From adc559b69fc2b8d95a7c3bae96ca12faa0ba5d1d Mon Sep 17 00:00:00 2001 From: Phil Sutter Date: Tue, 17 Nov 2020 00:57:10 +0100 Subject: [PATCH] Use proto_to_name() from xshared in more places Share the common proto name lookup code. While being at it, make proto number variable 16bit, values may exceed 256. This aligns iptables-nft '-p' argument printing with legacy iptables. In practice, this should make a difference only in corner cases. Signed-off-by: Phil Sutter (cherry picked from commit 556f704458cdb509d395ddb7d2629987d60e762e) --- include/xtables.h | 2 +- iptables/ip6tables.c | 22 +++++----------------- iptables/iptables.c | 20 +++++--------------- iptables/nft-shared.c | 6 +++--- iptables/xshared.c | 2 +- iptables/xshared.h | 2 +- 6 files changed, 16 insertions(+), 38 deletions(-) diff --git a/include/xtables.h b/include/xtables.h index 5044dd08e86d3..a7b36979398ba 100644 --- a/include/xtables.h +++ b/include/xtables.h @@ -395,7 +395,7 @@ struct xtables_rule_match { */ struct xtables_pprot { const char *name; - uint8_t num; + uint16_t num; }; enum xtables_tryload { diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c index c95355b091568..ce01ce8c04af6 100644 --- a/iptables/ip6tables.c +++ b/iptables/ip6tables.c @@ -796,28 +796,16 @@ print_iface(char letter, const char *iface, const unsigned char *mask, } } -/* The ip6tables looks up the /etc/protocols. */ static void print_proto(uint16_t proto, int invert) { if (proto) { - unsigned int i; + const char *pname = proto_to_name(proto, 0); const char *invertstr = invert ? " !" : ""; - const struct protoent *pent = getprotobynumber(proto); - if (pent) { - printf("%s -p %s", - invertstr, pent->p_name); - return; - } - - for (i = 0; xtables_chain_protos[i].name != NULL; ++i) - if (xtables_chain_protos[i].num == proto) { - printf("%s -p %s", - invertstr, xtables_chain_protos[i].name); - return; - } - - printf("%s -p %u", invertstr, proto); + if (pname) + printf("%s -p %s", invertstr, pname); + else + printf("%s -p %u", invertstr, proto); } } diff --git a/iptables/iptables.c b/iptables/iptables.c index 7d6183116d265..514238d924780 100644 --- a/iptables/iptables.c +++ b/iptables/iptables.c @@ -764,23 +764,13 @@ list_entries(const xt_chainlabel chain, int rulenum, int verbose, int numeric, static void print_proto(uint16_t proto, int invert) { if (proto) { - unsigned int i; + const char *pname = proto_to_name(proto, 0); const char *invertstr = invert ? " !" : ""; - const struct protoent *pent = getprotobynumber(proto); - if (pent) { - printf("%s -p %s", invertstr, pent->p_name); - return; - } - - for (i = 0; xtables_chain_protos[i].name != NULL; ++i) - if (xtables_chain_protos[i].num == proto) { - printf("%s -p %s", - invertstr, xtables_chain_protos[i].name); - return; - } - - printf("%s -p %u", invertstr, proto); + if (pname) + printf("%s -p %s", invertstr, pname); + else + printf("%s -p %u", invertstr, proto); } } diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c index c1664b50f9383..4253b08196d29 100644 --- a/iptables/nft-shared.c +++ b/iptables/nft-shared.c @@ -826,13 +826,13 @@ void save_rule_details(const struct iptables_command_state *cs, } if (proto > 0) { - const struct protoent *pent = getprotobynumber(proto); + const char *pname = proto_to_name(proto, 0); if (invflags & XT_INV_PROTO) printf("! "); - if (pent) - printf("-p %s ", pent->p_name); + if (pname) + printf("-p %s ", pname); else printf("-p %u ", proto); } diff --git a/iptables/xshared.c b/iptables/xshared.c index 3bcf24735c8fb..9a17a8fdf11cd 100644 --- a/iptables/xshared.c +++ b/iptables/xshared.c @@ -48,7 +48,7 @@ void print_extension_helps(const struct xtables_target *t, } const char * -proto_to_name(uint8_t proto, int nolookup) +proto_to_name(uint16_t proto, int nolookup) { unsigned int i; diff --git a/iptables/xshared.h b/iptables/xshared.h index 1e86aba8b2375..7c881c56a25da 100644 --- a/iptables/xshared.h +++ b/iptables/xshared.h @@ -152,7 +152,7 @@ enum { extern void print_extension_helps(const struct xtables_target *, const struct xtables_rule_match *); -extern const char *proto_to_name(uint8_t, int); +extern const char *proto_to_name(uint16_t, int); extern int command_default(struct iptables_command_state *, struct xtables_globals *); extern struct xtables_match *load_proto(struct iptables_command_state *); -- 2.40.0