From bbe83862a5e1baf15f7c923352d4afdf59bc70e2 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Sat, 24 Oct 2009 00:45:33 +0200 Subject: iptables/extensions: make bundled options work again When using a bundled option like "-ptcp", 'argv[optind-1]' would logically point to "-ptcp", but this is obviously not right. 'optarg' is needed instead, which if properly offset to "tcp". Not all places change optind-based access to optarg; where look-ahead is needed, such as for tcp's --tcp-flags option for example, optind is ok. References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt --- extensions/libipt_set.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'extensions/libipt_set.c') diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c index d2bb78eb..9f7a97c9 100644 --- a/extensions/libipt_set.c +++ b/extensions/libipt_set.c @@ -74,12 +74,12 @@ static int set_parse(int c, char **argv, int invert, unsigned int *flags, xtables_error(PARAMETER_PROBLEM, "--match-set requires two args."); - if (strlen(argv[optind-1]) > IP_SET_MAXNAMELEN - 1) + if (strlen(optarg) > IP_SET_MAXNAMELEN - 1) xtables_error(PARAMETER_PROBLEM, "setname `%s' too long, max %d characters.", - argv[optind-1], IP_SET_MAXNAMELEN - 1); + optarg, IP_SET_MAXNAMELEN - 1); - get_set_byname(argv[optind - 1], info); + get_set_byname(optarg, info); parse_bindings(argv[optind], info); DEBUGP("parse: set index %u\n", info->index); optind++; -- cgit v1.2.3