summaryrefslogtreecommitdiffstats
path: root/iptables
diff options
context:
space:
mode:
Diffstat (limited to 'iptables')
-rw-r--r--iptables/ip6tables-restore.c2
-rw-r--r--iptables/ip6tables-standalone.c2
-rw-r--r--iptables/ip6tables.c10
-rw-r--r--iptables/iptables-restore.c2
-rw-r--r--iptables/iptables-standalone.c2
-rw-r--r--iptables/iptables.c10
6 files changed, 20 insertions, 8 deletions
diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
index 0e8252f4..b8b9e0dd 100644
--- a/iptables/ip6tables-restore.c
+++ b/iptables/ip6tables-restore.c
@@ -438,7 +438,7 @@ int ip6tables_restore_main(int argc, char *argv[])
DEBUGP("argv[%u]: %s\n", a, newargv[a]);
ret = do_command6(newargc, newargv,
- &newargv[2], &handle);
+ &newargv[2], &handle, true);
free_argv();
fflush(stdout);
diff --git a/iptables/ip6tables-standalone.c b/iptables/ip6tables-standalone.c
index 21b58116..656e08d5 100644
--- a/iptables/ip6tables-standalone.c
+++ b/iptables/ip6tables-standalone.c
@@ -58,7 +58,7 @@ ip6tables_main(int argc, char *argv[])
init_extensions6();
#endif
- ret = do_command6(argc, argv, &table, &handle);
+ ret = do_command6(argc, argv, &table, &handle, false);
if (ret) {
ret = ip6tc_commit(handle);
ip6tc_free(handle);
diff --git a/iptables/ip6tables.c b/iptables/ip6tables.c
index eededee1..1fb33f6d 100644
--- a/iptables/ip6tables.c
+++ b/iptables/ip6tables.c
@@ -1286,7 +1286,8 @@ static void command_match(struct iptables_command_state *cs)
m->extra_opts, &m->option_offset);
}
-int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle)
+int do_command6(int argc, char *argv[], char **table,
+ struct xtc_handle **handle, bool restore)
{
struct iptables_command_state cs;
struct ip6t_entry *e = NULL;
@@ -1577,6 +1578,11 @@ int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle
break;
case 'w':
+ if (restore) {
+ xtables_error(PARAMETER_PROBLEM,
+ "You cannot use `-w' from "
+ "ip6tables-restore");
+ }
wait = true;
break;
@@ -1732,7 +1738,7 @@ int do_command6(int argc, char *argv[], char **table, struct xtc_handle **handle
chain, XT_EXTENSION_MAXNAMELEN);
/* Attempt to acquire the xtables lock */
- if (!xtables_lock(wait)) {
+ if (!restore && !xtables_lock(wait)) {
fprintf(stderr, "Another app is currently holding the xtables lock. "
"Perhaps you want to use the -w option?\n");
xtables_free_opts(1);
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index 08225139..8c942ff6 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -438,7 +438,7 @@ iptables_restore_main(int argc, char *argv[])
DEBUGP("argv[%u]: %s\n", a, newargv[a]);
ret = do_command4(newargc, newargv,
- &newargv[2], &handle);
+ &newargv[2], &handle, true);
free_argv();
fflush(stdout);
diff --git a/iptables/iptables-standalone.c b/iptables/iptables-standalone.c
index 683a44a5..4da1d7f8 100644
--- a/iptables/iptables-standalone.c
+++ b/iptables/iptables-standalone.c
@@ -58,7 +58,7 @@ iptables_main(int argc, char *argv[])
init_extensions4();
#endif
- ret = do_command4(argc, argv, &table, &handle);
+ ret = do_command4(argc, argv, &table, &handle, false);
if (ret) {
ret = iptc_commit(handle);
iptc_free(handle);
diff --git a/iptables/iptables.c b/iptables/iptables.c
index f857bebc..fe18e1cc 100644
--- a/iptables/iptables.c
+++ b/iptables/iptables.c
@@ -1282,7 +1282,8 @@ static void command_match(struct iptables_command_state *cs)
xtables_error(OTHER_PROBLEM, "can't alloc memory!");
}
-int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle)
+int do_command4(int argc, char *argv[], char **table,
+ struct xtc_handle **handle, bool restore)
{
struct iptables_command_state cs;
struct ipt_entry *e = NULL;
@@ -1571,6 +1572,11 @@ int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle
break;
case 'w':
+ if (restore) {
+ xtables_error(PARAMETER_PROBLEM,
+ "You cannot use `-w' from "
+ "iptables-restore");
+ }
wait = true;
break;
@@ -1729,7 +1735,7 @@ int do_command4(int argc, char *argv[], char **table, struct xtc_handle **handle
chain, XT_EXTENSION_MAXNAMELEN);
/* Attempt to acquire the xtables lock */
- if (!xtables_lock(wait)) {
+ if (!restore && !xtables_lock(wait)) {
fprintf(stderr, "Another app is currently holding the xtables lock. "
"Perhaps you want to use the -w option?\n");
xtables_free_opts(1);