From 9283066f1216276116b3f4f85abf18bd673a7b11 Mon Sep 17 00:00:00 2001
From: Pablo Neira Ayuso <pablo@netfilter.org>
Date: Tue, 25 Jun 2013 11:56:55 +0200
Subject: xtables: do not proceed if nft_init fails

Fix a crash if nft_init fails, it happens if nfnetlink support
is not available in your Linux kernel.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 iptables/xtables-standalone.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'iptables/xtables-standalone.c')

diff --git a/iptables/xtables-standalone.c b/iptables/xtables-standalone.c
index 4299506a..3f8b981f 100644
--- a/iptables/xtables-standalone.c
+++ b/iptables/xtables-standalone.c
@@ -61,7 +61,13 @@ xtables_main(int argc, char *argv[])
 	init_extensions4();
 #endif
 
-	nft_init(&h);
+	if (nft_init(&h) < 0) {
+		fprintf(stderr, "%s/%s Failed to initialize nft: %s\n",
+				xtables_globals.program_name,
+				xtables_globals.program_version,
+				strerror(errno));
+		exit(EXIT_FAILURE);
+	}
 
 	ret = do_commandx(&h, argc, argv, &table);
 	if (!ret) {
-- 
cgit v1.2.3