static void conntrack_dump_addr(const union nf_inet_addr *addr, const union nf_inet_addr *mask, unsigned int family, bool numeric) { if (family == NFPROTO_IPV4) { if (!numeric && addr->ip == 0) { printf(" anywhere"); return; } if (numeric) printf(" %s%s", xtables_ipaddr_to_numeric(&addr->in), xtables_ipmask_to_numeric(&mask->in)); else printf(" %s%s", xtables_ipaddr_to_anyname(&addr->in), xtables_ipmask_to_numeric(&mask->in)); } else if (family == NFPROTO_IPV6) { if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 && addr->ip6[2] == 0 && addr->ip6[3] == 0) { printf(" anywhere"); return; } if (numeric) printf(" %s%s", xtables_ip6addr_to_numeric(&addr->in6), xtables_ip6mask_to_numeric(&mask->in6)); else printf(" %s%s", xtables_ip6addr_to_anyname(&addr->in6), xtables_ip6mask_to_numeric(&mask->in6)); } }
static void brip_print(const void *ip, const struct xt_entry_match *match, int numeric) { struct ebt_ip_info *info = (struct ebt_ip_info *)match->data; struct in_addr *addrp, *maskp; if (info->bitmask & EBT_IP_SOURCE) { printf("--ip-src "); if (info->invflags & EBT_IP_SOURCE) printf("! "); addrp = (struct in_addr *)&info->saddr; maskp = (struct in_addr *)&info->smsk; printf("%s%s ", xtables_ipaddr_to_numeric(addrp), xtables_ipmask_to_numeric(maskp)); } if (info->bitmask & EBT_IP_DEST) { printf("--ip-dst "); if (info->invflags & EBT_IP_DEST) printf("! "); addrp = (struct in_addr *)&info->daddr; maskp = (struct in_addr *)&info->dmsk; printf("%s%s ", xtables_ipaddr_to_numeric(addrp), xtables_ipmask_to_numeric(maskp)); } if (info->bitmask & EBT_IP_TOS) { printf("--ip-tos "); if (info->invflags & EBT_IP_TOS) printf("! "); printf("0x%02X ", info->tos); } if (info->bitmask & EBT_IP_PROTO) { struct protoent *pe; printf("--ip-proto "); if (info->invflags & EBT_IP_PROTO) printf("! "); pe = getprotobynumber(info->protocol); if (pe == NULL) { printf("%d ", info->protocol); } else { printf("%s ", pe->p_name); } } if (info->bitmask & EBT_IP_SPORT) { printf("--ip-sport "); if (info->invflags & EBT_IP_SPORT) printf("! "); print_port_range(info->sport); } if (info->bitmask & EBT_IP_DPORT) { printf("--ip-dport "); if (info->invflags & EBT_IP_DPORT) printf("! "); print_port_range(info->dport); } }
/* Shamelessly copied from libxt_conntrack.c */ static void ipvs_mt_dump_addr(const union nf_inet_addr *addr, const union nf_inet_addr *mask, unsigned int family, bool numeric) { char buf[BUFSIZ]; if (family == NFPROTO_IPV4) { if (!numeric && addr->ip == 0) { printf("anywhere "); return; } if (numeric) strcpy(buf, xtables_ipaddr_to_numeric(&addr->in)); else strcpy(buf, xtables_ipaddr_to_anyname(&addr->in)); strcat(buf, xtables_ipmask_to_numeric(&mask->in)); printf("%s ", buf); } else if (family == NFPROTO_IPV6) { if (!numeric && addr->ip6[0] == 0 && addr->ip6[1] == 0 && addr->ip6[2] == 0 && addr->ip6[3] == 0) { printf("anywhere "); return; } if (numeric) strcpy(buf, xtables_ip6addr_to_numeric(&addr->in6)); else strcpy(buf, xtables_ip6addr_to_anyname(&addr->in6)); strcat(buf, xtables_ip6mask_to_numeric(&mask->in6)); printf("%s ", buf); } }
static void print_entry(const char *prefix, const struct xt_policy_elem *e, bool numeric, uint8_t family) { if (e->match.reqid) { PRINT_INVERT(e->invert.reqid); printf("%sreqid %u ", prefix, e->reqid); } if (e->match.spi) { PRINT_INVERT(e->invert.spi); printf("%sspi 0x%x ", prefix, e->spi); } if (e->match.proto) { PRINT_INVERT(e->invert.proto); print_proto(prefix, e->proto, numeric); } if (e->match.mode) { PRINT_INVERT(e->invert.mode); print_mode(prefix, e->mode, numeric); } if (e->match.daddr) { PRINT_INVERT(e->invert.daddr); if (family == NFPROTO_IPV6) printf("%stunnel-dst %s%s ", prefix, xtables_ip6addr_to_numeric(&e->daddr.a6), xtables_ip6mask_to_numeric(&e->dmask.a6)); else printf("%stunnel-dst %s%s ", prefix, xtables_ipaddr_to_numeric(&e->daddr.a4), xtables_ipmask_to_numeric(&e->dmask.a4)); } if (e->match.saddr) { PRINT_INVERT(e->invert.saddr); if (family == NFPROTO_IPV6) printf("%stunnel-src %s%s ", prefix, xtables_ip6addr_to_numeric(&e->saddr.a6), xtables_ip6mask_to_numeric(&e->smask.a6)); else printf("%stunnel-src %s%s ", prefix, xtables_ipaddr_to_numeric(&e->saddr.a4), xtables_ipmask_to_numeric(&e->smask.a4)); } }
static void print_addr(struct in_addr *addr, struct in_addr *mask, int inv, int numeric) { char buf[BUFSIZ]; if (inv) printf("! "); if (mask->s_addr == 0L && !numeric) printf("%s ", "anywhere"); else { if (numeric) strcpy(buf, xtables_ipaddr_to_numeric(addr)); else strcpy(buf, xtables_ipaddr_to_anyname(addr)); strcat(buf, xtables_ipmask_to_numeric(mask)); printf("%s ", buf); } }