diff --git a/doc/changelog.txt b/doc/changelog.txt index 8e64cbe..5219bf4 100644 --- a/doc/changelog.txt +++ b/doc/changelog.txt @@ -16,6 +16,7 @@ Enhancements: * fixed trailing whitespaces and pr_* messages * fixed module loading at create/header commands - build: support for Linux up to 2.6.38 +- build: preliminary support for iptables 1.4.11 v1.32 (2011-01-04) diff --git a/extensions/ACCOUNT/libxt_ACCOUNT.c b/extensions/ACCOUNT/libxt_ACCOUNT.c index b5aad44..d861998 100644 --- a/extensions/ACCOUNT/libxt_ACCOUNT.c +++ b/extensions/ACCOUNT/libxt_ACCOUNT.c @@ -105,11 +105,11 @@ static void account_tg_print_it(const void *ip, struct in_addr a; if (!do_prefix) - printf("ACCOUNT "); + printf(" ACCOUNT "); // Network information if (do_prefix) - printf("--"); + printf(" --"); printf("%s ", account_tg_opts[0].name); a.s_addr = accountinfo->net_ip; @@ -119,7 +119,7 @@ static void account_tg_print_it(const void *ip, printf(" "); if (do_prefix) - printf("--"); + printf(" --"); printf("%s %s", account_tg_opts[1].name, accountinfo->table_name); } diff --git a/extensions/libxt_CHAOS.c b/extensions/libxt_CHAOS.c index d9dc949..60c464f 100644 --- a/extensions/libxt_CHAOS.c +++ b/extensions/libxt_CHAOS.c @@ -71,10 +71,10 @@ static void chaos_tg_print(const void *ip, switch (info->variant) { case XTCHAOS_DELUDE: - printf("DELUDE "); + printf(" DELUDE "); break; case XTCHAOS_TARPIT: - printf("TARPIT "); + printf(" TARPIT "); break; } } @@ -85,10 +85,10 @@ static void chaos_tg_save(const void *ip, const struct xt_entry_target *target) switch (info->variant) { case XTCHAOS_DELUDE: - printf("--delude "); + printf(" --delude "); break; case XTCHAOS_TARPIT: - printf("--tarpit "); + printf(" --tarpit "); break; } } diff --git a/extensions/libxt_CHECKSUM.c b/extensions/libxt_CHECKSUM.c index 9ed5a00..0f189b7 100644 --- a/extensions/libxt_CHECKSUM.c +++ b/extensions/libxt_CHECKSUM.c @@ -62,7 +62,7 @@ static void CHECKSUM_print(const void *ip, const struct xt_entry_target *target, printf("CHECKSUM "); if (einfo->operation & XT_CHECKSUM_OP_FILL) - printf("fill "); + printf(" fill "); } static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target) @@ -71,7 +71,7 @@ static void CHECKSUM_save(const void *ip, const struct xt_entry_target *target) (const struct xt_CHECKSUM_info *)target->data; if (einfo->operation & XT_CHECKSUM_OP_FILL) - printf("--checksum-fill "); + printf(" --checksum-fill "); } static struct xtables_target checksum_tg_reg = { diff --git a/extensions/libxt_DHCPMAC.c b/extensions/libxt_DHCPMAC.c index 25e5cb5..258658f 100644 --- a/extensions/libxt_DHCPMAC.c +++ b/extensions/libxt_DHCPMAC.c @@ -66,7 +66,7 @@ static void dhcpmac_tg_print(const void *ip, { const struct dhcpmac_info *info = (void *)target->data; - printf("DHCPMAC %s" DH_MAC_FMT "/%u ", + printf(" DHCPMAC %s" DH_MAC_FMT "/%u ", info->invert ? "!" : "", DH_MAC_HEX(info->addr), info->mask); } @@ -76,8 +76,8 @@ static void dhcpmac_tg_save(const void *ip, const struct dhcpmac_info *info = (const void *)target->data; if (info->invert) - printf("! "); - printf("--set-mac " DH_MAC_FMT "/%u ", + printf(" !"); + printf(" --set-mac " DH_MAC_FMT "/%u ", DH_MAC_HEX(info->addr), info->mask); } diff --git a/extensions/libxt_DNETMAP.c b/extensions/libxt_DNETMAP.c index 7311311..ddfb7a6 100644 --- a/extensions/libxt_DNETMAP.c +++ b/extensions/libxt_DNETMAP.c @@ -192,7 +192,7 @@ static void DNETMAP_print(const void *ip, const struct xt_entry_target *target, struct xt_DNETMAP_tginfo *tginfo = (void *)&target->data; const __u8 *flags = &tginfo->flags; - printf("prefix "); + printf(" prefix "); if (*flags & XT_DNETMAP_PREFIX) DNETMAP_print_addr(ip, target, numeric); else @@ -211,14 +211,14 @@ static void DNETMAP_save(const void *ip, const struct xt_entry_target *target) const __u8 *flags = &tginfo->flags; if (*flags & XT_DNETMAP_PREFIX) { - printf("--%s", DNETMAP_opts[0].name); + printf(" --%s ", DNETMAP_opts[0].name); DNETMAP_print_addr(ip, target, 0); } - printf(" --reuse %i", *flags & XT_DNETMAP_REUSE); + printf(" --reuse %i ", *flags & XT_DNETMAP_REUSE); /* ommited because default value can change as kernel mod param */ if (*flags & XT_DNETMAP_TTL) - printf(" --ttl %i", tginfo->ttl); + printf(" --ttl %i ", tginfo->ttl); } static struct xtables_target dnetmap_tg_reg = { diff --git a/extensions/libxt_IPMARK.c b/extensions/libxt_IPMARK.c index 863564d..6d52e31 100644 --- a/extensions/libxt_IPMARK.c +++ b/extensions/libxt_IPMARK.c @@ -119,16 +119,16 @@ ipmark_tg_print(const void *entry, const struct xt_entry_target *target, const struct xt_ipmark_tginfo *info = (const void *)target->data; if (info->selector == XT_IPMARK_SRC) - printf("IPMARK src ip "); + printf(" IPMARK src ip "); else - printf("IPMARK dst ip "); + printf(" IPMARK dst ip "); if (info->shift != 0) - printf("shift %u ", (unsigned int)info->shift); + printf(" shift %u ", (unsigned int)info->shift); if (info->andmask != ~0U) - printf("and 0x%x ", (unsigned int)info->andmask); + printf(" and 0x%x ", (unsigned int)info->andmask); if (info->ormask != 0) - printf("or 0x%x ", (unsigned int)info->ormask); + printf(" or 0x%x ", (unsigned int)info->ormask); } static void @@ -137,16 +137,16 @@ ipmark_tg_save(const void *entry, const struct xt_entry_target *target) const struct xt_ipmark_tginfo *info = (const void *)target->data; if (info->selector == XT_IPMARK_SRC) - printf("--addr src "); + printf(" --addr src "); else - printf("--addr dst "); + printf(" --addr dst "); if (info->shift != 0) - printf("--shift %u ", (unsigned int)info->shift); + printf(" --shift %u ", (unsigned int)info->shift); if (info->andmask != ~0U) - printf("--and-mask 0x%x ", (unsigned int)info->andmask); + printf(" --and-mask 0x%x ", (unsigned int)info->andmask); if (info->ormask != 0) - printf("--or-mask 0x%x ", (unsigned int)info->ormask); + printf(" --or-mask 0x%x ", (unsigned int)info->ormask); } static struct xtables_target ipmark_tg_reg = { diff --git a/extensions/libxt_LOGMARK.c b/extensions/libxt_LOGMARK.c index 21f649e..825b9ca 100644 --- a/extensions/libxt_LOGMARK.c +++ b/extensions/libxt_LOGMARK.c @@ -83,7 +83,7 @@ logmark_tg_print(const void *ip, const struct xt_entry_target *target, { const struct xt_logmark_tginfo *info = (void *)target->data; - printf("LOGMARK level %u prefix \"%s\" ", info->level, info->prefix); + printf(" LOGMARK level %u prefix \"%s\" ", info->level, info->prefix); } static void @@ -92,9 +92,9 @@ logmark_tg_save(const void *ip, const struct xt_entry_target *target) const struct xt_logmark_tginfo *info = (void *)target->data; if (info->level != 4) - printf("--log-level %u ", info->level); + printf(" --log-level %u ", info->level); if (*info->prefix != '\0') - printf("--log-prefix \"%s\" ", info->prefix); + printf(" --log-prefix \"%s\" ", info->prefix); } static struct xtables_target logmark_tg_reg = { diff --git a/extensions/libxt_RAWDNAT.c b/extensions/libxt_RAWDNAT.c index 2dbea16..e77060f 100644 --- a/extensions/libxt_RAWDNAT.c +++ b/extensions/libxt_RAWDNAT.c @@ -110,10 +110,10 @@ rawdnat_tg4_print(const void *entry, const struct xt_entry_target *target, const struct xt_rawnat_tginfo *info = (const void *)target->data; if (!numeric && info->mask == 32) - printf("to-destination %s ", + printf(" to-destination %s ", xtables_ipaddr_to_anyname(&info->addr.in)); else - printf("to-destination %s/%u ", + printf(" to-destination %s/%u ", xtables_ipaddr_to_numeric(&info->addr.in), info->mask); } @@ -124,10 +124,10 @@ rawdnat_tg6_print(const void *entry, const struct xt_entry_target *target, const struct xt_rawnat_tginfo *info = (const void *)target->data; if (!numeric && info->mask == 128) - printf("to-destination %s ", + printf(" to-destination %s ", xtables_ip6addr_to_anyname(&info->addr.in6)); else - printf("to-destination %s/%u ", + printf(" to-destination %s/%u ", xtables_ip6addr_to_numeric(&info->addr.in6), info->mask); } @@ -136,7 +136,7 @@ rawdnat_tg4_save(const void *entry, const struct xt_entry_target *target) { const struct xt_rawnat_tginfo *info = (const void *)target->data; - printf("--to-destination %s/%u ", + printf(" --to-destination %s/%u ", xtables_ipaddr_to_numeric(&info->addr.in), info->mask); } @@ -146,7 +146,7 @@ rawdnat_tg6_save(const void *entry, const struct xt_entry_target *target) { const struct xt_rawnat_tginfo *info = (const void *)target->data; - printf("--to-destination %s/%u ", + printf(" --to-destination %s/%u ", xtables_ip6addr_to_numeric(&info->addr.in6), info->mask); } diff --git a/extensions/libxt_RAWSNAT.c b/extensions/libxt_RAWSNAT.c index 6d3d121..1c1c35d 100644 --- a/extensions/libxt_RAWSNAT.c +++ b/extensions/libxt_RAWSNAT.c @@ -110,10 +110,10 @@ rawsnat_tg4_print(const void *entry, const struct xt_entry_target *target, const struct xt_rawnat_tginfo *info = (const void *)target->data; if (!numeric && info->mask == 32) - printf("to-source %s ", + printf(" to-source %s ", xtables_ipaddr_to_anyname(&info->addr.in)); else - printf("to-source %s/%u ", + printf(" to-source %s/%u ", xtables_ipaddr_to_numeric(&info->addr.in), info->mask); } @@ -124,10 +124,10 @@ rawsnat_tg6_print(const void *entry, const struct xt_entry_target *target, const struct xt_rawnat_tginfo *info = (const void *)target->data; if (!numeric && info->mask == 128) - printf("to-source %s ", + printf(" to-source %s ", xtables_ip6addr_to_anyname(&info->addr.in6)); else - printf("to-source %s/%u ", + printf(" to-source %s/%u ", xtables_ip6addr_to_numeric(&info->addr.in6), info->mask); } @@ -136,7 +136,7 @@ rawsnat_tg4_save(const void *entry, const struct xt_entry_target *target) { const struct xt_rawnat_tginfo *info = (const void *)target->data; - printf("--to-source %s/%u ", + printf(" --to-source %s/%u ", xtables_ipaddr_to_numeric(&info->addr.in), info->mask); } @@ -146,7 +146,7 @@ rawsnat_tg6_save(const void *entry, const struct xt_entry_target *target) { const struct xt_rawnat_tginfo *info = (const void *)target->data; - printf("--to-source %s/%u ", + printf(" --to-source %s/%u ", xtables_ip6addr_to_numeric(&info->addr.in6), info->mask); } diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c index a615d6f..64c6b41 100644 --- a/extensions/libxt_TEE.c +++ b/extensions/libxt_TEE.c @@ -105,9 +105,9 @@ static void tee_tg_print(const void *ip, const struct xt_entry_target *target, const struct xt_tee_tginfo *info = (const void *)target->data; if (numeric) - printf("TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in)); + printf(" TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in)); else - printf("TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in)); + printf(" TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in)); } static void tee_tg6_print(const void *ip, const struct xt_entry_target *target, @@ -116,23 +116,23 @@ static void tee_tg6_print(const void *ip, const struct xt_entry_target *target, const struct xt_tee_tginfo *info = (const void *)target->data; if (numeric) - printf("TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6)); + printf(" TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6)); else - printf("TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6)); + printf(" TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6)); } static void tee_tg_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tee_tginfo *info = (const void *)target->data; - printf("--gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in)); + printf(" --gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in)); } static void tee_tg6_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tee_tginfo *info = (const void *)target->data; - printf("--gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6)); + printf(" --gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6)); } static struct xtables_target tee_tg_reg = { diff --git a/extensions/libxt_condition.c b/extensions/libxt_condition.c index e305fa7..7de8c26 100644 --- a/extensions/libxt_condition.c +++ b/extensions/libxt_condition.c @@ -67,7 +67,7 @@ static void condition_print(const void *ip, const struct xt_entry_match *match, { const struct xt_condition_mtinfo *info = (const void *)match->data; - printf("condition %s%s ", (info->invert) ? "!" : "", info->name); + printf(" condition %s%s ", (info->invert) ? "!" : "", info->name); } @@ -75,7 +75,7 @@ static void condition_save(const void *ip, const struct xt_entry_match *match) { const struct xt_condition_mtinfo *info = (const void *)match->data; - printf("%s--condition \"%s\" ", info->invert ? "! " : "", info->name); + printf("%s --condition \"%s\" ", info->invert ? " !" : "", info->name); } static struct xtables_match condition_mt_reg = { diff --git a/extensions/libxt_dhcpmac.c b/extensions/libxt_dhcpmac.c index d2eeb91..b861d33 100644 --- a/extensions/libxt_dhcpmac.c +++ b/extensions/libxt_dhcpmac.c @@ -67,7 +67,7 @@ static void dhcpmac_mt_print(const void *ip, { const struct dhcpmac_info *info = (void *)match->data; - printf("dhcpmac %s" DH_MAC_FMT "/%u ", + printf(" dhcpmac %s" DH_MAC_FMT "/%u ", info->invert ? "!" : "", DH_MAC_HEX(info->addr), info->mask); } @@ -77,8 +77,8 @@ static void dhcpmac_mt_save(const void *ip, const struct dhcpmac_info *info = (void *)match->data; if (info->invert) - printf("! "); - printf("--mac " DH_MAC_FMT "/%u ", + printf(" !"); + printf(" --mac " DH_MAC_FMT "/%u ", DH_MAC_HEX(info->addr), info->mask); } diff --git a/extensions/libxt_fuzzy.c b/extensions/libxt_fuzzy.c index c24e413..06fd075 100644 --- a/extensions/libxt_fuzzy.c +++ b/extensions/libxt_fuzzy.c @@ -88,7 +88,7 @@ static void fuzzy_mt_print(const void *ip, const struct xt_entry_match *match, { const struct xt_fuzzy_mtinfo *info = (const void *)match->data; - printf("fuzzy: lower limit = %u pps - upper limit = %u pps ", + printf(" fuzzy: lower limit = %u pps - upper limit = %u pps ", info->minimum_rate, info->maximum_rate); } @@ -96,8 +96,8 @@ static void fuzzy_mt_save(const void *ip, const struct xt_entry_match *match) { const struct xt_fuzzy_mtinfo *info = (const void *)match->data; - printf("--lower-limit %u ", info->minimum_rate); - printf("--upper-limit %u ", info->maximum_rate); + printf(" --lower-limit %u ", info->minimum_rate); + printf(" --upper-limit %u ", info->maximum_rate); } static struct xtables_match fuzzy_mt_reg = { diff --git a/extensions/libxt_geoip.c b/extensions/libxt_geoip.c index dcaa434..638f669 100644 --- a/extensions/libxt_geoip.c +++ b/extensions/libxt_geoip.c @@ -259,9 +259,9 @@ geoip_print(const void *ip, const struct xt_entry_match *match, int numeric) u_int8_t i; if (info->flags & XT_GEOIP_SRC) - printf("Source "); + printf(" Source "); else - printf("Destination "); + printf(" Destination "); if (info->count > 1) printf("countries: "); @@ -283,12 +283,12 @@ geoip_save(const void *ip, const struct xt_entry_match *match) u_int8_t i; if (info->flags & XT_GEOIP_INV) - printf("! "); + printf(" !"); if (info->flags & XT_GEOIP_SRC) - printf("--source-country "); + printf(" --source-country "); else - printf("--destination-country "); + printf(" --destination-country "); for (i = 0; i < info->count; i++) printf("%s%c%c", i ? "," : "", COUNTRY(info->cc[i])); diff --git a/extensions/libxt_gradm.c b/extensions/libxt_gradm.c index 4f1ce60..12236d7 100644 --- a/extensions/libxt_gradm.c +++ b/extensions/libxt_gradm.c @@ -73,9 +73,9 @@ static void gradm_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_gradm_mtinfo *info = (const void *)match->data; if (info->invflags) - printf("--disabled "); + printf(" --disabled "); else - printf("--enabled "); + printf(" --enabled "); } static struct xtables_match gradm_mt_reg = { diff --git a/extensions/libxt_iface.c b/extensions/libxt_iface.c index 7b430b6..b6e57a7 100644 --- a/extensions/libxt_iface.c +++ b/extensions/libxt_iface.c @@ -180,7 +180,7 @@ static void iface_mt_print(const void *ip, const struct xt_entry_match *match, { const struct xt_iface_mtinfo *info = (const void *)match->data; - printf("iface: "); + printf(" iface: "); if (info->flags & XT_IFACE_DEV_IN) printf("(in)"); else if (info->flags & XT_IFACE_DEV_OUT) @@ -207,11 +207,11 @@ static void iface_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_iface_mtinfo *info = (const void *)match->data; if (info->flags & XT_IFACE_DEV_IN) - printf("--dev-in"); + printf(" --dev-in"); else if (info->flags & XT_IFACE_DEV_OUT) - printf("--dev-out"); + printf(" --dev-out"); else - printf("--iface %s", info->ifname); + printf(" --iface %s", info->ifname); iface_print_opt(info, XT_IFACE_UP, "--up"); iface_print_opt(info, XT_IFACE_BROADCAST, "--broadcast"); iface_print_opt(info, XT_IFACE_LOOPBACK, "--loopback"); diff --git a/extensions/libxt_ipp2p.c b/extensions/libxt_ipp2p.c index 32ebc82..9a65f25 100644 --- a/extensions/libxt_ipp2p.c +++ b/extensions/libxt_ipp2p.c @@ -208,16 +208,16 @@ ipp2p_mt_print1(const void *entry, const struct xt_entry_match *match, for (i = IPP2N_EDK; i <= IPP2N_XDCC; ++i) if (info->cmd & (1 << i)) - printf("%s ", ipp2p_cmds[i]); + printf(" %s ", ipp2p_cmds[i]); if (info->debug != 0) - printf("--debug "); + printf(" --debug "); } static void ipp2p_mt_print(const void *entry, const struct xt_entry_match *match, int numeric) { - printf("ipp2p "); + printf(" ipp2p "); ipp2p_mt_print1(entry, match, true); } diff --git a/extensions/libxt_ipv4options.c b/extensions/libxt_ipv4options.c index 1198242..33d3592 100644 --- a/extensions/libxt_ipv4options.c +++ b/extensions/libxt_ipv4options.c @@ -1,6 +1,6 @@ /* * "ipv4options" match extension for iptables - * Coprygith © Jan Engelhardt, 2009 + * Copyright © Jan Engelhardt, 2009 * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License; either @@ -138,7 +138,7 @@ static void ipv4options_mt_print(const void *ip, { const struct xt_ipv4options_mtinfo1 *info = (void *)match->data; - printf("ipv4options %s ", + printf(" ipv4options %s ", (info->flags & XT_V4OPTS_ANY) ? "any-of" : "all-of"); ipv4options_print_flags(info, numeric); printf(" "); @@ -150,7 +150,7 @@ static void ipv4options_mt_save(const void *ip, const struct xt_ipv4options_mtinfo1 *info = (void *)match->data; if (info->map != 0) { - printf("--flags "); + printf(" --flags "); ipv4options_print_flags(info, true); } if (info->flags & XT_V4OPTS_ANY) diff --git a/extensions/libxt_length2.c b/extensions/libxt_length2.c index 6de9e83..5fbfe30 100644 --- a/extensions/libxt_length2.c +++ b/extensions/libxt_length2.c @@ -113,14 +113,14 @@ static void length_mt_print(const void *ip, const struct xt_entry_match *match, const struct xt_length_mtinfo2 *info = (const void *)match->data; if (info->flags & XT_LENGTH_LAYER3) - printf("layer3 "); + printf(" layer3 "); else if (info->flags & XT_LENGTH_LAYER4) - printf("layer4 "); + printf(" layer4 "); else if (info->flags & XT_LENGTH_LAYER5) - printf("layer5 "); + printf(" layer5 "); else if (info->flags & XT_LENGTH_LAYER7) - printf("layer7 "); - printf("length "); + printf(" layer7 "); + printf(" length "); if (info->flags & XT_LENGTH_INVERT) printf("! "); if (info->min == info->max) @@ -135,16 +135,16 @@ static void length_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_length_mtinfo2 *info = (const void *)match->data; if (info->flags & XT_LENGTH_LAYER3) - printf("--layer3 "); + printf(" --layer3 "); else if (info->flags & XT_LENGTH_LAYER4) - printf("--layer4 "); + printf(" --layer4 "); else if (info->flags & XT_LENGTH_LAYER5) - printf("--layer5 "); + printf(" --layer5 "); else if (info->flags & XT_LENGTH_LAYER7) - printf("--layer7 "); + printf(" --layer7 "); if (info->flags & XT_LENGTH_INVERT) - printf("! "); - printf("--length "); + printf(" !"); + printf(" --length "); if (info->min == info->max) printf("%u ", (unsigned int)info->min); else diff --git a/extensions/libxt_lscan.c b/extensions/libxt_lscan.c index 5cd208d..24f3985 100644 --- a/extensions/libxt_lscan.c +++ b/extensions/libxt_lscan.c @@ -70,7 +70,7 @@ static void lscan_mt_print(const void *ip, const struct xt_lscan_mtinfo *info = (const void *)(match->data); const char *s = ""; - printf("lscan "); + printf(" lscan "); if (info->match_stealth) { printf("STEALTH"); s = ","; @@ -93,13 +93,13 @@ static void lscan_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_lscan_mtinfo *info = (const void *)(match->data); if (info->match_stealth) - printf("--stealth "); + printf(" --stealth "); if (info->match_syn) - printf("--synscan "); + printf(" --synscan "); if (info->match_cn) - printf("--cnscan "); + printf(" --cnscan "); if (info->match_gr) - printf("--grscan "); + printf(" --grscan "); } static struct xtables_match lscan_mt_reg = { diff --git a/extensions/libxt_psd.c b/extensions/libxt_psd.c index 3c9d221..e60178b 100644 --- a/extensions/libxt_psd.c +++ b/extensions/libxt_psd.c @@ -119,7 +119,7 @@ static void psd_mt_final_check(unsigned int flags) {} static void psd_mt_print(const void *ip, const struct xt_entry_match *match, int numeric) { const struct xt_psd_info *psdinfo = (const struct xt_psd_info *)match->data; - printf("psd "); + printf(" psd "); printf("weight-threshold: %u ", psdinfo->weight_threshold); printf("delay-threshold: %u ", psdinfo->delay_threshold); printf("lo-ports-weight: %u ", psdinfo->lo_ports_weight); @@ -130,7 +130,7 @@ static void psd_mt_print(const void *ip, const struct xt_entry_match *match, int static void psd_mt_save(const void *ip, const struct xt_entry_match *match) { const struct xt_psd_info *psdinfo = (const struct xt_psd_info *)match->data; - printf("--psd-weight-threshold %u ", psdinfo->weight_threshold); + printf(" --psd-weight-threshold %u ", psdinfo->weight_threshold); printf("--psd-delay-threshold %u ", psdinfo->delay_threshold); printf("--psd-lo-ports-weight %u ", psdinfo->lo_ports_weight); printf("--psd-hi-ports-weight %u ", psdinfo->hi_ports_weight); diff --git a/extensions/libxt_quota2.c b/extensions/libxt_quota2.c index 788dea2..3763251 100644 --- a/extensions/libxt_quota2.c +++ b/extensions/libxt_quota2.c @@ -99,16 +99,16 @@ quota_mt2_save(const void *ip, const struct xt_entry_match *match) const struct xt_quota_mtinfo2 *q = (void *)match->data; if (q->flags & XT_QUOTA_INVERT) - printf("! "); + printf(" !"); if (q->flags & XT_QUOTA_GROW) - printf("--grow "); + printf(" --grow "); if (q->flags & XT_QUOTA_NO_CHANGE) - printf("--no-change "); + printf(" --no-change "); if (q->flags & XT_QUOTA_PACKET) - printf("--packets "); + printf(" --packets "); if (*q->name != '\0') - printf("--name %s ", q->name); - printf("--quota %llu ", (unsigned long long)q->quota); + printf(" --name %s ", q->name); + printf(" --quota %llu ", (unsigned long long)q->quota); } static void quota_mt2_print(const void *ip, const struct xt_entry_match *match, @@ -117,11 +117,11 @@ static void quota_mt2_print(const void *ip, const struct xt_entry_match *match, const struct xt_quota_mtinfo2 *q = (const void *)match->data; if (q->flags & XT_QUOTA_INVERT) - printf("! "); + printf(" !"); if (q->flags & XT_QUOTA_GROW) - printf("counter"); + printf(" counter"); else - printf("quota"); + printf(" quota"); if (*q->name != '\0') printf(" %s:", q->name); printf(" %llu ", (unsigned long long)q->quota); diff --git a/extensions/pknock/libxt_pknock.c b/extensions/pknock/libxt_pknock.c index fb6d433..4852e9f 100644 --- a/extensions/pknock/libxt_pknock.c +++ b/extensions/pknock/libxt_pknock.c @@ -272,7 +272,7 @@ static void pknock_mt_print(const void *ip, const struct xt_pknock_mtinfo *info = (void *)match->data; int i; - printf("pknock "); + printf(" pknock "); if (info->option & XT_PKNOCK_KNOCKPORT) { printf("knockports "); for (i = 0; i < info->ports_count; ++i) @@ -301,26 +301,26 @@ static void pknock_mt_save(const void *ip, const struct xt_entry_match *match) const struct xt_pknock_mtinfo *info = (void *)match->data; if (info->option & XT_PKNOCK_KNOCKPORT) { - printf("--knockports "); + printf(" --knockports "); for (i = 0; i < info->ports_count; ++i) printf("%s%d", i ? "," : "", info->port[i]); printf(" "); } if (info->option & XT_PKNOCK_TIME) - printf("--time %ld ", (long)info->max_time); + printf(" --time %ld ", (long)info->max_time); if (info->option & XT_PKNOCK_AUTOCLOSE) - printf("--autoclose %lu ", + printf(" --autoclose %lu ", (unsigned long)info->autoclose_time); if (info->option & XT_PKNOCK_NAME) - printf("--name %s ", info->rule_name); + printf(" --name %s ", info->rule_name); if (info->option & XT_PKNOCK_OPENSECRET) - printf("--opensecret "); + printf(" --opensecret "); if (info->option & XT_PKNOCK_CLOSESECRET) - printf("--closesecret "); + printf(" --closesecret "); if (info->option & XT_PKNOCK_STRICT) - printf("--strict "); + printf(" --strict "); if (info->option & XT_PKNOCK_CHECKIP) - printf("--checkip "); + printf(" --checkip "); } static struct xtables_match pknock_mt_reg = {