From d89dc47ab3875f6fe6679cebceccd2000bf81b8e Mon Sep 17 00:00:00 2001
From: Vincent Bernat <vincent@bernat.im>
Date: Sat, 15 Apr 2017 12:16:47 +0200
Subject: iptables-restore/save: exit when given an unknown option

When an unknown option is given, iptables-restore should exit instead of
continue its operation. For example, if `--table` was misspelled, this
could lead to an unwanted change. Moreover, exit with a status code of
1. Make the same change for iptables-save.

OTOH, exit with a status code of 0 when requesting help.

Signed-off-by: Vincent Bernat <vincent@bernat.im>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/xtables-save.c | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'iptables/xtables-save.c')

diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c
index f30867cf..abd840af 100644
--- a/iptables/xtables-save.c
+++ b/iptables/xtables-save.c
@@ -130,6 +130,10 @@ xtables_save_main(int family, const char *progname, int argc, char *argv[])
 			h.family = AF_INET6;
 			xtables_set_nfproto(AF_INET6);
 			break;
+		default:
+			fprintf(stderr,
+				"Look at manual page `xtables-save.8' for more information.\n");
+			exit(1);
 		}
 	}
 
-- 
cgit v1.2.3