if (!(ahinfo->spis[0] == 0
&& ahinfo->spis[1] == 0xFFFFFFFF)) {
- printf("--ahspi %s",
+ printf("%s--ahspi ",
(ahinfo->invflags & IP6T_AH_INV_SPI) ? "! " : "");
if (ahinfo->spis[0]
!= ahinfo->spis[1])
}
if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN) ) {
- printf("--ahlen %s%u ",
+ printf("%s--ahlen %u ",
(ahinfo->invflags & IP6T_AH_INV_LEN) ? "! " : "",
ahinfo->hdrlen);
}
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
if (optinfo->flags & IP6T_OPTS_LEN) {
- printf("--dst-len %s%u ",
+ printf("%s--dst-len %u ",
(optinfo->invflags & IP6T_OPTS_INV_LEN) ? "! " : "",
optinfo->hdrlen);
}
if (!(fraginfo->ids[0] == 0
&& fraginfo->ids[1] == 0xFFFFFFFF)) {
- printf("--fragid %s",
+ printf("%s--fragid ",
(fraginfo->invflags & IP6T_FRAG_INV_IDS) ? "! " : "");
if (fraginfo->ids[0]
!= fraginfo->ids[1])
}
if (fraginfo->flags & IP6T_FRAG_LEN) {
- printf("--fraglen %s%u ",
+ printf("%s--fraglen %u ",
(fraginfo->invflags & IP6T_FRAG_INV_LEN) ? "! " : "",
fraginfo->hdrlen);
}
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
if (optinfo->flags & IP6T_OPTS_LEN) {
- printf("--hbh-len %s%u ",
+ printf("%s--hbh-len %u ",
(optinfo->invflags & IP6T_OPTS_INV_LEN) ? "! " : "",
optinfo->hdrlen);
}
static void hl_save(const void *ip, const struct xt_entry_match *match)
{
- static const char *op[] = {
- [IP6T_HL_EQ] = "eq",
- [IP6T_HL_NE] = "eq !",
- [IP6T_HL_LT] = "lt",
- [IP6T_HL_GT] = "gt" };
+ static const char *const op[] = {
+ [IP6T_HL_EQ] = "--hl-eq",
+ [IP6T_HL_NE] = "! --hl-eq",
+ [IP6T_HL_LT] = "--hl-lt",
+ [IP6T_HL_GT] = "--hl-gt" };
const struct ip6t_hl_info *info =
(struct ip6t_hl_info *) match->data;
- printf("--hl-%s %u ", op[info->mode], info->hop_limit);
+ printf("%s %u ", op[info->mode], info->hop_limit);
}
static const struct option hl_opts[] = {
const struct ip6t_ipv6header_info *info = (const struct ip6t_ipv6header_info *)match->data;
- printf("--header ");
- printf("%s", info->invflags ? "!" : "");
+ printf("%s--header ", info->invflags ? "! " : "");
print_header(info->matchflags);
printf(" ");
if (info->modeflag)
const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
if (rtinfo->flags & IP6T_RT_TYP) {
- printf("--rt-type %s%u ",
+ printf("%s--rt-type %u ",
(rtinfo->invflags & IP6T_RT_INV_TYP) ? "! " : "",
rtinfo->rt_type);
}
if (!(rtinfo->segsleft[0] == 0
&& rtinfo->segsleft[1] == 0xFFFFFFFF)) {
- printf("--rt-segsleft %s",
+ printf("%s--rt-segsleft ",
(rtinfo->invflags & IP6T_RT_INV_SGS) ? "! " : "");
if (rtinfo->segsleft[0]
!= rtinfo->segsleft[1])
}
if (rtinfo->flags & IP6T_RT_LEN) {
- printf("--rt-len %s%u ",
+ printf("%s--rt-len %u ",
(rtinfo->invflags & IP6T_RT_INV_LEN) ? "! " : "",
rtinfo->hdrlen);
}
(struct ipt_addrtype_info *) match->data;
if (info->source) {
- printf("--src-type ");
if (info->invert_source)
printf("! ");
+ printf("--src-type ");
print_types(info->source);
}
if (info->dest) {
- printf("--dst-type ");
if (info->invert_dest)
printf("! ");
+ printf("--dst-type ");
print_types(info->dest);
}
}
(struct ipt_addrtype_info_v1 *) match->data;
if (info->source) {
- printf("--src-type ");
if (info->flags & IPT_ADDRTYPE_INVERT_SOURCE)
printf("! ");
+ printf("--src-type ");
print_types(info->source);
}
if (info->dest) {
- printf("--dst-type ");
if (info->flags & IPT_ADDRTYPE_INVERT_DEST)
printf("! ");
+ printf("--dst-type ");
print_types(info->dest);
}
if (info->flags & IPT_ADDRTYPE_LIMIT_IFACE_IN) {
if (!(ahinfo->spis[0] == 0
&& ahinfo->spis[1] == 0xFFFFFFFF)) {
- printf("--ahspi %s",
+ printf("%s--ahspi ",
(ahinfo->invflags & IPT_AH_INV_SPI) ? "! " : "");
if (ahinfo->spis[0]
!= ahinfo->spis[1])
"DSCP match: Parameter --dscp is required");
}
-static void
-print_dscp(u_int8_t dscp, int invert, int numeric)
-{
- if (invert)
- printf("! ");
-
- printf("0x%02x ", dscp);
-}
-
static void
dscp_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
const struct xt_dscp_info *dinfo =
(const struct xt_dscp_info *)match->data;
- printf("DSCP match ");
- print_dscp(dinfo->dscp, dinfo->invert, numeric);
+ printf("DSCP match %s0x%02x", dinfo->invert ? "!" : "", dinfo->dscp);
}
static void dscp_save(const void *ip, const struct xt_entry_match *match)
const struct xt_dscp_info *dinfo =
(const struct xt_dscp_info *)match->data;
- printf("--dscp ");
- print_dscp(dinfo->dscp, dinfo->invert, 1);
+ printf("%s--dscp 0x%02x ", dinfo->invert ? "! " : "", dinfo->dscp);
}
static struct xtables_match dscp_match = {
if (!(espinfo->spis[0] == 0
&& espinfo->spis[1] == 0xFFFFFFFF)) {
- printf("--espspi %s",
+ printf("%s--espspi ",
(espinfo->invflags & XT_ESP_INV_SPI) ? "! " : "");
if (espinfo->spis[0]
!= espinfo->spis[1])
}
static void
-print_length(struct xt_length_info *info)
+length_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
- if (info->invert)
- printf("! ");
-
- if (info->max == info->min)
+ const struct xt_length_info *info = (void *)match->data;
+
+ printf("length %s", info->invert ? "!" : "");
+ if (info->min == info->max)
printf("%u ", info->min);
else
printf("%u:%u ", info->min, info->max);
}
-static void
-length_print(const void *ip, const struct xt_entry_match *match, int numeric)
-{
- printf("length ");
- print_length((struct xt_length_info *)match->data);
-}
-
static void length_save(const void *ip, const struct xt_entry_match *match)
{
- printf("--length ");
- print_length((struct xt_length_info *)match->data);
+ const struct xt_length_info *info = (void *)match->data;
+
+ printf("%s--length ", info->invert ? "! " : "");
+ if (info->min == info->max)
+ printf("%u ", info->min);
+ else
+ printf("%u:%u ", info->min, info->max);
}
static struct xtables_match length_match = {
= (const struct xt_multiport_v1 *)match->data;
unsigned int i;
+ if (multiinfo->invert)
+ printf("! ");
+
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
printf("--sports ");
break;
}
- if (multiinfo->invert)
- printf("! ");
-
for (i=0; i < multiinfo->count; i++) {
printf("%s", i ? "," : "");
print_port(multiinfo->ports[i], proto, 1);
{
struct xt_pkttype_info *info = (struct xt_pkttype_info *)match->data;
- printf("--pkt-type %s", info->invert?"! ":"");
+ printf("%s--pkt-type ", info->invert ? "! " : "");
print_pkttype(info);
}
info->u.v1.flags & XT_STRING_FLAG_INVERT);
if (is_hex_string(info->pattern, info->patlen)) {
- printf("--hex-string %s", (invert) ? "! ": "");
+ printf("%s--hex-string ", (invert) ? "! ": "");
print_hex_string(info->pattern, info->patlen);
} else {
- printf("--string %s", (invert) ? "! ": "");
+ printf("%s--string ", (invert) ? "! ": "");
print_string(info->pattern, info->patlen);
}
printf("--algo %s ", info->algo);
return 1;
}
-static void
-print_tcpmss(u_int16_t mss_min, u_int16_t mss_max, int invert, int numeric)
-{
- if (invert)
- printf("! ");
-
- if (mss_min == mss_max)
- printf("%u ", mss_min);
- else
- printf("%u:%u ", mss_min, mss_max);
-}
-
static void tcpmss_check(unsigned int flags)
{
if (!flags)
static void
tcpmss_print(const void *ip, const struct xt_entry_match *match, int numeric)
{
- const struct xt_tcpmss_match_info *mssinfo =
- (const struct xt_tcpmss_match_info *)match->data;
+ const struct xt_tcpmss_match_info *info = (void *)match->data;
- printf("tcpmss match ");
- print_tcpmss(mssinfo->mss_min, mssinfo->mss_max,
- mssinfo->invert, numeric);
+ printf("tcpmss match %s", info->invert ? "!" : "");
+ if (info->mss_min == info->mss_max)
+ printf("%u ", info->mss_min);
+ else
+ printf("%u:%u ", info->mss_min, info->mss_max);
}
static void tcpmss_save(const void *ip, const struct xt_entry_match *match)
{
- const struct xt_tcpmss_match_info *mssinfo =
- (const struct xt_tcpmss_match_info *)match->data;
+ const struct xt_tcpmss_match_info *info = (void *)match->data;
- printf("--mss ");
- print_tcpmss(mssinfo->mss_min, mssinfo->mss_max,
- mssinfo->invert, 0);
+ printf("%s--mss ", info->invert ? "! " : "");
+ if (info->mss_min == info->mss_max)
+ printf("%u ", info->mss_min);
+ else
+ printf("%u:%u ", info->mss_min, info->mss_max);
}
static struct xtables_match tcpmss_match = {
projects / thirdparty / iptables.git / commitdiff
