2f6aefdd21
* Wed Aug 14 2024 Phil Sutter <psutter@redhat.com> [1.0.4-5.el8] - xt: Fix fallback printing for extensions matching keywords (Phil Sutter) [RHEL-5806] - xt: Fall back to generic printing from translation (Phil Sutter) [RHEL-5806] - xt: Rewrite unsupported compat expression dumping (Phil Sutter) [RHEL-5806] - xt: Purify enum nft_xt_type (Phil Sutter) [RHEL-5806] - xt: Delay libxtables access until translation (Phil Sutter) [RHEL-5806] - Warn for tables with compat expressions in rules (Phil Sutter) [RHEL-5806] Resolves: RHEL-5806
93 lines
2.5 KiB
Diff
93 lines
2.5 KiB
Diff
From e0a2f227d1d3cfb60561144318e81f74a7516d38 Mon Sep 17 00:00:00 2001
|
|
From: Phil Sutter <psutter@redhat.com>
|
|
Date: Wed, 14 Aug 2024 16:21:18 +0200
|
|
Subject: [PATCH] xt: Fall back to generic printing from translation
|
|
|
|
JIRA: https://issues.redhat.com/browse/RHEL-5806
|
|
Upstream Status: nftables commit e41c53ca5b043e8cee493bf4a7f78195827279d2
|
|
|
|
commit e41c53ca5b043e8cee493bf4a7f78195827279d2
|
|
Author: Phil Sutter <phil@nwl.cc>
|
|
Date: Thu Nov 24 16:16:41 2022 +0100
|
|
|
|
xt: Fall back to generic printing from translation
|
|
|
|
If translation is not available or fails, print the generic format
|
|
instead of calling the print callback (which does not respect
|
|
output_fp) or silently failing.
|
|
|
|
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
|
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
---
|
|
src/xt.c | 31 +++++++++++++------------------
|
|
1 file changed, 13 insertions(+), 18 deletions(-)
|
|
|
|
diff --git a/src/xt.c b/src/xt.c
|
|
index 12b52aa..b75c94e 100644
|
|
--- a/src/xt.c
|
|
+++ b/src/xt.c
|
|
@@ -34,6 +34,12 @@ static void *xt_entry_alloc(const struct xt_stmt *xt, uint32_t af);
|
|
|
|
void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
|
|
{
|
|
+ static const char *typename[NFT_XT_MAX] = {
|
|
+ [NFT_XT_MATCH] = "match",
|
|
+ [NFT_XT_TARGET] = "target",
|
|
+ [NFT_XT_WATCHER] = "watcher",
|
|
+ };
|
|
+ int rc = 0;
|
|
#ifdef HAVE_LIBXTABLES
|
|
struct xt_xlate *xl = xt_xlate_alloc(10240);
|
|
struct xtables_target *tg;
|
|
@@ -69,11 +75,7 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
|
|
.numeric = 1,
|
|
};
|
|
|
|
- mt->xlate(xl, ¶ms);
|
|
- nft_print(octx, "%s", xt_xlate_get(xl));
|
|
- } else if (mt->print) {
|
|
- printf("#");
|
|
- mt->print(&entry, m, 0);
|
|
+ rc = mt->xlate(xl, ¶ms);
|
|
}
|
|
xfree(m);
|
|
break;
|
|
@@ -102,27 +104,20 @@ void xt_stmt_xlate(const struct stmt *stmt, struct output_ctx *octx)
|
|
.numeric = 1,
|
|
};
|
|
|
|
- tg->xlate(xl, ¶ms);
|
|
- nft_print(octx, "%s", xt_xlate_get(xl));
|
|
- } else if (tg->print) {
|
|
- printf("#");
|
|
- tg->print(NULL, t, 0);
|
|
+ rc = tg->xlate(xl, ¶ms);
|
|
}
|
|
xfree(t);
|
|
break;
|
|
}
|
|
|
|
+ if (rc == 1)
|
|
+ nft_print(octx, "%s", xt_xlate_get(xl));
|
|
xt_xlate_free(xl);
|
|
xfree(entry);
|
|
-#else
|
|
- static const char *typename[NFT_XT_MAX] = {
|
|
- [NFT_XT_MATCH] = "match",
|
|
- [NFT_XT_TARGET] = "target",
|
|
- [NFT_XT_WATCHER] = "watcher",
|
|
- };
|
|
-
|
|
- nft_print(octx, "xt %s %s", typename[stmt->xt.type], stmt->xt.name);
|
|
#endif
|
|
+ if (!rc)
|
|
+ nft_print(octx, "xt %s %s",
|
|
+ typename[stmt->xt.type], stmt->xt.name);
|
|
}
|
|
|
|
void xt_stmt_destroy(struct stmt *stmt)
|
|
--
|
|
2.45.0
|
|
|