summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJan Engelhardt <jengelh@medozas.de>2011-09-11 17:14:04 +0200
committerJan Engelhardt <jengelh@medozas.de>2011-09-11 17:14:04 +0200
commit34d23bd14002aeeae0374d2561ad329e5cdc96e2 (patch)
treedd296f51c7b5fa331be5064955063341ba34b1cf
parent62fc25fd1625f0f65b9eed3e15fe929dd0aff2c5 (diff)
parent1e4965232d77ab752c9c781afcf854f4b173c7b1 (diff)
Merge branch 'stable'
-rw-r--r--extensions/GNUmakefile.in12
-rw-r--r--iptables/ip6tables-restore.84
-rw-r--r--iptables/ip6tables-restore.c11
-rw-r--r--iptables/iptables-restore.85
4 files changed, 23 insertions, 9 deletions
diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in
index a9edb1e6..60f28c0c 100644
--- a/extensions/GNUmakefile.in
+++ b/extensions/GNUmakefile.in
@@ -37,9 +37,9 @@ endif
#
# Wildcard module list
#
-pfx_build_mod := $(patsubst ${srcdir}/libxt_%.c,%,$(wildcard ${srcdir}/libxt_*.c))
-@ENABLE_IPV4_TRUE@ pf4_build_mod := $(patsubst ${srcdir}/libipt_%.c,%,$(wildcard ${srcdir}/libipt_*.c))
-@ENABLE_IPV6_TRUE@ pf6_build_mod := $(patsubst ${srcdir}/libip6t_%.c,%,$(wildcard ${srcdir}/libip6t_*.c))
+pfx_build_mod := $(patsubst ${srcdir}/libxt_%.c,%,$(sort $(wildcard ${srcdir}/libxt_*.c)))
+@ENABLE_IPV4_TRUE@ pf4_build_mod := $(patsubst ${srcdir}/libipt_%.c,%,$(sort $(wildcard ${srcdir}/libipt_*.c)))
+@ENABLE_IPV6_TRUE@ pf6_build_mod := $(patsubst ${srcdir}/libip6t_%.c,%,$(sort $(wildcard ${srcdir}/libip6t_*.c)))
pfx_build_mod := $(filter-out @blacklist_modules@,${pfx_build_mod})
pf4_build_mod := $(filter-out @blacklist_modules@,${pf4_build_mod})
pf6_build_mod := $(filter-out @blacklist_modules@,${pf6_build_mod})
@@ -198,11 +198,11 @@ initext6.c: .initext6.dd
#
# Manual pages
#
-ex_matches = $(sort $(shell echo $(1) | LC_ALL=POSIX grep -Eo '\b[[:lower:][:digit:]_]+\b'))
-ex_targets = $(sort $(shell echo $(1) | LC_ALL=POSIX grep -Eo '\b[[:upper:][:digit:]_]+\b'))
+ex_matches = $(shell echo ${1} | LC_ALL=POSIX grep -Eo '\b[[:lower:][:digit:]_]+\b')
+ex_targets = $(shell echo ${1} | LC_ALL=POSIX grep -Eo '\b[[:upper:][:digit:]_]+\b')
man_run = \
${AM_VERBOSE_GEN} \
- for ext in $(1); do \
+ for ext in $(sort ${1}); do \
f="${srcdir}/libxt_$$ext.man"; \
cf="${srcdir}/libxt_$$ext.c"; \
if [ -f "$$f" ] && grep -Eq "$(3)|NFPROTO_UNSPEC" "$$cf"; then \
diff --git a/iptables/ip6tables-restore.8 b/iptables/ip6tables-restore.8
index 02648070..59a3b2e5 100644
--- a/iptables/ip6tables-restore.8
+++ b/iptables/ip6tables-restore.8
@@ -32,8 +32,10 @@ I/O redirection provided by your shell to read from a file
restore the values of all packet and byte counters
.TP
\fB\-n\fR, \fB\-\-noflush\fR
-.TP
don't flush the previous contents of the table. If not specified,
+.TP
+\fB\-T\fP, \fB\-\-table\fP \fIname\fP
+Restore only the named table even if the input stream contains other ones.
.B ip6tables-restore
flushes (deletes) all previous contents of the respective IPv6 Table.
.SH BUGS
diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
index 985744d6..1487504b 100644
--- a/iptables/ip6tables-restore.c
+++ b/iptables/ip6tables-restore.c
@@ -36,6 +36,7 @@ static const struct option options[] = {
{.name = "help", .has_arg = false, .val = 'h'},
{.name = "noflush", .has_arg = false, .val = 'n'},
{.name = "modprobe", .has_arg = true, .val = 'M'},
+ {.name = "table", .has_arg = true, .val = 'T'},
{NULL},
};
@@ -121,6 +122,7 @@ int ip6tables_restore_main(int argc, char *argv[])
char curtable[IP6T_TABLE_MAXNAMELEN + 1];
FILE *in;
int in_table = 0, testing = 0;
+ const char *tablename = NULL;
line = 0;
@@ -137,7 +139,7 @@ int ip6tables_restore_main(int argc, char *argv[])
init_extensions6();
#endif
- while ((c = getopt_long(argc, argv, "bcvthnM:", options, NULL)) != -1) {
+ while ((c = getopt_long(argc, argv, "bcvthnM:T:", options, NULL)) != -1) {
switch (c) {
case 'b':
binary = 1;
@@ -161,6 +163,9 @@ int ip6tables_restore_main(int argc, char *argv[])
case 'M':
xtables_modprobe_program = optarg;
break;
+ case 'T':
+ tablename = optarg;
+ break;
}
}
@@ -216,6 +221,8 @@ int ip6tables_restore_main(int argc, char *argv[])
strncpy(curtable, table, IP6T_TABLE_MAXNAMELEN);
curtable[IP6T_TABLE_MAXNAMELEN] = '\0';
+ if (tablename != NULL && strcmp(tablename, table) != 0)
+ continue;
if (handle)
ip6tc_free(handle);
@@ -442,6 +449,8 @@ int ip6tables_restore_main(int argc, char *argv[])
free_argv();
fflush(stdout);
}
+ if (tablename != NULL && strcmp(tablename, curtable) != 0)
+ continue;
if (!ret) {
fprintf(stderr, "%s: line %u failed\n",
ip6tables_globals.program_name,
diff --git a/iptables/iptables-restore.8 b/iptables/iptables-restore.8
index a52bcebe..0dd20cb1 100644
--- a/iptables/iptables-restore.8
+++ b/iptables/iptables-restore.8
@@ -21,7 +21,7 @@
.SH NAME
iptables-restore \(em Restore IP Tables
.SH SYNOPSIS
-\fBiptables\-restore\fP [\fB\-c\fP] [\fB\-n\fP]
+\fBiptables\-restore\fP [\fB\-c\fP] [\fB\-n\fP] [\fB\-T\fP \fIname\fP]
.SH DESCRIPTION
.PP
.B iptables-restore
@@ -35,6 +35,9 @@ restore the values of all packet and byte counters
don't flush the previous contents of the table. If not specified,
.B iptables-restore
flushes (deletes) all previous contents of the respective IP Table.
+.TP
+\fB\-T\fP, \fB\-\-table\fP \fIname\fP
+Restore only the named table even if the input stream contains other ones.
.SH BUGS
None known as of iptables-1.2.1 release
.SH AUTHOR