build: preliminary support for iptables 1.4.11

diff --git a/doc/changelog.txt b/doc/changelog.txt
index 8e64cbe89ff742b12328770954b5d283adc6f78e..5219bf490a25e2ac8e580d27e521c0411c2993b3 100644 (file)
--- a/doc/changelog.txt
+++ b/doc/changelog.txt
@@ -16,6 +16,7 @@ Enhancements:
   * fixed trailing whitespaces and pr_* messages
   * fixed module loading at create/header commands
 - build: support for Linux up to 2.6.38
+- build: preliminary support for iptables 1.4.11
 
 
 v1.32 (2011-01-04)

diff --git a/extensions/ACCOUNT/libxt_ACCOUNT.c b/extensions/ACCOUNT/libxt_ACCOUNT.c
index b5aad442d7b98e3e1a68139188614ddae8c72496..d861998f968df0fe0419c4db33888741f907a5d9 100644 (file)
--- a/extensions/ACCOUNT/libxt_ACCOUNT.c
+++ b/extensions/ACCOUNT/libxt_ACCOUNT.c
@@ -105,11 +105,11 @@ static void account_tg_print_it(const void *ip,
        struct in_addr a;
 
        if (!do_prefix)
-               printf("ACCOUNT ");
+               printf(" ACCOUNT ");
 
        // Network information
        if (do_prefix)
-               printf("--");
+               printf(" --");
        printf("%s ", account_tg_opts[0].name);
 
        a.s_addr = accountinfo->net_ip;
@@ -119,7 +119,7 @@ static void account_tg_print_it(const void *ip,
 
        printf(" ");
        if (do_prefix)
-               printf("--");
+               printf(" --");
 
        printf("%s %s", account_tg_opts[1].name, accountinfo->table_name);
 }

diff --git a/extensions/libxt_CHAOS.c b/extensions/libxt_CHAOS.c
index d9dc949ca54e8737b48c82e08816b5819adaffb8..60c464f361ff613223caa10ec7746f071e91bf80 100644 (file)
--- a/extensions/libxt_CHAOS.c
+++ b/extensions/libxt_CHAOS.c
@@ -71,10 +71,10 @@ static void chaos_tg_print(const void *ip,
 
        switch (info->variant) {
        case XTCHAOS_DELUDE:
-               printf("DELUDE ");
+               printf(" DELUDE ");
                break;
        case XTCHAOS_TARPIT:
-               printf("TARPIT ");
+               printf(" TARPIT ");
                break;
        }
 }
@@ -85,10 +85,10 @@ static void chaos_tg_save(const void *ip, const struct xt_entry_target *target)
 
        switch (info->variant) {
        case XTCHAOS_DELUDE:
-               printf("--delude ");
+               printf(" --delude ");
                break;
        case XTCHAOS_TARPIT:
-               printf("--tarpit ");
+               printf(" --tarpit ");
                break;
        }
 }

diff --git a/extensions/libxt_CHECKSUM.c b/extensions/libxt_CHECKSUM.c
index 9ed5a0074d18110991387ac64c1252a1fe991cfd..0f189b792d7030885b85df8a2174d5cd6538db6e 100644 (file)
--- a/extensions/libxt_CHECKSUM.c
+++ b/extensions/libxt_CHECKSUM.c
@@ -62,7 +62,7 @@ static void CHECKSUM_print(const void *ip, const struct xt_entry_target *target,
        printf("CHECKSUM ");
 
        if (einfo->operation & XT_CHECKSUM_OP_FILL)
-               printf("fill ");
+               printf(" fill ");
 }
 
 static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target)
@@ -71,7 +71,7 @@ static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target)
                (const struct xt_CHECKSUM_info *)target->data;
 
        if (einfo->operation & XT_CHECKSUM_OP_FILL)
-               printf("--checksum-fill ");
+               printf(" --checksum-fill ");
 }
 
 static struct xtables_target checksum_tg_reg = {

diff --git a/extensions/libxt_DHCPMAC.c b/extensions/libxt_DHCPMAC.c
index 25e5cb510e43a3ef91802102bb17d2aea8f33cb5..258658fa45381685ef9d23f5f74a06c9fda4c76b 100644 (file)
--- a/extensions/libxt_DHCPMAC.c
+++ b/extensions/libxt_DHCPMAC.c
@@ -66,7 +66,7 @@ static void dhcpmac_tg_print(const void *ip,
 {
        const struct dhcpmac_info *info = (void *)target->data;
 
-       printf("DHCPMAC %s" DH_MAC_FMT "/%u ",
+       printf(" DHCPMAC %s" DH_MAC_FMT "/%u ",
               info->invert ? "!" : "", DH_MAC_HEX(info->addr), info->mask);
 }
 
@@ -76,8 +76,8 @@ static void dhcpmac_tg_save(const void *ip,
        const struct dhcpmac_info *info = (const void *)target->data;
 
        if (info->invert)
-               printf("! ");
-       printf("--set-mac " DH_MAC_FMT "/%u ",
+               printf(" !");
+       printf(" --set-mac " DH_MAC_FMT "/%u ",
               DH_MAC_HEX(info->addr), info->mask);
 }
 

diff --git a/extensions/libxt_DNETMAP.c b/extensions/libxt_DNETMAP.c
index 73113116e3ce436213c86f33c21ef354d5d15f76..ddfb7a66740c22ab37c22890812d5c54bd278869 100644 (file)
--- a/extensions/libxt_DNETMAP.c
+++ b/extensions/libxt_DNETMAP.c
@@ -192,7 +192,7 @@ static void DNETMAP_print(const void *ip, const struct xt_entry_target *target,
        struct xt_DNETMAP_tginfo *tginfo = (void *)&target->data;
        const __u8 *flags = &tginfo->flags;
 
-       printf("prefix ");
+       printf(" prefix ");
        if (*flags & XT_DNETMAP_PREFIX)
                DNETMAP_print_addr(ip, target, numeric);
        else
@@ -211,14 +211,14 @@ static void DNETMAP_save(const void *ip, const struct xt_entry_target *target)
        const __u8 *flags = &tginfo->flags;
 
        if (*flags & XT_DNETMAP_PREFIX) {
-               printf("--%s", DNETMAP_opts[0].name);
+               printf(" --%s ", DNETMAP_opts[0].name);
                DNETMAP_print_addr(ip, target, 0);
        }
-       printf(" --reuse %i", *flags & XT_DNETMAP_REUSE);
+       printf(" --reuse %i ", *flags & XT_DNETMAP_REUSE);
 
        /* ommited because default value can change as kernel mod param */
        if (*flags & XT_DNETMAP_TTL)
-               printf(" --ttl %i", tginfo->ttl);
+               printf(" --ttl %i ", tginfo->ttl);
 }
 
 static struct xtables_target dnetmap_tg_reg = {

diff --git a/extensions/libxt_IPMARK.c b/extensions/libxt_IPMARK.c
index 863564da6218f030cb570a6a549bfe59af624767..6d52e316da06158c1a36b60f817c7b11a3d514e2 100644 (file)
--- a/extensions/libxt_IPMARK.c
+++ b/extensions/libxt_IPMARK.c
@@ -119,16 +119,16 @@ ipmark_tg_print(const void *entry, const struct xt_entry_target *target,
        const struct xt_ipmark_tginfo *info = (const void *)target->data;
 
        if (info->selector == XT_IPMARK_SRC)
-               printf("IPMARK src ip ");
+               printf(" IPMARK src ip ");
        else
-               printf("IPMARK dst ip ");
+               printf(" IPMARK dst ip ");
 
        if (info->shift != 0)
-               printf("shift %u ", (unsigned int)info->shift);
+               printf(" shift %u ", (unsigned int)info->shift);
        if (info->andmask != ~0U)
-               printf("and 0x%x ", (unsigned int)info->andmask);
+               printf(" and 0x%x ", (unsigned int)info->andmask);
        if (info->ormask != 0)
-               printf("or 0x%x ", (unsigned int)info->ormask);
+               printf(" or 0x%x ", (unsigned int)info->ormask);
 }
 
 static void
@@ -137,16 +137,16 @@ ipmark_tg_save(const void *entry, const struct xt_entry_target *target)
        const struct xt_ipmark_tginfo *info = (const void *)target->data;
 
        if (info->selector == XT_IPMARK_SRC)
-               printf("--addr src ");
+               printf(" --addr src ");
        else
-               printf("--addr dst ");
+               printf(" --addr dst ");
 
        if (info->shift != 0)
-               printf("--shift %u ", (unsigned int)info->shift);
+               printf(" --shift %u ", (unsigned int)info->shift);
        if (info->andmask != ~0U)
-               printf("--and-mask 0x%x ", (unsigned int)info->andmask);
+               printf(" --and-mask 0x%x ", (unsigned int)info->andmask);
        if (info->ormask != 0)
-               printf("--or-mask 0x%x ", (unsigned int)info->ormask);
+               printf(" --or-mask 0x%x ", (unsigned int)info->ormask);
 }
 
 static struct xtables_target ipmark_tg_reg = {

diff --git a/extensions/libxt_LOGMARK.c b/extensions/libxt_LOGMARK.c
index 21f649edc81d023c537f5c8d06d9f0fc103adeed..825b9caf3c5cbbc2751730f9f16a12e70c174c8c 100644 (file)
--- a/extensions/libxt_LOGMARK.c
+++ b/extensions/libxt_LOGMARK.c
@@ -83,7 +83,7 @@ logmark_tg_print(const void *ip, const struct xt_entry_target *target,
 {
        const struct xt_logmark_tginfo *info = (void *)target->data;
 
-       printf("LOGMARK level %u prefix \"%s\" ", info->level, info->prefix);
+       printf(" LOGMARK level %u prefix \"%s\" ", info->level, info->prefix);
 }
 
 static void
@@ -92,9 +92,9 @@ logmark_tg_save(const void *ip, const struct xt_entry_target *target)
        const struct xt_logmark_tginfo *info = (void *)target->data;
 
        if (info->level != 4)
-               printf("--log-level %u ", info->level);
+               printf(" --log-level %u ", info->level);
        if (*info->prefix != '\0')
-               printf("--log-prefix \"%s\" ", info->prefix);
+               printf(" --log-prefix \"%s\" ", info->prefix);
 }
 
 static struct xtables_target logmark_tg_reg = {

diff --git a/extensions/libxt_RAWDNAT.c b/extensions/libxt_RAWDNAT.c
index 2dbea16033425ae10ec82654b19e4cc534857fd3..e77060f8e083be47d242bbb80abd1e9a8ddfd8ee 100644 (file)
--- a/extensions/libxt_RAWDNAT.c
+++ b/extensions/libxt_RAWDNAT.c
@@ -110,10 +110,10 @@ rawdnat_tg4_print(const void *entry, const struct xt_entry_target *target,
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
        if (!numeric && info->mask == 32)
-               printf("to-destination %s ",
+               printf(" to-destination %s ",
                       xtables_ipaddr_to_anyname(&info->addr.in));
        else
-               printf("to-destination %s/%u ",
+               printf(" to-destination %s/%u ",
                       xtables_ipaddr_to_numeric(&info->addr.in), info->mask);
 }
 
@@ -124,10 +124,10 @@ rawdnat_tg6_print(const void *entry, const struct xt_entry_target *target,
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
        if (!numeric && info->mask == 128)
-               printf("to-destination %s ",
+               printf(" to-destination %s ",
                       xtables_ip6addr_to_anyname(&info->addr.in6));
        else
-               printf("to-destination %s/%u ",
+               printf(" to-destination %s/%u ",
                       xtables_ip6addr_to_numeric(&info->addr.in6), info->mask);
 }
 
@@ -136,7 +136,7 @@ rawdnat_tg4_save(const void *entry, const struct xt_entry_target *target)
 {
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
-       printf("--to-destination %s/%u ",
+       printf(" --to-destination %s/%u ",
               xtables_ipaddr_to_numeric(&info->addr.in),
               info->mask);
 }
@@ -146,7 +146,7 @@ rawdnat_tg6_save(const void *entry, const struct xt_entry_target *target)
 {
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
-       printf("--to-destination %s/%u ",
+       printf(" --to-destination %s/%u ",
               xtables_ip6addr_to_numeric(&info->addr.in6),
               info->mask);
 }

diff --git a/extensions/libxt_RAWSNAT.c b/extensions/libxt_RAWSNAT.c
index 6d3d121d5c61a1b13171e3a3be4e9890cefb2a1d..1c1c35de95d7025743aa4924ad45fa85ae6cb54a 100644 (file)
--- a/extensions/libxt_RAWSNAT.c
+++ b/extensions/libxt_RAWSNAT.c
@@ -110,10 +110,10 @@ rawsnat_tg4_print(const void *entry, const struct xt_entry_target *target,
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
        if (!numeric && info->mask == 32)
-               printf("to-source %s ",
+               printf(" to-source %s ",
                       xtables_ipaddr_to_anyname(&info->addr.in));
        else
-               printf("to-source %s/%u ",
+               printf(" to-source %s/%u ",
                       xtables_ipaddr_to_numeric(&info->addr.in), info->mask);
 }
 
@@ -124,10 +124,10 @@ rawsnat_tg6_print(const void *entry, const struct xt_entry_target *target,
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
        if (!numeric && info->mask == 128)
-               printf("to-source %s ",
+               printf(" to-source %s ",
                       xtables_ip6addr_to_anyname(&info->addr.in6));
        else
-               printf("to-source %s/%u ",
+               printf(" to-source %s/%u ",
                       xtables_ip6addr_to_numeric(&info->addr.in6), info->mask);
 }
 
@@ -136,7 +136,7 @@ rawsnat_tg4_save(const void *entry, const struct xt_entry_target *target)
 {
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
-       printf("--to-source %s/%u ",
+       printf(" --to-source %s/%u ",
               xtables_ipaddr_to_numeric(&info->addr.in),
               info->mask);
 }
@@ -146,7 +146,7 @@ rawsnat_tg6_save(const void *entry, const struct xt_entry_target *target)
 {
        const struct xt_rawnat_tginfo *info = (const void *)target->data;
 
-       printf("--to-source %s/%u ",
+       printf(" --to-source %s/%u ",
               xtables_ip6addr_to_numeric(&info->addr.in6),
               info->mask);
 }

diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c
index a615d6f4a8d57e3aed95447347b05cc05483533a..64c6b411c10f5c9eaee6e526b5df932a683725a4 100644 (file)
--- a/extensions/libxt_TEE.c
+++ b/extensions/libxt_TEE.c
@@ -105,9 +105,9 @@ static void tee_tg_print(const void *ip, const struct xt_entry_target *target,
        const struct xt_tee_tginfo *info = (const void *)target->data;
 
        if (numeric)
-               printf("TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in));
+               printf(" TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in));
        else
-               printf("TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in));
+               printf(" TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in));
 }
 
 static void tee_tg6_print(const void *ip, const struct xt_entry_target *target,
@@ -116,23 +116,23 @@ static void tee_tg6_print(const void *ip, const struct xt_entry_target *target,
        const struct xt_tee_tginfo *info = (const void *)target->data;
 
        if (numeric)
-               printf("TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6));
+               printf(" TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6));
        else
-               printf("TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6));
+               printf(" TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6));
 }
 
 static void tee_tg_save(const void *ip, const struct xt_entry_target *target)
 {
        const struct xt_tee_tginfo *info = (const void *)target->data;
 
-       printf("--gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in));
+       printf(" --gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in));
 }
 
 static void tee_tg6_save(const void *ip, const struct xt_entry_target *target)
 {
        const struct xt_tee_tginfo *info = (const void *)target->data;
 
-       printf("--gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6));
+       printf(" --gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6));
 }
 
 static struct xtables_target tee_tg_reg = {

diff --git a/extensions/libxt_condition.c b/extensions/libxt_condition.c
index e305fa7bb09eb32bcdb235f76fdbce9426a34729..7de8c26db428f43ae0c167afd30df62d5dcf9aab 100644 (file)
--- a/extensions/libxt_condition.c
+++ b/extensions/libxt_condition.c
@@ -67,7 +67,7 @@ static void condition_print(const void *ip, const struct xt_entry_match *match,
 {
        const struct xt_condition_mtinfo *info = (const void *)match->data;
 
-       printf("condition %s%s ", (info->invert) ? "!" : "", info->name);
+       printf(" condition %s%s ", (info->invert) ? "!" : "", info->name);
 }
 
 
@@ -75,7 +75,7 @@ static void condition_save(const void *ip, const struct xt_entry_match *match)
 {
        const struct xt_condition_mtinfo *info = (const void *)match->data;
 
-       printf("%s--condition \"%s\" ", info->invert ? "! " : "", info->name);
+       printf("%s --condition \"%s\" ", info->invert ? " !" : "", info->name);
 }
 
 static struct xtables_match condition_mt_reg = {

diff --git a/extensions/libxt_dhcpmac.c b/extensions/libxt_dhcpmac.c
index d2eeb9119f747a07f126a0709723bf981b137d33..b861d33e6a8ddd93689c172767c3ee8ad8a7404e 100644 (file)
--- a/extensions/libxt_dhcpmac.c
+++ b/extensions/libxt_dhcpmac.c
@@ -67,7 +67,7 @@ static void dhcpmac_mt_print(const void *ip,
 {
        const struct dhcpmac_info *info = (void *)match->data;
 
-       printf("dhcpmac %s" DH_MAC_FMT "/%u ",
+       printf(" dhcpmac %s" DH_MAC_FMT "/%u ",
               info->invert ? "!" : "", DH_MAC_HEX(info->addr), info->mask);
 }
 
@@ -77,8 +77,8 @@ static void dhcpmac_mt_save(const void *ip,
        const struct dhcpmac_info *info = (void *)match->data;
 
        if (info->invert)
-               printf("! ");
-       printf("--mac " DH_MAC_FMT "/%u ",
+               printf(" !");
+       printf(" --mac " DH_MAC_FMT "/%u ",
               DH_MAC_HEX(info->addr), info->mask);
 }
 

diff --git a/extensions/libxt_fuzzy.c b/extensions/libxt_fuzzy.c
index c24e413833fe5008881c5ffad9042abbe453b2cc..06fd075e379bbb590ca52349e4695c700e86f25e 100644 (file)
--- a/extensions/libxt_fuzzy.c
+++ b/extensions/libxt_fuzzy.c
@@ -88,7 +88,7 @@ static void fuzzy_mt_print(const void *ip, const struct xt_entry_match *match,
 {
        const struct xt_fuzzy_mtinfo *info = (const void *)match->data;
 
-       printf("fuzzy: lower limit = %u pps - upper limit = %u pps ",
+       printf(" fuzzy: lower limit = %u pps - upper limit = %u pps ",
               info->minimum_rate, info->maximum_rate);
 }
 
@@ -96,8 +96,8 @@ static void fuzzy_mt_save(const void *ip, const struct xt_entry_match *match)
 {
        const struct xt_fuzzy_mtinfo *info = (const void *)match->data;
 
-       printf("--lower-limit %u ", info->minimum_rate);
-       printf("--upper-limit %u ", info->maximum_rate);
+       printf(" --lower-limit %u ", info->minimum_rate);
+       printf(" --upper-limit %u ", info->maximum_rate);
 }
 
 static struct xtables_match fuzzy_mt_reg = { 

diff --git a/extensions/libxt_geoip.c b/extensions/libxt_geoip.c
index dcaa434b1eea8c98ad5221ef2a80116a8e6fcfdf..638f6697757233f729a65ed78f63a6ade30791e4 100644 (file)
--- a/extensions/libxt_geoip.c
+++ b/extensions/libxt_geoip.c
@@ -259,9 +259,9 @@ geoip_print(const void *ip, const struct xt_entry_match *match, int numeric)
        u_int8_t i;
 
        if (info->flags & XT_GEOIP_SRC)
-               printf("Source ");
+               printf(" Source ");
        else
-               printf("Destination ");
+               printf(" Destination ");
 
        if (info->count > 1)
                printf("countries: ");
@@ -283,12 +283,12 @@ geoip_save(const void *ip, const struct xt_entry_match *match)
        u_int8_t i;
 
        if (info->flags & XT_GEOIP_INV)
-               printf("! ");
+               printf(" !");
 
        if (info->flags & XT_GEOIP_SRC)
-               printf("--source-country ");
+               printf(" --source-country ");
        else
-               printf("--destination-country ");
+               printf(" --destination-country ");
 
        for (i = 0; i < info->count; i++)
                printf("%s%c%c", i ? "," : "", COUNTRY(info->cc[i]));

diff --git a/extensions/libxt_gradm.c b/extensions/libxt_gradm.c
index 4f1ce603fb8ddcfd09be5b7e9b303e244d4c95ee..12236d7398a574969460633025a3f5a5c31d62b5 100644 (file)
--- a/extensions/libxt_gradm.c
+++ b/extensions/libxt_gradm.c
@@ -73,9 +73,9 @@ static void gradm_mt_save(const void *ip, const struct xt_entry_match *match)
        const struct xt_gradm_mtinfo *info = (const void *)match->data;
 
        if (info->invflags)
-               printf("--disabled ");
+               printf(" --disabled ");
        else
-               printf("--enabled ");
+               printf(" --enabled ");
 }
 
 static struct xtables_match gradm_mt_reg = { 

diff --git a/extensions/libxt_iface.c b/extensions/libxt_iface.c
index 7b430b629d4971422b6f005ae31096bd2f27181b..b6e57a7ea0834ef3af01e37b797dcb9a618a52e2 100644 (file)
--- a/extensions/libxt_iface.c
+++ b/extensions/libxt_iface.c
@@ -180,7 +180,7 @@ static void iface_mt_print(const void *ip, const struct xt_entry_match *match,
 {
        const struct xt_iface_mtinfo *info = (const void *)match->data;
 
-       printf("iface: ");
+       printf(" iface: ");
        if (info->flags & XT_IFACE_DEV_IN)
                printf("(in)");
        else if (info->flags & XT_IFACE_DEV_OUT)
@@ -207,11 +207,11 @@ static void iface_mt_save(const void *ip, const struct xt_entry_match *match)
        const struct xt_iface_mtinfo *info = (const void *)match->data;
 
        if (info->flags & XT_IFACE_DEV_IN)
-               printf("--dev-in");
+               printf(" --dev-in");
        else if (info->flags & XT_IFACE_DEV_OUT)
-               printf("--dev-out");
+               printf(" --dev-out");
        else
-               printf("--iface %s", info->ifname);
+               printf(" --iface %s", info->ifname);
        iface_print_opt(info, XT_IFACE_UP,          "--up");
        iface_print_opt(info, XT_IFACE_BROADCAST,   "--broadcast");
        iface_print_opt(info, XT_IFACE_LOOPBACK,    "--loopback");

diff --git a/extensions/libxt_ipp2p.c b/extensions/libxt_ipp2p.c
index 32ebc8293e35f8d1f5ff7325325dda257f849a20..9a65f25d78ed4d9ce66c1075407ae2c3a42ddc2b 100644 (file)
--- a/extensions/libxt_ipp2p.c
+++ b/extensions/libxt_ipp2p.c
@@ -208,16 +208,16 @@ ipp2p_mt_print1(const void *entry, const struct xt_entry_match *match,
 
        for (i = IPP2N_EDK; i <= IPP2N_XDCC; ++i)
                if (info->cmd & (1 << i))
-                       printf("%s ", ipp2p_cmds[i]);
+                       printf(" %s ", ipp2p_cmds[i]);
 
        if (info->debug != 0)
-               printf("--debug ");
+               printf(" --debug ");
 }
 
 static void ipp2p_mt_print(const void *entry,
     const struct xt_entry_match *match, int numeric)
 {
-       printf("ipp2p ");
+       printf(" ipp2p ");
        ipp2p_mt_print1(entry, match, true);
 }
 

diff --git a/extensions/libxt_ipv4options.c b/extensions/libxt_ipv4options.c
index 1198242b88b3e66b1c170d1d7f8bdaa9b277cf7f..33d3592c9bb9d1d05e4fbaea01d918605b53f78e 100644 (file)
--- a/extensions/libxt_ipv4options.c
+++ b/extensions/libxt_ipv4options.c
@@ -1,6 +1,6 @@
 /*
  *     "ipv4options" match extension for iptables
- *     Coprygith © Jan Engelhardt, 2009
+ *     Copyright © Jan Engelhardt, 2009
  *
  *     This program is free software; you can redistribute it and/or
  *     modify it under the terms of the GNU General Public License; either
@@ -138,7 +138,7 @@ static void ipv4options_mt_print(const void *ip,
 {
        const struct xt_ipv4options_mtinfo1 *info = (void *)match->data;
 
-       printf("ipv4options %s ",
+       printf(" ipv4options %s ",
               (info->flags & XT_V4OPTS_ANY) ? "any-of" : "all-of");
        ipv4options_print_flags(info, numeric);
        printf(" ");
@@ -150,7 +150,7 @@ static void ipv4options_mt_save(const void *ip,
        const struct xt_ipv4options_mtinfo1 *info = (void *)match->data;
 
        if (info->map != 0) {
-               printf("--flags ");
+               printf(" --flags ");
                ipv4options_print_flags(info, true);
        }
        if (info->flags & XT_V4OPTS_ANY)

diff --git a/extensions/libxt_length2.c b/extensions/libxt_length2.c
index 6de9e83c1d114d41d1ac629198550ce003703922..5fbfe301b7556dd10040e032eb42dab7d627b818 100644 (file)
--- a/extensions/libxt_length2.c
+++ b/extensions/libxt_length2.c
@@ -113,14 +113,14 @@ static void length_mt_print(const void *ip, const struct xt_entry_match *match,
        const struct xt_length_mtinfo2 *info = (const void *)match->data;
 
        if (info->flags & XT_LENGTH_LAYER3)
-               printf("layer3 ");
+               printf(" layer3 ");
        else if (info->flags & XT_LENGTH_LAYER4)
-               printf("layer4 ");
+               printf(" layer4 ");
        else if (info->flags & XT_LENGTH_LAYER5)
-               printf("layer5 ");
+               printf(" layer5 ");
        else if (info->flags & XT_LENGTH_LAYER7)
-               printf("layer7 ");
-       printf("length ");
+               printf(" layer7 ");
+       printf(" length ");
        if (info->flags & XT_LENGTH_INVERT)
                printf("! ");
        if (info->min == info->max)
@@ -135,16 +135,16 @@ static void length_mt_save(const void *ip, const struct xt_entry_match *match)
        const struct xt_length_mtinfo2 *info = (const void *)match->data;
 
        if (info->flags & XT_LENGTH_LAYER3)
-               printf("--layer3 ");
+               printf(" --layer3 ");
        else if (info->flags & XT_LENGTH_LAYER4)
-               printf("--layer4 ");
+               printf(" --layer4 ");
        else if (info->flags & XT_LENGTH_LAYER5)
-               printf("--layer5 ");
+               printf(" --layer5 ");
        else if (info->flags & XT_LENGTH_LAYER7)
-               printf("--layer7 ");
+               printf(" --layer7 ");
        if (info->flags & XT_LENGTH_INVERT)
-               printf("! ");
-       printf("--length ");
+               printf(" !");
+       printf(" --length ");
        if (info->min == info->max)
                printf("%u ", (unsigned int)info->min);
        else

diff --git a/extensions/libxt_lscan.c b/extensions/libxt_lscan.c
index 5cd208da4dc132b7dd29c7d10967693bd8d1e8c7..24f398562465b15db3bdc4a9589b4b9a70ef5a6c 100644 (file)
--- a/extensions/libxt_lscan.c
+++ b/extensions/libxt_lscan.c
@@ -70,7 +70,7 @@ static void lscan_mt_print(const void *ip,
        const struct xt_lscan_mtinfo *info = (const void *)(match->data);
        const char *s = "";
 
-       printf("lscan ");
+       printf(" lscan ");
        if (info->match_stealth) {
                printf("STEALTH");
                s = ",";
@@ -93,13 +93,13 @@ static void lscan_mt_save(const void *ip, const struct xt_entry_match *match)
        const struct xt_lscan_mtinfo *info = (const void *)(match->data);
 
        if (info->match_stealth)
-               printf("--stealth ");
+               printf(" --stealth ");
        if (info->match_syn)
-               printf("--synscan ");
+               printf(" --synscan ");
        if (info->match_cn)
-               printf("--cnscan ");
+               printf(" --cnscan ");
        if (info->match_gr)
-               printf("--grscan ");
+               printf(" --grscan ");
 }
 
 static struct xtables_match lscan_mt_reg = {

diff --git a/extensions/libxt_psd.c b/extensions/libxt_psd.c
index 3c9d22170239761a67988d024bc06f4415f9b30d..e60178b4da9082fef6f67b1a9dbfdfc0a4a3b1e0 100644 (file)
--- a/extensions/libxt_psd.c
+++ b/extensions/libxt_psd.c
@@ -119,7 +119,7 @@ static void psd_mt_final_check(unsigned int flags) {}
 static void psd_mt_print(const void *ip, const struct xt_entry_match *match, int numeric)
 {
        const struct xt_psd_info *psdinfo = (const struct xt_psd_info *)match->data;
-       printf("psd ");
+       printf(" psd ");
        printf("weight-threshold: %u ", psdinfo->weight_threshold);
        printf("delay-threshold: %u ", psdinfo->delay_threshold);
        printf("lo-ports-weight: %u ", psdinfo->lo_ports_weight);
@@ -130,7 +130,7 @@ static void psd_mt_print(const void *ip, const struct xt_entry_match *match, int
 static void psd_mt_save(const void *ip, const struct xt_entry_match *match)
 {
        const struct xt_psd_info *psdinfo = (const struct xt_psd_info *)match->data;
-       printf("--psd-weight-threshold %u ", psdinfo->weight_threshold);
+       printf(" --psd-weight-threshold %u ", psdinfo->weight_threshold);
        printf("--psd-delay-threshold %u ", psdinfo->delay_threshold);
        printf("--psd-lo-ports-weight %u ", psdinfo->lo_ports_weight);
        printf("--psd-hi-ports-weight %u ", psdinfo->hi_ports_weight);

diff --git a/extensions/libxt_quota2.c b/extensions/libxt_quota2.c
index 788dea26568af726c9ab3ba58ba23e1d01ce2a0b..3763251bcdfd9f0f71dc28a44b3d95033da06362 100644 (file)
--- a/extensions/libxt_quota2.c
+++ b/extensions/libxt_quota2.c
@@ -99,16 +99,16 @@ quota_mt2_save(const void *ip, const struct xt_entry_match *match)
        const struct xt_quota_mtinfo2 *q = (void *)match->data;
 
        if (q->flags & XT_QUOTA_INVERT)
-               printf("! ");
+               printf(" !");
        if (q->flags & XT_QUOTA_GROW)
-               printf("--grow ");
+               printf(" --grow ");
        if (q->flags & XT_QUOTA_NO_CHANGE)
-               printf("--no-change ");
+               printf(" --no-change ");
        if (q->flags & XT_QUOTA_PACKET)
-               printf("--packets ");
+               printf(" --packets ");
        if (*q->name != '\0')
-               printf("--name %s ", q->name);
-       printf("--quota %llu ", (unsigned long long)q->quota);
+               printf(" --name %s ", q->name);
+       printf(" --quota %llu ", (unsigned long long)q->quota);
 }
 
 static void quota_mt2_print(const void *ip, const struct xt_entry_match *match,
@@ -117,11 +117,11 @@ static void quota_mt2_print(const void *ip, const struct xt_entry_match *match,
        const struct xt_quota_mtinfo2 *q = (const void *)match->data;
 
        if (q->flags & XT_QUOTA_INVERT)
-               printf("! ");
+               printf(" !");
        if (q->flags & XT_QUOTA_GROW)
-               printf("counter");
+               printf(" counter");
        else
-               printf("quota");
+               printf(" quota");
        if (*q->name != '\0')
                printf(" %s:", q->name);
        printf(" %llu ", (unsigned long long)q->quota);

diff --git a/extensions/pknock/libxt_pknock.c b/extensions/pknock/libxt_pknock.c
index fb6d433a70802daef90e7a0d6c8c7adcaa02b3ff..4852e9f25a9e8fd68d3ee324e2b977b690f25706 100644 (file)
--- a/extensions/pknock/libxt_pknock.c
+++ b/extensions/pknock/libxt_pknock.c
@@ -272,7 +272,7 @@ static void pknock_mt_print(const void *ip,
        const struct xt_pknock_mtinfo *info = (void *)match->data;
        int i;
 
-       printf("pknock ");
+       printf(" pknock ");
        if (info->option & XT_PKNOCK_KNOCKPORT) {
                printf("knockports ");
                for (i = 0; i < info->ports_count; ++i)
@@ -301,26 +301,26 @@ static void pknock_mt_save(const void *ip, const struct xt_entry_match *match)
        const struct xt_pknock_mtinfo *info = (void *)match->data;
 
        if (info->option & XT_PKNOCK_KNOCKPORT) {
-               printf("--knockports ");
+               printf(" --knockports ");
                for (i = 0; i < info->ports_count; ++i)
                        printf("%s%d", i ? "," : "", info->port[i]);
                printf(" ");
        }
        if (info->option & XT_PKNOCK_TIME)
-               printf("--time %ld ", (long)info->max_time);
+               printf(" --time %ld ", (long)info->max_time);
        if (info->option & XT_PKNOCK_AUTOCLOSE)
-               printf("--autoclose %lu ",
+               printf(" --autoclose %lu ",
                       (unsigned long)info->autoclose_time);
        if (info->option & XT_PKNOCK_NAME)
-               printf("--name %s ", info->rule_name);
+               printf(" --name %s ", info->rule_name);
        if (info->option & XT_PKNOCK_OPENSECRET)
-               printf("--opensecret ");
+               printf(" --opensecret ");
        if (info->option & XT_PKNOCK_CLOSESECRET)
-               printf("--closesecret ");
+               printf(" --closesecret ");
        if (info->option & XT_PKNOCK_STRICT)
-               printf("--strict ");
+               printf(" --strict ");
        if (info->option & XT_PKNOCK_CHECKIP)
-               printf("--checkip ");
+               printf(" --checkip ");
 }
 
 static struct xtables_match pknock_mt_reg = {