-
Notifications
You must be signed in to change notification settings - Fork 195
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
iptables fails to parse -x (expand numbers) option because "pkts" header has more than one leading blank #550
Comments
Thank you for reporting this! I'll try the change and make sure it doesn't break any tests. |
I updated the https://github.com/kellyjonbrazil/jc/blob/dev/jc/parsers/iptables.py You can test by copy/pasting the file into your parser plugin folder:
|
I was doing some additional tests with very large counters that I found in one of my systems and seems that one additional character is needed in the condition "<=3" . Looking directly to iptables source code confirm it: if (!(format & FMT_NOCOUNTS)) { if (format & FMT_KILOMEGAGIGA) { printf(FMT("%5s ","%s "), "pkts"); printf(FMT("%5s ","%s "), "bytes"); } else { printf(FMT("%8s ","%s "), "pkts"); printf(FMT("%10s ","%s "), "bytes"); } } If you want to update the test case: Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 11291792498 217331852907122 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 555958 33533576 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 128628404869 172804745659762 INPUT_direct all -- * * 0.0.0.0/0 0.0.0.0/0 128627559128 172804718596050 INPUT_ZONES_SOURCE all -- * * 0.0.0.0/0 0.0.0.0/0 128627559125 172804718595966 INPUT_ZONES all -- * * 0.0.0.0/0 0.0.0.0/0 26599 1082920 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID 1761 79571 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited And one additional minor change, update parser docs to include "-x" as supported. |
Thanks - I figured that might be the case. 😄 I'll update the parser and tests. |
Added in v1.25.2 |
Hi, turning -x option in iptables, parser fails trying to decode line starting with "pkts" due to more than one leading white space.
Fails with:
Seems that (line 250 in iptables.py):
elif line.startswith('target') or line.find('pkts') ==1 or line.startswith('num'):
could be
elif line.startswith('target') or line.find('pkts') >=1 or line.startswith('num'):
in order to detect this specific case.
Thank you for your excellent work!
The text was updated successfully, but these errors were encountered: