From: "Pablo M. Bermudo Garay" <pablombg@gmail.com>
To: netfilter-devel@vger.kernel.org
Cc: "Pablo M. Bermudo Garay" <pablombg@gmail.com>
Subject: [PATCH iptables 1/2] xtables-translate: add new field to identify the caller
Date: Fri, 22 Jul 2016 17:48:33 +0200 [thread overview]
Message-ID: <20160722154834.1802-1-pablombg@gmail.com> (raw)
In some cases, xlate functions must print a different result if they are
invoked from nft and not from a xtables-translate command.
This commit adds a new boolean field to the xt_xlate struct. This
variable must be true when a xlate function is called from a nft
command. Additional code is required in nft in order to obtain this
behavior.
Signed-off-by: Pablo M. Bermudo Garay <pablombg@gmail.com>
---
include/xtables.h | 2 ++
libxtables/xtables.c | 12 ++++++++++++
2 files changed, 14 insertions(+)
diff --git a/include/xtables.h b/include/xtables.h
index 48be514..fd72623 100644
--- a/include/xtables.h
+++ b/include/xtables.h
@@ -576,6 +576,8 @@ void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...);
void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment);
const char *xt_xlate_get_comment(struct xt_xlate *xl);
const char *xt_xlate_get(struct xt_xlate *xl);
+void xt_xlate_set_nft_compat(struct xt_xlate *xl, bool nft_compat);
+bool xt_xlate_get_nft_compat(struct xt_xlate *xl);
#ifdef XTABLES_INTERNAL
diff --git a/libxtables/xtables.c b/libxtables/xtables.c
index 921dfe9..1c3f63d 100644
--- a/libxtables/xtables.c
+++ b/libxtables/xtables.c
@@ -2011,6 +2011,7 @@ struct xt_xlate {
int off;
} buf;
char comment[NFT_USERDATA_MAXLEN];
+ bool nft_compat;
};
struct xt_xlate *xt_xlate_alloc(int size)
@@ -2029,6 +2030,7 @@ struct xt_xlate *xt_xlate_alloc(int size)
xl->buf.rem = size;
xl->buf.off = 0;
xl->comment[0] = '\0';
+ xl->nft_compat = false;
return xl;
}
@@ -2069,3 +2071,13 @@ const char *xt_xlate_get(struct xt_xlate *xl)
{
return xl->buf.data;
}
+
+void xt_xlate_set_nft_compat(struct xt_xlate *xl, bool nft_compat)
+{
+ xl->nft_compat = nft_compat;
+}
+
+bool xt_xlate_get_nft_compat(struct xt_xlate *xl)
+{
+ return xl->nft_compat;
+}
--
2.9.0
next reply other threads:[~2016-07-22 15:49 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-07-22 15:48 Pablo M. Bermudo Garay [this message]
2016-07-22 15:48 ` [PATCH iptables 2/2] xtables-translate: fix issue with quotes Pablo M. Bermudo Garay
2016-07-23 10:15 ` Pablo Neira Ayuso
2016-07-25 15:31 ` Pablo Neira Ayuso
2016-07-26 16:22 ` Pablo M. Bermudo Garay
2016-07-26 16:27 ` Pablo Neira Ayuso
2016-07-23 11:24 ` [PATCH iptables 1/2] xtables-translate: add new field to identify the caller Pablo Neira Ayuso
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20160722154834.1802-1-pablombg@gmail.com \
--to=pablombg@gmail.com \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.