Use proto_to_name() from xshared in more places

Share the common proto name lookup code. While being at it, make proto
number variable 16bit, values may exceed 256.

This aligns iptables-nft '-p' argument printing with legacy iptables. In
practice, this should make a difference only in corner cases.

Signed-off-by: Phil Sutter <phil@nwl.cc>

diff --git a/include/xtables.h b/include/xtables.h
index df1eaee326643ae2542816ae75e5e428201ad122..1fd5f63ac4b69a3033f262c6713234f0a5e6c990 100644 (file)
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -395,7 +395,7 @@ struct xtables_rule_match {
  */
 struct xtables_pprot {
        const char *name;
-       uint8_t num;
+       uint16_t num;
 };
 
 enum xtables_tryload {

diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 044d9a33a0266846c4df29f7885115d14ae557db..e967c040fd3c9832977961731be7400bfd890a3f 100644 (file)
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -759,28 +759,16 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
        }
 }
 
-/* The ip6tables looks up the /etc/protocols. */
 static void print_proto(uint16_t proto, int invert)
 {
        if (proto) {
-               unsigned int i;
+               const char *pname = proto_to_name(proto, 0);
                const char *invertstr = invert ? " !" : "";
 
-               const struct protoent *pent = getprotobynumber(proto);
-               if (pent) {
-                       printf("%s -p %s",
-                              invertstr, pent->p_name);
-                       return;
-               }
-
-               for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
-                       if (xtables_chain_protos[i].num == proto) {
-                               printf("%s -p %s",
-                                      invertstr, xtables_chain_protos[i].name);
-                               return;
-                       }
-
-               printf("%s -p %u", invertstr, proto);
+               if (pname)
+                       printf("%s -p %s", invertstr, pname);
+               else
+                       printf("%s -p %u", invertstr, proto);
        }
 }
 

diff --git a/iptables/iptables.c b/iptables/iptables.c
index da67dd2e1e9970ccf6508b12434d7d82be1a65ce..b925f0892e0d5fc4d68cfd6d57e07c71a7cef44c 100644 (file)
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -727,23 +727,13 @@ list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric,
 static void print_proto(uint16_t proto, int invert)
 {
        if (proto) {
-               unsigned int i;
+               const char *pname = proto_to_name(proto, 0);
                const char *invertstr = invert ? " !" : "";
 
-               const struct protoent *pent = getprotobynumber(proto);
-               if (pent) {
-                       printf("%s -p %s", invertstr, pent->p_name);
-                       return;
-               }
-
-               for (i = 0; xtables_chain_protos[i].name != NULL; ++i)
-                       if (xtables_chain_protos[i].num == proto) {
-                               printf("%s -p %s",
-                                      invertstr, xtables_chain_protos[i].name);
-                               return;
-                       }
-
-               printf("%s -p %u", invertstr, proto);
+               if (pname)
+                       printf("%s -p %s", invertstr, pname);
+               else
+                       printf("%s -p %u", invertstr, proto);
        }
 }
 

diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index c1664b50f938346d720f93e1c00832dbd59d9b46..4253b08196d295309934c487b2c751a8ed601282 100644 (file)
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -826,13 +826,13 @@ void save_rule_details(const struct iptables_command_state *cs,
        }
 
        if (proto > 0) {
-               const struct protoent *pent = getprotobynumber(proto);
+               const char *pname = proto_to_name(proto, 0);
 
                if (invflags & XT_INV_PROTO)
                        printf("! ");
 
-               if (pent)
-                       printf("-p %s ", pent->p_name);
+               if (pname)
+                       printf("-p %s ", pname);
                else
                        printf("-p %u ", proto);
        }

diff --git a/iptables/xshared.c b/iptables/xshared.c
index a3f473ea607c864989224baa80339d34b7bacf9d..49a88de518466b33647d65ea24b8bbba2d9330a8 100644 (file)
--- a/iptables/xshared.c
+++ b/iptables/xshared.c
@@ -48,7 +48,7 @@ void print_extension_helps(const struct xtables_target *t,
 }
 
 const char *
-proto_to_name(uint8_t proto, int nolookup)
+proto_to_name(uint16_t proto, int nolookup)
 {
        unsigned int i;
 

diff --git a/iptables/xshared.h b/iptables/xshared.h
index dace221bbd962f39585a9310ec809ebfb1495e97..823894f94b84150d69ca2dacac09907e56059171 100644 (file)
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -162,7 +162,7 @@ enum {
 
 extern void print_extension_helps(const struct xtables_target *,
        const struct xtables_rule_match *);
-extern const char *proto_to_name(uint8_t, int);
+extern const char *proto_to_name(uint16_t, int);
 extern int command_default(struct iptables_command_state *,
        struct xtables_globals *, bool invert);
 extern struct xtables_match *load_proto(struct iptables_command_state *);