summaryrefslogtreecommitdiffstats
path: root/iptables/xtables-eb.c
diff options
context:
space:
mode:
authorArturo Borrero <arturo.borrero.glez@gmail.com>2014-11-24 19:43:05 +0100
committerPablo Neira Ayuso <pablo@netfilter.org>2014-11-25 20:05:08 +0100
commit84b69ea462eb2159ce6bde83d6bcf2eac0098f87 (patch)
tree536db42d98c55106082250d560357e5afe497f40 /iptables/xtables-eb.c
parent4a48ec94c233a125a371eced5dc161df557576d9 (diff)
iptables: xtables-eb: fix renaming of chains
Renaming of chains is not working. and ebtables-compat gets: libnftnl: attribute 0 assertion failed in chain.c:159 This patch brings back the parser code of the original ebtables tool: http://git.netfilter.org/ebtables.old-history/tree/userspace/ebtables2/ebtables.c#n652 I adapted the original parser code to fit in the new environment. Also tried to keep original error messages as much as possible. Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com> Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables-eb.c')
-rw-r--r--iptables/xtables-eb.c19
1 files changed, 17 insertions, 2 deletions
diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index 47af78f9..b924daf9 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -21,6 +21,7 @@
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
+#include <errno.h>
#include <getopt.h>
#include <string.h>
#include <stdio.h>
@@ -32,6 +33,7 @@
#include <xtables.h>
#include <linux/netfilter_bridge.h>
+#include <linux/netfilter/nf_tables.h>
#include <ebtables/ethernetdb.h>
#include "xshared.h"
#include "nft.h"
@@ -582,7 +584,6 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table)
struct ebtables_command_state cs;
char command = 'h';
const char *chain = NULL;
- const char *newname = NULL;
const char *policy = NULL;
int exec_style = EXEC_STYLE_PRG;
int selected_chain = -1;
@@ -643,7 +644,21 @@ int do_commandeb(struct nft_handle *h, int argc, char *argv[], char **table)
}
if (c == 'E') {
- ret = nft_chain_user_rename(h, chain, *table, newname);
+ if (optind >= argc)
+ xtables_error(PARAMETER_PROBLEM, "No new chain name specified");
+ else if (optind < argc - 1)
+ xtables_error(PARAMETER_PROBLEM, "No extra options allowed with -E");
+ else if (strlen(argv[optind]) >= NFT_CHAIN_MAXNAMELEN)
+ xtables_error(PARAMETER_PROBLEM, "Chain name length can't exceed %d"" characters", NFT_CHAIN_MAXNAMELEN - 1);
+ else if (strchr(argv[optind], ' ') != NULL)
+ xtables_error(PARAMETER_PROBLEM, "Use of ' ' not allowed in chain names");
+
+ ret = nft_chain_user_rename(h, chain, *table,
+ argv[optind]);
+ if (ret != 0 && errno == ENOENT)
+ xtables_error(PARAMETER_PROBLEM, "Chain '%s' doesn't exists", chain);
+
+ optind++;
break;
} else if (c == 'D' && optind < argc && (argv[optind][0] != '-' || (argv[optind][1] >= '0' && argv[optind][1] <= '9'))) {
if (optind != argc - 1)