path: root/iptables/xshared.h
diff options
authorJan Engelhardt <>2011-06-07 22:20:13 +0200
committerJan Engelhardt <>2011-06-07 22:33:13 +0200
commit780607f8b040a47cd2d4775376e2d30f567dc049 (patch)
tree1dc9372b7556774c0164241929b4c4edfbf163f1 /iptables/xshared.h
parent6a74dc80fcdf48e2b149e92aee08f3445055ea3b (diff)
option: fix ignored negation before implicit extension loading
`iptables -A INPUT -p tcp ! --syn` forgot the negation, i.e. it was not present in a subsequent `iptables -S`. Commit v1.4.11~77^2~9 missed the fact that after autoloading a proto extension, cs.invert must not be touched until the next getopt call. This is now fixed by having command_default return a value to indicate whether to jump or not. Signed-off-by: Jan Engelhardt <>
Diffstat (limited to 'iptables/xshared.h')
1 files changed, 1 insertions, 1 deletions
diff --git a/iptables/xshared.h b/iptables/xshared.h
index d868c06f..b44a3a35 100644
--- a/iptables/xshared.h
+++ b/iptables/xshared.h
@@ -77,7 +77,7 @@ enum {
extern void print_extension_helps(const struct xtables_target *,
const struct xtables_rule_match *);
extern const char *proto_to_name(uint8_t, int);
-extern void command_default(struct iptables_command_state *,
+extern int command_default(struct iptables_command_state *,
struct xtables_globals *);
extern struct xtables_match *load_proto(struct iptables_command_state *);
extern int subcmd_main(int, char **, const struct subcommand *);