All of lore.kernel.org
 help / color / mirror / Atom feed
* [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function
@ 2015-03-11 17:54 Arturo Borrero Gonzalez
  2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
  2015-03-13 11:15 ` [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Pablo Neira Ayuso
  0 siblings, 2 replies; 4+ messages in thread
From: Arturo Borrero Gonzalez @ 2015-03-11 17:54 UTC (permalink / raw)
  To: netfilter-devel; +Cc: pablo

Previous to this patch, error reporting in ebtables-compat was like:

% ebtables-compat xxx
(null) v1.4.21: Bad argument : 'xxx'
Try `(null) -h' or '(null) --help' for more information.

While the original ebtables was:

% ebtables xxx
Bad argument : 'xxx'.

With this patch, we switch to:

% ebtables-compat xxx
Bad argument : 'xxx'.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
 iptables/xtables-eb.c |   15 +++++++++++++--
 1 file changed, 13 insertions(+), 2 deletions(-)

diff --git a/iptables/xtables-eb.c b/iptables/xtables-eb.c
index efbb3cd..355d027 100644
--- a/iptables/xtables-eb.c
+++ b/iptables/xtables-eb.c
@@ -27,6 +27,7 @@
 #include <string.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdarg.h>
 #include <inttypes.h>
 #include <signal.h>
 #include <net/if.h>
@@ -291,13 +292,23 @@ static struct option ebt_original_options[] =
 	{ 0 }
 };
 
-void xtables_exit_error(enum xtables_exittype status, const char *msg, ...) __attribute__((noreturn, format(printf,2,3)));
+static void
+ebt_print_error(enum xtables_exittype status, const char *format, ...)
+{
+	va_list l;
+
+	va_start(l, format);
+	vfprintf(stderr, format, l);
+	fprintf(stderr, ".\n");
+	va_end(l);
+	exit(-1);
+} __attribute__((noreturn, format(printf,2,3)));
 
 struct xtables_globals ebtables_globals = {
 	.option_offset 		= 0,
 	.program_version	= IPTABLES_VERSION,
 	.orig_opts		= ebt_original_options,
-	.exit_err		= xtables_exit_error,
+	.exit_err		= ebt_print_error,
 	.compat_rev		= nft_compatible_revision,
 };
 


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target
  2015-03-11 17:54 [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Arturo Borrero Gonzalez
@ 2015-03-11 17:55 ` Arturo Borrero Gonzalez
  2015-03-13 11:16   ` Pablo Neira Ayuso
  2015-03-13 11:15 ` [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Pablo Neira Ayuso
  1 sibling, 1 reply; 4+ messages in thread
From: Arturo Borrero Gonzalez @ 2015-03-11 17:55 UTC (permalink / raw)
  To: netfilter-devel; +Cc: pablo

Before this patch, rule deleting with -D produces segfault in rules
with no target.

Signed-off-by: Arturo Borrero Gonzalez <arturo.borrero.glez@gmail.com>
---
 iptables/nft-bridge.c |    2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/iptables/nft-bridge.c b/iptables/nft-bridge.c
index e3ab667..084dd58 100644
--- a/iptables/nft-bridge.c
+++ b/iptables/nft-bridge.c
@@ -619,7 +619,7 @@ static bool nft_bridge_rule_find(struct nft_family_ops *ops, struct nft_rule *r,
 		return false;
 	}
 
-	if (strcmp(cs->jumpto, this.jumpto) != 0) {
+	if (cs->jumpto != NULL && strcmp(cs->jumpto, this.jumpto) != 0) {
 		DEBUGP("Different verdict\n");
 		return false;
 	}


^ permalink raw reply related	[flat|nested] 4+ messages in thread
* Re: [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function
  2015-03-11 17:54 [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Arturo Borrero Gonzalez
  2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
@ 2015-03-13 11:15 ` Pablo Neira Ayuso
  1 sibling, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2015-03-13 11:15 UTC (permalink / raw)
  To: Arturo Borrero Gonzalez; +Cc: netfilter-devel

On Wed, Mar 11, 2015 at 06:54:57PM +0100, Arturo Borrero Gonzalez wrote:
> Previous to this patch, error reporting in ebtables-compat was like:
> 
> % ebtables-compat xxx
> (null) v1.4.21: Bad argument : 'xxx'
> Try `(null) -h' or '(null) --help' for more information.
> 
> While the original ebtables was:
> 
> % ebtables xxx
> Bad argument : 'xxx'.
> 
> With this patch, we switch to:
> 
> % ebtables-compat xxx
> Bad argument : 'xxx'.

Also applied, thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target
  2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
@ 2015-03-13 11:16   ` Pablo Neira Ayuso
  0 siblings, 0 replies; 4+ messages in thread
From: Pablo Neira Ayuso @ 2015-03-13 11:16 UTC (permalink / raw)
  To: Arturo Borrero Gonzalez; +Cc: netfilter-devel

On Wed, Mar 11, 2015 at 06:55:03PM +0100, Arturo Borrero Gonzalez wrote:
> Before this patch, rule deleting with -D produces segfault in rules
> with no target.

Applied, thanks.

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2015-03-13 11:12 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-03-11 17:54 [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Arturo Borrero Gonzalez
2015-03-11 17:55 ` [iptables PATCH 2/2] ebtables-compat: fix rule deleting with -D in rules with no target Arturo Borrero Gonzalez
2015-03-13 11:16   ` Pablo Neira Ayuso
2015-03-13 11:15 ` [iptables PATCH 1/2] ebtables-compat: add a bridge-specific exit_error function Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.