From d89dc47ab3875f6fe6679cebceccd2000bf81b8e Mon Sep 17 00:00:00 2001 From: Vincent Bernat Date: Sat, 15 Apr 2017 12:16:47 +0200 Subject: iptables-restore/save: exit when given an unknown option When an unknown option is given, iptables-restore should exit instead of continue its operation. For example, if `--table` was misspelled, this could lead to an unwanted change. Moreover, exit with a status code of 1. Make the same change for iptables-save. OTOH, exit with a status code of 0 when requesting help. Signed-off-by: Vincent Bernat Signed-off-by: Pablo Neira Ayuso --- iptables/xtables-restore.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'iptables/xtables-restore.c') diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index 6afa0d0e..15824f0f 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -40,8 +40,6 @@ static const struct option options[] = { {NULL}, }; -static void print_usage(const char *name, const char *version) __attribute__((noreturn)); - #define prog_name xtables_globals.program_name static void print_usage(const char *name, const char *version) @@ -56,8 +54,6 @@ static void print_usage(const char *name, const char *version) " [ --modprobe= ]\n" " [ --ipv4 ]\n" " [ --ipv6 ]\n", name); - - exit(1); } static int parse_counters(char *string, struct xt_counters *ctr) @@ -486,7 +482,7 @@ xtables_restore_main(int family, const char *progname, int argc, char *argv[]) case 'h': print_usage("xtables-restore", IPTABLES_VERSION); - break; + exit(0); case 'n': noflush = 1; break; @@ -503,6 +499,10 @@ xtables_restore_main(int family, const char *progname, int argc, char *argv[]) h.family = AF_INET6; xtables_set_nfproto(AF_INET6); break; + default: + fprintf(stderr, + "Try `xtables-restore -h' for more information.\n"); + exit(1); } } -- cgit v1.2.3