struct xt_xlate *xl, int numeric)
{
const struct ip6t_ah *ahinfo = (struct ip6t_ah *)match->data;
+ char *space = "";
if (!(ahinfo->spis[0] == 0 && ahinfo->spis[1] == 0xFFFFFFFF)) {
xt_xlate_add(xl, "ah spi%s ",
- (ahinfo->invflags & IP6T_AH_INV_SPI) ? " !=" : "");
- if (ahinfo->spis[0] != ahinfo->spis[1])
- xt_xlate_add(xl, "%u-%u ", ahinfo->spis[0], ahinfo->spis[1]);
- else
- xt_xlate_add(xl, "%u ", ahinfo->spis[0]);
+ (ahinfo->invflags & IP6T_AH_INV_SPI) ? " !=" : "");
+ if (ahinfo->spis[0] != ahinfo->spis[1])
+ xt_xlate_add(xl, "%u-%u", ahinfo->spis[0],
+ ahinfo->spis[1]);
+ else
+ xt_xlate_add(xl, "%u", ahinfo->spis[0]);
+ space = " ";
}
if (ahinfo->hdrlen != 0 || (ahinfo->invflags & IP6T_AH_INV_LEN)) {
- xt_xlate_add(xl, "ah hdrlength%s %u ",
- (ahinfo->invflags & IP6T_AH_INV_LEN) ? " !=" : "",
- ahinfo->hdrlen);
+ xt_xlate_add(xl, "%sah hdrlength%s %u", space,
+ (ahinfo->invflags & IP6T_AH_INV_LEN) ? " !=" : "",
+ ahinfo->hdrlen);
+ space = " ";
}
if (ahinfo->hdrres != 0)
- xt_xlate_add(xl, "ah reserved %u ", ahinfo->hdrres);
+ xt_xlate_add(xl, "%sah reserved %u", space, ahinfo->hdrres);
return 1;
}
struct xt_xlate *xl, int numeric)
{
const struct ip6t_frag *fraginfo = (struct ip6t_frag *)match->data;
+ char *space= "";
if (!(fraginfo->ids[0] == 0 && fraginfo->ids[1] == 0xFFFFFFFF)) {
xt_xlate_add(xl, "frag id %s",
(fraginfo->invflags & IP6T_FRAG_INV_IDS) ?
"!= " : "");
if (fraginfo->ids[0] != fraginfo->ids[1])
- xt_xlate_add(xl, "%u-%u ", fraginfo->ids[0],
+ xt_xlate_add(xl, "%u-%u", fraginfo->ids[0],
fraginfo->ids[1]);
else
- xt_xlate_add(xl, "%u ", fraginfo->ids[0]);
- }
-
- if (fraginfo->flags & IP6T_FRAG_RES)
- xt_xlate_add(xl, "frag reserved 1 ");
+ xt_xlate_add(xl, "%u", fraginfo->ids[0]);
- if (fraginfo->flags & IP6T_FRAG_FST)
- xt_xlate_add(xl, "frag frag-off 0 ");
-
- if (fraginfo->flags & IP6T_FRAG_MF)
- xt_xlate_add(xl, "frag more-fragments 1 ");
+ space = " ";
+ }
- if (fraginfo->flags & IP6T_FRAG_NMF)
- xt_xlate_add(xl, "frag more-fragments 0 ");
+ if (fraginfo->flags & IP6T_FRAG_RES) {
+ xt_xlate_add(xl, "%sfrag reserved 1", space);
+ space = " ";
+ }
+ if (fraginfo->flags & IP6T_FRAG_FST) {
+ xt_xlate_add(xl, "%sfrag frag-off 0", space);
+ space = " ";
+ }
+ if (fraginfo->flags & IP6T_FRAG_MF) {
+ xt_xlate_add(xl, "%sfrag more-fragments 1", space);
+ space = " ";
+ }
+ if (fraginfo->flags & IP6T_FRAG_NMF) {
+ xt_xlate_add(xl, "%sfrag more-fragments 0", space);
+ }
return 1;
}
(optinfo->flags & IP6T_OPTS_OPTS))
return 0;
- xt_xlate_add(xl, "hbh hdrlength %s%u ",
+ xt_xlate_add(xl, "hbh hdrlength %s%u",
(optinfo->invflags & IP6T_OPTS_INV_LEN) ? "!= " : "",
optinfo->hdrlen);
const struct ip6t_hl_info *info =
(struct ip6t_hl_info *) match->data;
- xt_xlate_add(xl, "ip6 hoplimit %s%u ", op[info->mode], info->hop_limit);
+ xt_xlate_add(xl, "ip6 hoplimit %s%u", op[info->mode], info->hop_limit);
return 1;
}
return 1;
if (mhinfo->types[0] != mhinfo->types[1])
- xt_xlate_add(xl, "mh type %s%u-%u ",
+ xt_xlate_add(xl, "mh type %s%u-%u",
mhinfo->invflags & IP6T_MH_INV_TYPE ? "!= " : "",
mhinfo->types[0], mhinfo->types[1]);
else
- xt_xlate_add(xl, "mh type %s%u ",
+ xt_xlate_add(xl, "mh type %s%u",
mhinfo->invflags & IP6T_MH_INV_TYPE ? "!= " : "",
mhinfo->types[0]);
struct xt_xlate *xl, int numeric)
{
const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
+ char *space = "";
if (rtinfo->flags & IP6T_RT_TYP) {
- xt_xlate_add(xl, "rt type%s %u ",
+ xt_xlate_add(xl, "rt type%s %u",
(rtinfo->invflags & IP6T_RT_INV_TYP) ? " !=" : "",
rtinfo->rt_type);
+ space = " ";
}
if (!(rtinfo->segsleft[0] == 0 && rtinfo->segsleft[1] == 0xFFFFFFFF)) {
- xt_xlate_add(xl, "rt seg-left%s ",
+ xt_xlate_add(xl, "%srt seg-left%s ", space,
(rtinfo->invflags & IP6T_RT_INV_SGS) ? " !=" : "");
if (rtinfo->segsleft[0] != rtinfo->segsleft[1])
- xt_xlate_add(xl, "%u-%u ", rtinfo->segsleft[0],
+ xt_xlate_add(xl, "%u-%u", rtinfo->segsleft[0],
rtinfo->segsleft[1]);
else
- xt_xlate_add(xl, "%u ", rtinfo->segsleft[0]);
+ xt_xlate_add(xl, "%u", rtinfo->segsleft[0]);
+ space = " ";
}
if (rtinfo->flags & IP6T_RT_LEN) {
- xt_xlate_add(xl, "rt hdrlength%s %u ",
+ xt_xlate_add(xl, "%srt hdrlength%s %u", space,
(rtinfo->invflags & IP6T_RT_INV_LEN) ? " !=" : "",
rtinfo->hdrlen);
}
xt_xlate_add(xl, "ah spi%s ",
(ahinfo->invflags & IPT_AH_INV_SPI) ? " !=" : "");
if (ahinfo->spis[0] != ahinfo->spis[1])
- xt_xlate_add(xl, "%u-%u ", ahinfo->spis[0],
+ xt_xlate_add(xl, "%u-%u", ahinfo->spis[0],
ahinfo->spis[1]);
else
- xt_xlate_add(xl, "%u ", ahinfo->spis[0]);
+ xt_xlate_add(xl, "%u", ahinfo->spis[0]);
}
return 1;
if (!type_xlate_print(xl, info->type, info->code[0],
info->code[1]))
return 0;
-
- xt_xlate_add(xl, " ");
}
return 1;
}
const char *name = NULL;
if (mask != 0xffffffff)
- xt_xlate_add(xl, " and 0x%lx %s 0x%lx ", mask,
+ xt_xlate_add(xl, " and 0x%lx %s 0x%lx", mask,
op == XT_OP_EQ ? "==" : "!=", id);
else {
if (numeric == 0)
name = xtables_lmap_id2name(realms, id);
if (name)
- xt_xlate_add(xl, "%s%s ",
+ xt_xlate_add(xl, "%s%s",
op == XT_OP_EQ ? "" : "!= ", name);
else
- xt_xlate_add(xl, " %s0x%lx ",
+ xt_xlate_add(xl, " %s0x%lx",
op == XT_OP_EQ ? "" : "!= ", id);
}
}
break;
}
- xt_xlate_add(xl, " %u ", info->ttl);
+ xt_xlate_add(xl, " %u", info->ttl);
return 1;
}
{
const struct xt_cgroup_info_v0 *info = (void *)match->data;
- xt_xlate_add(xl, "meta cgroup %s%u ", info->invert ? "!= " : "",
+ xt_xlate_add(xl, "meta cgroup %s%u", info->invert ? "!= " : "",
info->id);
return 1;
}
return 0;
if (info->has_classid)
- xt_xlate_add(xl, "meta cgroup %s%u ",
+ xt_xlate_add(xl, "meta cgroup %s%u",
info->invert_classid ? "!= " : "",
info->classid);
struct xt_xlate *xl, uint32_t op)
{
if (mask != 0xffffffffU)
- xt_xlate_add(xl, " and 0x%x %s 0x%x ", mask,
+ xt_xlate_add(xl, " and 0x%x %s 0x%x", mask,
op == XT_OP_EQ ? "==" : "!=", mark);
else
- xt_xlate_add(xl, " %s0x%x ",
+ xt_xlate_add(xl, " %s0x%x",
op == XT_OP_EQ ? "" : "!= ", mark);
}
int family)
{
const struct xt_conntrack_mtinfo3 *sinfo = (const void *)match->data;
+ char *space = "";
- if (sinfo->match_flags & XT_CONNTRACK_DIRECTION)
- xt_xlate_add(xl, "ct direction %s ",
+ if (sinfo->match_flags & XT_CONNTRACK_DIRECTION) {
+ xt_xlate_add(xl, "ct direction %s",
sinfo->invert_flags & XT_CONNTRACK_DIRECTION ?
"reply" : "original");
+ space = " ";
+ }
- if (sinfo->match_flags & XT_CONNTRACK_PROTO)
- xt_xlate_add(xl, "ct %s protocol %s%u ",
+ if (sinfo->match_flags & XT_CONNTRACK_PROTO) {
+ xt_xlate_add(xl, "%sct %s protocol %s%u", space,
sinfo->invert_flags & XT_CONNTRACK_DIRECTION ?
"reply" : "original",
sinfo->invert_flags & XT_CONNTRACK_PROTO ?
"!= " : "",
sinfo->l4proto);
+ space = " ";
+ }
if (sinfo->match_flags & XT_CONNTRACK_STATE) {
- xt_xlate_add(xl, "ct state %s",
+ xt_xlate_add(xl, "%sct state %s", space,
sinfo->invert_flags & XT_CONNTRACK_STATE ?
"!= " : "");
state_xlate_print(xl, sinfo->state_mask);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_STATUS) {
if (sinfo->status_mask == 1)
return 0;
- xt_xlate_add(xl, "ct status %s",
+ xt_xlate_add(xl, "%sct status %s", space,
sinfo->invert_flags & XT_CONNTRACK_STATUS ?
"!= " : "");
status_xlate_print(xl, sinfo->status_mask);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_EXPIRES) {
- xt_xlate_add(xl, "ct expiration %s",
+ xt_xlate_add(xl, "%sct expiration %s", space,
sinfo->invert_flags & XT_CONNTRACK_EXPIRES ?
"!= " : "");
if (sinfo->expires_max == sinfo->expires_min)
else
xt_xlate_add(xl, "%lu-%lu", sinfo->expires_min,
sinfo->expires_max);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_ORIGSRC) {
if (&sinfo->origsrc_addr == 0L)
return 0;
- xt_xlate_add(xl, "ct original saddr %s",
+ xt_xlate_add(xl, "%sct original saddr %s", space,
sinfo->invert_flags & XT_CONNTRACK_ORIGSRC ?
"!= " : "");
addr_xlate_print(xl, &sinfo->origsrc_addr,
&sinfo->origsrc_mask, family);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_ORIGDST) {
if (&sinfo->origdst_addr == 0L)
return 0;
- xt_xlate_add(xl, "ct original daddr %s",
+ xt_xlate_add(xl, "%sct original daddr %s", space,
sinfo->invert_flags & XT_CONNTRACK_ORIGDST ?
"!= " : "");
addr_xlate_print(xl, &sinfo->origdst_addr,
&sinfo->origdst_mask, family);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_REPLSRC) {
if (&sinfo->replsrc_addr == 0L)
return 0;
- xt_xlate_add(xl, "ct reply saddr %s",
+ xt_xlate_add(xl, "%sct reply saddr %s", space,
sinfo->invert_flags & XT_CONNTRACK_REPLSRC ?
"!= " : "");
addr_xlate_print(xl, &sinfo->replsrc_addr,
&sinfo->replsrc_mask, family);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_REPLDST) {
if (&sinfo->repldst_addr == 0L)
return 0;
- xt_xlate_add(xl, "ct reply daddr %s",
+ xt_xlate_add(xl, "%sct reply daddr %s", space,
sinfo->invert_flags & XT_CONNTRACK_REPLDST ?
"!= " : "");
addr_xlate_print(xl, &sinfo->repldst_addr,
&sinfo->repldst_mask, family);
- xt_xlate_add(xl, " ");
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_ORIGSRC_PORT) {
- xt_xlate_add(xl, "ct original proto-src %s",
+ xt_xlate_add(xl, "%sct original proto-src %s", space,
sinfo->invert_flags & XT_CONNTRACK_ORIGSRC_PORT ?
"!= " : "");
if (sinfo->origsrc_port == sinfo->origsrc_port_high)
- xt_xlate_add(xl, "%u ", sinfo->origsrc_port);
+ xt_xlate_add(xl, "%u", sinfo->origsrc_port);
else
- xt_xlate_add(xl, "%u-%u ", sinfo->origsrc_port,
+ xt_xlate_add(xl, "%u-%u", sinfo->origsrc_port,
sinfo->origsrc_port_high);
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_ORIGDST_PORT) {
- xt_xlate_add(xl, "ct original proto-dst %s",
+ xt_xlate_add(xl, "%sct original proto-dst %s", space,
sinfo->invert_flags & XT_CONNTRACK_ORIGDST_PORT ?
"!= " : "");
if (sinfo->origdst_port == sinfo->origdst_port_high)
- xt_xlate_add(xl, "%u ", sinfo->origdst_port);
+ xt_xlate_add(xl, "%u", sinfo->origdst_port);
else
- xt_xlate_add(xl, "%u-%u ", sinfo->origdst_port,
+ xt_xlate_add(xl, "%u-%u", sinfo->origdst_port,
sinfo->origdst_port_high);
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_REPLSRC_PORT) {
- xt_xlate_add(xl, "ct reply proto-src %s",
+ xt_xlate_add(xl, "%sct reply proto-src %s", space,
sinfo->invert_flags & XT_CONNTRACK_REPLSRC_PORT ?
"!= " : "");
if (sinfo->replsrc_port == sinfo->replsrc_port_high)
- xt_xlate_add(xl, "%u ", sinfo->replsrc_port);
+ xt_xlate_add(xl, "%u", sinfo->replsrc_port);
else
- xt_xlate_add(xl, "%u-%u ", sinfo->replsrc_port,
+ xt_xlate_add(xl, "%u-%u", sinfo->replsrc_port,
sinfo->replsrc_port_high);
+ space = " ";
}
if (sinfo->match_flags & XT_CONNTRACK_REPLDST_PORT) {
- xt_xlate_add(xl, "ct reply proto-dst %s",
+ xt_xlate_add(xl, "%sct reply proto-dst %s", space,
sinfo->invert_flags & XT_CONNTRACK_REPLDST_PORT ?
"!= " : "", sinfo->repldst_port);
if (sinfo->repldst_port == sinfo->repldst_port_high)
- xt_xlate_add(xl, "%u ", sinfo->repldst_port);
+ xt_xlate_add(xl, "%u", sinfo->repldst_port);
else
- xt_xlate_add(xl, "%u-%u ", sinfo->repldst_port,
+ xt_xlate_add(xl, "%u-%u", sinfo->repldst_port,
sinfo->repldst_port_high);
}
{
const struct xt_cpu_info *info = (void *)match->data;
- xt_xlate_add(xl, "cpu%s %u ", info->invert ? " !=" : "", info->cpu);
+ xt_xlate_add(xl, "cpu%s %u", info->invert ? " !=" : "", info->cpu);
return 1;
}
if (types & (1 << DCCP_PKT_INVALID))
return 0;
- xt_xlate_add(xl, "dccp type%s ", einfo->invflags ? " !=" : "");
+ xt_xlate_add(xl, " dccp type%s ", einfo->invflags ? " !=" : "");
if ((types != 0) && !(types == (types & -types))) {
xt_xlate_add(xl, "{");
if (set_need)
xt_xlate_add(xl, "}");
- xt_xlate_add(xl, " ");
-
return 1;
}
const struct xt_dccp_info *einfo =
(const struct xt_dccp_info *)match->data;
int ret = 1;
+ char *space = "";
xt_xlate_add(xl, "dccp ");
if (einfo->flags & XT_DCCP_SRC_PORTS) {
if (einfo->spts[0] != einfo->spts[1])
- xt_xlate_add(xl, "sport%s %u-%u ",
+ xt_xlate_add(xl, "sport%s %u-%u",
einfo->invflags & XT_DCCP_SRC_PORTS ? " !=" : "",
einfo->spts[0], einfo->spts[1]);
else
- xt_xlate_add(xl, "sport%s %u ",
+ xt_xlate_add(xl, "sport%s %u",
einfo->invflags & XT_DCCP_SRC_PORTS ? " !=" : "",
einfo->spts[0]);
+ space = " ";
}
if (einfo->flags & XT_DCCP_DEST_PORTS) {
if (einfo->dpts[0] != einfo->dpts[1])
- xt_xlate_add(xl, "dport%s %u-%u ",
+ xt_xlate_add(xl, "%sdport%s %u-%u", space,
einfo->invflags & XT_DCCP_DEST_PORTS ? " !=" : "",
einfo->dpts[0], einfo->dpts[1]);
else
- xt_xlate_add(xl, "dport%s %u ",
+ xt_xlate_add(xl, "%sdport%s %u", space,
einfo->invflags & XT_DCCP_DEST_PORTS ? " !=" : "",
einfo->dpts[0]);
}
const char *name = NULL;
if (mask != 0xffffffff)
- xt_xlate_add(xl, "and 0x%x %s 0x%x ", mask,
+ xt_xlate_add(xl, "and 0x%x %s 0x%x", mask,
op == XT_OP_EQ ? "==" : "!=", id);
else {
if (numeric == 0)
name = xtables_lmap_id2name(devgroups, id);
if (name)
- xt_xlate_add(xl, "%s ", name);
+ xt_xlate_add(xl, "%s", name);
else
- xt_xlate_add(xl, "%s0x%x ",
+ xt_xlate_add(xl, "%s0x%x",
op == XT_OP_EQ ? "" : "!= ", id);
}
}
struct xt_xlate *xl, int numeric)
{
enum xt_op op = XT_OP_EQ;
+ char *space = "";
if (info->flags & XT_DEVGROUP_MATCH_SRC) {
if (info->flags & XT_DEVGROUP_INVERT_SRC)
xt_xlate_add(xl, "iifgroup ");
print_devgroup_xlate(info->src_group, op,
info->src_mask, xl, numeric);
+ space = " ";
}
if (info->flags & XT_DEVGROUP_MATCH_DST) {
if (info->flags & XT_DEVGROUP_INVERT_DST)
op = XT_OP_NEQ;
- xt_xlate_add(xl, "oifgroup ");
+ xt_xlate_add(xl, "%soifgroup ", space);
print_devgroup_xlate(info->dst_group, op,
info->dst_mask, xl, numeric);
}
const struct xt_dscp_info *dinfo =
(const struct xt_dscp_info *)match->data;
- xt_xlate_add(xl, "dscp %s0x%02x ", dinfo->invert ? "!= " : "",
+ xt_xlate_add(xl, "dscp %s0x%02x", dinfo->invert ? "!= " : "",
dinfo->dscp);
return 1;
switch (einfo->ip_ect) {
case 0:
- xt_xlate_add(xl, "not-ect ");
+ xt_xlate_add(xl, "not-ect");
break;
case 1:
- xt_xlate_add(xl, "ect1 ");
+ xt_xlate_add(xl, "ect1");
break;
case 2:
- xt_xlate_add(xl, "ect0 ");
+ xt_xlate_add(xl, "ect0");
break;
case 3:
- xt_xlate_add(xl, "ce ");
+ xt_xlate_add(xl, "ce");
break;
}
return 1;
xt_xlate_add(xl, "esp spi%s",
(espinfo->invflags & XT_ESP_INV_SPI) ? " !=" : "");
if (espinfo->spis[0] != espinfo->spis[1])
- xt_xlate_add(xl, " %u-%u ", espinfo->spis[0],
+ xt_xlate_add(xl, " %u-%u", espinfo->spis[0],
espinfo->spis[1]);
else
- xt_xlate_add(xl, " %u ", espinfo->spis[0]);
+ xt_xlate_add(xl, " %u", espinfo->spis[0]);
}
return 1;
{
const struct xt_helper_info *info = (const void *)match->data;
- xt_xlate_add(xl, "ct helper%s \\\"%s\\\" ",
+ xt_xlate_add(xl, "ct helper%s \\\"%s\\\"",
info->invert ? " !=" : "", info->name);
return 1;
{
const struct xt_ipcomp *compinfo = (struct xt_ipcomp *)match->data;
- xt_xlate_add(xl, "comp cpi %s%u ",
+ xt_xlate_add(xl, "comp cpi %s%u",
(compinfo->invflags & XT_IPCOMP_INV_SPI) ? "!= " : "",
compinfo->spis[0]);
struct xt_xlate *xl, int numeric)
{
const struct ipt_iprange_info *info = (const void *)match->data;
+ char *space = "";
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
xt_xlate_add(xl, "!= ");
xt_xlate_add(xl, "ip saddr");
print_iprange_xlate(&info->src, xl);
+ space = " ";
}
if (info->flags & IPRANGE_DST) {
- if (info->flags & IPRANGE_DST_INV)
- xt_xlate_add(xl, "!= ");
- xt_xlate_add(xl, "ip daddr");
+ if (info->flags & IPRANGE_DST_INV) {
+ xt_xlate_add(xl, "%s!= ", space);
+ space = "";
+ }
+ xt_xlate_add(xl, "%sip daddr", space);
print_iprange_xlate(&info->dst, xl);
}
struct xt_xlate *xl, int numeric)
{
const struct xt_iprange_mtinfo *info = (const void *)match->data;
+ char *space = "";
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
xt_xlate_add(xl, "!= ");
xt_xlate_add(xl, "ip saddr %s",
xtables_ipaddr_to_numeric(&info->src_min.in));
- xt_xlate_add(xl, "-%s ",
+ xt_xlate_add(xl, "-%s",
xtables_ipaddr_to_numeric(&info->src_max.in));
+ space = " ";
}
if (info->flags & IPRANGE_DST) {
- if (info->flags & IPRANGE_DST_INV)
- xt_xlate_add(xl, "!= ");
- xt_xlate_add(xl, "ip daddr %s",
+ if (info->flags & IPRANGE_DST_INV) {
+ xt_xlate_add(xl, "%s!= ", space);
+ space = "";
+ }
+ xt_xlate_add(xl, "%sip daddr %s", space,
xtables_ipaddr_to_numeric(&info->dst_min.in));
- xt_xlate_add(xl, "-%s ",
+ xt_xlate_add(xl, "-%s",
xtables_ipaddr_to_numeric(&info->dst_max.in));
}
struct xt_xlate *xl, int numeric)
{
const struct xt_iprange_mtinfo *info = (const void *)match->data;
+ char *space = "";
if (info->flags & IPRANGE_SRC) {
if (info->flags & IPRANGE_SRC_INV)
xt_xlate_add(xl, "!= ");
xt_xlate_add(xl, "ip saddr %s",
xtables_ip6addr_to_numeric(&info->src_min.in6));
- xt_xlate_add(xl, "-%s ",
+ xt_xlate_add(xl, "-%s",
xtables_ip6addr_to_numeric(&info->src_max.in6));
+ space = " ";
}
if (info->flags & IPRANGE_DST) {
- if (info->flags & IPRANGE_DST_INV)
- xt_xlate_add(xl, "!= ");
- xt_xlate_add(xl, "ip daddr %s",
+ if (info->flags & IPRANGE_DST_INV) {
+ xt_xlate_add(xl, "%s!= ", space);
+ space = "";
+ }
+ xt_xlate_add(xl, "%sip daddr %s", space,
xtables_ip6addr_to_numeric(&info->dst_min.in6));
- xt_xlate_add(xl, "-%s ",
+ xt_xlate_add(xl, "-%s",
xtables_ip6addr_to_numeric(&info->dst_max.in6));
}
xt_xlate_add(xl, "meta length %s", info->invert ? "!= " : "");
if (info->min == info->max)
- xt_xlate_add(xl, "%u ", info->min);
+ xt_xlate_add(xl, "%u", info->min);
else
- xt_xlate_add(xl, "%u-%u ", info->min, info->max);
+ xt_xlate_add(xl, "%u-%u", info->min, info->max);
return 1;
}
unsigned int i;
if (period == 0) {
- xt_xlate_add(xl, " %f ", INFINITY);
+ xt_xlate_add(xl, " %f", INFINITY);
return;
}
rates_xlate[i].mult / period < rates_xlate[i].mult % period)
break;
- xt_xlate_add(xl, " %u/%s ", rates_xlate[i - 1].mult / period,
+ xt_xlate_add(xl, " %u/%s", rates_xlate[i - 1].mult / period,
rates_xlate[i - 1].name);
}
xt_xlate_add(xl, "limit rate");
print_rate_xlate(r->avg, xl);
if (r->burst != 0)
- xt_xlate_add(xl, "burst %u packets ", r->burst);
+ xt_xlate_add(xl, " burst %u packets", r->burst);
return 1;
}
xt_xlate_add(xl, "%02x", macaddress[0]);
for (i = 1; i < ETH_ALEN; ++i)
xt_xlate_add(xl, ":%02x", macaddress[i]);
- xt_xlate_add(xl, " ");
}
static int mac_xlate(const void *ip, const struct xt_entry_match *match,
unsigned int mask, uint32_t op)
{
if (mask != 0xffffffffU)
- xt_xlate_add(xl, " and 0x%x %s 0x%x ", mask,
+ xt_xlate_add(xl, " and 0x%x %s 0x%x", mask,
op == XT_OP_EQ ? "==" : "!=", mark);
else
- xt_xlate_add(xl, " %s0x%x ",
+ xt_xlate_add(xl, " %s0x%x",
op == XT_OP_EQ ? "" : "!= ", mark);
}
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
- xt_xlate_add(xl, "sport ");
+ xt_xlate_add(xl, " sport ");
break;
case XT_MULTIPORT_DESTINATION:
- xt_xlate_add(xl, "dport ");
+ xt_xlate_add(xl, " dport ");
break;
case XT_MULTIPORT_EITHER:
return 0;
if (multiinfo->count > 1)
xt_xlate_add(xl, "}");
- xt_xlate_add(xl, " ");
-
return 1;
}
{
uint8_t proto = ((const struct ipt_ip *)ip)->proto;
- xt_xlate_add(xl, "%s ", proto_to_name(proto));
+ xt_xlate_add(xl, "%s", proto_to_name(proto));
return __multiport_xlate(ip, match, xl, numeric);
}
{
uint8_t proto = ((const struct ip6t_ip6 *)ip)->proto;
- xt_xlate_add(xl, "%s ", proto_to_name(proto));
+ xt_xlate_add(xl, "%s", proto_to_name(proto));
return __multiport_xlate(ip, match, xl, numeric);
}
switch (multiinfo->flags) {
case XT_MULTIPORT_SOURCE:
- xt_xlate_add(xl, "sport ");
+ xt_xlate_add(xl, " sport ");
break;
case XT_MULTIPORT_DESTINATION:
- xt_xlate_add(xl, "dport ");
+ xt_xlate_add(xl, " dport ");
break;
case XT_MULTIPORT_EITHER:
return 0;
(multiinfo->count > 1 && !multiinfo->pflags[0]))
xt_xlate_add(xl, "}");
- xt_xlate_add(xl, " ");
-
return 1;
}
{
uint8_t proto = ((const struct ipt_ip *)ip)->proto;
- xt_xlate_add(xl, "%s ", proto_to_name(proto));
+ xt_xlate_add(xl, "%s", proto_to_name(proto));
return __multiport_xlate_v1(ip, match, xl, numeric);
}
{
uint8_t proto = ((const struct ip6t_ip6 *)ip)->proto;
- xt_xlate_add(xl, "%s ", proto_to_name(proto));
+ xt_xlate_add(xl, "%s", proto_to_name(proto));
return __multiport_xlate_v1(ip, match, xl, numeric);
}
xt_xlate_add(xl, "skuid%s ", info->invert ? " !=" : "");
if (info->uid_min != info->uid_max)
- xt_xlate_add(xl, "%u-%u ", (unsigned int)info->uid_min,
+ xt_xlate_add(xl, "%u-%u", (unsigned int)info->uid_min,
(unsigned int)info->uid_max);
else
- xt_xlate_add(xl, "%u ", (unsigned int)info->uid_min);
+ xt_xlate_add(xl, "%u", (unsigned int)info->uid_min);
return 1;
}
xt_xlate_add(xl, "skgid%s ", info->invert ? " !=" : "");
if (info->gid_min != info->gid_max)
- xt_xlate_add(xl, "%u-%u ", (unsigned int)info->gid_min,
+ xt_xlate_add(xl, "%u-%u", (unsigned int)info->gid_min,
(unsigned int)info->gid_max);
else
- xt_xlate_add(xl, "%u ", (unsigned int)info->gid_min);
+ xt_xlate_add(xl, "%u", (unsigned int)info->gid_min);
return 1;
}
for (i = 0; i < ARRAY_SIZE(supported_types_xlate); ++i) {
if (supported_types_xlate[i].pkttype == info->pkttype) {
- xt_xlate_add(xl, "%s ", supported_types_xlate[i].name);
+ xt_xlate_add(xl, "%s", supported_types_xlate[i].name);
return;
}
}
{
const struct xt_sctp_info *einfo =
(const struct xt_sctp_info *)match->data;
+ char *space = "";
if (!einfo->flags)
return 0;
if (einfo->flags & XT_SCTP_SRC_PORTS) {
if (einfo->spts[0] != einfo->spts[1])
- xt_xlate_add(xl, "sport%s %u-%u ",
+ xt_xlate_add(xl, "sport%s %u-%u",
einfo->invflags & XT_SCTP_SRC_PORTS ? " !=" : "",
einfo->spts[0], einfo->spts[1]);
else
- xt_xlate_add(xl, "sport%s %u ",
+ xt_xlate_add(xl, "sport%s %u",
einfo->invflags & XT_SCTP_SRC_PORTS ? " !=" : "",
einfo->spts[0]);
+ space = " ";
}
if (einfo->flags & XT_SCTP_DEST_PORTS) {
if (einfo->dpts[0] != einfo->dpts[1])
- xt_xlate_add(xl, "dport%s %u-%u ",
+ xt_xlate_add(xl, "%sdport%s %u-%u", space,
einfo->invflags & XT_SCTP_DEST_PORTS ? " !=" : "",
einfo->dpts[0], einfo->dpts[1]);
else
- xt_xlate_add(xl, "dport%s %u ",
+ xt_xlate_add(xl, "%sdport%s %u", space,
einfo->invflags & XT_SCTP_DEST_PORTS ? " !=" : "",
einfo->dpts[0]);
}
struct xt_xlate *xl, int numeric)
{
const struct xt_tcp *tcpinfo = (const struct xt_tcp *)match->data;
+ char *space= "";
if (tcpinfo->spts[0] != 0 || tcpinfo->spts[1] != 0xffff) {
if (tcpinfo->spts[0] != tcpinfo->spts[1]) {
- xt_xlate_add(xl, "tcp sport %s%u-%u ",
+ xt_xlate_add(xl, "tcp sport %s%u-%u",
tcpinfo->invflags & XT_TCP_INV_SRCPT ?
"!= " : "",
tcpinfo->spts[0], tcpinfo->spts[1]);
} else {
- xt_xlate_add(xl, "tcp sport %s%u ",
+ xt_xlate_add(xl, "tcp sport %s%u",
tcpinfo->invflags & XT_TCP_INV_SRCPT ?
"!= " : "",
tcpinfo->spts[0]);
}
+ space = " ";
}
if (tcpinfo->dpts[0] != 0 || tcpinfo->dpts[1] != 0xffff) {
if (tcpinfo->dpts[0] != tcpinfo->dpts[1]) {
- xt_xlate_add(xl, "tcp dport %s%u-%u ",
+ xt_xlate_add(xl, "%stcp dport %s%u-%u", space,
tcpinfo->invflags & XT_TCP_INV_DSTPT ?
"!= " : "",
tcpinfo->dpts[0], tcpinfo->dpts[1]);
} else {
- xt_xlate_add(xl, "tcp dport %s%u ",
+ xt_xlate_add(xl, "%stcp dport %s%u", space,
tcpinfo->invflags & XT_TCP_INV_DSTPT ?
"!= " : "",
tcpinfo->dpts[0]);
}
+ space = " ";
}
/* XXX not yet implemented */
return 0;
if (tcpinfo->flg_mask || (tcpinfo->invflags & XT_TCP_INV_FLAGS)) {
- xt_xlate_add(xl, "tcp flags & ");
+ xt_xlate_add(xl, "%stcp flags & ", space);
print_tcp_xlate(xl, tcpinfo->flg_mask);
xt_xlate_add(xl, " %s ",
tcpinfo->invflags & XT_TCP_INV_FLAGS ? "!=": "==");
print_tcp_xlate(xl, tcpinfo->flg_cmp);
- xt_xlate_add(xl, " ");
}
return 1;
struct xt_xlate *xl, int numeric)
{
const struct xt_udp *udpinfo = (struct xt_udp *)match->data;
+ char *space= "";
if (udpinfo->spts[0] != 0 || udpinfo->spts[1] != 0xFFFF) {
if (udpinfo->spts[0] != udpinfo->spts[1]) {
- xt_xlate_add(xl,"udp sport %s%u-%u ",
+ xt_xlate_add(xl,"udp sport %s%u-%u",
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->spts[0], udpinfo->spts[1]);
} else {
- xt_xlate_add(xl, "udp sport %s%u ",
+ xt_xlate_add(xl, "udp sport %s%u",
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->spts[0]);
}
+ space = " ";
}
if (udpinfo->dpts[0] != 0 || udpinfo->dpts[1] != 0xFFFF) {
if (udpinfo->dpts[0] != udpinfo->dpts[1]) {
- xt_xlate_add(xl,"udp dport %s%u-%u ",
+ xt_xlate_add(xl,"%sudp dport %s%u-%u", space,
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->dpts[0], udpinfo->dpts[1]);
} else {
- xt_xlate_add(xl,"udp dport %s%u ",
+ xt_xlate_add(xl,"%sudp dport %s%u", space,
udpinfo->invflags & XT_UDP_INV_SRCPT ?
"!= ": "",
udpinfo->dpts[0]);
ret = matchp->match->xlate((const void *)&cs->fw,
matchp->match->m, xl, numeric);
+
+ if (strcmp(matchp->match->name, "comment") != 0)
+ xt_xlate_add(xl, " ");
+
if (!ret)
break;
}
projects / thirdparty / iptables.git / commitdiff
