From: Liping Zhang <liping.zhang@spreadtrum.com>
Date: Fri, 7 Oct 2016 11:08:54 +0000 (+0800)
Subject: extensions: libxt_quota: add translation to nft
X-Git-Tag: v1.6.1~24
X-Git-Url: http://git.ipfire.org/gitweb/gitweb.cgi?a=commitdiff_plain;h=92a4ff6f0448bcb0b5909982a7ad317c23c89372;p=thirdparty%2Fiptables.git

extensions: libxt_quota: add translation to nft

For example:
  # iptables-translate -A OUTPUT -m quota --quota 111
  nft add rule ip filter OUTPUT quota 111 bytes counter

  # iptables-translate -A OUTPUT -m quota ! --quota 111
  nft add rule ip filter OUTPUT quota over 111 bytes counter

Signed-off-by: Liping Zhang <liping.zhang@spreadtrum.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---

diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index ff7dd2a3..bad77d23 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -50,6 +50,17 @@ static void quota_parse(struct xt_option_call *cb)
 		info->flags |= XT_QUOTA_INVERT;
 }
 
+static int quota_xlate(struct xt_xlate *xl,
+		       const struct xt_xlate_mt_params *params)
+{
+	const struct xt_quota_info *q = (void *)params->match->data;
+
+	xt_xlate_add(xl, "quota %s%llu bytes",
+		     q->flags & XT_QUOTA_INVERT ? "over " : "",
+		     (unsigned long long) q->quota);
+	return 1;
+}
+
 static struct xtables_match quota_match = {
 	.family		= NFPROTO_UNSPEC,
 	.name		= "quota",
@@ -61,6 +72,7 @@ static struct xtables_match quota_match = {
 	.save		= quota_save,
 	.x6_parse	= quota_parse,
 	.x6_options	= quota_opts,
+	.xlate		= quota_xlate,
 };
 
 void