[PATCH] realm: fix inversion

Simon Lodal simonl at parknet.dk
Wed Sep 22 03:48:40 CEST 2004


Make '--realm ! id' work as advertised.
Make save() output inversion correctly so it can be parsed back in, and 
work with iptables-restore and iptables-save.


Simon Lodal



diff -ruN iptables-1.2.11.orig/extensions/libipt_realm.c 
iptables-1.2.11.realm_inversion/extensions/libipt_realm.c
--- iptables-1.2.11.orig/extensions/libipt_realm.c	Wed Sep 22 03:14:48 2004
+++ iptables-1.2.11.realm_inversion/extensions/libipt_realm.c	Wed Sep 22 
01:37:06 2004
@@ -49,7 +49,8 @@
  	switch (c) {
  		char *end;
  	case '1':
-		check_inverse(optarg, &invert, &optind, 0);
+		if (check_inverse(optarg, &invert, &optind, 0))
+			optarg = argv[optind-1];
  		realminfo->id = strtoul(optarg, &end, 0);
  		if (*end == '/') {
  			realminfo->mask = strtoul(end+1, &end, 0);
@@ -72,7 +73,7 @@
  print_realm(unsigned long id, unsigned long mask, int invert, int numeric)
  {
  	if (invert)
-		fputc('!', stdout);
+		printf("! ");

  	if(mask != 0xffffffff)
  		printf("0x%lx/0x%lx ", id, mask);



More information about the netfilter-devel mailing list