int len;
struct ip6t_entry_target *t;
- printf("Entry %u (%lu):\n", entry2index(handle, e),
- entry2offset(handle, e));
+ printf("Entry %u (%lu):\n", iptcb_entry2index(handle, e),
+ iptcb_entry2offset(handle, e));
puts("SRC IP: ");
inet_ntop(AF_INET6, &e->ipv6.src, buf, sizeof buf);
puts(buf);
printf("Flags: %02X\n", e->ipv6.flags);
printf("Invflags: %02X\n", e->ipv6.invflags);
printf("Counters: %llu packets, %llu bytes\n",
- e->counters.pcnt, e->counters.bcnt);
+ (unsigned long long)e->counters.pcnt, (unsigned long long)e->counters.bcnt);
printf("Cache: %08X ", e->nfcache);
if (e->nfcache & NFC_ALTERED) printf("ALTERED ");
if (e->nfcache & NFC_UNKNOWN) printf("UNKNOWN ");
- if (e->nfcache & NFC_IP6_SRC) printf("IP6_SRC ");
- if (e->nfcache & NFC_IP6_DST) printf("IP6_DST ");
- if (e->nfcache & NFC_IP6_IF_IN) printf("IP6_IF_IN ");
- if (e->nfcache & NFC_IP6_IF_OUT) printf("IP6_IF_OUT ");
- if (e->nfcache & NFC_IP6_TOS) printf("IP6_TOS ");
- if (e->nfcache & NFC_IP6_PROTO) printf("IP6_PROTO ");
- if (e->nfcache & NFC_IP6_OPTIONS) printf("IP6_OPTIONS ");
- if (e->nfcache & NFC_IP6_TCPFLAGS) printf("IP6_TCPFLAGS ");
- if (e->nfcache & NFC_IP6_SRC_PT) printf("IP6_SRC_PT ");
- if (e->nfcache & NFC_IP6_DST_PT) printf("IP6_DST_PT ");
- if (e->nfcache & NFC_IP6_PROTO_UNKNOWN) printf("IP6_PROTO_UNKNOWN ");
printf("\n");
IP6T_MATCH_ITERATE(e, print_match);
return 0;
}
-static int
+static unsigned char *
is_same(const STRUCT_ENTRY *a, const STRUCT_ENTRY *b,
unsigned char *matchmask)
{
unsigned int i;
- STRUCT_ENTRY_TARGET *ta, *tb;
unsigned char *mptr;
/* Always compare head structures: ignore mask here. */
|| a->ipv6.tos != b->ipv6.tos
|| a->ipv6.flags != b->ipv6.flags
|| a->ipv6.invflags != b->ipv6.invflags)
- return 0;
+ return NULL;
for (i = 0; i < IFNAMSIZ; i++) {
if (a->ipv6.iniface_mask[i] != b->ipv6.iniface_mask[i])
- return 0;
+ return NULL;
if ((a->ipv6.iniface[i] & a->ipv6.iniface_mask[i])
!= (b->ipv6.iniface[i] & b->ipv6.iniface_mask[i]))
- return 0;
+ return NULL;
if (a->ipv6.outiface_mask[i] != b->ipv6.outiface_mask[i])
- return 0;
+ return NULL;
if ((a->ipv6.outiface[i] & a->ipv6.outiface_mask[i])
!= (b->ipv6.outiface[i] & b->ipv6.outiface_mask[i]))
- return 0;
+ return NULL;
}
if (a->nfcache != b->nfcache
|| a->target_offset != b->target_offset
|| a->next_offset != b->next_offset)
- return 0;
+ return NULL;
mptr = matchmask + sizeof(STRUCT_ENTRY);
if (IP6T_MATCH_ITERATE(a, match_different, a->elems, b->elems, &mptr))
- return 0;
-
- ta = GET_TARGET((STRUCT_ENTRY *)a);
- tb = GET_TARGET((STRUCT_ENTRY *)b);
- if (ta->u.target_size != tb->u.target_size)
- return 0;
- if (strcmp(ta->u.user.name, tb->u.user.name) != 0)
- return 0;
- mptr += sizeof(*ta);
-
- if (target_different(ta->data, tb->data,
- ta->u.target_size - sizeof(*ta), mptr))
- return 0;
+ return NULL;
+ mptr += IP6T_ALIGN(sizeof(struct ip6t_entry_target));
- return 1;
+ return mptr;
}
/* All zeroes == unconditional rule. */
assert(t->verdict == -NF_DROP-1 || t->verdict == -NF_ACCEPT-1);
/* Hooks and underflows must be valid entries */
- entry2index(h, get_entry(h, h->info.hook_entry[i]));
- entry2index(h, get_entry(h, h->info.underflow[i]));
+ iptcb_entry2index(h, get_entry(h, h->info.hook_entry[i]));
+ iptcb_entry2index(h, get_entry(h, h->info.underflow[i]));
}
assert(h->info.size