| Message ID | 1489057244-3611-1-git-send-email-pablo@netfilter.org |
|---|---|
| State | Accepted |
| Delegated to: | Pablo Neira |
| Headers | show |
On Thu, Mar 09, 2017 at 12:00:44PM +0100, Pablo Neira Ayuso wrote: > $ iptables-translate -I INPUT -s yahoo.com > nft insert rule ip filter INPUT ip saddr 98.139.183.24 counter > nft insert rule ip filter INPUT ip saddr 206.190.36.45 counter > nft insert rule ip filter INPUT ip saddr 98.138.253.109 counter > nft > > This extra 'nft' print is incorrect, just print it if there are more > rules to be printed. > > Reported-by: Alexander Alemayhu <alexander@alemayhu.com> > Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> Tested-by: Alexander Alemayhu <alexander@alemayhu.com>
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c index d9885f20dce6..00de019000f3 100644 --- a/iptables/xtables-translate.c +++ b/iptables/xtables-translate.c @@ -195,7 +195,7 @@ static int xlate(struct nft_handle *h, struct nft_xt_cmd_parse *p, } break; } - if (!cs->restore) + if (!cs->restore && i < args->s.naddrs - 1) printf("nft "); }
$ iptables-translate -I INPUT -s yahoo.com nft insert rule ip filter INPUT ip saddr 98.139.183.24 counter nft insert rule ip filter INPUT ip saddr 206.190.36.45 counter nft insert rule ip filter INPUT ip saddr 98.138.253.109 counter nft This extra 'nft' print is incorrect, just print it if there are more rules to be printed. Reported-by: Alexander Alemayhu <alexander@alemayhu.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org> --- iptables/xtables-translate.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)