summaryrefslogtreecommitdiffstats
path: root/iptables/ip6tables.c
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/ip6tables.c')
-rw-r--r--iptables/ip6tables.c76
1 files changed, 35 insertions, 41 deletions
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index c95355b0..60db11b7 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -1083,6 +1083,7 @@ int do_command6(int argc, char *argv[], char **table,
struct xtables_target *t;
unsigned long long cnt;
bool table_set = false;
+ bool invert = false;
/* re-set optind to 0 in case do_command6 gets called
* a second time */
@@ -1111,20 +1112,17 @@ int do_command6(int argc, char *argv[], char **table,
* Command selection
*/
case 'A':
- add_command(&command, CMD_APPEND, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_APPEND, CMD_NONE, invert);
chain = optarg;
break;
case 'C':
- add_command(&command, CMD_CHECK, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_CHECK, CMD_NONE, invert);
chain = optarg;
break;
case 'D':
- add_command(&command, CMD_DELETE, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_DELETE, CMD_NONE, invert);
chain = optarg;
if (xs_has_arg(argc, argv)) {
rulenum = parse_rulenumber(argv[optind++]);
@@ -1133,8 +1131,7 @@ int do_command6(int argc, char *argv[], char **table,
break;
case 'R':
- add_command(&command, CMD_REPLACE, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_REPLACE, CMD_NONE, invert);
chain = optarg;
if (xs_has_arg(argc, argv))
rulenum = parse_rulenumber(argv[optind++]);
@@ -1145,8 +1142,7 @@ int do_command6(int argc, char *argv[], char **table,
break;
case 'I':
- add_command(&command, CMD_INSERT, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_INSERT, CMD_NONE, invert);
chain = optarg;
if (xs_has_arg(argc, argv))
rulenum = parse_rulenumber(argv[optind++]);
@@ -1155,7 +1151,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'L':
add_command(&command, CMD_LIST,
- CMD_ZERO | CMD_ZERO_NUM, cs.invert);
+ CMD_ZERO | CMD_ZERO_NUM, invert);
if (optarg) chain = optarg;
else if (xs_has_arg(argc, argv))
chain = argv[optind++];
@@ -1165,7 +1161,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'S':
add_command(&command, CMD_LIST_RULES,
- CMD_ZERO | CMD_ZERO_NUM, cs.invert);
+ CMD_ZERO | CMD_ZERO_NUM, invert);
if (optarg) chain = optarg;
else if (xs_has_arg(argc, argv))
chain = argv[optind++];
@@ -1174,8 +1170,7 @@ int do_command6(int argc, char *argv[], char **table,
break;
case 'F':
- add_command(&command, CMD_FLUSH, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_FLUSH, CMD_NONE, invert);
if (optarg) chain = optarg;
else if (xs_has_arg(argc, argv))
chain = argv[optind++];
@@ -1183,7 +1178,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'Z':
add_command(&command, CMD_ZERO, CMD_LIST|CMD_LIST_RULES,
- cs.invert);
+ invert);
if (optarg) chain = optarg;
else if (xs_has_arg(argc, argv))
chain = argv[optind++];
@@ -1195,14 +1190,13 @@ int do_command6(int argc, char *argv[], char **table,
case 'N':
parse_chain(optarg);
- add_command(&command, CMD_NEW_CHAIN, CMD_NONE,
- cs.invert);
+ add_command(&command, CMD_NEW_CHAIN, CMD_NONE, invert);
chain = optarg;
break;
case 'X':
add_command(&command, CMD_DELETE_CHAIN, CMD_NONE,
- cs.invert);
+ invert);
if (optarg) chain = optarg;
else if (xs_has_arg(argc, argv))
chain = argv[optind++];
@@ -1210,7 +1204,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'E':
add_command(&command, CMD_RENAME_CHAIN, CMD_NONE,
- cs.invert);
+ invert);
chain = optarg;
if (xs_has_arg(argc, argv))
newname = argv[optind++];
@@ -1223,7 +1217,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'P':
add_command(&command, CMD_SET_POLICY, CMD_NONE,
- cs.invert);
+ invert);
chain = optarg;
if (xs_has_arg(argc, argv))
policy = argv[optind++];
@@ -1249,7 +1243,7 @@ int do_command6(int argc, char *argv[], char **table,
*/
case 'p':
set_option(&cs.options, OPT_PROTOCOL, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
/* Canonicalize into lower case */
for (cs.protocol = optarg; *cs.protocol; cs.protocol++)
@@ -1274,20 +1268,20 @@ int do_command6(int argc, char *argv[], char **table,
case 's':
set_option(&cs.options, OPT_SOURCE, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
shostnetworkmask = optarg;
break;
case 'd':
set_option(&cs.options, OPT_DESTINATION, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
dhostnetworkmask = optarg;
break;
#ifdef IP6T_F_GOTO
case 'g':
set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
cs.fw6.ipv6.flags |= IP6T_F_GOTO;
cs.jumpto = xt_parse_target(optarg);
break;
@@ -1295,7 +1289,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'j':
set_option(&cs.options, OPT_JUMP, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
command_jump(&cs, optarg);
break;
@@ -1306,7 +1300,7 @@ int do_command6(int argc, char *argv[], char **table,
"Empty interface is likely to be "
"undesired");
set_option(&cs.options, OPT_VIANAMEIN, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
xtables_parse_interface(optarg,
cs.fw6.ipv6.iniface,
cs.fw6.ipv6.iniface_mask);
@@ -1318,7 +1312,7 @@ int do_command6(int argc, char *argv[], char **table,
"Empty interface is likely to be "
"undesired");
set_option(&cs.options, OPT_VIANAMEOUT, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
xtables_parse_interface(optarg,
cs.fw6.ipv6.outiface,
cs.fw6.ipv6.outiface_mask);
@@ -1327,7 +1321,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'v':
if (!verbose)
set_option(&cs.options, OPT_VERBOSE,
- &cs.fw6.ipv6.invflags, cs.invert);
+ &cs.fw6.ipv6.invflags, invert);
verbose++;
break;
@@ -1351,16 +1345,16 @@ int do_command6(int argc, char *argv[], char **table,
break;
case 'm':
- command_match(&cs);
+ command_match(&cs, invert);
break;
case 'n':
set_option(&cs.options, OPT_NUMERIC, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
break;
case 't':
- if (cs.invert)
+ if (invert)
xtables_error(PARAMETER_PROBLEM,
"unexpected ! flag before --table");
if (restore && table_set)
@@ -1373,11 +1367,11 @@ int do_command6(int argc, char *argv[], char **table,
case 'x':
set_option(&cs.options, OPT_EXPANDED, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
break;
case 'V':
- if (cs.invert)
+ if (invert)
printf("Not %s ;-)\n", prog_vers);
else
printf("%s v%s (legacy)\n",
@@ -1386,7 +1380,7 @@ int do_command6(int argc, char *argv[], char **table,
case '0':
set_option(&cs.options, OPT_LINENUMBERS, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
break;
case 'M':
@@ -1396,7 +1390,7 @@ int do_command6(int argc, char *argv[], char **table,
case 'c':
set_option(&cs.options, OPT_COUNTERS, &cs.fw6.ipv6.invflags,
- cs.invert);
+ invert);
pcnt = optarg;
bcnt = strchr(pcnt + 1, ',');
if (bcnt)
@@ -1434,11 +1428,11 @@ int do_command6(int argc, char *argv[], char **table,
case 1: /* non option */
if (optarg[0] == '!' && optarg[1] == '\0') {
- if (cs.invert)
+ if (invert)
xtables_error(PARAMETER_PROBLEM,
"multiple consecutive ! not"
" allowed");
- cs.invert = true;
+ invert = true;
optarg[0] = '\0';
continue;
}
@@ -1446,16 +1440,16 @@ int do_command6(int argc, char *argv[], char **table,
exit_tryhelp(2);
default:
- if (command_default(&cs, &ip6tables_globals) == 1)
+ if (command_default(&cs, &ip6tables_globals, invert))
/*
* If new options were loaded, we must retry
* getopt immediately and not allow
- * cs.invert=false to be executed.
+ * invert=false to be executed.
*/
continue;
break;
}
- cs.invert = false;
+ invert = false;
}
if (!wait && wait_interval_set)
@@ -1481,7 +1475,7 @@ int do_command6(int argc, char *argv[], char **table,
"unknown arguments found on commandline");
if (!command)
xtables_error(PARAMETER_PROBLEM, "no command specified");
- if (cs.invert)
+ if (invert)
xtables_error(PARAMETER_PROBLEM,
"nothing appropriate following !");