]> git.ipfire.org Git - thirdparty/iptables.git/commitdiff
ebtables-compat: don't make failing extension load fatal
authorFlorian Westphal <fw@strlen.de>
Tue, 10 Apr 2018 10:54:16 +0000 (12:54 +0200)
committerFlorian Westphal <fw@strlen.de>
Wed, 11 Apr 2018 08:17:28 +0000 (10:17 +0200)
We will fail later when we can't parse the option, but that
failure only happens if the is actually used.

So in some cases things will work fine even if an extension
doesn't exist.

Signed-off-by: Florian Westphal <fw@strlen.de>
Acked-by: Pablo Neira Ayuso <pablo@netfilter.org>
iptables/xtables-eb.c

index c8b5d4f3f4f83034b49bed5a048c7a279204965a..33f7851e9e5a68fab9fbd9975b7f4b8cd36444b0 100644 (file)
@@ -605,9 +605,11 @@ static void ebt_load_match(const char *name)
        struct xtables_match *m;
        size_t size;
 
-       m = xtables_find_match(name, XTF_LOAD_MUST_SUCCEED, NULL);
-       if (m == NULL)
-               xtables_error(OTHER_PROBLEM, "Unable to load %s match", name);
+       m = xtables_find_match(name, XTF_TRY_LOAD, NULL);
+       if (m == NULL) {
+               fprintf(stderr, "Unable to load %s match\n", name);
+               return;
+       }
 
        size = XT_ALIGN(sizeof(struct xt_entry_match)) + m->size;
        m->m = xtables_calloc(1, size);
@@ -626,10 +628,11 @@ static void ebt_load_watcher(const char *name)
        struct xtables_target *watcher;
        size_t size;
 
-       watcher = xtables_find_target(name, XTF_LOAD_MUST_SUCCEED);
-       if (!watcher)
-               xtables_error(OTHER_PROBLEM,
-                             "Unable to load %s watcher", name);
+       watcher = xtables_find_target(name, XTF_TRY_LOAD);
+       if (!watcher) {
+               fprintf(stderr, "Unable to load %s watcher\n", name);
+               return;
+       }
 
        size = XT_ALIGN(sizeof(struct xt_entry_target)) + watcher->size;