diff options
| author | Vincent Bernat <vincent@bernat.im> | 2017-04-15 12:16:47 +0200 |
|---|---|---|
| committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2017-04-19 18:00:41 +0200 |
| commit | d89dc47ab3875f6fe6679cebceccd2000bf81b8e (patch) | |
| tree | fe990365c13f083b184ccb8933cf9489577aa87b /iptables | |
| parent | 65801d02a482befd2745c792d6596ec75d434934 (diff) | |
iptables-restore/save: exit when given an unknown option
When an unknown option is given, iptables-restore should exit instead of
continue its operation. For example, if `--table` was misspelled, this
could lead to an unwanted change. Moreover, exit with a status code of
1. Make the same change for iptables-save.
OTOH, exit with a status code of 0 when requesting help.
Signed-off-by: Vincent Bernat <vincent@bernat.im>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'iptables')
| -rw-r--r-- | iptables/ip6tables-restore.c | 10 | ||||
| -rw-r--r-- | iptables/ip6tables-save.c | 4 | ||||
| -rw-r--r-- | iptables/iptables-restore.c | 10 | ||||
| -rw-r--r-- | iptables/iptables-save.c | 4 | ||||
| -rw-r--r-- | iptables/xtables-restore.c | 10 | ||||
| -rw-r--r-- | iptables/xtables-save.c | 4 |
6 files changed, 27 insertions, 15 deletions
diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c index 419a2b0e..39a881df 100644 --- a/iptables/ip6tables-restore.c +++ b/iptables/ip6tables-restore.c @@ -47,8 +47,6 @@ static const struct option options[] = { {NULL}, }; -static void print_usage(const char *name, const char *version) __attribute__((noreturn)); - #define prog_name ip6tables_globals.program_name #define prog_vers ip6tables_globals.program_version @@ -65,8 +63,6 @@ static void print_usage(const char *name, const char *version) " [ --wait-interval=<usecs>\n" " [ --table=<TABLE> ]\n" " [ --modprobe=<command> ]\n", name); - - exit(1); } static struct xtc_handle *create_handle(const char *tablename) @@ -237,7 +233,7 @@ int ip6tables_restore_main(int argc, char *argv[]) case 'h': print_usage("ip6tables-restore", IPTABLES_VERSION); - break; + exit(0); case 'n': noflush = 1; break; @@ -253,6 +249,10 @@ int ip6tables_restore_main(int argc, char *argv[]) case 'T': tablename = optarg; break; + default: + fprintf(stderr, + "Try `ip6tables-restore -h' for more information.\n"); + exit(1); } } diff --git a/iptables/ip6tables-save.c b/iptables/ip6tables-save.c index c2495d20..250ca204 100644 --- a/iptables/ip6tables-save.c +++ b/iptables/ip6tables-save.c @@ -162,6 +162,10 @@ int ip6tables_save_main(int argc, char *argv[]) case 'd': do_output(tablename); exit(0); + default: + fprintf(stderr, + "Look at manual page `ip6tables-save.8' for more information.\n"); + exit(1); } } diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c index cb06559b..876fe06d 100644 --- a/iptables/iptables-restore.c +++ b/iptables/iptables-restore.c @@ -44,8 +44,6 @@ static const struct option options[] = { {NULL}, }; -static void print_usage(const char *name, const char *version) __attribute__((noreturn)); - #define prog_name iptables_globals.program_name #define prog_vers iptables_globals.program_version @@ -62,8 +60,6 @@ static void print_usage(const char *name, const char *version) " [ --wait-interval=<usecs>\n" " [ --table=<TABLE> ]\n" " [ --modprobe=<command> ]\n", name); - - exit(1); } static struct xtc_handle *create_handle(const char *tablename) @@ -235,7 +231,7 @@ iptables_restore_main(int argc, char *argv[]) case 'h': print_usage("iptables-restore", IPTABLES_VERSION); - break; + exit(0); case 'n': noflush = 1; break; @@ -251,6 +247,10 @@ iptables_restore_main(int argc, char *argv[]) case 'T': tablename = optarg; break; + default: + fprintf(stderr, + "Try `iptables-restore -h' for more information.\n"); + exit(1); } } diff --git a/iptables/iptables-save.c b/iptables/iptables-save.c index fbc60593..52929b09 100644 --- a/iptables/iptables-save.c +++ b/iptables/iptables-save.c @@ -161,6 +161,10 @@ iptables_save_main(int argc, char *argv[]) case 'd': do_output(tablename); exit(0); + default: + fprintf(stderr, + "Look at manual page `iptables-save.8' for more information.\n"); + exit(1); } } diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c index 6afa0d0e..15824f0f 100644 --- a/iptables/xtables-restore.c +++ b/iptables/xtables-restore.c @@ -40,8 +40,6 @@ static const struct option options[] = { {NULL}, }; -static void print_usage(const char *name, const char *version) __attribute__((noreturn)); - #define prog_name xtables_globals.program_name static void print_usage(const char *name, const char *version) @@ -56,8 +54,6 @@ static void print_usage(const char *name, const char *version) " [ --modprobe=<command> ]\n" " [ --ipv4 ]\n" " [ --ipv6 ]\n", name); - - exit(1); } static int parse_counters(char *string, struct xt_counters *ctr) @@ -486,7 +482,7 @@ xtables_restore_main(int family, const char *progname, int argc, char *argv[]) case 'h': print_usage("xtables-restore", IPTABLES_VERSION); - break; + exit(0); case 'n': noflush = 1; break; @@ -503,6 +499,10 @@ xtables_restore_main(int family, const char *progname, int argc, char *argv[]) h.family = AF_INET6; xtables_set_nfproto(AF_INET6); break; + default: + fprintf(stderr, + "Try `xtables-restore -h' for more information.\n"); + exit(1); } } diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index f30867cf..abd840af 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -130,6 +130,10 @@ xtables_save_main(int family, const char *progname, int argc, char *argv[]) h.family = AF_INET6; xtables_set_nfproto(AF_INET6); break; + default: + fprintf(stderr, + "Look at manual page `xtables-save.8' for more information.\n"); + exit(1); } } |