summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libxt_set.h7
1 files changed, 7 insertions, 0 deletions
diff --git a/extensions/libxt_set.h b/extensions/libxt_set.h
index 4ac84fa9..47c3f5b6 100644
--- a/extensions/libxt_set.h
+++ b/extensions/libxt_set.h
@@ -2,6 +2,7 @@
#define _LIBXT_SET_H
#include <unistd.h>
+#include <fcntl.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <errno.h>
@@ -23,6 +24,12 @@ get_version(unsigned *version)
xtables_error(OTHER_PROBLEM,
"Can't open socket to ipset.\n");
+ if (fcntl(sockfd, F_SETFD, FD_CLOEXEC) == -1) {
+ xtables_error(OTHER_PROBLEM,
+ "Could not set close on exec: %s\n",
+ strerror(errno));
+ }
+
req_version.op = IP_SET_OP_VERSION;
res = getsockopt(sockfd, SOL_IP, SO_IP_SET, &req_version, &size);
if (res != 0)