* iptables pull request
@ 2009-05-03 19:54 Jan Engelhardt
2009-05-03 19:54 ` [PATCH 1/9] iptables: accept multiple IP address specifications for -s, -d Jan Engelhardt
` (9 more replies)
0 siblings, 10 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Please pull from:
git://dev.medozas.de/iptables master
to receive 1 external submission, 1 manpage completion, and 7 code
transformations intended for the 1.4.4 'branch'.
Jan Engelhardt (8):
DNAT/SNAT: add manpage documentation for --persistent flag
extensions: remove redundant casts
extensions: switch numeric to bool
libxt_helper: fix invalid passed option to check_inverse
extensions: switch invert to bool
extensions: switch parse() return type to bool
extensions: add const qualifiers in print/save functions
iptables: replace open-coded sizeof by ARRAY_SIZE
Michael Granzow (1):
iptables: accept multiple IP address specifications for -s, -d
^ permalink raw reply [flat|nested] 13+ messages in thread
* [PATCH 1/9] iptables: accept multiple IP address specifications for -s, -d
2009-05-03 19:54 iptables pull request Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 2/9] DNAT/SNAT: add manpage documentation for --persistent flag Jan Engelhardt
` (8 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
From: Michael Granzow <mgranzow@zeus.com>
libiptc already supports adding and deleting multiple rules with
different addresses, so it only needs to be wired up to the options.
# ip6tables -I INPUT -s 2001:db8::d,2001:db8::e -j DROP
References: http://marc.info/?l=netfilter-devel&m=123929790719202&w=2
Adjustments made: syntax, removal of unneeded variables, manpage
adjustment, soversion bump.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
configure.ac | 4 +-
include/xtables.h.in | 5 ++
ip6tables.c | 49 +++++++++-----
iptables.8.in | 7 ++-
iptables.c | 42 +++++++++----
xtables.c | 175 ++++++++++++++++++++++++++++++++++++++++++++++++++
6 files changed, 248 insertions(+), 34 deletions(-)
diff --git a/configure.ac b/configure.ac
index f5b5571..c3a8c6c 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2,8 +2,8 @@
AC_INIT([iptables], [1.4.3.2])
# See libtool.info "Libtool's versioning system"
-libxtables_vcurrent=2
-libxtables_vage=0
+libxtables_vcurrent=3
+libxtables_vage=1
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_MACRO_DIR([m4])
diff --git a/include/xtables.h.in b/include/xtables.h.in
index a399f90..4f8fedb 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -211,6 +211,7 @@ extern void xtables_init(void);
extern void xtables_set_nfproto(uint8_t);
extern void *xtables_calloc(size_t, size_t);
extern void *xtables_malloc(size_t);
+extern void *xtables_realloc(void *, size_t);
extern int xtables_insmod(const char *, const char *, bool);
extern int xtables_load_ko(const char *, bool);
@@ -256,6 +257,8 @@ extern struct in_addr *xtables_numeric_to_ipaddr(const char *);
extern struct in_addr *xtables_numeric_to_ipmask(const char *);
extern void xtables_ipparse_any(const char *, struct in_addr **,
struct in_addr *, unsigned int *);
+extern void xtables_ipparse_multiple(const char *, struct in_addr **,
+ struct in_addr **, unsigned int *);
extern struct in6_addr *xtables_numeric_to_ip6addr(const char *);
extern const char *xtables_ip6addr_to_numeric(const struct in6_addr *);
@@ -263,6 +266,8 @@ extern const char *xtables_ip6addr_to_anyname(const struct in6_addr *);
extern const char *xtables_ip6mask_to_numeric(const struct in6_addr *);
extern void xtables_ip6parse_any(const char *, struct in6_addr **,
struct in6_addr *, unsigned int *);
+extern void xtables_ip6parse_multiple(const char *, struct in6_addr **,
+ struct in6_addr **, unsigned int *);
/**
* Print the specified value to standard output, quoting dangerous
diff --git a/ip6tables.c b/ip6tables.c
index 35067f8..31c4b45 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -281,9 +281,9 @@ exit_printhelp(struct xtables_rule_match *matches)
"Options:\n"
"[!] --proto -p proto protocol: by number or name, eg. `tcp'\n"
-"[!] --source -s address[/mask]\n"
+"[!] --source -s address[/mask][,...]\n"
" source specification\n"
-"[!] --destination -d address[/mask]\n"
+"[!] --destination -d address[/mask][,...]\n"
" destination specification\n"
"[!] --in-interface -i input name[+]\n"
" network interface name ([+] for wildcard)\n"
@@ -740,8 +740,10 @@ append_entry(const ip6t_chainlabel chain,
struct ip6t_entry *fw,
unsigned int nsaddrs,
const struct in6_addr saddrs[],
+ const struct in6_addr smasks[],
unsigned int ndaddrs,
const struct in6_addr daddrs[],
+ const struct in6_addr dmasks[],
int verbose,
struct ip6tc_handle *handle)
{
@@ -750,8 +752,10 @@ append_entry(const ip6t_chainlabel chain,
for (i = 0; i < nsaddrs; i++) {
fw->ipv6.src = saddrs[i];
+ fw->ipv6.smsk = smasks[i];
for (j = 0; j < ndaddrs; j++) {
fw->ipv6.dst = daddrs[j];
+ fw->ipv6.dmsk = dmasks[j];
if (verbose)
print_firewall_line(fw, handle);
ret &= ip6tc_append_entry(chain, fw, handle);
@@ -784,8 +788,10 @@ insert_entry(const ip6t_chainlabel chain,
unsigned int rulenum,
unsigned int nsaddrs,
const struct in6_addr saddrs[],
+ const struct in6_addr smasks[],
unsigned int ndaddrs,
const struct in6_addr daddrs[],
+ const struct in6_addr dmasks[],
int verbose,
struct ip6tc_handle *handle)
{
@@ -794,8 +800,10 @@ insert_entry(const ip6t_chainlabel chain,
for (i = 0; i < nsaddrs; i++) {
fw->ipv6.src = saddrs[i];
+ fw->ipv6.smsk = smasks[i];
for (j = 0; j < ndaddrs; j++) {
fw->ipv6.dst = daddrs[j];
+ fw->ipv6.dmsk = dmasks[j];
if (verbose)
print_firewall_line(fw, handle);
ret &= ip6tc_insert_entry(chain, fw, rulenum, handle);
@@ -806,7 +814,7 @@ insert_entry(const ip6t_chainlabel chain,
}
static unsigned char *
-make_delete_mask(struct ip6t_entry *fw, struct xtables_rule_match *matches)
+make_delete_mask(struct xtables_rule_match *matches)
{
/* Establish mask for comparison */
unsigned int size;
@@ -843,8 +851,10 @@ delete_entry(const ip6t_chainlabel chain,
struct ip6t_entry *fw,
unsigned int nsaddrs,
const struct in6_addr saddrs[],
+ const struct in6_addr smasks[],
unsigned int ndaddrs,
const struct in6_addr daddrs[],
+ const struct in6_addr dmasks[],
int verbose,
struct ip6tc_handle *handle,
struct xtables_rule_match *matches)
@@ -853,11 +863,13 @@ delete_entry(const ip6t_chainlabel chain,
int ret = 1;
unsigned char *mask;
- mask = make_delete_mask(fw, matches);
+ mask = make_delete_mask(matches);
for (i = 0; i < nsaddrs; i++) {
fw->ipv6.src = saddrs[i];
+ fw->ipv6.smsk = smasks[i];
for (j = 0; j < ndaddrs; j++) {
fw->ipv6.dst = daddrs[j];
+ fw->ipv6.dmsk = dmasks[j];
if (verbose)
print_firewall_line(fw, handle);
ret &= ip6tc_delete_entry(chain, fw, mask, handle);
@@ -1291,9 +1303,9 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
int invert = 0;
unsigned int nsaddrs = 0, ndaddrs = 0;
struct in6_addr *saddrs = NULL, *daddrs = NULL;
+ struct in6_addr *smasks = NULL, *dmasks = NULL;
int c, verbose = 0;
- unsigned i;
const char *chain = NULL;
const char *shostnetworkmask = NULL, *dhostnetworkmask = NULL;
const char *policy = NULL, *newname = NULL;
@@ -1811,12 +1823,12 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
}
if (shostnetworkmask)
- xtables_ip6parse_any(shostnetworkmask, &saddrs,
- &fw.ipv6.smsk, &nsaddrs);
+ xtables_ip6parse_multiple(shostnetworkmask, &saddrs,
+ &smasks, &nsaddrs);
if (dhostnetworkmask)
- xtables_ip6parse_any(dhostnetworkmask, &daddrs,
- &fw.ipv6.dmsk, &ndaddrs);
+ xtables_ip6parse_multiple(dhostnetworkmask, &daddrs,
+ &dmasks, &ndaddrs);
if ((nsaddrs > 1 || ndaddrs > 1) &&
(fw.ipv6.invflags & (IP6T_INV_SRCIP | IP6T_INV_DSTIP)))
@@ -1921,13 +1933,15 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
switch (command) {
case CMD_APPEND:
ret = append_entry(chain, e,
- nsaddrs, saddrs, ndaddrs, daddrs,
+ nsaddrs, saddrs, smasks,
+ ndaddrs, daddrs, dmasks,
options&OPT_VERBOSE,
*handle);
break;
case CMD_DELETE:
ret = delete_entry(chain, e,
- nsaddrs, saddrs, ndaddrs, daddrs,
+ nsaddrs, saddrs, smasks,
+ ndaddrs, daddrs, dmasks,
options&OPT_VERBOSE,
*handle, matches);
break;
@@ -1941,7 +1955,8 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
break;
case CMD_INSERT:
ret = insert_entry(chain, e, rulenum - 1,
- nsaddrs, saddrs, ndaddrs, daddrs,
+ nsaddrs, saddrs, smasks,
+ ndaddrs, daddrs, dmasks,
options&OPT_VERBOSE,
*handle);
break;
@@ -2001,12 +2016,10 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
e = NULL;
}
- for (i = 0; i < nsaddrs; i++)
- free(&saddrs[i]);
-
- for (i = 0; i < ndaddrs; i++)
- free(&daddrs[i]);
-
+ free(saddrs);
+ free(smasks);
+ free(daddrs);
+ free(dmasks);
xtables_free_opts(1);
return ret;
diff --git a/iptables.8.in b/iptables.8.in
index 10dcb73..ff7954b 100644
--- a/iptables.8.in
+++ b/iptables.8.in
@@ -236,7 +236,7 @@ Protocol \fBall\fP
will match with all protocols and is taken as default when this
option is omitted.
.TP
-[\fB!\fP] \fB\-s\fP, \fB\-\-source\fP \fIaddress\fP[\fB/\fP\fImask\fP]
+[\fB!\fP] \fB\-s\fP, \fB\-\-source\fP \fIaddress\fP[\fB/\fP\fImask\fP][\fB,\fP\fI...\fP]
Source specification. \fIAddress\fP
can be either a network name, a hostname (please note that specifying
any name to be resolved with a remote query such as DNS is a really bad idea),
@@ -247,8 +247,11 @@ specifying the number of 1's at the left side of the network mask.
Thus, a mask of \fI24\fP is equivalent to \fI255.255.255.0\fP.
A "!" argument before the address specification inverts the sense of
the address. The flag \fB\-\-src\fP is an alias for this option.
+Multiple addresses can be specified when, but this will \fBreplicate\fP the
+rule (when adding with \-A), or will cause multiple rules to be
+deleted (with \-D).
.TP
-[\fB!\fP] \fB\-d\fP, \fB\-\-destination\fP \fIaddress\fP[\fB/\fP\fImask\fP]
+[\fB!\fP] \fB\-d\fP, \fB\-\-destination\fP \fIaddress\fP[\fB/\fP\fImask\fP][\fB,\fP\fI...\fP]
Destination specification.
See the description of the \fB\-s\fP
(source) flag for a detailed description of the syntax. The flag
diff --git a/iptables.c b/iptables.c
index 649baf4..7c075da 100644
--- a/iptables.c
+++ b/iptables.c
@@ -294,9 +294,9 @@ exit_printhelp(struct xtables_rule_match *matches)
"Options:\n"
"[!] --proto -p proto protocol: by number or name, eg. `tcp'\n"
-"[!] --source -s address[/mask]\n"
+"[!] --source -s address[/mask][...]\n"
" source specification\n"
-"[!] --destination -d address[/mask]\n"
+"[!] --destination -d address[/mask][...]\n"
" destination specification\n"
"[!] --in-interface -i input name[+]\n"
" network interface name ([+] for wildcard)\n"
@@ -742,8 +742,10 @@ append_entry(const ipt_chainlabel chain,
struct ipt_entry *fw,
unsigned int nsaddrs,
const struct in_addr saddrs[],
+ const struct in_addr smasks[],
unsigned int ndaddrs,
const struct in_addr daddrs[],
+ const struct in_addr dmasks[],
int verbose,
struct iptc_handle *handle)
{
@@ -752,8 +754,10 @@ append_entry(const ipt_chainlabel chain,
for (i = 0; i < nsaddrs; i++) {
fw->ip.src.s_addr = saddrs[i].s_addr;
+ fw->ip.smsk.s_addr = smasks[i].s_addr;
for (j = 0; j < ndaddrs; j++) {
fw->ip.dst.s_addr = daddrs[j].s_addr;
+ fw->ip.dmsk.s_addr = dmasks[j].s_addr;
if (verbose)
print_firewall_line(fw, handle);
ret &= iptc_append_entry(chain, fw, handle);
@@ -786,8 +790,10 @@ insert_entry(const ipt_chainlabel chain,
unsigned int rulenum,
unsigned int nsaddrs,
const struct in_addr saddrs[],
+ const struct in_addr smasks[],
unsigned int ndaddrs,
const struct in_addr daddrs[],
+ const struct in_addr dmasks[],
int verbose,
struct iptc_handle *handle)
{
@@ -796,8 +802,10 @@ insert_entry(const ipt_chainlabel chain,
for (i = 0; i < nsaddrs; i++) {
fw->ip.src.s_addr = saddrs[i].s_addr;
+ fw->ip.smsk.s_addr = smasks[i].s_addr;
for (j = 0; j < ndaddrs; j++) {
fw->ip.dst.s_addr = daddrs[j].s_addr;
+ fw->ip.dmsk.s_addr = dmasks[j].s_addr;
if (verbose)
print_firewall_line(fw, handle);
ret &= iptc_insert_entry(chain, fw, rulenum, handle);
@@ -808,7 +816,7 @@ insert_entry(const ipt_chainlabel chain,
}
static unsigned char *
-make_delete_mask(struct ipt_entry *fw, struct xtables_rule_match *matches)
+make_delete_mask(struct xtables_rule_match *matches)
{
/* Establish mask for comparison */
unsigned int size;
@@ -845,8 +853,10 @@ delete_entry(const ipt_chainlabel chain,
struct ipt_entry *fw,
unsigned int nsaddrs,
const struct in_addr saddrs[],
+ const struct in_addr smasks[],
unsigned int ndaddrs,
const struct in_addr daddrs[],
+ const struct in_addr dmasks[],
int verbose,
struct iptc_handle *handle,
struct xtables_rule_match *matches)
@@ -855,11 +865,13 @@ delete_entry(const ipt_chainlabel chain,
int ret = 1;
unsigned char *mask;
- mask = make_delete_mask(fw, matches);
+ mask = make_delete_mask(matches);
for (i = 0; i < nsaddrs; i++) {
fw->ip.src.s_addr = saddrs[i].s_addr;
+ fw->ip.smsk.s_addr = smasks[i].s_addr;
for (j = 0; j < ndaddrs; j++) {
fw->ip.dst.s_addr = daddrs[j].s_addr;
+ fw->ip.dmsk.s_addr = dmasks[j].s_addr;
if (verbose)
print_firewall_line(fw, handle);
ret &= iptc_delete_entry(chain, fw, mask, handle);
@@ -1313,7 +1325,8 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
struct ipt_entry fw, *e = NULL;
int invert = 0;
unsigned int nsaddrs = 0, ndaddrs = 0;
- struct in_addr *saddrs = NULL, *daddrs = NULL;
+ struct in_addr *saddrs = NULL, *smasks = NULL;
+ struct in_addr *daddrs = NULL, *dmasks = NULL;
int c, verbose = 0;
const char *chain = NULL;
@@ -1848,12 +1861,12 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
}
if (shostnetworkmask)
- xtables_ipparse_any(shostnetworkmask, &saddrs,
- &fw.ip.smsk, &nsaddrs);
+ xtables_ipparse_multiple(shostnetworkmask, &saddrs,
+ &smasks, &nsaddrs);
if (dhostnetworkmask)
- xtables_ipparse_any(dhostnetworkmask, &daddrs,
- &fw.ip.dmsk, &ndaddrs);
+ xtables_ipparse_multiple(dhostnetworkmask, &daddrs,
+ &dmasks, &ndaddrs);
if ((nsaddrs > 1 || ndaddrs > 1) &&
(fw.ip.invflags & (IPT_INV_SRCIP | IPT_INV_DSTIP)))
@@ -1961,13 +1974,15 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
switch (command) {
case CMD_APPEND:
ret = append_entry(chain, e,
- nsaddrs, saddrs, ndaddrs, daddrs,
+ nsaddrs, saddrs, smasks,
+ ndaddrs, daddrs, dmasks,
options&OPT_VERBOSE,
*handle);
break;
case CMD_DELETE:
ret = delete_entry(chain, e,
- nsaddrs, saddrs, ndaddrs, daddrs,
+ nsaddrs, saddrs, smasks,
+ ndaddrs, daddrs, dmasks,
options&OPT_VERBOSE,
*handle, matches);
break;
@@ -1981,7 +1996,8 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
break;
case CMD_INSERT:
ret = insert_entry(chain, e, rulenum - 1,
- nsaddrs, saddrs, ndaddrs, daddrs,
+ nsaddrs, saddrs, smasks,
+ ndaddrs, daddrs, dmasks,
options&OPT_VERBOSE,
*handle);
break;
@@ -2042,7 +2058,9 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
}
free(saddrs);
+ free(smasks);
free(daddrs);
+ free(dmasks);
xtables_free_opts(1);
return ret;
diff --git a/xtables.c b/xtables.c
index a01d4ea..73a4860 100644
--- a/xtables.c
+++ b/xtables.c
@@ -271,6 +271,18 @@ void *xtables_malloc(size_t size)
return p;
}
+void *xtables_realloc(void *ptr, size_t size)
+{
+ void *p;
+
+ if ((p = realloc(ptr, size)) == NULL) {
+ perror("ip[6]tables: realloc failed");
+ exit(1);
+ }
+
+ return p;
+}
+
static char *get_modprobe(void)
{
int procfile;
@@ -1133,6 +1145,86 @@ static struct in_addr *parse_ipmask(const char *mask)
return &maskaddr;
}
+void xtables_ipparse_multiple(const char *name, struct in_addr **addrpp,
+ struct in_addr **maskpp, unsigned int *naddrs)
+{
+ struct in_addr *addrp;
+ char buf[256], *p;
+ unsigned int len, i, j, n, count = 1;
+ const char *loop = name;
+
+ while ((loop = strchr(loop, ',')) != NULL) {
+ ++count;
+ ++loop; /* skip ',' */
+ }
+
+ *addrpp = xtables_malloc(sizeof(struct in_addr) * count);
+ *maskpp = xtables_malloc(sizeof(struct in_addr) * count);
+
+ loop = name;
+
+ for (i = 0; i < count; ++i) {
+ if (loop == NULL)
+ break;
+ if (*loop == ',')
+ ++loop;
+ if (*loop == '\0')
+ break;
+ p = strchr(loop, ',');
+ if (p != NULL)
+ len = p - loop;
+ else
+ len = strlen(loop);
+ if (len == 0 || sizeof(buf) - 1 < len)
+ break;
+
+ strncpy(buf, loop, len);
+ buf[len] = '\0';
+ loop += len;
+ if ((p = strrchr(buf, '/')) != NULL) {
+ *p = '\0';
+ addrp = parse_ipmask(p + 1);
+ } else {
+ addrp = parse_ipmask(NULL);
+ }
+ memcpy(*maskpp + i, addrp, sizeof(*addrp));
+
+ /* if a null mask is given, the name is ignored, like in "any/0" */
+ if ((*maskpp + i)->s_addr == 0)
+ /*
+ * A bit pointless to process multiple addresses
+ * in this case...
+ */
+ strcpy(buf, "0.0.0.0");
+
+ addrp = ipparse_hostnetwork(buf, &n);
+ if (n > 1) {
+ count += n - 1;
+ *addrpp = xtables_realloc(*addrpp,
+ sizeof(struct in_addr) * count);
+ *maskpp = xtables_realloc(*maskpp,
+ sizeof(struct in_addr) * count);
+ for (j = 0; j < n; ++j)
+ /* for each new addr */
+ memcpy(*addrpp + i + j, addrp + j,
+ sizeof(*addrp));
+ for (j = 1; j < n; ++j)
+ /* for each new mask */
+ memcpy(*maskpp + i + j, *maskpp + i,
+ sizeof(*addrp));
+ i += n - 1;
+ } else {
+ memcpy(*addrpp + i, addrp, sizeof(*addrp));
+ }
+ /* free what ipparse_hostnetwork had allocated: */
+ free(addrp);
+ }
+ *naddrs = count;
+ for (i = 0; i < n; ++i)
+ (*addrpp+i)->s_addr &= (*maskpp+i)->s_addr;
+}
+
+
/**
* xtables_ipparse_any - transform arbitrary name to in_addr
*
@@ -1364,6 +1456,89 @@ static struct in6_addr *parse_ip6mask(char *mask)
return &maskaddr;
}
+void
+xtables_ip6parse_multiple(const char *name, struct in6_addr **addrpp,
+ struct in6_addr **maskpp, unsigned int *naddrs)
+{
+ struct in6_addr *addrp;
+ char buf[256], *p;
+ unsigned int len, i, j, n, count = 1;
+ const char *loop = name;
+
+ while ((loop = strchr(loop, ',')) != NULL) {
+ ++count;
+ ++loop; /* skip ',' */
+ }
+
+ *addrpp = xtables_malloc(sizeof(struct in6_addr) * count);
+ *maskpp = xtables_malloc(sizeof(struct in6_addr) * count);
+
+ loop = name;
+
+ for (i = 0; i < count /*NB: count can grow*/; ++i) {
+ if (loop == NULL)
+ break;
+ if (*loop == ',')
+ ++loop;
+ if (*loop == '\0')
+ break;
+ p = strchr(loop, ',');
+ if (p != NULL)
+ len = p - loop;
+ else
+ len = strlen(loop);
+ if (len == 0 || sizeof(buf) - 1 < len)
+ break;
+
+ strncpy(buf, loop, len);
+ buf[len] = '\0';
+ loop += len;
+ if ((p = strrchr(buf, '/')) != NULL) {
+ *p = '\0';
+ addrp = parse_ip6mask(p + 1);
+ } else {
+ addrp = parse_ip6mask(NULL);
+ }
+ memcpy(*maskpp + i, addrp, sizeof(*addrp));
+
+ /* if a null mask is given, the name is ignored, like in "any/0" */
+ if (memcmp(*maskpp + i, &in6addr_any, sizeof(in6addr_any)) == 0)
+ strcpy(buf, "::");
+
+ addrp = ip6parse_hostnetwork(buf, &n);
+ /* ip6parse_hostnetwork only ever returns one IP
+ address (it exits if the resolution fails).
+ Therefore, n will always be 1 here. Leaving the
+ code below in anyway in case ip6parse_hostnetwork
+ is improved some day to behave like
+ ipparse_hostnetwork: */
+ if (n > 1) {
+ count += n - 1;
+ *addrpp = xtables_realloc(*addrpp,
+ sizeof(struct in6_addr) * count);
+ *maskpp = xtables_realloc(*maskpp,
+ sizeof(struct in6_addr) * count);
+ for (j = 0; j < n; ++j)
+ /* for each new addr */
+ memcpy(*addrpp + i + j, addrp + j,
+ sizeof(*addrp));
+ for (j = 1; j < n; ++j)
+ /* for each new mask */
+ memcpy(*maskpp + i + j, *maskpp + i,
+ sizeof(*addrp));
+ i += n - 1;
+ } else {
+ memcpy(*addrpp + i, addrp, sizeof(*addrp));
+ }
+ /* free what ip6parse_hostnetwork had allocated: */
+ free(addrp);
+ }
+ *naddrs = count;
+ for (i = 0; i < n; ++i)
+ for (j = 0; j < 4; ++j)
+ (*addrpp+i)->s6_addr32[j] &= (*maskpp+i)->s6_addr32[j];
+}
+
void xtables_ip6parse_any(const char *name, struct in6_addr **addrpp,
struct in6_addr *maskp, unsigned int *naddrs)
{
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 2/9] DNAT/SNAT: add manpage documentation for --persistent flag
2009-05-03 19:54 iptables pull request Jan Engelhardt
2009-05-03 19:54 ` [PATCH 1/9] iptables: accept multiple IP address specifications for -s, -d Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 3/9] extensions: remove redundant casts Jan Engelhardt
` (7 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libipt_DNAT.man | 7 +++++--
extensions/libipt_SAME.man | 2 ++
extensions/libipt_SNAT.man | 7 +++++--
3 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/extensions/libipt_DNAT.man b/extensions/libipt_DNAT.man
index 22e84c6..d1e0a3a 100644
--- a/extensions/libipt_DNAT.man
+++ b/extensions/libipt_DNAT.man
@@ -32,5 +32,8 @@ anymore.
If option
\fB\-\-random\fP
is used then port mapping will be randomized (kernel >= 2.6.22).
-.RS
-.PP
+.TP
+\fB\-\-persistent\fP
+Gives a client the same source-/destination-address for each connection.
+This supersedes the SAME target. Support for persistent mappings is available
+from 2.6.29-rc2.
diff --git a/extensions/libipt_SAME.man b/extensions/libipt_SAME.man
index b862aa4..a99dc73 100644
--- a/extensions/libipt_SAME.man
+++ b/extensions/libipt_SAME.man
@@ -1,6 +1,8 @@
Similar to SNAT/DNAT depending on chain: it takes a range of addresses
(`\-\-to 1.2.3.4\-1.2.3.7') and gives a client the same
source-/destination-address for each connection.
+.PP
+N.B.: The DNAT target's \fB\-\-persistent\fP option replaced the SAME target.
.TP
\fB\-\-to\fP \fIipaddr\fP[\fB\-\fP\fIipaddr\fP]
Addresses to map source to. May be specified more than once for
diff --git a/extensions/libipt_SNAT.man b/extensions/libipt_SNAT.man
index 040571b..6b828fd 100644
--- a/extensions/libipt_SNAT.man
+++ b/extensions/libipt_SNAT.man
@@ -30,5 +30,8 @@ anymore.
If option
\fB\-\-random\fP
is used then port mapping will be randomized (kernel >= 2.6.21).
-.RS
-.PP
+.TP
+\fB\-\-persistent\fP
+Gives a client the same source-/destination-address for each connection.
+This supersedes the SAME target. Support for persistent mappings is available
+from 2.6.29-rc2.
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 3/9] extensions: remove redundant casts
2009-05-03 19:54 iptables pull request Jan Engelhardt
2009-05-03 19:54 ` [PATCH 1/9] iptables: accept multiple IP address specifications for -s, -d Jan Engelhardt
2009-05-03 19:54 ` [PATCH 2/9] DNAT/SNAT: add manpage documentation for --persistent flag Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 4/9] extensions: switch numeric to bool Jan Engelhardt
` (6 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libipt_realm.c | 4 ++--
extensions/libxt_multiport.c | 12 ++++++------
2 files changed, 8 insertions(+), 8 deletions(-)
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index 3dd63d3..29f6b98 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -86,14 +86,14 @@ static void load_realms(void)
continue;
/* found valid data */
- newnm = (struct realmname*)malloc(sizeof(struct realmname));
+ newnm = malloc(sizeof(struct realmname));
if (newnm == NULL) {
perror("libipt_realm: malloc failed");
exit(1);
}
newnm->id = id;
newnm->len = nxt - cur;
- newnm->name = (char*)malloc(newnm->len + 1);
+ newnm->name = malloc(newnm->len + 1);
if (newnm->name == NULL) {
perror("libipt_realm: malloc failed");
exit(1);
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index c3c8bb9..9959a20 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -215,7 +215,7 @@ static int
multiport_parse6(int c, char **argv, int invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
- const struct ip6t_entry *entry = (const struct ip6t_entry *)e;
+ const struct ip6t_entry *entry = e;
return __multiport_parse(c, argv, invert, flags, match,
entry->ipv6.proto, entry->ipv6.invflags);
}
@@ -278,7 +278,7 @@ static int
multiport_parse6_v1(int c, char **argv, int invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
- const struct ip6t_entry *entry = (const struct ip6t_entry *)e;
+ const struct ip6t_entry *entry = e;
return __multiport_parse_v1(c, argv, invert, flags, match,
entry->ipv6.proto, entry->ipv6.invflags);
}
@@ -358,7 +358,7 @@ static void multiport_print(const void *ip_void,
static void multiport_print6(const void *ip_void,
const struct xt_entry_match *match, int numeric)
{
- const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
+ const struct ip6t_ip6 *ip = ip_void;
__multiport_print(match, numeric, ip->proto);
}
@@ -413,7 +413,7 @@ static void multiport_print_v1(const void *ip_void,
static void multiport_print6_v1(const void *ip_void,
const struct xt_entry_match *match, int numeric)
{
- const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
+ const struct ip6t_ip6 *ip = ip_void;
__multiport_print_v1(match, numeric, ip->proto);
}
@@ -456,7 +456,7 @@ static void multiport_save(const void *ip_void,
static void multiport_save6(const void *ip_void,
const struct xt_entry_match *match)
{
- const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
+ const struct ip6t_ip6 *ip = ip_void;
__multiport_save(match, ip->proto);
}
@@ -505,7 +505,7 @@ static void multiport_save_v1(const void *ip_void,
static void multiport_save6_v1(const void *ip_void,
const struct xt_entry_match *match)
{
- const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
+ const struct ip6t_ip6 *ip = ip_void;
__multiport_save_v1(match, ip->proto);
}
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 4/9] extensions: switch numeric to bool
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (2 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 3/9] extensions: remove redundant casts Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 5/9] libxt_helper: fix invalid passed option to check_inverse Jan Engelhardt
` (5 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
configure.ac | 2 +-
extensions/libip6t_HL.c | 3 ++-
extensions/libip6t_LOG.c | 3 ++-
extensions/libip6t_REJECT.c | 3 ++-
extensions/libip6t_ah.c | 3 ++-
extensions/libip6t_dst.c | 3 ++-
extensions/libip6t_frag.c | 3 ++-
extensions/libip6t_hbh.c | 3 ++-
extensions/libip6t_hl.c | 3 ++-
extensions/libip6t_icmp6.c | 5 +++--
| 3 ++-
extensions/libip6t_mh.c | 7 ++++---
extensions/libip6t_policy.c | 9 +++++----
extensions/libip6t_rt.c | 3 ++-
extensions/libipt_CLUSTERIP.c | 3 ++-
extensions/libipt_DNAT.c | 3 ++-
extensions/libipt_ECN.c | 3 ++-
extensions/libipt_LOG.c | 3 ++-
extensions/libipt_MASQUERADE.c | 3 ++-
extensions/libipt_NETMAP.c | 5 +++--
extensions/libipt_REDIRECT.c | 3 ++-
extensions/libipt_REJECT.c | 3 ++-
extensions/libipt_SAME.c | 3 ++-
extensions/libipt_SET.c | 3 ++-
extensions/libipt_SNAT.c | 3 ++-
extensions/libipt_TTL.c | 3 ++-
extensions/libipt_ULOG.c | 3 ++-
extensions/libipt_addrtype.c | 5 +++--
extensions/libipt_ah.c | 3 ++-
extensions/libipt_ecn.c | 3 ++-
extensions/libipt_icmp.c | 5 +++--
extensions/libipt_policy.c | 9 +++++----
extensions/libipt_realm.c | 7 ++++---
extensions/libipt_set.c | 3 ++-
extensions/libipt_ttl.c | 3 ++-
extensions/libxt_CLASSIFY.c | 5 +++--
extensions/libxt_CONNMARK.c | 5 +++--
extensions/libxt_CONNSECMARK.c | 3 ++-
extensions/libxt_DSCP.c | 5 +++--
extensions/libxt_MARK.c | 6 +++---
extensions/libxt_NFLOG.c | 3 ++-
extensions/libxt_NFQUEUE.c | 3 ++-
extensions/libxt_RATEEST.c | 3 ++-
extensions/libxt_SECMARK.c | 3 ++-
extensions/libxt_TCPMSS.c | 3 ++-
extensions/libxt_TCPOPTSTRIP.c | 2 +-
extensions/libxt_TOS.c | 5 +++--
extensions/libxt_TPROXY.c | 2 +-
| 3 ++-
extensions/libxt_connbytes.c | 4 +++-
extensions/libxt_connlimit.c | 5 +++--
extensions/libxt_connmark.c | 7 +++++--
extensions/libxt_conntrack.c | 11 ++++++-----
extensions/libxt_dccp.c | 14 ++++++++------
extensions/libxt_dscp.c | 3 ++-
extensions/libxt_esp.c | 3 ++-
extensions/libxt_hashlimit.c | 6 +++---
extensions/libxt_helper.c | 3 ++-
extensions/libxt_iprange.c | 7 ++++---
extensions/libxt_length.c | 3 ++-
extensions/libxt_limit.c | 3 ++-
extensions/libxt_mac.c | 3 ++-
extensions/libxt_mark.c | 4 ++--
extensions/libxt_multiport.c | 21 ++++++++++++---------
extensions/libxt_owner.c | 6 +++---
extensions/libxt_physdev.c | 3 ++-
extensions/libxt_pkttype.c | 3 ++-
extensions/libxt_quota.c | 3 ++-
extensions/libxt_rateest.c | 5 +++--
extensions/libxt_recent.c | 3 ++-
extensions/libxt_sctp.c | 15 ++++++++-------
extensions/libxt_state.c | 3 ++-
extensions/libxt_statistic.c | 4 +++-
extensions/libxt_string.c | 3 ++-
extensions/libxt_tcp.c | 11 ++++++-----
extensions/libxt_tcpmss.c | 3 ++-
extensions/libxt_time.c | 2 +-
extensions/libxt_tos.c | 4 ++--
extensions/libxt_u32.c | 3 ++-
extensions/libxt_udp.c | 7 ++++---
include/xtables.h.in | 4 ++--
ip6tables.c | 7 ++++---
iptables.c | 7 ++++---
83 files changed, 228 insertions(+), 148 deletions(-)
diff --git a/configure.ac b/configure.ac
index c3a8c6c..a082932 100644
--- a/configure.ac
+++ b/configure.ac
@@ -3,7 +3,7 @@ AC_INIT([iptables], [1.4.3.2])
# See libtool.info "Libtool's versioning system"
libxtables_vcurrent=3
-libxtables_vage=1
+libxtables_vage=0
AC_CONFIG_HEADERS([config.h])
AC_CONFIG_MACRO_DIR([m4])
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 12d8e72..1cf5358 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -6,6 +6,7 @@
*/
#include <getopt.h>
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -110,7 +111,7 @@ static void HL_save(const void *ip, const struct xt_entry_target *target)
}
static void HL_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ip6t_HL_info *info =
(struct ip6t_HL_info *) target->data;
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 390cb97..a616694 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add LOG support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -190,7 +191,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void LOG_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ip6t_log_info *loginfo
= (const struct ip6t_log_info *)target->data;
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 527f595..846e61e 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -5,6 +5,7 @@
* ported to IPv6 by Harald Welte <laforge@gnumonks.org>
*
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -103,7 +104,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void REJECT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ip6t_reject_info *reject
= (const struct ip6t_reject_info *)target->data;
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index 19b7ad4..cc3e5cb 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add AH support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -140,7 +141,7 @@ print_len(const char *name, u_int32_t len, int invert)
}
static void ah_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_ah *ah = (struct ip6t_ah *)match->data;
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
index a47e3a3..b907225 100644
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add Dst header support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -178,7 +179,7 @@ print_options(unsigned int optsnr, u_int16_t *optsp)
}
static void dst_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c
index 905b494..946b8e2 100644
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add Fragmentation header support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -163,7 +164,7 @@ print_ids(const char *name, u_int32_t min, u_int32_t max,
}
static void frag_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_frag *frag = (struct ip6t_frag *)match->data;
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index e08d84a..18f60b2 100644
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add Hop-by-Hop header support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -171,7 +172,7 @@ print_options(unsigned int optsnr, u_int16_t *optsp)
}
static void hbh_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_opts *optinfo = (struct ip6t_opts *)match->data;
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index 9252c3d..117bfb8 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -6,6 +6,7 @@
* Cleanups by Stephane Ouellette <ouellettes@videotron.ca>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -87,7 +88,7 @@ static void hl_check(unsigned int flags)
}
static void hl_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
static const char *op[] = {
[IP6T_HL_EQ] = "==",
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index 0678aac..7ef63e2 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add ICMP support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -176,7 +177,7 @@ static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags,
static void print_icmpv6type(u_int8_t type,
u_int8_t code_min, u_int8_t code_max,
int invert,
- int numeric)
+ bool numeric)
{
if (!numeric) {
unsigned int i;
@@ -211,7 +212,7 @@ static void print_icmpv6type(u_int8_t type,
}
static void icmp6_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_icmp *icmpv6 = (struct ip6t_icmp *)match->data;
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index 479b313..8be284d 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -6,6 +6,7 @@ on whether they contain certain headers */
#include <getopt.h>
#include <xtables.h>
+#include <stdbool.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@@ -244,7 +245,7 @@ print_header(u_int8_t flags){
}
static void ipv6header_print(const void *ip,
- const struct xt_entry_match *match, int numeric)
+ const struct xt_entry_match *match, bool numeric)
{
const struct ip6t_ipv6header_info *info = (const struct ip6t_ipv6header_info *)match->data;
printf("ipv6header ");
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index 9711f76..d63110a 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -11,6 +11,7 @@
*
* Based on libip6t_{icmpv6,udp}.c
*/
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -159,7 +160,7 @@ static const char *type_to_name(u_int8_t type)
return NULL;
}
-static void print_type(u_int8_t type, int numeric)
+static void print_type(u_int8_t type, bool numeric)
{
const char *name;
if (numeric || !(name = type_to_name(type)))
@@ -168,7 +169,7 @@ static void print_type(u_int8_t type, int numeric)
printf("%s", name);
}
-static void print_types(u_int8_t min, u_int8_t max, int invert, int numeric)
+static void print_types(u_int8_t min, u_int8_t max, int invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -187,7 +188,7 @@ static void print_types(u_int8_t min, u_int8_t max, int invert, int numeric)
}
static void mh_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_mh *mhinfo = (struct ip6t_mh *)match->data;
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 5106c28..3efffe0 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add policy support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -329,7 +330,7 @@ static void policy_check(unsigned int flags)
}
}
-static void print_mode(char *prefix, u_int8_t mode, int numeric)
+static void print_mode(char *prefix, u_int8_t mode, bool numeric)
{
printf("%smode ", prefix);
@@ -346,7 +347,7 @@ static void print_mode(char *prefix, u_int8_t mode, int numeric)
}
}
-static void print_proto(char *prefix, u_int8_t proto, int numeric)
+static void print_proto(char *prefix, u_int8_t proto, bool numeric)
{
struct protoent *p = NULL;
@@ -366,7 +367,7 @@ do { \
} while(0)
static void print_entry(char *prefix, const struct ip6t_policy_elem *e,
- int numeric)
+ bool numeric)
{
if (e->match.reqid) {
PRINT_INVERT(e->invert.reqid);
@@ -415,7 +416,7 @@ static void print_flags(char *prefix, const struct ip6t_policy_info *info)
}
static void policy_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_policy_info *info = (void *)match->data;
unsigned int i;
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index c9bf994..a242ea2 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add Routing header support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -261,7 +262,7 @@ print_addresses(unsigned int addrnr, struct in6_addr *addrp)
}
static void rt_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_rt *rtinfo = (struct ip6t_rt *)match->data;
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c
index 279aacf..874e0bb 100644
--- a/extensions/libipt_CLUSTERIP.c
+++ b/extensions/libipt_CLUSTERIP.c
@@ -3,6 +3,7 @@
*
* Development of this code was funded by SuSE AG, http://www.suse.com/
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -193,7 +194,7 @@ static char *mac2str(const u_int8_t mac[ETH_ALEN])
}
static void CLUSTERIP_print(const void *ip,
- const struct xt_entry_target *target, int numeric)
+ const struct xt_entry_target *target, bool numeric)
{
const struct ipt_clusterip_tgt_info *cipinfo =
(const struct ipt_clusterip_tgt_info *)target->data;
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index dc79b44..aad4f61 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add destination-NAT support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -217,7 +218,7 @@ static void print_range(const struct nf_nat_range *r)
}
static void DNAT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct ipt_natinfo *info = (void *)target;
unsigned int i = 0;
diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c
index bf1f8a5..52ccd0f 100644
--- a/extensions/libipt_ECN.c
+++ b/extensions/libipt_ECN.c
@@ -8,6 +8,7 @@
*
* $Id$
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -104,7 +105,7 @@ static void ECN_check(unsigned int flags)
}
static void ECN_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ipt_ECN_info *einfo =
(const struct ipt_ECN_info *)target->data;
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index ebcb574..07c7e5e 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add LOG support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -190,7 +191,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void LOG_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ipt_log_info *loginfo
= (const struct ipt_log_info *)target->data;
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 82c2230..d7e2c8c 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add masquerade support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -109,7 +110,7 @@ static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
static void
MASQUERADE_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct nf_nat_multi_range *mr
= (struct nf_nat_multi_range *)target->data;
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index 9820230..5974bf5 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -2,6 +2,7 @@
Author: Svenning Soerensen <svenning@post5.tele.dk>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -138,7 +139,7 @@ static void NETMAP_check(unsigned int flags)
}
static void NETMAP_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct nf_nat_multi_range *mr
= (struct nf_nat_multi_range *)target->data;
@@ -159,7 +160,7 @@ static void NETMAP_print(const void *ip, const struct xt_entry_target *target,
static void NETMAP_save(const void *ip, const struct xt_entry_target *target)
{
printf("--%s ", NETMAP_opts[0].name);
- NETMAP_print(ip, target, 0);
+ NETMAP_print(ip, target, false);
}
static struct xtables_target netmap_tg_reg = {
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 658f933..a857de3 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add redirect support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -122,7 +123,7 @@ static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void REDIRECT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct nf_nat_multi_range *mr
= (struct nf_nat_multi_range *)target->data;
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index 5b23f54..e8737e5 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -2,6 +2,7 @@
*
* (C) 2000 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -122,7 +123,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void REJECT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ipt_reject_info *reject
= (const struct ipt_reject_info *)target->data;
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index a07d9f4..3c361b8 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add simple non load-balancing SNAT support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -135,7 +136,7 @@ static void SAME_check(unsigned int flags)
}
static void SAME_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
unsigned int count;
struct ipt_same_info *mr
diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c
index 5da41a0..7cd7882 100644
--- a/extensions/libipt_SET.c
+++ b/extensions/libipt_SET.c
@@ -9,6 +9,7 @@
*/
/* Shared library add-on to iptables to add IP set mangling target. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -127,7 +128,7 @@ print_target(const char *prefix, const struct ipt_set_info *info)
}
static void SET_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct ipt_set_info_target *info =
(struct ipt_set_info_target *) target->data;
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 9609ad9..1d5caa4 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add source-NAT support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -217,7 +218,7 @@ static void print_range(const struct nf_nat_range *r)
}
static void SNAT_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct ipt_natinfo *info = (void *)target;
unsigned int i = 0;
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index 0e2be0b..f0bfeab 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -5,6 +5,7 @@
*
* This program is distributed under the terms of GNU GPL
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -110,7 +111,7 @@ static void TTL_save(const void *ip, const struct xt_entry_target *target)
}
static void TTL_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ipt_TTL_info *info =
(struct ipt_TTL_info *) target->data;
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c
index 3fa91f2..333ac88 100644
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -9,6 +9,7 @@
*
* libipt_ULOG.c,v 1.7 2001/01/30 11:55:02 laforge Exp
*/
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -165,7 +166,7 @@ static void ULOG_save(const void *ip, const struct xt_entry_target *target)
}
static void ULOG_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct ipt_ulog_info *loginfo
= (const struct ipt_ulog_info *) target->data;
diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c
index ecd51b5..dca3a0e 100644
--- a/extensions/libipt_addrtype.c
+++ b/extensions/libipt_addrtype.c
@@ -2,6 +2,7 @@
*
* This program is released under the terms of GNU GPL */
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -212,7 +213,7 @@ static void print_types(u_int16_t mask)
}
static void addrtype_print_v0(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_addrtype_info *info =
(struct ipt_addrtype_info *) match->data;
@@ -233,7 +234,7 @@ static void addrtype_print_v0(const void *ip, const struct xt_entry_match *match
}
static void addrtype_print_v1(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_addrtype_info_v1 *info =
(struct ipt_addrtype_info_v1 *) match->data;
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index d049b42..62a5b80 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add AH support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -117,7 +118,7 @@ print_spis(const char *name, u_int32_t min, u_int32_t max,
}
static void ah_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_ah *ah = (struct ipt_ah *)match->data;
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c
index 3ee190e..ddbaeab 100644
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -7,6 +7,7 @@
* libipt_ecn.c borrowed heavily from libipt_dscp.c
*
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -90,7 +91,7 @@ static void ecn_check(unsigned int flags)
}
static void ecn_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_ecn_info *einfo =
(const struct ipt_ecn_info *)match->data;
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index 15c1787..6524fc9 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add ICMP support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -201,7 +202,7 @@ static int icmp_parse(int c, char **argv, int invert, unsigned int *flags,
static void print_icmptype(u_int8_t type,
u_int8_t code_min, u_int8_t code_max,
int invert,
- int numeric)
+ bool numeric)
{
if (!numeric) {
unsigned int i;
@@ -236,7 +237,7 @@ static void print_icmptype(u_int8_t type,
}
static void icmp_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_icmp *icmp = (struct ipt_icmp *)match->data;
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index ae7282a..ae416ba 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add policy support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -297,7 +298,7 @@ static void policy_check(unsigned int flags)
}
}
-static void print_mode(char *prefix, u_int8_t mode, int numeric)
+static void print_mode(char *prefix, u_int8_t mode, bool numeric)
{
printf("%smode ", prefix);
@@ -314,7 +315,7 @@ static void print_mode(char *prefix, u_int8_t mode, int numeric)
}
}
-static void print_proto(char *prefix, u_int8_t proto, int numeric)
+static void print_proto(char *prefix, u_int8_t proto, bool numeric)
{
struct protoent *p = NULL;
@@ -334,7 +335,7 @@ do { \
} while(0)
static void print_entry(char *prefix, const struct ipt_policy_elem *e,
- int numeric)
+ bool numeric)
{
if (e->match.reqid) {
PRINT_INVERT(e->invert.reqid);
@@ -383,7 +384,7 @@ static void print_flags(char *prefix, const struct ipt_policy_info *info)
}
static void policy_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_policy_info *info = (void *)match->data;
unsigned int i;
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index 29f6b98..279476e 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add realm matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -188,14 +189,14 @@ static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void
-print_realm(unsigned long id, unsigned long mask, int numeric)
+print_realm(unsigned long id, unsigned long mask, bool numeric)
{
const char* name = NULL;
if (mask != 0xffffffff)
printf("0x%lx/0x%lx ", id, mask);
else {
- if (numeric == 0)
+ if (!numeric)
name = realm_id2name(id);
if (name)
printf("%s ", name);
@@ -205,7 +206,7 @@ print_realm(unsigned long id, unsigned long mask, int numeric)
}
static void realm_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
struct ipt_realm_info *ri = (struct ipt_realm_info *) match->data;
diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c
index 845b2b0..8a3da13 100644
--- a/extensions/libipt_set.c
+++ b/extensions/libipt_set.c
@@ -9,6 +9,7 @@
*/
/* Shared library add-on to iptables to add IP set matching. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -119,7 +120,7 @@ print_match(const char *prefix, const struct ipt_set_info *info)
/* Prints out the matchinfo. */
static void set_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
struct ipt_set_info_match *info =
(struct ipt_set_info_match *) match->data;
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 019a556..860acf2 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -5,6 +5,7 @@
*
* This program is released under the terms of GNU GPL */
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -90,7 +91,7 @@ static void ttl_check(unsigned int flags)
}
static void ttl_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_ttl_info *info =
(struct ipt_ttl_info *) match->data;
diff --git a/extensions/libxt_CLASSIFY.c b/extensions/libxt_CLASSIFY.c
index 7db2e4c..8708c23 100644
--- a/extensions/libxt_CLASSIFY.c
+++ b/extensions/libxt_CLASSIFY.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add CLASSIFY target support. */
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -69,7 +70,7 @@ CLASSIFY_final_check(unsigned int flags)
}
static void
-CLASSIFY_print_class(unsigned int priority, int numeric)
+CLASSIFY_print_class(unsigned int priority, bool numeric)
{
printf("%x:%x ", TC_H_MAJ(priority)>>16, TC_H_MIN(priority));
}
@@ -77,7 +78,7 @@ CLASSIFY_print_class(unsigned int priority, int numeric)
static void
CLASSIFY_print(const void *ip,
const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_classify_target_info *clinfo =
(const struct xt_classify_target_info *)target->data;
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index 6e42898..b39244d 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -19,6 +19,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -271,7 +272,7 @@ print_mask(const char *text, unsigned long mask)
}
static void CONNMARK_print(const void *ip,
- const struct xt_entry_target *target, int numeric)
+ const struct xt_entry_target *target, bool numeric)
{
const struct xt_connmark_target_info *markinfo =
(const struct xt_connmark_target_info *)target->data;
@@ -299,7 +300,7 @@ static void CONNMARK_print(const void *ip,
static void
connmark_tg_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_connmark_tginfo1 *info = (const void *)target->data;
diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c
index 1515f6f..c01b587 100644
--- a/extensions/libxt_CONNSECMARK.c
+++ b/extensions/libxt_CONNSECMARK.c
@@ -5,6 +5,7 @@
*
* Copyright (C) 2006 Red Hat, Inc., James Morris <jmorris@redhat.com>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -87,7 +88,7 @@ static void print_connsecmark(struct xt_connsecmark_target_info *info)
static void
CONNSECMARK_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct xt_connsecmark_target_info *info =
(struct xt_connsecmark_target_info*)(target)->data;
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index ddb9c99..22fd476 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -9,6 +9,7 @@
*
* --set-class added by Iain Barnes
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -107,13 +108,13 @@ static void DSCP_check(unsigned int flags)
}
static void
-print_dscp(u_int8_t dscp, int numeric)
+print_dscp(u_int8_t dscp, bool numeric)
{
printf("0x%02x ", dscp);
}
static void DSCP_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_DSCP_info *dinfo =
(const struct xt_DSCP_info *)target->data;
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index ec2fe96..d8d83ed 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -199,7 +199,7 @@ print_mark(unsigned long mark)
}
static void MARK_print_v0(const void *ip,
- const struct xt_entry_target *target, int numeric)
+ const struct xt_entry_target *target, bool numeric)
{
const struct xt_mark_target_info *markinfo =
(const struct xt_mark_target_info *)target->data;
@@ -217,7 +217,7 @@ static void MARK_save_v0(const void *ip, const struct xt_entry_target *target)
}
static void MARK_print_v1(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_mark_target_info_v1 *markinfo =
(const struct xt_mark_target_info_v1 *)target->data;
@@ -237,7 +237,7 @@ static void MARK_print_v1(const void *ip, const struct xt_entry_target *target,
}
static void mark_tg_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_mark_tginfo2 *info = (const void *)target->data;
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 007c7b4..a214631 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -1,3 +1,4 @@
+#include <stdbool.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -124,7 +125,7 @@ static void nflog_print(const struct xt_nflog_info *info, char *prefix)
}
static void NFLOG_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_nflog_info *info = (struct xt_nflog_info *)target->data;
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index 3ca2239..c4cd335 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -5,6 +5,7 @@
* This program is distributed under the terms of GNU GPL v2, 1991
*
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -62,7 +63,7 @@ NFQUEUE_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void NFQUEUE_print(const void *ip,
- const struct xt_entry_target *target, int numeric)
+ const struct xt_entry_target *target, bool numeric)
{
const struct xt_NFQ_info *tinfo =
(const struct xt_NFQ_info *)target->data;
diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c
index d4fd6dd..da0963a 100644
--- a/extensions/libxt_RATEEST.c
+++ b/extensions/libxt_RATEEST.c
@@ -1,3 +1,4 @@
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -190,7 +191,7 @@ __RATEEST_print(const struct xt_entry_target *target, const char *prefix)
static void
RATEEST_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
__RATEEST_print(target, "");
}
diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c
index 9db2327..977321a 100644
--- a/extensions/libxt_SECMARK.c
+++ b/extensions/libxt_SECMARK.c
@@ -5,6 +5,7 @@
*
* Copyright (C) 2006 Red Hat, Inc., James Morris <jmorris@redhat.com>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -74,7 +75,7 @@ static void print_secmark(struct xt_secmark_target_info *info)
}
static void SECMARK_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
struct xt_secmark_target_info *info =
(struct xt_secmark_target_info*)(target)->data;
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index ac9e2d0..cff1dc1 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -2,6 +2,7 @@
*
* Copyright (c) 2000 Marc Boucher
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -98,7 +99,7 @@ static void TCPMSS_check(unsigned int flags)
}
static void TCPMSS_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_tcpmss_info *mssinfo =
(const struct xt_tcpmss_info *)target->data;
diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c
index cf946fc..aa36a55 100644
--- a/extensions/libxt_TCPOPTSTRIP.c
+++ b/extensions/libxt_TCPOPTSTRIP.c
@@ -158,7 +158,7 @@ tcpoptstrip_print_list(const struct xt_tcpoptstrip_target_info *info,
static void
tcpoptstrip_tg_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_tcpoptstrip_target_info *info =
(const void *)target->data;
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index c08f53b..b809f92 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -5,6 +5,7 @@
* Contact: Jan Engelhardt <jengelh@computergmbh.de>
*/
#include <getopt.h>
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
@@ -158,7 +159,7 @@ static void tos_tg_check(unsigned int flags)
}
static void tos_tg_print_v0(const void *ip,
- const struct xt_entry_target *target, int numeric)
+ const struct xt_entry_target *target, bool numeric)
{
const struct ipt_tos_target_info *info = (const void *)target->data;
@@ -168,7 +169,7 @@ static void tos_tg_print_v0(const void *ip,
}
static void tos_tg_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_tos_target_info *info = (const void *)target->data;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index d410c52..392833e 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -110,7 +110,7 @@ static void tproxy_tg_check(unsigned int flags)
}
static void tproxy_tg_print(const void *ip, const struct xt_entry_target *target,
- int numeric)
+ bool numeric)
{
const struct xt_tproxy_target_info *info = (const void *)target->data;
printf("TPROXY redirect %s:%u mark 0x%x/0x%x",
--git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
index 67d7f99..c9ad07b 100644
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -6,6 +6,7 @@
* 2004-05-12: Brad Fisher <brad@info-link.net>
* Port to patch-o-matic-ng
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -69,7 +70,7 @@ static void comment_check(unsigned int flags)
}
static void
-comment_print(const void *ip, const struct xt_entry_match *match, int numeric)
+comment_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data;
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c
index 9f6af1c..b34ef88 100644
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add byte tracking support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -139,7 +140,8 @@ static void print_direction(struct xt_connbytes_info *sinfo)
}
static void
-connbytes_print(const void *ip, const struct xt_entry_match *match, int numeric)
+connbytes_print(const void *ip, const struct xt_entry_match *match,
+ bool numeric)
{
struct xt_connbytes_info *sinfo = (struct xt_connbytes_info *)match->data;
diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c
index f001a2e..abb0d5d 100644
--- a/extensions/libxt_connlimit.c
+++ b/extensions/libxt_connlimit.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add connection limit support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -143,7 +144,7 @@ static unsigned int count_bits6(const u_int32_t *mask)
}
static void connlimit_print4(const void *ip,
- const struct xt_entry_match *match, int numeric)
+ const struct xt_entry_match *match, bool numeric)
{
const struct xt_connlimit_info *info = (const void *)match->data;
@@ -152,7 +153,7 @@ static void connlimit_print4(const void *ip,
}
static void connlimit_print6(const void *ip,
- const struct xt_entry_match *match, int numeric)
+ const struct xt_entry_match *match, bool numeric)
{
const struct xt_connlimit_info *info = (const void *)match->data;
printf("#conn/%u %s %u ", count_bits6(info->v6_mask),
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 2dca5a5..9fe64a8 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -19,6 +19,7 @@
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -119,7 +120,8 @@ static void connmark_mt_check(unsigned int flags)
}
static void
-connmark_print(const void *ip, const struct xt_entry_match *match, int numeric)
+connmark_print(const void *ip, const struct xt_entry_match *match,
+ bool numeric)
{
struct xt_connmark_info *info = (struct xt_connmark_info *)match->data;
@@ -130,7 +132,8 @@ connmark_print(const void *ip, const struct xt_entry_match *match, int numeric)
}
static void
-connmark_mt_print(const void *ip, const struct xt_entry_match *match, int numeric)
+connmark_mt_print(const void *ip, const struct xt_entry_match *match,
+ bool numeric)
{
const struct xt_connmark_mtinfo1 *info = (const void *)match->data;
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 358b255..56451fa 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -779,7 +779,7 @@ conntrack_dump_addr(const union nf_inet_addr *addr,
}
static void
-print_addr(struct in_addr *addr, struct in_addr *mask, int inv, int numeric)
+print_addr(struct in_addr *addr, struct in_addr *mask, int inv, bool numeric)
{
char buf[BUFSIZ];
@@ -799,7 +799,8 @@ print_addr(struct in_addr *addr, struct in_addr *mask, int inv, int numeric)
}
static void
-matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric, const char *optpfx)
+matchinfo_print(const void *ip, const struct xt_entry_match *match,
+ bool numeric, const char *optpfx)
{
struct xt_conntrack_info *sinfo = (void *)match->data;
@@ -997,21 +998,21 @@ conntrack_dump(const struct xt_conntrack_mtinfo1 *info, const char *prefix,
}
static void conntrack_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
matchinfo_print(ip, match, numeric, "");
}
static void
conntrack_mt_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
conntrack_dump((const void *)match->data, "", NFPROTO_IPV4, numeric);
}
static void
conntrack_mt6_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
conntrack_dump((const void *)match->data, "", NFPROTO_IPV6, numeric);
}
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index 413624e..b45405c 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -5,6 +5,7 @@
* This program is distributed under the terms of GNU GPL v2, 1991
*
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -201,7 +202,7 @@ port_to_service(int port)
}
static void
-print_port(u_int16_t port, int numeric)
+print_port(u_int16_t port, bool numeric)
{
char *service;
@@ -213,7 +214,7 @@ print_port(u_int16_t port, int numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, int numeric)
+ int invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -233,7 +234,7 @@ print_ports(const char *name, u_int16_t min, u_int16_t max,
}
static void
-print_types(u_int16_t types, int inverted, int numeric)
+print_types(u_int16_t types, int inverted, bool numeric)
{
int have_type = 0;
@@ -260,14 +261,14 @@ print_types(u_int16_t types, int inverted, int numeric)
}
static void
-print_option(u_int8_t option, int invert, int numeric)
+print_option(u_int8_t option, int invert, bool numeric)
{
if (option || invert)
printf("option=%s%u ", invert ? "!" : "", option);
}
static void
-dccp_print(const void *ip, const struct xt_entry_match *match, int numeric)
+dccp_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_dccp_info *einfo =
(const struct xt_dccp_info *)match->data;
@@ -325,7 +326,8 @@ static void dccp_save(const void *ip, const struct xt_entry_match *match)
if (einfo->flags & XT_DCCP_TYPE) {
printf("--dccp-type ");
- print_types(einfo->typemask, einfo->invflags & XT_DCCP_TYPE,0);
+ print_types(einfo->typemask, einfo->invflags & XT_DCCP_TYPE,
+ false);
}
if (einfo->flags & XT_DCCP_OPTION) {
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index 62fa6af..866c5e9 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -12,6 +12,7 @@
* http://www.iana.org/assignments/dscp-registry
*
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -115,7 +116,7 @@ static void dscp_check(unsigned int flags)
}
static void
-dscp_print(const void *ip, const struct xt_entry_match *match, int numeric)
+dscp_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_dscp_info *dinfo =
(const struct xt_dscp_info *)match->data;
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index 5769edb..fbce617 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add ESP support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -116,7 +117,7 @@ print_spis(const char *name, u_int32_t min, u_int32_t max,
}
static void
-esp_print(const void *ip, const struct xt_entry_match *match, int numeric)
+esp_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_esp *esp = (struct xt_esp *)match->data;
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 9a7e5de..3de0ff1 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -523,7 +523,7 @@ static void print_mode(unsigned int mode, char separator)
}
static void hashlimit_print(const void *ip,
- const struct xt_entry_match *match, int numeric)
+ const struct xt_entry_match *match, bool numeric)
{
struct xt_hashlimit_info *r =
(struct xt_hashlimit_info *)match->data;
@@ -572,7 +572,7 @@ hashlimit_mt_print(const struct xt_hashlimit_mtinfo1 *info, unsigned int dmask)
static void
hashlimit_mt4_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_hashlimit_mtinfo1 *info = (const void *)match->data;
@@ -581,7 +581,7 @@ hashlimit_mt4_print(const void *ip, const struct xt_entry_match *match,
static void
hashlimit_mt6_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_hashlimit_mtinfo1 *info = (const void *)match->data;
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index 8378be7..bfb5ae3 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add related packet matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -53,7 +54,7 @@ static void helper_check(unsigned int flags)
}
static void
-helper_print(const void *ip, const struct xt_entry_match *match, int numeric)
+helper_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_helper_info *info = (struct xt_helper_info *)match->data;
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index bc5b2ae..c89e022 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add IP range matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -218,7 +219,7 @@ print_iprange(const struct ipt_iprange *range)
}
static void iprange_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_iprange_info *info = (const void *)match->data;
@@ -238,7 +239,7 @@ static void iprange_print(const void *ip, const struct xt_entry_match *match,
static void
iprange_mt4_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_iprange_mtinfo *info = (const void *)match->data;
@@ -264,7 +265,7 @@ iprange_mt4_print(const void *ip, const struct xt_entry_match *match,
static void
iprange_mt6_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_iprange_mtinfo *info = (const void *)match->data;
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 7bb31a8..53d8089 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add packet length matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -91,7 +92,7 @@ static void length_check(unsigned int flags)
}
static void
-length_print(const void *ip, const struct xt_entry_match *match, int numeric)
+length_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_length_info *info = (void *)match->data;
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index f785d2d..6f86a4f 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -4,6 +4,7 @@
* Hervé Eychenne <rv@wallfire.org>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -142,7 +143,7 @@ static void print_rate(u_int32_t period)
}
static void
-limit_print(const void *ip, const struct xt_entry_match *match, int numeric)
+limit_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_rateinfo *r = (struct xt_rateinfo *)match->data;
printf("limit: avg "); print_rate(r->avg);
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index a57e341..bc1066c 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add MAC address support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -89,7 +90,7 @@ static void mac_check(unsigned int flags)
}
static void
-mac_print(const void *ip, const struct xt_entry_match *match, int numeric)
+mac_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_mac_info *info = (void *)match->data;
printf("MAC ");
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index ceca995..834edc4 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -97,7 +97,7 @@ static void mark_mt_check(unsigned int flags)
}
static void
-mark_mt_print(const void *ip, const struct xt_entry_match *match, int numeric)
+mark_mt_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_mark_mtinfo1 *info = (const void *)match->data;
@@ -108,7 +108,7 @@ mark_mt_print(const void *ip, const struct xt_entry_match *match, int numeric)
}
static void
-mark_print(const void *ip, const struct xt_entry_match *match, int numeric)
+mark_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_mark_info *info = (struct xt_mark_info *)match->data;
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index 9959a20..2d36ab0 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add multiple TCP port support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -302,7 +303,7 @@ port_to_service(int port, u_int8_t proto)
}
static void
-print_port(u_int16_t port, u_int8_t protocol, int numeric)
+print_port(u_int16_t port, u_int8_t protocol, bool numeric)
{
char *service;
@@ -314,7 +315,7 @@ print_port(u_int16_t port, u_int8_t protocol, int numeric)
/* Prints out the matchinfo. */
static void
-__multiport_print(const struct xt_entry_match *match, int numeric,
+__multiport_print(const struct xt_entry_match *match, bool numeric,
u_int16_t proto)
{
const struct xt_multiport *multiinfo
@@ -349,21 +350,21 @@ __multiport_print(const struct xt_entry_match *match, int numeric,
}
static void multiport_print(const void *ip_void,
- const struct xt_entry_match *match, int numeric)
+ const struct xt_entry_match *match, bool numeric)
{
const struct ipt_ip *ip = ip_void;
__multiport_print(match, numeric, ip->proto);
}
static void multiport_print6(const void *ip_void,
- const struct xt_entry_match *match, int numeric)
+ const struct xt_entry_match *match, bool numeric)
{
const struct ip6t_ip6 *ip = ip_void;
__multiport_print(match, numeric, ip->proto);
}
static void __multiport_print_v1(const struct xt_entry_match *match,
- int numeric, u_int16_t proto)
+ bool numeric, u_int16_t proto)
{
const struct xt_multiport_v1 *multiinfo
= (const struct xt_multiport_v1 *)match->data;
@@ -403,15 +404,17 @@ static void __multiport_print_v1(const struct xt_entry_match *match,
printf(" ");
}
-static void multiport_print_v1(const void *ip_void,
- const struct xt_entry_match *match, int numeric)
+static void
+multiport_print_v1(const void *ip_void, const struct xt_entry_match *match,
+ bool numeric)
{
const struct ipt_ip *ip = ip_void;
__multiport_print_v1(match, numeric, ip->proto);
}
-static void multiport_print6_v1(const void *ip_void,
- const struct xt_entry_match *match, int numeric)
+static void
+multiport_print6_v1(const void *ip_void, const struct xt_entry_match *match,
+ bool numeric)
{
const struct ip6t_ip6 *ip = ip_void;
__multiport_print_v1(match, numeric, ip->proto);
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index d27b3ae..5e7c581 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -464,7 +464,7 @@ owner_mt_print_item(const struct xt_owner_match_info *info, const char *label,
static void
owner_mt_print_v0(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_owner_info *info = (void *)match->data;
@@ -479,7 +479,7 @@ owner_mt_print_v0(const void *ip, const struct xt_entry_match *match,
static void
owner_mt6_print_v0(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ip6t_owner_info *info = (void *)match->data;
@@ -490,7 +490,7 @@ owner_mt6_print_v0(const void *ip, const struct xt_entry_match *match,
}
static void owner_mt_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_owner_match_info *info = (void *)match->data;
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index c87779b..9e477f1 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add bridge port matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -112,7 +113,7 @@ static void physdev_check(unsigned int flags)
}
static void
-physdev_print(const void *ip, const struct xt_entry_match *match, int numeric)
+physdev_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_physdev_info *info =
(struct xt_physdev_info*)match->data;
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index 0fa933f..e2dca1a 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -4,6 +4,7 @@
*
* Michal Ludvig <michal@logix.cz>
*/
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -128,7 +129,7 @@ static void print_pkttype(struct xt_pkttype_info *info)
}
static void pkttype_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
struct xt_pkttype_info *info = (struct xt_pkttype_info *)match->data;
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index 2657b2a..d1c5023 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -3,6 +3,7 @@
*
* Sam Johnston <samj@samj.net>
*/
+#include <stdbool.h>
#include <stddef.h>
#include <stdio.h>
#include <stdlib.h>
@@ -23,7 +24,7 @@ static void quota_help(void)
}
static void
-quota_print(const void *ip, const struct xt_entry_match *match, int numeric)
+quota_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_quota_info *q = (struct xt_quota_info *) match->data;
printf("quota: %llu bytes", (unsigned long long) q->quota);
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index 3cff07d..f9844c4 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -1,3 +1,4 @@
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -317,7 +318,7 @@ rateest_final_check(unsigned int flags)
}
static void
-rateest_print_rate(u_int32_t rate, int numeric)
+rateest_print_rate(u_int32_t rate, bool numeric)
{
double tmp = (double)rate*8;
@@ -353,7 +354,7 @@ rateest_print_mode(struct xt_rateest_match_info *info, const char *prefix)
}
static void
-rateest_print(const void *ip, const struct xt_entry_match *match, int numeric)
+rateest_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
struct xt_rateest_match_info *info = (void *)match->data;
diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c
index 47c35ff..ce281b2 100644
--- a/extensions/libxt_recent.c
+++ b/extensions/libxt_recent.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add recent matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -159,7 +160,7 @@ static void recent_check(unsigned int flags)
}
static void recent_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_recent_mtinfo *info = (const void *)match->data;
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index b889406..3098859 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -7,6 +7,7 @@
* libipt_ecn.c borrowed heavily from libipt_dscp.c
*
*/
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -39,7 +40,7 @@
#endif
static void
-print_chunk(u_int32_t chunknum, int numeric);
+print_chunk(u_int32_t chunknum, bool numeric);
static void sctp_init(struct xt_entry_match *m)
{
@@ -326,7 +327,7 @@ port_to_service(int port)
}
static void
-print_port(u_int16_t port, int numeric)
+print_port(u_int16_t port, bool numeric)
{
char *service;
@@ -338,7 +339,7 @@ print_port(u_int16_t port, int numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, int numeric)
+ int invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -381,7 +382,7 @@ print_chunk_flags(u_int32_t chunknum, u_int8_t chunk_flags, u_int8_t chunk_flags
}
static void
-print_chunk(u_int32_t chunknum, int numeric)
+print_chunk(u_int32_t chunknum, bool numeric)
{
if (numeric) {
printf("0x%04X", chunknum);
@@ -397,7 +398,7 @@ print_chunk(u_int32_t chunknum, int numeric)
}
static void
-print_chunks(const struct xt_sctp_info *einfo, int numeric)
+print_chunks(const struct xt_sctp_info *einfo, bool numeric)
{
u_int32_t chunk_match_type = einfo->chunk_match_type;
const struct xt_sctp_flag_info *flag_info = einfo->flag_info;
@@ -445,7 +446,7 @@ out:
}
static void
-sctp_print(const void *ip, const struct xt_entry_match *match, int numeric)
+sctp_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_sctp_info *einfo =
(const struct xt_sctp_info *)match->data;
@@ -504,7 +505,7 @@ static void sctp_save(const void *ip, const struct xt_entry_match *match)
printf("! ");
printf("--chunk-types ");
- print_chunks(einfo, 0);
+ print_chunks(einfo, false);
}
}
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index 0f26443..bb21952 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add state tracking support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -122,7 +123,7 @@ static void state_print_state(unsigned int statemask)
static void
state_print(const void *ip,
const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
struct xt_state_info *sinfo = (struct xt_state_info *)match->data;
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index fa044ad..29541ee 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -1,3 +1,4 @@
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -144,7 +145,8 @@ static void print_match(const struct xt_statistic_info *info, char *prefix)
}
static void
-statistic_print(const void *ip, const struct xt_entry_match *match, int numeric)
+statistic_print(const void *ip, const struct xt_entry_match *match,
+ bool numeric)
{
struct xt_statistic_info *info = (struct xt_statistic_info *)match->data;
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index ba4b720..ecdf31a 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -21,6 +21,7 @@
* ipt_string_info.
*/
#define _GNU_SOURCE 1
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -301,7 +302,7 @@ print_string(const char *str, const unsigned short int len)
}
static void
-string_print(const void *ip, const struct xt_entry_match *match, int numeric)
+string_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_string_info *info =
(const struct xt_string_info*) match->data;
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index d2ad53b..a1b115d 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add TCP support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -225,7 +226,7 @@ port_to_service(int port)
}
static void
-print_port(u_int16_t port, int numeric)
+print_port(u_int16_t port, bool numeric)
{
char *service;
@@ -237,7 +238,7 @@ print_port(u_int16_t port, int numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, int numeric)
+ int invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -257,7 +258,7 @@ print_ports(const char *name, u_int16_t min, u_int16_t max,
}
static void
-print_option(u_int8_t option, int invert, int numeric)
+print_option(u_int8_t option, int invert, bool numeric)
{
if (option || invert)
printf("option=%s%u ", invert ? "!" : "", option);
@@ -286,7 +287,7 @@ print_tcpf(u_int8_t flags)
}
static void
-print_flags(u_int8_t mask, u_int8_t cmp, int invert, int numeric)
+print_flags(u_int8_t mask, u_int8_t cmp, int invert, bool numeric)
{
if (mask || invert) {
printf("flags:%s", invert ? "!" : "");
@@ -302,7 +303,7 @@ print_flags(u_int8_t mask, u_int8_t cmp, int invert, int numeric)
}
static void
-tcp_print(const void *ip, const struct xt_entry_match *match, int numeric)
+tcp_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_tcp *tcp = (struct xt_tcp *)match->data;
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index 46529f9..1347b5f 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add tcp MSS matching support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -86,7 +87,7 @@ static void tcpmss_check(unsigned int flags)
}
static void
-tcpmss_print(const void *ip, const struct xt_entry_match *match, int numeric)
+tcpmss_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_tcpmss_match_info *info = (void *)match->data;
diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c
index eb8b671..7fbc6b5 100644
--- a/extensions/libxt_time.c
+++ b/extensions/libxt_time.c
@@ -404,7 +404,7 @@ static inline void divide_time(unsigned int fulltime, unsigned int *hours,
}
static void time_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
struct xt_time_info *info = (void *)match->data;
unsigned int h, m, s;
diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c
index b810ea6..abac46e 100644
--- a/extensions/libxt_tos.c
+++ b/extensions/libxt_tos.c
@@ -95,7 +95,7 @@ static void tos_mt_check(unsigned int flags)
}
static void tos_mt_print_v0(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct ipt_tos_info *info = (const void *)match->data;
@@ -107,7 +107,7 @@ static void tos_mt_print_v0(const void *ip, const struct xt_entry_match *match,
}
static void tos_mt_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_tos_match_info *info = (const void *)match->data;
diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c
index c2aeb27..f0e0979 100644
--- a/extensions/libxt_u32.c
+++ b/extensions/libxt_u32.c
@@ -15,6 +15,7 @@
#include <errno.h>
#include <getopt.h>
#include <netdb.h>
+#include <stdbool.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
@@ -247,7 +248,7 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void u32_print(const void *ip, const struct xt_entry_match *match,
- int numeric)
+ bool numeric)
{
const struct xt_u32 *data = (const void *)match->data;
printf("u32 ");
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 4b4e84f..66372a4 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add UDP support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -109,7 +110,7 @@ port_to_service(int port)
}
static void
-print_port(u_int16_t port, int numeric)
+print_port(u_int16_t port, bool numeric)
{
char *service;
@@ -121,7 +122,7 @@ print_port(u_int16_t port, int numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, int numeric)
+ int invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -141,7 +142,7 @@ print_ports(const char *name, u_int16_t min, u_int16_t max,
}
static void
-udp_print(const void *ip, const struct xt_entry_match *match, int numeric)
+udp_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
const struct xt_udp *udp = (struct xt_udp *)match->data;
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 4f8fedb..ed599bc 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -77,7 +77,7 @@ struct xtables_match
/* Prints out the match iff non-NULL: put space at end */
/* ip is struct ipt_ip * for example */
void (*print)(const void *ip,
- const struct xt_entry_match *match, int numeric);
+ const struct xt_entry_match *match, bool numeric);
/* Saves the match info in parsable form to stdout. */
/* ip is struct ipt_ip * for example */
@@ -138,7 +138,7 @@ struct xtables_target
/* Prints out the target iff non-NULL: put space at end */
void (*print)(const void *ip,
- const struct xt_entry_target *target, int numeric);
+ const struct xt_entry_target *target, bool numeric);
/* Saves the targinfo in parsable form to stdout. */
void (*save)(const void *ip,
diff --git a/ip6tables.c b/ip6tables.c
index 31c4b45..cf1508b 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -579,7 +579,7 @@ print_header(unsigned int format, const char *chain, struct ip6tc_handle *handle
static int
print_match(const struct ip6t_entry_match *m,
const struct ip6t_ip6 *ip,
- int numeric)
+ bool numeric)
{
struct xtables_match *match =
xtables_find_match(m->u.user.name, XTF_TRY_LOAD, NULL);
@@ -953,8 +953,9 @@ delete_chain(const ip6t_chainlabel chain, int verbose,
}
static int
-list_entries(const ip6t_chainlabel chain, int rulenum, int verbose, int numeric,
- int expanded, int linenumbers, struct ip6tc_handle *handle)
+list_entries(const ip6t_chainlabel chain, int rulenum, int verbose,
+ bool numeric, int expanded, int linenumbers,
+ struct ip6tc_handle *handle)
{
int found = 0;
unsigned int format;
diff --git a/iptables.c b/iptables.c
index 7c075da..e1f936a 100644
--- a/iptables.c
+++ b/iptables.c
@@ -583,7 +583,7 @@ print_header(unsigned int format, const char *chain, struct iptc_handle *handle)
static int
print_match(const struct ipt_entry_match *m,
const struct ipt_ip *ip,
- int numeric)
+ bool numeric)
{
struct xtables_match *match =
xtables_find_match(m->u.user.name, XTF_TRY_LOAD, NULL);
@@ -955,8 +955,9 @@ delete_chain(const ipt_chainlabel chain, int verbose,
}
static int
-list_entries(const ipt_chainlabel chain, int rulenum, int verbose, int numeric,
- int expanded, int linenumbers, struct iptc_handle *handle)
+list_entries(const ipt_chainlabel chain, int rulenum, int verbose,
+ bool numeric, int expanded, int linenumbers,
+ struct iptc_handle *handle)
{
int found = 0;
unsigned int format;
--
1.6.2.2
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 5/9] libxt_helper: fix invalid passed option to check_inverse
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (3 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 4/9] extensions: switch numeric to bool Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 6/9] extensions: switch invert to bool Jan Engelhardt
` (4 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
(Next commit found this.)
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libxt_helper.c | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index bfb5ae3..2dda021 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -32,7 +32,7 @@ helper_parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags)
xtables_error(PARAMETER_PROBLEM,
"helper match: Only use --helper ONCE!");
- xtables_check_inverse(optarg, &invert, &invert, 0);
+ xtables_check_inverse(optarg, &invert, &optind, 0);
strncpy(info->name, optarg, 29);
info->name[29] = '\0';
if (invert)
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 6/9] extensions: switch invert to bool
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (4 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 5/9] libxt_helper: fix invalid passed option to check_inverse Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 7/9] extensions: switch parse() return type " Jan Engelhardt
` (3 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_HL.c | 2 +-
extensions/libip6t_LOG.c | 2 +-
extensions/libip6t_REJECT.c | 2 +-
extensions/libip6t_ah.c | 7 +++----
extensions/libip6t_dst.c | 2 +-
extensions/libip6t_eui64.c | 3 ++-
extensions/libip6t_frag.c | 5 ++---
extensions/libip6t_hbh.c | 2 +-
extensions/libip6t_hl.c | 2 +-
extensions/libip6t_icmp6.c | 4 ++--
| 2 +-
extensions/libip6t_mh.c | 4 ++--
extensions/libip6t_policy.c | 2 +-
extensions/libip6t_rt.c | 5 ++---
extensions/libipt_CLUSTERIP.c | 5 +++--
extensions/libipt_DNAT.c | 2 +-
extensions/libipt_ECN.c | 2 +-
extensions/libipt_LOG.c | 2 +-
extensions/libipt_MASQUERADE.c | 5 +++--
extensions/libipt_MIRROR.c | 3 ++-
extensions/libipt_NETMAP.c | 2 +-
extensions/libipt_REDIRECT.c | 2 +-
extensions/libipt_REJECT.c | 2 +-
extensions/libipt_SAME.c | 2 +-
extensions/libipt_SET.c | 4 ++--
extensions/libipt_SNAT.c | 2 +-
extensions/libipt_TTL.c | 2 +-
extensions/libipt_ULOG.c | 2 +-
extensions/libipt_addrtype.c | 4 ++--
extensions/libipt_ah.c | 5 ++---
extensions/libipt_ecn.c | 2 +-
extensions/libipt_icmp.c | 4 ++--
extensions/libipt_policy.c | 2 +-
extensions/libipt_realm.c | 4 ++--
extensions/libipt_set.c | 2 +-
extensions/libipt_ttl.c | 2 +-
extensions/libipt_unclean.c | 3 ++-
extensions/libxt_CLASSIFY.c | 2 +-
extensions/libxt_CONNMARK.c | 4 ++--
extensions/libxt_CONNSECMARK.c | 2 +-
extensions/libxt_DSCP.c | 2 +-
extensions/libxt_MARK.c | 6 +++---
extensions/libxt_NFLOG.c | 2 +-
extensions/libxt_NFQUEUE.c | 2 +-
extensions/libxt_NOTRACK.c | 3 ++-
extensions/libxt_RATEEST.c | 2 +-
extensions/libxt_SECMARK.c | 2 +-
extensions/libxt_TCPMSS.c | 6 +++---
extensions/libxt_TCPOPTSTRIP.c | 2 +-
extensions/libxt_TOS.c | 7 ++++---
extensions/libxt_TPROXY.c | 5 +++--
extensions/libxt_TRACE.c | 3 ++-
| 2 +-
extensions/libxt_connbytes.c | 2 +-
extensions/libxt_connlimit.c | 9 +++++----
extensions/libxt_connmark.c | 6 +++---
extensions/libxt_conntrack.c | 13 +++++++------
extensions/libxt_dccp.c | 8 ++++----
extensions/libxt_dscp.c | 6 +++---
extensions/libxt_esp.c | 5 ++---
extensions/libxt_hashlimit.c | 8 ++++----
extensions/libxt_helper.c | 4 ++--
extensions/libxt_iprange.c | 6 +++---
extensions/libxt_length.c | 4 ++--
extensions/libxt_limit.c | 2 +-
extensions/libxt_mac.c | 4 ++--
extensions/libxt_mark.c | 6 +++---
extensions/libxt_multiport.c | 14 +++++++-------
extensions/libxt_owner.c | 6 +++---
extensions/libxt_physdev.c | 2 +-
extensions/libxt_pkttype.c | 2 +-
extensions/libxt_quota.c | 2 +-
extensions/libxt_rateest.c | 2 +-
extensions/libxt_recent.c | 14 +++++++++-----
extensions/libxt_sctp.c | 4 ++--
extensions/libxt_socket.c | 6 ++++--
extensions/libxt_standard.c | 3 ++-
extensions/libxt_state.c | 2 +-
extensions/libxt_statistic.c | 2 +-
extensions/libxt_string.c | 10 +++++-----
extensions/libxt_tcp.c | 10 +++++-----
extensions/libxt_tcpmss.c | 4 ++--
extensions/libxt_time.c | 2 +-
extensions/libxt_tos.c | 7 ++++---
extensions/libxt_u32.c | 2 +-
extensions/libxt_udp.c | 4 ++--
include/xtables.h.in | 6 +++---
ip6tables.c | 13 +++++++------
iptables.c | 12 ++++++------
xtables.c | 2 +-
90 files changed, 195 insertions(+), 180 deletions(-)
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 1cf5358..47f8e4e 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -25,7 +25,7 @@ static void HL_help(void)
" --hl-inc value Increment HL by <value 1-255>\n");
}
-static int HL_parse(int c, char **argv, int invert, unsigned int *flags,
+static int HL_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ip6t_HL_info *info = (struct ip6t_HL_info *) (*target)->data;
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index a616694..a163487 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -101,7 +101,7 @@ parse_level(const char *level)
#define IP6T_LOG_OPT_IPOPT 0x10
#define IP6T_LOG_OPT_UID 0x20
-static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
+static int LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ip6t_log_info *loginfo = (struct ip6t_log_info *)(*target)->data;
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 846e61e..c3077d4 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -75,7 +75,7 @@ static void REJECT_init(struct xt_entry_target *t)
}
-static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
+static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ip6t_reject_info *reject =
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index cc3e5cb..c7d0763 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -77,7 +77,7 @@ static void ah_init(struct xt_entry_match *m)
ahinfo->hdrres = 0;
}
-static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
+static int ah_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_ah *ahinfo = (struct ip6t_ah *)(*match)->data;
@@ -118,8 +118,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void
-print_spis(const char *name, u_int32_t min, u_int32_t max,
- int invert)
+print_spis(const char *name, u_int32_t min, u_int32_t max, bool invert)
{
const char *inv = invert ? "!" : "";
@@ -132,7 +131,7 @@ print_spis(const char *name, u_int32_t min, u_int32_t max,
}
static void
-print_len(const char *name, u_int32_t len, int invert)
+print_len(const char *name, u_int32_t len, bool invert)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
index b907225..6c54507 100644
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -116,7 +116,7 @@ static void dst_init(struct xt_entry_match *m)
optinfo->optsnr = 0;
}
-static int dst_parse(int c, char **argv, int invert, unsigned int *flags,
+static int dst_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_opts *optinfo = (struct ip6t_opts *)(*match)->data;
diff --git a/extensions/libip6t_eui64.c b/extensions/libip6t_eui64.c
index c92c868..715a176 100644
--- a/extensions/libip6t_eui64.c
+++ b/extensions/libip6t_eui64.c
@@ -1,4 +1,5 @@
/* Shared library add-on to ip6tables to add EUI64 address checking support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -19,7 +20,7 @@ static void eui64_help(void)
" This module checks for EUI64 IPv6 addresses\n");
}
-static int eui64_parse(int c, char **argv, int invert, unsigned int *flags,
+static int eui64_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
return 0;
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c
index 946b8e2..d3be868 100644
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -85,7 +85,7 @@ static void frag_init(struct xt_entry_match *m)
fraginfo->invflags = 0;
}
-static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
+static int frag_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_frag *fraginfo = (struct ip6t_frag *)(*match)->data;
@@ -149,8 +149,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void
-print_ids(const char *name, u_int32_t min, u_int32_t max,
- int invert)
+print_ids(const char *name, u_int32_t min, u_int32_t max, bool invert)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index 18f60b2..29e4a23 100644
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -111,7 +111,7 @@ static void hbh_init(struct xt_entry_match *m)
optinfo->optsnr = 0;
}
-static int hbh_parse(int c, char **argv, int invert, unsigned int *flags,
+static int hbh_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_opts *optinfo = (struct ip6t_opts *)(*match)->data;
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index 117bfb8..76d7760 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -24,7 +24,7 @@ static void hl_help(void)
" --hl-gt value Match HL > value\n");
}
-static int hl_parse(int c, char **argv, int invert, unsigned int *flags,
+static int hl_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_hl_info *info = (struct ip6t_hl_info *) (*match)->data;
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index 7ef63e2..68fe2fa 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -149,7 +149,7 @@ static void icmp6_init(struct xt_entry_match *m)
icmpv6info->code[1] = 0xFF;
}
-static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags,
+static int icmp6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_icmp *icmpv6info = (struct ip6t_icmp *)(*match)->data;
@@ -176,7 +176,7 @@ static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags,
static void print_icmpv6type(u_int8_t type,
u_int8_t code_min, u_int8_t code_max,
- int invert,
+ bool invert,
bool numeric)
{
if (!numeric) {
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index 8be284d..fd03d65 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -180,7 +180,7 @@ parse_header(const char *flags) {
#define IPV6_HDR_SOFT 0x02
static int
-ipv6header_parse(int c, char **argv, int invert, unsigned int *flags,
+ipv6header_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_ipv6header_info *info = (struct ip6t_ipv6header_info *)(*match)->data;
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index d63110a..69e3150 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -124,7 +124,7 @@ static void parse_mh_types(const char *mhtype, u_int8_t *types)
#define MH_TYPES 0x01
-static int mh_parse(int c, char **argv, int invert, unsigned int *flags,
+static int mh_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_mh *mhinfo = (struct ip6t_mh *)(*match)->data;
@@ -169,7 +169,7 @@ static void print_type(u_int8_t type, bool numeric)
printf("%s", name);
}
-static void print_types(u_int8_t min, u_int8_t max, int invert, bool numeric)
+static void print_types(u_int8_t min, u_int8_t max, bool invert, bool numeric)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 3efffe0..9a85f98 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -151,7 +151,7 @@ static int parse_mode(char *s)
xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s);
}
-static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
+static int policy_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_policy_info *info = (void *)(*match)->data;
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index a242ea2..e560661 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -149,7 +149,7 @@ static void rt_init(struct xt_entry_match *m)
rtinfo->addrnr = 0;
}
-static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
+static int rt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_rt *rtinfo = (struct ip6t_rt *)(*match)->data;
@@ -231,8 +231,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void
-print_nums(const char *name, u_int32_t min, u_int32_t max,
- int invert)
+print_nums(const char *name, u_int32_t min, u_int32_t max, bool invert)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c
index 874e0bb..f6bc373 100644
--- a/extensions/libipt_CLUSTERIP.c
+++ b/extensions/libipt_CLUSTERIP.c
@@ -75,8 +75,9 @@ parse_mac(const char *mac, char *macbuf)
}
}
-static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_target **target)
+static int
+CLUSTERIP_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **target)
{
struct ipt_clusterip_tgt_info *cipinfo
= (struct ipt_clusterip_tgt_info *)(*target)->data;
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index aad4f61..026c0ef 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -137,7 +137,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
return &(append_range(info, &range)->t);
}
-static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags,
+static int DNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c
index 52ccd0f..38b70dd 100644
--- a/extensions/libipt_ECN.c
+++ b/extensions/libipt_ECN.c
@@ -40,7 +40,7 @@ static const struct option ECN_opts[] = {
{ .name = NULL }
};
-static int ECN_parse(int c, char **argv, int invert, unsigned int *flags,
+static int ECN_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
unsigned int result;
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 07c7e5e..047201f 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -101,7 +101,7 @@ parse_level(const char *level)
#define IPT_LOG_OPT_IPOPT 0x10
#define IPT_LOG_OPT_UID 0x20
-static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
+static int LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_log_info *loginfo = (struct ipt_log_info *)(*target)->data;
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index d7e2c8c..f0d4c40 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -69,8 +69,9 @@ parse_ports(const char *arg, struct nf_nat_multi_range *mr)
}
}
-static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
- const void *e, struct xt_entry_target **target)
+static int
+MASQUERADE_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
int portok;
diff --git a/extensions/libipt_MIRROR.c b/extensions/libipt_MIRROR.c
index 81964dd..8c62721 100644
--- a/extensions/libipt_MIRROR.c
+++ b/extensions/libipt_MIRROR.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add MIRROR target support. */
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -11,7 +12,7 @@ static void MIRROR_help(void)
printf("MIRROR target takes no options\n");
}
-static int MIRROR_parse(int c, char **argv, int invert, unsigned int *flags,
+static int MIRROR_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 0;
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index 5974bf5..e65d434 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -110,7 +110,7 @@ parse_to(char *arg, struct nf_nat_range *range)
range->max_ip = range->min_ip | ~netmask;
}
-static int NETMAP_parse(int c, char **argv, int invert, unsigned int *flags,
+static int NETMAP_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct nf_nat_multi_range *mr
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index a857de3..09053df 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -76,7 +76,7 @@ parse_ports(const char *arg, struct nf_nat_multi_range *mr)
}
}
-static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
+static int REDIRECT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index e8737e5..75bc5fc 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -90,7 +90,7 @@ static void REJECT_init(struct xt_entry_target *t)
}
-static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
+static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_reject_info *reject = (struct ipt_reject_info *)(*target)->data;
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index 3c361b8..266bce0 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -79,7 +79,7 @@ parse_to(char *arg, struct nf_nat_range *range)
#define IPT_SAME_OPT_NODST 0x02
#define IPT_SAME_OPT_RANDOM 0x04
-static int SAME_parse(int c, char **argv, int invert, unsigned int *flags,
+static int SAME_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_same_info *mr
diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c
index 7cd7882..0ce09c9 100644
--- a/extensions/libipt_SET.c
+++ b/extensions/libipt_SET.c
@@ -50,7 +50,7 @@ static void SET_init(struct xt_entry_target *target)
}
static void
-parse_target(char **argv, int invert, unsigned int *flags,
+parse_target(char **argv, bool invert, unsigned int *flags,
struct ipt_set_info *info, const char *what)
{
if (info->flags[0])
@@ -78,7 +78,7 @@ parse_target(char **argv, int invert, unsigned int *flags,
*flags = 1;
}
-static int SET_parse(int c, char **argv, int invert, unsigned int *flags,
+static int SET_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_set_info_target *myinfo =
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 1d5caa4..1367494 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -137,7 +137,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
return &(append_range(info, &range)->t);
}
-static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags,
+static int SNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index f0bfeab..c25cb44 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -25,7 +25,7 @@ static void TTL_help(void)
" --ttl-inc value Increment TTL by <value 1-255>\n");
}
-static int TTL_parse(int c, char **argv, int invert, unsigned int *flags,
+static int TTL_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_TTL_info *info = (struct ipt_TTL_info *) (*target)->data;
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c
index 333ac88..78f5d0a 100644
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -64,7 +64,7 @@ static void ULOG_init(struct xt_entry_target *t)
#define IPT_LOG_OPT_CPRANGE 0x04
#define IPT_LOG_OPT_QTHRESHOLD 0x08
-static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
+static int ULOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_ulog_info *loginfo =
diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c
index dca3a0e..1d72119 100644
--- a/extensions/libipt_addrtype.c
+++ b/extensions/libipt_addrtype.c
@@ -96,7 +96,7 @@ static void parse_types(const char *arg, u_int16_t *mask)
#define IPT_ADDRTYPE_OPT_LIMIT_IFACE_OUT 0x8
static int
-addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags,
+addrtype_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_addrtype_info *info =
@@ -131,7 +131,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags,
}
static int
-addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags,
+addrtype_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_addrtype_info_v1 *info =
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index 62a5b80..089220e 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -73,7 +73,7 @@ static void ah_init(struct xt_entry_match *m)
#define AH_SPI 0x01
-static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
+static int ah_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_ah *ahinfo = (struct ipt_ah *)(*match)->data;
@@ -97,8 +97,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void
-print_spis(const char *name, u_int32_t min, u_int32_t max,
- int invert)
+print_spis(const char *name, u_int32_t min, u_int32_t max, bool invert)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c
index ddbaeab..6fbf601 100644
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -32,7 +32,7 @@ static const struct option ecn_opts[] = {
{ .name = NULL }
};
-static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
+static int ecn_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
unsigned int result;
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index 6524fc9..a5b6517 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -174,7 +174,7 @@ static void icmp_init(struct xt_entry_match *m)
icmpinfo->code[1] = 0xFF;
}
-static int icmp_parse(int c, char **argv, int invert, unsigned int *flags,
+static int icmp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_icmp *icmpinfo = (struct ipt_icmp *)(*match)->data;
@@ -201,7 +201,7 @@ static int icmp_parse(int c, char **argv, int invert, unsigned int *flags,
static void print_icmptype(u_int8_t type,
u_int8_t code_min, u_int8_t code_max,
- int invert,
+ bool invert,
bool numeric)
{
if (!numeric) {
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index ae416ba..fcd2564 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -119,7 +119,7 @@ static int parse_mode(char *s)
xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s);
}
-static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
+static int policy_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_policy_info *info = (void *)(*match)->data;
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index 279476e..05626dc 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -149,7 +149,7 @@ static const char *realm_id2name(int id)
return NULL;
}
-static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
+static int realm_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_realm_info *realminfo = (struct ipt_realm_info *)(*match)->data;
@@ -178,7 +178,7 @@ static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
realminfo->mask = 0xffffffff;
}
if (invert)
- realminfo->invert = 1;
+ realminfo->invert = true;
*flags = 1;
break;
diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c
index 8a3da13..c3ffc70 100644
--- a/extensions/libipt_set.c
+++ b/extensions/libipt_set.c
@@ -46,7 +46,7 @@ static void set_init(struct xt_entry_match *match)
}
-static int set_parse(int c, char **argv, int invert, unsigned int *flags,
+static int set_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_set_info_match *myinfo =
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 860acf2..21cbf0d 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -23,7 +23,7 @@ static void ttl_help(void)
" --ttl-gt value Match TTL > value\n");
}
-static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
+static int ttl_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
diff --git a/extensions/libipt_unclean.c b/extensions/libipt_unclean.c
index 93d9013..96c58bb 100644
--- a/extensions/libipt_unclean.c
+++ b/extensions/libipt_unclean.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables for unclean. */
+#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <getopt.h>
@@ -9,7 +10,7 @@ static void unclean_help(void)
printf("unclean match takes no options\n");
}
-static int unclean_parse(int c, char **argv, int invert, unsigned int *flags,
+static int unclean_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
return 0;
diff --git a/extensions/libxt_CLASSIFY.c b/extensions/libxt_CLASSIFY.c
index 8708c23..c5d37f9 100644
--- a/extensions/libxt_CLASSIFY.c
+++ b/extensions/libxt_CLASSIFY.c
@@ -36,7 +36,7 @@ static int CLASSIFY_string_to_priority(const char *s, unsigned int *p)
}
static int
-CLASSIFY_parse(int c, char **argv, int invert, unsigned int *flags,
+CLASSIFY_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_target **target)
{
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index b39244d..2905fea 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -96,7 +96,7 @@ static void connmark_tg_init(struct xt_entry_target *target)
}
static int
-CONNMARK_parse(int c, char **argv, int invert, unsigned int *flags,
+CONNMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_connmark_target_info *markinfo
@@ -148,7 +148,7 @@ CONNMARK_parse(int c, char **argv, int invert, unsigned int *flags,
return 1;
}
-static int connmark_tg_parse(int c, char **argv, int invert,
+static int connmark_tg_parse(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_target **target)
{
diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c
index c01b587..c32d03c 100644
--- a/extensions/libxt_CONNSECMARK.c
+++ b/extensions/libxt_CONNSECMARK.c
@@ -30,7 +30,7 @@ static const struct option CONNSECMARK_opts[] = {
};
static int
-CONNSECMARK_parse(int c, char **argv, int invert, unsigned int *flags,
+CONNSECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_connsecmark_target_info *info =
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index 22fd476..7af4166 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -71,7 +71,7 @@ parse_class(const char *s, struct xt_DSCP_info *dinfo)
}
-static int DSCP_parse(int c, char **argv, int invert, unsigned int *flags,
+static int DSCP_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_DSCP_info *dinfo
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index d8d83ed..64292ed 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -53,7 +53,7 @@ static void mark_tg_help(void)
/* Function which parses command options; returns true if it
ate an option */
static int
-MARK_parse_v0(int c, char **argv, int invert, unsigned int *flags,
+MARK_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_mark_target_info *markinfo
@@ -92,7 +92,7 @@ static void MARK_check(unsigned int flags)
}
static int
-MARK_parse_v1(int c, char **argv, int invert, unsigned int *flags,
+MARK_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_mark_target_info_v1 *markinfo
@@ -124,7 +124,7 @@ MARK_parse_v1(int c, char **argv, int invert, unsigned int *flags,
return 1;
}
-static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags,
+static int mark_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_mark_tginfo2 *info = (void *)(*target)->data;
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index a214631..023cfda 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -40,7 +40,7 @@ static void NFLOG_init(struct xt_entry_target *t)
info->threshold = XT_NFLOG_DEFAULT_THRESHOLD;
}
-static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
+static int NFLOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_nflog_info *info = (struct xt_nflog_info *)(*target)->data;
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index c4cd335..9dcdd42 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -42,7 +42,7 @@ parse_num(const char *s, struct xt_NFQ_info *tinfo)
}
static int
-NFQUEUE_parse(int c, char **argv, int invert, unsigned int *flags,
+NFQUEUE_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_NFQ_info *tinfo
diff --git a/extensions/libxt_NOTRACK.c b/extensions/libxt_NOTRACK.c
index ef26654..0621d15 100644
--- a/extensions/libxt_NOTRACK.c
+++ b/extensions/libxt_NOTRACK.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add NOTRACK target support. */
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -13,7 +14,7 @@ static void NOTRACK_help(void)
}
static int
-NOTRACK_parse(int c, char **argv, int invert, unsigned int *flags,
+NOTRACK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 0;
diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c
index da0963a..d5d391d 100644
--- a/extensions/libxt_RATEEST.c
+++ b/extensions/libxt_RATEEST.c
@@ -90,7 +90,7 @@ RATEEST_init(struct xt_entry_target *target)
}
static int
-RATEEST_parse(int c, char **argv, int invert, unsigned int *flags,
+RATEEST_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_rateest_target_info *info = (void *)(*target)->data;
diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c
index 977321a..82752e8 100644
--- a/extensions/libxt_SECMARK.c
+++ b/extensions/libxt_SECMARK.c
@@ -27,7 +27,7 @@ static const struct option SECMARK_opts[] = {
{ .name = NULL }
};
-static int SECMARK_parse(int c, char **argv, int invert, unsigned int *flags,
+static int SECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_secmark_target_info *info =
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index cff1dc1..54ae373 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -42,7 +42,7 @@ static const struct option TCPMSS_opts[] = {
{ .name = NULL }
};
-static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags,
+static int __TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target,
int hdrsize)
{
@@ -79,13 +79,13 @@ static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags,
return 1;
}
-static int TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags,
+static int TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return __TCPMSS_parse(c, argv, invert, flags, entry, target, 40);
}
-static int TCPMSS_parse6(int c, char **argv, int invert, unsigned int *flags,
+static int TCPMSS_parse6(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return __TCPMSS_parse(c, argv, invert, flags, entry, target, 60);
diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c
index aa36a55..1c361e1 100644
--- a/extensions/libxt_TCPOPTSTRIP.c
+++ b/extensions/libxt_TCPOPTSTRIP.c
@@ -102,7 +102,7 @@ static void parse_list(struct xt_tcpoptstrip_target_info *info, char *arg)
}
}
-static int tcpoptstrip_tg_parse(int c, char **argv, int invert,
+static int tcpoptstrip_tg_parse(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_target **target)
{
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index b809f92..a12e3fc 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -75,8 +75,9 @@ XTABLES_VERSION);
);
}
-static int tos_tg_parse_v0(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_target **target)
+static int
+tos_tg_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **target)
{
struct ipt_tos_target_info *info = (void *)(*target)->data;
struct tos_value_mask tvm;
@@ -99,7 +100,7 @@ static int tos_tg_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return false;
}
-static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags,
+static int tos_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_tos_target_info *info = (void *)(*target)->data;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index 392833e..bf5b145 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -73,8 +73,9 @@ static void parse_tproxy_mark(char *s, struct xt_tproxy_target_info *info)
info->mark_value = value;
}
-static int tproxy_tg_parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_target **target)
+static int
+tproxy_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **target)
{
struct xt_tproxy_target_info *tproxyinfo = (void *)(*target)->data;
diff --git a/extensions/libxt_TRACE.c b/extensions/libxt_TRACE.c
index b8eb969..1361356 100644
--- a/extensions/libxt_TRACE.c
+++ b/extensions/libxt_TRACE.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables to add TRACE target support. */
+#include <stdbool.h>
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
@@ -12,7 +13,7 @@ static void TRACE_help(void)
printf("TRACE target takes no options\n");
}
-static int TRACE_parse(int c, char **argv, int invert, unsigned int *flags,
+static int TRACE_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 0;
--git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
index c9ad07b..ff38f64 100644
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -40,7 +40,7 @@ parse_comment(const char *s, struct xt_comment_info *info)
}
static int
-comment_parse(int c, char **argv, int invert, unsigned int *flags,
+comment_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_comment_info *commentinfo = (struct xt_comment_info *)(*match)->data;
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c
index b34ef88..4fdf21c 100644
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -45,7 +45,7 @@ parse_range(const char *arg, struct xt_connbytes_info *si)
}
static int
-connbytes_parse(int c, char **argv, int invert, unsigned int *flags,
+connbytes_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_connbytes_info *sinfo = (struct xt_connbytes_info *)(*match)->data;
diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c
index abb0d5d..15bd317 100644
--- a/extensions/libxt_connlimit.c
+++ b/extensions/libxt_connlimit.c
@@ -52,8 +52,9 @@ static void prefix_to_netmask(u_int32_t *mask, unsigned int prefix_len)
mask[3] = htonl(mask[3]);
}
-static int connlimit_parse(int c, char **argv, int invert, unsigned int *flags,
- struct xt_connlimit_info *info, unsigned int family)
+static int
+connlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
+ struct xt_connlimit_info *info, unsigned int family)
{
char *err;
int i;
@@ -99,7 +100,7 @@ static int connlimit_parse(int c, char **argv, int invert, unsigned int *flags,
return 1;
}
-static int connlimit_parse4(int c, char **argv, int invert,
+static int connlimit_parse4(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_match **match)
{
@@ -107,7 +108,7 @@ static int connlimit_parse4(int c, char **argv, int invert,
(void *)(*match)->data, NFPROTO_IPV4);
}
-static int connlimit_parse6(int c, char **argv, int invert,
+static int connlimit_parse6(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_match **match)
{
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 9fe64a8..17fe03b 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -46,7 +46,7 @@ static const struct option connmark_mt_opts[] = {
};
static int
-connmark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
+connmark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_connmark_mtinfo1 *info = (void *)(*match)->data;
@@ -75,7 +75,7 @@ connmark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-connmark_parse(int c, char **argv, int invert, unsigned int *flags,
+connmark_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_connmark_info *markinfo = (struct xt_connmark_info *)(*match)->data;
@@ -94,7 +94,7 @@ connmark_parse(int c, char **argv, int invert, unsigned int *flags,
if (*end != '\0' || end == optarg)
xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg);
if (invert)
- markinfo->invert = 1;
+ markinfo->invert = true;
*flags = 1;
break;
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 56451fa..2ed6e9a 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -286,8 +286,9 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo1 *info, const char *s)
info->expires_max = max;
}
-static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_match **match)
+static int
+conntrack_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_match **match)
{
struct xt_conntrack_info *sinfo = (void *)(*match)->data;
char *protocol = NULL;
@@ -437,7 +438,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
+conntrack_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
struct xt_entry_match **match)
{
struct xt_conntrack_mtinfo1 *info = (void *)(*match)->data;
@@ -543,7 +544,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
+conntrack_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_conntrack_mtinfo1 *info = (void *)(*match)->data;
@@ -613,7 +614,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
+conntrack_mt6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_conntrack_mtinfo1 *info = (void *)(*match)->data;
@@ -779,7 +780,7 @@ conntrack_dump_addr(const union nf_inet_addr *addr,
}
static void
-print_addr(struct in_addr *addr, struct in_addr *mask, int inv, bool numeric)
+print_addr(struct in_addr *addr, struct in_addr *mask, bool inv, bool numeric)
{
char buf[BUFSIZ];
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index b45405c..12180d4 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -130,7 +130,7 @@ static u_int8_t parse_dccp_option(char *optstring)
}
static int
-dccp_parse(int c, char **argv, int invert, unsigned int *flags,
+dccp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_dccp_info *einfo
@@ -214,7 +214,7 @@ print_port(u_int16_t port, bool numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, bool numeric)
+ bool invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -234,7 +234,7 @@ print_ports(const char *name, u_int16_t min, u_int16_t max,
}
static void
-print_types(u_int16_t types, int inverted, bool numeric)
+print_types(u_int16_t types, bool inverted, bool numeric)
{
int have_type = 0;
@@ -261,7 +261,7 @@ print_types(u_int16_t types, int inverted, bool numeric)
}
static void
-print_option(u_int8_t option, int invert, bool numeric)
+print_option(u_int8_t option, bool invert, bool numeric)
{
if (option || invert)
printf("option=%s%u ", invert ? "!" : "", option);
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index 866c5e9..64ceedb 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -72,7 +72,7 @@ parse_class(const char *s, struct xt_dscp_info *dinfo)
static int
-dscp_parse(int c, char **argv, int invert, unsigned int *flags,
+dscp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_dscp_info *dinfo
@@ -86,7 +86,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags,
xtables_check_inverse(optarg, &invert, &optind, 0);
parse_dscp(argv[optind-1], dinfo);
if (invert)
- dinfo->invert = 1;
+ dinfo->invert = true;
*flags = 1;
break;
@@ -97,7 +97,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags,
xtables_check_inverse(optarg, &invert, &optind, 0);
parse_class(argv[optind - 1], dinfo);
if (invert)
- dinfo->invert = 1;
+ dinfo->invert = true;
*flags = 1;
break;
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index fbce617..1cb906f 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -79,7 +79,7 @@ static void esp_init(struct xt_entry_match *m)
#define ESP_SPI 0x01
static int
-esp_parse(int c, char **argv, int invert, unsigned int *flags,
+esp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_esp *espinfo = (struct xt_esp *)(*match)->data;
@@ -103,8 +103,7 @@ esp_parse(int c, char **argv, int invert, unsigned int *flags,
}
static void
-print_spis(const char *name, u_int32_t min, u_int32_t max,
- int invert)
+print_spis(const char *name, u_int32_t min, u_int32_t max, bool invert)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 3de0ff1..4d7f74b 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -208,7 +208,7 @@ enum {
};
static int
-hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
+hashlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_hashlimit_info *r =
@@ -311,7 +311,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
static int
hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
- int c, int invert, unsigned int maxmask)
+ int c, bool invert, unsigned int maxmask)
{
unsigned int num;
@@ -434,7 +434,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
}
static int
-hashlimit_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
+hashlimit_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
return hashlimit_mt_parse((void *)(*match)->data,
@@ -442,7 +442,7 @@ hashlimit_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-hashlimit_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
+hashlimit_mt6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
return hashlimit_mt_parse((void *)(*match)->data,
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index 2dda021..f29dd85 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -22,7 +22,7 @@ static const struct option helper_opts[] = {
};
static int
-helper_parse(int c, char **argv, int invert, unsigned int *flags,
+helper_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_helper_info *info = (struct xt_helper_info *)(*match)->data;
@@ -36,7 +36,7 @@ helper_parse(int c, char **argv, int invert, unsigned int *flags,
strncpy(info->name, optarg, 29);
info->name[29] = '\0';
if (invert)
- info->invert = 1;
+ info->invert = true;
*flags = 1;
break;
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index c89e022..33c0cb1 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -58,7 +58,7 @@ parse_iprange(char *arg, struct ipt_iprange *range)
}
}
-static int iprange_parse(int c, char **argv, int invert, unsigned int *flags,
+static int iprange_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_iprange_info *info = (struct ipt_iprange_info *)(*match)->data;
@@ -100,7 +100,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-iprange_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
+iprange_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_iprange_mtinfo *info = (void *)(*match)->data;
@@ -150,7 +150,7 @@ iprange_mt4_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-iprange_mt6_parse(int c, char **argv, int invert, unsigned int *flags,
+iprange_mt6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_iprange_mtinfo *info = (void *)(*match)->data;
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 53d8089..7ee0e65 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -60,7 +60,7 @@ parse_lengths(const char *s, struct xt_length_info *info)
}
static int
-length_parse(int c, char **argv, int invert, unsigned int *flags,
+length_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_length_info *info = (struct xt_length_info *)(*match)->data;
@@ -74,7 +74,7 @@ length_parse(int c, char **argv, int invert, unsigned int *flags,
xtables_check_inverse(optarg, &invert, &optind, 0);
parse_lengths(argv[optind-1], info);
if (invert)
- info->invert = 1;
+ info->invert = true;
*flags = 1;
break;
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index 6f86a4f..c96c39a 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -87,7 +87,7 @@ static void limit_init(struct xt_entry_match *m)
*/
static int
-limit_parse(int c, char **argv, int invert, unsigned int *flags,
+limit_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_rateinfo *r = (struct xt_rateinfo *)(*match)->data;
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index bc1066c..27388af 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -51,7 +51,7 @@ parse_mac(const char *mac, struct xt_mac_info *info)
}
static int
-mac_parse(int c, char **argv, int invert, unsigned int *flags,
+mac_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_mac_info *macinfo = (struct xt_mac_info *)(*match)->data;
@@ -61,7 +61,7 @@ mac_parse(int c, char **argv, int invert, unsigned int *flags,
xtables_check_inverse(optarg, &invert, &optind, 0);
parse_mac(argv[optind-1], macinfo);
if (invert)
- macinfo->invert = 1;
+ macinfo->invert = true;
*flags = 1;
break;
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 834edc4..481e341 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -25,7 +25,7 @@ static const struct option mark_mt_opts[] = {
{ .name = NULL }
};
-static int mark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
+static int mark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_mark_mtinfo1 *info = (void *)(*match)->data;
@@ -54,7 +54,7 @@ static int mark_mt_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-mark_parse(int c, char **argv, int invert, unsigned int *flags,
+mark_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_mark_info *markinfo = (struct xt_mark_info *)(*match)->data;
@@ -71,7 +71,7 @@ mark_parse(int c, char **argv, int invert, unsigned int *flags,
if (*end != '\0' || end == optarg)
xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg);
if (invert)
- markinfo->invert = 1;
+ markinfo->invert = true;
*flags = 1;
break;
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index 2d36ab0..ce14d2f 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -155,7 +155,7 @@ check_proto(u_int16_t pnum, u_int8_t invflags)
/* Function which parses command options; returns true if it
ate an option */
static int
-__multiport_parse(int c, char **argv, int invert, unsigned int *flags,
+__multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
struct xt_entry_match **match, u_int16_t pnum,
u_int8_t invflags)
{
@@ -204,7 +204,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-multiport_parse(int c, char **argv, int invert, unsigned int *flags,
+multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
const struct ipt_entry *entry = e;
@@ -213,7 +213,7 @@ multiport_parse(int c, char **argv, int invert, unsigned int *flags,
}
static int
-multiport_parse6(int c, char **argv, int invert, unsigned int *flags,
+multiport_parse6(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
const struct ip6t_entry *entry = e;
@@ -222,7 +222,7 @@ multiport_parse6(int c, char **argv, int invert, unsigned int *flags,
}
static int
-__multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
+__multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
struct xt_entry_match **match, u_int16_t pnum,
u_int8_t invflags)
{
@@ -257,7 +257,7 @@ __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
}
if (invert)
- multiinfo->invert = 1;
+ multiinfo->invert = true;
if (*flags)
xtables_error(PARAMETER_PROBLEM,
@@ -267,7 +267,7 @@ __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
}
static int
-multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
+multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
const struct ipt_entry *entry = e;
@@ -276,7 +276,7 @@ multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
}
static int
-multiport_parse6_v1(int c, char **argv, int invert, unsigned int *flags,
+multiport_parse6_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
const struct ip6t_entry *entry = e;
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index 5e7c581..ba9b17f 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -102,7 +102,7 @@ static const struct option owner_mt_opts[] = {
};
static int
-owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
+owner_mt_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_owner_info *info = (void *)(*match)->data;
@@ -181,7 +181,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
}
static int
-owner_mt6_parse_v0(int c, char **argv, int invert, unsigned int *flags,
+owner_mt6_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_owner_info *info = (void *)(*match)->data;
@@ -261,7 +261,7 @@ static void owner_parse_range(const char *s, unsigned int *from,
xtables_param_act(XTF_BAD_VALUE, "owner", opt, s);
}
-static int owner_mt_parse(int c, char **argv, int invert, unsigned int *flags,
+static int owner_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_owner_match_info *info = (void *)(*match)->data;
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index 9e477f1..e181633 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -34,7 +34,7 @@ static const struct option physdev_opts[] = {
};
static int
-physdev_parse(int c, char **argv, int invert, unsigned int *flags,
+physdev_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_physdev_info *info =
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index e2dca1a..9a7b53b 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -84,7 +84,7 @@ static void parse_pkttype(const char *pkttype, struct xt_pkttype_info *info)
xtables_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype);
}
-static int pkttype_parse(int c, char **argv, int invert, unsigned int *flags,
+static int pkttype_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_pkttype_info *info = (struct xt_pkttype_info *)(*match)->data;
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index d1c5023..119e13d 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -54,7 +54,7 @@ parse_quota(const char *s, u_int64_t * quota)
}
static int
-quota_parse(int c, char **argv, int invert, unsigned int *flags,
+quota_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_quota_info *info = (struct xt_quota_info *) (*match)->data;
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index f9844c4..22a934b 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -109,7 +109,7 @@ rateest_get_rate(u_int32_t *rate, const char *str)
}
static int
-rateest_parse(int c, char **argv, int invert, unsigned int *flags,
+rateest_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_rateest_match_info *info = (void *)(*match)->data;
diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c
index ce281b2..2d1f6d5 100644
--- a/extensions/libxt_recent.c
+++ b/extensions/libxt_recent.c
@@ -63,7 +63,7 @@ static void recent_init(struct xt_entry_match *match)
(XT_RECENT_SET | XT_RECENT_CHECK | \
XT_RECENT_UPDATE | XT_RECENT_REMOVE)
-static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
+static int recent_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_recent_mtinfo *info = (void *)(*match)->data;
@@ -76,7 +76,8 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
"`--update' or `--remove' may be set");
xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_SET;
- if (invert) info->invert = 1;
+ if (invert)
+ info->invert = true;
*flags |= XT_RECENT_SET;
break;
@@ -87,7 +88,8 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
"`--update' or `--remove' may be set");
xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_CHECK;
- if(invert) info->invert = 1;
+ if (invert)
+ info->invert = true;
*flags |= XT_RECENT_CHECK;
break;
@@ -98,7 +100,8 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
"`--update' or `--remove' may be set");
xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_UPDATE;
- if (invert) info->invert = 1;
+ if (invert)
+ info->invert = true;
*flags |= XT_RECENT_UPDATE;
break;
@@ -109,7 +112,8 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
"`--update' or `--remove' may be set");
xtables_check_inverse(optarg, &invert, &optind, 0);
info->check_set |= XT_RECENT_REMOVE;
- if (invert) info->invert = 1;
+ if (invert)
+ info->invert = true;
*flags |= XT_RECENT_REMOVE;
break;
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 3098859..928c33d 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -259,7 +259,7 @@ parse_sctp_chunks(struct xt_sctp_info *einfo,
}
static int
-sctp_parse(int c, char **argv, int invert, unsigned int *flags,
+sctp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_sctp_info *einfo
@@ -339,7 +339,7 @@ print_port(u_int16_t port, bool numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, bool numeric)
+ bool invert, bool numeric)
{
const char *inv = invert ? "!" : "";
diff --git a/extensions/libxt_socket.c b/extensions/libxt_socket.c
index eebc7c5..ed191b5 100644
--- a/extensions/libxt_socket.c
+++ b/extensions/libxt_socket.c
@@ -3,6 +3,7 @@
*
* Copyright (C) 2007 BalaBit IT Ltd.
*/
+#include <stdbool.h>
#include <stdio.h>
#include <getopt.h>
#include <xtables.h>
@@ -12,8 +13,9 @@ static void socket_mt_help(void)
printf("socket v%s has no options\n\n", XTABLES_VERSION);
}
-static int socket_mt_parse(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_match **match)
+static int
+socket_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_match **match)
{
return 0;
}
diff --git a/extensions/libxt_standard.c b/extensions/libxt_standard.c
index 54e1348..3a0d8c8 100644
--- a/extensions/libxt_standard.c
+++ b/extensions/libxt_standard.c
@@ -1,4 +1,5 @@
/* Shared library add-on to iptables for standard target support. */
+#include <stdbool.h>
#include <stdio.h>
#include <netdb.h>
#include <string.h>
@@ -14,7 +15,7 @@ static void standard_help(void)
"(If target is DROP, ACCEPT, RETURN or nothing)\n");
}
-static int standard_parse(int c, char **argv, int invert, unsigned int *flags,
+static int standard_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return 0;
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index bb21952..b5f0593 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -64,7 +64,7 @@ state_parse_states(const char *arg, struct xt_state_info *sinfo)
}
static int
-state_parse(int c, char **argv, int invert, unsigned int *flags,
+state_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_match **match)
{
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index 29541ee..ca65782 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -37,7 +37,7 @@ static void statistic_mt_init(struct xt_entry_match *match)
}
static int
-statistic_parse(int c, char **argv, int invert, unsigned int *flags,
+statistic_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_statistic_info *info = (void *)(*match)->data;
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index ecdf31a..fc17d6c 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -170,7 +170,7 @@ parse_hex_string(const char *s, struct xt_string_info *info)
#define ICASE 0x10
static int
-string_parse(int c, char **argv, int invert, unsigned int *flags,
+string_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_string_info *stringinfo =
@@ -207,7 +207,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
parse_string(argv[optind-1], stringinfo);
if (invert) {
if (revision == 0)
- stringinfo->u.v0.invert = 1;
+ stringinfo->u.v0.invert = true;
else
stringinfo->u.v1.flags |= XT_STRING_FLAG_INVERT;
}
@@ -223,7 +223,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
parse_hex_string(argv[optind-1], stringinfo); /* sets length */
if (invert) {
if (revision == 0)
- stringinfo->u.v0.invert = 1;
+ stringinfo->u.v0.invert = true;
else
stringinfo->u.v1.flags |= XT_STRING_FLAG_INVERT;
}
@@ -307,7 +307,7 @@ string_print(const void *ip, const struct xt_entry_match *match, bool numeric)
const struct xt_string_info *info =
(const struct xt_string_info*) match->data;
const int revision = match->u.user.revision;
- int invert = (revision == 0 ? info->u.v0.invert :
+ bool invert = (revision == 0 ? info->u.v0.invert :
info->u.v1.flags & XT_STRING_FLAG_INVERT);
if (is_hex_string(info->pattern, info->patlen)) {
@@ -331,7 +331,7 @@ static void string_save(const void *ip, const struct xt_entry_match *match)
const struct xt_string_info *info =
(const struct xt_string_info*) match->data;
const int revision = match->u.user.revision;
- int invert = (revision == 0 ? info->u.v0.invert :
+ bool invert = (revision == 0 ? info->u.v0.invert :
info->u.v1.flags & XT_STRING_FLAG_INVERT);
if (is_hex_string(info->pattern, info->patlen)) {
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index a1b115d..cbf813a 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -108,7 +108,7 @@ static void
parse_tcp_flags(struct xt_tcp *tcpinfo,
const char *mask,
const char *cmp,
- int invert)
+ bool invert)
{
tcpinfo->flg_mask = parse_tcp_flag(mask);
tcpinfo->flg_cmp = parse_tcp_flag(cmp);
@@ -141,7 +141,7 @@ static void tcp_init(struct xt_entry_match *m)
#define TCP_OPTION 0x08
static int
-tcp_parse(int c, char **argv, int invert, unsigned int *flags,
+tcp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_tcp *tcpinfo = (struct xt_tcp *)(*match)->data;
@@ -238,7 +238,7 @@ print_port(u_int16_t port, bool numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, bool numeric)
+ bool invert, bool numeric)
{
const char *inv = invert ? "!" : "";
@@ -258,7 +258,7 @@ print_ports(const char *name, u_int16_t min, u_int16_t max,
}
static void
-print_option(u_int8_t option, int invert, bool numeric)
+print_option(u_int8_t option, bool invert, bool numeric)
{
if (option || invert)
printf("option=%s%u ", invert ? "!" : "", option);
@@ -287,7 +287,7 @@ print_tcpf(u_int8_t flags)
}
static void
-print_flags(u_int8_t mask, u_int8_t cmp, int invert, bool numeric)
+print_flags(u_int8_t mask, u_int8_t cmp, bool invert, bool numeric)
{
if (mask || invert) {
printf("flags:%s", invert ? "!" : "");
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index 1347b5f..d3e8b21 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -55,7 +55,7 @@ parse_tcp_mssvalues(const char *mssvaluestring,
}
static int
-tcpmss_parse(int c, char **argv, int invert, unsigned int *flags,
+tcpmss_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_tcpmss_match_info *mssinfo =
@@ -70,7 +70,7 @@ tcpmss_parse(int c, char **argv, int invert, unsigned int *flags,
parse_tcp_mssvalues(argv[optind-1],
&mssinfo->mss_min, &mssinfo->mss_max);
if (invert)
- mssinfo->invert = 1;
+ mssinfo->invert = true;
*flags = 1;
break;
default:
diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c
index 7fbc6b5..2542fbf 100644
--- a/extensions/libxt_time.c
+++ b/extensions/libxt_time.c
@@ -246,7 +246,7 @@ static unsigned int time_parse_weekdays(const char *arg)
return ret;
}
-static int time_parse(int c, char **argv, int invert, unsigned int *flags,
+static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_time_info *info = (void *)(*match)->data;
diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c
index abac46e..90113ee 100644
--- a/extensions/libxt_tos.c
+++ b/extensions/libxt_tos.c
@@ -42,8 +42,9 @@ static void tos_mt_help(void)
printf("\n");
}
-static int tos_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
- const void *entry, struct xt_entry_match **match)
+static int
+tos_mt_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_match **match)
{
struct ipt_tos_info *info = (void *)(*match)->data;
struct tos_value_mask tvm;
@@ -66,7 +67,7 @@ static int tos_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags,
return false;
}
-static int tos_mt_parse(int c, char **argv, int invert, unsigned int *flags,
+static int tos_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_tos_match_info *info = (void *)(*match)->data;
diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c
index f0e0979..203e646 100644
--- a/extensions/libxt_u32.c
+++ b/extensions/libxt_u32.c
@@ -102,7 +102,7 @@ static u_int32_t parse_number(char **s, int pos)
return number;
}
-static int u32_parse(int c, char **argv, int invert, unsigned int *flags,
+static int u32_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_u32 *data = (void *)(*match)->data;
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 66372a4..0c5c3df 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -63,7 +63,7 @@ static void udp_init(struct xt_entry_match *m)
#define UDP_DST_PORTS 0x02
static int
-udp_parse(int c, char **argv, int invert, unsigned int *flags,
+udp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_udp *udpinfo = (struct xt_udp *)(*match)->data;
@@ -122,7 +122,7 @@ print_port(u_int16_t port, bool numeric)
static void
print_ports(const char *name, u_int16_t min, u_int16_t max,
- int invert, bool numeric)
+ bool invert, bool numeric)
{
const char *inv = invert ? "!" : "";
diff --git a/include/xtables.h.in b/include/xtables.h.in
index ed599bc..97f4eea 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -67,7 +67,7 @@ struct xtables_match
/* Function which parses command options; returns true if it
ate an option */
/* entry is struct ipt_entry for example */
- int (*parse)(int c, char **argv, int invert, unsigned int *flags,
+ int (*parse)(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_match **match);
@@ -129,7 +129,7 @@ struct xtables_target
/* Function which parses command options; returns true if it
ate an option */
/* entry is struct ipt_entry for example */
- int (*parse)(int c, char **argv, int invert, unsigned int *flags,
+ int (*parse)(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_target **targetinfo);
@@ -243,7 +243,7 @@ xtables_parse_interface(const char *arg, char *vianame, unsigned char *mask);
/* this is a special 64bit data type that is 8-byte aligned */
#define aligned_u64 u_int64_t __attribute__((aligned(8)))
-int xtables_check_inverse(const char option[], int *invert,
+int xtables_check_inverse(const char option[], bool *invert,
int *my_optind, int argc);
extern struct xtables_globals *xt_params;
#define xtables_error (xt_params->exit_err)
diff --git a/ip6tables.c b/ip6tables.c
index cf1508b..9f70264 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -399,7 +399,7 @@ cmd2char(int option)
static void
add_command(unsigned int *cmd, const int newcmd, const int othercmds,
- int invert)
+ bool invert)
{
if (invert)
xtables_error(PARAMETER_PROBLEM, "unexpected '!' flag");
@@ -481,7 +481,7 @@ parse_target(const char *targetname)
static void
set_option(unsigned int *options, unsigned int option, u_int8_t *invflg,
- int invert)
+ bool invert)
{
if (*options & option)
xtables_error(PARAMETER_PROBLEM, "multiple -%c flags not allowed",
@@ -1012,7 +1012,7 @@ list_entries(const ip6t_chainlabel chain, int rulenum, int verbose,
/* This assumes that mask is contiguous, and byte-bounded. */
static void
print_iface(char letter, const char *iface, const unsigned char *mask,
- int invert)
+ bool invert)
{
unsigned int i;
@@ -1038,7 +1038,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
}
/* The ip6tables looks up the /etc/protocols. */
-static void print_proto(u_int16_t proto, int invert)
+static void print_proto(u_int16_t proto, bool invert)
{
if (proto) {
unsigned int i;
@@ -1086,7 +1086,8 @@ static int print_match_save(const struct ip6t_entry_match *e,
}
/* print a given ip including mask if neccessary */
-static void print_ip(char *prefix, const struct in6_addr *ip, const struct in6_addr *mask, int invert)
+static void print_ip(char *prefix, const struct in6_addr *ip,
+ const struct in6_addr *mask, bool invert)
{
char buf[51];
int l = ipv6_prefix_length(mask);
@@ -1301,7 +1302,7 @@ static void clear_rule_matches(struct xtables_rule_match **matches)
int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **handle)
{
struct ip6t_entry fw, *e = NULL;
- int invert = 0;
+ bool invert = false;
unsigned int nsaddrs = 0, ndaddrs = 0;
struct in6_addr *saddrs = NULL, *daddrs = NULL;
struct in6_addr *smasks = NULL, *dmasks = NULL;
diff --git a/iptables.c b/iptables.c
index e1f936a..27fa084 100644
--- a/iptables.c
+++ b/iptables.c
@@ -412,7 +412,7 @@ cmd2char(int option)
static void
add_command(unsigned int *cmd, const int newcmd, const int othercmds,
- int invert)
+ bool invert)
{
if (invert)
xtables_error(PARAMETER_PROBLEM, "unexpected ! flag");
@@ -485,7 +485,7 @@ parse_target(const char *targetname)
static void
set_option(unsigned int *options, unsigned int option, u_int8_t *invflg,
- int invert)
+ bool invert)
{
if (*options & option)
xtables_error(PARAMETER_PROBLEM, "multiple -%c flags not allowed",
@@ -1011,7 +1011,7 @@ list_entries(const ipt_chainlabel chain, int rulenum, int verbose,
return found;
}
-static void print_proto(u_int16_t proto, int invert)
+static void print_proto(u_int16_t proto, bool invert)
{
if (proto) {
unsigned int i;
@@ -1045,7 +1045,7 @@ static void print_proto(u_int16_t proto, int invert)
/* This assumes that mask is contiguous, and byte-bounded. */
static void
print_iface(char letter, const char *iface, const unsigned char *mask,
- int invert)
+ bool invert)
{
unsigned int i;
@@ -1094,7 +1094,7 @@ static int print_match_save(const struct ipt_entry_match *e,
}
/* print a given ip including mask if neccessary */
-static void print_ip(char *prefix, u_int32_t ip, u_int32_t mask, int invert)
+static void print_ip(char *prefix, u_int32_t ip, u_int32_t mask, bool invert)
{
u_int32_t bits, hmask = ntohl(mask);
int i;
@@ -1324,7 +1324,7 @@ get_kernel_version(void) {
int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle)
{
struct ipt_entry fw, *e = NULL;
- int invert = 0;
+ bool invert = false;
unsigned int nsaddrs = 0, ndaddrs = 0;
struct in_addr *saddrs = NULL, *smasks = NULL;
struct in_addr *daddrs = NULL, *dmasks = NULL;
diff --git a/xtables.c b/xtables.c
index 73a4860..1de78a6 100644
--- a/xtables.c
+++ b/xtables.c
@@ -1617,7 +1617,7 @@ void xtables_save_string(const char *value)
* Check for option-intrapositional negation.
* Do not use in new code.
*/
-int xtables_check_inverse(const char option[], int *invert,
+int xtables_check_inverse(const char option[], bool *invert,
int *my_optind, int argc)
{
if (option && strcmp(option, "!") == 0) {
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 7/9] extensions: switch parse() return type to bool
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (5 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 6/9] extensions: switch invert to bool Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 8/9] extensions: add const qualifiers in print/save functions Jan Engelhardt
` (2 subsequent siblings)
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
---
extensions/libip6t_HL.c | 6 +++---
extensions/libip6t_LOG.c | 6 +++---
extensions/libip6t_REJECT.c | 6 +++---
extensions/libip6t_ah.c | 6 +++---
extensions/libip6t_dst.c | 6 +++---
extensions/libip6t_eui64.c | 4 ++--
extensions/libip6t_frag.c | 6 +++---
extensions/libip6t_hbh.c | 6 +++---
extensions/libip6t_hl.c | 6 +++---
extensions/libip6t_icmp6.c | 6 +++---
| 6 +++---
extensions/libip6t_mh.c | 6 +++---
extensions/libip6t_policy.c | 6 +++---
extensions/libip6t_rt.c | 6 +++---
extensions/libipt_CLUSTERIP.c | 6 +++---
extensions/libipt_DNAT.c | 16 ++++++++--------
extensions/libipt_ECN.c | 6 +++---
extensions/libipt_LOG.c | 6 +++---
extensions/libipt_MASQUERADE.c | 14 +++++++-------
extensions/libipt_MIRROR.c | 4 ++--
extensions/libipt_NETMAP.c | 6 +++---
extensions/libipt_REDIRECT.c | 17 +++++++++--------
extensions/libipt_REJECT.c | 6 +++---
extensions/libipt_SAME.c | 6 +++---
extensions/libipt_SET.c | 6 +++---
extensions/libipt_SNAT.c | 16 ++++++++--------
extensions/libipt_TTL.c | 6 +++---
extensions/libipt_ULOG.c | 6 +++---
extensions/libipt_addrtype.c | 18 +++++++++---------
extensions/libipt_ah.c | 6 +++---
extensions/libipt_ecn.c | 6 +++---
extensions/libipt_icmp.c | 6 +++---
extensions/libipt_policy.c | 6 +++---
extensions/libipt_realm.c | 6 +++---
extensions/libipt_set.c | 6 +++---
extensions/libipt_ttl.c | 6 +++---
extensions/libipt_unclean.c | 4 ++--
extensions/libxt_CLASSIFY.c | 12 ++++++------
extensions/libxt_CONNMARK.c | 8 ++++----
extensions/libxt_CONNSECMARK.c | 6 +++---
extensions/libxt_DSCP.c | 6 +++---
extensions/libxt_MARK.c | 14 +++++++-------
extensions/libxt_NFLOG.c | 6 +++---
extensions/libxt_NFQUEUE.c | 6 +++---
extensions/libxt_NOTRACK.c | 4 ++--
extensions/libxt_RATEEST.c | 18 +++++++++---------
extensions/libxt_SECMARK.c | 6 +++---
extensions/libxt_TCPMSS.c | 14 +++++++-------
extensions/libxt_TCPOPTSTRIP.c | 2 +-
extensions/libxt_TOS.c | 4 ++--
extensions/libxt_TPROXY.c | 10 +++++-----
extensions/libxt_TRACE.c | 4 ++--
| 6 +++---
extensions/libxt_connbytes.c | 6 +++---
extensions/libxt_connlimit.c | 10 +++++-----
extensions/libxt_connmark.c | 8 ++++----
extensions/libxt_conntrack.c | 22 +++++++++++-----------
extensions/libxt_dccp.c | 6 +++---
extensions/libxt_dscp.c | 6 +++---
extensions/libxt_esp.c | 6 +++---
extensions/libxt_hashlimit.c | 34 +++++++++++++++++-----------------
extensions/libxt_helper.c | 6 +++---
extensions/libxt_iprange.c | 10 +++++-----
extensions/libxt_length.c | 6 +++---
extensions/libxt_limit.c | 16 ++++++++--------
extensions/libxt_mac.c | 6 +++---
extensions/libxt_mark.c | 8 ++++----
extensions/libxt_multiport.c | 20 ++++++++++----------
extensions/libxt_owner.c | 9 +++++----
extensions/libxt_physdev.c | 6 +++---
extensions/libxt_pkttype.c | 6 +++---
extensions/libxt_quota.c | 10 +++++-----
extensions/libxt_rateest.c | 20 ++++++++++----------
extensions/libxt_recent.c | 6 +++---
extensions/libxt_sctp.c | 6 +++---
extensions/libxt_socket.c | 4 ++--
extensions/libxt_standard.c | 7 ++++---
extensions/libxt_state.c | 12 ++++++------
extensions/libxt_statistic.c | 6 +++---
extensions/libxt_string.c | 14 +++++++-------
extensions/libxt_tcp.c | 6 +++---
extensions/libxt_tcpmss.c | 6 +++---
extensions/libxt_time.c | 20 ++++++++++----------
extensions/libxt_tos.c | 4 ++--
extensions/libxt_u32.c | 8 ++++----
extensions/libxt_udp.c | 6 +++---
include/xtables.h.in | 4 ++--
ip6tables.c | 4 ++--
iptables.c | 4 ++--
89 files changed, 367 insertions(+), 364 deletions(-)
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c
index 47f8e4e..d625b7f 100644
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -25,7 +25,7 @@ static void HL_help(void)
" --hl-inc value Increment HL by <value 1-255>\n");
}
-static int HL_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool HL_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ip6t_HL_info *info = (struct ip6t_HL_info *) (*target)->data;
@@ -73,14 +73,14 @@ static int HL_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
info->hop_limit = value;
*flags |= IP6T_HL_USED;
- return 1;
+ return true;
}
static void HL_check(unsigned int flags)
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index a163487..824671e 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -101,7 +101,7 @@ parse_level(const char *level)
#define IP6T_LOG_OPT_IPOPT 0x10
#define IP6T_LOG_OPT_UID 0x20
-static int LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ip6t_log_info *loginfo = (struct ip6t_log_info *)(*target)->data;
@@ -184,10 +184,10 @@ static int LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void LOG_print(const void *ip, const struct xt_entry_target *target,
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index c3077d4..38d3534 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -75,7 +75,7 @@ static void REJECT_init(struct xt_entry_target *t)
}
-static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ip6t_reject_info *reject =
@@ -92,7 +92,7 @@ static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
if ((strncasecmp(reject_table[i].name, optarg, strlen(optarg)) == 0)
|| (strncasecmp(reject_table[i].alias, optarg, strlen(optarg)) == 0)) {
reject->with = reject_table[i].with;
- return 1;
+ return true;
}
}
xtables_error(PARAMETER_PROBLEM, "unknown reject type \"%s\"", optarg);
@@ -100,7 +100,7 @@ static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
/* Fall through */
break;
}
- return 0;
+ return false;
}
static void REJECT_print(const void *ip, const struct xt_entry_target *target,
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c
index c7d0763..1682e73 100644
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -77,7 +77,7 @@ static void ah_init(struct xt_entry_match *m)
ahinfo->hdrres = 0;
}
-static int ah_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool ah_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_ah *ahinfo = (struct ip6t_ah *)(*match)->data;
@@ -111,10 +111,10 @@ static int ah_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IP6T_AH_RES;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c
index 6c54507..8cb078d 100644
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -116,7 +116,7 @@ static void dst_init(struct xt_entry_match *m)
optinfo->optsnr = 0;
}
-static int dst_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool dst_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_opts *optinfo = (struct ip6t_opts *)(*match)->data;
@@ -157,10 +157,10 @@ static int dst_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IP6T_OPTS_NSTRICT;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libip6t_eui64.c b/extensions/libip6t_eui64.c
index 715a176..5b3d6a7 100644
--- a/extensions/libip6t_eui64.c
+++ b/extensions/libip6t_eui64.c
@@ -20,10 +20,10 @@ static void eui64_help(void)
" This module checks for EUI64 IPv6 addresses\n");
}
-static int eui64_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool eui64_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
- return 0;
+ return false;
}
static struct xtables_match eui64_mt6_reg = {
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c
index d3be868..3803c07 100644
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -85,7 +85,7 @@ static void frag_init(struct xt_entry_match *m)
fraginfo->invflags = 0;
}
-static int frag_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool frag_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_frag *fraginfo = (struct ip6t_frag *)(*match)->data;
@@ -142,10 +142,10 @@ static int frag_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IP6T_FRAG_NMF;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c
index 29e4a23..2c751e5 100644
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -111,7 +111,7 @@ static void hbh_init(struct xt_entry_match *m)
optinfo->optsnr = 0;
}
-static int hbh_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool hbh_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_opts *optinfo = (struct ip6t_opts *)(*match)->data;
@@ -151,10 +151,10 @@ static int hbh_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IP6T_OPTS_NSTRICT;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index 76d7760..cc84018 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -24,7 +24,7 @@ static void hl_help(void)
" --hl-gt value Match HL > value\n");
}
-static int hl_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool hl_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_hl_info *info = (struct ip6t_hl_info *) (*match)->data;
@@ -73,10 +73,10 @@ static int hl_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void hl_check(unsigned int flags)
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index 68fe2fa..c10a06e 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -149,7 +149,7 @@ static void icmp6_init(struct xt_entry_match *m)
icmpv6info->code[1] = 0xFF;
}
-static int icmp6_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool icmp6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_icmp *icmpv6info = (struct ip6t_icmp *)(*match)->data;
@@ -168,10 +168,10 @@ static int icmp6_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void print_icmpv6type(u_int8_t type,
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index fd03d65..da6c0b0 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -179,7 +179,7 @@ parse_header(const char *flags) {
#define IPV6_HDR_HEADER 0x01
#define IPV6_HDR_SOFT 0x02
-static int
+static bool
ipv6header_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -211,10 +211,10 @@ ipv6header_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPV6_HDR_SOFT;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void ipv6header_check(unsigned int flags)
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index 69e3150..f7b699f 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -124,7 +124,7 @@ static void parse_mh_types(const char *mhtype, u_int8_t *types)
#define MH_TYPES 0x01
-static int mh_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool mh_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_mh *mhinfo = (struct ip6t_mh *)(*match)->data;
@@ -142,10 +142,10 @@ static int mh_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static const char *type_to_name(u_int8_t type)
diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c
index 9a85f98..4ee3cfd 100644
--- a/extensions/libip6t_policy.c
+++ b/extensions/libip6t_policy.c
@@ -151,7 +151,7 @@ static int parse_mode(char *s)
xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s);
}
-static int policy_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool policy_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_policy_info *info = (void *)(*match)->data;
@@ -276,11 +276,11 @@ static int policy_parse(int c, char **argv, bool invert, unsigned int *flags,
"policy match: maximum policy depth reached");
break;
default:
- return 0;
+ return false;
}
policy_info = info;
- return 1;
+ return true;
}
static void policy_check(unsigned int flags)
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c
index e560661..67606e6 100644
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -149,7 +149,7 @@ static void rt_init(struct xt_entry_match *m)
rtinfo->addrnr = 0;
}
-static int rt_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool rt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ip6t_rt *rtinfo = (struct ip6t_rt *)(*match)->data;
@@ -224,10 +224,10 @@ static int rt_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IP6T_RT_FST_NSTRICT;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c
index f6bc373..b9fea2d 100644
--- a/extensions/libipt_CLUSTERIP.c
+++ b/extensions/libipt_CLUSTERIP.c
@@ -75,7 +75,7 @@ parse_mac(const char *mac, char *macbuf)
}
}
-static int
+static bool
CLUSTERIP_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -148,10 +148,10 @@ CLUSTERIP_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= PARAM_HASHINIT;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void CLUSTERIP_check(unsigned int flags)
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index 026c0ef..4f35aa2 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -137,21 +137,21 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
return &(append_range(info, &range)->t);
}
-static int DNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool DNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
struct ipt_natinfo *info = (void *)*target;
- int portok;
+ bool portok;
if (entry->ip.proto == IPPROTO_TCP
|| entry->ip.proto == IPPROTO_UDP
|| entry->ip.proto == IPPROTO_SCTP
|| entry->ip.proto == IPPROTO_DCCP
|| entry->ip.proto == IPPROTO_ICMP)
- portok = 1;
+ portok = true;
else
- portok = 0;
+ portok = false;
switch (c) {
case '1':
@@ -171,7 +171,7 @@ static int DNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
if (*flags & IPT_DNAT_OPT_RANDOM)
info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
*flags |= IPT_DNAT_OPT_DEST;
- return 1;
+ return true;
case '2':
if (*flags & IPT_DNAT_OPT_DEST) {
@@ -179,14 +179,14 @@ static int DNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_DNAT_OPT_RANDOM;
} else
*flags |= IPT_DNAT_OPT_RANDOM;
- return 1;
+ return true;
case '3':
info->mr.range[0].flags |= IP_NAT_RANGE_PERSISTENT;
- return 1;
+ return true;
default:
- return 0;
+ return false;
}
}
diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c
index 38b70dd..19dd4ac 100644
--- a/extensions/libipt_ECN.c
+++ b/extensions/libipt_ECN.c
@@ -40,7 +40,7 @@ static const struct option ECN_opts[] = {
{ .name = NULL }
};
-static int ECN_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool ECN_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
unsigned int result;
@@ -91,10 +91,10 @@ static int ECN_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_ECN_OP_SET_IP;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void ECN_check(unsigned int flags)
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 047201f..59a08d6 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -101,7 +101,7 @@ parse_level(const char *level)
#define IPT_LOG_OPT_IPOPT 0x10
#define IPT_LOG_OPT_UID 0x20
-static int LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_log_info *loginfo = (struct ipt_log_info *)(*target)->data;
@@ -184,10 +184,10 @@ static int LOG_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void LOG_print(const void *ip, const struct xt_entry_target *target,
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index f0d4c40..6d2446e 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -69,12 +69,12 @@ parse_ports(const char *arg, struct nf_nat_multi_range *mr)
}
}
-static int
+static bool
MASQUERADE_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
- int portok;
+ bool portok;
struct nf_nat_multi_range *mr
= (struct nf_nat_multi_range *)(*target)->data;
@@ -83,9 +83,9 @@ MASQUERADE_parse(int c, char **argv, bool invert, unsigned int *flags,
|| entry->ip.proto == IPPROTO_SCTP
|| entry->ip.proto == IPPROTO_DCCP
|| entry->ip.proto == IPPROTO_ICMP)
- portok = 1;
+ portok = true;
else
- portok = 0;
+ portok = false;
switch (c) {
case '1':
@@ -98,14 +98,14 @@ MASQUERADE_parse(int c, char **argv, bool invert, unsigned int *flags,
"Unexpected `!' after --to-ports");
parse_ports(optarg, mr);
- return 1;
+ return true;
case '2':
mr->range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
- return 1;
+ return true;
default:
- return 0;
+ return false;
}
}
diff --git a/extensions/libipt_MIRROR.c b/extensions/libipt_MIRROR.c
index 8c62721..de8de86 100644
--- a/extensions/libipt_MIRROR.c
+++ b/extensions/libipt_MIRROR.c
@@ -12,10 +12,10 @@ static void MIRROR_help(void)
printf("MIRROR target takes no options\n");
}
-static int MIRROR_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool MIRROR_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
- return 0;
+ return false;
}
static struct xtables_target mirror_tg_reg = {
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index e65d434..4d4b125 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -110,7 +110,7 @@ parse_to(char *arg, struct nf_nat_range *range)
range->max_ip = range->min_ip | ~netmask;
}
-static int NETMAP_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool NETMAP_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct nf_nat_multi_range *mr
@@ -124,10 +124,10 @@ static int NETMAP_parse(int c, char **argv, bool invert, unsigned int *flags,
parse_to(optarg, &mr->range[0]);
*flags = 1;
- return 1;
+ return true;
default:
- return 0;
+ return false;
}
}
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 09053df..83b0f22 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -76,22 +76,23 @@ parse_ports(const char *arg, struct nf_nat_multi_range *mr)
}
}
-static int REDIRECT_parse(int c, char **argv, bool invert, unsigned int *flags,
- const void *e, struct xt_entry_target **target)
+static bool
+REDIRECT_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
struct nf_nat_multi_range *mr
= (struct nf_nat_multi_range *)(*target)->data;
- int portok;
+ bool portok;
if (entry->ip.proto == IPPROTO_TCP
|| entry->ip.proto == IPPROTO_UDP
|| entry->ip.proto == IPPROTO_SCTP
|| entry->ip.proto == IPPROTO_DCCP
|| entry->ip.proto == IPPROTO_ICMP)
- portok = 1;
+ portok = true;
else
- portok = 0;
+ portok = false;
switch (c) {
case '1':
@@ -107,7 +108,7 @@ static int REDIRECT_parse(int c, char **argv, bool invert, unsigned int *flags,
if (*flags & IPT_REDIRECT_OPT_RANDOM)
mr->range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
*flags |= IPT_REDIRECT_OPT_DEST;
- return 1;
+ return true;
case '2':
if (*flags & IPT_REDIRECT_OPT_DEST) {
@@ -115,10 +116,10 @@ static int REDIRECT_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_REDIRECT_OPT_RANDOM;
} else
*flags |= IPT_REDIRECT_OPT_RANDOM;
- return 1;
+ return true;
default:
- return 0;
+ return false;
}
}
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index 75bc5fc..9014fe4 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -90,7 +90,7 @@ static void REJECT_init(struct xt_entry_target *t)
}
-static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_reject_info *reject = (struct ipt_reject_info *)(*target)->data;
@@ -106,7 +106,7 @@ static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
if ((strncasecmp(reject_table[i].name, optarg, strlen(optarg)) == 0)
|| (strncasecmp(reject_table[i].alias, optarg, strlen(optarg)) == 0)) {
reject->with = reject_table[i].with;
- return 1;
+ return true;
}
}
/* This due to be dropped late in 2.4 pre-release cycle --RR */
@@ -119,7 +119,7 @@ static int REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
/* Fall through */
break;
}
- return 0;
+ return false;
}
static void REJECT_print(const void *ip, const struct xt_entry_target *target,
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index 266bce0..bbd63c7 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -79,7 +79,7 @@ parse_to(char *arg, struct nf_nat_range *range)
#define IPT_SAME_OPT_NODST 0x02
#define IPT_SAME_OPT_RANDOM 0x04
-static int SAME_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool SAME_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_same_info *mr
@@ -122,10 +122,10 @@ static int SAME_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void SAME_check(unsigned int flags)
diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c
index 0ce09c9..6f409a1 100644
--- a/extensions/libipt_SET.c
+++ b/extensions/libipt_SET.c
@@ -78,7 +78,7 @@ parse_target(char **argv, bool invert, unsigned int *flags,
*flags = 1;
}
-static int SET_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool SET_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_set_info_target *myinfo =
@@ -95,9 +95,9 @@ static int SET_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void SET_check(unsigned int flags)
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 1367494..11ef08f 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -137,21 +137,21 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
return &(append_range(info, &range)->t);
}
-static int SNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool SNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_target **target)
{
const struct ipt_entry *entry = e;
struct ipt_natinfo *info = (void *)*target;
- int portok;
+ bool portok;
if (entry->ip.proto == IPPROTO_TCP
|| entry->ip.proto == IPPROTO_UDP
|| entry->ip.proto == IPPROTO_SCTP
|| entry->ip.proto == IPPROTO_DCCP
|| entry->ip.proto == IPPROTO_ICMP)
- portok = 1;
+ portok = true;
else
- portok = 0;
+ portok = false;
switch (c) {
case '1':
@@ -171,7 +171,7 @@ static int SNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
if (*flags & IPT_SNAT_OPT_RANDOM)
info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
*flags |= IPT_SNAT_OPT_SOURCE;
- return 1;
+ return true;
case '2':
if (*flags & IPT_SNAT_OPT_SOURCE) {
@@ -179,14 +179,14 @@ static int SNAT_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_SNAT_OPT_RANDOM;
} else
*flags |= IPT_SNAT_OPT_RANDOM;
- return 1;
+ return true;
case '3':
info->mr.range[0].flags |= IP_NAT_RANGE_PERSISTENT;
- return 1;
+ return true;
default:
- return 0;
+ return false;
}
}
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c
index c25cb44..b42d68e 100644
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -25,7 +25,7 @@ static void TTL_help(void)
" --ttl-inc value Increment TTL by <value 1-255>\n");
}
-static int TTL_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool TTL_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_TTL_info *info = (struct ipt_TTL_info *) (*target)->data;
@@ -73,14 +73,14 @@ static int TTL_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
info->ttl = value;
*flags |= IPT_TTL_USED;
- return 1;
+ return true;
}
static void TTL_check(unsigned int flags)
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c
index 78f5d0a..466564b 100644
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -64,7 +64,7 @@ static void ULOG_init(struct xt_entry_target *t)
#define IPT_LOG_OPT_CPRANGE 0x04
#define IPT_LOG_OPT_QTHRESHOLD 0x08
-static int ULOG_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool ULOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_ulog_info *loginfo =
@@ -139,9 +139,9 @@ static int ULOG_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_LOG_OPT_QTHRESHOLD;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void ULOG_save(const void *ip, const struct xt_entry_target *target)
diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c
index 1d72119..91e469f 100644
--- a/extensions/libipt_addrtype.c
+++ b/extensions/libipt_addrtype.c
@@ -60,7 +60,7 @@ static void addrtype_help_v1(void)
addrtype_help_types();
}
-static int
+static bool
parse_type(const char *name, size_t len, u_int16_t *mask)
{
int i;
@@ -69,10 +69,10 @@ parse_type(const char *name, size_t len, u_int16_t *mask)
if (strncasecmp(name, rtn_names[i], len) == 0) {
/* build up bitmask for kernel module */
*mask |= (1 << i);
- return 1;
+ return true;
}
- return 0;
+ return false;
}
static void parse_types(const char *arg, u_int16_t *mask)
@@ -95,7 +95,7 @@ static void parse_types(const char *arg, u_int16_t *mask)
#define IPT_ADDRTYPE_OPT_LIMIT_IFACE_IN 0x4
#define IPT_ADDRTYPE_OPT_LIMIT_IFACE_OUT 0x8
-static int
+static bool
addrtype_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -124,13 +124,13 @@ addrtype_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_ADDRTYPE_OPT_DSTTYPE;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-static int
+static bool
addrtype_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -173,10 +173,10 @@ addrtype_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
*flags |= IPT_ADDRTYPE_OPT_LIMIT_IFACE_OUT;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void addrtype_check_v0(unsigned int flags)
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c
index 089220e..00b43ab 100644
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -73,7 +73,7 @@ static void ah_init(struct xt_entry_match *m)
#define AH_SPI 0x01
-static int ah_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool ah_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_ah *ahinfo = (struct ipt_ah *)(*match)->data;
@@ -90,10 +90,10 @@ static int ah_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= AH_SPI;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c
index 6fbf601..fee0098 100644
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -32,7 +32,7 @@ static const struct option ecn_opts[] = {
{ .name = NULL }
};
-static int ecn_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool ecn_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
unsigned int result;
@@ -77,10 +77,10 @@ static int ecn_parse(int c, char **argv, bool invert, unsigned int *flags,
einfo->ip_ect = result;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void ecn_check(unsigned int flags)
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index a5b6517..f823677 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -174,7 +174,7 @@ static void icmp_init(struct xt_entry_match *m)
icmpinfo->code[1] = 0xFF;
}
-static int icmp_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool icmp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_icmp *icmpinfo = (struct ipt_icmp *)(*match)->data;
@@ -193,10 +193,10 @@ static int icmp_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void print_icmptype(u_int8_t type,
diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c
index fcd2564..67c529f 100644
--- a/extensions/libipt_policy.c
+++ b/extensions/libipt_policy.c
@@ -119,7 +119,7 @@ static int parse_mode(char *s)
xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s);
}
-static int policy_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool policy_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_policy_info *info = (void *)(*match)->data;
@@ -244,11 +244,11 @@ static int policy_parse(int c, char **argv, bool invert, unsigned int *flags,
"policy match: maximum policy depth reached");
break;
default:
- return 0;
+ return false;
}
policy_info = info;
- return 1;
+ return true;
}
static void policy_check(unsigned int flags)
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index 05626dc..bde3472 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -149,7 +149,7 @@ static const char *realm_id2name(int id)
return NULL;
}
-static int realm_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool realm_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_realm_info *realminfo = (struct ipt_realm_info *)(*match)->data;
@@ -183,9 +183,9 @@ static int realm_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c
index c3ffc70..b704852 100644
--- a/extensions/libipt_set.c
+++ b/extensions/libipt_set.c
@@ -46,7 +46,7 @@ static void set_init(struct xt_entry_match *match)
}
-static int set_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool set_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_set_info_match *myinfo =
@@ -83,10 +83,10 @@ static int set_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void set_check(unsigned int flags)
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c
index 21cbf0d..f0be535 100644
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -23,7 +23,7 @@ static void ttl_help(void)
" --ttl-gt value Match TTL > value\n");
}
-static int ttl_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool ttl_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
@@ -70,7 +70,7 @@ static int ttl_parse(int c, char **argv, bool invert, unsigned int *flags,
info->ttl = value;
break;
default:
- return 0;
+ return false;
}
@@ -79,7 +79,7 @@ static int ttl_parse(int c, char **argv, bool invert, unsigned int *flags,
"Can't specify TTL option twice");
*flags = 1;
- return 1;
+ return true;
}
static void ttl_check(unsigned int flags)
diff --git a/extensions/libipt_unclean.c b/extensions/libipt_unclean.c
index 96c58bb..6f8ca20 100644
--- a/extensions/libipt_unclean.c
+++ b/extensions/libipt_unclean.c
@@ -10,10 +10,10 @@ static void unclean_help(void)
printf("unclean match takes no options\n");
}
-static int unclean_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool unclean_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
- return 0;
+ return false;
}
static struct xtables_match unclean_mt_reg = {
diff --git a/extensions/libxt_CLASSIFY.c b/extensions/libxt_CLASSIFY.c
index c5d37f9..1bd7133 100644
--- a/extensions/libxt_CLASSIFY.c
+++ b/extensions/libxt_CLASSIFY.c
@@ -24,18 +24,18 @@ static const struct option CLASSIFY_opts[] = {
{ .name = NULL }
};
-static int CLASSIFY_string_to_priority(const char *s, unsigned int *p)
+static bool CLASSIFY_string_to_priority(const char *s, unsigned int *p)
{
unsigned int i, j;
if (sscanf(s, "%x:%x", &i, &j) != 2)
- return 1;
+ return true;
*p = TC_H_MAKE(i<<16, j);
- return 0;
+ return false;
}
-static int
+static bool
CLASSIFY_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_target **target)
@@ -55,10 +55,10 @@ CLASSIFY_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c
index 2905fea..1aab593 100644
--- a/extensions/libxt_CONNMARK.c
+++ b/extensions/libxt_CONNMARK.c
@@ -95,7 +95,7 @@ static void connmark_tg_init(struct xt_entry_target *target)
info->nfmask = UINT32_MAX;
}
-static int
+static bool
CONNMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -142,13 +142,13 @@ CONNMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
xtables_error(PARAMETER_PROBLEM, "Bad MASK value \"%s\"", optarg);
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-static int connmark_tg_parse(int c, char **argv, bool invert,
+static bool connmark_tg_parse(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_target **target)
{
diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c
index c32d03c..d48d1f6 100644
--- a/extensions/libxt_CONNSECMARK.c
+++ b/extensions/libxt_CONNSECMARK.c
@@ -29,7 +29,7 @@ static const struct option CONNSECMARK_opts[] = {
{ .name = NULL }
};
-static int
+static bool
CONNSECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -54,10 +54,10 @@ CONNSECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void CONNSECMARK_check(unsigned int flags)
diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c
index 7af4166..ac49022 100644
--- a/extensions/libxt_DSCP.c
+++ b/extensions/libxt_DSCP.c
@@ -71,7 +71,7 @@ parse_class(const char *s, struct xt_DSCP_info *dinfo)
}
-static int DSCP_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool DSCP_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_DSCP_info *dinfo
@@ -94,10 +94,10 @@ static int DSCP_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void DSCP_check(unsigned int flags)
diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c
index 64292ed..1729452 100644
--- a/extensions/libxt_MARK.c
+++ b/extensions/libxt_MARK.c
@@ -52,7 +52,7 @@ static void mark_tg_help(void)
/* Function which parses command options; returns true if it
ate an option */
-static int
+static bool
MARK_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -77,10 +77,10 @@ MARK_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
xtables_error(PARAMETER_PROBLEM,
"MARK target: kernel too old for --or-mark");
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void MARK_check(unsigned int flags)
@@ -91,7 +91,7 @@ static void MARK_check(unsigned int flags)
" is required");
}
-static int
+static bool
MARK_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -110,7 +110,7 @@ MARK_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
markinfo->mode = XT_MARK_OR;
break;
default:
- return 0;
+ return false;
}
if (!xtables_strtoui(optarg, NULL, &mark, 0, UINT32_MAX))
@@ -121,10 +121,10 @@ MARK_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
"MARK target: Can't specify --set-mark twice");
*flags = 1;
- return 1;
+ return true;
}
-static int mark_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool mark_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_mark_tginfo2 *info = (void *)(*target)->data;
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c
index 023cfda..c0237c7 100644
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -40,7 +40,7 @@ static void NFLOG_init(struct xt_entry_target *t)
info->threshold = XT_NFLOG_DEFAULT_THRESHOLD;
}
-static int NFLOG_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool NFLOG_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_nflog_info *info = (struct xt_nflog_info *)(*target)->data;
@@ -104,10 +104,10 @@ static int NFLOG_parse(int c, char **argv, bool invert, unsigned int *flags,
info->threshold = n;
break;
default:
- return 0;
+ return false;
}
*flags |= c;
- return 1;
+ return true;
}
static void nflog_print(const struct xt_nflog_info *info, char *prefix)
diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c
index 9dcdd42..323c7e2 100644
--- a/extensions/libxt_NFQUEUE.c
+++ b/extensions/libxt_NFQUEUE.c
@@ -41,7 +41,7 @@ parse_num(const char *s, struct xt_NFQ_info *tinfo)
tinfo->queuenum = num & 0xffff;
}
-static int
+static bool
NFQUEUE_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -56,10 +56,10 @@ NFQUEUE_parse(int c, char **argv, bool invert, unsigned int *flags,
parse_num(optarg, tinfo);
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void NFQUEUE_print(const void *ip,
diff --git a/extensions/libxt_NOTRACK.c b/extensions/libxt_NOTRACK.c
index 0621d15..652d8d8 100644
--- a/extensions/libxt_NOTRACK.c
+++ b/extensions/libxt_NOTRACK.c
@@ -13,11 +13,11 @@ static void NOTRACK_help(void)
printf("NOTRACK target takes no options\n");
}
-static int
+static bool
NOTRACK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
- return 0;
+ return false;
}
static struct xtables_target notrack_target = {
diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c
index d5d391d..bd70852 100644
--- a/extensions/libxt_RATEEST.c
+++ b/extensions/libxt_RATEEST.c
@@ -41,7 +41,7 @@ static const struct option RATEEST_opts[] = {
/* Copied from iproute */
#define TIME_UNITS_PER_SEC 1000000
-static int
+static bool
RATEEST_get_time(unsigned int *time, const char *str)
{
double t;
@@ -49,7 +49,7 @@ RATEEST_get_time(unsigned int *time, const char *str)
t = strtod(str, &p);
if (p == str)
- return -1;
+ return false;
if (*p) {
if (strcasecmp(p, "s") == 0 || strcasecmp(p, "sec")==0 ||
@@ -62,11 +62,11 @@ RATEEST_get_time(unsigned int *time, const char *str)
strcasecmp(p, "usecs") == 0)
t *= TIME_UNITS_PER_SEC/1000000;
else
- return -1;
+ return false;
}
*time = t;
- return 0;
+ return true;
}
static void
@@ -89,7 +89,7 @@ RATEEST_init(struct xt_entry_target *target)
ewma_log = 0;
}
-static int
+static bool
RATEEST_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -113,7 +113,7 @@ RATEEST_parse(int c, char **argv, bool invert, unsigned int *flags,
"RATEEST: can't specify --rateest-interval twice");
*flags |= 1 << c;
- if (RATEEST_get_time(&interval, optarg) < 0)
+ if (!RATEEST_get_time(&interval, optarg))
xtables_error(PARAMETER_PROBLEM,
"RATEEST: bad interval value `%s'", optarg);
@@ -125,17 +125,17 @@ RATEEST_parse(int c, char **argv, bool invert, unsigned int *flags,
"RATEEST: can't specify --rateest-ewmalog twice");
*flags |= 1 << c;
- if (RATEEST_get_time(&ewma_log, optarg) < 0)
+ if (!RATEEST_get_time(&ewma_log, optarg))
xtables_error(PARAMETER_PROBLEM,
"RATEEST: bad ewmalog value `%s'", optarg);
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c
index 82752e8..36f9d7c 100644
--- a/extensions/libxt_SECMARK.c
+++ b/extensions/libxt_SECMARK.c
@@ -27,7 +27,7 @@ static const struct option SECMARK_opts[] = {
{ .name = NULL }
};
-static int SECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool SECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_secmark_target_info *info =
@@ -50,10 +50,10 @@ static int SECMARK_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= SECMARK_MODE_SEL;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void SECMARK_check(unsigned int flags)
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 54ae373..d1c5cc0 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -42,9 +42,9 @@ static const struct option TCPMSS_opts[] = {
{ .name = NULL }
};
-static int __TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
- const void *entry, struct xt_entry_target **target,
- int hdrsize)
+static bool
+__TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **target, int hdrsize)
{
struct xt_tcpmss_info *mssinfo
= (struct xt_tcpmss_info *)(*target)->data;
@@ -73,19 +73,19 @@ static int __TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-static int TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool TCPMSS_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return __TCPMSS_parse(c, argv, invert, flags, entry, target, 40);
}
-static int TCPMSS_parse6(int c, char **argv, bool invert, unsigned int *flags,
+static bool TCPMSS_parse6(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
return __TCPMSS_parse(c, argv, invert, flags, entry, target, 60);
diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c
index 1c361e1..761a2f2 100644
--- a/extensions/libxt_TCPOPTSTRIP.c
+++ b/extensions/libxt_TCPOPTSTRIP.c
@@ -102,7 +102,7 @@ static void parse_list(struct xt_tcpoptstrip_target_info *info, char *arg)
}
}
-static int tcpoptstrip_tg_parse(int c, char **argv, bool invert,
+static bool tcpoptstrip_tg_parse(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_target **target)
{
diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c
index a12e3fc..c380b0a 100644
--- a/extensions/libxt_TOS.c
+++ b/extensions/libxt_TOS.c
@@ -75,7 +75,7 @@ XTABLES_VERSION);
);
}
-static int
+static bool
tos_tg_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -100,7 +100,7 @@ tos_tg_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
return false;
}
-static int tos_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool tos_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct xt_tos_target_info *info = (void *)(*target)->data;
diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c
index bf5b145..adab436 100644
--- a/extensions/libxt_TPROXY.c
+++ b/extensions/libxt_TPROXY.c
@@ -73,7 +73,7 @@ static void parse_tproxy_mark(char *s, struct xt_tproxy_target_info *info)
info->mark_value = value;
}
-static int
+static bool
tproxy_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
@@ -85,22 +85,22 @@ tproxy_tg_parse(int c, char **argv, bool invert, unsigned int *flags,
xtables_param_act(XTF_NO_INVERT, "TPROXY", "--on-port", invert);
parse_tproxy_lport(optarg, tproxyinfo);
*flags |= PARAM_ONPORT;
- return 1;
+ return true;
case '2':
xtables_param_act(XTF_ONLY_ONCE, "TPROXY", "--on-ip", *flags & PARAM_ONIP);
xtables_param_act(XTF_NO_INVERT, "TPROXY", "--on-ip", invert);
parse_tproxy_laddr(optarg, tproxyinfo);
*flags |= PARAM_ONIP;
- return 1;
+ return true;
case '3':
xtables_param_act(XTF_ONLY_ONCE, "TPROXY", "--tproxy-mark", *flags & PARAM_MARK);
xtables_param_act(XTF_NO_INVERT, "TPROXY", "--tproxy-mark", invert);
parse_tproxy_mark(optarg, tproxyinfo);
*flags |= PARAM_MARK;
- return 1;
+ return true;
}
- return 0;
+ return false;
}
static void tproxy_tg_check(unsigned int flags)
diff --git a/extensions/libxt_TRACE.c b/extensions/libxt_TRACE.c
index 1361356..45e2252 100644
--- a/extensions/libxt_TRACE.c
+++ b/extensions/libxt_TRACE.c
@@ -13,10 +13,10 @@ static void TRACE_help(void)
printf("TRACE target takes no options\n");
}
-static int TRACE_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool TRACE_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
- return 0;
+ return false;
}
static struct xtables_target trace_target = {
--git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
index ff38f64..79d1594 100644
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -39,7 +39,7 @@ parse_comment(const char *s, struct xt_comment_info *info)
strcpy((char *)info->comment, s);
}
-static int
+static bool
comment_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -57,9 +57,9 @@ comment_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void comment_check(unsigned int flags)
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c
index 4fdf21c..d465fc4 100644
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -44,7 +44,7 @@ parse_range(const char *arg, struct xt_connbytes_info *si)
(unsigned long long)si->count.to);
}
-static int
+static bool
connbytes_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -90,10 +90,10 @@ connbytes_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= 4;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void connbytes_check(unsigned int flags)
diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c
index 15bd317..fe1394b 100644
--- a/extensions/libxt_connlimit.c
+++ b/extensions/libxt_connlimit.c
@@ -52,7 +52,7 @@ static void prefix_to_netmask(u_int32_t *mask, unsigned int prefix_len)
mask[3] = htonl(mask[3]);
}
-static int
+static bool
connlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
struct xt_connlimit_info *info, unsigned int family)
{
@@ -94,13 +94,13 @@ connlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
}
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-static int connlimit_parse4(int c, char **argv, bool invert,
+static bool connlimit_parse4(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_match **match)
{
@@ -108,7 +108,7 @@ static int connlimit_parse4(int c, char **argv, bool invert,
(void *)(*match)->data, NFPROTO_IPV4);
}
-static int connlimit_parse6(int c, char **argv, bool invert,
+static bool connlimit_parse6(int c, char **argv, bool invert,
unsigned int *flags, const void *entry,
struct xt_entry_match **match)
{
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index 17fe03b..fa16e96 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -45,7 +45,7 @@ static const struct option connmark_mt_opts[] = {
{ .name = NULL }
};
-static int
+static bool
connmark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -74,7 +74,7 @@ connmark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
return false;
}
-static int
+static bool
connmark_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -99,9 +99,9 @@ connmark_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void print_mark(unsigned int mark, unsigned int mask)
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 2ed6e9a..4b6c3c5 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -74,7 +74,7 @@ static const struct option conntrack_mt_opts[] = {
{.name = NULL},
};
-static int
+static bool
parse_state(const char *state, size_t len, struct xt_conntrack_info *sinfo)
{
if (strncasecmp(state, "INVALID", len) == 0)
@@ -92,8 +92,8 @@ parse_state(const char *state, size_t len, struct xt_conntrack_info *sinfo)
else if (strncasecmp(state, "DNAT", len) == 0)
sinfo->statemask |= XT_CONNTRACK_STATE_DNAT;
else
- return 0;
- return 1;
+ return false;
+ return true;
}
static void
@@ -153,7 +153,7 @@ conntrack_ps_states(struct xt_conntrack_mtinfo1 *info, const char *arg)
xtables_error(PARAMETER_PROBLEM, "Bad ctstate \"%s\"", arg);
}
-static int
+static bool
parse_status(const char *status, size_t len, struct xt_conntrack_info *sinfo)
{
if (strncasecmp(status, "NONE", len) == 0)
@@ -169,8 +169,8 @@ parse_status(const char *status, size_t len, struct xt_conntrack_info *sinfo)
sinfo->statusmask |= IPS_CONFIRMED;
#endif
else
- return 0;
- return 1;
+ return false;
+ return true;
}
static void
@@ -286,7 +286,7 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo1 *info, const char *s)
info->expires_max = max;
}
-static int
+static bool
conntrack_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -430,11 +430,11 @@ conntrack_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
*flags = sinfo->flags;
- return 1;
+ return true;
}
static int
@@ -543,7 +543,7 @@ conntrack_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
return true;
}
-static int
+static bool
conntrack_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -613,7 +613,7 @@ conntrack_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
return true;
}
-static int
+static bool
conntrack_mt6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index 12180d4..e5e2edc 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -129,7 +129,7 @@ static u_int8_t parse_dccp_option(char *optstring)
return ret;
}
-static int
+static bool
dccp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -185,9 +185,9 @@ dccp_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= XT_DCCP_OPTION;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static char *
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c
index 64ceedb..7dddd1f 100644
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -71,7 +71,7 @@ parse_class(const char *s, struct xt_dscp_info *dinfo)
}
-static int
+static bool
dscp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -102,10 +102,10 @@ dscp_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void dscp_check(unsigned int flags)
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c
index 1cb906f..9a61070 100644
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -78,7 +78,7 @@ static void esp_init(struct xt_entry_match *m)
#define ESP_SPI 0x01
-static int
+static bool
esp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -96,10 +96,10 @@ esp_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= ESP_SPI;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 4d7f74b..4fd844f 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -95,7 +95,7 @@ static const struct option hashlimit_mt_opts[] = {
};
static
-int parse_rate(const char *rate, u_int32_t *val)
+bool parse_rate(const char *rate, u_int32_t *val)
{
const char *delim;
u_int32_t r;
@@ -104,7 +104,7 @@ int parse_rate(const char *rate, u_int32_t *val)
delim = strchr(rate, '/');
if (delim) {
if (strlen(delim+1) == 0)
- return 0;
+ return false;
if (strncasecmp(delim+1, "second", strlen(delim+1)) == 0)
mult = 1;
@@ -115,11 +115,11 @@ int parse_rate(const char *rate, u_int32_t *val)
else if (strncasecmp(delim+1, "day", strlen(delim+1)) == 0)
mult = 24*60*60;
else
- return 0;
+ return false;
}
r = atoi(rate);
if (!r)
- return 0;
+ return false;
/* This would get mapped to infinite (1/day is minimum they
can specify, so we're ok at that end). */
@@ -127,7 +127,7 @@ int parse_rate(const char *rate, u_int32_t *val)
xtables_error(PARAMETER_PROBLEM, "Rate too fast \"%s\"\n", rate);
*val = XT_HASHLIMIT_SCALE * mult / r;
- return 1;
+ return true;
}
static void hashlimit_init(struct xt_entry_match *m)
@@ -166,13 +166,13 @@ static void hashlimit_mt6_init(struct xt_entry_match *match)
}
/* Parse a 'mode' parameter into the required bitmask */
-static int parse_mode(uint32_t *mode, char *option_arg)
+static bool parse_mode(uint32_t *mode, char *option_arg)
{
char *tok;
char *arg = strdup(option_arg);
if (!arg)
- return -1;
+ return false;
for (tok = strtok(arg, ",|");
tok;
@@ -187,11 +187,11 @@ static int parse_mode(uint32_t *mode, char *option_arg)
*mode |= XT_HASHLIMIT_HASH_DPT;
else {
free(arg);
- return -1;
+ return false;
}
}
free(arg);
- return 0;
+ return true;
}
enum {
@@ -207,7 +207,7 @@ enum {
PARAM_DSTMASK = 1 << 9,
};
-static int
+static bool
hashlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -284,7 +284,7 @@ hashlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
*flags & PARAM_MODE);
if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
- if (parse_mode(&r->cfg.mode, optarg) < 0)
+ if (!parse_mode(&r->cfg.mode, optarg))
xtables_error(PARAMETER_PROBLEM,
"bad --hashlimit-mode: `%s'\n", optarg);
*flags |= PARAM_MODE;
@@ -299,17 +299,17 @@ hashlimit_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= PARAM_NAME;
break;
default:
- return 0;
+ return false;
}
if (invert)
xtables_error(PARAMETER_PROBLEM,
"hashlimit does not support invert");
- return 1;
+ return true;
}
-static int
+static bool
hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
int c, bool invert, unsigned int maxmask)
{
@@ -394,7 +394,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
case '_':
xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
*flags & PARAM_MODE);
- if (parse_mode(&info->cfg.mode, optarg) < 0)
+ if (!parse_mode(&info->cfg.mode, optarg))
xtables_param_act(XTF_BAD_VALUE, "hashlimit",
"--hashlimit-mode", optarg);
*flags |= PARAM_MODE;
@@ -433,7 +433,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags,
return false;
}
-static int
+static bool
hashlimit_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -441,7 +441,7 @@ hashlimit_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
flags, c, invert, 32);
}
-static int
+static bool
hashlimit_mt6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index f29dd85..d5e5670 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -21,7 +21,7 @@ static const struct option helper_opts[] = {
{ .name = NULL }
};
-static int
+static bool
helper_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -41,9 +41,9 @@ helper_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void helper_check(unsigned int flags)
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c
index 33c0cb1..b7d95c2 100644
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -58,7 +58,7 @@ parse_iprange(char *arg, struct ipt_iprange *range)
}
}
-static int iprange_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool iprange_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct ipt_iprange_info *info = (struct ipt_iprange_info *)(*match)->data;
@@ -94,12 +94,12 @@ static int iprange_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
-static int
+static bool
iprange_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -149,7 +149,7 @@ iprange_mt4_parse(int c, char **argv, bool invert, unsigned int *flags,
return false;
}
-static int
+static bool
iprange_mt6_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c
index 7ee0e65..d2231fd 100644
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -59,7 +59,7 @@ parse_lengths(const char *s, struct xt_length_info *info)
}
-static int
+static bool
length_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -79,9 +79,9 @@ length_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void length_check(unsigned int flags)
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index c96c39a..e408e3e 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -36,7 +36,7 @@ static const struct option limit_opts[] = {
};
static
-int parse_rate(const char *rate, u_int32_t *val)
+bool parse_rate(const char *rate, u_int32_t *val)
{
const char *delim;
u_int32_t r;
@@ -45,7 +45,7 @@ int parse_rate(const char *rate, u_int32_t *val)
delim = strchr(rate, '/');
if (delim) {
if (strlen(delim+1) == 0)
- return 0;
+ return false;
if (strncasecmp(delim+1, "second", strlen(delim+1)) == 0)
mult = 1;
@@ -56,11 +56,11 @@ int parse_rate(const char *rate, u_int32_t *val)
else if (strncasecmp(delim+1, "day", strlen(delim+1)) == 0)
mult = 24*60*60;
else
- return 0;
+ return false;
}
r = atoi(rate);
if (!r)
- return 0;
+ return false;
/* This would get mapped to infinite (1/day is minimum they
can specify, so we're ok at that end). */
@@ -68,7 +68,7 @@ int parse_rate(const char *rate, u_int32_t *val)
xtables_error(PARAMETER_PROBLEM, "Rate too fast \"%s\"\n", rate);
*val = XT_LIMIT_SCALE * mult / r;
- return 1;
+ return true;
}
static void limit_init(struct xt_entry_match *m)
@@ -86,7 +86,7 @@ static void limit_init(struct xt_entry_match *m)
"Sorry: burst too large for that avg rate.\n");
*/
-static int
+static bool
limit_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -110,14 +110,14 @@ limit_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
if (invert)
xtables_error(PARAMETER_PROBLEM,
"limit does not support invert");
- return 1;
+ return true;
}
static const struct rates
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c
index 27388af..afdb214 100644
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -50,7 +50,7 @@ parse_mac(const char *mac, struct xt_mac_info *info)
}
}
-static int
+static bool
mac_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -66,10 +66,10 @@ mac_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void print_mac(const unsigned char macaddress[ETH_ALEN])
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index 481e341..c6299ff 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -25,7 +25,7 @@ static const struct option mark_mt_opts[] = {
{ .name = NULL }
};
-static int mark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool mark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_mark_mtinfo1 *info = (void *)(*match)->data;
@@ -53,7 +53,7 @@ static int mark_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
return false;
}
-static int
+static bool
mark_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -76,9 +76,9 @@ mark_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void print_mark(unsigned int mark, unsigned int mask)
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index ce14d2f..4f01d97 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -154,7 +154,7 @@ check_proto(u_int16_t pnum, u_int8_t invflags)
/* Function which parses command options; returns true if it
ate an option */
-static int
+static bool
__multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
struct xt_entry_match **match, u_int16_t pnum,
u_int8_t invflags)
@@ -189,7 +189,7 @@ __multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
if (invert)
@@ -200,10 +200,10 @@ __multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
xtables_error(PARAMETER_PROBLEM,
"multiport can only have one option");
*flags = 1;
- return 1;
+ return true;
}
-static int
+static bool
multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
@@ -212,7 +212,7 @@ multiport_parse(int c, char **argv, bool invert, unsigned int *flags,
entry->ip.proto, entry->ip.invflags);
}
-static int
+static bool
multiport_parse6(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
@@ -221,7 +221,7 @@ multiport_parse6(int c, char **argv, bool invert, unsigned int *flags,
entry->ipv6.proto, entry->ipv6.invflags);
}
-static int
+static bool
__multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
struct xt_entry_match **match, u_int16_t pnum,
u_int8_t invflags)
@@ -253,7 +253,7 @@ __multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
if (invert)
@@ -263,10 +263,10 @@ __multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
xtables_error(PARAMETER_PROBLEM,
"multiport can only have one option");
*flags = 1;
- return 1;
+ return true;
}
-static int
+static bool
multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
@@ -275,7 +275,7 @@ multiport_parse_v1(int c, char **argv, bool invert, unsigned int *flags,
entry->ip.proto, entry->ip.invflags);
}
-static int
+static bool
multiport_parse6_v1(int c, char **argv, bool invert, unsigned int *flags,
const void *e, struct xt_entry_match **match)
{
diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c
index ba9b17f..1a4037c 100644
--- a/extensions/libxt_owner.c
+++ b/extensions/libxt_owner.c
@@ -101,7 +101,7 @@ static const struct option owner_mt_opts[] = {
{ .name = NULL }
};
-static int
+static bool
owner_mt_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -180,7 +180,7 @@ owner_mt_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
return false;
}
-static int
+static bool
owner_mt6_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -261,8 +261,9 @@ static void owner_parse_range(const char *s, unsigned int *from,
xtables_param_act(XTF_BAD_VALUE, "owner", opt, s);
}
-static int owner_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
- const void *entry, struct xt_entry_match **match)
+static bool
+owner_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_match **match)
{
struct xt_owner_match_info *info = (void *)(*match)->data;
struct passwd *pwd;
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index e181633..1ce408c 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -33,7 +33,7 @@ static const struct option physdev_opts[] = {
{ .name = NULL }
};
-static int
+static bool
physdev_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -96,10 +96,10 @@ physdev_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
multiple_use:
xtables_error(PARAMETER_PROBLEM,
"multiple use of the same physdev option is not allowed");
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index 9a7b53b..294c854 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -84,7 +84,7 @@ static void parse_pkttype(const char *pkttype, struct xt_pkttype_info *info)
xtables_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype);
}
-static int pkttype_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool pkttype_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_pkttype_info *info = (struct xt_pkttype_info *)(*match)->data;
@@ -100,10 +100,10 @@ static int pkttype_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void pkttype_check(unsigned int flags)
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index 119e13d..6843841 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -38,7 +38,7 @@ quota_save(const void *ip, const struct xt_entry_match *match)
}
/* parse quota option */
-static int
+static bool
parse_quota(const char *s, u_int64_t * quota)
{
*quota = strtoull(s, NULL, 10);
@@ -50,10 +50,10 @@ parse_quota(const char *s, u_int64_t * quota)
if (*quota == UINT64_MAX)
xtables_error(PARAMETER_PROBLEM, "quota invalid: '%s'\n", s);
else
- return 1;
+ return true;
}
-static int
+static bool
quota_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -69,9 +69,9 @@ quota_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static struct xtables_match quota_match = {
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index 22a934b..2c17326 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -83,7 +83,7 @@ static const struct rate_suffix {
{ .name = NULL }
};
-static int
+static bool
rateest_get_rate(u_int32_t *rate, const char *str)
{
char *p;
@@ -91,24 +91,24 @@ rateest_get_rate(u_int32_t *rate, const char *str)
const struct rate_suffix *s;
if (p == str)
- return -1;
+ return false;
if (*p == '\0') {
*rate = bps / 8.; /* assume bytes/sec */
- return 0;
+ return true;
}
for (s = suffixes; s->name; ++s) {
if (strcasecmp(s->name, p) == 0) {
*rate = (bps * s->scale) / 8.;
- return 0;
+ return true;
}
}
- return -1;
+ return false;
}
-static int
+static bool
rateest_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -164,7 +164,7 @@ rateest_parse(int c, char **argv, bool invert, unsigned int *flags,
if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
break;
- if (rateest_get_rate(&info->bps1, argv[optind]) < 0)
+ if (!rateest_get_rate(&info->bps1, argv[optind]))
xtables_error(PARAMETER_PROBLEM,
"rateest: could not parse rate `%s'",
argv[optind]);
@@ -213,7 +213,7 @@ rateest_parse(int c, char **argv, bool invert, unsigned int *flags,
if (!argv[optind] || *argv[optind] == '-' || *argv[optind] == '!')
break;
- if (rateest_get_rate(&info->bps2, argv[optind]) < 0)
+ if (!rateest_get_rate(&info->bps2, argv[optind]))
xtables_error(PARAMETER_PROBLEM,
"rateest: could not parse rate `%s'",
argv[optind]);
@@ -299,10 +299,10 @@ rateest_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void
diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c
index 2d1f6d5..5a2631e 100644
--- a/extensions/libxt_recent.c
+++ b/extensions/libxt_recent.c
@@ -63,7 +63,7 @@ static void recent_init(struct xt_entry_match *match)
(XT_RECENT_SET | XT_RECENT_CHECK | \
XT_RECENT_UPDATE | XT_RECENT_REMOVE)
-static int recent_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool recent_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_recent_mtinfo *info = (void *)(*match)->data;
@@ -144,10 +144,10 @@ static int recent_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void recent_check(unsigned int flags)
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 928c33d..85b2bce 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -258,7 +258,7 @@ parse_sctp_chunks(struct xt_sctp_info *einfo,
parse_sctp_chunk(einfo, chunks);
}
-static int
+static bool
sctp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -310,9 +310,9 @@ sctp_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static char *
diff --git a/extensions/libxt_socket.c b/extensions/libxt_socket.c
index ed191b5..211c8c4 100644
--- a/extensions/libxt_socket.c
+++ b/extensions/libxt_socket.c
@@ -13,11 +13,11 @@ static void socket_mt_help(void)
printf("socket v%s has no options\n\n", XTABLES_VERSION);
}
-static int
+static bool
socket_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
- return 0;
+ return false;
}
static void socket_mt_check(unsigned int flags)
diff --git a/extensions/libxt_standard.c b/extensions/libxt_standard.c
index 3a0d8c8..5029c01 100644
--- a/extensions/libxt_standard.c
+++ b/extensions/libxt_standard.c
@@ -15,10 +15,11 @@ static void standard_help(void)
"(If target is DROP, ACCEPT, RETURN or nothing)\n");
}
-static int standard_parse(int c, char **argv, bool invert, unsigned int *flags,
- const void *entry, struct xt_entry_target **target)
+static bool
+standard_parse(int c, char **argv, bool invert, unsigned int *flags,
+ const void *entry, struct xt_entry_target **target)
{
- return 0;
+ return false;
}
static struct xtables_target standard_target = {
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index b5f0593..97afe45 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -27,7 +27,7 @@ static const struct option state_opts[] = {
{ .name = NULL }
};
-static int
+static bool
state_parse_state(const char *state, size_t len, struct xt_state_info *sinfo)
{
if (strncasecmp(state, "INVALID", len) == 0)
@@ -41,8 +41,8 @@ state_parse_state(const char *state, size_t len, struct xt_state_info *sinfo)
else if (strncasecmp(state, "UNTRACKED", len) == 0)
sinfo->statemask |= XT_STATE_UNTRACKED;
else
- return 0;
- return 1;
+ return false;
+ return true;
}
static void
@@ -63,7 +63,7 @@ state_parse_states(const char *arg, struct xt_state_info *sinfo)
xtables_error(PARAMETER_PROBLEM, "Bad state \"%s\"", arg);
}
-static int
+static bool
state_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_match **match)
@@ -81,10 +81,10 @@ state_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void state_final_check(unsigned int flags)
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index ca65782..139f878 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -36,7 +36,7 @@ static void statistic_mt_init(struct xt_entry_match *match)
global_info = (void *)match->data;
}
-static int
+static bool
statistic_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -91,9 +91,9 @@ statistic_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags |= 0x8;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void statistic_check(unsigned int flags)
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index fc17d6c..a718850 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -169,7 +169,7 @@ parse_hex_string(const char *s, struct xt_string_info *info)
#define TO 0x8
#define ICASE 0x10
-static int
+static bool
string_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -240,9 +240,9 @@ string_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void string_check(unsigned int flags)
@@ -257,17 +257,17 @@ static void string_check(unsigned int flags)
}
/* Test to see if the string contains non-printable chars or quotes */
-static unsigned short int
+static bool
is_hex_string(const char *str, const unsigned short int len)
{
unsigned int i;
for (i=0; i < len; i++)
if (! isprint(str[i]))
- return 1; /* string contains at least one non-printable char */
+ return true; /* string contains at least one non-printable char */
/* use hex output if the last char is a "\" */
if ((unsigned char) str[len-1] == 0x5c)
- return 1;
- return 0;
+ return true;
+ return false;
}
/* Print string with "|" chars included as one would pass to --hex-string */
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index cbf813a..e98ab76 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -140,7 +140,7 @@ static void tcp_init(struct xt_entry_match *m)
#define TCP_FLAGS 0x04
#define TCP_OPTION 0x08
-static int
+static bool
tcp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -208,10 +208,10 @@ tcp_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static char *
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c
index d3e8b21..9488095 100644
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -54,7 +54,7 @@ parse_tcp_mssvalues(const char *mssvaluestring,
free(buffer);
}
-static int
+static bool
tcpmss_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -74,9 +74,9 @@ tcpmss_parse(int c, char **argv, bool invert, unsigned int *flags,
*flags = 1;
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static void tcpmss_check(unsigned int flags)
diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c
index 2542fbf..f2db56f 100644
--- a/extensions/libxt_time.c
+++ b/extensions/libxt_time.c
@@ -246,7 +246,7 @@ static unsigned int time_parse_weekdays(const char *arg)
return ret;
}
-static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool time_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_time_info *info = (void *)(*match)->data;
@@ -261,7 +261,7 @@ static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
"Unexpected \"!\" with --datestart");
info->date_start = time_parse_date(optarg, false);
*flags |= F_DATE_START;
- return 1;
+ return true;
case 'E': /* --datestop */
if (*flags & F_DATE_STOP)
xtables_error(PARAMETER_PROBLEM,
@@ -271,7 +271,7 @@ static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
"unexpected \"!\" with --datestop");
info->date_stop = time_parse_date(optarg, true);
*flags |= F_DATE_STOP;
- return 1;
+ return true;
case 'X': /* --timestart */
if (*flags & F_TIME_START)
xtables_error(PARAMETER_PROBLEM,
@@ -281,7 +281,7 @@ static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
"Unexpected \"!\" with --timestart");
info->daytime_start = time_parse_minutes(optarg);
*flags |= F_TIME_START;
- return 1;
+ return true;
case 'Y': /* --timestop */
if (*flags & F_TIME_STOP)
xtables_error(PARAMETER_PROBLEM,
@@ -291,14 +291,14 @@ static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
"Unexpected \"!\" with --timestop");
info->daytime_stop = time_parse_minutes(optarg);
*flags |= F_TIME_STOP;
- return 1;
+ return true;
case 'l': /* --localtz */
if (*flags & F_TIMEZONE)
xtables_error(PARAMETER_PROBLEM,
"Can only specify exactly one of --localtz or --utc");
info->flags |= XT_TIME_LOCAL_TZ;
*flags |= F_TIMEZONE;
- return 1;
+ return true;
case 'm': /* --monthdays */
if (*flags & F_MONTHDAYS)
xtables_error(PARAMETER_PROBLEM,
@@ -307,7 +307,7 @@ static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
if (invert)
info->monthdays_match ^= XT_TIME_ALL_MONTHDAYS;
*flags |= F_MONTHDAYS;
- return 1;
+ return true;
case 'w': /* --weekdays */
if (*flags & F_WEEKDAYS)
xtables_error(PARAMETER_PROBLEM,
@@ -316,16 +316,16 @@ static int time_parse(int c, char **argv, bool invert, unsigned int *flags,
if (invert)
info->weekdays_match ^= XT_TIME_ALL_WEEKDAYS;
*flags |= F_WEEKDAYS;
- return 1;
+ return true;
case 'u': /* --utc */
if (*flags & F_TIMEZONE)
xtables_error(PARAMETER_PROBLEM,
"Can only specify exactly one of --localtz or --utc");
info->flags &= ~XT_TIME_LOCAL_TZ;
*flags |= F_TIMEZONE;
- return 1;
+ return true;
}
- return 0;
+ return false;
}
static void time_print_date(time_t date, const char *command)
diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c
index 90113ee..6ea20a4 100644
--- a/extensions/libxt_tos.c
+++ b/extensions/libxt_tos.c
@@ -42,7 +42,7 @@ static void tos_mt_help(void)
printf("\n");
}
-static int
+static bool
tos_mt_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -67,7 +67,7 @@ tos_mt_parse_v0(int c, char **argv, bool invert, unsigned int *flags,
return false;
}
-static int tos_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool tos_mt_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_tos_match_info *info = (void *)(*match)->data;
diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c
index 203e646..6195d96 100644
--- a/extensions/libxt_u32.c
+++ b/extensions/libxt_u32.c
@@ -102,7 +102,7 @@ static u_int32_t parse_number(char **s, int pos)
return number;
}
-static int u32_parse(int c, char **argv, bool invert, unsigned int *flags,
+static bool u32_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
struct xt_u32 *data = (void *)(*match)->data;
@@ -113,7 +113,7 @@ static int u32_parse(int c, char **argv, bool invert, unsigned int *flags,
int state = 0;
if (c != 'u')
- return 0;
+ return false;
data->invert = invert;
@@ -122,7 +122,7 @@ static int u32_parse(int c, char **argv, bool invert, unsigned int *flags,
* 0 = looking for numbers and operations,
* 1 = looking for ranges
*/
- while (1) {
+ while (true) {
/* read next operand/number or range */
while (isspace(*arg))
++arg;
@@ -144,7 +144,7 @@ static int u32_parse(int c, char **argv, bool invert, unsigned int *flags,
xtables_error(PARAMETER_PROBLEM,
"u32: at char %u: too many \"&&\"s",
(unsigned int)(arg - start));
- return 1;
+ return true;
}
if (state == 0) {
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c
index 0c5c3df..cc21062 100644
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -62,7 +62,7 @@ static void udp_init(struct xt_entry_match *m)
#define UDP_SRC_PORTS 0x01
#define UDP_DST_PORTS 0x02
-static int
+static bool
udp_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_match **match)
{
@@ -92,10 +92,10 @@ udp_parse(int c, char **argv, bool invert, unsigned int *flags,
break;
default:
- return 0;
+ return false;
}
- return 1;
+ return true;
}
static char *
diff --git a/include/xtables.h.in b/include/xtables.h.in
index 97f4eea..23103cd 100644
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -67,7 +67,7 @@ struct xtables_match
/* Function which parses command options; returns true if it
ate an option */
/* entry is struct ipt_entry for example */
- int (*parse)(int c, char **argv, bool invert, unsigned int *flags,
+ bool (*parse)(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_match **match);
@@ -129,7 +129,7 @@ struct xtables_target
/* Function which parses command options; returns true if it
ate an option */
/* entry is struct ipt_entry for example */
- int (*parse)(int c, char **argv, bool invert, unsigned int *flags,
+ bool (*parse)(int c, char **argv, bool invert, unsigned int *flags,
const void *entry,
struct xt_entry_target **targetinfo);
diff --git a/ip6tables.c b/ip6tables.c
index 9f70264..6a164d9 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1702,10 +1702,10 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
default:
if (!target
- || !(target->parse(c - target->option_offset,
+ || !target->parse(c - target->option_offset,
argv, invert,
&target->tflags,
- &fw, &target->t))) {
+ &fw, &target->t)) {
for (matchp = matches; matchp; matchp = matchp->next) {
if (matchp->completed)
continue;
diff --git a/iptables.c b/iptables.c
index 27fa084..ba8c3bb 100644
--- a/iptables.c
+++ b/iptables.c
@@ -1729,10 +1729,10 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
default:
if (!target
- || !(target->parse(c - target->option_offset,
+ || !target->parse(c - target->option_offset,
argv, invert,
&target->tflags,
- &fw, &target->t))) {
+ &fw, &target->t)) {
for (matchp = matches; matchp; matchp = matchp->next) {
if (matchp->completed)
continue;
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 8/9] extensions: add const qualifiers in print/save functions
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (6 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 7/9] extensions: switch parse() return type " Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-03 19:54 ` [PATCH 9/9] iptables: replace open-coded sizeof by ARRAY_SIZE Jan Engelhardt
2009-05-04 13:23 ` iptables pull request Pablo Neira Ayuso
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libip6t_hl.c | 2 +-
extensions/libipt_DNAT.c | 4 ++--
extensions/libipt_MASQUERADE.c | 10 ++++------
extensions/libipt_NETMAP.c | 5 ++---
extensions/libipt_REDIRECT.c | 10 ++++------
extensions/libipt_SAME.c | 10 ++++------
extensions/libipt_SET.c | 6 ++----
extensions/libipt_SNAT.c | 4 ++--
extensions/libipt_realm.c | 4 ++--
extensions/libipt_set.c | 6 ++----
extensions/libxt_CONNSECMARK.c | 6 +++---
extensions/libxt_RATEEST.c | 2 +-
extensions/libxt_SECMARK.c | 4 ++--
| 4 ++--
extensions/libxt_connbytes.c | 8 ++++----
extensions/libxt_connmark.c | 4 ++--
extensions/libxt_conntrack.c | 5 +++--
extensions/libxt_hashlimit.c | 6 ++----
extensions/libxt_helper.c | 4 ++--
extensions/libxt_limit.c | 4 ++--
extensions/libxt_mark.c | 4 ++--
extensions/libxt_physdev.c | 6 ++----
extensions/libxt_pkttype.c | 6 +++---
extensions/libxt_quota.c | 4 ++--
extensions/libxt_rateest.c | 7 ++++---
extensions/libxt_state.c | 4 ++--
extensions/libxt_statistic.c | 4 ++--
extensions/libxt_time.c | 2 +-
28 files changed, 66 insertions(+), 79 deletions(-)
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c
index cc84018..c61d941 100644
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -90,7 +90,7 @@ static void hl_check(unsigned int flags)
static void hl_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- static const char *op[] = {
+ static const char *const op[] = {
[IP6T_HL_EQ] = "==",
[IP6T_HL_NE] = "!=",
[IP6T_HL_LT] = "<",
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index 4f35aa2..2dceee2 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -220,7 +220,7 @@ static void print_range(const struct nf_nat_range *r)
static void DNAT_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct ipt_natinfo *info = (void *)target;
+ const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
printf("to:");
@@ -236,7 +236,7 @@ static void DNAT_print(const void *ip, const struct xt_entry_target *target,
static void DNAT_save(const void *ip, const struct xt_entry_target *target)
{
- struct ipt_natinfo *info = (void *)target;
+ const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
for (i = 0; i < info->mr.rangesize; i++) {
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 6d2446e..ad25468 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -113,9 +113,8 @@ static void
MASQUERADE_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct nf_nat_multi_range *mr
- = (struct nf_nat_multi_range *)target->data;
- struct nf_nat_range *r = &mr->range[0];
+ const struct nf_nat_multi_range *mr = (const void *)target->data;
+ const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
printf("masq ports: ");
@@ -132,9 +131,8 @@ MASQUERADE_print(const void *ip, const struct xt_entry_target *target,
static void
MASQUERADE_save(const void *ip, const struct xt_entry_target *target)
{
- struct nf_nat_multi_range *mr
- = (struct nf_nat_multi_range *)target->data;
- struct nf_nat_range *r = &mr->range[0];
+ const struct nf_nat_multi_range *mr = (const void *)target->data;
+ const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
printf("--to-ports %hu", ntohs(r->min.tcp.port));
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c
index 4d4b125..2be72c1 100644
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -141,9 +141,8 @@ static void NETMAP_check(unsigned int flags)
static void NETMAP_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct nf_nat_multi_range *mr
- = (struct nf_nat_multi_range *)target->data;
- struct nf_nat_range *r = &mr->range[0];
+ const struct nf_nat_multi_range *mr = (const void *)target->data;
+ const struct nf_nat_range *r = &mr->range[0];
struct in_addr a;
int bits;
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index 83b0f22..2bc0ad1 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -126,9 +126,8 @@ REDIRECT_parse(int c, char **argv, bool invert, unsigned int *flags,
static void REDIRECT_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct nf_nat_multi_range *mr
- = (struct nf_nat_multi_range *)target->data;
- struct nf_nat_range *r = &mr->range[0];
+ const struct nf_nat_multi_range *mr = (const void *)target->data;
+ const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
printf("redir ports ");
@@ -143,9 +142,8 @@ static void REDIRECT_print(const void *ip, const struct xt_entry_target *target,
static void REDIRECT_save(const void *ip, const struct xt_entry_target *target)
{
- struct nf_nat_multi_range *mr
- = (struct nf_nat_multi_range *)target->data;
- struct nf_nat_range *r = &mr->range[0];
+ const struct nf_nat_multi_range *mr = (const void *)target->data;
+ const struct nf_nat_range *r = &mr->range[0];
if (r->flags & IP_NAT_RANGE_PROTO_SPECIFIED) {
printf("--to-ports ");
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c
index bbd63c7..8fbda49 100644
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -139,14 +139,13 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
unsigned int count;
- struct ipt_same_info *mr
- = (struct ipt_same_info *)target->data;
+ const struct ipt_same_info *mr = (const void *)target->data;
int random_selection = 0;
printf("same:");
for (count = 0; count < mr->rangesize; count++) {
- struct nf_nat_range *r = &mr->range[count];
+ const struct nf_nat_range *r = &mr->range[count];
struct in_addr a;
a.s_addr = r->min_ip;
@@ -172,12 +171,11 @@ static void SAME_print(const void *ip, const struct xt_entry_target *target,
static void SAME_save(const void *ip, const struct xt_entry_target *target)
{
unsigned int count;
- struct ipt_same_info *mr
- = (struct ipt_same_info *)target->data;
+ const struct ipt_same_info *mr = (const void *)target->data;
int random_selection = 0;
for (count = 0; count < mr->rangesize; count++) {
- struct nf_nat_range *r = &mr->range[count];
+ const struct nf_nat_range *r = &mr->range[count];
struct in_addr a;
a.s_addr = r->min_ip;
diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c
index 6f409a1..db0d433 100644
--- a/extensions/libipt_SET.c
+++ b/extensions/libipt_SET.c
@@ -130,8 +130,7 @@ print_target(const char *prefix, const struct ipt_set_info *info)
static void SET_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct ipt_set_info_target *info =
- (struct ipt_set_info_target *) target->data;
+ const struct ipt_set_info_target *info = (const void *)target->data;
print_target("add-set", &info->add_set);
print_target("del-set", &info->del_set);
@@ -139,8 +138,7 @@ static void SET_print(const void *ip, const struct xt_entry_target *target,
static void SET_save(const void *ip, const struct xt_entry_target *target)
{
- struct ipt_set_info_target *info =
- (struct ipt_set_info_target *) target->data;
+ const struct ipt_set_info_target *info = (const void *)target->data;
print_target("--add-set", &info->add_set);
print_target("--del-set", &info->del_set);
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 11ef08f..c7eccd0 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -220,7 +220,7 @@ static void print_range(const struct nf_nat_range *r)
static void SNAT_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct ipt_natinfo *info = (void *)target;
+ const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
printf("to:");
@@ -236,7 +236,7 @@ static void SNAT_print(const void *ip, const struct xt_entry_target *target,
static void SNAT_save(const void *ip, const struct xt_entry_target *target)
{
- struct ipt_natinfo *info = (void *)target;
+ const struct ipt_natinfo *info = (const void *)target;
unsigned int i = 0;
for (i = 0; i < info->mr.rangesize; i++) {
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c
index bde3472..88fa499 100644
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -208,7 +208,7 @@ print_realm(unsigned long id, unsigned long mask, bool numeric)
static void realm_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct ipt_realm_info *ri = (struct ipt_realm_info *) match->data;
+ const struct ipt_realm_info *ri = (const void *)match->data;
if (ri->invert)
printf("! ");
@@ -219,7 +219,7 @@ static void realm_print(const void *ip, const struct xt_entry_match *match,
static void realm_save(const void *ip, const struct xt_entry_match *match)
{
- struct ipt_realm_info *ri = (struct ipt_realm_info *) match->data;
+ const struct ipt_realm_info *ri = (const void *)match->data;
if (ri->invert)
printf("! ");
diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c
index b704852..cfa64dc 100644
--- a/extensions/libipt_set.c
+++ b/extensions/libipt_set.c
@@ -122,16 +122,14 @@ print_match(const char *prefix, const struct ipt_set_info *info)
static void set_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct ipt_set_info_match *info =
- (struct ipt_set_info_match *) match->data;
+ const struct ipt_set_info_match *info = (const void *)match->data;
print_match("set", &info->match_set);
}
static void set_save(const void *ip, const struct xt_entry_match *match)
{
- struct ipt_set_info_match *info =
- (struct ipt_set_info_match *) match->data;
+ const struct ipt_set_info_match *info = (const void *)match->data;
print_match("--set", &info->match_set);
}
diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c
index d48d1f6..f32d860 100644
--- a/extensions/libxt_CONNSECMARK.c
+++ b/extensions/libxt_CONNSECMARK.c
@@ -70,7 +70,7 @@ static void CONNSECMARK_check(unsigned int flags)
"or --restore is allowed");
}
-static void print_connsecmark(struct xt_connsecmark_target_info *info)
+static void print_connsecmark(const struct xt_connsecmark_target_info *info)
{
switch (info->mode) {
case CONNSECMARK_SAVE:
@@ -90,7 +90,7 @@ static void
CONNSECMARK_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct xt_connsecmark_target_info *info =
+ const struct xt_connsecmark_target_info *info =
(struct xt_connsecmark_target_info*)(target)->data;
printf("CONNSECMARK ");
@@ -100,7 +100,7 @@ CONNSECMARK_print(const void *ip, const struct xt_entry_target *target,
static void
CONNSECMARK_save(const void *ip, const struct xt_entry_target *target)
{
- struct xt_connsecmark_target_info *info =
+ const struct xt_connsecmark_target_info *info =
(struct xt_connsecmark_target_info*)target->data;
printf("--");
diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c
index bd70852..e1fbdda 100644
--- a/extensions/libxt_RATEEST.c
+++ b/extensions/libxt_RATEEST.c
@@ -175,7 +175,7 @@ RATEEST_final_check(unsigned int flags)
static void
__RATEEST_print(const struct xt_entry_target *target, const char *prefix)
{
- struct xt_rateest_target_info *info = (void *)target->data;
+ const struct xt_rateest_target_info *info = (const void *)target->data;
unsigned int local_interval;
unsigned int local_ewma_log;
diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c
index 36f9d7c..c6a9116 100644
--- a/extensions/libxt_SECMARK.c
+++ b/extensions/libxt_SECMARK.c
@@ -77,7 +77,7 @@ static void print_secmark(struct xt_secmark_target_info *info)
static void SECMARK_print(const void *ip, const struct xt_entry_target *target,
bool numeric)
{
- struct xt_secmark_target_info *info =
+ const struct xt_secmark_target_info *info =
(struct xt_secmark_target_info*)(target)->data;
printf("SECMARK ");
@@ -86,7 +86,7 @@ static void SECMARK_print(const void *ip, const struct xt_entry_target *target,
static void SECMARK_save(const void *ip, const struct xt_entry_target *target)
{
- struct xt_secmark_target_info *info =
+ const struct xt_secmark_target_info *info =
(struct xt_secmark_target_info*)target->data;
printf("--");
--git a/extensions/libxt_comment.c b/extensions/libxt_comment.c
index 79d1594..da959c7 100644
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -72,7 +72,7 @@ static void comment_check(unsigned int flags)
static void
comment_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data;
+ struct xt_comment_info *commentinfo = (void *)match->data;
commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0';
printf("/* %s */ ", commentinfo->comment);
@@ -82,7 +82,7 @@ comment_print(const void *ip, const struct xt_entry_match *match, bool numeric)
static void
comment_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_comment_info *commentinfo = (struct xt_comment_info *)match->data;
+ struct xt_comment_info *commentinfo = (void *)match->data;
commentinfo->comment[XT_MAX_COMMENT_LEN-1] = '\0';
printf("--comment ");
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c
index d465fc4..bf1d05f 100644
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -103,7 +103,7 @@ static void connbytes_check(unsigned int flags)
"`--connbytes-dir' and `--connbytes-mode'");
}
-static void print_mode(struct xt_connbytes_info *sinfo)
+static void print_mode(const struct xt_connbytes_info *sinfo)
{
switch (sinfo->what) {
case XT_CONNBYTES_PKTS:
@@ -121,7 +121,7 @@ static void print_mode(struct xt_connbytes_info *sinfo)
}
}
-static void print_direction(struct xt_connbytes_info *sinfo)
+static void print_direction(const struct xt_connbytes_info *sinfo)
{
switch (sinfo->direction) {
case XT_CONNBYTES_DIR_ORIGINAL:
@@ -143,7 +143,7 @@ static void
connbytes_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct xt_connbytes_info *sinfo = (struct xt_connbytes_info *)match->data;
+ const struct xt_connbytes_info *sinfo = (const void *)match->data;
if (sinfo->count.from > sinfo->count.to)
printf("connbytes ! %llu:%llu ",
@@ -163,7 +163,7 @@ connbytes_print(const void *ip, const struct xt_entry_match *match,
static void connbytes_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_connbytes_info *sinfo = (struct xt_connbytes_info *)match->data;
+ const struct xt_connbytes_info *sinfo = (const void *)match->data;
if (sinfo->count.from > sinfo->count.to)
printf("! --connbytes %llu:%llu ",
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c
index fa16e96..4418e6a 100644
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -123,7 +123,7 @@ static void
connmark_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct xt_connmark_info *info = (struct xt_connmark_info *)match->data;
+ const struct xt_connmark_info *info = (const void *)match->data;
printf("CONNMARK match ");
if (info->invert)
@@ -145,7 +145,7 @@ connmark_mt_print(const void *ip, const struct xt_entry_match *match,
static void connmark_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_connmark_info *info = (struct xt_connmark_info *)match->data;
+ const struct xt_connmark_info *info = (const void *)match->data;
if (info->invert)
printf("! ");
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index 4b6c3c5..0ede034 100644
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -780,7 +780,8 @@ conntrack_dump_addr(const union nf_inet_addr *addr,
}
static void
-print_addr(struct in_addr *addr, struct in_addr *mask, bool inv, bool numeric)
+print_addr(const struct in_addr *addr, const struct in_addr *mask,
+ bool inv, bool numeric)
{
char buf[BUFSIZ];
@@ -803,7 +804,7 @@ static void
matchinfo_print(const void *ip, const struct xt_entry_match *match,
bool numeric, const char *optpfx)
{
- struct xt_conntrack_info *sinfo = (void *)match->data;
+ const struct xt_conntrack_info *sinfo = (const void *)match->data;
if(sinfo->flags & XT_CONNTRACK_STATE) {
if (sinfo->invflags & XT_CONNTRACK_STATE)
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 4fd844f..1ca78d8 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -525,8 +525,7 @@ static void print_mode(unsigned int mode, char separator)
static void hashlimit_print(const void *ip,
const struct xt_entry_match *match, bool numeric)
{
- struct xt_hashlimit_info *r =
- (struct xt_hashlimit_info *)match->data;
+ const struct xt_hashlimit_info *r = (const void *)match->data;
fputs("limit: avg ", stdout); print_rate(r->cfg.avg);
printf("burst %u ", r->cfg.burst);
fputs("mode ", stdout);
@@ -590,8 +589,7 @@ hashlimit_mt6_print(const void *ip, const struct xt_entry_match *match,
static void hashlimit_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_hashlimit_info *r =
- (struct xt_hashlimit_info *)match->data;
+ const struct xt_hashlimit_info *r = (const void *)match->data;
fputs("--hashlimit ", stdout); print_rate(r->cfg.avg);
if (r->cfg.burst != XT_HASHLIMIT_BURST)
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c
index d5e5670..951db5c 100644
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -56,14 +56,14 @@ static void helper_check(unsigned int flags)
static void
helper_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_helper_info *info = (struct xt_helper_info *)match->data;
+ const struct xt_helper_info *info = (const void *)match->data;
printf("helper match %s\"%s\" ", info->invert ? "! " : "", info->name);
}
static void helper_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_helper_info *info = (struct xt_helper_info *)match->data;
+ const struct xt_helper_info *info = (const void *)match->data;
printf("%s--helper ",info->invert ? "! " : "");
xtables_save_string(info->name);
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index e408e3e..a999531 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -145,14 +145,14 @@ static void print_rate(u_int32_t period)
static void
limit_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_rateinfo *r = (struct xt_rateinfo *)match->data;
+ const struct xt_rateinfo *r = (const void *)match->data;
printf("limit: avg "); print_rate(r->avg);
printf("burst %u ", r->burst);
}
static void limit_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_rateinfo *r = (struct xt_rateinfo *)match->data;
+ const struct xt_rateinfo *r = (const void *)match->data;
printf("--limit "); print_rate(r->avg);
if (r->burst != XT_LIMIT_BURST)
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c
index c6299ff..eb45c24 100644
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -110,7 +110,7 @@ mark_mt_print(const void *ip, const struct xt_entry_match *match, bool numeric)
static void
mark_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_mark_info *info = (struct xt_mark_info *)match->data;
+ const struct xt_mark_info *info = (const void *)match->data;
printf("MARK match ");
@@ -134,7 +134,7 @@ static void mark_mt_save(const void *ip, const struct xt_entry_match *match)
static void
mark_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_mark_info *info = (struct xt_mark_info *)match->data;
+ const struct xt_mark_info *info = (const void *)match->data;
if (info->invert)
printf("! ");
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c
index 1ce408c..39fff0b 100644
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -115,8 +115,7 @@ static void physdev_check(unsigned int flags)
static void
physdev_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_physdev_info *info =
- (struct xt_physdev_info*)match->data;
+ const struct xt_physdev_info *info = (const void *)match->data;
printf("PHYSDEV match");
if (info->bitmask & XT_PHYSDEV_OP_ISIN)
@@ -140,8 +139,7 @@ physdev_print(const void *ip, const struct xt_entry_match *match, bool numeric)
static void physdev_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_physdev_info *info =
- (struct xt_physdev_info*)match->data;
+ const struct xt_physdev_info *info = (const void *)match->data;
if (info->bitmask & XT_PHYSDEV_OP_ISIN)
printf("%s--physdev-is-in ",
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index 294c854..f8ad175 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -112,7 +112,7 @@ static void pkttype_check(unsigned int flags)
xtables_error(PARAMETER_PROBLEM, "You must specify \"--pkt-type\"");
}
-static void print_pkttype(struct xt_pkttype_info *info)
+static void print_pkttype(const struct xt_pkttype_info *info)
{
unsigned int i;
@@ -131,7 +131,7 @@ static void print_pkttype(struct xt_pkttype_info *info)
static void pkttype_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct xt_pkttype_info *info = (struct xt_pkttype_info *)match->data;
+ const struct xt_pkttype_info *info = (const void *)match->data;
printf("PKTTYPE %s= ", info->invert?"!":"");
print_pkttype(info);
@@ -139,7 +139,7 @@ static void pkttype_print(const void *ip, const struct xt_entry_match *match,
static void pkttype_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_pkttype_info *info = (struct xt_pkttype_info *)match->data;
+ const struct xt_pkttype_info *info = (const void *)match->data;
printf("%s--pkt-type ", info->invert ? "! " : "");
print_pkttype(info);
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c
index 6843841..ae283f5 100644
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -26,14 +26,14 @@ static void quota_help(void)
static void
quota_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_quota_info *q = (struct xt_quota_info *) match->data;
+ const struct xt_quota_info *q = (const void *)match->data;
printf("quota: %llu bytes", (unsigned long long) q->quota);
}
static void
quota_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_quota_info *q = (struct xt_quota_info *) match->data;
+ const struct xt_quota_info *q = (const void *)match->data;
printf("--quota %llu ", (unsigned long long) q->quota);
}
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c
index 2c17326..dbc6f17 100644
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -333,7 +333,8 @@ rateest_print_rate(u_int32_t rate, bool numeric)
}
static void
-rateest_print_mode(struct xt_rateest_match_info *info, const char *prefix)
+rateest_print_mode(const struct xt_rateest_match_info *info,
+ const char *prefix)
{
if (info->flags & XT_RATEEST_MATCH_INVERT)
printf("! ");
@@ -356,7 +357,7 @@ rateest_print_mode(struct xt_rateest_match_info *info, const char *prefix)
static void
rateest_print(const void *ip, const struct xt_entry_match *match, bool numeric)
{
- struct xt_rateest_match_info *info = (void *)match->data;
+ const struct xt_rateest_match_info *info = (const void *)match->data;
printf("rateest match ");
@@ -406,7 +407,7 @@ rateest_print(const void *ip, const struct xt_entry_match *match, bool numeric)
static void
rateest_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_rateest_match_info *info = (void *)match->data;
+ const struct xt_rateest_match_info *info = (const void *)match->data;
if (info->flags & XT_RATEEST_MATCH_REL) {
printf("--rateest1 %s ", info->name1);
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c
index 97afe45..248d71f 100644
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -125,7 +125,7 @@ state_print(const void *ip,
const struct xt_entry_match *match,
bool numeric)
{
- struct xt_state_info *sinfo = (struct xt_state_info *)match->data;
+ const struct xt_state_info *sinfo = (const void *)match->data;
printf("state ");
state_print_state(sinfo->statemask);
@@ -133,7 +133,7 @@ state_print(const void *ip,
static void state_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_state_info *sinfo = (struct xt_state_info *)match->data;
+ const struct xt_state_info *sinfo = (const void *)match->data;
printf("--state ");
state_print_state(sinfo->statemask);
diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c
index 139f878..4f661e8 100644
--- a/extensions/libxt_statistic.c
+++ b/extensions/libxt_statistic.c
@@ -148,7 +148,7 @@ static void
statistic_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct xt_statistic_info *info = (struct xt_statistic_info *)match->data;
+ const struct xt_statistic_info *info = (const void *)match->data;
printf("statistic ");
print_match(info, "");
@@ -156,7 +156,7 @@ statistic_print(const void *ip, const struct xt_entry_match *match,
static void statistic_save(const void *ip, const struct xt_entry_match *match)
{
- struct xt_statistic_info *info = (struct xt_statistic_info *)match->data;
+ const struct xt_statistic_info *info = (const void *)match->data;
print_match(info, "--");
}
diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c
index f2db56f..6dc7431 100644
--- a/extensions/libxt_time.c
+++ b/extensions/libxt_time.c
@@ -406,7 +406,7 @@ static inline void divide_time(unsigned int fulltime, unsigned int *hours,
static void time_print(const void *ip, const struct xt_entry_match *match,
bool numeric)
{
- struct xt_time_info *info = (void *)match->data;
+ const struct xt_time_info *info = (const void *)match->data;
unsigned int h, m, s;
printf("TIME ");
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* [PATCH 9/9] iptables: replace open-coded sizeof by ARRAY_SIZE
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (7 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 8/9] extensions: add const qualifiers in print/save functions Jan Engelhardt
@ 2009-05-03 19:54 ` Jan Engelhardt
2009-05-04 13:23 ` iptables pull request Pablo Neira Ayuso
9 siblings, 0 replies; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-03 19:54 UTC (permalink / raw)
To: netfilter-devel
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/dscp_helper.c | 6 ++----
extensions/libip6t_LOG.c | 12 +++---------
extensions/libip6t_REJECT.c | 11 ++++-------
extensions/libip6t_icmp6.c | 11 ++++-------
| 16 +++++-----------
extensions/libip6t_mh.c | 7 +++----
extensions/libipt_LOG.c | 12 +++---------
extensions/libipt_REJECT.c | 9 ++++-----
extensions/libipt_icmp.c | 11 ++++-------
extensions/libxt_dccp.c | 5 ++---
extensions/libxt_hashlimit.c | 3 +--
extensions/libxt_limit.c | 3 +--
extensions/libxt_pkttype.c | 12 +++---------
extensions/libxt_sctp.c | 18 ++----------------
extensions/libxt_tcp.c | 9 +++------
ip6tables-restore.c | 2 +-
iptables-restore.c | 2 +-
iptables-xml.c | 2 +-
18 files changed, 47 insertions(+), 104 deletions(-)
diff --git a/extensions/dscp_helper.c b/extensions/dscp_helper.c
index 8fa0f4a..75b1fec 100644
--- a/extensions/dscp_helper.c
+++ b/extensions/dscp_helper.c
@@ -51,7 +51,7 @@ class_to_dscp(const char *name)
{
unsigned int i;
- for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
+ for (i = 0; i < ARRAY_SIZE(ds_classes); i++) {
if (!strncasecmp(name, ds_classes[i].name,
strlen(ds_classes[i].name)))
return ds_classes[i].dscp;
@@ -68,11 +68,9 @@ dscp_to_name(unsigned int dscp)
{
int i;
- for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
+ for (i = 0; i < ARRAY_SIZE(ds_classes); ++i)
if (dscp == ds_classes[i].dscp)
return ds_classes[i].name;
- }
-
xtables_error(PARAMETER_PROBLEM,
"Invalid DSCP value `%d'\n", dscp);
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 824671e..259e564 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -73,9 +73,7 @@ parse_level(const char *level)
if (!xtables_strtoui(level, NULL, &lev, 0, 7)) {
unsigned int i = 0;
- for (i = 0;
- i < sizeof(ip6t_log_names) / sizeof(struct ip6t_log_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(ip6t_log_names); ++i)
if (strncasecmp(level, ip6t_log_names[i].name,
strlen(level)) == 0) {
if (set++)
@@ -84,7 +82,6 @@ parse_level(const char *level)
level);
lev = ip6t_log_names[i].level;
}
- }
if (!set)
xtables_error(PARAMETER_PROBLEM,
@@ -202,15 +199,12 @@ static void LOG_print(const void *ip, const struct xt_entry_target *target,
printf("flags %u level %u ",
loginfo->logflags, loginfo->level);
else {
- for (i = 0;
- i < sizeof(ip6t_log_names) / sizeof(struct ip6t_log_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(ip6t_log_names); ++i)
if (loginfo->level == ip6t_log_names[i].level) {
printf("level %s ", ip6t_log_names[i].name);
break;
}
- }
- if (i == sizeof(ip6t_log_names) / sizeof(struct ip6t_log_names))
+ if (i == ARRAY_SIZE(ip6t_log_names))
printf("UNKNOWN level %u ", loginfo->level);
if (loginfo->logflags & IP6T_LOG_TCPSEQ)
printf("tcp-sequence ");
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c
index 38d3534..57be710 100644
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -44,7 +44,7 @@ print_reject_types(void)
printf("Valid reject types:\n");
- for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i) {
printf(" %-25s\t%s\n", reject_table[i].name, reject_table[i].desc);
printf(" %-25s\talias\n", reject_table[i].alias);
}
@@ -80,7 +80,6 @@ static bool REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
{
struct ip6t_reject_info *reject =
(struct ip6t_reject_info *)(*target)->data;
- unsigned int limit = sizeof(reject_table)/sizeof(struct reject_names);
unsigned int i;
switch(c) {
@@ -88,13 +87,12 @@ static bool REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
if (xtables_check_inverse(optarg, &invert, NULL, 0))
xtables_error(PARAMETER_PROBLEM,
"Unexpected `!' after --reject-with");
- for (i = 0; i < limit; i++) {
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if ((strncasecmp(reject_table[i].name, optarg, strlen(optarg)) == 0)
|| (strncasecmp(reject_table[i].alias, optarg, strlen(optarg)) == 0)) {
reject->with = reject_table[i].with;
return true;
}
- }
xtables_error(PARAMETER_PROBLEM, "unknown reject type \"%s\"", optarg);
default:
/* Fall through */
@@ -110,10 +108,9 @@ static void REJECT_print(const void *ip, const struct xt_entry_target *target,
= (const struct ip6t_reject_info *)target->data;
unsigned int i;
- for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if (reject_table[i].with == reject->with)
break;
- }
printf("reject-with %s ", reject_table[i].name);
}
@@ -123,7 +120,7 @@ static void REJECT_save(const void *ip, const struct xt_entry_target *target)
= (const struct ip6t_reject_info *)target->data;
unsigned int i;
- for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++)
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if (reject_table[i].with == reject->with)
break;
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c
index c10a06e..82df436 100644
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -60,7 +60,7 @@ print_icmpv6types(void)
unsigned int i;
printf("Valid ICMPv6 Types:");
- for (i = 0; i < sizeof(icmpv6_codes)/sizeof(struct icmpv6_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(icmpv6_codes); ++i) {
if (i && icmpv6_codes[i].type == icmpv6_codes[i-1].type) {
if (icmpv6_codes[i].code_min == icmpv6_codes[i-1].code_min
&& (icmpv6_codes[i].code_max
@@ -92,7 +92,7 @@ static const struct option icmp6_opts[] = {
static void
parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[])
{
- unsigned int limit = sizeof(icmpv6_codes)/sizeof(struct icmpv6_names);
+ static const unsigned int limit = ARRAY_SIZE(icmpv6_codes);
unsigned int match = limit;
unsigned int i;
@@ -182,16 +182,13 @@ static void print_icmpv6type(u_int8_t type,
if (!numeric) {
unsigned int i;
- for (i = 0;
- i < sizeof(icmpv6_codes)/sizeof(struct icmpv6_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(icmpv6_codes); ++i)
if (icmpv6_codes[i].type == type
&& icmpv6_codes[i].code_min == code_min
&& icmpv6_codes[i].code_max == code_max)
break;
- }
- if (i != sizeof(icmpv6_codes)/sizeof(struct icmpv6_names)) {
+ if (i != ARRAY_SIZE(icmpv6_codes)) {
printf("%s%s ",
invert ? "!" : "",
icmpv6_codes[i].name);
--git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c
index da6c0b0..a216967 100644
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -78,7 +78,7 @@ proto_to_name(u_int8_t proto, int nolookup)
return pent->p_name;
}
- for (i = 0; i < sizeof(chain_protos)/sizeof(struct pprot); i++)
+ for (i = 0; i < ARRAY_SIZE(chain_protos); ++i)
if (chain_protos[i].num == proto)
return chain_protos[i].name;
@@ -95,16 +95,13 @@ name_to_proto(const char *s)
proto = pent->p_proto;
else {
unsigned int i;
- for (i = 0;
- i < sizeof(chain_protos)/sizeof(struct pprot);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(chain_protos); ++i)
if (strcmp(s, chain_protos[i].name) == 0) {
proto = chain_protos[i].num;
break;
}
- }
- if (i == sizeof(chain_protos)/sizeof(struct pprot))
+ if (i == ARRAY_SIZE(chain_protos))
xtables_error(PARAMETER_PROBLEM,
"unknown header `%s' specified",
s);
@@ -117,16 +114,13 @@ static unsigned int
add_proto_to_mask(int proto){
unsigned int i=0, flag=0;
- for (i = 0;
- i < sizeof(chain_flags)/sizeof(struct numflag);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(chain_flags); ++i)
if (proto == chain_flags[i].proto){
flag = chain_flags[i].flag;
break;
}
- }
- if (i == sizeof(chain_flags)/sizeof(struct numflag))
+ if (i == ARRAY_SIZE(chain_flags))
xtables_error(PARAMETER_PROBLEM,
"unknown header `%d' specified",
proto);
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c
index f7b699f..2fc735a 100644
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -49,7 +49,7 @@ static void print_types_all(void)
unsigned int i;
printf("Valid MH types:");
- for (i = 0; i < sizeof(mh_names)/sizeof(struct mh_name); i++) {
+ for (i = 0; i < ARRAY_SIZE(mh_names); ++i) {
if (i && mh_names[i].type == mh_names[i-1].type)
printf(" (%s)", mh_names[i].name);
else
@@ -76,7 +76,7 @@ static void mh_init(struct xt_entry_match *m)
static unsigned int name_to_type(const char *name)
{
int namelen = strlen(name);
- unsigned int limit = sizeof(mh_names)/sizeof(struct mh_name);
+ static const unsigned int limit = ARRAY_SIZE(mh_names);
unsigned int match = limit;
unsigned int i;
@@ -152,10 +152,9 @@ static const char *type_to_name(u_int8_t type)
{
unsigned int i;
- for (i = 0; i < sizeof(mh_names)/sizeof(struct mh_name); i++) {
+ for (i = 0; i < ARRAY_SIZE(mh_names); ++i)
if (mh_names[i].type == type)
return mh_names[i].name;
- }
return NULL;
}
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 59a08d6..30d56ae 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -73,9 +73,7 @@ parse_level(const char *level)
if (!xtables_strtoui(level, NULL, &lev, 0, 7)) {
unsigned int i = 0;
- for (i = 0;
- i < sizeof(ipt_log_names) / sizeof(struct ipt_log_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(ipt_log_names); ++i)
if (strncasecmp(level, ipt_log_names[i].name,
strlen(level)) == 0) {
if (set++)
@@ -84,7 +82,6 @@ parse_level(const char *level)
level);
lev = ipt_log_names[i].level;
}
- }
if (!set)
xtables_error(PARAMETER_PROBLEM,
@@ -202,15 +199,12 @@ static void LOG_print(const void *ip, const struct xt_entry_target *target,
printf("flags %u level %u ",
loginfo->logflags, loginfo->level);
else {
- for (i = 0;
- i < sizeof(ipt_log_names) / sizeof(struct ipt_log_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(ipt_log_names); ++i)
if (loginfo->level == ipt_log_names[i].level) {
printf("level %s ", ipt_log_names[i].name);
break;
}
- }
- if (i == sizeof(ipt_log_names) / sizeof(struct ipt_log_names))
+ if (i == ARRAY_SIZE(ipt_log_names))
printf("UNKNOWN level %u ", loginfo->level);
if (loginfo->logflags & IPT_LOG_TCPSEQ)
printf("tcp-sequence ");
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index 9014fe4..5789894 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -57,7 +57,7 @@ print_reject_types(void)
printf("Valid reject types:\n");
- for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i) {
printf(" %-25s\t%s\n", reject_table[i].name, reject_table[i].desc);
printf(" %-25s\talias\n", reject_table[i].alias);
}
@@ -94,7 +94,7 @@ static bool REJECT_parse(int c, char **argv, bool invert, unsigned int *flags,
const void *entry, struct xt_entry_target **target)
{
struct ipt_reject_info *reject = (struct ipt_reject_info *)(*target)->data;
- unsigned int limit = sizeof(reject_table)/sizeof(struct reject_names);
+ static const unsigned int limit = ARRAY_SIZE(reject_table);
unsigned int i;
switch(c) {
@@ -129,10 +129,9 @@ static void REJECT_print(const void *ip, const struct xt_entry_target *target,
= (const struct ipt_reject_info *)target->data;
unsigned int i;
- for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if (reject_table[i].with == reject->with)
break;
- }
printf("reject-with %s ", reject_table[i].name);
}
@@ -142,7 +141,7 @@ static void REJECT_save(const void *ip, const struct xt_entry_target *target)
= (const struct ipt_reject_info *)target->data;
unsigned int i;
- for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++)
+ for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
if (reject_table[i].with == reject->with)
break;
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c
index f823677..dadde99 100644
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -84,7 +84,7 @@ print_icmptypes(void)
unsigned int i;
printf("Valid ICMP Types:");
- for (i = 0; i < sizeof(icmp_codes)/sizeof(struct icmp_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(icmp_codes); ++i) {
if (i && icmp_codes[i].type == icmp_codes[i-1].type) {
if (icmp_codes[i].code_min == icmp_codes[i-1].code_min
&& (icmp_codes[i].code_max
@@ -116,7 +116,7 @@ static const struct option icmp_opts[] = {
static void
parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[])
{
- unsigned int limit = sizeof(icmp_codes)/sizeof(struct icmp_names);
+ static const unsigned int limit = ARRAY_SIZE(icmp_codes);
unsigned int match = limit;
unsigned int i;
@@ -207,16 +207,13 @@ static void print_icmptype(u_int8_t type,
if (!numeric) {
unsigned int i;
- for (i = 0;
- i < sizeof(icmp_codes)/sizeof(struct icmp_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(icmp_codes); ++i)
if (icmp_codes[i].type == type
&& icmp_codes[i].code_min == code_min
&& icmp_codes[i].code_max == code_max)
break;
- }
- if (i != sizeof(icmp_codes)/sizeof(struct icmp_names)) {
+ if (i != ARRAY_SIZE(icmp_codes)) {
printf("%s%s ",
invert ? "!" : "",
icmp_codes[i].name);
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c
index e5e2edc..d0d4e64 100644
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -103,13 +103,12 @@ parse_dccp_types(const char *typestring)
for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) {
unsigned int i;
- for (i = 0; i < sizeof(dccp_pkt_types)/sizeof(char *); i++) {
+ for (i = 0; i < ARRAY_SIZE(dccp_pkt_types); ++i)
if (!strcasecmp(dccp_pkt_types[i], ptr)) {
typemask |= (1 << i);
break;
}
- }
- if (i == sizeof(dccp_pkt_types)/sizeof(char *))
+ if (i == ARRAY_SIZE(dccp_pkt_types))
xtables_error(PARAMETER_PROBLEM,
"Unknown DCCP type `%s'", ptr);
}
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c
index 1ca78d8..c499ecc 100644
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -485,11 +485,10 @@ static void print_rate(u_int32_t period)
{
unsigned int i;
- for (i = 1; i < sizeof(rates)/sizeof(struct rates); i++) {
+ for (i = 1; i < ARRAY_SIZE(rates); ++i)
if (period > rates[i].mult
|| rates[i].mult/period < rates[i].mult%period)
break;
- }
printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name);
}
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c
index a999531..3acb00f 100644
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -133,11 +133,10 @@ static void print_rate(u_int32_t period)
{
unsigned int i;
- for (i = 1; i < sizeof(rates)/sizeof(struct rates); i++) {
+ for (i = 1; i < ARRAY_SIZE(rates); ++i)
if (period > rates[i].mult
|| rates[i].mult/period < rates[i].mult%period)
break;
- }
printf("%u/%s ", rates[i-1].mult / period, rates[i-1].name);
}
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c
index f8ad175..ba22055 100644
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -47,11 +47,9 @@ static void print_types(void)
unsigned int i;
printf("Valid packet types:\n");
- for (i = 0; i < sizeof(supported_types)/sizeof(struct pkttypes); i++)
- {
+ for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
if(supported_types[i].printhelp == 1)
printf("\t%-14s\t\t%s\n", supported_types[i].name, supported_types[i].help);
- }
printf("\n");
}
@@ -72,14 +70,12 @@ static void parse_pkttype(const char *pkttype, struct xt_pkttype_info *info)
{
unsigned int i;
- for (i = 0; i < sizeof(supported_types)/sizeof(struct pkttypes); i++)
- {
+ for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
if(strcasecmp(pkttype, supported_types[i].name)==0)
{
info->pkttype=supported_types[i].pkttype;
return;
}
- }
xtables_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype);
}
@@ -116,14 +112,12 @@ static void print_pkttype(const struct xt_pkttype_info *info)
{
unsigned int i;
- for (i = 0; i < sizeof(supported_types)/sizeof(struct pkttypes); i++)
- {
+ for (i = 0; i < ARRAY_SIZE(supported_types); ++i)
if(supported_types[i].pkttype==info->pkttype)
{
printf("%s ", supported_types[i].name);
return;
}
- }
printf("%d ", info->pkttype); /* in case we didn't find an entry in named-packtes */
}
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c
index 85b2bce..561662a 100644
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -18,20 +18,8 @@
#include <netinet/in.h>
#include <xtables.h>
-#ifndef ARRAY_SIZE
-#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
-#endif
-
#include <linux/netfilter/xt_sctp.h>
-/* Some ZS!#@:$%*#$! has replaced the ELEMCOUNT macro in ipt_sctp.h with
- * ARRAY_SIZE without noticing that this file is used from userspace,
- * and userspace doesn't have ARRAY_SIZE */
-
-#ifndef ELEMCOUNT
-#define ELEMCOUNT ARRAY_SIZE
-#endif
-
#if 0
#define DEBUGP(format, first...) printf(format, ##first)
#define static
@@ -199,7 +187,7 @@ parse_sctp_chunk(struct xt_sctp_info *einfo,
*chunk_flags++ = 0;
}
- for (i = 0; i < ELEMCOUNT(sctp_chunk_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(sctp_chunk_names); ++i)
if (strcasecmp(sctp_chunk_names[i].name, ptr) == 0) {
DEBUGP("Chunk num %d\n", sctp_chunk_names[i].chunk_type);
SCTP_CHUNKMAP_SET(einfo->chunkmap,
@@ -207,7 +195,6 @@ parse_sctp_chunk(struct xt_sctp_info *einfo,
found = 1;
break;
}
- }
if (!found)
xtables_error(PARAMETER_PROBLEM,
"Unknown sctp chunk `%s'", ptr);
@@ -390,10 +377,9 @@ print_chunk(u_int32_t chunknum, bool numeric)
else {
int i;
- for (i = 0; i < ELEMCOUNT(sctp_chunk_names); i++) {
+ for (i = 0; i < ARRAY_SIZE(sctp_chunk_names); ++i)
if (sctp_chunk_names[i].chunk_type == chunknum)
printf("%s", sctp_chunk_names[chunknum].name);
- }
}
}
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c
index e98ab76..6ff5c24 100644
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -87,18 +87,15 @@ parse_tcp_flag(const char *flags)
for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) {
unsigned int i;
- for (i = 0;
- i < sizeof(tcp_flag_names)/sizeof(struct tcp_flag_names);
- i++) {
+ for (i = 0; i < ARRAY_SIZE(tcp_flag_names); ++i)
if (strcasecmp(tcp_flag_names[i].name, ptr) == 0) {
ret |= tcp_flag_names[i].flag;
break;
}
- }
- if (i == sizeof(tcp_flag_names)/sizeof(struct tcp_flag_names))
+ if (i == ARRAY_SIZE(tcp_flag_names))
xtables_error(PARAMETER_PROBLEM,
"Unknown TCP flag `%s'", ptr);
- }
+ }
free(buffer);
return ret;
diff --git a/ip6tables-restore.c b/ip6tables-restore.c
index 324dd1f..1d5efea 100644
--- a/ip6tables-restore.c
+++ b/ip6tables-restore.c
@@ -99,7 +99,7 @@ static int newargc;
* returns true if argument added, false otherwise */
static int add_argv(char *what) {
DEBUGP("add_argv: %s\n", what);
- if (what && ((newargc + 1) < sizeof(newargv)/sizeof(char *))) {
+ if (what && newargc + 1 < ARRAY_SIZE(newargv)) {
newargv[newargc] = strdup(what);
newargc++;
return 1;
diff --git a/iptables-restore.c b/iptables-restore.c
index f1c5e3e..2a797cc 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -99,7 +99,7 @@ static int newargc;
* returns true if argument added, false otherwise */
static int add_argv(char *what) {
DEBUGP("add_argv: %s\n", what);
- if (what && ((newargc + 1) < sizeof(newargv)/sizeof(char *))) {
+ if (what && newargc + 1 < ARRAY_SIZE(newargv)) {
newargv[newargc] = strdup(what);
newargc++;
return 1;
diff --git a/iptables-xml.c b/iptables-xml.c
index 543715b..e5d1941 100644
--- a/iptables-xml.c
+++ b/iptables-xml.c
@@ -110,7 +110,7 @@ static int
add_argv(char *what, int quoted)
{
DEBUGP("add_argv: %d %s\n", newargc, what);
- if (what && ((newargc + 1) < sizeof(newargv) / sizeof(char *))) {
+ if (what && newargc + 1 < ARRAY_SIZE(newargv)) {
newargv[newargc] = strdup(what);
newargvattr[newargc] = quoted;
newargc++;
--
1.6.2.2
^ permalink raw reply related [flat|nested] 13+ messages in thread
* Re: iptables pull request
2009-05-03 19:54 iptables pull request Jan Engelhardt
` (8 preceding siblings ...)
2009-05-03 19:54 ` [PATCH 9/9] iptables: replace open-coded sizeof by ARRAY_SIZE Jan Engelhardt
@ 2009-05-04 13:23 ` Pablo Neira Ayuso
2009-05-04 23:54 ` Jan Engelhardt
9 siblings, 1 reply; 13+ messages in thread
From: Pablo Neira Ayuso @ 2009-05-04 13:23 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
> Please pull from:
> git://dev.medozas.de/iptables master
>
> to receive 1 external submission, 1 manpage completion, and 7 code
> transformations intended for the 1.4.4 'branch'.
There are several API changes in this changeset, could you justify the
benefits of it? I think that they may break binary compatibility. I
think that the idea was to provide a stable API for things like jamal's
ipt, not to change it quite so often just to replace int by bool.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: iptables pull request
2009-05-04 13:23 ` iptables pull request Pablo Neira Ayuso
@ 2009-05-04 23:54 ` Jan Engelhardt
2009-05-05 13:26 ` Pablo Neira Ayuso
0 siblings, 1 reply; 13+ messages in thread
From: Jan Engelhardt @ 2009-05-04 23:54 UTC (permalink / raw)
To: Pablo Neira Ayuso; +Cc: netfilter-devel
On Monday 2009-05-04 15:23, Pablo Neira Ayuso wrote:
>Jan Engelhardt wrote:
>> Please pull from:
>> git://dev.medozas.de/iptables master
>>
>> to receive 1 external submission, 1 manpage completion, and 7 code
>> transformations intended for the 1.4.4 'branch'.
>
>There are several API changes in this changeset, could you justify the
>benefits of it? I think that they may break binary compatibility. I
>think that the idea was to provide a stable API for things like jamal's
>ipt, not to change it quite so often just to replace int by bool.
The benefit, though smaller here, is correctness. Note the kernel has
received similar changes in v2.6.22-600-ge1931b7. I plan to materialize
more thoughts into code, as 1.4.4 should be away some months (if it
follows the usual pattern...), or at least weeks, yet.
I do not think we planned for a stable API - but feel free to ask Jamal.
The main target was ABI, because... - I am not sure how m_ipt did it,
but I seem to remember that despite version checks (ie. struct
xtables_match->version) it provided an iptables-like API that was not
actually that from the respective iptables version. Or something.
I am not sure what m_ipt did previously w.r.t. checks, but there are now
various mechanisms in place to ensure ABIs do not get mixed up
erroneously:
- soversion. m_ipt now links against, say, libxtables.so.2. If the
latter changes incompatibly, it becomes libxtables.so.3, and the
runtime linker ld.so will take care of it -- by throwing a "file not
found" error, or by actually loading a still-existing .so.2.
- libxtables will not load extensions that have a mismatching soversion
string
- lastly, we could make it so that every extension is backlinked to
libxtables.so.$version as an added measure but I had not yet given
thought of the impact that it causes for running iptables directly from
the source directory.
^ permalink raw reply [flat|nested] 13+ messages in thread
* Re: iptables pull request
2009-05-04 23:54 ` Jan Engelhardt
@ 2009-05-05 13:26 ` Pablo Neira Ayuso
0 siblings, 0 replies; 13+ messages in thread
From: Pablo Neira Ayuso @ 2009-05-05 13:26 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: netfilter-devel
Jan Engelhardt wrote:
> I do not think we planned for a stable API - but feel free to ask Jamal.
> The main target was ABI, because... - I am not sure how m_ipt did it,
> but I seem to remember that despite version checks (ie. struct
> xtables_match->version) it provided an iptables-like API that was not
> actually that from the respective iptables version. Or something.
Well, IMO if this is intended to be a public API it should be stable.
> I am not sure what m_ipt did previously w.r.t. checks, but there are now
> various mechanisms in place to ensure ABIs do not get mixed up
> erroneously:
>
> - soversion. m_ipt now links against, say, libxtables.so.2. If the
> latter changes incompatibly, it becomes libxtables.so.3, and the
> runtime linker ld.so will take care of it -- by throwing a "file not
> found" error, or by actually loading a still-existing .so.2.
>
> - libxtables will not load extensions that have a mismatching soversion
> string
>
> - lastly, we could make it so that every extension is backlinked to
> libxtables.so.$version as an added measure but I had not yet given
> thought of the impact that it causes for running iptables directly from
> the source directory.
Aware of all of those, but I think that we should not abuse these
because versioning is not a solution, it's more like a workaround. If we
change the ABI over and over again, this will result in binary breakages
and really bad experience from the user side.
--
"Los honestos son inadaptados sociales" -- Les Luthiers
^ permalink raw reply [flat|nested] 13+ messages in thread
end of thread, other threads:[~2009-05-05 13:26 UTC | newest]
Thread overview: 13+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-05-03 19:54 iptables pull request Jan Engelhardt
2009-05-03 19:54 ` [PATCH 1/9] iptables: accept multiple IP address specifications for -s, -d Jan Engelhardt
2009-05-03 19:54 ` [PATCH 2/9] DNAT/SNAT: add manpage documentation for --persistent flag Jan Engelhardt
2009-05-03 19:54 ` [PATCH 3/9] extensions: remove redundant casts Jan Engelhardt
2009-05-03 19:54 ` [PATCH 4/9] extensions: switch numeric to bool Jan Engelhardt
2009-05-03 19:54 ` [PATCH 5/9] libxt_helper: fix invalid passed option to check_inverse Jan Engelhardt
2009-05-03 19:54 ` [PATCH 6/9] extensions: switch invert to bool Jan Engelhardt
2009-05-03 19:54 ` [PATCH 7/9] extensions: switch parse() return type " Jan Engelhardt
2009-05-03 19:54 ` [PATCH 8/9] extensions: add const qualifiers in print/save functions Jan Engelhardt
2009-05-03 19:54 ` [PATCH 9/9] iptables: replace open-coded sizeof by ARRAY_SIZE Jan Engelhardt
2009-05-04 13:23 ` iptables pull request Pablo Neira Ayuso
2009-05-04 23:54 ` Jan Engelhardt
2009-05-05 13:26 ` Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).