}
}
-static void print_fw_details(struct arpt_entry *fw, unsigned int format)
+static void nft_arp_print_rule_details(struct arpt_entry *fw,
+ unsigned int format)
{
char buf[BUFSIZ];
char iface[IFNAMSIZ+2];
}
static void
-nft_arp_print_firewall(struct nftnl_rule *r, unsigned int num,
- unsigned int format)
+nft_arp_print_rule(struct nftnl_rule *r, unsigned int num, unsigned int format)
{
struct iptables_command_state cs = {};
if (format & FMT_LINENUMBERS)
printf("%u ", num);
- print_fw_details(&cs.arp, format);
+ nft_arp_print_rule_details(&cs.arp, format);
if (cs.jumpto != NULL && strcmp(cs.jumpto, "") != 0) {
printf("-j %s", cs.jumpto);
.parse_payload = nft_arp_parse_payload,
.parse_immediate = nft_arp_parse_immediate,
.print_header = nft_arp_print_header,
- .print_firewall = nft_arp_print_firewall,
- .save_firewall = NULL,
+ .print_rule = nft_arp_print_rule,
+ .save_rule = NULL,
.save_counters = NULL,
.post_parse = NULL,
.rule_to_cs = nft_arp_rule_to_cs,
printf("%s ", ent->e_name);
}
-static void nft_bridge_print_firewall(struct nftnl_rule *r, unsigned int num,
- unsigned int format)
+static void nft_bridge_print_rule(struct nftnl_rule *r, unsigned int num,
+ unsigned int format)
{
struct iptables_command_state cs = {};
.parse_target = nft_bridge_parse_target,
.print_table_header = nft_bridge_print_table_header,
.print_header = nft_bridge_print_header,
- .print_firewall = nft_bridge_print_firewall,
- .save_firewall = NULL,
+ .print_rule = nft_bridge_print_rule,
+ .save_rule = NULL,
.save_counters = NULL,
.post_parse = NULL,
.rule_to_cs = nft_rule_to_ebtables_command_state,
fputc(' ', stdout);
}
-static void nft_ipv4_print_firewall(struct nftnl_rule *r, unsigned int num,
- unsigned int format)
+static void nft_ipv4_print_rule(struct nftnl_rule *r, unsigned int num,
+ unsigned int format)
{
struct iptables_command_state cs = {};
nft_rule_to_iptables_command_state(r, &cs);
- print_firewall_details(&cs, cs.jumpto, cs.fw.ip.flags,
- cs.fw.ip.invflags, cs.fw.ip.proto,
- num, format);
+ print_rule_details(&cs, cs.jumpto, cs.fw.ip.flags,
+ cs.fw.ip.invflags, cs.fw.ip.proto, num, format);
print_fragment(cs.fw.ip.flags, cs.fw.ip.invflags, format);
print_ifaces(cs.fw.ip.iniface, cs.fw.ip.outiface, cs.fw.ip.invflags,
format);
mask_to_str(mask));
}
-static void nft_ipv4_save_firewall(const void *data, unsigned int format)
+static void nft_ipv4_save_rule(const void *data, unsigned int format)
{
const struct iptables_command_state *cs = data;
save_ipv4_addr('d', &cs->fw.ip.dst, cs->fw.ip.dmsk.s_addr,
cs->fw.ip.invflags & IPT_INV_DSTIP);
- save_firewall_details(cs, cs->fw.ip.invflags, cs->fw.ip.proto,
- cs->fw.ip.iniface, cs->fw.ip.iniface_mask,
- cs->fw.ip.outiface, cs->fw.ip.outiface_mask);
+ save_rule_details(cs, cs->fw.ip.invflags, cs->fw.ip.proto,
+ cs->fw.ip.iniface, cs->fw.ip.iniface_mask,
+ cs->fw.ip.outiface, cs->fw.ip.outiface_mask);
if (cs->fw.ip.flags & IPT_F_FRAG) {
if (cs->fw.ip.invflags & IPT_INV_FRAG)
.parse_payload = nft_ipv4_parse_payload,
.parse_immediate = nft_ipv4_parse_immediate,
.print_header = print_header,
- .print_firewall = nft_ipv4_print_firewall,
- .save_firewall = nft_ipv4_save_firewall,
+ .print_rule = nft_ipv4_print_rule,
+ .save_rule = nft_ipv4_save_rule,
.save_counters = save_counters,
.proto_parse = nft_ipv4_proto_parse,
.post_parse = nft_ipv4_post_parse,
}
}
-static void nft_ipv6_print_firewall(struct nftnl_rule *r, unsigned int num,
- unsigned int format)
+static void nft_ipv6_print_rule(struct nftnl_rule *r, unsigned int num,
+ unsigned int format)
{
struct iptables_command_state cs = {};
nft_rule_to_iptables_command_state(r, &cs);
- print_firewall_details(&cs, cs.jumpto, cs.fw6.ipv6.flags,
- cs.fw6.ipv6.invflags, cs.fw6.ipv6.proto,
- num, format);
+ print_rule_details(&cs, cs.jumpto, cs.fw6.ipv6.flags,
+ cs.fw6.ipv6.invflags, cs.fw6.ipv6.proto,
+ num, format);
print_ifaces(cs.fw6.ipv6.iniface, cs.fw6.ipv6.outiface,
cs.fw6.ipv6.invflags, format);
print_ipv6_addr(&cs, format);
printf("/%d ", l);
}
-static void nft_ipv6_save_firewall(const void *data, unsigned int format)
+static void nft_ipv6_save_rule(const void *data, unsigned int format)
{
const struct iptables_command_state *cs = data;
save_ipv6_addr('d', &cs->fw6.ipv6.dst, &cs->fw6.ipv6.dmsk,
cs->fw6.ipv6.invflags & IP6T_INV_DSTIP);
- save_firewall_details(cs, cs->fw6.ipv6.invflags, cs->fw6.ipv6.proto,
- cs->fw6.ipv6.iniface, cs->fw6.ipv6.iniface_mask,
- cs->fw6.ipv6.outiface,
- cs->fw6.ipv6.outiface_mask);
+ save_rule_details(cs, cs->fw6.ipv6.invflags, cs->fw6.ipv6.proto,
+ cs->fw6.ipv6.iniface, cs->fw6.ipv6.iniface_mask,
+ cs->fw6.ipv6.outiface, cs->fw6.ipv6.outiface_mask);
save_matches_and_target(cs->matches, cs->target,
cs->jumpto, cs->fw6.ipv6.flags, &cs->fw6);
.parse_payload = nft_ipv6_parse_payload,
.parse_immediate = nft_ipv6_parse_immediate,
.print_header = print_header,
- .print_firewall = nft_ipv6_print_firewall,
- .save_firewall = nft_ipv6_save_firewall,
+ .print_rule = nft_ipv6_print_rule,
+ .save_rule = nft_ipv6_save_rule,
.save_counters = save_counters,
.proto_parse = nft_ipv6_proto_parse,
.post_parse = nft_ipv6_post_parse,
printf("\n");
}
-void print_firewall_details(const struct iptables_command_state *cs,
- const char *targname, uint8_t flags,
- uint8_t invflags, uint8_t proto,
- unsigned int num, unsigned int format)
+void print_rule_details(const struct iptables_command_state *cs,
+ const char *targname, uint8_t flags,
+ uint8_t invflags, uint8_t proto,
+ unsigned int num, unsigned int format)
{
if (format & FMT_LINENUMBERS)
printf(FMT("%-4u ", "%u "), num);
printf(" ");
}
-void save_firewall_details(const struct iptables_command_state *cs,
- uint8_t invflags, uint16_t proto,
- const char *iniface,
- unsigned const char *iniface_mask,
- const char *outiface,
- unsigned const char *outiface_mask)
+void save_rule_details(const struct iptables_command_state *cs,
+ uint8_t invflags, uint16_t proto,
+ const char *iniface,
+ unsigned const char *iniface_mask,
+ const char *outiface,
+ unsigned const char *outiface_mask)
{
if (iniface != NULL) {
print_iface('i', iniface, iniface_mask,
const char *pol,
const struct xt_counters *counters, bool basechain,
uint32_t refs);
- void (*print_firewall)(struct nftnl_rule *r, unsigned int num,
- unsigned int format);
- void (*save_firewall)(const void *data, unsigned int format);
+ void (*print_rule)(struct nftnl_rule *r, unsigned int num,
+ unsigned int format);
+ void (*save_rule)(const void *data, unsigned int format);
void (*save_counters)(const void *data);
void (*proto_parse)(struct iptables_command_state *cs,
struct xtables_args *args);
void print_header(unsigned int format, const char *chain, const char *pol,
const struct xt_counters *counters, bool basechain,
uint32_t refs);
-void print_firewall_details(const struct iptables_command_state *cs,
- const char *targname, uint8_t flags,
- uint8_t invflags, uint8_t proto,
- unsigned int num, unsigned int format);
+void print_rule_details(const struct iptables_command_state *cs,
+ const char *targname, uint8_t flags,
+ uint8_t invflags, uint8_t proto,
+ unsigned int num, unsigned int format);
void print_ifaces(const char *iniface, const char *outiface, uint8_t invflags,
unsigned int format);
void print_matches_and_target(struct iptables_command_state *cs,
unsigned int format);
-void save_firewall_details(const struct iptables_command_state *cs,
- uint8_t invflags, uint16_t proto,
- const char *iniface,
- unsigned const char *iniface_mask,
- const char *outiface,
- unsigned const char *outiface_mask);
+void save_rule_details(const struct iptables_command_state *cs,
+ uint8_t invflags, uint16_t proto,
+ const char *iniface,
+ unsigned const char *iniface_mask,
+ const char *outiface,
+ unsigned const char *outiface_mask);
void save_counters(const void *data);
void save_matches_and_target(struct xtables_rule_match *m,
struct xtables_target *target,
break;
}
- if (ops->save_firewall)
- ops->save_firewall(&cs, format);
+ if (ops->save_rule)
+ ops->save_rule(&cs, format);
if (ops->clear_cs)
ops->clear_cs(&cs);
if (chain && rulenum) {
__nft_rule_list(h, chain, table,
- rulenum, format, ops->print_firewall);
+ rulenum, format, ops->print_rule);
return 1;
}
&ctrs, basechain, refs);
__nft_rule_list(h, chain_name, table,
- rulenum, format, ops->print_firewall);
+ rulenum, format, ops->print_rule);
/* we printed the chain we wanted, stop processing. */
if (chain)
projects / thirdparty / iptables.git / commitdiff
