diff options
author | Jan Engelhardt <jengelh@medozas.de> | 2009-10-24 00:45:33 +0200 |
---|---|---|
committer | Jan Engelhardt <jengelh@medozas.de> | 2009-11-03 21:54:20 +0100 |
commit | bbe83862a5e1baf15f7c923352d4afdf59bc70e2 (patch) | |
tree | 790bfd0d6a47968e6c1ed6b2f681ec5578728463 /iptables.c | |
parent | bf97128c7262f17a02fec41cdae75b472ba77f88 (diff) |
iptables/extensions: make bundled options work again
When using a bundled option like "-ptcp", 'argv[optind-1]' would
logically point to "-ptcp", but this is obviously not right.
'optarg' is needed instead, which if properly offset to "tcp".
Not all places change optind-based access to optarg; where
look-ahead is needed, such as for tcp's --tcp-flags option for
example, optind is ok.
References: http://bugzilla.netfilter.org/show_bug.cgi?id=611
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'iptables.c')
-rw-r--r-- | iptables.c | 12 |
1 files changed, 6 insertions, 6 deletions
@@ -1520,10 +1520,10 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle invert); /* Canonicalize into lower case */ - for (protocol = argv[optind-1]; *protocol; protocol++) + for (protocol = optarg; *protocol; protocol++) *protocol = tolower(*protocol); - protocol = argv[optind-1]; + protocol = optarg; fw.ip.proto = xtables_parse_protocol(protocol); if (fw.ip.proto == 0 @@ -1536,14 +1536,14 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle xtables_check_inverse(optarg, &invert, &optind, argc, argv); set_option(&options, OPT_SOURCE, &fw.ip.invflags, invert); - shostnetworkmask = argv[optind-1]; + shostnetworkmask = optarg; break; case 'd': xtables_check_inverse(optarg, &invert, &optind, argc, argv); set_option(&options, OPT_DESTINATION, &fw.ip.invflags, invert); - dhostnetworkmask = argv[optind-1]; + dhostnetworkmask = optarg; break; #ifdef IPT_F_GOTO @@ -1589,7 +1589,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle xtables_check_inverse(optarg, &invert, &optind, argc, argv); set_option(&options, OPT_VIANAMEIN, &fw.ip.invflags, invert); - xtables_parse_interface(argv[optind-1], + xtables_parse_interface(optarg, fw.ip.iniface, fw.ip.iniface_mask); break; @@ -1598,7 +1598,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle xtables_check_inverse(optarg, &invert, &optind, argc, argv); set_option(&options, OPT_VIANAMEOUT, &fw.ip.invflags, invert); - xtables_parse_interface(argv[optind-1], + xtables_parse_interface(optarg, fw.ip.outiface, fw.ip.outiface_mask); break; |