@@ -1,7 +1,7 @@
#ifndef NFTABLES_DATATYPE_H
#define NFTABLES_DATATYPE_H
-#include <json.h>
+#include "json.h"
/**
* enum datatypes
@@ -1,8 +1,8 @@
#ifndef NFTABLES_EREC_H
#define NFTABLES_EREC_H
-#include <nftables.h>
-#include <utils.h>
+#include "nftables.h"
+#include "utils.h"
/**
* enum error_record_types
@@ -2,14 +2,14 @@
#define NFTABLES_EXPRESSION_H
#include <stdbool.h>
-#include <gmputil.h>
-#include <linux/netfilter/nf_tables.h>
+#include "gmputil.h"
+#include "linux/netfilter/nf_tables.h"
-#include <nftables.h>
-#include <datatype.h>
-#include <utils.h>
-#include <list.h>
-#include <json.h>
+#include "nftables.h"
+#include "datatype.h"
+#include "utils.h"
+#include "list.h"
+#include "json.h"
/**
* enum expr_types
@@ -180,14 +180,14 @@ enum expr_flags {
EXPR_F_BOOLEAN = 0x10,
};
-#include <payload.h>
-#include <exthdr.h>
-#include <fib.h>
-#include <numgen.h>
-#include <meta.h>
-#include <rt.h>
-#include <hash.h>
-#include <ct.h>
+#include "payload.h"
+#include "exthdr.h"
+#include "fib.h"
+#include "numgen.h"
+#include "meta.h"
+#include "rt.h"
+#include "hash.h"
+#include "ct.h"
/**
* struct expr
@@ -1,8 +1,8 @@
#ifndef NFTABLES_EXTHDR_H
#define NFTABLES_EXTHDR_H
-#include <proto.h>
-#include <tcpopt.h>
+#include "proto.h"
+#include "tcpopt.h"
/**
* struct exthdr_desc - extension header description
@@ -1,7 +1,7 @@
#ifndef NFTABLES_FIB_H
#define NFTABLES_FIB_H
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter/nf_tables.h"
extern const char *fib_result_str(enum nft_fib_result result);
extern struct expr *fib_expr_alloc(const struct location *loc,
@@ -6,7 +6,7 @@
#ifdef HAVE_LIBGMP
#include <gmp.h>
#else
-#include <mini-gmp.h>
+#include "mini-gmp.h"
#include <stdio.h>
/* mini-gmp doesn't come with gmp_vfprintf, so we use our own minimal variant */
extern int mpz_vfprintf(FILE *fp, const char *format, va_list args);
@@ -1,8 +1,8 @@
#ifndef _NETFILTER_NF_NAT_H
#define _NETFILTER_NF_NAT_H
-#include <linux/netfilter.h>
-#include <linux/netfilter/nf_conntrack_tuple_common.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter/nf_conntrack_tuple_common.h"
#define NF_NAT_RANGE_MAP_IPS (1 << 0)
#define NF_NAT_RANGE_PROTO_SPECIFIED (1 << 1)
@@ -5,7 +5,7 @@
* (C)2002 Rusty Russell IBM -- This code is GPL.
*/
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
/* There is no PF_ARP. */
#define NF_ARP 0
@@ -11,7 +11,7 @@
#include <linux/types.h>
-#include <linux/netfilter_arp.h>
+#include "linux/netfilter_arp.h"
#include <linux/netfilter/x_tables.h>
@@ -4,7 +4,7 @@
/* bridge-specific defines for netfilter.
*/
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
#include <linux/if_ether.h>
#include <linux/if_vlan.h>
#include <linux/if_pppox.h>
@@ -12,7 +12,7 @@
#ifndef __LINUX_BRIDGE_EFF_H
#define __LINUX_BRIDGE_EFF_H
-#include <linux/netfilter_bridge.h>
+#include "linux/netfilter_bridge.h"
#define EBT_TABLE_MAXNAMELEN 32
#define EBT_CHAIN_MAXNAMELEN EBT_TABLE_MAXNAMELEN
@@ -7,7 +7,7 @@
* (C)1998 Rusty Russell -- This code is GPL.
*/
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
/* only for userspace compatibility */
/* IP Cache bits. */
@@ -5,7 +5,7 @@
* (C)1998 Rusty Russell -- This code is GPL.
*/
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
/* only for userspace compatibility */
/* IP Cache bits. */
@@ -17,7 +17,7 @@
#include <linux/types.h>
-#include <linux/netfilter_ipv4.h>
+#include "linux/netfilter_ipv4.h"
#include <linux/netfilter/x_tables.h>
@@ -8,7 +8,7 @@
* it's amazing what adding a bunch of 6s can do =8^)
*/
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
/* only for userspace compatibility */
/* IP Cache bits. */
@@ -17,7 +17,7 @@
#include <linux/types.h>
-#include <linux/netfilter_ipv6.h>
+#include "linux/netfilter_ipv6.h"
#include <linux/netfilter/x_tables.h>
@@ -1,8 +1,8 @@
#ifndef _NFTABLES_MNL_H_
#define _NFTABLES_MNL_H_
-#include <list.h>
-#include <netlink.h>
+#include "list.h"
+#include "netlink.h"
#include <libmnl/libmnl.h>
struct mnl_socket *netlink_open_sock(void);
@@ -10,9 +10,9 @@
#include <libnftnl/flowtable.h>
#include <linux/netlink.h>
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter/nf_tables.h"
-#include <rule.h>
+#include "rule.h"
struct netlink_parse_ctx {
struct list_head *msgs;
@@ -4,8 +4,8 @@
#include <stdbool.h>
#include <stdarg.h>
#include <limits.h>
-#include <utils.h>
-#include <nftables/libnftables.h>
+#include "utils.h"
+#include "nftables/libnftables.h"
struct cookie {
FILE *fp;
@@ -1,8 +1,8 @@
#ifndef NFTABLES_PARSER_H
#define NFTABLES_PARSER_H
-#include <list.h>
-#include <rule.h> // FIXME
+#include "list.h"
+#include "rule.h" // FIXME
#define MAX_INCLUDE_DEPTH 16
#define TABSIZE 8
@@ -1,8 +1,8 @@
#ifndef NFTABLES_PAYLOAD_H
#define NFTABLES_PAYLOAD_H
-#include <nftables.h>
-#include <proto.h>
+#include "nftables.h"
+#include "proto.h"
extern struct expr *payload_expr_alloc(const struct location *loc,
const struct proto_desc *desc,
@@ -1,9 +1,9 @@
#ifndef NFTABLES_PROTO_H
#define NFTABLES_PROTO_H
-#include <nftables.h>
-#include <datatype.h>
-#include <linux/netfilter/nf_tables.h>
+#include "nftables.h"
+#include "datatype.h"
+#include "linux/netfilter/nf_tables.h"
/**
* enum proto_bases - protocol bases
@@ -2,8 +2,8 @@
#define NFTABLES_RULE_H
#include <stdint.h>
-#include <nftables.h>
-#include <list.h>
+#include "nftables.h"
+#include "list.h"
/**
* struct handle_spec - handle ID
@@ -289,7 +289,7 @@ extern const char *set_policy2str(uint32_t policy);
extern void set_print(const struct set *set, struct output_ctx *octx);
extern void set_print_plain(const struct set *s, struct output_ctx *octx);
-#include <statement.h>
+#include "statement.h"
struct counter {
uint64_t packets;
@@ -537,8 +537,8 @@ extern struct cmd *cmd_alloc_obj_ct(enum cmd_ops op, int type,
const struct location *loc, struct obj *obj);
extern void cmd_free(struct cmd *cmd);
-#include <payload.h>
-#include <expression.h>
+#include "payload.h"
+#include "expression.h"
/**
* struct eval_ctx - evaluation context
@@ -1,9 +1,9 @@
#ifndef NFTABLES_STATEMENT_H
#define NFTABLES_STATEMENT_H
-#include <list.h>
-#include <expression.h>
-#include <json.h>
+#include "list.h"
+#include "expression.h"
+#include "json.h"
extern struct stmt *expr_stmt_alloc(const struct location *loc,
struct expr *expr);
@@ -48,7 +48,7 @@ struct payload_stmt {
extern struct stmt *payload_stmt_alloc(const struct location *loc,
struct expr *payload, struct expr *expr);
-#include <meta.h>
+#include "meta.h"
struct meta_stmt {
enum nft_meta_keys key;
const struct meta_template *tmpl;
@@ -136,7 +136,7 @@ struct quota_stmt {
struct stmt *quota_stmt_alloc(const struct location *loc);
-#include <ct.h>
+#include "ct.h"
struct ct_stmt {
enum nft_ct_keys key;
const struct ct_template *tmpl;
@@ -1,9 +1,9 @@
#ifndef NFTABLES_TCPOPT_H
#define NFTABLES_TCPOPT_H
-#include <proto.h>
-#include <exthdr.h>
-#include <statement.h>
+#include "proto.h"
+#include "exthdr.h"
+#include "statement.h"
extern struct expr *tcpopt_expr_alloc(const struct location *loc,
uint8_t type, uint8_t field);
@@ -8,8 +8,8 @@
#include <stdio.h>
#include <unistd.h>
#include <assert.h>
-#include <list.h>
-#include <gmputil.h>
+#include "list.h"
+#include "gmputil.h"
#define BITS_PER_BYTE 8
@@ -23,7 +23,7 @@ void stmt_xt_postprocess(struct rule_pp_ctx *rctx, struct stmt *stmt,
static inline void xt_stmt_xlate(const struct stmt *stmt) {}
static inline void xt_stmt_release(const struct stmt *stmt) {}
-#include <erec.h>
+#include "erec.h"
static inline void netlink_parse_target(struct netlink_parse_ctx *ctx,
const struct location *loc,
@@ -24,12 +24,12 @@
#include <readline/readline.h>
#include <readline/history.h>
-#include <nftables.h>
-#include <parser.h>
-#include <erec.h>
-#include <utils.h>
-#include <iface.h>
-#include <cli.h>
+#include "nftables.h"
+#include "parser.h"
+#include "erec.h"
+#include "utils.h"
+#include "iface.h"
+#include "cli.h"
#include <libmnl/libmnl.h>
@@ -17,19 +17,19 @@
#include <string.h>
#include <netinet/ip.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter/nf_tables.h>
-#include <linux/netfilter/nf_conntrack_common.h>
-#include <linux/netfilter/nf_conntrack_tuple_common.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter/nf_tables.h"
+#include "linux/netfilter/nf_conntrack_common.h"
+#include "linux/netfilter/nf_conntrack_tuple_common.h"
#include <errno.h>
-#include <erec.h>
-#include <expression.h>
-#include <datatype.h>
-#include <ct.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <statement.h>
+#include "erec.h"
+#include "expression.h"
+#include "datatype.h"
+#include "ct.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "statement.h"
#define CONNLABEL_CONF DEFAULT_INCLUDE_PATH "/connlabel.conf"
@@ -16,16 +16,16 @@
#include <netdb.h>
#include <arpa/inet.h>
#include <linux/types.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
#include <linux/icmpv6.h>
-#include <nftables.h>
-#include <datatype.h>
-#include <expression.h>
-#include <gmputil.h>
-#include <erec.h>
-#include <netlink.h>
-#include <json.h>
+#include "nftables.h"
+#include "datatype.h"
+#include "expression.h"
+#include "gmputil.h"
+#include "erec.h"
+#include "netlink.h"
+#include "json.h"
#include <netinet/ip_icmp.h>
@@ -15,9 +15,9 @@
#include <stdarg.h>
#include <stdlib.h>
-#include <netlink.h>
-#include <gmputil.h>
-#include <erec.h>
+#include "netlink.h"
+#include "gmputil.h"
+#include "erec.h"
static const struct input_descriptor internal_indesc = {
.type = INDESC_INTERNAL,
@@ -14,22 +14,22 @@
#include <stdint.h>
#include <string.h>
#include <arpa/inet.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter_arp.h>
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter_arp.h"
+#include "linux/netfilter/nf_tables.h"
#include <netinet/ip_icmp.h>
#include <netinet/icmp6.h>
#include <net/ethernet.h>
#include <net/if.h>
#include <errno.h>
-#include <expression.h>
-#include <statement.h>
-#include <rule.h>
-#include <erec.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <xt.h>
+#include "expression.h"
+#include "statement.h"
+#include "rule.h"
+#include "erec.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "xt.h"
static int expr_evaluate(struct eval_ctx *ctx, struct expr **expr);
@@ -15,15 +15,15 @@
#include <string.h>
#include <limits.h>
-#include <expression.h>
-#include <statement.h>
-#include <datatype.h>
-#include <rule.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <list.h>
-#include <erec.h>
-#include <json.h>
+#include "expression.h"
+#include "statement.h"
+#include "datatype.h"
+#include "rule.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "list.h"
+#include "erec.h"
+#include "json.h"
struct expr *expr_alloc(const struct location *loc, const struct expr_ops *ops,
const struct datatype *dtype, enum byteorder byteorder,
@@ -18,10 +18,10 @@
#include <netinet/in.h>
#include <netinet/ip6.h>
-#include <utils.h>
-#include <headers.h>
-#include <expression.h>
-#include <statement.h>
+#include "utils.h"
+#include "headers.h"
+#include "expression.h"
+#include "statement.h"
static void exthdr_expr_print(const struct expr *expr, struct output_ctx *octx)
{
@@ -8,14 +8,14 @@
* published by the Free Software Foundation.
*/
-#include <nftables.h>
-#include <erec.h>
-#include <expression.h>
-#include <datatype.h>
-#include <gmputil.h>
-#include <utils.h>
+#include "nftables.h"
+#include "erec.h"
+#include "expression.h"
+#include "datatype.h"
+#include "gmputil.h"
+#include "utils.h"
#include <string.h>
-#include <fib.h>
+#include "fib.h"
#include <linux/rtnetlink.h>
#include <net/if.h>
@@ -15,9 +15,9 @@
#include <unistd.h>
#include <string.h>
-#include <nftables.h>
-#include <datatype.h>
-#include <utils.h>
+#include "nftables.h"
+#include "datatype.h"
+#include "utils.h"
void mpz_bitmask(mpz_t rop, unsigned int width)
{
@@ -8,12 +8,12 @@
* published by the Free Software Foundation.
*/
-#include <nftables.h>
-#include <expression.h>
-#include <datatype.h>
-#include <gmputil.h>
-#include <hash.h>
-#include <utils.h>
+#include "nftables.h"
+#include "expression.h"
+#include "datatype.h"
+#include "gmputil.h"
+#include "hash.h"
+#include "utils.h"
static void hash_expr_print(const struct expr *expr, struct output_ctx *octx)
{
@@ -16,10 +16,10 @@
#include <libmnl/libmnl.h>
#include <linux/rtnetlink.h>
-#include <nftables.h>
-#include <list.h>
-#include <netlink.h>
-#include <iface.h>
+#include "nftables.h"
+#include "list.h"
+#include "netlink.h"
+#include "iface.h"
static LIST_HEAD(iface_list);
static bool iface_cache_init;
@@ -1,21 +1,21 @@
#define _GNU_SOURCE
#include <string.h>
-#include <expression.h>
-#include <list.h>
-#include <netlink.h>
-#include <rule.h>
-#include <rt.h>
+#include "expression.h"
+#include "list.h"
+#include "netlink.h"
+#include "rule.h"
+#include "rt.h"
#include <netdb.h>
#include <netinet/icmp6.h>
#include <netinet/in.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter/nf_log.h>
-#include <linux/netfilter/nf_nat.h>
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter/nf_log.h"
+#include "linux/netfilter/nf_nat.h"
+#include "linux/netfilter/nf_tables.h"
#include <pwd.h>
#include <grp.h>
#include <jansson.h>
@@ -6,12 +6,12 @@
* published by the Free Software Foundation.
*
*/
-#include <nftables/libnftables.h>
-#include <erec.h>
-#include <mnl.h>
-#include <parser.h>
-#include <utils.h>
-#include <iface.h>
+#include "nftables/libnftables.h"
+#include "erec.h"
+#include "mnl.h"
+#include "parser.h"
+#include "utils.h"
+#include "iface.h"
#include <errno.h>
#include <stdlib.h>
@@ -18,9 +18,9 @@
#include <fcntl.h>
#include <sys/types.h>
-#include <nftables/libnftables.h>
-#include <utils.h>
-#include <cli.h>
+#include "nftables/libnftables.h"
+#include "utils.h"
+#include "cli.h"
static struct nft_ctx *nft;
@@ -7,9 +7,9 @@
*/
#include <stdint.h>
-#include <expression.h>
-#include <gmputil.h>
-#include <list.h>
+#include "expression.h"
+#include "gmputil.h"
+#include "list.h"
static int expr_msort_cmp(const struct expr *e1, const struct expr *e2);
@@ -22,20 +22,20 @@
#include <pwd.h>
#include <grp.h>
#include <arpa/inet.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
#include <linux/pkt_sched.h>
#include <linux/if_packet.h>
-#include <nftables.h>
-#include <expression.h>
-#include <statement.h>
-#include <datatype.h>
-#include <meta.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <erec.h>
-#include <iface.h>
-#include <json.h>
+#include "nftables.h"
+#include "expression.h"
+#include "statement.h"
+#include "datatype.h"
+#include "meta.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "erec.h"
+#include "iface.h"
+#include "json.h"
static struct symbol_table *realm_tbl;
void realm_table_meta_init(void)
@@ -20,16 +20,16 @@
#include <libnftnl/flowtable.h>
#include <libnftnl/batch.h>
-#include <linux/netfilter/nfnetlink.h>
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter/nfnetlink.h"
+#include "linux/netfilter/nf_tables.h"
-#include <mnl.h>
+#include "mnl.h"
#include <string.h>
#include <sys/socket.h>
#include <arpa/inet.h>
#include <errno.h>
-#include <utils.h>
-#include <nftables.h>
+#include "utils.h"
+#include "nftables.h"
uint32_t mnl_seqnum_alloc(unsigned int *seqnum)
{
@@ -25,19 +25,19 @@
#include <libnftnl/udata.h>
#include <libnftnl/ruleset.h>
#include <libnftnl/common.h>
-#include <linux/netfilter/nfnetlink.h>
-#include <linux/netfilter/nf_tables.h>
-#include <linux/netfilter.h>
-
-#include <nftables.h>
-#include <netlink.h>
-#include <mnl.h>
-#include <expression.h>
-#include <statement.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <erec.h>
-#include <iface.h>
+#include "linux/netfilter/nfnetlink.h"
+#include "linux/netfilter/nf_tables.h"
+#include "linux/netfilter.h"
+
+#include "nftables.h"
+#include "netlink.h"
+#include "mnl.h"
+#include "expression.h"
+#include "statement.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "erec.h"
+#include "iface.h"
#define nft_mon_print(monh, ...) nft_print(monh->ctx->octx, __VA_ARGS__)
@@ -28,19 +28,19 @@
#include <libnftnl/udata.h>
#include <libnftnl/ruleset.h>
#include <libnftnl/common.h>
-#include <linux/netfilter/nfnetlink.h>
-#include <linux/netfilter/nf_tables.h>
-#include <linux/netfilter.h>
-
-#include <nftables.h>
-#include <netlink.h>
-#include <mnl.h>
-#include <expression.h>
-#include <statement.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <erec.h>
-#include <iface.h>
+#include "linux/netfilter/nfnetlink.h"
+#include "linux/netfilter/nf_tables.h"
+#include "linux/netfilter.h"
+
+#include "nftables.h"
+#include "netlink.h"
+#include "mnl.h"
+#include "expression.h"
+#include "statement.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "erec.h"
+#include "iface.h"
#define nft_mon_print(monh, ...) nft_print(monh->ctx->octx, __VA_ARGS__)
@@ -13,20 +13,20 @@
#include <stdbool.h>
#include <string.h>
#include <limits.h>
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter/nf_tables.h"
#include <arpa/inet.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
#include <net/ethernet.h>
-#include <netlink.h>
-#include <rule.h>
-#include <statement.h>
-#include <expression.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <erec.h>
+#include "netlink.h"
+#include "rule.h"
+#include "statement.h"
+#include "expression.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "erec.h"
#include <sys/socket.h>
#include <libnftnl/udata.h>
-#include <xt.h>
+#include "xt.h"
static int netlink_parse_expr(const struct nftnl_expr *nle,
struct netlink_parse_ctx *ctx);
@@ -9,18 +9,18 @@
* Development of this code funded by Astaro AG (http://www.astaro.com/)
*/
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter/nf_tables.h"
#include <string.h>
-#include <rule.h>
-#include <statement.h>
-#include <expression.h>
-#include <netlink.h>
-#include <gmputil.h>
-#include <utils.h>
+#include "rule.h"
+#include "statement.h"
+#include "expression.h"
+#include "netlink.h"
+#include "gmputil.h"
+#include "utils.h"
#include <netinet/in.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
#include <libnftnl/udata.h>
@@ -8,12 +8,12 @@
* published by the Free Software Foundation.
*/
-#include <nftables.h>
-#include <expression.h>
-#include <datatype.h>
-#include <gmputil.h>
-#include <numgen.h>
-#include <utils.h>
+#include "nftables.h"
+#include "expression.h"
+#include "datatype.h"
+#include "gmputil.h"
+#include "numgen.h"
+#include "utils.h"
static const char *numgen_type[NFT_NG_RANDOM + 1] = {
[NFT_NG_INCREMENTAL] = "inc",
@@ -16,23 +16,23 @@
#include <syslog.h>
#include <netinet/ip.h>
#include <netinet/if_ether.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter/nf_tables.h>
-#include <linux/netfilter/nf_conntrack_tuple_common.h>
-#include <linux/netfilter/nf_nat.h>
-#include <linux/netfilter/nf_log.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter/nf_tables.h"
+#include "linux/netfilter/nf_conntrack_tuple_common.h"
+#include "linux/netfilter/nf_nat.h"
+#include "linux/netfilter/nf_log.h"
#include <netinet/ip_icmp.h>
#include <netinet/icmp6.h>
#include <libnftnl/common.h>
#include <libnftnl/set.h>
-#include <rule.h>
-#include <statement.h>
-#include <expression.h>
-#include <headers.h>
-#include <utils.h>
-#include <parser.h>
-#include <erec.h>
+#include "rule.h"
+#include "statement.h"
+#include "expression.h"
+#include "headers.h"
+#include "utils.h"
+#include "parser.h"
+#include "erec.h"
#include "parser_bison.h"
@@ -3,23 +3,23 @@
#include <string.h>
#include <syslog.h>
-#include <erec.h>
-#include <expression.h>
-#include <tcpopt.h>
-#include <list.h>
-#include <netlink.h>
-#include <parser.h>
-#include <rule.h>
+#include "erec.h"
+#include "expression.h"
+#include "tcpopt.h"
+#include "list.h"
+#include "netlink.h"
+#include "parser.h"
+#include "rule.h"
#include <netdb.h>
#include <netinet/icmp6.h>
#include <netinet/ip.h>
#include <netinet/ip_icmp.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter/nf_conntrack_tuple_common.h>
-#include <linux/netfilter/nf_log.h>
-#include <linux/netfilter/nf_nat.h>
-#include <linux/netfilter/nf_tables.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter/nf_conntrack_tuple_common.h"
+#include "linux/netfilter/nf_log.h"
+#include "linux/netfilter/nf_nat.h"
+#include "linux/netfilter/nf_tables.h"
#include <jansson.h>
#define CTX_F_RHS (1 << 0)
@@ -17,15 +17,15 @@
#include <string.h>
#include <net/if_arp.h>
#include <arpa/inet.h>
-#include <linux/netfilter.h>
-
-#include <rule.h>
-#include <expression.h>
-#include <statement.h>
-#include <payload.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <json.h>
+#include "linux/netfilter.h"
+
+#include "rule.h"
+#include "expression.h"
+#include "statement.h"
+#include "payload.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "json.h"
bool payload_is_known(const struct expr *expr)
{
@@ -15,13 +15,13 @@
#include <string.h>
#include <net/if_arp.h>
#include <arpa/inet.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
-#include <expression.h>
-#include <headers.h>
-#include <proto.h>
-#include <gmputil.h>
-#include <utils.h>
+#include "expression.h"
+#include "headers.h"
+#include "proto.h"
+#include "gmputil.h"
+#include "utils.h"
const char *proto_base_names[] = {
[PROTO_BASE_INVALID] = "invalid",
@@ -19,7 +19,7 @@
*
*/
-#include <rbtree.h>
+#include "rbtree.h"
static void __rb_rotate_left(struct rb_node *node, struct rb_root *root)
{
@@ -15,14 +15,14 @@
#include <stdint.h>
#include <string.h>
#include <arpa/inet.h>
-#include <linux/netfilter.h>
-
-#include <nftables.h>
-#include <expression.h>
-#include <datatype.h>
-#include <rt.h>
-#include <rule.h>
-#include <json.h>
+#include "linux/netfilter.h"
+
+#include "nftables.h"
+#include "expression.h"
+#include "datatype.h"
+#include "rt.h"
+#include "rule.h"
+#include "json.h"
static struct symbol_table *realm_tbl;
void realm_table_rt_init(void)
@@ -16,18 +16,18 @@
#include <inttypes.h>
#include <errno.h>
-#include <statement.h>
-#include <rule.h>
-#include <utils.h>
+#include "statement.h"
+#include "rule.h"
+#include "utils.h"
#include <netdb.h>
-#include <netlink.h>
-#include <json.h>
+#include "netlink.h"
+#include "json.h"
#include <libnftnl/common.h>
#include <libnftnl/ruleset.h>
#include <netinet/ip.h>
-#include <linux/netfilter.h>
-#include <linux/netfilter_arp.h>
+#include "linux/netfilter.h"
+#include "linux/netfilter_arp.h"
void handle_free(struct handle *h)
{
@@ -1086,7 +1086,7 @@ void cmd_free(struct cmd *cmd)
xfree(cmd);
}
-#include <netlink.h>
+#include "netlink.h"
static int __do_add_setelems(struct netlink_ctx *ctx, const struct handle *h,
struct set *set, struct expr *expr, uint32_t flags)
@@ -15,12 +15,12 @@
#include <netinet/in.h>
#include <arpa/inet.h>
#include <linux/types.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
-#include <nftables.h>
-#include <erec.h>
-#include <rule.h>
-#include <parser.h>
+#include "nftables.h"
+#include "erec.h"
+#include "rule.h"
+#include "parser.h"
#include "parser_bison.h"
#define YY_NO_INPUT
@@ -12,11 +12,11 @@
#include <inttypes.h>
#include <arpa/inet.h>
-#include <rule.h>
-#include <expression.h>
-#include <gmputil.h>
-#include <utils.h>
-#include <rbtree.h>
+#include "rule.h"
+#include "expression.h"
+#include "gmputil.h"
+#include "utils.h"
+#include "rbtree.h"
/**
* struct seg_tree - segment tree
@@ -1,5 +1,5 @@
-#include <nftables.h>
-#include <datatype.h>
+#include "nftables.h"
+#include "datatype.h"
const struct symbol_table inet_service_tbl = {
.base = BASE_DECIMAL,
@@ -17,18 +17,18 @@
#include <syslog.h>
#include <arpa/inet.h>
-#include <linux/netfilter.h>
+#include "linux/netfilter.h"
#include <netinet/ip_icmp.h>
#include <netinet/icmp6.h>
-#include <statement.h>
-#include <utils.h>
-#include <list.h>
-#include <xt.h>
-#include <json.h>
+#include "statement.h"
+#include "utils.h"
+#include "list.h"
+#include "xt.h"
+#include "json.h"
#include <netinet/in.h>
-#include <linux/netfilter/nf_nat.h>
-#include <linux/netfilter/nf_log.h>
+#include "linux/netfilter/nf_nat.h"
+#include "linux/netfilter/nf_log.h"
struct stmt *stmt_alloc(const struct location *loc,
const struct stmt_ops *ops)
@@ -7,10 +7,10 @@
#include <netinet/ip6.h>
#include <netinet/tcp.h>
-#include <utils.h>
-#include <headers.h>
-#include <expression.h>
-#include <tcpopt.h>
+#include "utils.h"
+#include "headers.h"
+#include "expression.h"
+#include "tcpopt.h"
static const struct proto_hdr_template tcpopt_unknown_template =
PROTO_HDR_TEMPLATE("unknown", &invalid_type, BYTEORDER_INVALID, 0, 0);
@@ -15,8 +15,8 @@
#include <unistd.h>
#include <string.h>
-#include <nftables.h>
-#include <utils.h>
+#include "nftables.h"
+#include "utils.h"
void __noreturn __memory_allocation_error(const char *filename, uint32_t line)
{
@@ -13,18 +13,18 @@
#include <xtables.h>
#include <getopt.h>
#include <ctype.h> /* for isspace */
-#include <statement.h>
-#include <netlink.h>
-#include <xt.h>
-#include <erec.h>
+#include "statement.h"
+#include "netlink.h"
+#include "xt.h"
+#include "erec.h"
#include <libmnl/libmnl.h>
-#include <linux/netfilter/nfnetlink.h>
-#include <linux/netfilter/nf_tables_compat.h>
-#include <linux/netfilter_ipv4/ip_tables.h>
-#include <linux/netfilter_ipv6/ip6_tables.h>
-#include <linux/netfilter_arp/arp_tables.h>
-#include <linux/netfilter_bridge/ebtables.h>
+#include "linux/netfilter/nfnetlink.h"
+#include "linux/netfilter/nf_tables_compat.h"
+#include "linux/netfilter_ipv4/ip_tables.h"
+#include "linux/netfilter_ipv6/ip6_tables.h"
+#include "linux/netfilter_arp/arp_tables.h"
+#include "linux/netfilter_bridge/ebtables.h"
void xt_stmt_xlate(const struct stmt *stmt)
{
nftables carries a private copy of a number of system headers. These were mostly still being included with angle brackets as though they were system headers. Tested configurations of gcc would pick up the private copy in these cases but it has been reported that others do not. By using double quotes, developers are reminded that the code is using a private header which may differ from the system one. Signed-off-by: Duncan Roe <duncan_roe@optusnet.com.au> --- include/datatype.h | 2 +- include/erec.h | 4 ++-- include/expression.h | 30 +++++++++++++++--------------- include/exthdr.h | 4 ++-- include/fib.h | 2 +- include/gmputil.h | 2 +- include/linux/netfilter/nf_nat.h | 4 ++-- include/linux/netfilter_arp.h | 2 +- include/linux/netfilter_arp/arp_tables.h | 2 +- include/linux/netfilter_bridge.h | 2 +- include/linux/netfilter_bridge/ebtables.h | 2 +- include/linux/netfilter_decnet.h | 2 +- include/linux/netfilter_ipv4.h | 2 +- include/linux/netfilter_ipv4/ip_tables.h | 2 +- include/linux/netfilter_ipv6.h | 2 +- include/linux/netfilter_ipv6/ip6_tables.h | 2 +- include/mnl.h | 4 ++-- include/netlink.h | 4 ++-- include/nftables.h | 4 ++-- include/parser.h | 4 ++-- include/payload.h | 4 ++-- include/proto.h | 6 +++--- include/rule.h | 10 +++++----- include/statement.h | 10 +++++----- include/tcpopt.h | 6 +++--- include/utils.h | 4 ++-- include/xt.h | 2 +- src/cli.c | 12 ++++++------ src/ct.c | 22 +++++++++++----------- src/datatype.c | 16 ++++++++-------- src/erec.c | 6 +++--- src/evaluate.c | 20 ++++++++++---------- src/expression.c | 18 +++++++++--------- src/exthdr.c | 8 ++++---- src/fib.c | 14 +++++++------- src/gmputil.c | 6 +++--- src/hash.c | 12 ++++++------ src/iface.c | 8 ++++---- src/json.c | 18 +++++++++--------- src/libnftables.c | 12 ++++++------ src/main.c | 6 +++--- src/mergesort.c | 6 +++--- src/meta.c | 22 +++++++++++----------- src/mnl.c | 10 +++++----- src/monitor.c | 26 +++++++++++++------------- src/netlink.c | 26 +++++++++++++------------- src/netlink_delinearize.c | 20 ++++++++++---------- src/netlink_linearize.c | 16 ++++++++-------- src/numgen.c | 12 ++++++------ src/parser_bison.y | 24 ++++++++++++------------ src/parser_json.c | 24 ++++++++++++------------ src/payload.c | 18 +++++++++--------- src/proto.c | 12 ++++++------ src/rbtree.c | 2 +- src/rt.c | 16 ++++++++-------- src/rule.c | 16 ++++++++-------- src/scanner.l | 10 +++++----- src/segtree.c | 10 +++++----- src/services.c | 4 ++-- src/statement.c | 16 ++++++++-------- src/tcpopt.c | 8 ++++---- src/utils.c | 4 ++-- src/xt.c | 20 ++++++++++---------- 63 files changed, 312 insertions(+), 312 deletions(-)