summaryrefslogtreecommitdiffstats
path: root/src/ipset.c
diff options
context:
space:
mode:
authorJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2010-12-19 00:38:32 +0100
committerJozsef Kadlecsik <kadlec@blackhole.kfki.hu>2010-12-19 00:38:32 +0100
commit3ded98f40b3fbd08657571f2646397a5f71e10d5 (patch)
treecedaf74c53121f41fa5675996bd1161561461436 /src/ipset.c
parent2a2334920166d20bf091e3212ae3970154d5b8c2 (diff)
Should have gone to sleep: fix check_allowed. Really.
It's not as nice as I'd like to be: IPSET_CREATE_FLAGS and IPSET_ADT_FLAGS are required elsewhere, but to make life simpler, some flags (like IPSET_OPT_TYPENAME) are *not* added to the types full[] flags. So those must be excluded here.
Diffstat (limited to 'src/ipset.c')
-rw-r--r--src/ipset.c22
1 files changed, 11 insertions, 11 deletions
diff --git a/src/ipset.c b/src/ipset.c
index 65747f6..89dbe8f 100644
--- a/src/ipset.c
+++ b/src/ipset.c
@@ -352,7 +352,7 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
if (allowed & IPSET_FLAG(IPSET_OPT_IP_TO))
allowed |= IPSET_FLAG(IPSET_OPT_CIDR);
- for (i = IPSET_OPT_NONE + 1; i < IPSET_OPT_FLAGS; i++) {
+ for (i = IPSET_OPT_IP; i < IPSET_OPT_FLAGS; i++) {
if (!(cmdflags & IPSET_FLAG(i))
|| (allowed & IPSET_FLAG(i))
|| !(flags & IPSET_FLAG(i)))
@@ -363,19 +363,19 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
exit_error(OTHER_PROBLEM,
"IP/CIDR range is not allowed in command %s "
"with set type %s and family %s",
- cmd2name(cmd), type->name, session_family());
+ cmd2name(command), type->name, session_family());
return;
case IPSET_OPT_IP_TO:
exit_error(OTHER_PROBLEM,
"FROM-TO IP range is not allowed in command %s "
"with set type %s and family %s",
- cmd2name(cmd), type->name, session_family());
+ cmd2name(command), type->name, session_family());
return;
case IPSET_OPT_PORT_TO:
exit_error(OTHER_PROBLEM,
"FROM-TO port range is not allowed in command %s "
"with set type %s and family %s",
- cmd2name(cmd), type->name, session_family());
+ cmd2name(command), type->name, session_family());
return;
default:
break;
@@ -383,9 +383,9 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
/* Other options */
if (!arg) {
exit_error(OTHER_PROBLEM,
- "There are not allowed options "
+ "There are not allowed options (%u) "
"but option list is NULL. "
- "It's a bug, please report the problem.");
+ "It's a bug, please report the problem.", i);
return;
}
for (; arg->opt; arg++) {
@@ -395,13 +395,13 @@ check_allowed(const struct ipset_type *type, enum ipset_cmd command)
"%s parameter is not allowed in command %s "
"with set type %s and family %s",
arg->name[0],
- cmd2name(cmd), type->name, session_family());
+ cmd2name(command), type->name, session_family());
return;
}
exit_error(OTHER_PROBLEM,
- "There are not allowed options "
+ "There are not allowed options (%u) "
"but can't resolve them. "
- "It's a bug, please report the problem.");
+ "It's a bug, please report the problem.", i);
return;
}
}
@@ -644,8 +644,8 @@ parse_commandline(int argc, char *argv[])
return ret;
/* Check mandatory, then allowed options */
- check_mandatory(type, IPSET_CREATE);
- check_allowed(type, IPSET_CMD_CREATE);
+ check_mandatory(type, cmd);
+ check_allowed(type, cmd);
break;
case IPSET_CMD_DESTROY: