[netfilter-cvslog] r3480 - trunk/iptables

rusty at netfilter.org rusty at netfilter.org
Wed Dec 22 01:37:11 CET 2004


Author: rusty at netfilter.org
Date: 2004-12-22 01:37:10 +0100 (Wed, 22 Dec 2004)
New Revision: 3480

Modified:
   trunk/iptables/ip6tables.c
   trunk/iptables/iptables.c
Log:
Don't need ipt_entry_target()/ip6t_entry_target() now kernel uses static inline instead of extern inline (otherwise it doesn't compile without -O).
Don't re-initialize libiptc/libip6t unless modprobe attempt actually succeeds.  This makes nfsim run about 20 times faster, as it doesn't have to explore failures in the first iptc_init().


Modified: trunk/iptables/ip6tables.c
===================================================================
--- trunk/iptables/ip6tables.c	2004-12-20 17:08:25 UTC (rev 3479)
+++ trunk/iptables/ip6tables.c	2004-12-22 00:37:10 UTC (rev 3480)
@@ -148,14 +148,6 @@
  * magic number of -1 */
 int line = -1;
 
-#ifndef __OPTIMIZE__
-struct ip6t_entry_target *
-ip6t_get_target(struct ip6t_entry *e)
-{
-	return (void *)e + e->target_offset;
-}
-#endif
-
 static struct option *opts = original_opts;
 static unsigned int global_option_offset = 0;
 
@@ -1624,6 +1616,7 @@
 {
 	char *buf = NULL;
 	char *argv[3];
+	int status;
 
 	/* If they don't explicitly set it, read out of kernel */
 	if (!modprobe) {
@@ -1641,16 +1634,18 @@
 		execv(argv[0], argv);
 
 		/* not usually reached */
-		exit(0);
+		exit(1);
 	case -1:
 		return -1;
 
 	default: /* parent */
-		wait(NULL);
+		wait(&status);
 	}
 
 	free(buf);
-	return 0;
+	if (WIFEXITED(status) && WEXITSTATUS(status) == 0)
+		return 0;
+	return -1;
 }
 
 static struct ip6t_entry *
@@ -2193,11 +2188,9 @@
 	if (!*handle)
 		*handle = ip6tc_init(*table);
 
-	if (!*handle) {
-		/* try to insmod the module if iptc_init failed */
-		ip6tables_insmod("ip6_tables", modprobe);
+	/* try to insmod the module if iptc_init failed */
+	if (!*handle && ip6tables_insmod("ip6_tables", modprobe) != -1)
 		*handle = ip6tc_init(*table);
-	}
 
 	if (!*handle)
 		exit_error(VERSION_PROBLEM,

Modified: trunk/iptables/iptables.c
===================================================================
--- trunk/iptables/iptables.c	2004-12-20 17:08:25 UTC (rev 3479)
+++ trunk/iptables/iptables.c	2004-12-22 00:37:10 UTC (rev 3480)
@@ -147,14 +147,6 @@
  * magic number of -1 */
 int line = -1;
 
-#ifndef __OPTIMIZE__
-struct ipt_entry_target *
-ipt_get_target(struct ipt_entry *e)
-{
-	return (void *)e + e->target_offset;
-}
-#endif
-
 static struct option *opts = original_opts;
 static unsigned int global_option_offset = 0;
 
@@ -1622,6 +1614,7 @@
 {
 	char *buf = NULL;
 	char *argv[3];
+	int status;
 
 	/* If they don't explicitly set it, read out of kernel */
 	if (!modprobe) {
@@ -1639,16 +1632,18 @@
 		execv(argv[0], argv);
 
 		/* not usually reached */
-		exit(0);
+		exit(1);
 	case -1:
 		return -1;
 
 	default: /* parent */
-		wait(NULL);
+		wait(&status);
 	}
 
 	free(buf);
-	return 0;
+	if (WIFEXITED(status) && WEXITSTATUS(status) == 0)
+		return 0;
+	return -1;
 }
 
 static struct ipt_entry *
@@ -2193,11 +2188,9 @@
 	if (!*handle)
 		*handle = iptc_init(*table);
 
-	if (!*handle) {
-		/* try to insmod the module if iptc_init failed */
-		iptables_insmod("ip_tables", modprobe);
+	/* try to insmod the module if iptc_init failed */
+	if (!*handle && iptables_insmod("ip_tables", modprobe) != -1)
 		*handle = iptc_init(*table);
-	}
 
 	if (!*handle)
 		exit_error(VERSION_PROBLEM,




More information about the netfilter-cvslog mailing list