return true;
}
+
+void nft_check_xt_legacy(int family, bool is_ipt_save)
+{
+ static const char tables6[] = "/proc/net/ip6_tables_names";
+ static const char tables4[] = "/proc/net/ip_tables_names";
+ const char *prefix = "ip";
+ FILE *fp = NULL;
+ char buf[1024];
+
+ switch (family) {
+ case NFPROTO_IPV4:
+ fp = fopen(tables4, "r");
+ break;
+ case NFPROTO_IPV6:
+ fp = fopen(tables6, "r");
+ prefix = "ip6";
+ break;
+ default:
+ break;
+ }
+
+ if (!fp)
+ return;
+
+ if (fgets(buf, sizeof(buf), fp))
+ fprintf(stderr, "# Warning: %stables-legacy tables present, use %stables-legacy%s to see them\n",
+ prefix, prefix, is_ipt_save ? "-save" : "");
+ fclose(fp);
+}
struct nft_xt_restore_cb *cb,
int argc, char *argv[]);
+void nft_check_xt_legacy(int family, bool is_ipt_save);
#endif
};
static int
-do_output(struct nft_handle *h, const char *tablename, bool counters)
+__do_output(struct nft_handle *h, const char *tablename, bool counters)
{
struct nftnl_chain_list *chain_list;
- if (!tablename)
- return nft_for_each_table(h, do_output, counters) ? 1 : 0;
if (!nft_table_find(h, tablename)) {
printf("Table `%s' does not exist\n", tablename);
return 0;
}
+static int
+do_output(struct nft_handle *h, const char *tablename, bool counters)
+{
+ int ret;
+
+ if (!tablename) {
+ ret = nft_for_each_table(h, __do_output, counters);
+ nft_check_xt_legacy(h->family, true);
+ return !!ret;
+ }
+
+ ret = __do_output(h, tablename, counters);
+ nft_check_xt_legacy(h->family, true);
+ return ret;
+}
+
/* Format:
* :Chain name POLICY packets bytes
* rule
ret = nft_rule_zero_counters(h, p.chain, p.table,
p.rulenum - 1);
}
+ nft_check_xt_legacy(h->family, false);
break;
case CMD_LIST_RULES:
case CMD_LIST_RULES|CMD_ZERO:
ret = nft_rule_zero_counters(h, p.chain, p.table,
p.rulenum - 1);
}
+ nft_check_xt_legacy(h->family, false);
break;
case CMD_NEW_CHAIN:
ret = nft_chain_user_add(h, p.chain, p.table);
projects / thirdparty / iptables.git / commitdiff
