From c855bf7e89f4b4f77922ce51a438cbc3d00683a2 Mon Sep 17 00:00:00 2001
From: "/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net"
 </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net>
Date: Mon, 3 Dec 2007 15:32:28 +0000
Subject: Fix showing help text for matches/targets with revision as user

When running as a user iptables can't determine the highest supported
revision and exits. Assume all revision are supported in case we get
a EPERM. If the user is not showing the help text but trying to add
new rules he'll get EPERM later anyway.
---
 xtables.c | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/xtables.c b/xtables.c
index 6107119..3cc864b 100644
--- a/xtables.c
+++ b/xtables.c
@@ -411,6 +411,15 @@ static int compatible_revision(const char *name, u_int8_t revision, int opt)
 
 	sockfd = socket(afinfo.family, SOCK_RAW, IPPROTO_RAW);
 	if (sockfd < 0) {
+		if (errno == EPERM) {
+			/* revision 0 is always supported. */
+			if (revision != 0)
+				fprintf(stderr, "Could not determine whether "
+						"revision %u is supported, "
+						"assuming it is.\n",
+					revision);
+			return 1;
+		}
 		fprintf(stderr, "Could not open socket to kernel: %s\n",
 			strerror(errno));
 		exit(1);
-- 
cgit v1.2.3