fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-01-23 12:50:24 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

firewall-utils: move _append() macro to be used by other places

Browse source
This commit is contained in:
Thomas Haller 2022-09-14 12:56:29 +02:00
parent dc66fb7d04
commit 0a0c197916
No known key found for this signature in database
GPG key ID: 29C2366E4DFC5728
1 changed files with 10 additions and 11 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

21
src/core/nm-firewall-utils.c
View file

@ -598,6 +598,8 @@ _fw_nft_call_sync(GBytes *stdin_buf, GError **error)
/*****************************************************************************/
#define _append(p_strbuf, fmt, ...) nm_str_buf_append_printf((p_strbuf), "" fmt "\n", ##__VA_ARGS__)
static GBytes *
_fw_nft_set_shared_construct(gboolean up, const char *ip_iface, in_addr_t addr, guint8 plen)
{
@ -610,8 +612,6 @@ _fw_nft_set_shared_construct(gboolean up, const char *ip_iface, in_addr_t addr,
_share_iptables_subnet_to_str(str_subnet, addr, plen);
#define _append(p_strbuf, fmt, ...) nm_str_buf_append_printf((p_strbuf), "" fmt "\n", ##__VA_ARGS__)
_append(&strbuf, "add table ip %s", table_name);
_append(&strbuf, "%s table ip %s", up ? "flush" : "delete", table_name);
@ -630,16 +630,15 @@ _fw_nft_set_shared_construct(gboolean up, const char *ip_iface, in_addr_t addr,
/* This filter_input chain serves no real purpose, because "accept" only stops
* evaluation of the current rule. It cannot fully accept the packet. Since
* this chain has no other rules, it is useless in this form.
*
* _append(&strbuf,
* "add chain ip %s filter_input {"
* " type filter hook input priority 0; policy accept; "
* "};",
* table_name);
* _append(&strbuf, "add rule ip %s filter_input tcp dport { 67, 53 } accept;", table_name);
* _append(&strbuf, "add rule ip %s filter_input udp dport { 67, 53 } accept;", table_name);
*/
/*
_append(&strbuf,
"add chain ip %s filter_input {"
" type filter hook input priority 0; policy accept; "
"};",
table_name);
_append(&strbuf, "add rule ip %s filter_input tcp dport { 67, 53 } accept;", table_name);
_append(&strbuf, "add rule ip %s filter_input udp dport { 67, 53 } accept;", table_name);
*/
_append(&strbuf,
"add chain ip %s filter_forward {"