------
include/xtables.h.in | 12 ++++++------
ip6tables.c | 12 ++++++------
iptables.c | 12 ++++++------
xtables.c | 20 ++++++++++----------
12 files changed, 67 insertions(+), 67 deletions(-)
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index e884b03..42695bb 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -195,10 +195,10 @@ static void print_range(const struct ip_nat_range *r)
struct in_addr a;
a.s_addr = r->min_ip;
- printf("%s", ipaddr_to_numeric(&a));
+ printf("%s", xtables_ipaddr_to_numeric(&a));
if (r->max_ip != r->min_ip) {
a.s_addr = r->max_ip;
- printf("-%s", ipaddr_to_numeric(&a));
+ printf("-%s", xtables_ipaddr_to_numeric(&a));
}
}
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index d8f34cc..33f48c9 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -148,11 +148,11 @@ static void NETMAP_print(const void *ip, const struct xt_entry_target *target,
int bits;
a.s_addr = r->min_ip;
- printf("%s", ipaddr_to_numeric(&a));
+ printf("%s", xtables_ipaddr_to_numeric(&a));
a.s_addr = ~(r->min_ip ^ r->max_ip);
bits = netmask2bits(a.s_addr);
if (bits < 0)
- printf("/%s", ipaddr_to_numeric(&a));
+ printf("/%s", xtables_ipaddr_to_numeric(&a));
else
printf("/%d", bits);
}
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index 6cb09af..1ca38ff 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -151,13 +151,13 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target,
a.s_addr = r->min_ip;
- printf("%s", ipaddr_to_numeric(&a));
+ printf("%s", xtables_ipaddr_to_numeric(&a));
a.s_addr = r->max_ip;
if (r->min_ip == r->max_ip)
printf(" ");
else
- printf("-%s ", ipaddr_to_numeric(&a));
+ printf("-%s ", xtables_ipaddr_to_numeric(&a));
if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
random_selection = 1;
}
@@ -181,13 +181,13 @@ static void SAME_save(const void *ip, const struct xt_entry_target *target)
struct in_addr a;
a.s_addr = r->min_ip;
- printf("--to %s", ipaddr_to_numeric(&a));
+ printf("--to %s", xtables_ipaddr_to_numeric(&a));
a.s_addr = r->max_ip;
if (r->min_ip == r->max_ip)
printf(" ");
else
- printf("-%s ", ipaddr_to_numeric(&a));
+ printf("-%s ", xtables_ipaddr_to_numeric(&a));
if (r->flags & IP_NAT_RANGE_PROTO_RANDOM)
random_selection = 1;
}
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 8c28c0e..2afcbb1 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -196,10 +196,10 @@ static void print_range(const struct ip_nat_range *r)
struct in_addr a;
a.s_addr = r->min_ip;
- printf("%s", ipaddr_to_numeric(&a));
+ printf("%s", xtables_ipaddr_to_numeric(&a));
if (r->max_ip != r->min_ip) {
a.s_addr = r->max_ip;
- printf("-%s", ipaddr_to_numeric(&a));
+ printf("-%s", xtables_ipaddr_to_numeric(&a));
}
}
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index 9c70182..6b044d8 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -352,14 +352,14 @@ static void print_entry(char *prefix, const struct ipt_policy_elem *e,
if (e->match.daddr) {
PRINT_INVERT(e->invert.daddr);
printf("%stunnel-dst %s%s ", prefix,
- ipaddr_to_numeric((const void *)&e->daddr),
- ipmask_to_numeric((const void *)&e->dmask));
+ xtables_ipaddr_to_numeric((const void *)&e->daddr),
+ xtables_ipmask_to_numeric((const void *)&e->dmask));
}
if (e->match.saddr) {
PRINT_INVERT(e->invert.saddr);
printf("%stunnel-src %s%s ", prefix,
- ipaddr_to_numeric((const void *)&e->saddr),
- ipmask_to_numeric((const void *)&e->smask));
+ xtables_ipaddr_to_numeric((const void *)&e->saddr),
+ xtables_ipmask_to_numeric((const void *)&e->smask));
}
}
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index d0933ae..2398c84 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -114,7 +114,7 @@ static void tproxy_tg_print(const void *ip, const struct xt_entry_target *target
{
const struct xt_tproxy_target_info *info = (const void *)target->data;
printf("TPROXY redirect %s:%u mark 0x%x/0x%x",
- ipaddr_to_numeric((const struct in_addr *)&info->laddr),
+ xtables_ipaddr_to_numeric((const struct in_addr *)&info->laddr),
ntohs(info->lport), (unsigned int)info->mark_value,
(unsigned int)info->mark_mask);
}
@@ -125,7 +125,7 @@ static void tproxy_tg_save(const void *ip, const struct xt_entry_target *target)
printf("--on-port %u ", ntohs(info->lport));
printf("--on-ip %s ",
- ipaddr_to_numeric((const struct in_addr *)&info->laddr));
+ xtables_ipaddr_to_numeric((const struct in_addr *)&info->laddr));
printf("--tproxy-mark 0x%x/0x%x ",
(unsigned int)info->mark_value, (unsigned int)info->mark_mask);
}
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index facd0fc..ffa279c 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -761,9 +761,9 @@ conntrack_dump_addr(const union nf_inet_addr *addr,
return;
}
if (numeric)
- printf("%s ", ipaddr_to_numeric(&addr->in));
+ printf("%s ", xtables_ipaddr_to_numeric(&addr->in));
else
- printf("%s ", ipaddr_to_anyname(&addr->in));
+ printf("%s ", xtables_ipaddr_to_anyname(&addr->in));
} else if (family == NFPROTO_IPV6) {
if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 &&
addr->ip6[2] == 0 && addr->ip6[3] == 0) {
@@ -771,9 +771,9 @@ conntrack_dump_addr(const union nf_inet_addr *addr,
return;
}
if (numeric)
- printf("%s ", ip6addr_to_numeric(&addr->in6));
+ printf("%s ", xtables_ip6addr_to_numeric(&addr->in6));
else
- printf("%s ", ip6addr_to_anyname(&addr->in6));
+ printf("%s ", xtables_ip6addr_to_anyname(&addr->in6));
}
}
@@ -789,10 +789,10 @@ print_addr(struct in_addr *addr, struct in_addr *mask, int inv, int numeric)
printf("%s ", "anywhere");
else {
if (numeric)
- sprintf(buf, "%s", ipaddr_to_numeric(addr));
+ strcpy(buf, xtables_ipaddr_to_numeric(addr));
else
- sprintf(buf, "%s", ipaddr_to_anyname(addr));
- strcat(buf, ipmask_to_numeric(mask));
+ strcpy(buf, xtables_ipaddr_to_anyname(addr));
+ strcat(buf, xtables_ipmask_to_numeric(mask));
printf("%s ", buf);
}
}
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 0fe2b4f..9fdc70a 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -250,15 +250,15 @@ iprange_mt4_print(const void *ip, const struct xt_entry_match *match,
* ipaddr_to_numeric() uses a static buffer, so cannot
* combine the printf() calls.
*/
- printf("%s", ipaddr_to_numeric(&info->src_min.in));
- printf("-%s ", ipaddr_to_numeric(&info->src_max.in));
+ printf("%s", xtables_ipaddr_to_numeric(&info->src_min.in));
+ printf("-%s ", xtables_ipaddr_to_numeric(&info->src_max.in));
}
if (info->flags & IPRANGE_DST) {
printf("destination IP range ");
if (info->flags & IPRANGE_DST_INV)
printf("! ");
- printf("%s", ipaddr_to_numeric(&info->dst_min.in));
- printf("-%s ", ipaddr_to_numeric(&info->dst_max.in));
+ printf("%s", xtables_ipaddr_to_numeric(&info->dst_min.in));
+ printf("-%s ", xtables_ipaddr_to_numeric(&info->dst_max.in));
}
}
@@ -276,15 +276,15 @@ iprange_mt6_print(const void *ip, const struct xt_entry_match *match,
* ipaddr_to_numeric() uses a static buffer, so cannot
* combine the printf() calls.
*/
- printf("%s", ip6addr_to_numeric(&info->src_min.in6));
- printf("-%s ", ip6addr_to_numeric(&info->src_max.in6));
+ printf("%s", xtables_ip6addr_to_numeric(&info->src_min.in6));
+ printf("-%s ", xtables_ip6addr_to_numeric(&info->src_max.in6));
}
if (info->flags & IPRANGE_DST) {
printf("destination IP range ");
if (info->flags & IPRANGE_DST_INV)
printf("! ");
- printf("%s", ip6addr_to_numeric(&info->dst_min.in6));
- printf("-%s ", ip6addr_to_numeric(&info->dst_max.in6));
+ printf("%s", xtables_ip6addr_to_numeric(&info->dst_min.in6));
+ printf("-%s ", xtables_ip6addr_to_numeric(&info->dst_max.in6));
}
}
@@ -315,14 +315,14 @@ static void iprange_mt4_save(const void *ip, const struct xt_entry_match *match)
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
printf("! ");
- printf("--src-range %s", ipaddr_to_numeric(&info->src_min.in));
- printf("-%s ", ipaddr_to_numeric(&info->src_max.in));
+ printf("--src-range %s", xtables_ipaddr_to_numeric(&info->src_min.in));
+ printf("-%s ", xtables_ipaddr_to_numeric(&info->src_max.in));
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
printf("! ");
- printf("--dst-range %s", ipaddr_to_numeric(&info->dst_min.in));
- printf("-%s ", ipaddr_to_numeric(&info->dst_max.in));
+ printf("--dst-range %s", xtables_ipaddr_to_numeric(&info->dst_min.in));
+ printf("-%s ", xtables_ipaddr_to_numeric(&info->dst_max.in));
}
}
@@ -333,14 +333,14 @@ static void iprange_mt6_save(const void *ip, const struct xt_entry_match *match)
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
printf("! ");
- printf("--src-range %s", ip6addr_to_numeric(&info->src_min.in6));
- printf("-%s ", ip6addr_to_numeric(&info->src_max.in6));
+ printf("--src-range %s", xtables_ip6addr_to_numeric(&info->src_min.in6));
+ printf("-%s ", xtables_ip6addr_to_numeric(&info->src_max.in6));
}
if (info->flags & IPRANGE_DST) {
if (info->flags & IPRANGE_DST_INV)
printf("! ");
- printf("--dst-range %s", ip6addr_to_numeric(&info->dst_min.in6));
- printf("-%s ", ip6addr_to_numeric(&info->dst_max.in6));
+ printf("--dst-range %s", xtables_ip6addr_to_numeric(&info->dst_min.in6));
+ printf("-%s ", xtables_ip6addr_to_numeric(&info->dst_max.in6));
}
}
diff --git a/include/xtables.h.in b/include/xtables.h.in
index e5737cb..3099de8 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -207,18 +207,18 @@ void exit_error(enum xtables_exittype, const char *, ...)
__attribute__((noreturn, format(printf,2,3)));
extern void xtables_param_act(unsigned int, const char *, ...);
-extern const char *ipaddr_to_numeric(const struct in_addr *);
-extern const char *ipaddr_to_anyname(const struct in_addr *);
-extern const char *ipmask_to_numeric(const struct in_addr *);
+extern const char *xtables_ipaddr_to_numeric(const struct in_addr *);
+extern const char *xtables_ipaddr_to_anyname(const struct in_addr *);
+extern const char *xtables_ipmask_to_numeric(const struct in_addr *);
extern struct in_addr *numeric_to_ipaddr(const char *);
extern struct in_addr *numeric_to_ipmask(const char *);
extern void ipparse_hostnetworkmask(const char *, struct in_addr **,
struct in_addr *, unsigned int *);
extern struct in6_addr *numeric_to_ip6addr(const char *);
-extern const char *ip6addr_to_numeric(const struct in6_addr *);
-extern const char *ip6addr_to_anyname(const struct in6_addr *);
-extern const char *ip6mask_to_numeric(const struct in6_addr *);
+extern const char *xtables_ip6addr_to_numeric(const struct in6_addr *);
+extern const char *xtables_ip6addr_to_anyname(const struct in6_addr *);
+extern const char *xtables_ip6mask_to_numeric(const struct in6_addr *);
extern void ip6parse_hostnetworkmask(const char *, struct in6_addr **,
struct in6_addr *, unsigned int *);
diff --git a/ip6tables.c b/ip6tables.c
index cbacd89..f741c52 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -809,10 +809,10 @@ print_firewall(const struct ip6t_entry *fw,
printf(FMT("%-19s ","%s "), "anywhere");
else {
if (format & FMT_NUMERIC)
- sprintf(buf, "%s", ip6addr_to_numeric(&fw->ipv6.src));
+ strcpy(buf, xtables_ip6addr_to_numeric(&fw->ipv6.src));
else
- sprintf(buf, "%s", ip6addr_to_anyname(&fw->ipv6.src));
- strcat(buf, ip6mask_to_numeric(&fw->ipv6.smsk));
+ strcpy(buf, xtables_ip6addr_to_anyname(&fw->ipv6.src));
+ strcat(buf, xtables_ip6mask_to_numeric(&fw->ipv6.smsk));
printf(FMT("%-19s ","%s "), buf);
}
@@ -822,10 +822,10 @@ print_firewall(const struct ip6t_entry *fw,
printf(FMT("%-19s ","-> %s"), "anywhere");
else {
if (format & FMT_NUMERIC)
- sprintf(buf, "%s", ip6addr_to_numeric(&fw->ipv6.dst));
+ strcpy(buf, xtables_ip6addr_to_numeric(&fw->ipv6.dst));
else
- sprintf(buf, "%s", ip6addr_to_anyname(&fw->ipv6.dst));
- strcat(buf, ip6mask_to_numeric(&fw->ipv6.dmsk));
+ strcpy(buf, xtables_ip6addr_to_anyname(&fw->ipv6.dst));
+ strcat(buf, xtables_ip6mask_to_numeric(&fw->ipv6.dmsk));
printf(FMT("%-19s ","-> %s"), buf);
}
diff --git a/iptables.c b/iptables.c
index 9adc209..d3906fc 100644
--- a/iptables.c
+++ b/iptables.c
@@ -803,10 +803,10 @@ print_firewall(const struct ipt_entry *fw,
printf(FMT("%-19s ","%s "), "anywhere");
else {
if (format & FMT_NUMERIC)
- sprintf(buf, "%s", ipaddr_to_numeric(&fw->ip.src));
+ strcpy(buf, xtables_ipaddr_to_numeric(&fw->ip.src));
else
- sprintf(buf, "%s", ipaddr_to_anyname(&fw->ip.src));
- strcat(buf, ipmask_to_numeric(&fw->ip.smsk));
+ strcpy(buf, xtables_ipaddr_to_anyname(&fw->ip.src));
+ strcat(buf, xtables_ipmask_to_numeric(&fw->ip.smsk));
printf(FMT("%-19s ","%s "), buf);
}
@@ -815,10 +815,10 @@ print_firewall(const struct ipt_entry *fw,
printf(FMT("%-19s ","-> %s"), "anywhere");
else {
if (format & FMT_NUMERIC)
- sprintf(buf, "%s", ipaddr_to_numeric(&fw->ip.dst));
+ strcpy(buf, xtables_ipaddr_to_numeric(&fw->ip.dst));
else
- sprintf(buf, "%s", ipaddr_to_anyname(&fw->ip.dst));
- strcat(buf, ipmask_to_numeric(&fw->ip.dmsk));
+ strcpy(buf, xtables_ipaddr_to_anyname(&fw->ip.dst));
+ strcat(buf, xtables_ipmask_to_numeric(&fw->ip.dmsk));
printf(FMT("%-19s ","-> %s"), buf);
}
diff --git a/xtables.c b/xtables.c
index 3ffefa2..07275f6 100644
--- a/xtables.c
+++ b/xtables.c
@@ -748,7 +748,7 @@ void xtables_param_act(unsigned int status, const char *p1, ...)
va_end(args);
}
-const char *ipaddr_to_numeric(const struct in_addr *addrp)
+const char *xtables_ipaddr_to_numeric(const struct in_addr *addrp)
{
static char buf[20];
const unsigned char *bytep = (const void *)&addrp->s_addr;
@@ -778,7 +778,7 @@ static const char *ipaddr_to_network(const struct in_addr *addr)
return NULL;
}
-const char *ipaddr_to_anyname(const struct in_addr *addr)
+const char *xtables_ipaddr_to_anyname(const struct in_addr *addr)
{
const char *name;
@@ -786,10 +786,10 @@ const char *ipaddr_to_anyname(const struct in_addr *addr)
(name = ipaddr_to_network(addr)) != NULL)
return name;
- return ipaddr_to_numeric(addr);
+ return xtables_ipaddr_to_numeric(addr);
}
-const char *ipmask_to_numeric(const struct in_addr *mask)
+const char *xtables_ipmask_to_numeric(const struct in_addr *mask)
{
static char buf[20];
uint32_t maskaddr, bits;
@@ -809,7 +809,7 @@ const char *ipmask_to_numeric(const struct in_addr *mask)
sprintf(buf, "/%d", i);
else
/* mask was not a decent combination of 1's and 0's */
- sprintf(buf, "/%s", ipaddr_to_numeric(mask));
+ sprintf(buf, "/%s", xtables_ipaddr_to_numeric(mask));
return buf;
}
@@ -987,7 +987,7 @@ void ipparse_hostnetworkmask(const char *name, struct in_addr **addrpp,
}
}
-const char *ip6addr_to_numeric(const struct in6_addr *addrp)
+const char *xtables_ip6addr_to_numeric(const struct in6_addr *addrp)
{
/* 0000:0000:0000:0000:0000:000.000.000.000
* 0000:0000:0000:0000:0000:0000:0000:0000 */
@@ -1020,14 +1020,14 @@ static const char *ip6addr_to_host(const struct in6_addr *addr)
return hostname;
}
-const char *ip6addr_to_anyname(const struct in6_addr *addr)
+const char *xtables_ip6addr_to_anyname(const struct in6_addr *addr)
{
const char *name;
if ((name = ip6addr_to_host(addr)) != NULL)
return name;
- return ip6addr_to_numeric(addr);
+ return xtables_ip6addr_to_numeric(addr);
}
static int ip6addr_prefix_length(const struct in6_addr *k)
@@ -1054,14 +1054,14 @@ static int ip6addr_prefix_length(const struct in6_addr *k)
return bits;
}
-const char *ip6mask_to_numeric(const struct in6_addr *addrp)
+const char *xtables_ip6mask_to_numeric(const struct in6_addr *addrp)
{
static char buf[50+2];
int l = ip6addr_prefix_length(addrp);
if (l == -1) {
strcpy(buf, "/");
- strcat(buf, ip6addr_to_numeric(addrp));
+ strcat(buf, xtables_ip6addr_to_numeric(addrp));
return buf;
}
sprintf(buf, "/%d", l);
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 11/16] libxtables: prefix/order - ascii to ipaddr/ipmask input
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (9 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 10/16] libxtables: prefix/order - ipaddr/ipmask to ascii output Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 12/16] libxtables: prefix - misc functions Jan Engelhardt
` (5 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libipt_DNAT.c | 4 ++--
extensions/libipt_NETMAP.c | 4 ++--
extensions/libipt_SAME.c | 4 ++--
extensions/libipt_SNAT.c | 4 ++--
extensions/libxt_TPROXY.c | 2 +-
extensions/libxt_iprange.c | 20 ++++++++++----------
include/xtables.h.in | 6 +++---
xtables.c | 14 +++++++-------
8 files changed, 29 insertions(+), 29 deletions(-)
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index 42695bb..0d355a0 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -117,13 +117,13 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
if (dash)
*dash = '\0';
- ip = numeric_to_ipaddr(arg);
+ ip = xtables_numeric_to_ipaddr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range.min_ip = ip->s_addr;
if (dash) {
- ip = numeric_to_ipaddr(dash+1);
+ ip = xtables_numeric_to_ipaddr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
dash+1);
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index 33f48c9..f6c8bfd 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -75,14 +75,14 @@ parse_to(char *arg, struct ip_nat_range *range)
if (slash)
*slash = '\0';
- ip = numeric_to_ipaddr(arg);
+ ip = xtables_numeric_to_ipaddr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range->min_ip = ip->s_addr;
if (slash) {
if (strchr(slash+1, '.')) {
- ip = numeric_to_ipmask(slash+1);
+ ip = xtables_numeric_to_ipmask(slash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n",
slash+1);
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index 1ca38ff..6882242 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -56,14 +56,14 @@ parse_to(char *arg, struct ip_nat_range *range)
if (dash)
*dash = '\0';
- ip = numeric_to_ipaddr(arg);
+ ip = xtables_numeric_to_ipaddr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range->min_ip = ip->s_addr;
if (dash) {
- ip = numeric_to_ipaddr(dash+1);
+ ip = xtables_numeric_to_ipaddr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
dash+1);
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 2afcbb1..0780aa1 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -117,13 +117,13 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
if (dash)
*dash = '\0';
- ip = numeric_to_ipaddr(arg);
+ ip = xtables_numeric_to_ipaddr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
arg);
range.min_ip = ip->s_addr;
if (dash) {
- ip = numeric_to_ipaddr(dash+1);
+ ip = xtables_numeric_to_ipaddr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n",
dash+1);
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index 2398c84..54ae96d 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -50,7 +50,7 @@ static void parse_tproxy_laddr(const char *s, struct xt_tproxy_target_info *info
{
struct in_addr *laddr;
- if ((laddr = numeric_to_ipaddr(s)) == NULL)
+ if ((laddr = xtables_numeric_to_ipaddr(s)) == NULL)
xtables_param_act(XTF_BAD_VALUE, "TPROXY", "--on-ip", s);
info->laddr = laddr->s_addr;
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 9fdc70a..de079cb 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -40,14 +40,14 @@ parse_iprange(char *arg, struct ipt_iprange *range)
if (dash != NULL)
*dash = '\0';
- ip = numeric_to_ipaddr(arg);
+ ip = xtables_numeric_to_ipaddr(arg);
if (!ip)
exit_error(PARAMETER_PROBLEM, "iprange match: Bad IP address `%s'\n",
arg);
range->min_ip = ip->s_addr;
if (dash != NULL) {
- ip = numeric_to_ipaddr(dash+1);
+ ip = xtables_numeric_to_ipaddr(dash+1);
if (!ip)
exit_error(PARAMETER_PROBLEM, "iprange match: Bad IP address `%s'\n",
dash+1);
@@ -112,11 +112,11 @@ iprange_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
if (end == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
*end = '\0';
- ia = numeric_to_ipaddr(optarg);
+ ia = xtables_numeric_to_ipaddr(optarg);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
memcpy(&info->src_min.in, ia, sizeof(*ia));
- ia = numeric_to_ipaddr(end+1);
+ ia = xtables_numeric_to_ipaddr(end+1);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", end + 1);
memcpy(&info->src_max.in, ia, sizeof(*ia));
@@ -131,11 +131,11 @@ iprange_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
if (end == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
*end = '\0';
- ia = numeric_to_ipaddr(optarg);
+ ia = xtables_numeric_to_ipaddr(optarg);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
memcpy(&info->dst_min.in, ia, sizeof(*ia));
- ia = numeric_to_ipaddr(end + 1);
+ ia = xtables_numeric_to_ipaddr(end + 1);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", end + 1);
memcpy(&info->dst_max.in, ia, sizeof(*ia));
@@ -162,11 +162,11 @@ iprange_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
if (end == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
*end = '\0';
- ia = numeric_to_ip6addr(optarg);
+ ia = xtables_numeric_to_ip6addr(optarg);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", optarg);
memcpy(&info->src_min.in, ia, sizeof(*ia));
- ia = numeric_to_ip6addr(end+1);
+ ia = xtables_numeric_to_ip6addr(end+1);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--src-range", end + 1);
memcpy(&info->src_max.in, ia, sizeof(*ia));
@@ -181,11 +181,11 @@ iprange_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
if (end == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
*end = '\0';
- ia = numeric_to_ip6addr(optarg);
+ ia = xtables_numeric_to_ip6addr(optarg);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", optarg);
memcpy(&info->dst_min.in, ia, sizeof(*ia));
- ia = numeric_to_ip6addr(end + 1);
+ ia = xtables_numeric_to_ip6addr(end + 1);
if (ia == NULL)
xtables_param_act(XTF_BAD_VALUE, "iprange", "--dst-range", end + 1);
memcpy(&info->dst_max.in, ia, sizeof(*ia));
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 3099de8..936bbcc 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -210,12 +210,12 @@ extern void xtables_param_act(unsigned int, const char *, ...);
extern const char *xtables_ipaddr_to_numeric(const struct in_addr *);
extern const char *xtables_ipaddr_to_anyname(const struct in_addr *);
extern const char *xtables_ipmask_to_numeric(const struct in_addr *);
-extern struct in_addr *numeric_to_ipaddr(const char *);
-extern struct in_addr *numeric_to_ipmask(const char *);
+extern struct in_addr *xtables_numeric_to_ipaddr(const char *);
+extern struct in_addr *xtables_numeric_to_ipmask(const char *);
extern void ipparse_hostnetworkmask(const char *, struct in_addr **,
struct in_addr *, unsigned int *);
-extern struct in6_addr *numeric_to_ip6addr(const char *);
+extern struct in6_addr *xtables_numeric_to_ip6addr(const char *);
extern const char *xtables_ip6addr_to_numeric(const struct in6_addr *);
extern const char *xtables_ip6addr_to_anyname(const struct in6_addr *);
extern const char *xtables_ip6mask_to_numeric(const struct in6_addr *);
diff --git a/xtables.c b/xtables.c
index 07275f6..859a82a 100644
--- a/xtables.c
+++ b/xtables.c
@@ -860,12 +860,12 @@ static struct in_addr *__numeric_to_ipaddr(const char *dotted, bool is_mask)
return &addr;
}
-struct in_addr *numeric_to_ipaddr(const char *dotted)
+struct in_addr *xtables_numeric_to_ipaddr(const char *dotted)
{
return __numeric_to_ipaddr(dotted, false);
}
-struct in_addr *numeric_to_ipmask(const char *dotted)
+struct in_addr *xtables_numeric_to_ipmask(const char *dotted)
{
return __numeric_to_ipaddr(dotted, true);
}
@@ -914,7 +914,7 @@ ipparse_hostnetwork(const char *name, unsigned int *naddrs)
{
struct in_addr *addrptmp, *addrp;
- if ((addrptmp = numeric_to_ipaddr(name)) != NULL ||
+ if ((addrptmp = xtables_numeric_to_ipaddr(name)) != NULL ||
(addrptmp = network_to_ipaddr(name)) != NULL) {
addrp = xtables_malloc(sizeof(struct in_addr));
memcpy(addrp, addrptmp, sizeof(*addrp));
@@ -938,7 +938,7 @@ static struct in_addr *parse_ipmask(const char *mask)
maskaddr.s_addr = 0xFFFFFFFF;
return &maskaddr;
}
- if ((addrp = numeric_to_ipmask(mask)) != NULL)
+ if ((addrp = xtables_numeric_to_ipmask(mask)) != NULL)
/* dotted_to_addr already returns a network byte order addr */
return addrp;
if (!xtables_strtoui(mask, NULL, &bits, 0, 32))
@@ -1068,7 +1068,7 @@ const char *xtables_ip6mask_to_numeric(const struct in6_addr *addrp)
return buf;
}
-struct in6_addr *numeric_to_ip6addr(const char *num)
+struct in6_addr *xtables_numeric_to_ip6addr(const char *num)
{
static struct in6_addr ap;
int err;
@@ -1136,7 +1136,7 @@ ip6parse_hostnetwork(const char *name, unsigned int *naddrs)
{
struct in6_addr *addrp, *addrptmp;
- if ((addrptmp = numeric_to_ip6addr(name)) != NULL ||
+ if ((addrptmp = xtables_numeric_to_ip6addr(name)) != NULL ||
(addrptmp = network_to_ip6addr(name)) != NULL) {
addrp = xtables_malloc(sizeof(struct in6_addr));
memcpy(addrp, addrptmp, sizeof(*addrp));
@@ -1160,7 +1160,7 @@ static struct in6_addr *parse_ip6mask(char *mask)
memset(&maskaddr, 0xff, sizeof maskaddr);
return &maskaddr;
}
- if ((addrp = numeric_to_ip6addr(mask)) != NULL)
+ if ((addrp = xtables_numeric_to_ip6addr(mask)) != NULL)
return addrp;
if (!xtables_strtoui(mask, NULL, &bits, 0, 128))
exit_error(PARAMETER_PROBLEM,
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 12/16] libxtables: prefix - misc functions
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (10 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 11/16] libxtables: prefix/order - ascii to ipaddr/ipmask input Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 13/16] libxtables: prefix - parse and escaped output func Jan Engelhardt
` (4 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libipt_REDIRECT.c | 2 +-
extensions/libxt_dccp.c | 6 +++---
extensions/libxt_multiport.c | 6 +++---
extensions/libxt_physdev.c | 4 ++--
extensions/libxt_sctp.c | 6 +++---
extensions/libxt_tcp.c | 6 +++---
extensions/libxt_udp.c | 6 +++---
include/xtables.h.in | 6 +++---
ip6tables.c | 4 ++--
iptables.c | 4 ++--
xtables.c | 9 +++++----
11 files changed, 30 insertions(+), 29 deletions(-)
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 64ab737..1ef2b2e 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -48,7 +48,7 @@ parse_ports(const char *arg, struct ip_nat_multi_range *mr)
port = atoi(arg);
if (port == 0)
- port = service_to_port(arg, NULL);
+ port = xtables_service_to_port(arg, NULL);
if (port == 0 || port > 65535)
exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", arg);
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index b7b55e2..9be0658 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -62,14 +62,14 @@ parse_dccp_ports(const char *portstring,
buffer = strdup(portstring);
DEBUGP("%s\n", portstring);
if ((cp = strchr(buffer, ':')) == NULL) {
- ports[0] = ports[1] = parse_port(buffer, "dccp");
+ ports[0] = ports[1] = xtables_parse_port(buffer, "dccp");
}
else {
*cp = '\0';
cp++;
- ports[0] = buffer[0] ? parse_port(buffer, "dccp") : 0;
- ports[1] = cp[0] ? parse_port(cp, "dccp") : 0xFFFF;
+ ports[0] = buffer[0] ? xtables_parse_port(buffer, "dccp") : 0;
+ ports[1] = cp[0] ? xtables_parse_port(cp, "dccp") : 0xFFFF;
if (ports[0] > ports[1])
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index dae6e33..a7db2a8 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -81,7 +81,7 @@ parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
{
next=strchr(cp, ',');
if (next) *next++='\0';
- ports[i] = parse_port(cp, proto);
+ ports[i] = xtables_parse_port(cp, proto);
}
if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
free(buffer);
@@ -113,10 +113,10 @@ parse_multi_ports_v1(const char *portstring,
"too many ports specified");
*range++ = '\0';
}
- multiinfo->ports[i] = parse_port(cp, proto);
+ multiinfo->ports[i] = xtables_parse_port(cp, proto);
if (range) {
multiinfo->pflags[i] = 1;
- multiinfo->ports[++i] = parse_port(range, proto);
+ multiinfo->ports[++i] = xtables_parse_port(range, proto);
if (multiinfo->ports[i-1] >= multiinfo->ports[i])
exit_error(PARAMETER_PROBLEM,
"invalid portrange specified");
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index 0572aba..6152cb3 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -44,7 +44,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & XT_PHYSDEV_OP_IN)
goto multiple_use;
check_inverse(optarg, &invert, &optind, 0);
- parse_interface(argv[optind-1], info->physindev,
+ xtables_parse_interface(argv[optind-1], info->physindev,
(unsigned char *)info->in_mask);
if (invert)
info->invert |= XT_PHYSDEV_OP_IN;
@@ -56,7 +56,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & XT_PHYSDEV_OP_OUT)
goto multiple_use;
check_inverse(optarg, &invert, &optind, 0);
- parse_interface(argv[optind-1], info->physoutdev,
+ xtables_parse_interface(argv[optind-1], info->physoutdev,
(unsigned char *)info->out_mask);
if (invert)
info->invert |= XT_PHYSDEV_OP_OUT;
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 37a6423..6348a2f 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -85,14 +85,14 @@ parse_sctp_ports(const char *portstring,
buffer = strdup(portstring);
DEBUGP("%s\n", portstring);
if ((cp = strchr(buffer, ':')) == NULL) {
- ports[0] = ports[1] = parse_port(buffer, "sctp");
+ ports[0] = ports[1] = xtables_parse_port(buffer, "sctp");
}
else {
*cp = '\0';
cp++;
- ports[0] = buffer[0] ? parse_port(buffer, "sctp") : 0;
- ports[1] = cp[0] ? parse_port(cp, "sctp") : 0xFFFF;
+ ports[0] = buffer[0] ? xtables_parse_port(buffer, "sctp") : 0;
+ ports[1] = cp[0] ? xtables_parse_port(cp, "sctp") : 0xFFFF;
if (ports[0] > ports[1])
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index 56bdba5..bb66747 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -44,13 +44,13 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports)
buffer = strdup(portstring);
if ((cp = strchr(buffer, ':')) == NULL)
- ports[0] = ports[1] = parse_port(buffer, "tcp");
+ ports[0] = ports[1] = xtables_parse_port(buffer, "tcp");
else {
*cp = '\0';
cp++;
- ports[0] = buffer[0] ? parse_port(buffer, "tcp") : 0;
- ports[1] = cp[0] ? parse_port(cp, "tcp") : 0xFFFF;
+ ports[0] = buffer[0] ? xtables_parse_port(buffer, "tcp") : 0;
+ ports[1] = cp[0] ? xtables_parse_port(cp, "tcp") : 0xFFFF;
if (ports[0] > ports[1])
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index f64fd1c..4012841 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -36,13 +36,13 @@ parse_udp_ports(const char *portstring, u_int16_t *ports)
buffer = strdup(portstring);
if ((cp = strchr(buffer, ':')) == NULL)
- ports[0] = ports[1] = parse_port(buffer, "udp");
+ ports[0] = ports[1] = xtables_parse_port(buffer, "udp");
else {
*cp = '\0';
cp++;
- ports[0] = buffer[0] ? parse_port(buffer, "udp") : 0;
- ports[1] = cp[0] ? parse_port(cp, "udp") : 0xFFFF;
+ ports[0] = buffer[0] ? xtables_parse_port(buffer, "udp") : 0;
+ ports[1] = cp[0] ? xtables_parse_port(cp, "udp") : 0xFFFF;
if (ports[0] > ports[1])
exit_error(PARAMETER_PROBLEM,
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 936bbcc..abde4d8 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -194,10 +194,10 @@ extern bool xtables_strtoul(const char *, char **, unsigned long *,
unsigned long, unsigned long);
extern bool xtables_strtoui(const char *, char **, unsigned int *,
unsigned int, unsigned int);
-extern int service_to_port(const char *name, const char *proto);
-extern u_int16_t parse_port(const char *port, const char *proto);
+extern int xtables_service_to_port(const char *name, const char *proto);
+extern u_int16_t xtables_parse_port(const char *port, const char *proto);
extern void
-parse_interface(const char *arg, char *vianame, unsigned char *mask);
+xtables_parse_interface(const char *arg, char *vianame, unsigned char *mask);
/* this is a special 64bit data type that is 8-byte aligned */
#define aligned_u64 u_int64_t __attribute__((aligned(8)))
diff --git a/ip6tables.c b/ip6tables.c
index f741c52..fd73276 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1700,7 +1700,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEIN, &fw.ipv6.invflags,
invert);
- parse_interface(argv[optind-1],
+ xtables_parse_interface(argv[optind-1],
fw.ipv6.iniface,
fw.ipv6.iniface_mask);
break;
@@ -1709,7 +1709,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEOUT, &fw.ipv6.invflags,
invert);
- parse_interface(argv[optind-1],
+ xtables_parse_interface(argv[optind-1],
fw.ipv6.outiface,
fw.ipv6.outiface_mask);
break;
diff --git a/iptables.c b/iptables.c
index d3906fc..aeb40d8 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1705,7 +1705,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEIN, &fw.ip.invflags,
invert);
- parse_interface(argv[optind-1],
+ xtables_parse_interface(argv[optind-1],
fw.ip.iniface,
fw.ip.iniface_mask);
break;
@@ -1714,7 +1714,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEOUT, &fw.ip.invflags,
invert);
- parse_interface(argv[optind-1],
+ xtables_parse_interface(argv[optind-1],
fw.ip.outiface,
fw.ip.outiface_mask);
break;
diff --git a/xtables.c b/xtables.c
index 859a82a..a387ae0 100644
--- a/xtables.c
+++ b/xtables.c
@@ -236,7 +236,7 @@ bool xtables_strtoui(const char *s, char **end, unsigned int *value,
return ret;
}
-int service_to_port(const char *name, const char *proto)
+int xtables_service_to_port(const char *name, const char *proto)
{
struct servent *service;
@@ -246,19 +246,20 @@ int service_to_port(const char *name, const char *proto)
return -1;
}
-u_int16_t parse_port(const char *port, const char *proto)
+u_int16_t xtables_parse_port(const char *port, const char *proto)
{
unsigned int portnum;
if (xtables_strtoui(port, NULL, &portnum, 0, UINT16_MAX) ||
- (portnum = service_to_port(port, proto)) != (unsigned)-1)
+ (portnum = xtables_service_to_port(port, proto)) != (unsigned)-1)
return portnum;
exit_error(PARAMETER_PROBLEM,
"invalid port/service `%s' specified", port);
}
-void parse_interface(const char *arg, char *vianame, unsigned char *mask)
+void xtables_parse_interface(const char *arg, char *vianame,
+ unsigned char *mask)
{
int vialen = strlen(arg);
unsigned int i;
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 13/16] libxtables: prefix - parse and escaped output func
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (11 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 12/16] libxtables: prefix - misc functions Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 14/16] libxtables: prefix/order - move check_inverse to xtables.c Jan Engelhardt
` (3 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_policy.c | 4 ++--
extensions/libipt_LOG.c | 2 +-
extensions/libipt_ULOG.c | 2 +-
extensions/libipt_policy.c | 4 ++--
extensions/libxt_NFLOG.c | 2 +-
extensions/libxt_conntrack.c | 24 ++++++++++++------------
extensions/libxt_helper.c | 2 +-
include/xtables.h.in | 6 +++---
ip6tables.c | 4 ++--
iptables.c | 4 ++--
xtables.c | 17 ++++++++++++-----
11 files changed, 39 insertions(+), 32 deletions(-)
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 357cbea..fa855c1 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -214,7 +214,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"policy match: double --tunnel-src option");
- ip6parse_hostnetworkmask(argv[optind-1], &addr, &mask, &naddr);
+ xtables_ip6parse_any(argv[optind-1], &addr, &mask, &naddr);
if (naddr > 1)
exit_error(PARAMETER_PROBLEM,
"policy match: name resolves to multiple IPs");
@@ -229,7 +229,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"policy match: double --tunnel-dst option");
- ip6parse_hostnetworkmask(argv[optind-1], &addr, &mask, &naddr);
+ xtables_ip6parse_any(argv[optind-1], &addr, &mask, &naddr);
if (naddr > 1)
exit_error(PARAMETER_PROBLEM,
"policy match: name resolves to multiple IPs");
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index aefb54a..23790a0 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -235,7 +235,7 @@ static void LOG_save(const void *ip, const struct xt_entry_target *target)
if (strcmp(loginfo->prefix, "") != 0) {
printf("--log-prefix ");
- save_string(loginfo->prefix);
+ xtables_save_string(loginfo->prefix);
}
if (loginfo->level != LOG_DEFAULT_LEVEL)
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c
index d73a3f6..6e346d8 100644
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -151,7 +151,7 @@ static void ULOG_save(const void *ip, const struct xt_entry_target *target)
if (strcmp(loginfo->prefix, "") != 0) {
fputs("--ulog-prefix ", stdout);
- save_string(loginfo->prefix);
+ xtables_save_string(loginfo->prefix);
}
if (loginfo->nl_group != ULOG_DEFAULT_NLGROUP) {
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index 6b044d8..c9ce850 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -182,7 +182,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"policy match: double --tunnel-src option");
- ipparse_hostnetworkmask(argv[optind-1], &addr, &mask, &naddr);
+ xtables_ipparse_any(argv[optind-1], &addr, &mask, &naddr);
if (naddr > 1)
exit_error(PARAMETER_PROBLEM,
"policy match: name resolves to multiple IPs");
@@ -197,7 +197,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"policy match: double --tunnel-dst option");
- ipparse_hostnetworkmask(argv[optind-1], &addr, &mask, &naddr);
+ xtables_ipparse_any(argv[optind-1], &addr, &mask, &naddr);
if (naddr > 1)
exit_error(PARAMETER_PROBLEM,
"policy match: name resolves to multiple IPs");
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index fe22e98..bedfbe9 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -113,7 +113,7 @@ static void nflog_print(const struct xt_nflog_info *info, char *prefix)
{
if (info->prefix[0] != '\0') {
printf("%snflog-prefix ", prefix);
- save_string(info->prefix);
+ xtables_save_string(info->prefix);
}
if (info->group)
printf("%snflog-group %u ", prefix, info->group);
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index ffa279c..958f842 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -333,7 +333,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
if (invert)
sinfo->invflags |= XT_CONNTRACK_ORIGSRC;
- ipparse_hostnetworkmask(argv[optind-1], &addrs,
+ xtables_ipparse_any(argv[optind-1], &addrs,
&sinfo->sipmsk[IP_CT_DIR_ORIGINAL],
&naddrs);
if(naddrs > 1)
@@ -353,7 +353,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
if (invert)
sinfo->invflags |= XT_CONNTRACK_ORIGDST;
- ipparse_hostnetworkmask(argv[optind-1], &addrs,
+ xtables_ipparse_any(argv[optind-1], &addrs,
&sinfo->dipmsk[IP_CT_DIR_ORIGINAL],
&naddrs);
if(naddrs > 1)
@@ -373,7 +373,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
if (invert)
sinfo->invflags |= XT_CONNTRACK_REPLSRC;
- ipparse_hostnetworkmask(argv[optind-1], &addrs,
+ xtables_ipparse_any(argv[optind-1], &addrs,
&sinfo->sipmsk[IP_CT_DIR_REPLY],
&naddrs);
if(naddrs > 1)
@@ -393,7 +393,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
if (invert)
sinfo->invflags |= XT_CONNTRACK_REPLDST;
- ipparse_hostnetworkmask(argv[optind-1], &addrs,
+ xtables_ipparse_any(argv[optind-1], &addrs,
&sinfo->dipmsk[IP_CT_DIR_REPLY],
&naddrs);
if(naddrs > 1)
@@ -551,7 +551,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '3': /* --ctorigsrc */
- ipparse_hostnetworkmask(optarg, &addr, &info->origsrc_mask.in,
+ xtables_ipparse_any(optarg, &addr, &info->origsrc_mask.in,
&naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -564,7 +564,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '4': /* --ctorigdst */
- ipparse_hostnetworkmask(optarg, &addr, &info->origdst_mask.in,
+ xtables_ipparse_any(optarg, &addr, &info->origdst_mask.in,
&naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -577,7 +577,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '5': /* --ctreplsrc */
- ipparse_hostnetworkmask(optarg, &addr, &info->replsrc_mask.in,
+ xtables_ipparse_any(optarg, &addr, &info->replsrc_mask.in,
&naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -590,7 +590,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '6': /* --ctrepldst */
- ipparse_hostnetworkmask(optarg, &addr, &info->repldst_mask.in,
+ xtables_ipparse_any(optarg, &addr, &info->repldst_mask.in,
&naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -621,7 +621,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '3': /* --ctorigsrc */
- ip6parse_hostnetworkmask(optarg, &addr,
+ xtables_ip6parse_any(optarg, &addr,
&info->origsrc_mask.in6, &naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -634,7 +634,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '4': /* --ctorigdst */
- ip6parse_hostnetworkmask(optarg, &addr,
+ xtables_ip6parse_any(optarg, &addr,
&info->origdst_mask.in6, &naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -647,7 +647,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '5': /* --ctreplsrc */
- ip6parse_hostnetworkmask(optarg, &addr,
+ xtables_ip6parse_any(optarg, &addr,
&info->replsrc_mask.in6, &naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
@@ -660,7 +660,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '6': /* --ctrepldst */
- ip6parse_hostnetworkmask(optarg, &addr,
+ xtables_ip6parse_any(optarg, &addr,
&info->repldst_mask.in6, &naddrs);
if (naddrs > 1)
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index b60c982..23025cd 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -65,7 +65,7 @@ static void helper_save(const void *ip, const struct xt_entry_match *match)
struct xt_helper_info *info = (struct xt_helper_info *)match->data;
printf("%s--helper ",info->invert ? "! " : "");
- save_string(info->name);
+ xtables_save_string(info->name);
}
static struct xtables_match helper_match = {
diff --git a/include/xtables.h.in b/include/xtables.h.in
index abde4d8..c3c960b 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -212,21 +212,21 @@ extern const char *xtables_ipaddr_to_anyname(const struct in_addr *);
extern const char *xtables_ipmask_to_numeric(const struct in_addr *);
extern struct in_addr *xtables_numeric_to_ipaddr(const char *);
extern struct in_addr *xtables_numeric_to_ipmask(const char *);
-extern void ipparse_hostnetworkmask(const char *, struct in_addr **,
+extern void xtables_ipparse_any(const char *, struct in_addr **,
struct in_addr *, unsigned int *);
extern struct in6_addr *xtables_numeric_to_ip6addr(const char *);
extern const char *xtables_ip6addr_to_numeric(const struct in6_addr *);
extern const char *xtables_ip6addr_to_anyname(const struct in6_addr *);
extern const char *xtables_ip6mask_to_numeric(const struct in6_addr *);
-extern void ip6parse_hostnetworkmask(const char *, struct in6_addr **,
+extern void xtables_ip6parse_any(const char *, struct in6_addr **,
struct in6_addr *, unsigned int *);
/**
* Print the specified value to standard output, quoting dangerous
* characters if required.
*/
-extern void save_string(const char *value);
+extern void xtables_save_string(const char *value);
#ifdef NO_SHARED_LIBS
# ifdef _INIT
diff --git a/ip6tables.c b/ip6tables.c
index fd73276..48a6bec 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1945,11 +1945,11 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
}
if (shostnetworkmask)
- ip6parse_hostnetworkmask(shostnetworkmask, &saddrs,
+ xtables_ip6parse_any(shostnetworkmask, &saddrs,
&fw.ipv6.smsk, &nsaddrs);
if (dhostnetworkmask)
- ip6parse_hostnetworkmask(dhostnetworkmask, &daddrs,
+ xtables_ip6parse_any(dhostnetworkmask, &daddrs,
&fw.ipv6.dmsk, &ndaddrs);
if ((nsaddrs > 1 || ndaddrs > 1) &&
diff --git a/iptables.c b/iptables.c
index aeb40d8..925464c 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1974,11 +1974,11 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
}
if (shostnetworkmask)
- ipparse_hostnetworkmask(shostnetworkmask, &saddrs,
+ xtables_ipparse_any(shostnetworkmask, &saddrs,
&fw.ip.smsk, &nsaddrs);
if (dhostnetworkmask)
- ipparse_hostnetworkmask(dhostnetworkmask, &daddrs,
+ xtables_ipparse_any(dhostnetworkmask, &daddrs,
&fw.ip.dmsk, &ndaddrs);
if ((nsaddrs > 1 || ndaddrs > 1) &&
diff --git a/xtables.c b/xtables.c
index a387ae0..8a79c5b 100644
--- a/xtables.c
+++ b/xtables.c
@@ -954,8 +954,15 @@ static struct in_addr *parse_ipmask(const char *mask)
return &maskaddr;
}
-void ipparse_hostnetworkmask(const char *name, struct in_addr **addrpp,
- struct in_addr *maskp, unsigned int *naddrs)
+/**
+ * xtables_ipparse_any - transform arbitrary name to in_addr
+ *
+ * Possible inputs (pseudo regex):
+ * m{^($hostname|$networkname|$ipaddr)(/$mask)?}
+ * "1.2.3.4/5", "1.2.3.4", "hostname", "networkname"
+ */
+void xtables_ipparse_any(const char *name, struct in_addr **addrpp,
+ struct in_addr *maskp, unsigned int *naddrs)
{
unsigned int i, j, k, n;
struct in_addr *addrp;
@@ -1178,8 +1185,8 @@ static struct in6_addr *parse_ip6mask(char *mask)
return &maskaddr;
}
-void ip6parse_hostnetworkmask(const char *name, struct in6_addr **addrpp,
- struct in6_addr *maskp, unsigned int *naddrs)
+void xtables_ip6parse_any(const char *name, struct in6_addr **addrpp,
+ struct in6_addr *maskp, unsigned int *naddrs)
{
struct in6_addr *addrp;
unsigned int i, j, k, n;
@@ -1214,7 +1221,7 @@ void ip6parse_hostnetworkmask(const char *name, struct in6_addr **addrpp,
}
}
-void save_string(const char *value)
+void xtables_save_string(const char *value)
{
static const char no_quote_chars[] = "_-0123456789"
"abcdefghijklmnopqrstuvwxyz"
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 14/16] libxtables: prefix/order - move check_inverse to xtables.c
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (12 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 13/16] libxtables: prefix - parse and escaped output func Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 15/16] libxtables: prefix/order - move parse_protocol " Jan Engelhardt
` (2 subsequent siblings)
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
This also adds a warning that intrapositional negation support
is deprecated.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_HL.c | 2 +-
extensions/libip6t_LOG.c | 4 ++--
extensions/libip6t_REJECT.c | 2 +-
extensions/libip6t_ah.c | 4 ++--
extensions/libip6t_dst.c | 4 ++--
extensions/libip6t_frag.c | 4 ++--
extensions/libip6t_hbh.c | 4 ++--
extensions/libip6t_hl.c | 2 +-
extensions/libip6t_icmp6.c | 2 +-
| 2 +-
extensions/libip6t_mh.c | 2 +-
extensions/libip6t_policy.c | 2 +-
extensions/libip6t_rt.c | 8 ++++----
extensions/libipt_DNAT.c | 2 +-
extensions/libipt_LOG.c | 4 ++--
extensions/libipt_MASQUERADE.c | 2 +-
extensions/libipt_NETMAP.c | 2 +-
extensions/libipt_REDIRECT.c | 2 +-
extensions/libipt_REJECT.c | 2 +-
extensions/libipt_SAME.c | 2 +-
extensions/libipt_SET.c | 2 +-
extensions/libipt_SNAT.c | 2 +-
extensions/libipt_TTL.c | 2 +-
extensions/libipt_ULOG.c | 4 ++--
extensions/libipt_addrtype.c | 8 ++++----
extensions/libipt_ah.c | 2 +-
extensions/libipt_ecn.c | 6 +++---
extensions/libipt_icmp.c | 2 +-
extensions/libipt_policy.c | 2 +-
extensions/libipt_realm.c | 2 +-
extensions/libipt_set.c | 2 +-
extensions/libipt_ttl.c | 2 +-
extensions/libxt_NFLOG.c | 4 ++--
| 2 +-
extensions/libxt_connbytes.c | 2 +-
extensions/libxt_connlimit.c | 2 +-
extensions/libxt_connmark.c | 2 +-
extensions/libxt_conntrack.c | 16 ++++++++--------
extensions/libxt_dccp.c | 8 ++++----
extensions/libxt_dscp.c | 4 ++--
extensions/libxt_esp.c | 2 +-
extensions/libxt_hashlimit.c | 16 ++++++++--------
extensions/libxt_helper.c | 2 +-
extensions/libxt_iprange.c | 4 ++--
extensions/libxt_length.c | 2 +-
extensions/libxt_limit.c | 4 ++--
extensions/libxt_mac.c | 2 +-
extensions/libxt_mark.c | 2 +-
extensions/libxt_multiport.c | 12 ++++++------
extensions/libxt_physdev.c | 10 +++++-----
extensions/libxt_pkttype.c | 2 +-
extensions/libxt_quota.c | 2 +-
extensions/libxt_rateest.c | 20 ++++++++++----------
extensions/libxt_recent.c | 8 ++++----
extensions/libxt_sctp.c | 6 +++---
extensions/libxt_state.c | 2 +-
extensions/libxt_string.c | 4 ++--
extensions/libxt_tcp.c | 8 ++++----
extensions/libxt_tcpmss.c | 2 +-
extensions/libxt_udp.c | 4 ++--
include/xtables.h.in | 3 ++-
ip6tables.c | 30 +++++-------------------------
iptables.c | 30 +++++-------------------------
xtables.c | 28 ++++++++++++++++++++++++++++
64 files changed, 164 insertions(+), 175 deletions(-)
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 4aed4fd..0a98713 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -40,7 +40,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"HL: You must specify a value");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"HL: unexpected `!'");
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index a8ac135..7987735 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -112,7 +112,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --log-level twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --log-level");
@@ -125,7 +125,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --log-prefix twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --log-prefix");
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 0e21202..1c2be68 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -85,7 +85,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
switch(c) {
case '1':
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --reject-with");
for (i = 0; i < limit; i++) {
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index 63d1573..83ed451 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -86,7 +86,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_AH_SPI)
exit_error(PARAMETER_PROBLEM,
"Only one `--ahspi' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_ah_spis(argv[optind-1], ahinfo->spis);
if (invert)
ahinfo->invflags |= IP6T_AH_INV_SPI;
@@ -96,7 +96,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_AH_LEN)
exit_error(PARAMETER_PROBLEM,
"Only one `--ahlen' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
ahinfo->hdrlen = parse_ah_spi(argv[optind-1], "length");
if (invert)
ahinfo->invflags |= IP6T_AH_INV_LEN;
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
index 43562c1..e19abc4 100644
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -125,7 +125,7 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_OPTS_LEN)
exit_error(PARAMETER_PROBLEM,
"Only one `--dst-len' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
optinfo->hdrlen = parse_opts_num(argv[optind-1], "length");
if (invert)
optinfo->invflags |= IP6T_OPTS_INV_LEN;
@@ -136,7 +136,7 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_OPTS_OPTS)
exit_error(PARAMETER_PROBLEM,
"Only one `--dst-opts' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
" '!' not allowed with `--dst-opts'");
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c
index 7c22429..b55ef26 100644
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -94,7 +94,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_FRAG_IDS)
exit_error(PARAMETER_PROBLEM,
"Only one `--fragid' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_frag_ids(argv[optind-1], fraginfo->ids);
if (invert)
fraginfo->invflags |= IP6T_FRAG_INV_IDS;
@@ -105,7 +105,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_FRAG_LEN)
exit_error(PARAMETER_PROBLEM,
"Only one `--fraglen' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
fraginfo->hdrlen = parse_frag_id(argv[optind-1], "length");
if (invert)
fraginfo->invflags |= IP6T_FRAG_INV_LEN;
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index 6c7458d..3354eae 100644
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -120,7 +120,7 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_OPTS_LEN)
exit_error(PARAMETER_PROBLEM,
"Only one `--hbh-len' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
optinfo->hdrlen = parse_opts_num(argv[optind-1], "length");
if (invert)
optinfo->invflags |= IP6T_OPTS_INV_LEN;
@@ -131,7 +131,7 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_OPTS_OPTS)
exit_error(PARAMETER_PROBLEM,
"Only one `--hbh-opts' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
" '!' not allowed with `--hbh-opts'");
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index 7727581..286f432 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -30,7 +30,7 @@ static int hl_parse(int c, char **argv, int invert, unsigned int *flags,
struct ip6t_hl_info *info = (struct ip6t_hl_info *) (*match)->data;
u_int8_t value;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
value = atoi(argv[optind-1]);
if (*flags)
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index 401c278..5af9b02 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -157,7 +157,7 @@ static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags == 1)
exit_error(PARAMETER_PROBLEM,
"icmpv6 match: only use --icmpv6-type once!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_icmpv6(argv[optind-1], &icmpv6info->type,
icmpv6info->code);
if (invert)
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index ea8870a..982e6a7 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -192,7 +192,7 @@ ipv6header_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--header' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (! (info->matchflags = parse_header(argv[optind-1])) )
exit_error(PARAMETER_PROBLEM, "ip6t_ipv6header: cannot parse header names");
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index f8c4e24..78fc804 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -134,7 +134,7 @@ static int mh_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & MH_TYPES)
exit_error(PARAMETER_PROBLEM,
"Only one `--mh-type' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_mh_types(argv[optind-1], mhinfo->types);
if (invert)
mhinfo->invflags |= IP6T_MH_INV_TYPE;
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index fa855c1..83ee48e 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -160,7 +160,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
unsigned int naddr = 0;
int mode;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
switch (c) {
case '1':
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index 49d86fa..64c98ef 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -158,7 +158,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_RT_TYP)
exit_error(PARAMETER_PROBLEM,
"Only one `--rt-type' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
rtinfo->rt_type = parse_rt_num(argv[optind-1], "type");
if (invert)
rtinfo->invflags |= IP6T_RT_INV_TYP;
@@ -169,7 +169,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_RT_SGS)
exit_error(PARAMETER_PROBLEM,
"Only one `--rt-segsleft' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_rt_segsleft(argv[optind-1], rtinfo->segsleft);
if (invert)
rtinfo->invflags |= IP6T_RT_INV_SGS;
@@ -180,7 +180,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IP6T_RT_LEN)
exit_error(PARAMETER_PROBLEM,
"Only one `--rt-len' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
rtinfo->hdrlen = parse_rt_num(argv[optind-1], "length");
if (invert)
rtinfo->invflags |= IP6T_RT_INV_LEN;
@@ -204,7 +204,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
if ( !(*flags & IP6T_RT_TYP) || (rtinfo->rt_type != 0) || (rtinfo->invflags & IP6T_RT_INV_TYP) )
exit_error(PARAMETER_PROBLEM,
"`--rt-type 0' required before `--rt-0-addrs'");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
" '!' not allowed with `--rt-0-addrs'");
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index 0d355a0..371ec79 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -152,7 +152,7 @@ static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --to-destination");
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 23790a0..bc7e8a4 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -112,7 +112,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --log-level twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --log-level");
@@ -125,7 +125,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --log-prefix twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --log-prefix");
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 1f93294..0ee155c 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -90,7 +90,7 @@ static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Need TCP, UDP, SCTP or DCCP with port specification");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --to-ports");
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index f6c8bfd..9949c99 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -118,7 +118,7 @@ static int NETMAP_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --%s", NETMAP_opts[0].name);
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 1ef2b2e..c6afbdc 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -97,7 +97,7 @@ static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Need TCP, UDP, SCTP or DCCP with port specification");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --to-ports");
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index ef404e6..db94306 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -99,7 +99,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
switch(c) {
case '1':
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --reject-with");
for (i = 0; i < limit; i++) {
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index 6882242..007ebc3 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -93,7 +93,7 @@ static int SAME_parse(int c, char **argv, int invert, unsigned int *flags,
"Too many ranges specified, maximum "
"is %i ranges.\n",
IPT_SAME_MAX_RANGE);
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --to");
diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c
index 7ec0c31..45967be 100644
--- a/extensions/libipt_SET.c
+++ b/extensions/libipt_SET.c
@@ -57,7 +57,7 @@ parse_target(char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"--%s can be specified only once", what);
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --%s", what);
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 0780aa1..96ef56e 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -152,7 +152,7 @@ static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --to-source");
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index 6036161..15d23ba 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -40,7 +40,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"TTL: You must specify a value");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"TTL: unexpected `!'");
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c
index 6e346d8..89d0940 100644
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -77,7 +77,7 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --ulog-nlgroup twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --ulog-nlgroup");
group_d = atoi(optarg);
@@ -95,7 +95,7 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --ulog-prefix twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --ulog-prefix");
diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c
index dc43a3f..446cf0f 100644
--- a/extensions/libipt_addrtype.c
+++ b/extensions/libipt_addrtype.c
@@ -107,7 +107,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags,
if (*flags&IPT_ADDRTYPE_OPT_SRCTYPE)
exit_error(PARAMETER_PROBLEM,
"addrtype: can't specify src-type twice");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_types(argv[optind-1], &info->source);
if (invert)
info->invert_source = 1;
@@ -117,7 +117,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags,
if (*flags&IPT_ADDRTYPE_OPT_DSTTYPE)
exit_error(PARAMETER_PROBLEM,
"addrtype: can't specify dst-type twice");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_types(argv[optind-1], &info->dest);
if (invert)
info->invert_dest = 1;
@@ -142,7 +142,7 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ADDRTYPE_OPT_SRCTYPE)
exit_error(PARAMETER_PROBLEM,
"addrtype: can't specify src-type twice");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_types(argv[optind-1], &info->source);
if (invert)
info->flags |= IPT_ADDRTYPE_INVERT_SOURCE;
@@ -152,7 +152,7 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ADDRTYPE_OPT_DSTTYPE)
exit_error(PARAMETER_PROBLEM,
"addrtype: can't specify dst-type twice");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_types(argv[optind-1], &info->dest);
if (invert)
info->flags |= IPT_ADDRTYPE_INVERT_DEST;
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index 10998d8..31977dd 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -82,7 +82,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & AH_SPI)
exit_error(PARAMETER_PROBLEM,
"Only one `--ahspi' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_ah_spis(argv[optind-1], ahinfo->spis);
if (invert)
ahinfo->invflags |= IPT_AH_INV_SPI;
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c
index c2276e9..3b9da71 100644
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -44,7 +44,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ECN_OP_MATCH_CWR)
exit_error(PARAMETER_PROBLEM,
"ECN match: can only use parameter ONCE!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
einfo->operation |= IPT_ECN_OP_MATCH_CWR;
if (invert)
einfo->invert |= IPT_ECN_OP_MATCH_CWR;
@@ -55,7 +55,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ECN_OP_MATCH_ECE)
exit_error(PARAMETER_PROBLEM,
"ECN match: can only use parameter ONCE!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
einfo->operation |= IPT_ECN_OP_MATCH_ECE;
if (invert)
einfo->invert |= IPT_ECN_OP_MATCH_ECE;
@@ -66,7 +66,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_ECN_OP_MATCH_IP)
exit_error(PARAMETER_PROBLEM,
"ECN match: can only use parameter ONCE!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
einfo->invert |= IPT_ECN_OP_MATCH_IP;
*flags |= IPT_ECN_OP_MATCH_IP;
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index de4c338..0fd132b 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -182,7 +182,7 @@ static int icmp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags == 1)
exit_error(PARAMETER_PROBLEM,
"icmp match: only use --icmp-type once!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_icmp(argv[optind-1], &icmpinfo->type,
icmpinfo->code);
if (invert)
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index c9ce850..742eeba 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -128,7 +128,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
unsigned int naddr = 0;
int mode;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
switch (c) {
case '1':
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index 22cbe27..e602dad 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -157,7 +157,7 @@ static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
char *end;
case '1':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
end = optarg = argv[optind-1];
realminfo->id = strtoul(optarg, &end, 0);
if (end != optarg && (*end == '/' || *end == '\0')) {
diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c
index 9bdb007..5b9e1fd 100644
--- a/extensions/libipt_set.c
+++ b/extensions/libipt_set.c
@@ -58,7 +58,7 @@ static int set_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"--set can be specified only once");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
info->flags[0] |= IPSET_MATCH_INV;
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 1fa7bd3..3387e92 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -29,7 +29,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
unsigned int value;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
switch (c) {
case '2':
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index bedfbe9..6d8c9dc 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -51,7 +51,7 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & NFLOG_GROUP)
exit_error(PARAMETER_PROBLEM,
"Can't specify --nflog-group twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --nflog-group");
@@ -65,7 +65,7 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & NFLOG_PREFIX)
exit_error(PARAMETER_PROBLEM,
"Can't specify --nflog-prefix twice");
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --nflog-prefix");
--git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
index a7f96d4..9bad125 100644
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -46,7 +46,7 @@ comment_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
if (invert) {
exit_error(PARAMETER_PROBLEM,
"Sorry, you can't have an inverted comment");
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c
index b77ba38..5fc0f2a 100644
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -52,7 +52,7 @@ connbytes_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- if (check_inverse(optarg, &invert, &optind, 0))
+ if (xtables_check_inverse(optarg, &invert, &optind, 0))
optind++;
parse_range(argv[optind-1], sinfo);
diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c
index 117222a..f43eada 100644
--- a/extensions/libxt_connlimit.c
+++ b/extensions/libxt_connlimit.c
@@ -63,7 +63,7 @@ static int connlimit_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"--connlimit-above may be given only once");
*flags |= 0x1;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->limit = strtoul(argv[optind-1], NULL, 0);
info->inverse = invert;
break;
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 0f47a8f..d5ca4e0 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -82,7 +82,7 @@ connmark_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
char *end;
case '1':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
markinfo->mark = strtoul(optarg, &end, 0);
markinfo->mask = 0xffffffffUL;
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 958f842..914b253 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -297,7 +297,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_states(argv[optind-1], sinfo);
if (invert) {
@@ -307,7 +307,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '2':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if(invert)
sinfo->invflags |= XT_CONNTRACK_PROTO;
@@ -328,7 +328,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '3':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
sinfo->invflags |= XT_CONNTRACK_ORIGSRC;
@@ -348,7 +348,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '4':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
sinfo->invflags |= XT_CONNTRACK_ORIGDST;
@@ -368,7 +368,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '5':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
sinfo->invflags |= XT_CONNTRACK_REPLSRC;
@@ -388,7 +388,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '6':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
sinfo->invflags |= XT_CONNTRACK_REPLDST;
@@ -408,7 +408,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '7':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_statuses(argv[optind-1], sinfo);
if (invert) {
@@ -418,7 +418,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '8':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_expires(argv[optind-1], sinfo);
if (invert) {
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index 9be0658..dbf6223 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -141,7 +141,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--source-port' allowed");
einfo->flags |= XT_DCCP_SRC_PORTS;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_dccp_ports(argv[optind-1], einfo->spts);
if (invert)
einfo->invflags |= XT_DCCP_SRC_PORTS;
@@ -153,7 +153,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--destination-port' allowed");
einfo->flags |= XT_DCCP_DEST_PORTS;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_dccp_ports(argv[optind-1], einfo->dpts);
if (invert)
einfo->invflags |= XT_DCCP_DEST_PORTS;
@@ -165,7 +165,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--dccp-types' allowed");
einfo->flags |= XT_DCCP_TYPE;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
einfo->typemask = parse_dccp_types(argv[optind-1]);
if (invert)
einfo->invflags |= XT_DCCP_TYPE;
@@ -177,7 +177,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--dccp-option' allowed");
einfo->flags |= XT_DCCP_OPTION;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
einfo->option = parse_dccp_option(argv[optind-1]);
if (invert)
einfo->invflags |= XT_DCCP_OPTION;
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index fce14c2..e57c267 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -82,7 +82,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
exit_error(PARAMETER_PROBLEM,
"DSCP match: Only use --dscp ONCE!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_dscp(argv[optind-1], dinfo);
if (invert)
dinfo->invert = 1;
@@ -93,7 +93,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
exit_error(PARAMETER_PROBLEM,
"DSCP match: Only use --dscp-class ONCE!");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_class(argv[optind - 1], dinfo);
if (invert)
dinfo->invert = 1;
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index 34df876..2cc6b60 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -88,7 +88,7 @@ esp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & ESP_SPI)
exit_error(PARAMETER_PROBLEM,
"Only one `--espspi' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_esp_spis(argv[optind-1], espinfo->spis);
if (invert)
espinfo->invflags |= XT_ESP_INV_SPI;
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index f63db64..b05e8c8 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -219,7 +219,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case '%':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit",
*flags & PARAM_LIMIT);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!parse_rate(optarg, &r->cfg.avg))
exit_error(PARAMETER_PROBLEM,
"bad rate `%s'", optarg);
@@ -229,7 +229,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case '$':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
*flags & PARAM_BURST);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-burst `%s'", optarg);
@@ -239,7 +239,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case '&':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
*flags & PARAM_SIZE);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-size: `%s'", optarg);
@@ -249,7 +249,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case '*':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
*flags & PARAM_MAX);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-max: `%s'", optarg);
@@ -260,7 +260,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-gcinterval",
*flags & PARAM_GCINTERVAL);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-gcinterval: `%s'",
@@ -272,7 +272,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case ')':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
"--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-htable-expire: `%s'", optarg);
@@ -283,7 +283,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case '_':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
*flags & PARAM_MODE);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (parse_mode(&r->cfg.mode, optarg) < 0)
exit_error(PARAMETER_PROBLEM,
"bad --hashlimit-mode: `%s'\n", optarg);
@@ -292,7 +292,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
case '"':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-name",
*flags & PARAM_NAME);
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (strlen(optarg) == 0)
exit_error(PARAMETER_PROBLEM, "Zero-length name?");
strncpy(r->name, optarg, sizeof(r->name));
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index 23025cd..569ad69 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -31,7 +31,7 @@ helper_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
exit_error(PARAMETER_PROBLEM,
"helper match: Only use --helper ONCE!");
- check_inverse(optarg, &invert, &invert, 0);
+ xtables_check_inverse(optarg, &invert, &invert, 0);
strncpy(info->name, optarg, 29);
info->name[29] = '\0';
if (invert)
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index de079cb..df6be14 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -70,7 +70,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= IPRANGE_SRC;
info->flags |= IPRANGE_SRC;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
info->flags |= IPRANGE_SRC_INV;
parse_iprange(optarg, &info->src);
@@ -84,7 +84,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags,
*flags |= IPRANGE_DST;
info->flags |= IPRANGE_DST;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
info->flags |= IPRANGE_DST_INV;
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index d039904..cf944e2 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -70,7 +70,7 @@ length_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"length: `--length' may only be "
"specified once");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_lengths(argv[optind-1], info);
if (invert)
info->invert = 1;
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index 1df9114..7edfa3d 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -94,14 +94,14 @@ limit_parse(int c, char **argv, int invert, unsigned int *flags,
switch(c) {
case '%':
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!parse_rate(optarg, &r->avg))
exit_error(PARAMETER_PROBLEM,
"bad rate `%s'", optarg);
break;
case '$':
- if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+ if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
exit_error(PARAMETER_PROBLEM,
"bad --limit-burst `%s'", optarg);
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index f4128c0..b516d80 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -57,7 +57,7 @@ mac_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_mac(argv[optind-1], macinfo);
if (invert)
macinfo->invert = 1;
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 08bc9d9..1143ba9 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -62,7 +62,7 @@ mark_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
char *end;
case '1':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
markinfo->mark = strtoul(optarg, &end, 0);
if (*end == '/') {
markinfo->mask = strtoul(end+1, &end, 0);
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index a7db2a8..d0e830d 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -161,7 +161,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
proto = check_proto(pnum, invflags);
multiinfo->count = parse_multi_ports(argv[optind-1],
multiinfo->ports, proto);
@@ -169,7 +169,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '2':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
proto = check_proto(pnum, invflags);
multiinfo->count = parse_multi_ports(argv[optind-1],
multiinfo->ports, proto);
@@ -177,7 +177,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case '3':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
proto = check_proto(pnum, invflags);
multiinfo->count = parse_multi_ports(argv[optind-1],
multiinfo->ports, proto);
@@ -228,21 +228,21 @@ __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
proto = check_proto(pnum, invflags);
parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
multiinfo->flags = XT_MULTIPORT_SOURCE;
break;
case '2':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
proto = check_proto(pnum, invflags);
parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
multiinfo->flags = XT_MULTIPORT_DESTINATION;
break;
case '3':
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
proto = check_proto(pnum, invflags);
parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
multiinfo->flags = XT_MULTIPORT_EITHER;
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index 6152cb3..4275a1a 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -43,7 +43,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
case '1':
if (*flags & XT_PHYSDEV_OP_IN)
goto multiple_use;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
xtables_parse_interface(argv[optind-1], info->physindev,
(unsigned char *)info->in_mask);
if (invert)
@@ -55,7 +55,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
case '2':
if (*flags & XT_PHYSDEV_OP_OUT)
goto multiple_use;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
xtables_parse_interface(argv[optind-1], info->physoutdev,
(unsigned char *)info->out_mask);
if (invert)
@@ -67,7 +67,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
case '3':
if (*flags & XT_PHYSDEV_OP_ISIN)
goto multiple_use;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->bitmask |= XT_PHYSDEV_OP_ISIN;
if (invert)
info->invert |= XT_PHYSDEV_OP_ISIN;
@@ -77,7 +77,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
case '4':
if (*flags & XT_PHYSDEV_OP_ISOUT)
goto multiple_use;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->bitmask |= XT_PHYSDEV_OP_ISOUT;
if (invert)
info->invert |= XT_PHYSDEV_OP_ISOUT;
@@ -87,7 +87,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
case '5':
if (*flags & XT_PHYSDEV_OP_BRIDGED)
goto multiple_use;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
info->invert |= XT_PHYSDEV_OP_BRIDGED;
*flags |= XT_PHYSDEV_OP_BRIDGED;
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index ab2e225..8caba91 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -91,7 +91,7 @@ static int pkttype_parse(int c, char **argv, int invert, unsigned int *flags,
switch(c)
{
case '1':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_pkttype(argv[optind-1], info);
if(invert)
info->invert=1;
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index 90da1cd..8c91fb8 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -60,7 +60,7 @@ quota_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- if (check_inverse(optarg, &invert, NULL, 0))
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
exit_error(PARAMETER_PROBLEM, "quota: unexpected '!'");
if (!parse_quota(optarg, &info->quota))
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index 285b7ba..8a8836b 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -118,7 +118,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case OPT_RATEEST1:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest can't be inverted");
@@ -132,7 +132,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST2:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest can't be inverted");
@@ -147,7 +147,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_BPS1:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest-bps can't be inverted");
@@ -171,7 +171,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_PPS1:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest-pps can't be inverted");
@@ -196,7 +196,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_BPS2:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest-bps can't be inverted");
@@ -220,7 +220,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_PPS2:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest-pps can't be inverted");
@@ -245,7 +245,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_DELTA:
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (invert)
exit_error(PARAMETER_PROBLEM,
"rateest: rateest-delta can't be inverted");
@@ -259,7 +259,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_EQ:
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
if (*flags & (1 << c))
exit_error(PARAMETER_PROBLEM,
@@ -272,7 +272,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_LT:
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
if (*flags & (1 << c))
exit_error(PARAMETER_PROBLEM,
@@ -285,7 +285,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
break;
case OPT_RATEEST_GT:
- check_inverse(argv[optind-1], &invert, &optind, 0);
+ xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
if (*flags & (1 << c))
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c
index 1ae9013..1646705 100644
--- a/extensions/libxt_recent.c
+++ b/extensions/libxt_recent.c
@@ -73,7 +73,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_SET;
if (invert) info->invert = 1;
*flags |= XT_RECENT_SET;
@@ -84,7 +84,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_CHECK;
if(invert) info->invert = 1;
*flags |= XT_RECENT_CHECK;
@@ -95,7 +95,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_UPDATE;
if (invert) info->invert = 1;
*flags |= XT_RECENT_UPDATE;
@@ -106,7 +106,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_REMOVE;
if (invert) info->invert = 1;
*flags |= XT_RECENT_REMOVE;
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 6348a2f..2ee4861 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -270,7 +270,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--source-port' allowed");
einfo->flags |= XT_SCTP_SRC_PORTS;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_sctp_ports(argv[optind-1], einfo->spts);
if (invert)
einfo->invflags |= XT_SCTP_SRC_PORTS;
@@ -282,7 +282,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one `--destination-port' allowed");
einfo->flags |= XT_SCTP_DEST_PORTS;
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_sctp_ports(argv[optind-1], einfo->dpts);
if (invert)
einfo->invflags |= XT_SCTP_DEST_PORTS;
@@ -293,7 +293,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & XT_SCTP_CHUNK_TYPES)
exit_error(PARAMETER_PROBLEM,
"Only one `--chunk-types' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (!argv[optind]
|| argv[optind][0] == '-' || argv[optind][0] == '!')
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index 66af518..5182230 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -71,7 +71,7 @@ state_parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case '1':
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
state_parse_states(argv[optind-1], sinfo);
if (invert)
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index 0408c23..6bd27c0 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -199,7 +199,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & STRING)
exit_error(PARAMETER_PROBLEM,
"Can't specify multiple --string");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_string(argv[optind-1], stringinfo);
if (invert) {
if (revision == 0)
@@ -216,7 +216,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify multiple --hex-string");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_hex_string(argv[optind-1], stringinfo); /* sets length */
if (invert) {
if (revision == 0)
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index bb66747..069bb7f 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -150,7 +150,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & TCP_SRC_PORTS)
exit_error(PARAMETER_PROBLEM,
"Only one `--source-port' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_tcp_ports(argv[optind-1], tcpinfo->spts);
if (invert)
tcpinfo->invflags |= XT_TCP_INV_SRCPT;
@@ -161,7 +161,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & TCP_DST_PORTS)
exit_error(PARAMETER_PROBLEM,
"Only one `--destination-port' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_tcp_ports(argv[optind-1], tcpinfo->dpts);
if (invert)
tcpinfo->invflags |= XT_TCP_INV_DSTPT;
@@ -182,7 +182,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Only one of `--syn' or `--tcp-flags' "
" allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
if (!argv[optind]
|| argv[optind][0] == '-' || argv[optind][0] == '!')
@@ -199,7 +199,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & TCP_OPTION)
exit_error(PARAMETER_PROBLEM,
"Only one `--tcp-option' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_tcp_option(argv[optind-1], &tcpinfo->option);
if (invert)
tcpinfo->invflags |= XT_TCP_INV_OPTION;
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index d30aa24..5c013a7 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -65,7 +65,7 @@ tcpmss_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
exit_error(PARAMETER_PROBLEM,
"Only one `--mss' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_tcp_mssvalues(argv[optind-1],
&mssinfo->mss_min, &mssinfo->mss_max);
if (invert)
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 4012841..8f57f4e 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -72,7 +72,7 @@ udp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & UDP_SRC_PORTS)
exit_error(PARAMETER_PROBLEM,
"Only one `--source-port' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_udp_ports(argv[optind-1], udpinfo->spts);
if (invert)
udpinfo->invflags |= XT_UDP_INV_SRCPT;
@@ -83,7 +83,7 @@ udp_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & UDP_DST_PORTS)
exit_error(PARAMETER_PROBLEM,
"Only one `--destination-port' allowed");
- check_inverse(optarg, &invert, &optind, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
parse_udp_ports(argv[optind-1], udpinfo->dpts);
if (invert)
udpinfo->invflags |= XT_UDP_INV_DSTPT;
diff --git a/include/xtables.h.in b/include/xtables.h.in
index c3c960b..c1bf6d5 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -202,7 +202,8 @@ xtables_parse_interface(const char *arg, char *vianame, unsigned char *mask);
/* this is a special 64bit data type that is 8-byte aligned */
#define aligned_u64 u_int64_t __attribute__((aligned(8)))
-int check_inverse(const char option[], int *invert, int *my_optind, int argc);
+int xtables_check_inverse(const char option[], int *invert,
+ int *my_optind, int argc);
void exit_error(enum xtables_exittype, const char *, ...)
__attribute__((noreturn, format(printf,2,3)));
extern void xtables_param_act(unsigned int, const char *, ...);
diff --git a/ip6tables.c b/ip6tables.c
index 48a6bec..903e005 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -450,26 +450,6 @@ add_command(unsigned int *cmd, const int newcmd, const int othercmds,
*cmd |= newcmd;
}
-int
-check_inverse(const char option[], int *invert, int *my_optind, int argc)
-{
- if (option && strcmp(option, "!") == 0) {
- if (*invert)
- exit_error(PARAMETER_PROBLEM,
- "Multiple `!' flags not allowed");
- *invert = TRUE;
- if (my_optind != NULL) {
- ++*my_optind;
- if (argc && *my_optind > argc)
- exit_error(PARAMETER_PROBLEM,
- "no argument following `!'");
- }
-
- return TRUE;
- }
- return FALSE;
-}
-
/*
* All functions starting with "parse" should succeed, otherwise
* the program fails.
@@ -1618,7 +1598,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
* Option selection
*/
case 'p':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_PROTOCOL, &fw.ipv6.invflags,
invert);
@@ -1644,14 +1624,14 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
break;
case 's':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_SOURCE, &fw.ipv6.invflags,
invert);
shostnetworkmask = argv[optind-1];
break;
case 'd':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_DESTINATION, &fw.ipv6.invflags,
invert);
dhostnetworkmask = argv[optind-1];
@@ -1697,7 +1677,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
case 'i':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEIN, &fw.ipv6.invflags,
invert);
xtables_parse_interface(argv[optind-1],
@@ -1706,7 +1686,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
break;
case 'o':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEOUT, &fw.ipv6.invflags,
invert);
xtables_parse_interface(argv[optind-1],
diff --git a/iptables.c b/iptables.c
index 925464c..ea765b0 100644
--- a/iptables.c
+++ b/iptables.c
@@ -452,26 +452,6 @@ add_command(unsigned int *cmd, const int newcmd, const int othercmds,
*cmd |= newcmd;
}
-int
-check_inverse(const char option[], int *invert, int *my_optind, int argc)
-{
- if (option && strcmp(option, "!") == 0) {
- if (*invert)
- exit_error(PARAMETER_PROBLEM,
- "Multiple `!' flags not allowed");
- *invert = TRUE;
- if (my_optind != NULL) {
- ++*my_optind;
- if (argc && *my_optind > argc)
- exit_error(PARAMETER_PROBLEM,
- "no argument following `!'");
- }
-
- return TRUE;
- }
- return FALSE;
-}
-
/*
* All functions starting with "parse" should succeed, otherwise
* the program fails.
@@ -1631,7 +1611,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
* Option selection
*/
case 'p':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_PROTOCOL, &fw.ip.invflags,
invert);
@@ -1649,14 +1629,14 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
break;
case 's':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_SOURCE, &fw.ip.invflags,
invert);
shostnetworkmask = argv[optind-1];
break;
case 'd':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_DESTINATION, &fw.ip.invflags,
invert);
dhostnetworkmask = argv[optind-1];
@@ -1702,7 +1682,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
case 'i':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEIN, &fw.ip.invflags,
invert);
xtables_parse_interface(argv[optind-1],
@@ -1711,7 +1691,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
break;
case 'o':
- check_inverse(optarg, &invert, &optind, argc);
+ xtables_check_inverse(optarg, &invert, &optind, argc);
set_option(&options, OPT_VIANAMEOUT, &fw.ip.invflags,
invert);
xtables_parse_interface(argv[optind-1],
diff --git a/xtables.c b/xtables.c
index 8a79c5b..19e746c 100644
--- a/xtables.c
+++ b/xtables.c
@@ -1257,3 +1257,31 @@ void xtables_save_string(const char *value)
printf("\" ");
}
}
+
+/**
+ * Check for option-intrapositional negation.
+ * Do not use in new code.
+ */
+int xtables_check_inverse(const char option[], int *invert,
+ int *my_optind, int argc)
+{
+ if (option && strcmp(option, "!") == 0) {
+ fprintf(stderr, "Using intrapositioned negation "
+ "(`--option ! this`) is deprecated in favor of "
+ "extrapositioned (`! --option this`).\n");
+
+ if (*invert)
+ exit_error(PARAMETER_PROBLEM,
+ "Multiple `!' flags not allowed");
+ *invert = true;
+ if (my_optind != NULL) {
+ ++*my_optind;
+ if (argc && *my_optind > argc)
+ exit_error(PARAMETER_PROBLEM,
+ "no argument following `!'");
+ }
+
+ return true;
+ }
+ return false;
+}
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 15/16] libxtables: prefix/order - move parse_protocol to xtables.c
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (13 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 14/16] libxtables: prefix/order - move check_inverse to xtables.c Jan Engelhardt
@ 2009-02-09 17:34 ` Jan Engelhardt
2009-02-09 17:35 ` [PATCH 16/16] libxtables: move afinfo around Jan Engelhardt
2009-02-09 17:39 ` libxtables rework Patrick McHardy
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:34 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_policy.c | 2 +-
extensions/libipt_policy.c | 2 +-
extensions/libxt_conntrack.c | 5 +-
extensions/libxt_time.c | 1 -
include/xtables.h.in | 21 +++++++++-
ip6tables.c | 84 +++++-------------------------------------
iptables.c | 75 +++++--------------------------------
xtables.c | 52 ++++++++++++++++++++++++++
8 files changed, 96 insertions(+), 146 deletions(-)
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 83ee48e..7c1a1e7 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -244,7 +244,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"policy match: double --proto option");
- e->proto = parse_protocol(argv[optind-1]);
+ e->proto = xtables_parse_protocol(argv[optind-1]);
if (e->proto != IPPROTO_AH && e->proto != IPPROTO_ESP &&
e->proto != IPPROTO_COMP)
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index 742eeba..6ae51e7 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -212,7 +212,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"policy match: double --proto option");
- e->proto = parse_protocol(argv[optind-1]);
+ e->proto = xtables_parse_protocol(argv[optind-1]);
if (e->proto != IPPROTO_AH && e->proto != IPPROTO_ESP &&
e->proto != IPPROTO_COMP)
exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 914b253..45783f4 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -317,7 +317,8 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
*protocol = tolower(*protocol);
protocol = argv[optind-1];
- sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum = parse_protocol(protocol);
+ sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum =
+ xtables_parse_protocol(protocol);
if (sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum == 0
&& (sinfo->invflags & XT_INV_PROTO))
@@ -455,7 +456,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
/* Canonicalize into lower case */
for (p = optarg; *p != '\0'; ++p)
*p = tolower(*p);
- info->l4proto = parse_protocol(optarg);
+ info->l4proto = xtables_parse_protocol(optarg);
if (info->l4proto == 0 && (info->invert_flags & XT_INV_PROTO))
exit_error(PARAMETER_PROBLEM, "conntrack: rule would "
diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c
index 989806d..41aa5c7 100644
--- a/extensions/libxt_time.c
+++ b/extensions/libxt_time.c
@@ -22,7 +22,6 @@
#include <linux/netfilter/xt_time.h>
#include <xtables.h>
-#define ARRAY_SIZE(x) (sizeof(x) / sizeof(*x))
enum { /* getopt "seen" bits */
F_DATE_START = 1 << 0,
diff --git a/include/xtables.h.in b/include/xtables.h.in
index c1bf6d5..07217d6 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -21,6 +21,9 @@
#ifndef IPPROTO_DCCP
#define IPPROTO_DCCP 33
#endif
+#ifndef IPPROTO_MH
+# define IPPROTO_MH 135
+#endif
#ifndef IPPROTO_UDPLITE
#define IPPROTO_UDPLITE 136
#endif
@@ -151,6 +154,17 @@ struct xtables_rule_match {
bool completed;
};
+/**
+ * struct xtables_pprot -
+ *
+ * A few hardcoded protocols for 'all' and in case the user has no
+ * /etc/protocols.
+ */
+struct xtables_pprot {
+ const char *name;
+ u_int8_t num;
+};
+
enum xtables_tryload {
XTF_DONT_LOAD,
XTF_DURING_LOAD,
@@ -239,10 +253,13 @@ extern void xtables_save_string(const char *value);
# define _init __attribute__((constructor)) _INIT
#endif
-/* Present in both iptables.c and ip6tables.c */
-extern u_int16_t parse_protocol(const char *s);
+extern const struct xtables_pprot xtables_chain_protos[];
+extern u_int16_t xtables_parse_protocol(const char *s);
#ifdef XTABLES_INTERNAL
+# ifndef ARRAY_SIZE
+# define ARRAY_SIZE(x) (sizeof(x) / sizeof(*(x)))
+# endif
# include <xtables/internal.h>
#endif
diff --git a/ip6tables.c b/ip6tables.c
index 903e005..53163b7 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -208,34 +208,7 @@ struct afinfo afinfo = {
.so_rev_target = IP6T_SO_GET_REVISION_TARGET,
};
-/* Primitive headers... */
-/* defined in netinet/in.h */
-#if 0
-#ifndef IPPROTO_ESP
-#define IPPROTO_ESP 50
-#endif
-#ifndef IPPROTO_AH
-#define IPPROTO_AH 51
-#endif
-#endif
-#ifndef IPPROTO_MH
-#define IPPROTO_MH 135
-#endif
-
-static const struct pprot chain_protos[] = {
- { "tcp", IPPROTO_TCP },
- { "udp", IPPROTO_UDP },
- { "udplite", IPPROTO_UDPLITE },
- { "icmpv6", IPPROTO_ICMPV6 },
- { "ipv6-icmp", IPPROTO_ICMPV6 },
- { "esp", IPPROTO_ESP },
- { "ah", IPPROTO_AH },
- { "ipv6-mh", IPPROTO_MH },
- { "mh", IPPROTO_MH },
- { "all", 0 },
-};
-
-static char *
+static const char *
proto_to_name(u_int8_t proto, int nolookup)
{
unsigned int i;
@@ -246,9 +219,9 @@ proto_to_name(u_int8_t proto, int nolookup)
return pent->p_name;
}
- for (i = 0; i < sizeof(chain_protos)/sizeof(struct pprot); i++)
- if (chain_protos[i].num == proto)
- return chain_protos[i].name;
+ for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
+ if (xtables_chain_protos[i].num == proto)
+ return xtables_chain_protos[i].name;
return NULL;
}
@@ -467,7 +440,7 @@ find_proto(const char *pname, enum xtables_tryload tryload,
unsigned int proto;
if (xtables_strtoui(pname, NULL, &proto, 0, UINT8_MAX)) {
- char *protoname = proto_to_name(proto, nolookup);
+ const char *protoname = proto_to_name(proto, nolookup);
if (protoname)
return xtables_find_match(protoname, tryload, matches);
@@ -477,43 +450,6 @@ find_proto(const char *pname, enum xtables_tryload tryload,
return NULL;
}
-u_int16_t
-parse_protocol(const char *s)
-{
- unsigned int proto;
-
- if (!xtables_strtoui(s, NULL, &proto, 0, UINT8_MAX)) {
- struct protoent *pent;
-
- /* first deal with the special case of 'all' to prevent
- * people from being able to redefine 'all' in nsswitch
- * and/or provoke expensive [not working] ldap/nis/...
- * lookups */
- if (!strcmp(s, "all"))
- return 0;
-
- if ((pent = getprotobyname(s)))
- proto = pent->p_proto;
- else {
- unsigned int i;
- for (i = 0;
- i < sizeof(chain_protos)/sizeof(struct pprot);
- i++) {
- if (strcmp(s, chain_protos[i].name) == 0) {
- proto = chain_protos[i].num;
- break;
- }
- }
- if (i == sizeof(chain_protos)/sizeof(struct pprot))
- exit_error(PARAMETER_PROBLEM,
- "unknown protocol `%s' specified",
- s);
- }
- }
-
- return (u_int16_t)proto;
-}
-
/* These are invalid numbers as upper layer protocol */
static int is_exthdr(u_int16_t proto)
{
@@ -738,7 +674,7 @@ print_firewall(const struct ip6t_entry *fw,
fputc(fw->ipv6.invflags & IP6T_INV_PROTO ? '!' : ' ', stdout);
{
- char *pname = proto_to_name(fw->ipv6.proto, format&FMT_NUMERIC);
+ const char *pname = proto_to_name(fw->ipv6.proto, format&FMT_NUMERIC);
if (pname)
printf(FMT("%-5s", "%s "), pname);
else
@@ -1144,10 +1080,10 @@ static void print_proto(u_int16_t proto, int invert)
return;
}
- for (i = 0; i < sizeof(chain_protos)/sizeof(struct pprot); i++)
- if (chain_protos[i].num == proto) {
+ for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
+ if (xtables_chain_protos[i].num == proto) {
printf("-p %s%s ",
- invertstr, chain_protos[i].name);
+ invertstr, xtables_chain_protos[i].name);
return;
}
@@ -1607,7 +1543,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
*protocol = tolower(*protocol);
protocol = argv[optind-1];
- fw.ipv6.proto = parse_protocol(protocol);
+ fw.ipv6.proto = xtables_parse_protocol(protocol);
fw.ipv6.flags |= IP6T_F_PROTO;
if (fw.ipv6.proto == 0
diff --git a/iptables.c b/iptables.c
index ea765b0..b43aadf 100644
--- a/iptables.c
+++ b/iptables.c
@@ -194,13 +194,6 @@ const char *program_name;
int kernel_version;
-/* A few hardcoded protocols for 'all' and in case the user has no
- /etc/protocols */
-struct pprot {
- char *name;
- u_int8_t num;
-};
-
struct afinfo afinfo = {
.family = NFPROTO_IPV4,
.libprefix = "libipt_",
@@ -221,18 +214,7 @@ struct afinfo afinfo = {
#endif
#endif
-static const struct pprot chain_protos[] = {
- { "tcp", IPPROTO_TCP },
- { "udp", IPPROTO_UDP },
- { "udplite", IPPROTO_UDPLITE },
- { "icmp", IPPROTO_ICMP },
- { "esp", IPPROTO_ESP },
- { "ah", IPPROTO_AH },
- { "sctp", IPPROTO_SCTP },
- { "all", 0 },
-};
-
-static char *
+static const char *
proto_to_name(u_int8_t proto, int nolookup)
{
unsigned int i;
@@ -243,9 +225,9 @@ proto_to_name(u_int8_t proto, int nolookup)
return pent->p_name;
}
- for (i = 0; i < sizeof(chain_protos)/sizeof(struct pprot); i++)
- if (chain_protos[i].num == proto)
- return chain_protos[i].name;
+ for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
+ if (xtables_chain_protos[i].num == proto)
+ return xtables_chain_protos[i].name;
return NULL;
}
@@ -469,7 +451,7 @@ find_proto(const char *pname, enum xtables_tryload tryload,
unsigned int proto;
if (xtables_strtoui(pname, NULL, &proto, 0, UINT8_MAX)) {
- char *protoname = proto_to_name(proto, nolookup);
+ const char *protoname = proto_to_name(proto, nolookup);
if (protoname)
return xtables_find_match(protoname, tryload, matches);
@@ -479,43 +461,6 @@ find_proto(const char *pname, enum xtables_tryload tryload,
return NULL;
}
-u_int16_t
-parse_protocol(const char *s)
-{
- unsigned int proto;
-
- if (!xtables_strtoui(s, NULL, &proto, 0, UINT8_MAX)) {
- struct protoent *pent;
-
- /* first deal with the special case of 'all' to prevent
- * people from being able to redefine 'all' in nsswitch
- * and/or provoke expensive [not working] ldap/nis/...
- * lookups */
- if (!strcmp(s, "all"))
- return 0;
-
- if ((pent = getprotobyname(s)))
- proto = pent->p_proto;
- else {
- unsigned int i;
- for (i = 0;
- i < sizeof(chain_protos)/sizeof(struct pprot);
- i++) {
- if (strcmp(s, chain_protos[i].name) == 0) {
- proto = chain_protos[i].num;
- break;
- }
- }
- if (i == sizeof(chain_protos)/sizeof(struct pprot))
- exit_error(PARAMETER_PROBLEM,
- "unknown protocol `%s' specified",
- s);
- }
- }
-
- return (u_int16_t)proto;
-}
-
/* Can't be zero. */
static int
parse_rulenumber(const char *rule)
@@ -733,7 +678,7 @@ print_firewall(const struct ipt_entry *fw,
fputc(fw->ip.invflags & IPT_INV_PROTO ? '!' : ' ', stdout);
{
- char *pname = proto_to_name(fw->ip.proto, format&FMT_NUMERIC);
+ const char *pname = proto_to_name(fw->ip.proto, format&FMT_NUMERIC);
if (pname)
printf(FMT("%-5s", "%s "), pname);
else
@@ -1107,10 +1052,10 @@ static void print_proto(u_int16_t proto, int invert)
return;
}
- for (i = 0; i < sizeof(chain_protos)/sizeof(struct pprot); i++)
- if (chain_protos[i].num == proto) {
+ for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
+ if (xtables_chain_protos[i].num == proto) {
printf("-p %s%s ",
- invertstr, chain_protos[i].name);
+ invertstr, xtables_chain_protos[i].name);
return;
}
@@ -1620,7 +1565,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
*protocol = tolower(*protocol);
protocol = argv[optind-1];
- fw.ip.proto = parse_protocol(protocol);
+ fw.ip.proto = xtables_parse_protocol(protocol);
if (fw.ip.proto == 0
&& (fw.ip.invflags & IPT_INV_PROTO))
diff --git a/xtables.c b/xtables.c
index 19e746c..cf64352 100644
--- a/xtables.c
+++ b/xtables.c
@@ -32,6 +32,7 @@
#include <arpa/inet.h>
#include <xtables.h>
+#include <ip6tables.h>
#include <libiptc/libxtc.h>
#ifndef NO_SHARED_LIBS
@@ -1285,3 +1286,54 @@ int xtables_check_inverse(const char option[], int *invert,
}
return false;
}
+
+const struct xtables_pprot xtables_chain_protos[] = {
+ {"tcp", IPPROTO_TCP},
+ {"sctp", IPPROTO_SCTP},
+ {"udp", IPPROTO_UDP},
+ {"udplite", IPPROTO_UDPLITE},
+ {"icmp", IPPROTO_ICMP},
+ {"icmpv6", IPPROTO_ICMPV6},
+ {"ipv6-icmp", IPPROTO_ICMPV6},
+ {"esp", IPPROTO_ESP},
+ {"ah", IPPROTO_AH},
+ {"ipv6-mh", IPPROTO_MH},
+ {"mh", IPPROTO_MH},
+ {"all", 0},
+ {NULL},
+};
+
+u_int16_t
+xtables_parse_protocol(const char *s)
+{
+ unsigned int proto;
+
+ if (!xtables_strtoui(s, NULL, &proto, 0, UINT8_MAX)) {
+ struct protoent *pent;
+
+ /* first deal with the special case of 'all' to prevent
+ * people from being able to redefine 'all' in nsswitch
+ * and/or provoke expensive [not working] ldap/nis/...
+ * lookups */
+ if (!strcmp(s, "all"))
+ return 0;
+
+ if ((pent = getprotobyname(s)))
+ proto = pent->p_proto;
+ else {
+ unsigned int i;
+ for (i = 0; i < ARRAY_SIZE(xtables_chain_protos); ++i) {
+ if (strcmp(s, xtables_chain_protos[i].name) == 0) {
+ proto = xtables_chain_protos[i].num;
+ break;
+ }
+ }
+ if (i == ARRAY_SIZE(xtables_chain_protos))
+ exit_error(PARAMETER_PROBLEM,
+ "unknown protocol `%s' specified",
+ s);
+ }
+ }
+
+ return proto;
+}
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* [PATCH 16/16] libxtables: move afinfo around
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (14 preceding siblings ...)
2009-02-09 17:34 ` [PATCH 15/16] libxtables: prefix/order - move parse_protocol " Jan Engelhardt
@ 2009-02-09 17:35 ` Jan Engelhardt
2009-02-09 17:39 ` libxtables rework Patrick McHardy
16 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:35 UTC (permalink / raw)
To: netfilter-devel
libxtables should not rely on the program executable providing the
magic constants for using [gs]etsockopt.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
include/xtables.h.in | 1 +
include/xtables/internal.h.in | 24 -------------
ip6tables-restore.c | 1 +
ip6tables-save.c | 1 +
ip6tables-standalone.c | 1 +
ip6tables.c | 9 -----
iptables-restore.c | 1 +
iptables-save.c | 1 +
iptables-standalone.c | 1 +
iptables.c | 9 -----
xtables.c | 74 +++++++++++++++++++++++++++++++++++-----
11 files changed, 71 insertions(+), 52 deletions(-)
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 07217d6..02750fb 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -189,6 +189,7 @@ extern struct xtables_match *xtables_matches;
extern struct xtables_target *xtables_targets;
extern void xtables_init(void);
+extern void xtables_set_nfproto(uint8_t);
extern void *xtables_calloc(size_t, size_t);
extern void *xtables_malloc(size_t);
diff --git a/include/xtables/internal.h.in b/include/xtables/internal.h.in
index 2143829..81ddb48 100644
--- a/include/xtables/internal.h.in
+++ b/include/xtables/internal.h.in
@@ -7,30 +7,6 @@
# define XT_LIB_DIR "/usr/local/lib/iptables"
#endif
-/* protocol family dependent informations */
-struct afinfo {
- /* protocol family */
- int family;
-
- /* prefix of library name (ex "libipt_" */
- char *libprefix;
-
- /* used by setsockopt (ex IPPROTO_IP */
- int ipproto;
-
- /* kernel module (ex "ip_tables" */
- char *kmod;
-
- /* optname to check revision support of match */
- int so_rev_match;
-
- /* optname to check revision support of match */
- int so_rev_target;
-};
-
-/* This is decleared in ip[6]tables.c */
-extern struct afinfo afinfo;
-
/**
* Program's own name and version.
*/
diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index beb640b..acaf97b 100644
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -132,6 +132,7 @@ int main(int argc, char *argv[])
xtables_program_name = program_name;
xtables_init();
+ xtables_set_nfproto(NFPROTO_IPV6);
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/ip6tables-save.c b/ip6tables-save.c
index 86ec6b2..32b5992 100644
--- a/ip6tables-save.c
+++ b/ip6tables-save.c
@@ -141,6 +141,7 @@ int main(int argc, char *argv[])
xtables_program_name = program_name;
xtables_init();
+ xtables_set_nfproto(NFPROTO_IPV6);
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/ip6tables-standalone.c b/ip6tables-standalone.c
index 3ab114e..cea4818 100644
--- a/ip6tables-standalone.c
+++ b/ip6tables-standalone.c
@@ -54,6 +54,7 @@ main(int argc, char *argv[])
xtables_program_name = program_name;
xtables_init();
+ xtables_set_nfproto(NFPROTO_IPV6);
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/ip6tables.c b/ip6tables.c
index 53163b7..233974f 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -199,15 +199,6 @@ struct pprot {
u_int8_t num;
};
-struct afinfo afinfo = {
- .family = NFPROTO_IPV6,
- .libprefix = "libip6t_",
- .ipproto = IPPROTO_IPV6,
- .kmod = "ip6_tables",
- .so_rev_match = IP6T_SO_GET_REVISION_MATCH,
- .so_rev_target = IP6T_SO_GET_REVISION_TARGET,
-};
-
static const char *
proto_to_name(u_int8_t proto, int nolookup)
{
diff --git a/iptables-restore.c b/iptables-restore.c
index 56812ee..810806f 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -134,6 +134,7 @@ main(int argc, char *argv[])
xtables_program_name = program_name;
xtables_init();
+ xtables_set_nfproto(NFPROTO_IPV4);
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/iptables-save.c b/iptables-save.c
index d08ec4b..c4306fd 100644
--- a/iptables-save.c
+++ b/iptables-save.c
@@ -141,6 +141,7 @@ main(int argc, char *argv[])
xtables_program_name = program_name;
xtables_init();
+ xtables_set_nfproto(NFPROTO_IPV4);
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/iptables-standalone.c b/iptables-standalone.c
index 9190873..ece7cf4 100644
--- a/iptables-standalone.c
+++ b/iptables-standalone.c
@@ -55,6 +55,7 @@ main(int argc, char *argv[])
xtables_program_name = program_name;
xtables_init();
+ xtables_set_nfproto(NFPROTO_IPV4);
#ifdef NO_SHARED_LIBS
init_extensions();
#endif
diff --git a/iptables.c b/iptables.c
index b43aadf..f1a5d33 100644
--- a/iptables.c
+++ b/iptables.c
@@ -194,15 +194,6 @@ const char *program_name;
int kernel_version;
-struct afinfo afinfo = {
- .family = NFPROTO_IPV4,
- .libprefix = "libipt_",
- .ipproto = IPPROTO_IP,
- .kmod = "ip_tables",
- .so_rev_match = IPT_SO_GET_REVISION_MATCH,
- .so_rev_target = IPT_SO_GET_REVISION_TARGET,
-};
-
/* Primitive headers... */
/* defined in netinet/in.h */
#if 0
diff --git a/xtables.c b/xtables.c
index cf64352..6c95475 100644
--- a/xtables.c
+++ b/xtables.c
@@ -32,7 +32,8 @@
#include <arpa/inet.h>
#include <xtables.h>
-#include <ip6tables.h>
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter_ipv6/ip6_tables.h>
#include <libiptc/libxtc.h>
#ifndef NO_SHARED_LIBS
@@ -46,6 +47,44 @@
#endif
/**
+ * xtables_afinfo - protocol family dependent information
+ * @kmod: kernel module basename (e.g. "ip_tables")
+ * @libprefix: prefix of .so library name (e.g. "libipt_")
+ * @family: nfproto family
+ * @ipproto: used by setsockopt (e.g. IPPROTO_IP)
+ * @so_rev_match: optname to check revision support of match
+ * @so_rev_target: optname to check revision support of target
+ */
+struct xtables_afinfo {
+ const char *kmod;
+ const char *libprefix;
+ uint8_t family;
+ uint8_t ipproto;
+ int so_rev_match;
+ int so_rev_target;
+};
+
+static const struct xtables_afinfo afinfo_ipv4 = {
+ .kmod = "ip_tables",
+ .libprefix = "libipt_",
+ .family = NFPROTO_IPV4,
+ .ipproto = IPPROTO_IP,
+ .so_rev_match = IPT_SO_GET_REVISION_MATCH,
+ .so_rev_target = IPT_SO_GET_REVISION_TARGET,
+};
+
+static const struct xtables_afinfo afinfo_ipv6 = {
+ .kmod = "ip6_tables",
+ .libprefix = "libip6t_",
+ .family = NFPROTO_IPV6,
+ .ipproto = IPPROTO_IPV6,
+ .so_rev_match = IP6T_SO_GET_REVISION_MATCH,
+ .so_rev_target = IP6T_SO_GET_REVISION_TARGET,
+};
+
+static const struct xtables_afinfo *afinfo;
+
+/**
* Program will set this to its own name.
*/
const char *xtables_program_name;
@@ -74,6 +113,21 @@ void xtables_init(void)
xtables_libdir = XTABLES_LIBDIR;
}
+void xtables_set_nfproto(uint8_t nfproto)
+{
+ switch (nfproto) {
+ case NFPROTO_IPV4:
+ afinfo = &afinfo_ipv4;
+ break;
+ case NFPROTO_IPV6:
+ afinfo = &afinfo_ipv6;
+ break;
+ default:
+ fprintf(stderr, "libxtables: unhandled NFPROTO in %s\n",
+ __func__);
+ }
+}
+
/**
* xtables_*alloc - wrappers that exit on failure
*/
@@ -177,7 +231,7 @@ int xtables_load_ko(const char *modprobe, bool quiet)
static int ret = -1;
if (!loaded) {
- ret = xtables_insmod(afinfo.kmod, modprobe, quiet);
+ ret = xtables_insmod(afinfo->kmod, modprobe, quiet);
loaded = (ret == 0);
}
@@ -387,7 +441,7 @@ xtables_find_match(const char *name, enum xtables_tryload tryload,
#ifndef NO_SHARED_LIBS
if (!ptr && tryload != XTF_DONT_LOAD && tryload != XTF_DURING_LOAD) {
- ptr = load_extension(xtables_libdir, afinfo.libprefix,
+ ptr = load_extension(xtables_libdir, afinfo->libprefix,
name, false);
if (ptr == NULL && tryload == XTF_LOAD_MUST_SUCCEED)
@@ -447,7 +501,7 @@ xtables_find_target(const char *name, enum xtables_tryload tryload)
#ifndef NO_SHARED_LIBS
if (!ptr && tryload != XTF_DONT_LOAD && tryload != XTF_DURING_LOAD) {
- ptr = load_extension(xtables_libdir, afinfo.libprefix,
+ ptr = load_extension(xtables_libdir, afinfo->libprefix,
name, true);
if (ptr == NULL && tryload == XTF_LOAD_MUST_SUCCEED)
@@ -480,7 +534,7 @@ static int compatible_revision(const char *name, u_int8_t revision, int opt)
socklen_t s = sizeof(rev);
int max_rev, sockfd;
- sockfd = socket(afinfo.family, SOCK_RAW, IPPROTO_RAW);
+ sockfd = socket(afinfo->family, SOCK_RAW, IPPROTO_RAW);
if (sockfd < 0) {
if (errno == EPERM) {
/* revision 0 is always supported. */
@@ -501,7 +555,7 @@ static int compatible_revision(const char *name, u_int8_t revision, int opt)
strcpy(rev.name, name);
rev.revision = revision;
- max_rev = getsockopt(sockfd, afinfo.ipproto, opt, &rev, &s);
+ max_rev = getsockopt(sockfd, afinfo->ipproto, opt, &rev, &s);
if (max_rev < 0) {
/* Definitely don't support this? */
if (errno == ENOENT || errno == EPROTONOSUPPORT) {
@@ -524,12 +578,12 @@ static int compatible_revision(const char *name, u_int8_t revision, int opt)
static int compatible_match_revision(const char *name, u_int8_t revision)
{
- return compatible_revision(name, revision, afinfo.so_rev_match);
+ return compatible_revision(name, revision, afinfo->so_rev_match);
}
static int compatible_target_revision(const char *name, u_int8_t revision)
{
- return compatible_revision(name, revision, afinfo.so_rev_target);
+ return compatible_revision(name, revision, afinfo->so_rev_target);
}
void xtables_register_match(struct xtables_match *me)
@@ -559,7 +613,7 @@ void xtables_register_match(struct xtables_match *me)
}
/* ignore not interested match */
- if (me->family != afinfo.family && me->family != AF_UNSPEC)
+ if (me->family != afinfo->family && me->family != AF_UNSPEC)
return;
old = xtables_find_match(me->name, XTF_DURING_LOAD, NULL);
@@ -632,7 +686,7 @@ void xtables_register_target(struct xtables_target *me)
}
/* ignore not interested target */
- if (me->family != afinfo.family && me->family != AF_UNSPEC)
+ if (me->family != afinfo->family && me->family != AF_UNSPEC)
return;
old = xtables_find_target(me->name, XTF_DURING_LOAD);
--
1.6.1.2
^ permalink raw reply related [flat|nested] 24+ messages in thread
* Re: libxtables rework
2009-02-09 17:34 libxtables rework Jan Engelhardt
` (15 preceding siblings ...)
2009-02-09 17:35 ` [PATCH 16/16] libxtables: move afinfo around Jan Engelhardt
@ 2009-02-09 17:39 ` Patrick McHardy
2009-02-09 17:45 ` Jan Engelhardt
16 siblings, 1 reply; 24+ messages in thread
From: Patrick McHardy @ 2009-02-09 17:39 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
> Patrick McHardy wrote on 2009-02-09 15:39:16:
>
>> So I prefer a resubmission in any case.
>
> Jan Engelhardt (16):
> src: remove redundant returns at end of void-returning functions
> src: remove redundant casts
> libxt_owner: use correct UID/GID boundaries
> extensions: use UINT_MAX constants over open-coded bits (1/2)
> extensions: use UINT_MAX constants over open-coded numbers (2/2)
> libxtables: prefix/order - libdir
> libxtables: prefix/order - strtoui
> libxtables: prefix/order - program_name
> libxtables: prefix/order - param_act
> libxtables: prefix/order - ipaddr/ipmask to ascii output
> libxtables: prefix/order - ascii to ipaddr/ipmask input
> libxtables: prefix - misc functions
> libxtables: prefix - parse and escaped output func
> libxtables: prefix/order - move check_inverse to xtables.c
> libxtables: prefix/order - move parse_protocol to xtables.c
> libxtables: move afinfo around
Thanks. Is there also a git tree to pull from? :)
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: libxtables rework
2009-02-09 17:39 ` libxtables rework Patrick McHardy
@ 2009-02-09 17:45 ` Jan Engelhardt
2009-02-09 17:50 ` Patrick McHardy
2009-02-09 18:00 ` Patrick McHardy
0 siblings, 2 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 17:45 UTC (permalink / raw)
To: Patrick McHardy; +Cc: netfilter-devel
On Monday 2009-02-09 18:39, Patrick McHardy wrote:
> Jan Engelhardt wrote:
>> Patrick McHardy wrote on 2009-02-09 15:39:16:
>>
>>> So I prefer a resubmission in any case.
>>
>> Jan Engelhardt (16):
>> src: remove redundant returns at end of void-returning functions
>> src: remove redundant casts
>> libxt_owner: use correct UID/GID boundaries
>> extensions: use UINT_MAX constants over open-coded bits (1/2)
>> extensions: use UINT_MAX constants over open-coded numbers (2/2)
>> libxtables: prefix/order - libdir
>> libxtables: prefix/order - strtoui
>> libxtables: prefix/order - program_name
>> libxtables: prefix/order - param_act
>> libxtables: prefix/order - ipaddr/ipmask to ascii output
>> libxtables: prefix/order - ascii to ipaddr/ipmask input
>> libxtables: prefix - misc functions
>> libxtables: prefix - parse and escaped output func
>> libxtables: prefix/order - move check_inverse to xtables.c
>> libxtables: prefix/order - move parse_protocol to xtables.c
>> libxtables: move afinfo around
>
> Thanks. Is there also a git tree to pull from? :)
>
lol - I hate you :) Or Pablo, depending on who requested patches
instead of wanting to pull.
But be my guest anytime -
git://dev.medozas.de/iptables master
cheers,
Jan
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: libxtables rework
2009-02-09 17:45 ` Jan Engelhardt
@ 2009-02-09 17:50 ` Patrick McHardy
2009-02-09 18:00 ` Patrick McHardy
1 sibling, 0 replies; 24+ messages in thread
From: Patrick McHardy @ 2009-02-09 17:50 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
> On Monday 2009-02-09 18:39, Patrick McHardy wrote:
>> Jan Engelhardt wrote:
>>> Patrick McHardy wrote on 2009-02-09 15:39:16:
>>>
>>>> So I prefer a resubmission in any case.
>>> Jan Engelhardt (16):
>>> src: remove redundant returns at end of void-returning functions
>>> src: remove redundant casts
>>> libxt_owner: use correct UID/GID boundaries
>>> extensions: use UINT_MAX constants over open-coded bits (1/2)
>>> extensions: use UINT_MAX constants over open-coded numbers (2/2)
>>> libxtables: prefix/order - libdir
>>> libxtables: prefix/order - strtoui
>>> libxtables: prefix/order - program_name
>>> libxtables: prefix/order - param_act
>>> libxtables: prefix/order - ipaddr/ipmask to ascii output
>>> libxtables: prefix/order - ascii to ipaddr/ipmask input
>>> libxtables: prefix - misc functions
>>> libxtables: prefix - parse and escaped output func
>>> libxtables: prefix/order - move check_inverse to xtables.c
>>> libxtables: prefix/order - move parse_protocol to xtables.c
>>> libxtables: move afinfo around
>> Thanks. Is there also a git tree to pull from? :)
>>
> lol - I hate you :) Or Pablo, depending on who requested patches
> instead of wanting to pull.
>
> But be my guest anytime -
> git://dev.medozas.de/iptables master
With this amount of patches, I prefer both actually, patches for
review and a tree for pulling :)
Thanks.
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: libxtables rework
2009-02-09 17:45 ` Jan Engelhardt
2009-02-09 17:50 ` Patrick McHardy
@ 2009-02-09 18:00 ` Patrick McHardy
1 sibling, 0 replies; 24+ messages in thread
From: Patrick McHardy @ 2009-02-09 18:00 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
> But be my guest anytime -
> git://dev.medozas.de/iptables master
Nice work, pulled and pushed out, thanks Jan.
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH 06/16] libxtables: prefix/order - libdir
2009-02-09 17:34 ` [PATCH 06/16] libxtables: prefix/order - libdir Jan Engelhardt
@ 2009-02-10 6:38 ` Amos Jeffries
2009-02-10 9:04 ` Jan Engelhardt
0 siblings, 1 reply; 24+ messages in thread
From: Amos Jeffries @ 2009-02-10 6:38 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
> Consolidate the libdir variable initialization code into xtables.c.
>
> Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
> ---
> include/xtables.h.in | 1 +
> include/xtables/internal.h | 2 --
> ip6tables-restore.c | 11 +----------
> ip6tables-save.c | 11 +----------
> ip6tables-standalone.c | 11 +----------
> iptables-restore.c | 11 +----------
> iptables-save.c | 11 +----------
> iptables-standalone.c | 11 +----------
> xtables.c | 23 ++++++++++++++++++++---
> 9 files changed, 27 insertions(+), 65 deletions(-)
>
> diff --git a/include/xtables.h.in b/include/xtables.h.in
> index 02a832d..268c42e 100644
> --- a/include/xtables.h.in
> +++ b/include/xtables.h.in
> @@ -159,6 +159,7 @@ extern const char *xtables_modprobe_program;
> extern struct xtables_match *xtables_matches;
> extern struct xtables_target *xtables_targets;
>
> +extern void xtables_init(void);
> extern void *xtables_calloc(size_t, size_t);
> extern void *xtables_malloc(size_t);
>
> diff --git a/include/xtables/internal.h b/include/xtables/internal.h
> index 60375cd..21c4401 100644
> --- a/include/xtables/internal.h
> +++ b/include/xtables/internal.h
> @@ -26,8 +26,6 @@ struct afinfo {
> int so_rev_target;
> };
>
> -extern char *lib_dir;
> -
> /* This is decleared in ip[6]tables.c */
> extern struct afinfo afinfo;
>
> diff --git a/ip6tables-restore.c b/ip6tables-restore.c
> index 097711f..6be1a36 100644
> --- a/ip6tables-restore.c
> +++ b/ip6tables-restore.c
> @@ -130,16 +130,7 @@ int main(int argc, char *argv[])
> program_version = XTABLES_VERSION;
> line = 0;
>
> - lib_dir = getenv("XTABLES_LIBDIR");
> - if (lib_dir == NULL) {
> - lib_dir = getenv("IP6TABLES_LIB_DIR");
> - if (lib_dir != NULL)
> - fprintf(stderr, "IP6TABLES_LIB_DIR is deprecated, "
> - "use XTABLES_LIBDIR.\n");
> - }
> - if (lib_dir == NULL)
> - lib_dir = XTABLES_LIBDIR;
> -
> + xtables_init();
> #ifdef NO_SHARED_LIBS
> init_extensions();
> #endif
> diff --git a/ip6tables-save.c b/ip6tables-save.c
> index 11ef8c4..1b9d00a 100644
> --- a/ip6tables-save.c
> +++ b/ip6tables-save.c
> @@ -139,16 +139,7 @@ int main(int argc, char *argv[])
> program_name = "ip6tables-save";
> program_version = XTABLES_VERSION;
>
> - lib_dir = getenv("XTABLES_LIBDIR");
> - if (lib_dir == NULL) {
> - lib_dir = getenv("IP6TABLES_LIB_DIR");
> - if (lib_dir != NULL)
> - fprintf(stderr, "IP6TABLES_LIB_DIR is deprecated, "
> - "use XTABLES_LIBDIR.\n");
> - }
> - if (lib_dir == NULL)
> - lib_dir = XTABLES_LIBDIR;
> -
> + xtables_init();
> #ifdef NO_SHARED_LIBS
> init_extensions();
> #endif
...
>
> +void xtables_init(void)
> +{
> + xtables_libdir = getenv("XTABLES_LIBDIR");
> + if (xtables_libdir != NULL)
> + return;
> + xtables_libdir = getenv("IPTABLES_LIB_DIR");
> + if (xtables_libdir != NULL) {
> + fprintf(stderr, "IPTABLES_LIB_DIR is deprecated, "
> + "use XTABLES_LIBDIR.\n");
> + return;
> + }
> + xtables_libdir = XTABLES_LIBDIR;
> +}
You appear to be consolidating both IPTABLES_LIB_DIR and
IP6TABLES_LIB_DIR into this function, yet it does not handle the
IP6TABLES_LIB_DIR cases.
/2c
AYJ
^ permalink raw reply [flat|nested] 24+ messages in thread
* Re: [PATCH 06/16] libxtables: prefix/order - libdir
2009-02-10 6:38 ` Amos Jeffries
@ 2009-02-10 9:04 ` Jan Engelhardt
0 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-10 9:04 UTC (permalink / raw)
To: Amos Jeffries; +Cc: netfilter-devel
On Tuesday 2009-02-10 07:38, Amos Jeffries wrote:
> Jan Engelhardt wrote:
>> +{
>> + xtables_libdir = getenv("XTABLES_LIBDIR");
>> + if (xtables_libdir != NULL)
>> + return;
>> + xtables_libdir = getenv("IPTABLES_LIB_DIR");
>> + if (xtables_libdir != NULL) {
>> + fprintf(stderr, "IPTABLES_LIB_DIR is deprecated, "
>> + "use XTABLES_LIBDIR.\n");
>> + return;
>> + }
>> + xtables_libdir = XTABLES_LIBDIR;
>> +}
>
> You appear to be consolidating both IPTABLES_LIB_DIR and IP6TABLES_LIB_DIR into
> this function, yet it does not handle the IP6TABLES_LIB_DIR cases.
Thanks for noticing. I added a patch that adds it back
(/me still wanting to pull in jamal's stuff for the next pull).
+++ b/xtables.c
@@ -110,6 +110,19 @@ void xtables_init(void)
"use XTABLES_LIBDIR.\n");
return;
}
+ /*
+ * Well yes, IP6TABLES_LIB_DIR is of lower priority over
+ * IPTABLES_LIB_DIR since this moved to libxtables; I think that is ok
+ * for these env vars are deprecated anyhow, and in light of the
+ * (shared) libxt_*.so files, makes less sense to have
+ * IPTABLES_LIB_DIR != IP6TABLES_LIB_DIR.
+ */
+ xtables_libdir = getenv("IP6TABLES_LIB_DIR");
+ if (xtables_libdir != NULL) {
+ fprintf(stderr, "IP6TABLES_LIB_DIR is deprecated, "
+ "use XTABLES_LIBDIR.\n");
+ return;
+ }
xtables_libdir = XTABLES_LIBDIR;
}
^ permalink raw reply [flat|nested] 24+ messages in thread
* libxtables rework
@ 2009-02-09 12:07 Jan Engelhardt
0 siblings, 0 replies; 24+ messages in thread
From: Jan Engelhardt @ 2009-02-09 12:07 UTC (permalink / raw)
To: netfilter
Jan Engelhardt (16):
src: remove redundant returns at end of void-returning functions
src: remove redundant casts
libxt_owner: use correct UID/GID boundaries
extensions: use UINT_MAX constants over open-coded bits (1/2)
extensions: use UINT_MAX constants over open-coded numbers (2/2)
libxtables: prefix/order - libdir
libxtables: prefix/order - strtoui
libxtables: prefix/order - program_name
libxtables: prefix/order - param_act
libxtables: prefix/order - ipaddr/ipmask to ascii output
libxtables: prefix/order - ascii to ipaddr/ipmask input
libxtables: prefix - misc functions
libxtables: prefix - parse and escaped output func
libxtables: prefix/order - move check_inverse to xtables.c
libxtables: prefix/order - move parse_protocol to xtables.c
libxtables: move afinfo around
.gitignore | 1 +
Makefile.am | 2 +-
configure.ac | 26 +--
extensions/libip6t_HL.c | 4 +-
extensions/libip6t_LOG.c | 8 +-
extensions/libip6t_REJECT.c | 2 +-
extensions/libip6t_ah.c | 6 +-
extensions/libip6t_dst.c | 11 +-
extensions/libip6t_frag.c | 6 +-
extensions/libip6t_hbh.c | 11 +-
extensions/libip6t_hl.c | 2 +-
extensions/libip6t_icmp6.c | 6 +-
extensions/libip6t_ipv6header.c | 8 +-
extensions/libip6t_mh.c | 4 +-
extensions/libip6t_policy.c | 8 +-
extensions/libip6t_rt.c | 10 +-
extensions/libipt_CLUSTERIP.c | 10 +-
extensions/libipt_DNAT.c | 10 +-
extensions/libipt_ECN.c | 6 +-
extensions/libipt_LOG.c | 10 +-
extensions/libipt_MASQUERADE.c | 2 +-
extensions/libipt_NETMAP.c | 12 +-
extensions/libipt_REDIRECT.c | 4 +-
extensions/libipt_REJECT.c | 2 +-
extensions/libipt_SAME.c | 14 +-
extensions/libipt_SET.c | 2 +-
extensions/libipt_SNAT.c | 10 +-
extensions/libipt_TTL.c | 4 +-
extensions/libipt_ULOG.c | 6 +-
extensions/libipt_addrtype.c | 8 +-
extensions/libipt_ah.c | 4 +-
extensions/libipt_ecn.c | 8 +-
extensions/libipt_icmp.c | 6 +-
extensions/libipt_policy.c | 16 +-
extensions/libipt_realm.c | 4 +-
extensions/libipt_set.c | 2 +-
extensions/libipt_ttl.c | 8 +-
extensions/libxt_CONNMARK.c | 56 +++---
extensions/libxt_DSCP.c | 7 +-
extensions/libxt_MARK.c | 50 +++---
extensions/libxt_NFLOG.c | 6 +-
extensions/libxt_NFQUEUE.c | 3 +-
extensions/libxt_TCPMSS.c | 3 +-
extensions/libxt_TCPOPTSTRIP.c | 3 +-
extensions/libxt_TOS.c | 36 ++--
extensions/libxt_TPROXY.c | 36 ++--
extensions/libxt_comment.c | 2 +-
extensions/libxt_connbytes.c | 2 +-
extensions/libxt_connlimit.c | 2 +-
extensions/libxt_connmark.c | 16 +-
extensions/libxt_conntrack.c | 91 +++++-----
extensions/libxt_dccp.c | 18 +-
extensions/libxt_dscp.c | 11 +-
extensions/libxt_esp.c | 4 +-
extensions/libxt_hashlimit.c | 98 +++++-----
extensions/libxt_helper.c | 4 +-
extensions/libxt_iprange.c | 80 ++++----
extensions/libxt_length.c | 6 +-
extensions/libxt_limit.c | 6 +-
extensions/libxt_mac.c | 2 +-
extensions/libxt_mark.c | 16 +-
extensions/libxt_multiport.c | 18 +-
extensions/libxt_owner.c | 73 ++++----
extensions/libxt_physdev.c | 14 +-
extensions/libxt_pkttype.c | 2 +-
extensions/libxt_quota.c | 4 +-
extensions/libxt_rateest.c | 27 ++--
extensions/libxt_recent.c | 8 +-
extensions/libxt_sctp.c | 12 +-
extensions/libxt_state.c | 2 +-
extensions/libxt_statistic.c | 9 +-
extensions/libxt_string.c | 6 +-
extensions/libxt_tcp.c | 18 +-
extensions/libxt_tcpmss.c | 6 +-
extensions/libxt_time.c | 1 -
extensions/libxt_tos.c | 8 +-
extensions/libxt_u32.c | 2 -
extensions/libxt_udp.c | 10 +-
extensions/tos_values.c | 8 +-
include/xtables.h.in | 115 +++++++------
include/xtables/internal.h | 36 ----
include/xtables/internal.h.in | 17 ++
ip6tables-restore.c | 17 +--
ip6tables-save.c | 17 +--
ip6tables-standalone.c | 15 +-
ip6tables.c | 149 +++------------
iptables-restore.c | 17 +--
iptables-save.c | 17 +--
iptables-standalone.c | 15 +-
iptables-xml.c | 8 +-
iptables.c | 140 +++-----------
xtables.c | 387 +++++++++++++++++++++++++++------------
92 files changed, 963 insertions(+), 1036 deletions(-)
^ permalink raw reply [flat|nested] 24+ messages in thread
end of thread, other threads:[~2009-02-10 9:04 UTC | newest]
Thread overview: 24+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2009-02-09 17:34 libxtables rework Jan Engelhardt
2009-02-09 17:34 ` [PATCH 01/16] src: remove redundant returns at end of void-returning functions Jan Engelhardt
2009-02-09 17:34 ` [PATCH 02/16] src: remove redundant casts Jan Engelhardt
2009-02-09 17:34 ` [PATCH 03/16] libxt_owner: use correct UID/GID boundaries Jan Engelhardt
2009-02-09 17:34 ` [PATCH 04/16] extensions: use UINT_MAX constants over open-coded bits (1/2) Jan Engelhardt
2009-02-09 17:34 ` [PATCH 05/16] extensions: use UINT_MAX constants over open-coded numbers (2/2) Jan Engelhardt
2009-02-09 17:34 ` [PATCH 06/16] libxtables: prefix/order - libdir Jan Engelhardt
2009-02-10 6:38 ` Amos Jeffries
2009-02-10 9:04 ` Jan Engelhardt
2009-02-09 17:34 ` [PATCH 07/16] libxtables: prefix/order - strtoui Jan Engelhardt
2009-02-09 17:34 ` [PATCH 08/16] libxtables: prefix/order - program_name Jan Engelhardt
2009-02-09 17:34 ` [PATCH 09/16] libxtables: prefix/order - param_act Jan Engelhardt
2009-02-09 17:34 ` [PATCH 10/16] libxtables: prefix/order - ipaddr/ipmask to ascii output Jan Engelhardt
2009-02-09 17:34 ` [PATCH 11/16] libxtables: prefix/order - ascii to ipaddr/ipmask input Jan Engelhardt
2009-02-09 17:34 ` [PATCH 12/16] libxtables: prefix - misc functions Jan Engelhardt
2009-02-09 17:34 ` [PATCH 13/16] libxtables: prefix - parse and escaped output func Jan Engelhardt
2009-02-09 17:34 ` [PATCH 14/16] libxtables: prefix/order - move check_inverse to xtables.c Jan Engelhardt
2009-02-09 17:34 ` [PATCH 15/16] libxtables: prefix/order - move parse_protocol " Jan Engelhardt
2009-02-09 17:35 ` [PATCH 16/16] libxtables: move afinfo around Jan Engelhardt
2009-02-09 17:39 ` libxtables rework Patrick McHardy
2009-02-09 17:45 ` Jan Engelhardt
2009-02-09 17:50 ` Patrick McHardy
2009-02-09 18:00 ` Patrick McHardy
-- strict thread matches above, loose matches on Subject: below --
2009-02-09 12:07 Jan Engelhardt
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.