From fcd546f425f0a92bd24f13bc611c13430822788b Mon Sep 17 00:00:00 2001 From: Samuel Ortiz Date: Sat, 30 Oct 2010 00:40:06 +0200 Subject: [PATCH] iptables: Merge rule adding routines There is no valid reason for separating the builtin case from the generic one. --- src/iptables.c | 81 +++++++++++++++------------------------------------------- 1 file changed, 21 insertions(+), 60 deletions(-) diff --git a/src/iptables.c b/src/iptables.c index b5ce893..04f3970 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -318,49 +318,12 @@ err: } static struct ipt_entry * -new_builtin_rule(char *target_name, struct xtables_match *xt_m) -{ - struct ipt_entry *entry; - size_t match_size, target_size; - struct xt_entry_match *entry_match; - struct xt_standard_target *target; - - if (xt_m) - match_size = xt_m->m->u.match_size; - else - match_size = 0; - - target_size = ALIGN(sizeof(struct xt_standard_target)); - - entry = g_try_malloc0(sizeof(struct ipt_entry) + target_size + - match_size); - if (entry == NULL) - return NULL; - - entry->target_offset = sizeof(struct ipt_entry) + match_size; - entry->next_offset = sizeof(struct ipt_entry) + target_size + - match_size; - if (xt_m) { - entry_match = (struct xt_entry_match *)entry->elems; - memcpy(entry_match, xt_m->m, match_size); - } - - target = (struct xt_standard_target *)ipt_get_target(entry); - strcpy(target->target.u.user.name, IPT_STANDARD_TARGET); - target->target.u.user.target_size = - ALIGN(sizeof(struct ipt_standard_target)); - target->verdict = target_to_verdict(target_name); - - return entry; -} - -static struct ipt_entry * -new_custom_rule(struct xtables_target *xt_t, struct xtables_match *xt_m) +new_rule(char *target_name, struct xtables_target *xt_t, + char *match_name, struct xtables_match *xt_m) { - struct ipt_entry *entry; + struct ipt_entry *new_entry; size_t match_size, target_size; - struct xt_entry_match *entry_match; - struct xt_entry_target *entry_target; + int is_builtin = is_builtin_target(target_name); if (xt_m) match_size = xt_m->m->u.match_size; @@ -372,37 +335,35 @@ new_custom_rule(struct xtables_target *xt_t, struct xtables_match *xt_m) else target_size = 0; - entry = g_try_malloc0(sizeof(struct ipt_entry) + target_size + + new_entry = g_try_malloc0(sizeof(struct ipt_entry) + target_size + match_size); - if (entry == NULL) + if (new_entry == NULL) return NULL; - entry->target_offset = sizeof(struct ipt_entry) + match_size; - entry->next_offset = sizeof(struct ipt_entry) + target_size + + new_entry->target_offset = sizeof(struct ipt_entry) + match_size; + new_entry->next_offset = sizeof(struct ipt_entry) + target_size + match_size; if (xt_m) { - entry_match = (struct xt_entry_match *)entry->elems; + struct xt_entry_match *entry_match; + + entry_match = (struct xt_entry_match *)new_entry->elems; memcpy(entry_match, xt_m->m, match_size); } if (xt_t) { - entry_target = ipt_get_target(entry); - memcpy(entry_target, xt_t->t, target_size); - } + struct xt_entry_target *entry_target; - return entry; -} + if (is_builtin) { + struct xt_standard_target *target; -static struct ipt_entry * -new_rule(char *target_name, struct xtables_target *xt_t, - char *match_name, struct xtables_match *xt_m) -{ - struct ipt_entry *new_entry; + target = (struct xt_standard_target *)(xt_t->t); + strcpy(target->target.u.user.name, IPT_STANDARD_TARGET); + target->verdict = target_to_verdict(target_name); + } - if (is_builtin_target(target_name)) - new_entry = new_builtin_rule(target_name, xt_m); - else - new_entry = new_custom_rule(xt_t, xt_m); + entry_target = ipt_get_target(new_entry); + memcpy(entry_target, xt_t->t, target_size); + } return new_entry; } -- 2.7.4