libxtables: add xtables_rule_matches_free

This function is shared by iptables and ip6tables.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>

diff --git a/configure.ac b/configure.ac
index ba616ab9246fc490f63bc814a7460a357f4dcdab..ffd088c22a63fcb475b5f20e2fc7f092be0ce1ad 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -2,8 +2,8 @@
 AC_INIT([iptables], [1.4.17])
 
 # See libtool.info "Libtool's versioning system"
-libxtables_vcurrent=9
-libxtables_vage=0
+libxtables_vcurrent=10
+libxtables_vage=1
 
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_HEADERS([config.h])

diff --git a/include/xtables.h b/include/xtables.h
index 2cc1a0289a7bb37cb9b168ab7e32fa608f501f32..add76ae549e0a1e13297a77cc9e597fdb374a441 100644 (file)
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -417,6 +417,8 @@ extern struct xtables_match *xtables_find_match(const char *name,
 extern struct xtables_target *xtables_find_target(const char *name,
        enum xtables_tryload);
 
+extern void xtables_rule_matches_free(struct xtables_rule_match **matches);
+
 /* Your shared library should call one of these. */
 extern void xtables_register_match(struct xtables_match *me);
 extern void xtables_register_matches(struct xtables_match *, unsigned int);

diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 0e11a9e12b700474cecc4d7057bbaeeb62ce33b3..e9e753a5a09154ea37099208aede1dfafbc5daa5 100644 (file)
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -1249,27 +1249,6 @@ generate_entry(const struct ip6t_entry *fw,
        return e;
 }
 
-static void clear_rule_matches(struct xtables_rule_match **matches)
-{
-       struct xtables_rule_match *matchp, *tmp;
-
-       for (matchp = *matches; matchp;) {
-               tmp = matchp->next;
-               if (matchp->match->m) {
-                       free(matchp->match->m);
-                       matchp->match->m = NULL;
-               }
-               if (matchp->match == matchp->match->next) {
-                       free(matchp->match);
-                       matchp->match = NULL;
-               }
-               free(matchp);
-               matchp = tmp;
-       }
-
-       *matches = NULL;
-}
-
 static void command_jump(struct iptables_command_state *cs)
 {
        size_t size;
@@ -1963,7 +1942,7 @@ int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle
        if (verbose > 1)
                dump_entries6(*handle);
 
-       clear_rule_matches(&cs.matches);
+       xtables_rule_matches_free(&cs.matches);
 
        if (e != NULL) {
                free(e);

diff --git a/iptables/iptables.c b/iptables/iptables.c
index 760cb16255c2ca13012ea0adcc7bca1163b4eb08..7cc82518dda4e72a7cc2cf17c7eace504c18a4df 100644 (file)
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -1241,27 +1241,6 @@ generate_entry(const struct ipt_entry *fw,
        return e;
 }
 
-static void clear_rule_matches(struct xtables_rule_match **matches)
-{
-       struct xtables_rule_match *matchp, *tmp;
-
-       for (matchp = *matches; matchp;) {
-               tmp = matchp->next;
-               if (matchp->match->m) {
-                       free(matchp->match->m);
-                       matchp->match->m = NULL;
-               }
-               if (matchp->match == matchp->match->next) {
-                       free(matchp->match);
-                       matchp->match = NULL;
-               }
-               free(matchp);
-               matchp = tmp;
-       }
-
-       *matches = NULL;
-}
-
 static void command_jump(struct iptables_command_state *cs)
 {
        size_t size;
@@ -1963,7 +1942,7 @@ int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle
        if (verbose > 1)
                dump_entries(*handle);
 
-       clear_rule_matches(&cs.matches);
+       xtables_rule_matches_free(&cs.matches);
 
        if (e != NULL) {
                free(e);

diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 4c912860e03f4fe37d492303295726d9710da9de..da174e203e858d2be3e1b73aee3f356cbdb1aedb 100644 (file)
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -1075,6 +1075,28 @@ void xtables_register_targets(struct xtables_target *target, unsigned int n)
        } while (n > 0);
 }
 
+/* receives a list of xtables_rule_match, release them */
+void xtables_rule_matches_free(struct xtables_rule_match **matches)
+{
+       struct xtables_rule_match *matchp, *tmp;
+
+       for (matchp = *matches; matchp;) {
+               tmp = matchp->next;
+               if (matchp->match->m) {
+                       free(matchp->match->m);
+                       matchp->match->m = NULL;
+               }
+               if (matchp->match == matchp->match->next) {
+                       free(matchp->match);
+                       matchp->match = NULL;
+               }
+               free(matchp);
+               matchp = tmp;
+       }
+
+       *matches = NULL;
+}
+
 /**
  * xtables_param_act - act on condition
  * @status:    a constant from enum xtables_exittype