From bbe83862a5e1baf15f7c923352d4afdf59bc70e2 Mon Sep 17 00:00:00 2001
From: Jan Engelhardt <jengelh@medozas.de>
Date: Sat, 24 Oct 2009 00:45:33 +0200
Subject: iptables/extensions: make bundled options work again

When using a bundled option like "-ptcp", 'argv[optind-1]' would
logically point to "-ptcp", but this is obviously not right.
'optarg' is needed instead, which if properly offset to "tcp".

Not all places change optind-based access to optarg; where
look-ahead is needed, such as for tcp's --tcp-flags option for
example, optind is ok.

References: http://bugzilla.netfilter.org/show_bug.cgi?id=611
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
 extensions/libxt_multiport.c | 24 ++++++++++++------------
 1 file changed, 12 insertions(+), 12 deletions(-)

(limited to 'extensions/libxt_multiport.c')

diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index 2be07001..e8a0dab5 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -164,25 +164,25 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
 
 	switch (c) {
 	case '1':
-		xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
+		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
 		proto = check_proto(pnum, invflags);
-		multiinfo->count = parse_multi_ports(argv[optind-1],
+		multiinfo->count = parse_multi_ports(optarg,
 						     multiinfo->ports, proto);
 		multiinfo->flags = XT_MULTIPORT_SOURCE;
 		break;
 
 	case '2':
-		xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
+		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
 		proto = check_proto(pnum, invflags);
-		multiinfo->count = parse_multi_ports(argv[optind-1],
+		multiinfo->count = parse_multi_ports(optarg,
 						     multiinfo->ports, proto);
 		multiinfo->flags = XT_MULTIPORT_DESTINATION;
 		break;
 
 	case '3':
-		xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
+		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
 		proto = check_proto(pnum, invflags);
-		multiinfo->count = parse_multi_ports(argv[optind-1],
+		multiinfo->count = parse_multi_ports(optarg,
 						     multiinfo->ports, proto);
 		multiinfo->flags = XT_MULTIPORT_EITHER;
 		break;
@@ -231,23 +231,23 @@ __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
 
 	switch (c) {
 	case '1':
-		xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
+		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
 		proto = check_proto(pnum, invflags);
-		parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
+		parse_multi_ports_v1(optarg, multiinfo, proto);
 		multiinfo->flags = XT_MULTIPORT_SOURCE;
 		break;
 
 	case '2':
-		xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
+		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
 		proto = check_proto(pnum, invflags);
-		parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
+		parse_multi_ports_v1(optarg, multiinfo, proto);
 		multiinfo->flags = XT_MULTIPORT_DESTINATION;
 		break;
 
 	case '3':
-		xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
+		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
 		proto = check_proto(pnum, invflags);
-		parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
+		parse_multi_ports_v1(optarg, multiinfo, proto);
 		multiinfo->flags = XT_MULTIPORT_EITHER;
 		break;
 
-- 
cgit v1.2.3