Patchwork ip6tables-save LOG target output is different to iptables-save

login
register
mail settings
Submitter Phil Oester
Date July 6, 2013, 3:56 p.m.
Message ID <20130706155601.GA31065@linuxace.com>
Download mbox | patch
Permalink /patch/257291/
State Accepted
Headers show

Comments

Phil Oester - July 6, 2013, 3:56 p.m.
On Sat, Jul 06, 2013 at 03:07:15PM +1000, Scott Baillie wrote:
> It just makes it a little bit harder to parse the output , because
> both tools should produce the same output
> wherever possible in my opinion.

Agreed.  Patch follows which makes the two tools consistent, however
they will now both not quote the prefix if only one word is present.

libipt_LOG is using the xtables_save_string func, which escapes unsafe
characters as needed.  libip6t_LOG should do the same.

Phil

Signed-off-by: Phil Oester <kernel@linuxace.com>
Pablo Neira - July 15, 2013, 10:51 a.m.
On Sat, Jul 06, 2013 at 08:56:01AM -0700, Phil Oester wrote:
> On Sat, Jul 06, 2013 at 03:07:15PM +1000, Scott Baillie wrote:
> > It just makes it a little bit harder to parse the output , because
> > both tools should produce the same output
> > wherever possible in my opinion.
> 
> Agreed.  Patch follows which makes the two tools consistent, however
> they will now both not quote the prefix if only one word is present.
> 
> libipt_LOG is using the xtables_save_string func, which escapes unsafe
> characters as needed.  libip6t_LOG should do the same.

Applied, thanks Phil.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 2b1ae28..4639268 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -146,8 +146,10 @@  static void LOG_save(const void *ip, const struct xt_entry_target *target)
 	const struct ip6t_log_info *loginfo
 		= (const struct ip6t_log_info *)target->data;
 
-	if (strcmp(loginfo->prefix, "") != 0)
-		printf(" --log-prefix \"%s\"", loginfo->prefix);
+	if (strcmp(loginfo->prefix, "") != 0) {
+		printf(" --log-prefix");
+		xtables_save_string(loginfo->prefix);
+	}
 
 	if (loginfo->level != LOG_DEFAULT_LEVEL)
 		printf(" --log-level %d", loginfo->level);