[iptables] extensions: use NFPROTO_UNSPEC for .family field

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Fri Jun 5 16:45:07 CEST 2009 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=42979363f3958b4436c6d2503753c182c58e55ea
commit 42979363f3958b4436c6d2503753c182c58e55ea
Author:     Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Jun 1 11:56:23 2009 +0200
Commit:     Jan Engelhardt <jengelh at medozas.de>
CommitDate: Mon Jun 1 11:57:13 2009 +0200

    extensions: use NFPROTO_UNSPEC for .family field
    
    This constant would be the designated one for the .family field; it
    also, given recent changes, makes grep for NFPROTO_UNSPEC work to
    finally recollect all manpages.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit cdcfd887b0dcb3c5cff3c2ae49fc34d0cbac5c44
Author:     Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Jun 1 11:52:07 2009 +0200
Commit:     Jan Engelhardt <jengelh at medozas.de>
CommitDate: Mon Jun 1 11:54:55 2009 +0200

    build: fix manpage collection
    
    Florian Westphal points out that v1.4.3.2-9-gc304d77 greps for the
    keyword in the wrong file, and that files with NFPROTO_UNSPEC are
    skipped.
    
    This patch corrects that part, and makes `make` now output the
    manpages it collected.
    
    Reported-by: Florian Westphal <fw at strlen.de>
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 67cf1a928952f1d1ca32f529d78036cebc1b8800
Author:     Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Mon Jun 1 11:46:12 2009 +0200
Commit:     Jan Engelhardt <jengelh at medozas.de>
CommitDate: Mon Jun 1 11:46:12 2009 +0200

    policy: merge ipv6 and ipv4 variant
    
    The files duplicate most of their code, and struct ipt_policy_info
    being defined to xt_policy_info makes them actually have even more in
    common.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit cd30054544021bad206efb6b98df640528e1cba1
Author:     Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Sun May 31 22:43:12 2009 +0200
Commit:     Jan Engelhardt <jengelh at medozas.de>
CommitDate: Sun May 31 23:08:12 2009 +0200

    policy: use direct xt_policy_info instead of ipt/ip6t
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 9d08310f7611b044ad40f4b1c240d9012fbe050f
Author:     Jan Engelhardt <jengelh at medozas.de>
AuthorDate: Sun May 31 22:34:54 2009 +0200
Commit:     Jan Engelhardt <jengelh at medozas.de>
CommitDate: Sun May 31 22:34:57 2009 +0200

    libip6t_policy: remove redundant functions
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>
       via  42979363f3958b4436c6d2503753c182c58e55ea (commit)
       via  cdcfd887b0dcb3c5cff3c2ae49fc34d0cbac5c44 (commit)
       via  67cf1a928952f1d1ca32f529d78036cebc1b8800 (commit)
       via  cd30054544021bad206efb6b98df640528e1cba1 (commit)
       via  9d08310f7611b044ad40f4b1c240d9012fbe050f (commit)
      from  c304d776e9bf546829c90d0cbaeae6a3a79ef9db (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 42979363f3958b4436c6d2503753c182c58e55ea
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon Jun 1 11:56:23 2009 +0200

    extensions: use NFPROTO_UNSPEC for .family field
    
    This constant would be the designated one for the .family field; it
    also, given recent changes, makes grep for NFPROTO_UNSPEC work to
    finally recollect all manpages.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit cdcfd887b0dcb3c5cff3c2ae49fc34d0cbac5c44
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon Jun 1 11:52:07 2009 +0200

    build: fix manpage collection
    
    Florian Westphal points out that v1.4.3.2-9-gc304d77 greps for the
    keyword in the wrong file, and that files with NFPROTO_UNSPEC are
    skipped.
    
    This patch corrects that part, and makes `make` now output the
    manpages it collected.
    
    Reported-by: Florian Westphal <fw at strlen.de>
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 67cf1a928952f1d1ca32f529d78036cebc1b8800
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Mon Jun 1 11:46:12 2009 +0200

    policy: merge ipv6 and ipv4 variant
    
    The files duplicate most of their code, and struct ipt_policy_info
    being defined to xt_policy_info makes them actually have even more in
    common.
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit cd30054544021bad206efb6b98df640528e1cba1
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Sun May 31 22:43:12 2009 +0200

    policy: use direct xt_policy_info instead of ipt/ip6t
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

commit 9d08310f7611b044ad40f4b1c240d9012fbe050f
Author: Jan Engelhardt <jengelh at medozas.de>
Date:   Sun May 31 22:34:54 2009 +0200

    libip6t_policy: remove redundant functions
    
    Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

-----------------------------------------------------------------------

 extensions/GNUmakefile.in                      |    5 +-
 extensions/libip6t_policy.c                    |  464 ------------------------
 extensions/libxt_CLASSIFY.c                    |    2 +-
 extensions/libxt_MARK.c                        |    2 +-
 extensions/libxt_RATEEST.c                     |    2 +-
 extensions/libxt_SECMARK.c                     |    2 +-
 extensions/libxt_TRACE.c                       |    2 +-
 extensions/libxt_cluster.c                     |    2 +-
 extensions/libxt_length.c                      |    2 +-
 extensions/libxt_limit.c                       |    2 +-
 extensions/libxt_mark.c                        |    4 +-
 extensions/libxt_pkttype.c                     |    2 +-
 extensions/{libipt_policy.c => libxt_policy.c} |  207 ++++++++----
 extensions/libxt_quota.c                       |    2 +-
 extensions/libxt_rateest.c                     |    2 +-
 extensions/libxt_standard.c                    |    2 +-
 extensions/libxt_statistic.c                   |    2 +-
 extensions/libxt_string.c                      |    4 +-
 extensions/libxt_time.c                        |    2 +-
 extensions/libxt_u32.c                         |    2 +-
 20 files changed, 168 insertions(+), 546 deletions(-)
 delete mode 100644 extensions/libip6t_policy.c
 rename extensions/{libipt_policy.c => libxt_policy.c} (59%)
Signed-off-by: Jan Engelhardt <jengelh at medozas.de>

diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 5106c28..697ac24 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -91,38 +91,6 @@ static const struct option policy_opts[] =
 	{ .name = NULL }
 };
 
-/* FIXME - Duplicated code from ip6tables.c */
-/* Duplicated to stop too many changes in other files .... */
-static void
-in6addrcpy(struct in6_addr *dst, struct in6_addr *src)
-{
-        memcpy(dst, src, sizeof(struct in6_addr));
-        /* dst->s6_addr = src->s6_addr; */
-}
-
-static char *
-addr_to_numeric(const struct in6_addr *addrp)
-{
-        /* 0000:0000:0000:0000:0000:000.000.000.000
-	 * 0000:0000:0000:0000:0000:0000:0000:0000 */
-        static char buf[50+1];
-        return (char *)inet_ntop(AF_INET6, addrp, buf, sizeof(buf));
-}
-
-static char *
-mask_to_numeric(const struct in6_addr *addrp)
-{
-        static char buf[50+2];
-        int l = ipv6_prefix_length(addrp);
-        if (l == -1) {
-		strcpy(buf, "/");
-		strcat(buf, addr_to_numeric(addrp));
-		return buf;
-	}
-	sprintf(buf, "/%d", l);
-	return buf;
-}
-
 static int parse_direction(char *s)
 {
 	if (strcmp(s, "in") == 0)
@@ -224,8 +192,8 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
 
 		e->match.saddr = 1;
 		e->invert.saddr = invert;
-		in6addrcpy(&e->saddr.a6, addr);
-		in6addrcpy(&e->smask.a6, &mask);
+		memcpy(&e->saddr.a6, addr, sizeof(*addr));
+		memcpy(&e->smask.a6, &mask, sizeof(mask));
                 break;
 	case '7':
 		if (e->match.daddr)
@@ -239,8 +207,8 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
 
 		e->match.daddr = 1;
 		e->invert.daddr = invert;
-		in6addrcpy(&e->daddr.a6, addr);
-		in6addrcpy(&e->dmask.a6, &mask);
+		memcpy(&e->daddr.a6, addr, sizeof(*addr));
+		memcpy(&e->dmask.a6, &mask, sizeof(mask));
 		break;
 	case '8':
 		if (e->match.proto)
@@ -387,14 +355,14 @@ static void print_entry(char *prefix, const struct ip6t_policy_elem *e,
 	if (e->match.daddr) {
 		PRINT_INVERT(e->invert.daddr);
 		printf("%stunnel-dst %s%s ", prefix,
-		       addr_to_numeric((struct in6_addr *)&e->daddr),
-		       mask_to_numeric((struct in6_addr *)&e->dmask));
+		       xtables_ip6addr_to_numeric(&e->daddr.a6),
+		       xtables_ip6mask_to_numeric(&e->dmask.a6));
 	}
 	if (e->match.saddr) {
 		PRINT_INVERT(e->invert.saddr);
 		printf("%stunnel-src %s%s ", prefix,
-		       addr_to_numeric((struct in6_addr *)&e->saddr),
-		       mask_to_numeric((struct in6_addr *)&e->smask));
+		       xtables_ip6addr_to_numeric(&e->saddr.a6),
+		       xtables_ip6mask_to_numeric(&e->smask.a6));
 	}
 }

More information about the netfilter-cvslog mailing list