[netfilter-cvslog] r6791 - in trunk: iptables
libnfnetlink/include/libnfnetlink
pablo at netfilter.org
pablo at netfilter.org
Mon Apr 16 19:15:22 CEST 2007
Author: pablo at netfilter.org
Date: 2007-04-16 19:15:22 +0200 (Mon, 16 Apr 2007)
New Revision: 6791
Modified:
trunk/iptables/Makefile
trunk/iptables/iptables-restore.c
trunk/libnfnetlink/include/libnfnetlink/libnfnetlink.h
Log:
revert some slipped through patches
Modified: trunk/iptables/Makefile
===================================================================
--- trunk/iptables/Makefile 2007-04-16 17:09:39 UTC (rev 6790)
+++ trunk/iptables/Makefile 2007-04-16 17:15:22 UTC (rev 6791)
@@ -17,7 +17,7 @@
IPTABLES_VERSION:=1.3.7
OLD_IPTABLES_VERSION:=1.3.6
-PREFIX:=/usr
+PREFIX:=/usr/local
LIBDIR:=$(PREFIX)/lib
BINDIR:=$(PREFIX)/sbin
MANDIR:=$(PREFIX)/man
Modified: trunk/iptables/iptables-restore.c
===================================================================
--- trunk/iptables/iptables-restore.c 2007-04-16 17:09:39 UTC (rev 6790)
+++ trunk/iptables/iptables-restore.c 2007-04-16 17:15:22 UTC (rev 6791)
@@ -301,9 +301,8 @@
char *parsestart;
/* the parser */
- char *curchar;
+ char *param_start, *curchar;
int quote_open;
- int param_len;
/* reset the newargv */
newargc = 0;
@@ -350,11 +349,9 @@
* longer a real hacker, but I can live with that */
quote_open = 0;
- param_len = 0;
+ param_start = parsestart;
for (curchar = parsestart; *curchar; curchar++) {
- char param_buffer[1024];
-
if (*curchar == '"') {
/* quote_open cannot be true if there
* was no previous character. Thus,
@@ -363,28 +360,31 @@
*(curchar-1) != '\\') {
quote_open = 0;
*curchar = ' ';
- } else if (!quote_open) {
+ } else {
quote_open = 1;
- continue;
+ param_start++;
}
}
if (*curchar == ' '
|| *curchar == '\t'
|| * curchar == '\n') {
+ char param_buffer[1024];
+ int param_len = curchar-param_start;
- if (quote_open) {
- param_buffer[param_len++] =
- *curchar;
+ if (quote_open)
continue;
- }
if (!param_len) {
/* two spaces? */
+ param_start++;
continue;
}
+
+ /* end of one parameter */
+ strncpy(param_buffer, param_start,
+ param_len);
+ *(param_buffer+param_len) = '\0';
- param_buffer[param_len] = '\0';
-
/* check if table name specified */
if (!strncmp(param_buffer, "-t", 3)
|| !strncmp(param_buffer, "--table", 8)) {
@@ -395,26 +395,9 @@
}
add_argv(param_buffer);
- param_len = 0;
+ param_start += param_len + 1;
} else {
- /* Skip backslash that escapes quote:
- * the standard input does not require
- * escaping. However, the output
- * generated by iptables-save
- * introduces bashlash to keep
- * consistent with iptables
- */
- if (quote_open &&
- *curchar == '\\' &&
- *(curchar+1) == '"')
- continue;
-
- /* regular character, copy to buffer */
- param_buffer[param_len++] = *curchar;
-
- if (param_len >= sizeof(param_buffer))
- exit_error(PARAMETER_PROBLEM,
- "Parameter too long!");
+ /* regular character, skip */
}
}
Modified: trunk/libnfnetlink/include/libnfnetlink/libnfnetlink.h
===================================================================
--- trunk/libnfnetlink/include/libnfnetlink/libnfnetlink.h 2007-04-16 17:09:39 UTC (rev 6790)
+++ trunk/libnfnetlink/include/libnfnetlink/libnfnetlink.h 2007-04-16 17:15:22 UTC (rev 6791)
@@ -163,7 +163,7 @@
nfnl_parse_attr((tb), (max), NFA_DATA((nfa)), NFA_PAYLOAD((nfa)))
#define nfnl_nest(nlh, bufsize, type) \
({ struct nfattr *__start = NLMSG_TAIL(nlh); \
- nfnl_addattr_l(nlh, bufsize, type, NULL, 0); \
+ nfnl_addattr_l(nlh, bufsize, (NFNL_NFA_NEST | type), NULL, 0); \
__start; })
#define nfnl_nest_end(nlh, tail) \
({ (tail)->nfa_len = (void *) NLMSG_TAIL(nlh) - (void *) tail; })
More information about the netfilter-cvslog
mailing list