In some cases, xlate functions must print a different result if they are invoked from nft and not from a xtables-translate command.
This commit adds a new boolean field to the xt_xlate struct. This variable must be true when a xlate function is called from a nft command. Additional code is required in nft in order to obtain this behavior. Signed-off-by: Pablo M. Bermudo Garay <[email protected]> --- include/xtables.h | 2 ++ libxtables/xtables.c | 12 ++++++++++++ 2 files changed, 14 insertions(+) diff --git a/include/xtables.h b/include/xtables.h index 48be514..fd72623 100644 --- a/include/xtables.h +++ b/include/xtables.h @@ -576,6 +576,8 @@ void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...); void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment); const char *xt_xlate_get_comment(struct xt_xlate *xl); const char *xt_xlate_get(struct xt_xlate *xl); +void xt_xlate_set_nft_compat(struct xt_xlate *xl, bool nft_compat); +bool xt_xlate_get_nft_compat(struct xt_xlate *xl); #ifdef XTABLES_INTERNAL diff --git a/libxtables/xtables.c b/libxtables/xtables.c index 921dfe9..1c3f63d 100644 --- a/libxtables/xtables.c +++ b/libxtables/xtables.c @@ -2011,6 +2011,7 @@ struct xt_xlate { int off; } buf; char comment[NFT_USERDATA_MAXLEN]; + bool nft_compat; }; struct xt_xlate *xt_xlate_alloc(int size) @@ -2029,6 +2030,7 @@ struct xt_xlate *xt_xlate_alloc(int size) xl->buf.rem = size; xl->buf.off = 0; xl->comment[0] = '\0'; + xl->nft_compat = false; return xl; } @@ -2069,3 +2071,13 @@ const char *xt_xlate_get(struct xt_xlate *xl) { return xl->buf.data; } + +void xt_xlate_set_nft_compat(struct xt_xlate *xl, bool nft_compat) +{ + xl->nft_compat = nft_compat; +} + +bool xt_xlate_get_nft_compat(struct xt_xlate *xl) +{ + return xl->nft_compat; +} -- 2.9.0 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
