summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
author/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org>2004-12-22 00:37:10 +0000
committer/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org>2004-12-22 00:37:10 +0000
commit0c3670ff610dde14ade44d50d566fb1f04aee4a5 (patch)
tree03a7edb36569f7d794806502f6b7c90bcaa6456f
parentfc070a5d5e91dcf8e3398f8ffcee88cd5047738c (diff)
Don't need ipt_entry_target()/ip6t_entry_target() now kernel uses static inline instead of extern inline (otherwise it doesn't compile without -O).
Don't re-initialize libiptc/libip6t unless modprobe attempt actually succeeds. This makes nfsim run about 20 times faster, as it doesn't have to explore failures in the first iptc_init().
-rw-r--r--ip6tables.c23
-rw-r--r--iptables.c23
2 files changed, 16 insertions, 30 deletions
diff --git a/ip6tables.c b/ip6tables.c
index ced26a5..aac9531 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -148,14 +148,6 @@ static struct option original_opts[] = {
* magic number of -1 */
int line = -1;
-#ifndef __OPTIMIZE__
-struct ip6t_entry_target *
-ip6t_get_target(struct ip6t_entry *e)
-{
- return (void *)e + e->target_offset;
-}
-#endif
-
static struct option *opts = original_opts;
static unsigned int global_option_offset = 0;
@@ -1624,6 +1616,7 @@ int ip6tables_insmod(const char *modname, const char *modprobe)
{
char *buf = NULL;
char *argv[3];
+ int status;
/* If they don't explicitly set it, read out of kernel */
if (!modprobe) {
@@ -1641,16 +1634,18 @@ int ip6tables_insmod(const char *modname, const char *modprobe)
execv(argv[0], argv);
/* not usually reached */
- exit(0);
+ exit(1);
case -1:
return -1;
default: /* parent */
- wait(NULL);
+ wait(&status);
}
free(buf);
- return 0;
+ if (WIFEXITED(status) && WEXITSTATUS(status) == 0)
+ return 0;
+ return -1;
}
static struct ip6t_entry *
@@ -2193,11 +2188,9 @@ int do_command6(int argc, char *argv[], char **table, ip6tc_handle_t *handle)
if (!*handle)
*handle = ip6tc_init(*table);
- if (!*handle) {
- /* try to insmod the module if iptc_init failed */
- ip6tables_insmod("ip6_tables", modprobe);
+ /* try to insmod the module if iptc_init failed */
+ if (!*handle && ip6tables_insmod("ip6_tables", modprobe) != -1)
*handle = ip6tc_init(*table);
- }
if (!*handle)
exit_error(VERSION_PROBLEM,
diff --git a/iptables.c b/iptables.c
index c6f19c2..7c003ad 100644
--- a/iptables.c
+++ b/iptables.c
@@ -147,14 +147,6 @@ static struct option original_opts[] = {
* magic number of -1 */
int line = -1;
-#ifndef __OPTIMIZE__
-struct ipt_entry_target *
-ipt_get_target(struct ipt_entry *e)
-{
- return (void *)e + e->target_offset;
-}
-#endif
-
static struct option *opts = original_opts;
static unsigned int global_option_offset = 0;
@@ -1622,6 +1614,7 @@ int iptables_insmod(const char *modname, const char *modprobe)
{
char *buf = NULL;
char *argv[3];
+ int status;
/* If they don't explicitly set it, read out of kernel */
if (!modprobe) {
@@ -1639,16 +1632,18 @@ int iptables_insmod(const char *modname, const char *modprobe)
execv(argv[0], argv);
/* not usually reached */
- exit(0);
+ exit(1);
case -1:
return -1;
default: /* parent */
- wait(NULL);
+ wait(&status);
}
free(buf);
- return 0;
+ if (WIFEXITED(status) && WEXITSTATUS(status) == 0)
+ return 0;
+ return -1;
}
static struct ipt_entry *
@@ -2193,11 +2188,9 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
if (!*handle)
*handle = iptc_init(*table);
- if (!*handle) {
- /* try to insmod the module if iptc_init failed */
- iptables_insmod("ip_tables", modprobe);
+ /* try to insmod the module if iptc_init failed */
+ if (!*handle && iptables_insmod("ip_tables", modprobe) != -1)
*handle = iptc_init(*table);
- }
if (!*handle)
exit_error(VERSION_PROBLEM,