-diff -urN iptables-1.4.1.1.orig/ip6tables-multi.c iptables-1.4.1.1/ip6tables-multi.c
---- iptables-1.4.1.1.orig/ip6tables-multi.c 2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/ip6tables-multi.c 2008-08-24 10:39:07.000000000 +0200
-@@ -24,6 +24,9 @@
-
- if (!strcmp(progname, "ip6tables-restore"))
- return ip6tables_restore_main(argc, argv);
-+
-+ if (!strcmp(progname, "ip6tables-batch"))
-+ return ip6tables_batch_main(argc, argv);
-
- fprintf(stderr, "ip6tables multi-purpose version: unknown applet name %s\n", progname);
- exit(1);
-diff -urN iptables-1.4.1.1.orig/ip6tables-multi.h iptables-1.4.1.1/ip6tables-multi.h
---- iptables-1.4.1.1.orig/ip6tables-multi.h 2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/ip6tables-multi.h 2008-08-24 10:39:07.000000000 +0200
-@@ -4,5 +4,6 @@
- extern int ip6tables_main(int, char **);
- extern int ip6tables_save_main(int, char **);
- extern int ip6tables_restore_main(int, char **);
-+extern int ip6tables_batch_main(int, char **);
+---
+ Makefile.am | 12 +
+ iptables-batch.c | 468 +++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ 2 files changed, 478 insertions(+), 2 deletions(-)
+
+Index: iptables-1.4.7/Makefile.am
+===================================================================
+--- iptables-1.4.7.orig/Makefile.am
++++ iptables-1.4.7/Makefile.am
+@@ -54,6 +54,14 @@ endif
+ ip6tables_multi_LDFLAGS = -rdynamic
+ ip6tables_multi_LDADD = libiptc/libip6tc.la extensions/libext6.a libxtables.la -lm
- #endif /* _IP6TABLES_MULTI_H */
-diff -urN iptables-1.4.1.1.orig/iptables-batch.c iptables-1.4.1.1/iptables-batch.c
---- iptables-1.4.1.1.orig/iptables-batch.c 1970-01-01 01:00:00.000000000 +0100
-+++ iptables-1.4.1.1/iptables-batch.c 2008-08-24 10:42:00.000000000 +0200
-@@ -0,0 +1,475 @@
++iptables_batch_SOURCES = iptables-batch.c iptables.c xshared.c
++iptables_batch_LDFLAGS = ${iptables_multi_LDFLAGS}
++iptables_batch_LDADD = ${iptables_multi_LDADD}
++ip6tables_batch_SOURCES = iptables-batch.c ip6tables.c xshared.c
++ip6tables_batch_CFLAGS = ${AM_CFLAGS} -DIP6T
++ip6tables_batch_LDFLAGS = ${ip6tables_multi_LDFLAGS}
++ip6tables_batch_LDADD = ${ip6tables_multi_LDADD}
++
+ sbin_PROGRAMS =
+ man_MANS = iptables.8 iptables-restore.8 iptables-save.8 \
+ iptables-xml.8 ip6tables.8 ip6tables-restore.8 \
+@@ -61,12 +69,12 @@ man_MANS = iptables.8 iptables-r
+ CLEANFILES = iptables.8 ip6tables.8
+
+ if ENABLE_IPV4
+-sbin_PROGRAMS += iptables-multi
++sbin_PROGRAMS += iptables-multi iptables-batch
+ v4_bin_links = iptables-xml
+ v4_sbin_links = iptables iptables-restore iptables-save
+ endif
+ if ENABLE_IPV6
+-sbin_PROGRAMS += ip6tables-multi
++sbin_PROGRAMS += ip6tables-multi ip6tables-batch
+ v6_sbin_links = ip6tables ip6tables-restore ip6tables-save
+ endif
+
+Index: iptables-1.4.7/iptables-batch.c
+===================================================================
+--- /dev/null
++++ iptables-1.4.7/iptables-batch.c
+@@ -0,0 +1,468 @@
+/*
+ * Author: Ludwig Nussel <ludwig.nussel@suse.de>
++ * Update for iptables 1.4.3.x: Petr Uzel <petr.uzel@suse.cz>
+ *
+ * Based on the ipchains code by Paul Russell and Michael Neuling
+ *
+#include <errno.h>
+#include <string.h>
+
-+#ifdef BATCH_IPV6
++#ifdef IP6T
+#include <ip6tables.h>
-+#include "ip6tables-multi.h"
+#else
+#include <iptables.h>
-+#include "iptables-multi.h"
++#endif
++#include <xtables.h>
++
++#ifdef IP6T
++#define prog_name ip6tables_globals.program_name
++#define prog_ver ip6tables_globals.program_version
++#else
++#define prog_name iptables_globals.program_name
++#define prog_ver iptables_globals.program_version
+#endif
+
+static char* errstr = NULL;
+
+// destructive
+static int
-+tokenize(int* argc, char* argv[], size_t nargvsize, char* line)
++tokenize(int* argc, char* argv[], size_t nargvsize, char* iline)
+{
-+ char* ptr = skipspace(line);
++ char* ptr = skipspace(iline);
+ int ret = 0;
+ char* word;
+
+struct table_handle
+{
+ char* name;
-+#ifdef BATCH_IPV6
++#ifdef IP6T
+ struct ip6tc_handle *handle;
+#else
+ struct iptc_handle *handle;
+struct table_handle* current_table;
+
+static void
-+alloc_tables()
++alloc_tables(void)
+{
+ tables = realloc(tables, sizeof(struct table_handle) * num_tables);
+}
+ if(!find_table(argc, argv))
+ return 0;
+
-+#ifdef BATCH_IPV6
++#ifdef IP6T
+ ret = do_command6(argc, argv, &table, ¤t_table->handle);
+
+ if (!ret)
+}
+
+static int
-+do_commit()
++do_commit(void)
+{
+ unsigned i;
+ int ret = 1;
+ {
+ if(tables[i].handle)
+ {
-+#ifdef BATCH_IPV6
-+ if(!ip6tc_commit(tables[i].handle))
-+ {
++#ifdef IP6T
++ ret = ip6tc_commit(tables[i].handle);
++ if (!ret)
+ fprintf(stderr, "commit failed on table %s: %s\n", tables[i].name, ip6tc_strerror(errno));
-+ ret = 0;
-+ }
++ ip6tc_free(tables[i].handle);
++ tables[i].handle = NULL;
+#else
-+ if(!iptc_commit(tables[i].handle))
-+ {
++ ret = iptc_commit(tables[i].handle);
++ if (!ret)
+ fprintf(stderr, "commit failed on table %s: %s\n", tables[i].name, iptc_strerror(errno));
-+ ret = 0;
-+ }
++ iptc_free(tables[i].handle);
++ tables[i].handle = NULL;
+#endif
+ }
+ }
+}
+
+static void
-+help()
++help(void)
+{
-+#ifdef BATCH_IPV6
-+ fprintf(stderr, "Usage: %s [FILE]\n\n", ip6tables_globals.program_name);
-+#else
-+ fprintf(stderr, "Usage: %s [FILE]\n\n", iptables_globals.program_name);
-+#endif
++ fprintf(stderr, "Usage: %s [FILE]\n\n", prog_name);
+ puts("Read iptables commands from FILE, commit them at EOF\n");
+ puts("In addition to normal iptables calls the commands");
+ puts("'commit' and 'exit' are understood.");
+ exit(0);
+}
+
-+#if defined(IPTABLES_MULTI) && defined(BATCH_IPV4)
-+int
-+iptables_batch_main(int argc, char *argv[])
-+#elif defined(IPTABLES_MULTI) && defined(BATCH_IPV6)
-+int
-+ip6tables_batch_main(int argc, char *argv[])
-+#else
+int
+main(int argc, char *argv[])
-+#endif
+{
+ int ret = 1;
++ int c;
+ int numtok;
+ size_t llen = 0;
-+ char* line = NULL;
++ char* iline = NULL;
+ ssize_t r = -1;
+ int nargc = 0;
+ char* nargv[256];
+ FILE* fp = stdin;
+
-+#ifdef BATCH_IPV6
-+ ip6tables_globals.program_name = "ip6tables-batch";
-+ ret = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6);
-+ if (ret < 0) {
-+ fprintf(stderr, "%s/%s Failed to initialize xtables\n",
-+ ip6tables_globals.program_name,
-+ ip6tables_globals.program_version);
-+ exit(1);
-+ }
++#ifdef IP6T
++ prog_name = "ip6tables-batch";
+#else
-+ iptables_globals.program_name = "iptables-batch";
-+ ret = xtables_init_all(&iptables_globals, NFPROTO_IPV4);
-+ if (ret < 0) {
++ prog_name = "iptables-batch";
++#endif
++
++#ifdef IP6T
++ c = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6);
++#else
++ c = xtables_init_all(&iptables_globals, NFPROTO_IPV4);
++#endif
++
++ if(c < 0) {
+ fprintf(stderr, "%s/%s Failed to initialize xtables\n",
-+ iptables_globals.program_name,
-+ iptables_globals.program_version);
++ prog_name,
++ prog_ver);
+ exit(1);
+ }
+
-+#endif
-+ //program_version = XTABLES_VERSION;
-+
+#ifdef NO_SHARED_LIBS
+ init_extensions();
+#endif
+ if(argc > 1)
+ {
-+ if(strcmp(argv[1], "--help") || strcmp(argv[1], "-h"))
++ if(!strcmp(argv[1], "--help") || !strcmp(argv[1], "-h"))
+ {
+ help();
+ }
+ tables[3].handle = NULL;
+ current_table = &tables[0];
+
-+ while((r = getline(&line, &llen, fp)) != -1)
++ while((r = getline(&iline, &llen, fp)) != -1)
+ {
-+ if(llen < 1 || !*line)
++ if(llen < 1 || !*iline)
+ continue;
-+ if(line[strlen(line)-1] == '\n')
-+ line[strlen(line) -1 ] = '\0';
++ if(iline[strlen(iline)-1] == '\n')
++ iline[strlen(iline) -1 ] = '\0';
+
+ ++current_line;
+ nargc = 0;
+ errstr = NULL;
-+ numtok = tokenize(&nargc, nargv, (sizeof(nargv)/sizeof(nargv[0])), line);
++ numtok = tokenize(&nargc, nargv, (sizeof(nargv)/sizeof(nargv[0])), iline);
+ if(numtok == -1)
+ {
+ }
+ dumpargv(nargc, nargv);
+#endif
+
-+#ifdef BATCH_IPV6
++#ifdef IP6T
+ if(!strcmp(nargv[0], "ip6tables"))
+#else
+ if(!strcmp(nargv[0], "iptables"))
+ }
+ else if(!strcmp(nargv[0], "commit"))
+ {
-+ ret = do_commit();
-+ if(!ret) break;
++ /* do nothing - see bnc#500990, comment #16 */
+ }
+ else
+ {
+
+ exit(!ret);
+}
-diff -urN iptables-1.4.1.1.orig/iptables-multi.c iptables-1.4.1.1/iptables-multi.c
---- iptables-1.4.1.1.orig/iptables-multi.c 2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/iptables-multi.c 2008-08-24 10:39:07.000000000 +0200
-@@ -28,6 +28,9 @@
-
- if (!strcmp(progname, "iptables-xml"))
- return iptables_xml_main(argc, argv);
-+
-+ if (!strcmp(progname, "iptables-batch"))
-+ return iptables_batch_main(argc, argv);
-
- fprintf(stderr, "iptables multi-purpose version: unknown applet name %s\n", progname);
- exit(1);
-diff -urN iptables-1.4.1.1.orig/iptables-multi.h iptables-1.4.1.1/iptables-multi.h
---- iptables-1.4.1.1.orig/iptables-multi.h 2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.1.1/iptables-multi.h 2008-08-24 10:39:07.000000000 +0200
-@@ -5,5 +5,6 @@
- extern int iptables_save_main(int, char **);
- extern int iptables_restore_main(int, char **);
- extern int iptables_xml_main(int, char **);
-+extern int iptables_batch_main(int, char **);
-
- #endif /* _IPTABLES_MULTI_H */
-diff -urN iptables-1.4.1.1.orig/Makefile.am iptables-1.4.1.1/Makefile.am
---- iptables-1.4.3.orig/Makefile.am 2008-06-16 15:12:40.000000000 +0200
-+++ iptables-1.4.3/Makefile.am 2008-08-24 10:43:30.000000000 +0200
-@@ -31,8 +31,8 @@
- iptables_xml_LDADD = libxtables.la
- iptables_multi_SOURCES = iptables-multi.c iptables-save.c \
- iptables-restore.c iptables-xml.c \
-- iptables-standalone.c iptables.c
--iptables_multi_CFLAGS = ${AM_CFLAGS} -DIPTABLES_MULTI
-+ iptables-standalone.c iptables.c iptables-batch.c
-+iptables_multi_CFLAGS = ${AM_CFLAGS} -DIPTABLES_MULTI -DBATCH_IPV4
- iptables_multi_LDFLAGS = ${iptables_LDFLAGS}
- iptables_multi_LDADD = ${iptables_LDADD}
-
-@@ -44,9 +44,14 @@
- iptables_save_LDFLAGS = ${iptables_LDFLAGS}
- iptables_save_LDADD = ${iptables_LDADD}
-
-+iptables_batch_SOURCES = iptables-batch.c iptables.c xtables.c
-+iptables_batch_CFLAGS = ${AM_CFLAGS} -DBATCH_IPV4
-+iptables_batch_LDFLAGS = ${iptables_LDFLAGS}
-+iptables_batch_LDADD = ${iptables_LDADD}
-+
- # iptables-multi, semi-static
- iptables_static_SOURCES = ${iptables_multi_SOURCES} xtables.c
--iptables_static_CFLAGS = ${iptables_multi_CFLAGS} -DNO_SHARED_LIBS=1
-+iptables_static_CFLAGS = ${iptables_multi_CFLAGS} -DNO_SHARED_LIBS=1 -DBATCH_IPV4
- iptables_static_LDADD = libiptc/libiptc.la extensions/libext4.a -lm
-
- iptables_xml_SOURCES = iptables-xml.c
-@@ -58,8 +63,8 @@
-
- ip6tables_multi_SOURCES = ip6tables-multi.c ip6tables-save.c \
- ip6tables-restore.c ip6tables-standalone.c \
-- ip6tables.c
--ip6tables_multi_CFLAGS = ${AM_CFLAGS} -DIPTABLES_MULTI
-+ ip6tables.c iptables-batch.c
-+ip6tables_multi_CFLAGS = ${AM_CFLAGS} -DIPTABLES_MULTI -DBATCH_IPV6
- ip6tables_multi_LDFLAGS = ${ip6tables_LDFLAGS}
- ip6tables_multi_LDADD = ${ip6tables_LDADD}
-
-@@ -71,9 +76,14 @@
- ip6tables_save_LDFLAGS = ${ip6tables_LDFLAGS}
- ip6tables_save_LDADD = ${ip6tables_LDADD}
-
-+ip6tables_batch_SOURCES = iptables-batch.c ip6tables.c xtables.c
-+ip6tables_batch_CFLAGS = ${AM_CFLAGS} -DBATCH_IPV6
-+ip6tables_batch_LDFLAGS = ${ip6tables_LDFLAGS}
-+ip6tables_batch_LDADD = ${ip6tables_LDADD}
-+
- # iptables-multi, semi-static
- ip6tables_static_SOURCES = ${ip6tables_multi_SOURCES} xtables.c
--ip6tables_static_CFLAGS = ${ip6tables_multi_CFLAGS} -DNO_SHARED_LIBS=1
-+ip6tables_static_CFLAGS = ${ip6tables_multi_CFLAGS} -DNO_SHARED_LIBS=1 -DBATCH_IPV6
- ip6tables_static_LDADD = libiptc/libiptc.la extensions/libext6.a -lm
-
- bin_PROGRAMS = iptables-xml
-@@ -104,10 +104,10 @@
- endif
- if ENABLE_SHARED
- if ENABLE_IPV4
--sbin_PROGRAMS += iptables iptables-multi iptables-restore iptables-save
-+sbin_PROGRAMS += iptables iptables-multi iptables-restore iptables-save iptables-batch
- endif
- if ENABLE_IPV6
--sbin_PROGRAMS += ip6tables ip6tables-multi ip6tables-restore ip6tables-save
-+sbin_PROGRAMS += ip6tables ip6tables-multi ip6tables-restore ip6tables-save ip6tables-batch
- endif
- endif
-
projects / packages / iptables.git / commitdiff