diff options
Diffstat (limited to 'iptables/xtables-save.c')
| -rw-r--r-- | iptables/xtables-save.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/iptables/xtables-save.c b/iptables/xtables-save.c index cfce0472..5a82cac5 100644 --- a/iptables/xtables-save.c +++ b/iptables/xtables-save.c @@ -78,6 +78,9 @@ __do_output(struct nft_handle *h, const char *tablename, void *data) printf("# Table `%s' is incompatible, use 'nft' tool.\n", tablename); return 0; + } else if (nft_is_table_tainted(h, tablename)) { + printf("# Table `%s' contains incompatible base-chains, use 'nft' tool to list them.\n", + tablename); } now = time(NULL); @@ -128,7 +131,6 @@ static int xtables_save_main(int family, int argc, char *argv[], const char *optstring, const struct option *longopts) { - const struct builtin_table *tables; const char *tablename = NULL; struct do_output_data d = { .format = FMT_NOCOUNTS, @@ -182,7 +184,7 @@ xtables_save_main(int family, int argc, char *argv[], dump = true; break; case 'V': - printf("%s v%s (nf_tables)\n", prog_name, prog_vers); + printf("%s v%s\n", prog_name, prog_vers); exit(0); default: fprintf(stderr, @@ -197,18 +199,18 @@ xtables_save_main(int family, int argc, char *argv[], exit(1); } + init_extensions(); switch (family) { case NFPROTO_IPV4: - case NFPROTO_IPV6: /* fallthough, same table */ -#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) - init_extensions(); init_extensions4(); -#endif - tables = xtables_ipv4; + d.commit = true; + break; + case NFPROTO_IPV6: + init_extensions6(); d.commit = true; break; case NFPROTO_ARP: - tables = xtables_arp; + init_extensionsa(); break; case NFPROTO_BRIDGE: { const char *ctr = getenv("EBTABLES_SAVE_COUNTER"); @@ -219,7 +221,7 @@ xtables_save_main(int family, int argc, char *argv[], d.format &= ~FMT_NOCOUNTS; d.format |= FMT_C_COUNTS | FMT_EBT_SAVE; } - tables = xtables_bridge; + init_extensionsb(); break; } default: @@ -227,7 +229,7 @@ xtables_save_main(int family, int argc, char *argv[], return 1; } - if (nft_init(&h, family, tables) < 0) { + if (nft_init(&h, family) < 0) { fprintf(stderr, "%s/%s Failed to initialize nft: %s\n", xtables_globals.program_name, xtables_globals.program_version, |