Patchwork [1/7] iptables-restore: warn about -t in rule lines

login
register
mail settings
Submitter Jan Engelhardt
Date July 28, 2012, 5:21 p.m.
Message ID <1343496069-5442-2-git-send-email-jengelh@inai.de>
Download mbox | patch
Permalink /patch/173878/
State Accepted
Headers show

Comments

Jan Engelhardt - July 28, 2012, 5:21 p.m.
save-restore syntax uses *table, not -t table.

Signed-off-by: Jan Engelhardt <jengelh@inai.de>
---
 iptables/ip6tables-restore.c |    3 +--
 iptables/iptables-restore.c  |    3 +--
 2 files changed, 2 insertions(+), 4 deletions(-)
Pablo Neira - July 31, 2012, 11:39 a.m.
On Sat, Jul 28, 2012 at 07:21:03PM +0200, Jan Engelhardt wrote:
> save-restore syntax uses *table, not -t table.
> 
> Signed-off-by: Jan Engelhardt <jengelh@inai.de>
> ---
>  iptables/ip6tables-restore.c |    3 +--
>  iptables/iptables-restore.c  |    3 +--
>  2 files changed, 2 insertions(+), 4 deletions(-)
> 
> diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
> index 3894d68..614ff0f 100644
> --- a/iptables/ip6tables-restore.c
> +++ b/iptables/ip6tables-restore.c
> @@ -417,8 +417,7 @@ int ip6tables_restore_main(int argc, char *argv[])
>  					if (!strncmp(param_buffer, "-t", 2)
>                                              || !strncmp(param_buffer, "--table", 8)) {
>  						xtables_error(PARAMETER_PROBLEM,
> -						   "Line %u seems to have a "
> -						   "-t table option.\n", line);
> +						   "The -t option (seen in line %u) cannot be used in ip6tables-restore.\n", line);

Lines should break at 80 chars.

I know we sometimes slightly violate this limit, but I don't want to
have wrapping code in my 80-chars terminals.

No need to resend, I did it myself.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Jan Engelhardt - July 31, 2012, 12:13 p.m.
On Tuesday 2012-07-31 13:39, Pablo Neira Ayuso wrote:
>> @@ -417,8 +417,7 @@ int ip6tables_restore_main(int argc, char *argv[])
>>  					if (!strncmp(param_buffer, "-t", 2)
>>                                              || !strncmp(param_buffer, "--table", 8)) {
>>  						xtables_error(PARAMETER_PROBLEM,
>> -						   "Line %u seems to have a "
>> -						   "-t table option.\n", line);
>> +						   "The -t option (seen in line %u) cannot be used in ip6tables-restore.\n", line);
>
>Lines should break at 80 chars.
>
>I know we sometimes slightly violate this limit, but I don't want to
>have wrapping code in my 80-chars terminals.

I know; however, if there already are 5 levels *and* you have a text
string (people grep for that!), it is in principle nicer to have it
non-wrapped.
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch

diff --git a/iptables/ip6tables-restore.c b/iptables/ip6tables-restore.c
index 3894d68..614ff0f 100644
--- a/iptables/ip6tables-restore.c
+++ b/iptables/ip6tables-restore.c
@@ -417,8 +417,7 @@  int ip6tables_restore_main(int argc, char *argv[])
 					if (!strncmp(param_buffer, "-t", 2)
                                             || !strncmp(param_buffer, "--table", 8)) {
 						xtables_error(PARAMETER_PROBLEM,
-						   "Line %u seems to have a "
-						   "-t table option.\n", line);
+						   "The -t option (seen in line %u) cannot be used in ip6tables-restore.\n", line);
 						exit(1);
 					}
 
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c
index 034f960..294e4b8 100644
--- a/iptables/iptables-restore.c
+++ b/iptables/iptables-restore.c
@@ -417,8 +417,7 @@  iptables_restore_main(int argc, char *argv[])
 					if (!strncmp(param_buffer, "-t", 2)
 					    || !strncmp(param_buffer, "--table", 8)) {
 						xtables_error(PARAMETER_PROBLEM,
-						   "Line %u seems to have a "
-						   "-t table option.\n", line);
+						   "The -t option (seen in line %u) cannot be used in iptables-restore.\n", line);
 						exit(1);
 					}