Oliver Ford <ojf...@gmail.com> wrote:
> On Fri, May 19, 2017 at 11:04 AM, Florian Westphal <f...@strlen.de> wrote:
> > Oliver Ford <ojf...@gmail.com> wrote:
> >> Filter a beginning '--t'. Because the getopt_long function allows
> >> abbreviations,
> >> any parameter beginning with '--t' will be treated as '--table'.
> >
> > No, thats not correct:
> > --t is treated as --table.
> > --tfoo is an invalid option.
> > --ttl is ttl.
> >
> > So this:
> >
> >> + || !strncmp(param_buffer, "--t", 3)) {
> >> xtables_error(PARAMETER_PROBLEM,
> >> + "The -t option (seen in line %u)
> >> cannot be "
> >> + "used in ip6tables-restore.\n",
> >> line);
> >
> > .. rejects rules like
> >
> > -A INPUT -m ttl --ttl 32
>
> Would strncmp(param_buffer, "--ta", 4) work? I don't think there are
> any options that begin with --ta other than --table.
That won't catch '--t'.
It will also add trouble later if any module adds an option like --tap,
--tail, --target, etc.
Whats wrong with:
if ((param_buffer[0] == '-' && param_buffer[1] != '-' &&
strchr(param_buffer, 't') ||
(!strncmp(param_buffer, "--t", 3) &&
!strncmp(param_buffer, "--table", strlen(param_buffer)))) {
?
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
