netfilter-2.6/iptables/trunk: ip6tables-restore.c iptables-restore.c
pluto
cvs at pld-linux.org
Thu Jun 16 23:34:17 CEST 2005
Author: pluto
Date: Thu Jun 16 23:34:15 2005
New Revision: 6107
Modified:
netfilter-2.6/iptables/trunk/ip6tables-restore.c
netfilter-2.6/iptables/trunk/iptables-restore.c
Log:
- flush chain with noflush when it is redefined (Charlie Brady).
Modified: netfilter-2.6/iptables/trunk/ip6tables-restore.c
==============================================================================
--- netfilter-2.6/iptables/trunk/ip6tables-restore.c (original)
+++ netfilter-2.6/iptables/trunk/ip6tables-restore.c Thu Jun 16 23:34:15 2005
@@ -7,7 +7,7 @@
* Rusty Russell <rusty at linuxcare.com.au>
* This code is distributed under the terms of GNU GPL v2
*
- * $Id: ip6tables-restore.c 3504 2004-12-27 19:49:28Z /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf at netfilter.org $
+ * $Id: ip6tables-restore.c 3980 2005-06-12 15:54:15Z /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber at netfilter.org $
*/
#include <getopt.h>
@@ -233,12 +233,21 @@
}
if (ip6tc_builtin(chain, handle) <= 0) {
- DEBUGP("Creating new chain '%s'\n", chain);
- if (!ip6tc_create_chain(chain, &handle))
- exit_error(PARAMETER_PROBLEM,
- "error creating chain "
- "'%s':%s\n", chain,
- strerror(errno));
+ if (noflush && ip6tc_is_chain(chain, handle)) {
+ DEBUGP("Flushing existing user defined chain '%s'\n", chain);
+ if (!ip6tc_flush_entries(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error flushing chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ } else {
+ DEBUGP("Creating new chain '%s'\n", chain);
+ if (!ip6tc_create_chain(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error creating chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ }
}
policy = strtok(NULL, " \t\n");
Modified: netfilter-2.6/iptables/trunk/iptables-restore.c
==============================================================================
--- netfilter-2.6/iptables/trunk/iptables-restore.c (original)
+++ netfilter-2.6/iptables/trunk/iptables-restore.c Thu Jun 16 23:34:15 2005
@@ -4,7 +4,7 @@
*
* This code is distributed under the terms of GNU GPL v2
*
- * $Id: iptables-restore.c 3504 2004-12-27 19:49:28Z /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=gandalf/emailAddress=gandalf at netfilter.org $
+ * $Id: iptables-restore.c 3980 2005-06-12 15:54:15Z /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber at netfilter.org $
*/
#include <getopt.h>
@@ -236,12 +236,21 @@
}
if (iptc_builtin(chain, handle) <= 0) {
- DEBUGP("Creating new chain '%s'\n", chain);
- if (!iptc_create_chain(chain, &handle))
- exit_error(PARAMETER_PROBLEM,
- "error creating chain "
- "'%s':%s\n", chain,
- strerror(errno));
+ if (noflush && iptc_is_chain(chain, handle)) {
+ DEBUGP("Flushing existing user defined chain '%s'\n", chain);
+ if (!iptc_flush_entries(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error flushing chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ } else {
+ DEBUGP("Creating new chain '%s'\n", chain);
+ if (!iptc_create_chain(chain, &handle))
+ exit_error(PARAMETER_PROBLEM,
+ "error creating chain "
+ "'%s':%s\n", chain,
+ strerror(errno));
+ }
}
policy = strtok(NULL, " \t\n");
More information about the pld-cvs-commit
mailing list