diff options
author | Phil Sutter <phil@nwl.cc> | 2019-10-22 12:25:28 +0200 |
---|---|---|
committer | Phil Sutter <phil@nwl.cc> | 2019-10-23 10:58:09 +0200 |
commit | 4e470fa34761085144640fb561a9ad26b2cde382 (patch) | |
tree | 70722e0e5e003fa2a764c8e8a251112bc41f02e4 /iptables/xtables.c | |
parent | 3dc433b55bbfaf9df3ee408aaa6282742f377864 (diff) |
xtables-restore: Unbreak *tables-restore
Commit 3dc433b55bbfa ("xtables-restore: Fix --table parameter check")
installed an error check which evaluated true in all cases as all
callers of do_command callbacks pass a pointer to a table name already.
Attached test case passed as it tested error condition only.
Fix the whole mess by introducing a boolean to indicate whether a table
parameter was seen already. Extend the test case to cover positive as
well as negative behaviour and to test ebtables-restore and
ip6tables-restore as well. Also add the required checking code to the
latter since the original commit missed it.
Fixes: 3dc433b55bbfa ("xtables-restore: Fix --table parameter check")
Signed-off-by: Phil Sutter <phil@nwl.cc>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables.c')
-rw-r--r-- | iptables/xtables.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/iptables/xtables.c b/iptables/xtables.c index 89f3271e..8a9e0edc 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -590,6 +590,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], bool wait_interval_set = false; struct timeval wait_interval; struct xtables_target *t; + bool table_set = false; int wait = 0; memset(cs, 0, sizeof(*cs)); @@ -879,7 +880,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], if (cs->invert) xtables_error(PARAMETER_PROBLEM, "unexpected ! flag before --table"); - if (p->restore && p->table) + if (p->restore && table_set) xtables_error(PARAMETER_PROBLEM, "The -t option (seen in line %u) cannot be used in %s.\n", line, xt_params->program_name); @@ -888,6 +889,7 @@ void do_parse(struct nft_handle *h, int argc, char *argv[], "table '%s' does not exist", optarg); p->table = optarg; + table_set = true; break; case 'x': |