[iptables] extensions: use NFPROTO_UNSPEC for .family field
Patrick McHardy
netfilter-cvslog-bounces at lists.netfilter.org
Fri Jun 5 16:45:07 CEST 2009
Gitweb: http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=42979363f3958b4436c6d2503753c182c58e55ea
commit 42979363f3958b4436c6d2503753c182c58e55ea
Author: Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Jun 1 11:56:23 2009 +0200
Commit: Jan Engelhardt <jengelh at medozas.de>
CommitDate: Mon Jun 1 11:57:13 2009 +0200
extensions: use NFPROTO_UNSPEC for .family field
This constant would be the designated one for the .family field; it
also, given recent changes, makes grep for NFPROTO_UNSPEC work to
finally recollect all manpages.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit cdcfd887b0dcb3c5cff3c2ae49fc34d0cbac5c44
Author: Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Jun 1 11:52:07 2009 +0200
Commit: Jan Engelhardt <jengelh at medozas.de>
CommitDate: Mon Jun 1 11:54:55 2009 +0200
build: fix manpage collection
Florian Westphal points out that v1.4.3.2-9-gc304d77 greps for the
keyword in the wrong file, and that files with NFPROTO_UNSPEC are
skipped.
This patch corrects that part, and makes `make` now output the
manpages it collected.
Reported-by: Florian Westphal <fw at strlen.de>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 67cf1a928952f1d1ca32f529d78036cebc1b8800
Author: Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Jun 1 11:46:12 2009 +0200
Commit: Jan Engelhardt <jengelh at medozas.de>
CommitDate: Mon Jun 1 11:46:12 2009 +0200
policy: merge ipv6 and ipv4 variant
The files duplicate most of their code, and struct ipt_policy_info
being defined to xt_policy_info makes them actually have even more in
common.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit cd30054544021bad206efb6b98df640528e1cba1
Author: Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Sun May 31 22:43:12 2009 +0200
Commit: Jan Engelhardt <jengelh at medozas.de>
CommitDate: Sun May 31 23:08:12 2009 +0200
policy: use direct xt_policy_info instead of ipt/ip6t
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 9d08310f7611b044ad40f4b1c240d9012fbe050f
Author: Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Sun May 31 22:34:54 2009 +0200
Commit: Jan Engelhardt <jengelh at medozas.de>
CommitDate: Sun May 31 22:34:57 2009 +0200
libip6t_policy: remove redundant functions
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
via 42979363f3958b4436c6d2503753c182c58e55ea (commit)
via cdcfd887b0dcb3c5cff3c2ae49fc34d0cbac5c44 (commit)
via 67cf1a928952f1d1ca32f529d78036cebc1b8800 (commit)
via cd30054544021bad206efb6b98df640528e1cba1 (commit)
via 9d08310f7611b044ad40f4b1c240d9012fbe050f (commit)
from c304d776e9bf546829c90d0cbaeae6a3a79ef9db (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
commit 42979363f3958b4436c6d2503753c182c58e55ea
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon Jun 1 11:56:23 2009 +0200
extensions: use NFPROTO_UNSPEC for .family field
This constant would be the designated one for the .family field; it
also, given recent changes, makes grep for NFPROTO_UNSPEC work to
finally recollect all manpages.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit cdcfd887b0dcb3c5cff3c2ae49fc34d0cbac5c44
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon Jun 1 11:52:07 2009 +0200
build: fix manpage collection
Florian Westphal points out that v1.4.3.2-9-gc304d77 greps for the
keyword in the wrong file, and that files with NFPROTO_UNSPEC are
skipped.
This patch corrects that part, and makes `make` now output the
manpages it collected.
Reported-by: Florian Westphal <fw at strlen.de>
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 67cf1a928952f1d1ca32f529d78036cebc1b8800
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Mon Jun 1 11:46:12 2009 +0200
policy: merge ipv6 and ipv4 variant
The files duplicate most of their code, and struct ipt_policy_info
being defined to xt_policy_info makes them actually have even more in
common.
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit cd30054544021bad206efb6b98df640528e1cba1
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun May 31 22:43:12 2009 +0200
policy: use direct xt_policy_info instead of ipt/ip6t
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
commit 9d08310f7611b044ad40f4b1c240d9012fbe050f
Author: Jan Engelhardt <jengelh at medozas.de>
Date: Sun May 31 22:34:54 2009 +0200
libip6t_policy: remove redundant functions
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
-----------------------------------------------------------------------
extensions/GNUmakefile.in | 5 +-
extensions/libip6t_policy.c | 464 ------------------------
extensions/libxt_CLASSIFY.c | 2 +-
extensions/libxt_MARK.c | 2 +-
extensions/libxt_RATEEST.c | 2 +-
extensions/libxt_SECMARK.c | 2 +-
extensions/libxt_TRACE.c | 2 +-
extensions/libxt_cluster.c | 2 +-
extensions/libxt_length.c | 2 +-
extensions/libxt_limit.c | 2 +-
extensions/libxt_mark.c | 4 +-
extensions/libxt_pkttype.c | 2 +-
extensions/{libipt_policy.c => libxt_policy.c} | 207 ++++++++----
extensions/libxt_quota.c | 2 +-
extensions/libxt_rateest.c | 2 +-
extensions/libxt_standard.c | 2 +-
extensions/libxt_statistic.c | 2 +-
extensions/libxt_string.c | 4 +-
extensions/libxt_time.c | 2 +-
extensions/libxt_u32.c | 2 +-
20 files changed, 168 insertions(+), 546 deletions(-)
delete mode 100644 extensions/libip6t_policy.c
rename extensions/{libipt_policy.c => libxt_policy.c} (59%)
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 5106c28..697ac24 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -91,38 +91,6 @@ static const struct option policy_opts[] =
{ .name = NULL }
};
-/* FIXME - Duplicated code from ip6tables.c */
-/* Duplicated to stop too many changes in other files .... */
-static void
-in6addrcpy(struct in6_addr *dst, struct in6_addr *src)
-{
- memcpy(dst, src, sizeof(struct in6_addr));
- /* dst->s6_addr = src->s6_addr; */
-}
-
-static char *
-addr_to_numeric(const struct in6_addr *addrp)
-{
- /* 0000:0000:0000:0000:0000:000.000.000.000
- * 0000:0000:0000:0000:0000:0000:0000:0000 */
- static char buf[50+1];
- return (char *)inet_ntop(AF_INET6, addrp, buf, sizeof(buf));
-}
-
-static char *
-mask_to_numeric(const struct in6_addr *addrp)
-{
- static char buf[50+2];
- int l = ipv6_prefix_length(addrp);
- if (l == -1) {
- strcpy(buf, "/");
- strcat(buf, addr_to_numeric(addrp));
- return buf;
- }
- sprintf(buf, "/%d", l);
- return buf;
-}
-
static int parse_direction(char *s)
{
if (strcmp(s, "in") == 0)
@@ -224,8 +192,8 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
e->match.saddr = 1;
e->invert.saddr = invert;
- in6addrcpy(&e->saddr.a6, addr);
- in6addrcpy(&e->smask.a6, &mask);
+ memcpy(&e->saddr.a6, addr, sizeof(*addr));
+ memcpy(&e->smask.a6, &mask, sizeof(mask));
break;
case '7':
if (e->match.daddr)
@@ -239,8 +207,8 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
e->match.daddr = 1;
e->invert.daddr = invert;
- in6addrcpy(&e->daddr.a6, addr);
- in6addrcpy(&e->dmask.a6, &mask);
+ memcpy(&e->daddr.a6, addr, sizeof(*addr));
+ memcpy(&e->dmask.a6, &mask, sizeof(mask));
break;
case '8':
if (e->match.proto)
@@ -387,14 +355,14 @@ static void print_entry(char *prefix, const struct ip6t_policy_elem *e,
if (e->match.daddr) {
PRINT_INVERT(e->invert.daddr);
printf("%stunnel-dst %s%s ", prefix,
- addr_to_numeric((struct in6_addr *)&e->daddr),
- mask_to_numeric((struct in6_addr *)&e->dmask));
+ xtables_ip6addr_to_numeric(&e->daddr.a6),
+ xtables_ip6mask_to_numeric(&e->dmask.a6));
}
if (e->match.saddr) {
PRINT_INVERT(e->invert.saddr);
printf("%stunnel-src %s%s ", prefix,
- addr_to_numeric((struct in6_addr *)&e->saddr),
- mask_to_numeric((struct in6_addr *)&e->smask));
+ xtables_ip6addr_to_numeric(&e->saddr.a6),
+ xtables_ip6mask_to_numeric(&e->smask.a6));
}
}
More information about the netfilter-cvslog
mailing list