summaryrefslogtreecommitdiffstats
path: root/iptables/ip6tables.c
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/ip6tables.c')
-rw-r--r--iptables/ip6tables.c26
1 files changed, 17 insertions, 9 deletions
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index 062b2b15..f9ae18ae 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -122,6 +122,9 @@ print_match(const struct xt_entry_match *m,
printf("%s%s ", match->name, unsupported_rev);
else
printf("%s ", match->name);
+
+ if (match->next == match)
+ free(match);
} else {
if (name[0])
printf("UNKNOWN match `%s' ", name);
@@ -179,6 +182,9 @@ print_firewall(const struct ip6t_entry *fw,
tg->print(&fw->ipv6, t, format & FMT_NUMERIC);
else if (target->print)
printf(" %s%s", target->name, unsupported_rev);
+
+ if (target->next == target)
+ free(target);
} else if (t->u.target_size != sizeof(*t))
printf("[%u bytes of unknown target data] ",
(unsigned int)(t->u.target_size - sizeof(*t)));
@@ -325,7 +331,7 @@ check_entry(const xt_chainlabel chain, struct ip6t_entry *fw,
int ret = 1;
unsigned char *mask;
- mask = make_delete_mask(matches, target, sizeof(fw));
+ mask = make_delete_mask(matches, target, sizeof(*fw));
for (i = 0; i < nsaddrs; i++) {
fw->ipv6.src = saddrs[i];
fw->ipv6.smsk = smasks[i];
@@ -503,8 +509,7 @@ void print_rule6(const struct ip6t_entry *e,
save_ipv6_addr('d', &e->ipv6.dst, &e->ipv6.dmsk,
e->ipv6.invflags & IP6T_INV_DSTIP);
- save_rule_details(e->ipv6.iniface, e->ipv6.iniface_mask,
- e->ipv6.outiface, e->ipv6.outiface_mask,
+ save_rule_details(e->ipv6.iniface, e->ipv6.outiface,
e->ipv6.proto, 0, e->ipv6.invflags);
#if 0
@@ -663,6 +668,10 @@ int do_command6(int argc, char *argv[], char **table,
struct xt_cmd_parse_ops cmd_parse_ops = {
.proto_parse = ipv6_proto_parse,
.post_parse = ipv6_post_parse,
+ .option_name = ip46t_option_name,
+ .option_invert = ip46t_option_invert,
+ .command_default = command_default,
+ .print_help = xtables_printhelp,
};
struct xt_cmd_parse p = {
.table = *table,
@@ -706,6 +715,9 @@ int do_command6(int argc, char *argv[], char **table,
smasks = args.s.mask.v6;
dmasks = args.d.mask.v6;
+ iface_to_mask(cs.fw6.ipv6.iniface, cs.fw6.ipv6.iniface_mask);
+ iface_to_mask(cs.fw6.ipv6.outiface, cs.fw6.ipv6.outiface_mask);
+
/* Attempt to acquire the xtables lock */
if (!restore)
xtables_lock_or_exit(wait);
@@ -772,7 +784,6 @@ int do_command6(int argc, char *argv[], char **table,
xtables_find_target(cs.jumpto, XTF_LOAD_MUST_SUCCEED);
} else {
e = generate_entry(&cs.fw6, cs.matches, cs.target->t);
- free(cs.target->t);
}
}
@@ -874,17 +885,14 @@ int do_command6(int argc, char *argv[], char **table,
if (verbose > 1)
dump_entries6(*handle);
- xtables_rule_matches_free(&cs.matches);
+ xtables_clear_iptables_command_state(&cs);
if (e != NULL) {
free(e);
e = NULL;
}
- free(saddrs);
- free(smasks);
- free(daddrs);
- free(dmasks);
+ xtables_clear_args(&args);
xtables_free_opts(1);
return ret;