[Bug 1135] When used as a script interpreter, nft fails if extra arguments are passed
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Thu Mar 23 10:56:22 CET 2017
https://bugzilla.netfilter.org/show_bug.cgi?id=1135
Florian Westphal <fw at strlen.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |fw at strlen.de
--- Comment #2 from Florian Westphal <fw at strlen.de> ---
(In reply to Pablo Neira Ayuso from comment #1)
> Could you attach an example ruleset to reproduce this?
$ cat /tmp/x.nft
#!/usr/sbin/nft -I /usr/local/etc/nftables -I /etc/nftables -f
$ /usr/sbin/nft -f /tmp/x.nft
(works)
$ /usr/sbin/nft -I /usr/local/etc/nftables -I /etc/nftables -f /tmp/x.nft
(works)
$ /tmp/x.nft
/tmp/x.nft
<cmdline>:1:1-1: Error: syntax error, unexpected /
/tmp/x.nft
(reason appears to be that kernel passes all args as one
since its not subject to split by shell, i.e. its equal to:
$ /usr/sbin/nft '-I /usr/local/etc/nftables -I /etc/nftables -f' /tmp/x.nft
<cmdline>:1:1-1: Error: syntax error, unexpected /
/tmp/x.nft
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170323/630fdee3/attachment.html>
More information about the netfilter-buglog
mailing list