Fix showing help text for matches/targets with revision as user

When running as a user iptables can't determine the highest supported revision and exits. Assume all revision are supported in case we get a EPERM. If the user is not showing the help text but trying to add new rules he'll get EPERM later anyway.
author: /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> 2007-12-03 15:32:28 +0000
committer: /C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net> 2007-12-03 15:32:28 +0000
commit: c855bf7e89f4b4f77922ce51a438cbc3d00683a2 (patch)
tree: 6c17dc069e0bbbd4924efaf4bc4089185ce2481c /xtables.c
parent: f1c82dcde3c7e82ef3105ed284e3711db25758c7 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/xtables.c b/xtables.c
index 6107119..3cc864b 100644
--- a/xtables.c
+++ b/xtables.c
@@ -411,6 +411,15 @@ static int compatible_revision(const char *name, u_int8_t revision, int opt)
 
 	sockfd = socket(afinfo.family, SOCK_RAW, IPPROTO_RAW);
 	if (sockfd < 0) {
+		if (errno == EPERM) {
+			/* revision 0 is always supported. */
+			if (revision != 0)
+				fprintf(stderr, "Could not determine whether "
+						"revision %u is supported, "
+						"assuming it is.\n",
+					revision);
+			return 1;
+		}
 		fprintf(stderr, "Could not open socket to kernel: %s\n",
 			strerror(errno));
 		exit(1);
author	/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net>	2007-12-03 15:32:28 +0000
committer	/C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net </C=EU/ST=EU/CN=Patrick McHardy/emailAddress=kaber@trash.net>	2007-12-03 15:32:28 +0000
commit	c855bf7e89f4b4f77922ce51a438cbc3d00683a2 (patch)
tree	6c17dc069e0bbbd4924efaf4bc4089185ce2481c /xtables.c
parent	f1c82dcde3c7e82ef3105ed284e3711db25758c7 (diff)