1 files changed, 45 insertions, 41 deletions

diff --git a/iptables/xtables-restore.c b/iptables/xtables-restore.c
index 72832103..23cd3498 100644
--- a/iptables/xtables-restore.c
+++ b/iptables/xtables-restore.c
@@ -115,14 +115,14 @@ static void xtables_restore_parse_line(struct nft_handle *h,
 		DEBUGP("line %u, table '%s'\n", line, table);
 		if (!table)
 			xtables_error(PARAMETER_PROBLEM,
-				"%s: line %u table name invalid\n",
-				xt_params->program_name, line);
+				      "%s: line %u table name invalid",
+				      xt_params->program_name, line);
 
 		state->curtable = nft_table_builtin_find(h, table);
 		if (!state->curtable)
 			xtables_error(PARAMETER_PROBLEM,
-				"%s: line %u table name '%s' invalid\n",
-				xt_params->program_name, line, table);
+				      "%s: line %u table name '%s' invalid",
+				      xt_params->program_name, line, table);
 
 		if (p->tablename && (strcmp(p->tablename, table) != 0))
 			return;
@@ -152,37 +152,33 @@ static void xtables_restore_parse_line(struct nft_handle *h,
 		DEBUGP("line %u, chain '%s'\n", line, chain);
 		if (!chain)
 			xtables_error(PARAMETER_PROBLEM,
-				   "%s: line %u chain name invalid\n",
-				   xt_params->program_name, line);
+				      "%s: line %u chain name invalid",
+				      xt_params->program_name, line);
 
-		if (strlen(chain) >= XT_EXTENSION_MAXNAMELEN)
-			xtables_error(PARAMETER_PROBLEM,
-				   "Invalid chain name `%s' (%u chars max)",
-				   chain, XT_EXTENSION_MAXNAMELEN - 1);
+		xtables_announce_chain(chain);
+		assert_valid_chain_name(chain);
 
 		policy = strtok(NULL, " \t\n");
 		DEBUGP("line %u, policy '%s'\n", line, policy);
 		if (!policy)
 			xtables_error(PARAMETER_PROBLEM,
-				   "%s: line %u policy invalid\n",
-				   xt_params->program_name, line);
+				      "%s: line %u policy invalid",
+				      xt_params->program_name, line);
 
 		if (nft_chain_builtin_find(state->curtable, chain)) {
-			if (counters) {
-				char *ctrs;
-				ctrs = strtok(NULL, " \t\n");
-
-				if (!ctrs || !parse_counters(ctrs, &count))
-					xtables_error(PARAMETER_PROBLEM,
-						   "invalid policy counters for chain '%s'\n",
-						   chain);
+			char *ctrs = strtok(NULL, " \t\n");
 
-			}
+			if ((!ctrs && counters) ||
+			    (ctrs && !parse_counters(ctrs, &count)))
+				xtables_error(PARAMETER_PROBLEM,
+					      "invalid policy counters for chain '%s'",
+					      chain);
 			if (cb->chain_set &&
 			    cb->chain_set(h, state->curtable->name,
-					  chain, policy, &count) < 0) {
+					  chain, policy,
+					  counters ? &count : NULL) < 0) {
 				xtables_error(OTHER_PROBLEM,
-					      "Can't set policy `%s' on `%s' line %u: %s\n",
+					      "Can't set policy `%s' on `%s' line %u: %s",
 					      policy, chain, line,
 					      strerror(errno));
 			}
@@ -191,13 +187,13 @@ static void xtables_restore_parse_line(struct nft_handle *h,
 		} else if (cb->chain_restore(h, chain, state->curtable->name) < 0 &&
 			   errno != EEXIST) {
 			xtables_error(PARAMETER_PROBLEM,
-				      "cannot create chain '%s' (%s)\n",
+				      "cannot create chain '%s' (%s)",
 				      chain, strerror(errno));
 		} else if (h->family == NFPROTO_BRIDGE &&
 			   !ebt_cmd_user_chain_policy(h, state->curtable->name,
 						      chain, policy)) {
 			xtables_error(OTHER_PROBLEM,
-				      "Can't set policy `%s' on `%s' line %u: %s\n",
+				      "Can't set policy `%s' on `%s' line %u: %s",
 				      policy, chain, line,
 				      strerror(errno));
 		}
@@ -206,11 +202,15 @@ static void xtables_restore_parse_line(struct nft_handle *h,
 		char *pcnt = NULL;
 		char *bcnt = NULL;
 		char *parsestart = buffer;
+		int i;
 
 		add_argv(&state->av_store, xt_params->program_name, 0);
 		add_argv(&state->av_store, "-t", 0);
 		add_argv(&state->av_store, state->curtable->name, 0);
 
+		for (i = 0; !h->noflush && i < verbose; i++)
+			add_argv(&state->av_store, "-v", 0);
+
 		tokenize_rule_counters(&parsestart, &pcnt, &bcnt, line);
 		if (counters && pcnt && bcnt) {
 			add_argv(&state->av_store, "--set-counters", 0);
@@ -247,8 +247,11 @@ static void xtables_restore_parse_line(struct nft_handle *h,
 	    (strcmp(p->tablename, state->curtable->name) != 0))
 		return;
 	if (!ret) {
-		fprintf(stderr, "%s: line %u failed\n",
-				xt_params->program_name, line);
+		fprintf(stderr, "%s: line %u failed",
+				xt_params->program_name, h->error.lineno);
+		if (errno)
+			fprintf(stderr,	": %s.", nft_strerror(errno));
+		fprintf(stderr, "\n");
 		exit(1);
 	}
 }
@@ -281,7 +284,6 @@ void xtables_restore_parse(struct nft_handle *h,
 static int
 xtables_restore_main(int family, const char *progname, int argc, char *argv[])
 {
-	const struct builtin_table *tables;
 	struct nft_xt_restore_parse p = {
 		.commit = true,
 		.cb = &restore_cb,
@@ -310,10 +312,10 @@ xtables_restore_main(int family, const char *progname, int argc, char *argv[])
 				counters = 1;
 				break;
 			case 'v':
-				verbose = 1;
+				verbose++;
 				break;
 			case 'V':
-				printf("%s v%s (nf_tables)\n", prog_name, prog_vers);
+				printf("%s v%s\n", prog_name, prog_vers);
 				exit(0);
 			case 't':
 				p.testing = 1;
@@ -357,28 +359,26 @@ xtables_restore_main(int family, const char *progname, int argc, char *argv[])
 		p.in = stdin;
 	}
 
+	init_extensions();
 	switch (family) {
 	case NFPROTO_IPV4:
-	case NFPROTO_IPV6: /* fallthough, same table */
-		tables = xtables_ipv4;
-#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS)
-		init_extensions();
 		init_extensions4();
+		break;
+	case NFPROTO_IPV6:
 		init_extensions6();
-#endif
 		break;
 	case NFPROTO_ARP:
-		tables = xtables_arp;
+		init_extensionsa();
 		break;
 	case NFPROTO_BRIDGE:
-		tables = xtables_bridge;
+		init_extensionsb();
 		break;
 	default:
 		fprintf(stderr, "Unknown family %d\n", family);
 		return 1;
 	}
 
-	if (nft_init(&h, family, tables) < 0) {
+	if (nft_init(&h, family) < 0) {
 		fprintf(stderr, "%s/%s Failed to initialize nft: %s\n",
 				xtables_globals.program_name,
 				xtables_globals.program_version,
@@ -418,6 +418,7 @@ static const struct nft_xt_restore_cb ebt_restore_cb = {
 
 static const struct option ebt_restore_options[] = {
 	{.name = "noflush", .has_arg = 0, .val = 'n'},
+	{.name = "verbose", .has_arg = 0, .val = 'v'},
 	{ 0 }
 };
 
@@ -431,15 +432,18 @@ int xtables_eb_restore_main(int argc, char *argv[])
 	struct nft_handle h;
 	int c;
 
-	while ((c = getopt_long(argc, argv, "n",
+	while ((c = getopt_long(argc, argv, "nv",
 				ebt_restore_options, NULL)) != -1) {
 		switch(c) {
 		case 'n':
 			noflush = 1;
 			break;
+		case 'v':
+			verbose++;
+			break;
 		default:
 			fprintf(stderr,
-				"Usage: ebtables-restore [ --noflush ]\n");
+				"Usage: ebtables-restore [ --verbose ] [ --noflush ]\n");
 			exit(1);
 			break;
 		}
@@ -456,7 +460,7 @@ int xtables_eb_restore_main(int argc, char *argv[])
 static const struct nft_xt_restore_cb arp_restore_cb = {
 	.commit		= nft_commit,
 	.table_flush	= nft_cmd_table_flush,
-	.do_command	= do_commandarp,
+	.do_command	= do_commandx,
 	.chain_set	= nft_cmd_chain_set,
 	.chain_restore  = nft_cmd_chain_restore,
 };