diff options
| author | Thomas Haller <thaller@redhat.com> | 2021-05-10 18:45:03 +0200 |
|---|---|---|
| committer | Thomas Haller <thaller@redhat.com> | 2021-05-14 11:41:32 +0200 |
| commit | 2a1d42e77d5b35f654198078813e35e0bd189701 (patch) | |
| tree | 195729f16b884808e41da95dca70aa157e77de42 | |
| parent | 8a11380e80e27139f5949bc1e8fbffbdab75003a (diff) | |
| download | NetworkManager-2a1d42e77d5b35f654198078813e35e0bd189701.tar.gz | |
firewall: refactor is_comment argument to _share_iptables_get_name()
The new name makes it more generic, because the limitation exists
for iptables chains. Everything else (iptables comments, nftables
tables) has no such length limit.
| -rw-r--r-- | src/core/nm-firewall-utils.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/core/nm-firewall-utils.c b/src/core/nm-firewall-utils.c index dc17e2c040..69aa3fdfb0 100644 --- a/src/core/nm-firewall-utils.c +++ b/src/core/nm-firewall-utils.c @@ -36,7 +36,7 @@ _share_iptables_subnet_to_str(char buf[static _SHARE_IPTABLES_SUBNET_TO_STR } static char * -_share_iptables_get_name(gboolean is_comment, const char *prefix, const char *ip_iface) +_share_iptables_get_name(gboolean is_iptables_chain, const char *prefix, const char *ip_iface) { NMStrBuf strbuf = NM_STR_BUF_INIT(NM_UTILS_GET_NEXT_REALLOC_SIZE_40, FALSE); gsize ip_iface_len; @@ -58,7 +58,7 @@ _share_iptables_get_name(gboolean is_comment, const char *prefix, const char *ip * an plain name. * * That means, for chain names the prefix must be at most 8 chars long. */ - nm_assert(is_comment || (strlen(prefix) <= 8)); + nm_assert(!is_iptables_chain || (strlen(prefix) <= 8)); nm_str_buf_append(&strbuf, prefix); @@ -150,7 +150,7 @@ _share_iptables_set_masquerade(gboolean add, const char *ip_iface, in_addr_t add char str_subnet[_SHARE_IPTABLES_SUBNET_TO_STR_LEN]; gs_free char *comment_name = NULL; - comment_name = _share_iptables_get_name(TRUE, "nm-shared", ip_iface); + comment_name = _share_iptables_get_name(FALSE, "nm-shared", ip_iface); _share_iptables_subnet_to_str(str_subnet, addr, plen); _share_iptables_call("" IPTABLES_PATH "", @@ -290,9 +290,9 @@ _share_iptables_set_shared(gboolean add, const char *ip_iface, in_addr_t addr, g gs_free char *chain_input = NULL; gs_free char *chain_forward = NULL; - comment_name = _share_iptables_get_name(TRUE, "nm-shared", ip_iface); - chain_input = _share_iptables_get_name(FALSE, "nm-sh-in", ip_iface); - chain_forward = _share_iptables_get_name(FALSE, "nm-sh-fw", ip_iface); + comment_name = _share_iptables_get_name(FALSE, "nm-shared", ip_iface); + chain_input = _share_iptables_get_name(TRUE, "nm-sh-in", ip_iface); + chain_forward = _share_iptables_get_name(TRUE, "nm-sh-fw", ip_iface); if (add) _share_iptables_set_shared_chains_add(chain_input, chain_forward, ip_iface, addr, plen); |