15b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann/* Code to restore the iptables state, from file by ip6tables-save. 22f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó * Author: Andras Kis-Szabo <kisza@sch.bme.hu> 32f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó * 42f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó * based on iptables-restore 52f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó * Authors: 65b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann * Harald Welte <laforge@gnumonks.org> 75b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann * Rusty Russell <rusty@linuxcare.com.au> 80c4188f446e7c0ed07076c69d1d7f336a92efc8bAndrás Kis-Szabó * This code is distributed under the terms of GNU GPL v2 92f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó */ 102f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 112f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include <getopt.h> 122f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include <sys/errno.h> 13c021c3ce7b1583eb5dd71b10ac3d8ab3cd36beaaJan Engelhardt#include <stdbool.h> 142f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include <string.h> 152f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include <stdio.h> 162f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include <stdlib.h> 172f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include "ip6tables.h" 180b82e8e81e887843011c8771f70d2302901f7e5eYasuyuki KOZAKAI#include "xtables.h" 192f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#include "libiptc/libip6tc.h" 2033690a1aec0b6309ff90066ca56285b6e43013f2Jan Engelhardt#include "ip6tables-multi.h" 212f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 222f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#ifdef DEBUG 232f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#define DEBUGP(x, args...) fprintf(stderr, x, ## args) 242f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#else 255b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann#define DEBUGP(x, args...) 262f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó#endif 272f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 282f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabóstatic int binary = 0, counters = 0, verbose = 0, noflush = 0; 292f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 302f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó/* Keeping track of external matches and targets. */ 317bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajosstatic const struct option options[] = { 327bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "binary", .has_arg = false, .val = 'b'}, 337bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "counters", .has_arg = false, .val = 'c'}, 347bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "verbose", .has_arg = false, .val = 'v'}, 357bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "test", .has_arg = false, .val = 't'}, 367bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "help", .has_arg = false, .val = 'h'}, 377bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "noflush", .has_arg = false, .val = 'n'}, 387bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {.name = "modprobe", .has_arg = true, .val = 'M'}, 397bc3cb7eec4c4db5edc4b503a5dfab799e0bce62Gáspár Lajos {NULL}, 402f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó}; 412f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 422f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabóstatic void print_usage(const char *name, const char *version) __attribute__((noreturn)); 432f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 442f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabóstatic void print_usage(const char *name, const char *version) 452f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó{ 466004439c2ba892f553da473180e006b93a0986aaMartin Josefsson fprintf(stderr, "Usage: %s [-b] [-c] [-v] [-t] [-h]\n" 472f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó " [ --binary ]\n" 482f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó " [ --counters ]\n" 492f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó " [ --verbose ]\n" 504e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson " [ --test ]\n" 512f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó " [ --help ]\n" 5258918654563975e7bf3a6ec26af92a3bc222c229Harald Welte " [ --noflush ]\n" 535b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann " [ --modprobe=<command>]\n", name); 545b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann 552f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 562f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó} 572f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 58c354105d3578e3dd1ec825a57005fe60c095f7cbJan Engelhardtstatic struct ip6tc_handle *create_handle(const char *tablename) 592f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó{ 60fd1873110f8e57be578df17fc9d03536b10f4f73Jan Engelhardt struct ip6tc_handle *handle; 612f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 622f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó handle = ip6tc_init(tablename); 6358918654563975e7bf3a6ec26af92a3bc222c229Harald Welte 6458918654563975e7bf3a6ec26af92a3bc222c229Harald Welte if (!handle) { 6597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* try to insmod the module if iptc_init failed */ 66c021c3ce7b1583eb5dd71b10ac3d8ab3cd36beaaJan Engelhardt xtables_load_ko(xtables_modprobe_program, false); 6797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó handle = ip6tc_init(tablename); 6858918654563975e7bf3a6ec26af92a3bc222c229Harald Welte } 6958918654563975e7bf3a6ec26af92a3bc222c229Harald Welte 702f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!handle) { 711829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, "%s: unable to initialize " 725dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim "table '%s'\n", ip6tables_globals.program_name, 735dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim tablename); 742f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 752f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 762f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó return handle; 772f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó} 782f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 79e78c69c8146c5dcd096ba13ac03d7a7bb90e3ea7Lutz Jaenickestatic int parse_counters(char *string, struct ip6t_counters *ctr) 802f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó{ 81875441ea60d9fd9378475526f2f632b932790553Patrick McHardy unsigned long long pcnt, bcnt; 82875441ea60d9fd9378475526f2f632b932790553Patrick McHardy int ret; 83875441ea60d9fd9378475526f2f632b932790553Patrick McHardy 84bb8be30857edd501e701c2f22db6c59bd6839c87Jan Engelhardt ret = sscanf(string, "[%llu:%llu]", &pcnt, &bcnt); 85875441ea60d9fd9378475526f2f632b932790553Patrick McHardy ctr->pcnt = pcnt; 86875441ea60d9fd9378475526f2f632b932790553Patrick McHardy ctr->bcnt = bcnt; 87875441ea60d9fd9378475526f2f632b932790553Patrick McHardy return ret == 2; 882f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó} 892f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 90885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte/* global new argv and argc */ 91885c6eb5ec8a186c77a4710808374dd612e82b20Harald Weltestatic char *newargv[255]; 92885c6eb5ec8a186c77a4710808374dd612e82b20Harald Weltestatic int newargc; 93885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 945b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann/* function adding one argument to newargv, updating newargc 9597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó * returns true if argument added, false otherwise */ 96885c6eb5ec8a186c77a4710808374dd612e82b20Harald Weltestatic int add_argv(char *what) { 9797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó DEBUGP("add_argv: %s\n", what); 982c69b55e55f2efc5a334b87ccdceaa9de0ecb658Jan Engelhardt if (what && newargc + 1 < ARRAY_SIZE(newargv)) { 9997fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó newargv[newargc] = strdup(what); 10097fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó newargc++; 10197fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó return 1; 1026a0448eecdee4c6a19303b75c1707915a80cbfbbJan Engelhardt } else { 1036a0448eecdee4c6a19303b75c1707915a80cbfbbJan Engelhardt xtables_error(PARAMETER_PROBLEM, 1046a0448eecdee4c6a19303b75c1707915a80cbfbbJan Engelhardt "Parser cannot handle more arguments\n"); 10597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó return 0; 1066a0448eecdee4c6a19303b75c1707915a80cbfbbJan Engelhardt } 107885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte} 108885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 109885c6eb5ec8a186c77a4710808374dd612e82b20Harald Weltestatic void free_argv(void) { 11097fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó int i; 111885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 11297fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó for (i = 0; i < newargc; i++) 11397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó free(newargv[i]); 114885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte} 115885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 1164bc48331d2d1ef64ba452329f2c77137036f6437Hann-Huei Chiou#ifdef IPTABLES_MULTI 1174bc48331d2d1ef64ba452329f2c77137036f6437Hann-Huei Chiouint ip6tables_restore_main(int argc, char *argv[]) 1184bc48331d2d1ef64ba452329f2c77137036f6437Hann-Huei Chiou#else 1192f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabóint main(int argc, char *argv[]) 1204bc48331d2d1ef64ba452329f2c77137036f6437Hann-Huei Chiou#endif 1212f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó{ 122fd1873110f8e57be578df17fc9d03536b10f4f73Jan Engelhardt struct ip6tc_handle *handle = NULL; 1232f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char buffer[10240]; 1242f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó int c; 1252f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char curtable[IP6T_TABLE_MAXNAMELEN + 1]; 1262f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó FILE *in; 1274e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson int in_table = 0, testing = 0; 1282f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 129a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte line = 0; 1302f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 131617d3d140f4739558dce2ef8ed01aef251cf5487Jamal Hadi Salim ip6tables_globals.program_name = "ip6tables-restore"; 1327e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim c = xtables_init_all(&ip6tables_globals, NFPROTO_IPV6); 1337e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim if (c < 0) { 1347e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim fprintf(stderr, "%s/%s Failed to initialize xtables\n", 1357e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim ip6tables_globals.program_name, 1367e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim ip6tables_globals.program_version); 1377e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim exit(1); 1387e4db2f50133007f549f222468bde4f3adcf41acJamal Hadi Salim } 139b79ec69027fd8b65e7eccd78a445b6665e8ad53bJan Engelhardt#if defined(ALL_INCLUSIVE) || defined(NO_SHARED_LIBS) 1409a9694fbf1796a6a5011b60b2a15c01fa3c61368Maciej Żenczykowski init_extensions(); 14149d8c5d564cad70c5c1bef2d5571e8e494454210Maciej Zenczykowski init_extensions6(); 1423efb6ead2e51fe1eca55bcb2b06afb4dc4b8cb7cHarald Welte#endif 1433efb6ead2e51fe1eca55bcb2b06afb4dc4b8cb7cHarald Welte 1444e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson while ((c = getopt_long(argc, argv, "bcvthnM:", options, NULL)) != -1) { 1452f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó switch (c) { 1462f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó case 'b': 1472f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó binary = 1; 1482f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó break; 1492f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó case 'c': 1502f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó counters = 1; 1512f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó break; 15297fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó case 'v': 15397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó verbose = 1; 15497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó break; 1554e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson case 't': 1564e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson testing = 1; 1574e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson break; 1582f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó case 'h': 1592f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó print_usage("ip6tables-restore", 160dacafa55379fd98212031d8c559096c91d7ce93bJan Engelhardt IPTABLES_VERSION); 1612f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó break; 1622f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó case 'n': 1632f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó noflush = 1; 1642f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó break; 16558918654563975e7bf3a6ec26af92a3bc222c229Harald Welte case 'M': 166c021c3ce7b1583eb5dd71b10ac3d8ab3cd36beaaJan Engelhardt xtables_modprobe_program = optarg; 16758918654563975e7bf3a6ec26af92a3bc222c229Harald Welte break; 1682f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 1692f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 1705b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann 1712f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (optind == argc - 1) { 172a239728ec064666025de2723997d87b176d57fd6Maciej Zenczykowski in = fopen(argv[optind], "re"); 1732f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!in) { 174972af09e79618c5086e26ef6438bd38c45c4bb3fPavel Rusnak fprintf(stderr, "Can't open %s: %s\n", argv[optind], 1752f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó strerror(errno)); 1762f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 1772f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 1782f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 1792f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó else if (optind < argc) { 180972af09e79618c5086e26ef6438bd38c45c4bb3fPavel Rusnak fprintf(stderr, "Unknown arguments found on commandline\n"); 1812f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 1822f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 1832f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó else in = stdin; 1845b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann 1852f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó /* Grab standard input. */ 1862f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó while (fgets(buffer, sizeof(buffer), in)) { 187cc53628e73fee066105d8387d0b4f6b7e9d577c9Martin Josefsson int ret = 0; 1882f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 1892f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó line++; 1905065afa11159f4d8cfad672ac01f2958379fad4bMartin Josefsson if (buffer[0] == '\n') 1915065afa11159f4d8cfad672ac01f2958379fad4bMartin Josefsson continue; 1922f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó else if (buffer[0] == '#') { 1933673dcb1545a53d70cee3ad14d101fab33541990Martin Josefsson if (verbose) 1943673dcb1545a53d70cee3ad14d101fab33541990Martin Josefsson fputs(buffer, stdout); 1952f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó continue; 196a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte } else if ((strcmp(buffer, "COMMIT\n") == 0) && (in_table)) { 1974e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson if (!testing) { 1984e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson DEBUGP("Calling commit\n"); 1991c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt ret = ip6tc_commit(handle); 2001c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt ip6tc_free(handle); 2011c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt handle = NULL; 2024e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson } else { 2034e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson DEBUGP("Not calling commit, testing\n"); 2044e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson ret = 1; 2054e5e29adf4d3946253351b871aececfe652239b2Martin Josefsson } 206a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte in_table = 0; 207a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte } else if ((buffer[0] == '*') && (!in_table)) { 2082f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó /* New table */ 2092f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char *table; 2102f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2112f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó table = strtok(buffer+1, " \t\n"); 2122f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("line %u, table '%s'\n", line, table); 2132f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!table) { 2141829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2152f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó "%s: line %u table name invalid\n", 2165dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim ip6tables_globals.program_name, 2175dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim line); 2182f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 2192f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 2202f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó strncpy(curtable, table, IP6T_TABLE_MAXNAMELEN); 221073df8feb0a8c4023ce40138e519ac9b341b1ca2Karsten Desler curtable[IP6T_TABLE_MAXNAMELEN] = '\0'; 2222f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 223841e4aed2349046eb2c0b1375139c06569a93bd0Martin Josefsson if (handle) 2241c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt ip6tc_free(handle); 225841e4aed2349046eb2c0b1375139c06569a93bd0Martin Josefsson 226c354105d3578e3dd1ec825a57005fe60c095f7cbJan Engelhardt handle = create_handle(table); 2272f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (noflush == 0) { 2282f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("Cleaning all chains of table '%s'\n", 2292f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó table); 23074ace0a46048d01611a44c24f6fe5f59d936231bMaciej Zenczykowski for_each_chain6(flush_entries6, verbose, 1, 2311c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt handle); 2325b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann 2332f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("Deleting all user-defined chains " 2342f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó "of table '%s'\n", table); 23585aae15567b8ae1eaedf9f011ba7aef80dfca208Maciej Zenczykowski for_each_chain6(delete_chain6, verbose, 0, 2361c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt handle); 2372f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 2382f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2392f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó ret = 1; 240a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte in_table = 1; 2412f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 242a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte } else if ((buffer[0] == ':') && (in_table)) { 2432f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó /* New chain. */ 2442f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char *policy, *chain; 2452f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2462f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó chain = strtok(buffer+1, " \t\n"); 2472f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("line %u, chain '%s'\n", line, chain); 2482f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!chain) { 2491829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2502f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó "%s: line %u chain name invalid\n", 2515dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim ip6tables_globals.program_name, 2525dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim line); 2532f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 2542f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 2552f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2560cb675b8f18c4b074d4c69461638820708e98100Jan Engelhardt if (strlen(chain) >= XT_EXTENSION_MAXNAMELEN) 25721d1283750d9c4df7ca80165d2b9dc0b9bd214ebJan Engelhardt xtables_error(PARAMETER_PROBLEM, 25821d1283750d9c4df7ca80165d2b9dc0b9bd214ebJan Engelhardt "Invalid chain name `%s' " 25921d1283750d9c4df7ca80165d2b9dc0b9bd214ebJan Engelhardt "(%u chars max)", 2600cb675b8f18c4b074d4c69461638820708e98100Jan Engelhardt chain, XT_EXTENSION_MAXNAMELEN - 1); 26121d1283750d9c4df7ca80165d2b9dc0b9bd214ebJan Engelhardt 262df1c71cc78e3bf0bf73604d13516cefffc783aabHarald Welte if (ip6tc_builtin(chain, handle) <= 0) { 263595e493649a97a738dd84699f65207735b9567e7Charlie Brady if (noflush && ip6tc_is_chain(chain, handle)) { 264595e493649a97a738dd84699f65207735b9567e7Charlie Brady DEBUGP("Flushing existing user defined chain '%s'\n", chain); 2651c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt if (!ip6tc_flush_entries(chain, handle)) 2661829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 267595e493649a97a738dd84699f65207735b9567e7Charlie Brady "error flushing chain " 268595e493649a97a738dd84699f65207735b9567e7Charlie Brady "'%s':%s\n", chain, 269595e493649a97a738dd84699f65207735b9567e7Charlie Brady strerror(errno)); 270595e493649a97a738dd84699f65207735b9567e7Charlie Brady } else { 271595e493649a97a738dd84699f65207735b9567e7Charlie Brady DEBUGP("Creating new chain '%s'\n", chain); 2721c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt if (!ip6tc_create_chain(chain, handle)) 2731829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 274595e493649a97a738dd84699f65207735b9567e7Charlie Brady "error creating chain " 275595e493649a97a738dd84699f65207735b9567e7Charlie Brady "'%s':%s\n", chain, 276595e493649a97a738dd84699f65207735b9567e7Charlie Brady strerror(errno)); 277595e493649a97a738dd84699f65207735b9567e7Charlie Brady } 278885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte } 2792f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2802f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó policy = strtok(NULL, " \t\n"); 2812f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("line %u, policy '%s'\n", line, policy); 2822f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!policy) { 2831829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2842f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó "%s: line %u policy invalid\n", 2855dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim ip6tables_globals.program_name, 2865dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim line); 2872f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 2882f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 2892f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2902f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (strcmp(policy, "-") != 0) { 2912f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó struct ip6t_counters count; 2922f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2932f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (counters) { 2942f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char *ctrs; 2952f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó ctrs = strtok(NULL, " \t\n"); 2962f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 2976f38a30f99966435e0c6b6f5f3ff497f8309ee81Harald Welte if (!ctrs || !parse_counters(ctrs, &count)) 2981829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2996f38a30f99966435e0c6b6f5f3ff497f8309ee81Harald Welte "invalid policy counters " 3006f38a30f99966435e0c6b6f5f3ff497f8309ee81Harald Welte "for chain '%s'\n", chain); 3012f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 3022f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } else { 3035b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann memset(&count, 0, 3042f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó sizeof(struct ip6t_counters)); 3052f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 3062f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 3072f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("Setting policy of chain %s to %s\n", 3082f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó chain, policy); 3092f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 3102f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!ip6tc_set_policy(chain, policy, &count, 3111c9015b2cb483678f153121255e10ec0bbfde3e6Jan Engelhardt handle)) 3121829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(OTHER_PROBLEM, 3132f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó "Can't set policy `%s'" 3142f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó " on `%s' line %u: %s\n", 315f6d6449c88812634e663cef4e09db7b691af3eb5Rob Leslie policy, chain, line, 3162f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó ip6tc_strerror(errno)); 3172f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 3182f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 3192f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó ret = 1; 3202f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 321a8658ca43fba82f7761f774f4daeb29b3e335053Harald Welte } else if (in_table) { 322885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte int a; 3232f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char *ptr = buffer; 3242f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char *pcnt = NULL; 3252f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó char *bcnt = NULL; 32697fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó char *parsestart; 327885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 32897fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* the parser */ 3293bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann char *curchar; 3303bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann int quote_open, escaped; 3313bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann size_t param_len; 332885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 33397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* reset the newargv */ 33497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó newargc = 0; 3352f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 3362f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (buffer[0] == '[') { 33797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* we have counters in our input */ 3382f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó ptr = strchr(buffer, ']'); 3392f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!ptr) 3401829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 3412f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó "Bad line %u: need ]\n", 3422f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó line); 3432f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 344885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte pcnt = strtok(buffer+1, ":"); 34597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó if (!pcnt) 3461829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 34797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó "Bad line %u: need :\n", 34897fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó line); 3492f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 350885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte bcnt = strtok(NULL, "]"); 35197fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó if (!bcnt) 3521829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 35397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó "Bad line %u: need ]\n", 35497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó line); 355885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 35697fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* start command parsing after counter */ 35797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó parsestart = ptr + 1; 35897fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } else { 35997fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* start command parsing at start of line */ 36097fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó parsestart = buffer; 36197fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } 36297fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó 36397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó add_argv(argv[0]); 36497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó add_argv("-t"); 36500696591b1f2582cb0c5a8c1887c2f24b6aafeddJan Engelhardt add_argv(curtable); 3665b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann 3672f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (counters && pcnt && bcnt) { 36897fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó add_argv("--set-counters"); 36997fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó add_argv((char *) pcnt); 37097fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó add_argv((char *) bcnt); 3712f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 372bb41f8879f5743d683ff3e66ef440b7b7bb5f6d2Harald Welte 37397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* After fighting with strtok enough, here's now 37497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó * a 'real' parser. According to Rusty I'm now no 37597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó * longer a real hacker, but I can live with that */ 37697fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó 37797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó quote_open = 0; 3783bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann escaped = 0; 3793bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann param_len = 0; 3805b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann 38197fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó for (curchar = parsestart; *curchar; curchar++) { 3823bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann char param_buffer[1024]; 3833bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann 3843bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann if (quote_open) { 385fe05c768f877bcc69c13d7a9cb1d2b33ef56f600Max Kellermann if (escaped) { 386fe05c768f877bcc69c13d7a9cb1d2b33ef56f600Max Kellermann param_buffer[param_len++] = *curchar; 387fe05c768f877bcc69c13d7a9cb1d2b33ef56f600Max Kellermann escaped = 0; 388fe05c768f877bcc69c13d7a9cb1d2b33ef56f600Max Kellermann continue; 389fe05c768f877bcc69c13d7a9cb1d2b33ef56f600Max Kellermann } else if (*curchar == '\\') { 3903bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann escaped = 1; 3913bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann continue; 3923bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann } else if (*curchar == '"') { 39397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó quote_open = 0; 39497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó *curchar = ' '; 39597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } else { 3963bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann param_buffer[param_len++] = *curchar; 3973bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann continue; 3983bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann } 3993bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann } else { 4003bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann if (*curchar == '"') { 40197fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó quote_open = 1; 4023bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann continue; 40397fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } 4043bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann } 4053bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann 40697fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó if (*curchar == ' ' 40797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó || *curchar == '\t' 40897fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó || * curchar == '\n') { 40997fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó if (!param_len) { 41097fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* two spaces? */ 41197fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó continue; 41297fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } 4133bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann 4143bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann param_buffer[param_len] = '\0'; 41597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó 41697fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó /* check if table name specified */ 417d0cbf5f34d3421064eb0fbbcdc6b90cda4e81f2dJan Engelhardt if (!strncmp(param_buffer, "-t", 2) 41848a6f900fa25a4dd2d9b39cff4bf1ab83356d967Harald Welte || !strncmp(param_buffer, "--table", 8)) { 4191829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 420bb41f8879f5743d683ff3e66ef440b7b7bb5f6d2Harald Welte "Line %u seems to have a " 421bb41f8879f5743d683ff3e66ef440b7b7bb5f6d2Harald Welte "-t table option.\n", line); 422bb41f8879f5743d683ff3e66ef440b7b7bb5f6d2Harald Welte exit(1); 423bb41f8879f5743d683ff3e66ef440b7b7bb5f6d2Harald Welte } 424bb41f8879f5743d683ff3e66ef440b7b7bb5f6d2Harald Welte 42597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó add_argv(param_buffer); 4263bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann param_len = 0; 42797fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } else { 4283bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann /* regular character, copy to buffer */ 4293bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann param_buffer[param_len++] = *curchar; 4303bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann 4313bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann if (param_len >= sizeof(param_buffer)) 4321829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 4333bf54dffc605c88f10b0937c5e3e980328b64b72Max Kellermann "Parameter too long!"); 43497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } 43597fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó } 436885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 437885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte DEBUGP("calling do_command6(%u, argv, &%s, handle):\n", 43897fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó newargc, curtable); 439885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 44097fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó for (a = 0; a < newargc; a++) 4412f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó DEBUGP("argv[%u]: %s\n", a, newargv[a]); 4422f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 4435b76f682f722bebc2f0616fca4600eee2c08dfe2Max Kellermann ret = do_command6(newargc, newargv, 44497fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó &newargv[2], &handle); 445885c6eb5ec8a186c77a4710808374dd612e82b20Harald Welte 44697fd91a58e7978338451471cfc2cd5ead3b22f26András Kis-Szabó free_argv(); 447d213760d4ffb5d2c45e024783741b4b191b91a74Henrik Nordstrom fflush(stdout); 4482f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 4492f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó if (!ret) { 4502f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó fprintf(stderr, "%s: line %u failed\n", 4515dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim ip6tables_globals.program_name, 4525dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim line); 4532f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó exit(1); 4542f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 4552f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó } 456e0dc5813667b87449ab4f2c1ffff5339f2927f1bMartin Josefsson if (in_table) { 457e0dc5813667b87449ab4f2c1ffff5339f2927f1bMartin Josefsson fprintf(stderr, "%s: COMMIT expected at line %u\n", 4585dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim ip6tables_globals.program_name, 4595dd19de34380c91ad07bbe79a34726e59891cf54Jamal Hadi Salim line + 1); 460e0dc5813667b87449ab4f2c1ffff5339f2927f1bMartin Josefsson exit(1); 461e0dc5813667b87449ab4f2c1ffff5339f2927f1bMartin Josefsson } 4622f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó 463f1afcc896e7f8be3a6419681fd8cdee1d600a3aaJan Engelhardt if (in != NULL) 464f1afcc896e7f8be3a6419681fd8cdee1d600a3aaJan Engelhardt fclose(in); 4652f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó return 0; 4662f52379841217e55201fbc93872be9a21fa5d443András Kis-Szabó} 467