-}
-
-void
-fw3_format_limit(struct fw3_limit *limit)
-{
- if (!limit)
- return;
-
- const char *units[] = {
- [FW3_LIMIT_UNIT_SECOND] = "second",
- [FW3_LIMIT_UNIT_MINUTE] = "minute",
- [FW3_LIMIT_UNIT_HOUR] = "hour",
- [FW3_LIMIT_UNIT_DAY] = "day",
- };
-
- if (limit->rate > 0)
- {
- fw3_pr(" -m limit %s--limit %u/%s",
- limit->invert ? "! " : "", limit->rate, units[limit->unit]);
-
- if (limit->burst > 0)
- fw3_pr(" --limit-burst %u", limit->burst);
- }
-}
-
-void
-fw3_format_ipset(struct fw3_ipset *ipset, bool invert)
-{
- bool first = true;
- const char *name = NULL;
- struct fw3_ipset_datatype *type;
-
- if (!ipset)
- return;
-
- if (ipset->external && *ipset->external)
- name = ipset->external;
- else
- name = ipset->name;
-
- fw3_pr(" -m set %s--match-set %s", invert ? "! " : "", name);
-
- list_for_each_entry(type, &ipset->datatypes, list)
- {
- fw3_pr("%c%s", first ? ' ' : ',', type->dest ? "dst" : "src");
- first = false;
- }
-}
-
-void
-__fw3_format_comment(const char *comment, ...)
-{
- va_list ap;
- int len = 0;
- const char *c;
-
- if (!comment || !*comment)
- return;
-
- fw3_pr(" -m comment --comment \"");
-
- c = comment;
-
- va_start(ap, comment);
-
- do
- {
- while (*c)
- {
- switch (*c)
- {
- case '"':
- case '$':
- case '`':
- case '\\':
- fw3_pr("\\");
- /* fall through */
-
- default:
- fw3_pr("%c", *c);
- break;
- }
-
- c++;
-
- if (len++ >= 255)
- goto end;
- }
-
- c = va_arg(ap, const char *);
- }
- while (c);
-
-end:
- va_end(ap);
- fw3_pr("\"");
-}
-
-void
-fw3_format_extra(const char *extra)
-{
- if (!extra || !*extra)
- return;