diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2009-10-24 00:45:33 +0200 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2009-11-03 21:54:20 +0100 |
| commit | bbe83862a5e1baf15f7c923352d4afdf59bc70e2 (patch) | |
| tree | 790bfd0d6a47968e6c1ed6b2f681ec5578728463 /extensions/libxt_tcp.c | |
| parent | bf97128c7262f17a02fec41cdae75b472ba77f88 (diff) | |
iptables/extensions: make bundled options work again
When using a bundled option like "-ptcp", 'argv[optind-1]' would
logically point to "-ptcp", but this is obviously not right.
'optarg' is needed instead, which if properly offset to "tcp".
Not all places change optind-based access to optarg; where
look-ahead is needed, such as for tcp's --tcp-flags option for
example, optind is ok.
References: http://bugzilla.netfilter.org/show_bug.cgi?id=611
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'extensions/libxt_tcp.c')
| -rw-r--r-- | extensions/libxt_tcp.c | 8 |
1 files changed, 4 insertions, 4 deletions
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c index 0f3e27de..75551d79 100644 --- a/extensions/libxt_tcp.c +++ b/extensions/libxt_tcp.c @@ -148,7 +148,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, xtables_error(PARAMETER_PROBLEM, "Only one `--source-port' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0, argv); - parse_tcp_ports(argv[optind-1], tcpinfo->spts); + parse_tcp_ports(optarg, tcpinfo->spts); if (invert) tcpinfo->invflags |= XT_TCP_INV_SRCPT; *flags |= TCP_SRC_PORTS; @@ -159,7 +159,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, xtables_error(PARAMETER_PROBLEM, "Only one `--destination-port' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0, argv); - parse_tcp_ports(argv[optind-1], tcpinfo->dpts); + parse_tcp_ports(optarg, tcpinfo->dpts); if (invert) tcpinfo->invflags |= XT_TCP_INV_DSTPT; *flags |= TCP_DST_PORTS; @@ -186,7 +186,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, xtables_error(PARAMETER_PROBLEM, "--tcp-flags requires two args."); - parse_tcp_flags(tcpinfo, argv[optind-1], argv[optind], + parse_tcp_flags(tcpinfo, optarg, argv[optind], invert); optind++; *flags |= TCP_FLAGS; @@ -197,7 +197,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, xtables_error(PARAMETER_PROBLEM, "Only one `--tcp-option' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0, argv); - parse_tcp_option(argv[optind-1], &tcpinfo->option); + parse_tcp_option(optarg, &tcpinfo->option); if (invert) tcpinfo->invflags |= XT_TCP_INV_OPTION; *flags |= TCP_OPTION; |