* [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function
@ 2015-03-11 17:54 Arturo Borrero Gonzalez
2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
2015-03-13 11:15 ` [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Pablo Neira Ayuso
0 siblings, 2 replies; 4+ messages in thread
From: Arturo Borrero Gonzalez @ 2015-03-11 17:54 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo
Previous to this patch, error reporting in ebtables-compat was like:
% ebtables-compat xxx
(null) v1.4.21: Bad argument : 'xxx'
Try `(null) -h' or '(null) --help' for more information.
While the original ebtables was:
% ebtables xxx
Bad argument : 'xxx'.
With this patch, we switch to:
% ebtables-compat xxx
Bad argument : 'xxx'.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
iptables/xtables-eb.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index efbb3cd..355d027 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -27,6 +27,7 @@
#include <string.h>
#include <stdio.h>
#include <stdlib.h>
+#include <stdarg.h>
#include <inttypes.h>
#include <signal.h>
#include <net/if.h>
@@ -291,13 +292,23 @@ static struct option ebt_original_options[] =
{ 0 }
};
-void xtables_exit_error(enum xtables_exittype status, const char *msg, ...) __attribute__((noreturn, format(printf,2,3)));
+static void
+ebt_print_error(enum xtables_exittype status, const char *format, ...)
+{
+ va_list l;
+
+ va_start(l, format);
+ vfprintf(stderr, format, l);
+ fprintf(stderr, ".\n");
+ va_end(l);
+ exit(-1);
+} __attribute__((noreturn, format(printf,2,3)));
struct xtables_globals ebtables_globals = {
.option_offset = 0,
.program_version = IPTABLES_VERSION,
.orig_opts = ebt_original_options,
- .exit_err = xtables_exit_error,
+ .exit_err = ebt_print_error,
.compat_rev = nft_compatible_revision,
};
^ permalink raw reply related [flat|nested] 4+ messages in thread
* [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target
2015-03-11 17:54 [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Arturo Borrero Gonzalez
@ 2015-03-11 17:55 ` Arturo Borrero Gonzalez
2015-03-13 11:16 ` Pablo Neira Ayuso
2015-03-13 11:15 ` [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Pablo Neira Ayuso
1 sibling, 1 reply; 4+ messages in thread
From: Arturo Borrero Gonzalez @ 2015-03-11 17:55 UTC (permalink / raw)
To: netfilter-devel; +Cc: pablo
Before this patch, rule deleting with -D produces segfault in rules
with no target.
Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
iptables/nft-bridge.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index e3ab667..084dd58 100644
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -619,7 +619,7 @@ static bool nft_bridge_rule_find(struct nft_family_ops *ops, struct nft_rule *r,
return false;
}
- if (strcmp(cs->jumpto, this.jumpto) != 0) {
+ if (cs->jumpto != NULL && strcmp(cs->jumpto, this.jumpto) != 0) {
DEBUGP("Different verdict\n");
return false;
}
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function
2015-03-11 17:54 [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Arturo Borrero Gonzalez
2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
@ 2015-03-13 11:15 ` Pablo Neira Ayuso
1 sibling, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2015-03-13 11:15 UTC (permalink / raw)
To: Arturo Borrero Gonzalez; +Cc: netfilter-devel
On Wed, Mar 11, 2015 at 06:54:57PM +0100, Arturo Borrero Gonzalez wrote:
> Previous to this patch, error reporting in ebtables-compat was like:
>
> % ebtables-compat xxx
> (null) v1.4.21: Bad argument : 'xxx'
> Try `(null) -h' or '(null) --help' for more information.
>
> While the original ebtables was:
>
> % ebtables xxx
> Bad argument : 'xxx'.
>
> With this patch, we switch to:
>
> % ebtables-compat xxx
> Bad argument : 'xxx'.
Also applied, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target
2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
@ 2015-03-13 11:16 ` Pablo Neira Ayuso
0 siblings, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2015-03-13 11:16 UTC (permalink / raw)
To: Arturo Borrero Gonzalez; +Cc: netfilter-devel
On Wed, Mar 11, 2015 at 06:55:03PM +0100, Arturo Borrero Gonzalez wrote:
> Before this patch, rule deleting with -D produces segfault in rules
> with no target.
Applied, thanks.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-03-13 11:12 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2015-03-11 17:54 [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Arturo Borrero Gonzalez
2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
2015-03-13 11:16 ` Pablo Neira Ayuso
2015-03-13 11:15 ` [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Pablo Neira Ayuso
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).