diff options
| author | Jiri Popelka <jpopelka@redhat.com> | 2014-07-04 15:50:41 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2014-07-25 19:10:47 +0200 |
| commit | aaa4ace72ba1d195bbf436134a336816c33f7bd0 (patch) | |
| tree | 523040baa49a3479bf7bc775bb375b0b692dd288 /iptables/xtables.c | |
| parent | 03a3f7cf1826f70dd1db070aa8ee11bd2abbccd9 (diff) | |
iptables: add optional [seconds] argument to -w
This patch adds an optional numeric argument
to -w option (added with 93587a0) so one can
specify how long to wait for an exclusive lock.
If the value isn't specified it works as before,
i.e. program waits indefinitely.
If user specifies it, program exits after
the given time interval passes.
This patch also adds the -w/--wait to nftables
compat code, so the parser doesn't complain.
[ In the original patch, iptables-compat -w X was not working,
I have fixed by adding the dummy code not to break scripts
using the new optional argument --pablo ]
Signed-off-by: Jiri Popelka <jpopelka@redhat.com>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables/xtables.c')
| -rw-r--r-- | iptables/xtables.c | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/iptables/xtables.c b/iptables/xtables.c index 45a5ac63..d661dd16 100644 --- a/iptables/xtables.c +++ b/iptables/xtables.c @@ -85,6 +85,7 @@ static struct option original_opts[] = { {.name = "numeric", .has_arg = 0, .val = 'n'}, {.name = "out-interface", .has_arg = 1, .val = 'o'}, {.name = "verbose", .has_arg = 0, .val = 'v'}, + {.name = "wait", .has_arg = 2, .val = 'w'}, {.name = "exact", .has_arg = 0, .val = 'x'}, {.name = "fragments", .has_arg = 0, .val = 'f'}, {.name = "version", .has_arg = 0, .val = 'V'}, @@ -683,6 +684,7 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table, { struct iptables_command_state cs; int verbose = 0; + int wait = 0; const char *chain = NULL; const char *policy = NULL, *newname = NULL; unsigned int rulenum = 0, command = 0; @@ -722,7 +724,7 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table, opts = xt_params->orig_opts; while ((cs.c = getopt_long(argc, argv, - "-:A:C:D:R:I:L::S::M:F::Z::N:X::E:P:Vh::o:p:s:d:j:i:fbvnt:m:xc:g:46", + "-:A:C:D:R:I:L::S::M:F::Z::N:X::E:P:Vh::o:p:s:d:j:i:fbvw::nt:m:xc:g:46", opts, NULL)) != -1) { switch (cs.c) { /* @@ -1007,6 +1009,15 @@ int do_commandx(struct nft_handle *h, int argc, char *argv[], char **table, "You cannot use `-w' from " "iptables-restore"); } + if (optarg) { + if (sscanf(optarg, "%i", &wait) != 1) + xtables_error(PARAMETER_PROBLEM, + "wait seconds not numeric"); + } else if (optind < argc && argv[optind][0] != '-' + && argv[optind][0] != '!') + if (sscanf(argv[optind++], "%i", &wait) != 1) + xtables_error(PARAMETER_PROBLEM, + "wait seconds not numeric"); break; case '0': |