Patchwork [iptables-nftables,3/3] nft: Print unknown target data only when relevant

login
register
mail settings
Submitter Tomasz Bursztyka
Date Aug. 7, 2013, 8:31 a.m.
Message ID <1375864297-9347-4-git-send-email-tomasz.bursztyka@linux.intel.com>
Download mbox | patch
Permalink /patch/265400/
State Accepted
Headers show

Comments

Tomasz Bursztyka - Aug. 7, 2013, 8:31 a.m.
Bug is:
xtables -N test
xtables -A FORWARD -j test
xtables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
test       all  --  anywhere             anywhere            [0 bytes of unknown target data]

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain test (1 references)
target     prot opt source               destination

"[0 bytes of unknown target data]" should not be printed in this case.

Signed-off-by: Tomasz Bursztyka <tomasz.bursztyka@linux.intel.com>
---
 iptables/nft-shared.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
Pablo Neira - Aug. 7, 2013, 9:01 a.m.
On Wed, Aug 07, 2013 at 11:31:37AM +0300, Tomasz Bursztyka wrote:
> Bug is:
> xtables -N test
> xtables -A FORWARD -j test
> xtables -L
> Chain INPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain FORWARD (policy ACCEPT)
> target     prot opt source               destination
> test       all  --  anywhere             anywhere            [0 bytes of unknown target data]
> 
> Chain OUTPUT (policy ACCEPT)
> target     prot opt source               destination
> 
> Chain test (1 references)
> target     prot opt source               destination
> 
> "[0 bytes of unknown target data]" should not be printed in this case.

Applied, thanks.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/iptables/nft-shared.c b/iptables/nft-shared.c
index ad3e675..f5f905f 100644
--- a/iptables/nft-shared.c
+++ b/iptables/nft-shared.c
@@ -549,7 +549,7 @@  int print_target(const char *targname, const void *targinfo,
 		if (target->print)
 			/* FIXME missing first parameter */
 			target->print(NULL, t, format & FMT_NUMERIC);
-	} else
+	} else if (target_len > 0)
 		printf("[%ld bytes of unknown target data] ", target_len);
 
 	free(t);