libxtables: hand argv to xtables_check_inverse

author Jan Engelhardt <jengelh@medozas.de>

Tue, 3 Nov 2009 18:55:11 +0000 (19:55 +0100)

committer Jan Engelhardt <jengelh@medozas.de>

Tue, 3 Nov 2009 20:53:55 +0000 (21:53 +0100)
author Jan Engelhardt <jengelh@medozas.de>
Tue, 3 Nov 2009 18:55:11 +0000 (19:55 +0100)
committer Jan Engelhardt <jengelh@medozas.de>
Tue, 3 Nov 2009 20:53:55 +0000 (21:53 +0100)
diff --git a/configure.ac b/configure.ac

index 0419ea7a217229d738ca44c4debd6ed24ab1a2f8..6091ba523a3a9e3a5c30c65801e6fbfa11b76827 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -2,8 +2,8 @@
  AC_INIT([iptables], [1.4.5])
  
  # See libtool.info "Libtool's versioning system"
-libxtables_vcurrent=3
-libxtables_vage=1
+libxtables_vcurrent=4
+libxtables_vage=0
  
  AC_CONFIG_HEADERS([config.h])
  AC_CONFIG_MACRO_DIR([m4])
diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c

index 12d8e725d5d88381a8b6700b6311df4a6bb0289d..bff0611114a68a22caf066cdf1a722c96a00ebe4 100644 (file)
--- a/extensions/libip6t_HL.c
+++ b/extensions/libip6t_HL.c
@@ -39,7 +39,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags,
                 xtables_error(PARAMETER_PROBLEM,
                                 "HL: You must specify a value");
  
-       if (xtables_check_inverse(optarg, &invert, NULL, 0))
+       if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                 xtables_error(PARAMETER_PROBLEM,
                                 "HL: unexpected `!'");
         
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c

index f7132016dd21c209533972409777e293b37790e5..423d9884b9d5fce4a5c9a75f4197a8477c596466 100644 (file)
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -108,7 +108,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --log-level twice");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --log-level");
  
@@ -121,7 +121,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --log-prefix twice");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --log-prefix");
  
diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c

index 9ad3b685e2d46370c406693466c5827ba2aeda04..b8195d7f91009ea2037ef87e3226b48f3345f144 100644 (file)
--- a/extensions/libip6t_REJECT.c
+++ b/extensions/libip6t_REJECT.c
@@ -83,7 +83,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch(c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --reject-with");
                 for (i = 0; i < ARRAY_SIZE(reject_table); ++i)
diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c

index 19b7ad46dd3c86a29fe7b7fca10b85c86e50405a..474dd8fe8fc1a9c8f377766d2a32d6b7d4098ee0 100644 (file)
--- a/extensions/libip6t_ah.c
+++ b/extensions/libip6t_ah.c
@@ -86,7 +86,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_AH_SPI)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--ahspi' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_ah_spis(argv[optind-1], ahinfo->spis);
                 if (invert)
                         ahinfo->invflags |= IP6T_AH_INV_SPI;
@@ -96,7 +96,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_AH_LEN)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--ahlen' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 ahinfo->hdrlen = parse_ah_spi(argv[optind-1], "length");
                 if (invert)
                         ahinfo->invflags |= IP6T_AH_INV_LEN;
diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c

index a47e3a35ed14fcc16e3a7b78ea05f61aeadbb5ec..dfa4daf3de498f22383971aa8b2634ff9f7a7a50 100644 (file)
--- a/extensions/libip6t_dst.c
+++ b/extensions/libip6t_dst.c
@@ -125,7 +125,7 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_OPTS_LEN)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--dst-len' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 optinfo->hdrlen = parse_opts_num(argv[optind-1], "length");
                 if (invert)
                         optinfo->invflags |= IP6T_OPTS_INV_LEN;
@@ -136,7 +136,7 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_OPTS_OPTS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--dst-opts' allowed");
-                xtables_check_inverse(optarg, &invert, &optind, 0);
+                xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                  if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                 " '!' not allowed with `--dst-opts'");
diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c

index 905b494b0de4b0054b8e1a8b799059a806ba3595..8cc432b5c1428aacfa2dd06e24498005f52f4754 100644 (file)
--- a/extensions/libip6t_frag.c
+++ b/extensions/libip6t_frag.c
@@ -94,7 +94,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_FRAG_IDS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--fragid' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_frag_ids(argv[optind-1], fraginfo->ids);
                 if (invert)
                         fraginfo->invflags |= IP6T_FRAG_INV_IDS;
@@ -105,7 +105,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_FRAG_LEN)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--fraglen' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 fraginfo->hdrlen = parse_frag_id(argv[optind-1], "length");
                 if (invert)
                         fraginfo->invflags |= IP6T_FRAG_INV_LEN;
diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c

index e08d84a2490437191922a40b771e61457e8e30ad..b7532b66ddc176dc3ef7370a5827fdcc42d7b5aa 100644 (file)
--- a/extensions/libip6t_hbh.c
+++ b/extensions/libip6t_hbh.c
@@ -120,7 +120,7 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_OPTS_LEN)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--hbh-len' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 optinfo->hdrlen = parse_opts_num(argv[optind-1], "length");
                 if (invert)
                         optinfo->invflags |= IP6T_OPTS_INV_LEN;
@@ -131,7 +131,7 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_OPTS_OPTS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--hbh-opts' allowed");
-                xtables_check_inverse(optarg, &invert, &optind, 0);
+                xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                  if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                 " '!' not allowed with `--hbh-opts'");
diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c

index ff76b74d024d2f1ff7f9f75ef0c98c827567d78b..1abada04bf82cbd468a8072c8906b3d793c6c5e0 100644 (file)
--- a/extensions/libip6t_hl.c
+++ b/extensions/libip6t_hl.c
@@ -29,7 +29,7 @@ static int hl_parse(int c, char **argv, int invert, unsigned int *flags,
         struct ip6t_hl_info *info = (struct ip6t_hl_info *) (*match)->data;
         u_int8_t value;
  
-       xtables_check_inverse(optarg, &invert, &optind, 0);
+       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
         value = atoi(argv[optind-1]);
  
         if (*flags) 
diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c

index e41a670cbe247a125e3204c79b81c455355d98dd..3cee0f9ddb6615c0fdf535078e055ed7b50a9276 100644 (file)
--- a/extensions/libip6t_icmp6.c
+++ b/extensions/libip6t_icmp6.c
@@ -158,7 +158,7 @@ static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags == 1)
                         xtables_error(PARAMETER_PROBLEM,
                                    "icmpv6 match: only use --icmpv6-type once!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_icmpv6(argv[optind-1], &icmpv6info->type, 
                              icmpv6info->code);
                 if (invert)
diff --git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c

index 2674c8fb6500ebc0ab9ac5d682436bc73afbcdba..4a4e1df65d7d622d5cfa7fd7382be97bc16bf502 100644 (file)
--- a/extensions/libip6t_ipv6header.c
+++ b/extensions/libip6t_ipv6header.c
@@ -185,7 +185,7 @@ ipv6header_parse(int c, char **argv, int invert, unsigned int *flags,
                                 xtables_error(PARAMETER_PROBLEM,
                                         "Only one `--header' allowed");
  
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                         if (! (info->matchflags = parse_header(argv[optind-1])) )
                                 xtables_error(PARAMETER_PROBLEM, "ip6t_ipv6header: cannot parse header names");
diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c

index 47d554482c9f5173c98e0c103a43367fb1c79afd..b659c5d3194bd0f011d9d596578823dac952a729 100644 (file)
--- a/extensions/libip6t_mh.c
+++ b/extensions/libip6t_mh.c
@@ -133,7 +133,7 @@ static int mh_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & MH_TYPES)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--mh-type' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_mh_types(argv[optind-1], mhinfo->types);
                 if (invert)
                         mhinfo->invflags |= IP6T_MH_INV_TYPE;
diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c

index c9bf9945444fcc148c9f783e7b1f18be1037d074..851a600aec1b3c626aa8d88759907565b975f3f1 100644 (file)
--- a/extensions/libip6t_rt.c
+++ b/extensions/libip6t_rt.c
@@ -158,7 +158,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_RT_TYP)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--rt-type' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 rtinfo->rt_type = parse_rt_num(argv[optind-1], "type");
                 if (invert)
                         rtinfo->invflags |= IP6T_RT_INV_TYP;
@@ -169,7 +169,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_RT_SGS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--rt-segsleft' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_rt_segsleft(argv[optind-1], rtinfo->segsleft);
                 if (invert)
                         rtinfo->invflags |= IP6T_RT_INV_SGS;
@@ -180,7 +180,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IP6T_RT_LEN)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--rt-len' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 rtinfo->hdrlen = parse_rt_num(argv[optind-1], "length");
                 if (invert)
                         rtinfo->invflags |= IP6T_RT_INV_LEN;
@@ -204,7 +204,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags,
                 if ( !(*flags & IP6T_RT_TYP) || (rtinfo->rt_type != 0) || (rtinfo->invflags & IP6T_RT_INV_TYP) )
                         xtables_error(PARAMETER_PROBLEM,
                                    "`--rt-type 0' required before `--rt-0-addrs'");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    " '!' not allowed with `--rt-0-addrs'");
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c

index 8b2caecd65b2bcdaefeb5aa190d64e9a82e07b2c..380294af2ff69cf38fd31f2dc54cff257e3867d1 100644 (file)
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -154,7 +154,7 @@ static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --to-destination");
  
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c

index 5b90033aaf8820c2d285276fdc2fd79bd18c6a4f..9afb91d6d73a77db92368a7e021955191764e6ed 100644 (file)
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -108,7 +108,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --log-level twice");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --log-level");
  
@@ -121,7 +121,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --log-prefix twice");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --log-prefix");
  
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c

index 90084d8ecf057e9d525c4923c8ddb38f0e75f2b3..9d7fc172c1864c84b55f6ef8094c01931dd755cf 100644 (file)
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -91,7 +91,7 @@ static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Need TCP, UDP, SCTP or DCCP with port specification");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --to-ports");
  
diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c

index f03c05b83a175563d967dfed62835884e2d72643..b05022b047975ab5adeeb6e3fd658ba365cc5607 100644 (file)
--- a/extensions/libipt_NETMAP.c
+++ b/extensions/libipt_NETMAP.c
@@ -117,7 +117,7 @@ static int NETMAP_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --%s", NETMAP_opts[0].name);
  
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c

index 01f9d0ff3089245c8dc7d7cdf777ad690209911a..d39f0bd669f273e177ef55b6f1a90a042a343c56 100644 (file)
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -98,7 +98,7 @@ static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Need TCP, UDP, SCTP or DCCP with port specification");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --to-ports");
  
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c

index 888ff39763de8dfd543a46b2d2f6018d11d64891..85d9e53fa99c695e5d8381299499ebe5b22c9d8a 100644 (file)
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -98,7 +98,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch(c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --reject-with");
                 for (i = 0; i < limit; i++) {
diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c

index 5cb0d3f4d095126f774b84353678fe27435d648c..ed02ef9503c131e78c7dd66867e6710e88109a3d 100644 (file)
--- a/extensions/libipt_SAME.c
+++ b/extensions/libipt_SAME.c
@@ -92,7 +92,7 @@ static int SAME_parse(int c, char **argv, int invert, unsigned int *flags,
                                    "Too many ranges specified, maximum "
                                    "is %i ranges.\n",
                                    IPT_SAME_MAX_RANGE);
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --to");
  
diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c

index d53fc1b150f8cb08838043c63388fcc3071b2790..20daf3be2f637a9a4a4a221fde3df3a6c18969fb 100644 (file)
--- a/extensions/libipt_SET.c
+++ b/extensions/libipt_SET.c
@@ -56,7 +56,7 @@ parse_target(char **argv, int invert, unsigned int *flags,
                 xtables_error(PARAMETER_PROBLEM,
                            "--%s can be specified only once", what);
  
-       if (xtables_check_inverse(optarg, &invert, NULL, 0))
+       if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                 xtables_error(PARAMETER_PROBLEM,
                            "Unexpected `!' after --%s", what);
  
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c

index e592d806d976eec7de2021ca34574c6c742077f7..f7c93d8123854c4e021150ec47854947c648b186 100644 (file)
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -154,7 +154,7 @@ static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --to-source");
  
diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c

index 0e2be0b6f4db2f0b34e2c57e0da718da07362c88..4db9bbe948697ea3ca039d6f323a560cc1c98380 100644 (file)
--- a/extensions/libipt_TTL.c
+++ b/extensions/libipt_TTL.c
@@ -39,7 +39,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags,
                 xtables_error(PARAMETER_PROBLEM,
                                 "TTL: You must specify a value");
  
-       if (xtables_check_inverse(optarg, &invert, NULL, 0))
+       if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                 xtables_error(PARAMETER_PROBLEM,
                                 "TTL: unexpected `!'");
         
diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c

index 3fa91f2d7a09b05d401d706583999610df2147d2..4d009b7582c773a3df9c074fc15ededda4768bf1 100644 (file)
--- a/extensions/libipt_ULOG.c
+++ b/extensions/libipt_ULOG.c
@@ -76,7 +76,7 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --ulog-nlgroup twice");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --ulog-nlgroup");
                 group_d = atoi(optarg);
@@ -94,7 +94,7 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --ulog-prefix twice");
  
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --ulog-prefix");
  
diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c

index cda7051893d452bfcfd7f541ceec8dafa3844939..c3052812d6ba54f5ca3caad5c4b8158fbce6bccd 100644 (file)
--- a/extensions/libipt_addrtype.c
+++ b/extensions/libipt_addrtype.c
@@ -106,7 +106,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags&IPT_ADDRTYPE_OPT_SRCTYPE)
                         xtables_error(PARAMETER_PROBLEM,
                                    "addrtype: can't specify src-type twice");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_types(argv[optind-1], &info->source);
                 if (invert)
                         info->invert_source = 1;
@@ -116,7 +116,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags&IPT_ADDRTYPE_OPT_DSTTYPE)
                         xtables_error(PARAMETER_PROBLEM,
                                    "addrtype: can't specify dst-type twice");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_types(argv[optind-1], &info->dest);
                 if (invert)
                         info->invert_dest = 1;
@@ -141,7 +141,7 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_ADDRTYPE_OPT_SRCTYPE)
                         xtables_error(PARAMETER_PROBLEM,
                                    "addrtype: can't specify src-type twice");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_types(argv[optind-1], &info->source);
                 if (invert)
                         info->flags |= IPT_ADDRTYPE_INVERT_SOURCE;
@@ -151,7 +151,7 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_ADDRTYPE_OPT_DSTTYPE)
                         xtables_error(PARAMETER_PROBLEM,
                                    "addrtype: can't specify dst-type twice");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_types(argv[optind-1], &info->dest);
                 if (invert)
                         info->flags |= IPT_ADDRTYPE_INVERT_DEST;
diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c

index d049b4232159a0fb6c732bb25d2ac43af3ab8778..a2239f6e3253425f9b9ba631a4c9a3ebb99f549c 100644 (file)
--- a/extensions/libipt_ah.c
+++ b/extensions/libipt_ah.c
@@ -82,7 +82,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & AH_SPI)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--ahspi' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_ah_spis(argv[optind-1], ahinfo->spis);
                 if (invert)
                         ahinfo->invflags |= IPT_AH_INV_SPI;
diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c

index 3ee190e9825d59591cd751e7cfe57e4bda652406..ec3ff2da1b96fe1ebb4fbb7deb814f700d3bb84c 100644 (file)
--- a/extensions/libipt_ecn.c
+++ b/extensions/libipt_ecn.c
@@ -43,7 +43,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_ECN_OP_MATCH_CWR)
                         xtables_error(PARAMETER_PROBLEM,
                                    "ECN match: can only use parameter ONCE!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 einfo->operation |= IPT_ECN_OP_MATCH_CWR;
                 if (invert)
                         einfo->invert |= IPT_ECN_OP_MATCH_CWR;
@@ -54,7 +54,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_ECN_OP_MATCH_ECE)
                         xtables_error(PARAMETER_PROBLEM,
                                    "ECN match: can only use parameter ONCE!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 einfo->operation |= IPT_ECN_OP_MATCH_ECE;
                 if (invert)
                         einfo->invert |= IPT_ECN_OP_MATCH_ECE;
@@ -65,7 +65,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_ECN_OP_MATCH_IP)
                         xtables_error(PARAMETER_PROBLEM,
                                    "ECN match: can only use parameter ONCE!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         einfo->invert |= IPT_ECN_OP_MATCH_IP;
                 *flags |= IPT_ECN_OP_MATCH_IP;
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c

index 5667955249f27f5b46551d15853fa7a8827fc17e..b109c8ec1eceffd3596489333af25dcadb87b4d9 100644 (file)
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -183,7 +183,7 @@ static int icmp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags == 1)
                         xtables_error(PARAMETER_PROBLEM,
                                    "icmp match: only use --icmp-type once!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_icmp(argv[optind-1], &icmpinfo->type, 
                            icmpinfo->code);
                 if (invert)
diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c

index be1943edf486085074528372db3bb444c07cf845..8eb20677ff8af5235e955f40bc50d4174d5d1570 100644 (file)
--- a/extensions/libipt_realm.c
+++ b/extensions/libipt_realm.c
@@ -156,7 +156,7 @@ static int realm_parse(int c, char **argv, int invert, unsigned int *flags,
         switch (c) {
                 char *end;
         case '1':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 end = optarg = argv[optind-1];
                 realminfo->id = strtoul(optarg, &end, 0);
                 if (end != optarg && (*end == '/' || *end == '\0')) {
diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c

index 507535991eee4b74a7fa2ecbefffb2582e68ba9b..d2bb78ebcd1f6b2b24905c01c31a7acad5150240 100644 (file)
--- a/extensions/libipt_set.c
+++ b/extensions/libipt_set.c
@@ -64,7 +64,7 @@ static int set_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "--match-set can be specified only once");
  
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         info->flags[0] |= IPSET_MATCH_INV;
  
diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c

index 019a556a7ab5b7a850a875d84b9cb4e2564c8fbd..e2fbcd5bd560006c7567a68f8eb9bc2b0241e7e8 100644 (file)
--- a/extensions/libipt_ttl.c
+++ b/extensions/libipt_ttl.c
@@ -28,7 +28,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags,
         struct ipt_ttl_info *info = (struct ipt_ttl_info *) (*match)->data;
         unsigned int value;
  
-       xtables_check_inverse(optarg, &invert, &optind, 0);
+       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
         switch (c) {
                 case '2':
diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c

index 0768e8857d3b6449b248c8a7276190c2bb6ddff3..e2185d5a0d25c1c0b01e9d1fcb052e73acf2b783 100644 (file)
--- a/extensions/libxt_NFLOG.c
+++ b/extensions/libxt_NFLOG.c
@@ -51,7 +51,7 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & NFLOG_GROUP)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --nflog-group twice");
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --nflog-group");
  
@@ -65,7 +65,7 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & NFLOG_PREFIX)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify --nflog-prefix twice");
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM,
                                    "Unexpected `!' after --nflog-prefix");
  
diff --git a/extensions/libxt_cluster.c b/extensions/libxt_cluster.c

index c80afe6bd7aec27733e4611e074dd0e04c2acb78..ea5d9fb40dc5a389973985253be0e5a22254b578 100644 (file)
--- a/extensions/libxt_cluster.c
+++ b/extensions/libxt_cluster.c
@@ -80,7 +80,7 @@ cluster_parse(int c, char **argv, int invert, unsigned int *flags,
                                       "`--cluster-local-nodemask' and "
                                       "`--cluster-local-node'");
                 }
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (!xtables_strtoui(optarg, NULL, &num, 1,
                                      XT_CLUSTER_NODES_MAX)) {
@@ -105,7 +105,7 @@ cluster_parse(int c, char **argv, int invert, unsigned int *flags,
                                       "`--cluster-local-nodemask' and "
                                       "`--cluster-local-node'");
                 }
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (!xtables_strtoui(optarg, NULL, &num, 1,
                                      XT_CLUSTER_NODES_MAX)) {
diff --git a/extensions/libxt_comment.c b/extensions/libxt_comment.c

index 2e665b12ec2797ab5d3dc10822c393f4b1569773..e0e70b62746960527fe1c407ec9cd74f7c83cba5 100644 (file)
--- a/extensions/libxt_comment.c
+++ b/extensions/libxt_comment.c
@@ -46,7 +46,7 @@ comment_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 if (invert) {
                         xtables_error(PARAMETER_PROBLEM,
                                         "Sorry, you can't have an inverted comment");
diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c

index d6c3b1bb228f9747afb5daafd8025d034b21f17e..48a79ebb922bcbc0f80bc2ffcef8a523173c07f9 100644 (file)
--- a/extensions/libxt_connbytes.c
+++ b/extensions/libxt_connbytes.c
@@ -52,7 +52,7 @@ connbytes_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, &optind, 0))
+               if (xtables_check_inverse(optarg, &invert, &optind, 0, argv))
                         optind++;
  
                 parse_range(argv[optind-1], sinfo);
diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c

index 1698561d52f4602f8b4410f288b0b8a3c09e3e08..6f24d51b619894ba76402ca29b5f74e0110621b5 100644 (file)
--- a/extensions/libxt_connlimit.c
+++ b/extensions/libxt_connlimit.c
@@ -65,7 +65,7 @@ static int connlimit_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                 "--connlimit-above may be given only once");
                 *flags |= 0x1;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 info->limit   = strtoul(argv[optind-1], NULL, 0);
                 info->inverse = invert;
                 break;
diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c

index 48c10b5d2c419818bac8ea0185f4faae3a4245dd..bbe3596fc300937310a12242ab6804150ed3a49c 100644 (file)
--- a/extensions/libxt_connmark.c
+++ b/extensions/libxt_connmark.c
@@ -82,7 +82,7 @@ connmark_parse(int c, char **argv, int invert, unsigned int *flags,
         switch (c) {
                 char *end;
         case '1':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 markinfo->mark = strtoul(optarg, &end, 0);
                 markinfo->mask = 0xffffffffUL;
diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c

index c9f8182b533590dd075a73ee4ed482da0a51aa7d..c4be9b17040a60459389a985138e06a21220cd72 100644 (file)
--- a/extensions/libxt_conntrack.c
+++ b/extensions/libxt_conntrack.c
@@ -298,7 +298,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 parse_states(argv[optind-1], sinfo);
                 if (invert) {
@@ -308,7 +308,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '2':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if(invert)
                         sinfo->invflags |= XT_CONNTRACK_PROTO;
@@ -330,7 +330,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '3':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (invert)
                         sinfo->invflags |= XT_CONNTRACK_ORIGSRC;
@@ -350,7 +350,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '4':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (invert)
                         sinfo->invflags |= XT_CONNTRACK_ORIGDST;
@@ -370,7 +370,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '5':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (invert)
                         sinfo->invflags |= XT_CONNTRACK_REPLSRC;
@@ -390,7 +390,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '6':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (invert)
                         sinfo->invflags |= XT_CONNTRACK_REPLDST;
@@ -410,7 +410,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '7':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 parse_statuses(argv[optind-1], sinfo);
                 if (invert) {
@@ -420,7 +420,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '8':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 parse_expires(argv[optind-1], sinfo);
                 if (invert) {
diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c

index ae23225c8d8b94edd81769f5a9da409443565987..f2beb7f9730c621c10abc35869915f9d44b98d11 100644 (file)
--- a/extensions/libxt_dccp.c
+++ b/extensions/libxt_dccp.c
@@ -140,7 +140,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--source-port' allowed");
                 einfo->flags |= XT_DCCP_SRC_PORTS;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_dccp_ports(argv[optind-1], einfo->spts);
                 if (invert)
                         einfo->invflags |= XT_DCCP_SRC_PORTS;
@@ -152,7 +152,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--destination-port' allowed");
                 einfo->flags |= XT_DCCP_DEST_PORTS;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_dccp_ports(argv[optind-1], einfo->dpts);
                 if (invert)
                         einfo->invflags |= XT_DCCP_DEST_PORTS;
@@ -164,7 +164,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--dccp-types' allowed");
                 einfo->flags |= XT_DCCP_TYPE;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 einfo->typemask = parse_dccp_types(argv[optind-1]);
                 if (invert)
                         einfo->invflags |= XT_DCCP_TYPE;
@@ -176,7 +176,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--dccp-option' allowed");
                 einfo->flags |= XT_DCCP_OPTION;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 einfo->option = parse_dccp_option(argv[optind-1]);
                 if (invert)
                         einfo->invflags |= XT_DCCP_OPTION;
diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c

index 306643e86a0c03487dacdab9f803c3466acf9606..03e47633c059390aa28353d0ce3d65353bb15fde 100644 (file)
--- a/extensions/libxt_dscp.c
+++ b/extensions/libxt_dscp.c
@@ -82,7 +82,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags)
                         xtables_error(PARAMETER_PROBLEM,
                                    "DSCP match: Only use --dscp ONCE!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_dscp(argv[optind-1], dinfo);
                 if (invert)
                         dinfo->invert = 1;
@@ -93,7 +93,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags)
                         xtables_error(PARAMETER_PROBLEM,
                                         "DSCP match: Only use --dscp-class ONCE!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_class(argv[optind - 1], dinfo);
                 if (invert)
                         dinfo->invert = 1;
diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c

index 89c3fb4343ab7df6646d1af153607958fb3d0291..6655ec962df753b9f6a6b36d34aa3e3e8be734b0 100644 (file)
--- a/extensions/libxt_esp.c
+++ b/extensions/libxt_esp.c
@@ -88,7 +88,7 @@ esp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & ESP_SPI)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--espspi' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_esp_spis(argv[optind-1], espinfo->spis);
                 if (invert)
                         espinfo->invflags |= XT_ESP_INV_SPI;
diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c

index cdb407ab6e3c115b76c6a717fc4904b832dc7ae2..5ff1ae02678732060a943640deed4fd95eb3b07f 100644 (file)
--- a/extensions/libxt_hashlimit.c
+++ b/extensions/libxt_hashlimit.c
@@ -219,7 +219,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case '%':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit",
                           *flags & PARAM_LIMIT);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!parse_rate(optarg, &r->cfg.avg))
                         xtables_error(PARAMETER_PROBLEM,
                                    "bad rate `%s'", optarg);
@@ -229,7 +229,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case '$':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-burst",
                           *flags & PARAM_BURST);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
                         xtables_error(PARAMETER_PROBLEM,
                                    "bad --hashlimit-burst `%s'", optarg);
@@ -239,7 +239,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case '&':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-size",
                           *flags & PARAM_SIZE);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
                         xtables_error(PARAMETER_PROBLEM,
                                 "bad --hashlimit-htable-size: `%s'", optarg);
@@ -249,7 +249,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case '*':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-htable-max",
                           *flags & PARAM_MAX);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
                         xtables_error(PARAMETER_PROBLEM,
                                 "bad --hashlimit-htable-max: `%s'", optarg);
@@ -260,7 +260,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
                           "--hashlimit-htable-gcinterval",
                           *flags & PARAM_GCINTERVAL);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
                         xtables_error(PARAMETER_PROBLEM,
                                 "bad --hashlimit-htable-gcinterval: `%s'", 
@@ -272,7 +272,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case ')':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit",
                           "--hashlimit-htable-expire", *flags & PARAM_EXPIRE);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX))
                         xtables_error(PARAMETER_PROBLEM,
                                 "bad --hashlimit-htable-expire: `%s'", optarg);
@@ -283,7 +283,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case '_':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-mode",
                           *flags & PARAM_MODE);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (parse_mode(&r->cfg.mode, optarg) < 0)
                         xtables_error(PARAMETER_PROBLEM,
                                    "bad --hashlimit-mode: `%s'\n", optarg);
@@ -292,7 +292,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags,
         case '"':
                 xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-name",
                           *flags & PARAM_NAME);
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (strlen(optarg) == 0)
                         xtables_error(PARAMETER_PROBLEM, "Zero-length name?");
                 strncpy(r->name, optarg, sizeof(r->name));
diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c

index adced4378354e7699124537822712f7e768272c0..35b5f152b857038a617ff628e571e063c8af1a50 100644 (file)
--- a/extensions/libxt_helper.c
+++ b/extensions/libxt_helper.c
@@ -31,7 +31,7 @@ helper_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags)
                         xtables_error(PARAMETER_PROBLEM,
                                         "helper match: Only use --helper ONCE!");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 strncpy(info->name, optarg, 29);
                 info->name[29] = '\0';
                 if (invert)
diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c

index 9e544ea0139cfe9f6f0694e88a40b228b12e2dae..2cf7a17a84b32f5aa75f26a225ae591e9ec6664f 100644 (file)
--- a/extensions/libxt_iprange.c
+++ b/extensions/libxt_iprange.c
@@ -92,7 +92,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags,
                 *flags |= IPRANGE_SRC;
  
                 info->flags |= IPRANGE_SRC;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         info->flags |= IPRANGE_SRC_INV;
                 iprange_parse_range(optarg, range, NFPROTO_IPV4, "--src-range");
@@ -106,7 +106,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags,
                 *flags |= IPRANGE_DST;
  
                 info->flags |= IPRANGE_DST;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         info->flags |= IPRANGE_DST_INV;
  
diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c

index 0f954cf8c8685cc1f8f62366f36dd19439e2bab7..7b049ce1f6342b018990fa6b1675b19124cc66ad 100644 (file)
--- a/extensions/libxt_length.c
+++ b/extensions/libxt_length.c
@@ -70,7 +70,7 @@ length_parse(int c, char **argv, int invert, unsigned int *flags,
                                 xtables_error(PARAMETER_PROBLEM,
                                            "length: `--length' may only be "
                                            "specified once");
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                         parse_lengths(argv[optind-1], info);
                         if (invert)
                                 info->invert = 1;
diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c

index 8ca921c6706f9b3ef485779e1a992d6b6b209e6f..d4baf5f93e2abe5c994abe4dc0f96498bc4cdff7 100644 (file)
--- a/extensions/libxt_limit.c
+++ b/extensions/libxt_limit.c
@@ -94,14 +94,14 @@ limit_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch(c) {
         case '%':
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!parse_rate(optarg, &r->avg))
                         xtables_error(PARAMETER_PROBLEM,
                                    "bad rate `%s'", optarg);
                 break;
  
         case '$':
-               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break;
+               if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv)) break;
                 if (!xtables_strtoui(optarg, NULL, &num, 0, 10000))
                         xtables_error(PARAMETER_PROBLEM,
                                    "bad --limit-burst `%s'", optarg);
diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c

index 449fff92240410f5bdc9e3c007e5814b84b29db0..2722ef00a01b006cfeb89d1706b7aaf83ab0fa8a 100644 (file)
--- a/extensions/libxt_mac.c
+++ b/extensions/libxt_mac.c
@@ -57,7 +57,7 @@ mac_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_mac(argv[optind-1], macinfo);
                 if (invert)
                         macinfo->invert = 1;
diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c

index fc3d6466edbea3b30988c6b0b518c2f068dd221f..691cd04d96764d8fc8b0b73deffb13b4a1d9be6f 100644 (file)
--- a/extensions/libxt_mark.c
+++ b/extensions/libxt_mark.c
@@ -62,7 +62,7 @@ mark_parse(int c, char **argv, int invert, unsigned int *flags,
         switch (c) {
                 char *end;
         case '1':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 markinfo->mark = strtoul(optarg, &end, 0);
                 if (*end == '/') {
                         markinfo->mask = strtoul(end+1, &end, 0);
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c

index d9b6e74136829ba12eebf148b87f9cd0288fe442..2be070019c8c00aaf601ff19c1ec2569af40476a 100644 (file)
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -164,7 +164,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 proto = check_proto(pnum, invflags);
                 multiinfo->count = parse_multi_ports(argv[optind-1],
                                                      multiinfo->ports, proto);
@@ -172,7 +172,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '2':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 proto = check_proto(pnum, invflags);
                 multiinfo->count = parse_multi_ports(argv[optind-1],
                                                      multiinfo->ports, proto);
@@ -180,7 +180,7 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case '3':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 proto = check_proto(pnum, invflags);
                 multiinfo->count = parse_multi_ports(argv[optind-1],
                                                      multiinfo->ports, proto);
@@ -231,21 +231,21 @@ __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 proto = check_proto(pnum, invflags);
                 parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
                 multiinfo->flags = XT_MULTIPORT_SOURCE;
                 break;
  
         case '2':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 proto = check_proto(pnum, invflags);
                 parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
                 multiinfo->flags = XT_MULTIPORT_DESTINATION;
                 break;
  
         case '3':
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
                 proto = check_proto(pnum, invflags);
                 parse_multi_ports_v1(argv[optind-1], multiinfo, proto);
                 multiinfo->flags = XT_MULTIPORT_EITHER;
diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c

index 74d311da432e8ab5614c52f649b8e02402e69d45..bd1076698b01da6a731f612c8e70dc48c5a53205 100644 (file)
--- a/extensions/libxt_physdev.c
+++ b/extensions/libxt_physdev.c
@@ -43,7 +43,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
         case '1':
                 if (*flags & XT_PHYSDEV_OP_IN)
                         goto multiple_use;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 xtables_parse_interface(argv[optind-1], info->physindev,
                                 (unsigned char *)info->in_mask);
                 if (invert)
@@ -55,7 +55,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
         case '2':
                 if (*flags & XT_PHYSDEV_OP_OUT)
                         goto multiple_use;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 xtables_parse_interface(argv[optind-1], info->physoutdev,
                                 (unsigned char *)info->out_mask);
                 if (invert)
@@ -67,7 +67,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
         case '3':
                 if (*flags & XT_PHYSDEV_OP_ISIN)
                         goto multiple_use;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 info->bitmask |= XT_PHYSDEV_OP_ISIN;
                 if (invert)
                         info->invert |= XT_PHYSDEV_OP_ISIN;
@@ -77,7 +77,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
         case '4':
                 if (*flags & XT_PHYSDEV_OP_ISOUT)
                         goto multiple_use;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 info->bitmask |= XT_PHYSDEV_OP_ISOUT;
                 if (invert)
                         info->invert |= XT_PHYSDEV_OP_ISOUT;
@@ -87,7 +87,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags,
         case '5':
                 if (*flags & XT_PHYSDEV_OP_BRIDGED)
                         goto multiple_use;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         info->invert |= XT_PHYSDEV_OP_BRIDGED;
                 *flags |= XT_PHYSDEV_OP_BRIDGED;
diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c

index 7586c7f050be573dcc7f765c2d0192222e6187f5..b9cb93cc7a36fc9be4f5a185e6064ee09c71e039 100644 (file)
--- a/extensions/libxt_pkttype.c
+++ b/extensions/libxt_pkttype.c
@@ -87,7 +87,7 @@ static int pkttype_parse(int c, char **argv, int invert, unsigned int *flags,
         switch(c)
         {
                 case '1':
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                         parse_pkttype(argv[optind-1], info);
                         if(invert)
                                 info->invert=1;
diff --git a/extensions/libxt_policy.c b/extensions/libxt_policy.c

index 858eaaad067f656888c5dc6e8456d3134eeb01dd..521bac1abcbee4e7f821589654a6a10efbc037e8 100644 (file)
--- a/extensions/libxt_policy.c
+++ b/extensions/libxt_policy.c
@@ -118,7 +118,7 @@ static int parse_mode(char *s)
         xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s);
  }
  
-static int policy_parse(int c, int invert, unsigned int *flags,
+static int policy_parse(int c, char **argv, int invert, unsigned int *flags,
                          struct xt_policy_info *info, uint8_t family)
  {
         struct xt_policy_elem *e = &info->pol[info->len];
@@ -127,7 +127,7 @@ static int policy_parse(int c, int invert, unsigned int *flags,
         unsigned int naddr = 0, num;
         int mode;
  
-       xtables_check_inverse(optarg, &invert, &optind, 0);
+       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
         switch (c) {
         case '1':
@@ -269,14 +269,14 @@ static int policy_parse(int c, int invert, unsigned int *flags,
  static int policy4_parse(int c, char **argv, int invert, unsigned int *flags,
                           const void *entry, struct xt_entry_match **match)
  {
-       return policy_parse(c, invert, flags, (void *)(*match)->data,
+       return policy_parse(c, argv, invert, flags, (void *)(*match)->data,
                NFPROTO_IPV4);
  }
  
  static int policy6_parse(int c, char **argv, int invert, unsigned int *flags,
                          const void *entry, struct xt_entry_match **match)
  {
-       return policy_parse(c, invert, flags, (void *)(*match)->data,
+       return policy_parse(c, argv, invert, flags, (void *)(*match)->data,
                NFPROTO_IPV6);
  }
  
diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c

index 0ccc94bbc98df093019632846db7ed6f0717a72c..69d2746072b28c3cfab708a4094a94dc9433371b 100644 (file)
--- a/extensions/libxt_quota.c
+++ b/extensions/libxt_quota.c
@@ -60,7 +60,7 @@ quota_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               if (xtables_check_inverse(optarg, &invert, NULL, 0))
+               if (xtables_check_inverse(optarg, &invert, NULL, 0, argv))
                         xtables_error(PARAMETER_PROBLEM, "quota: unexpected '!'");
                 if (!parse_quota(optarg, &info->quota))
                         xtables_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c

index 54a7579a661c1c1218c58be57a8384ce734b9cf6..b105529f5f761f736801909d365c4b5b29934191 100644 (file)
--- a/extensions/libxt_rateest.c
+++ b/extensions/libxt_rateest.c
@@ -118,7 +118,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case OPT_RATEEST1:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest can't be inverted");
@@ -132,7 +132,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST2:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest can't be inverted");
@@ -147,7 +147,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_BPS1:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest-bps can't be inverted");
@@ -171,7 +171,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_PPS1:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest-pps can't be inverted");
@@ -196,7 +196,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_BPS2:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest-bps can't be inverted");
@@ -220,7 +220,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_PPS2:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest-pps can't be inverted");
@@ -245,7 +245,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_DELTA:
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 if (invert)
                         xtables_error(PARAMETER_PROBLEM,
                                    "rateest: rateest-delta can't be inverted");
@@ -259,7 +259,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_EQ:
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
  
                 if (*flags & (1 << c))
                         xtables_error(PARAMETER_PROBLEM,
@@ -272,7 +272,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_LT:
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
  
                 if (*flags & (1 << c))
                         xtables_error(PARAMETER_PROBLEM,
@@ -285,7 +285,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags,
                 break;
  
         case OPT_RATEEST_GT:
-               xtables_check_inverse(argv[optind-1], &invert, &optind, 0);
+               xtables_check_inverse(argv[optind-1], &invert, &optind, 0, argv);
  
                 if (*flags & (1 << c))
                         xtables_error(PARAMETER_PROBLEM,
diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c

index d503685cb6ed2066d3aae17e338c191e31e8cb71..5add228813c58b653aa6dbfdab6a926868308ea1 100644 (file)
--- a/extensions/libxt_recent.c
+++ b/extensions/libxt_recent.c
@@ -73,7 +73,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
                                 xtables_error(PARAMETER_PROBLEM,
                                         "recent: only one of `--set', `--rcheck' "
                                         "`--update' or `--remove' may be set");
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                         info->check_set |= XT_RECENT_SET;
                         if (invert) info->invert = 1;
                         *flags |= XT_RECENT_SET;
@@ -84,7 +84,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
                                 xtables_error(PARAMETER_PROBLEM,
                                         "recent: only one of `--set', `--rcheck' "
                                         "`--update' or `--remove' may be set");
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                         info->check_set |= XT_RECENT_CHECK;
                         if(invert) info->invert = 1;
                         *flags |= XT_RECENT_CHECK;
@@ -95,7 +95,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
                                 xtables_error(PARAMETER_PROBLEM,
                                         "recent: only one of `--set', `--rcheck' "
                                         "`--update' or `--remove' may be set");
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                         info->check_set |= XT_RECENT_UPDATE;
                         if (invert) info->invert = 1;
                         *flags |= XT_RECENT_UPDATE;
@@ -106,7 +106,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags,
                                 xtables_error(PARAMETER_PROBLEM,
                                         "recent: only one of `--set', `--rcheck' "
                                         "`--update' or `--remove' may be set");
-                       xtables_check_inverse(optarg, &invert, &optind, 0);
+                       xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                         info->check_set |= XT_RECENT_REMOVE;
                         if (invert) info->invert = 1;
                         *flags |= XT_RECENT_REMOVE;
diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c

index dfa72d3d50ef72529730c69eda233ff4ff0505b1..f4844e3f74442bdd529c8adc3bde4c86f8705ab4 100644 (file)
--- a/extensions/libxt_sctp.c
+++ b/extensions/libxt_sctp.c
@@ -257,7 +257,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--source-port' allowed");
                 einfo->flags |= XT_SCTP_SRC_PORTS;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_sctp_ports(argv[optind-1], einfo->spts);
                 if (invert)
                         einfo->invflags |= XT_SCTP_SRC_PORTS;
@@ -269,7 +269,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--destination-port' allowed");
                 einfo->flags |= XT_SCTP_DEST_PORTS;
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_sctp_ports(argv[optind-1], einfo->dpts);
                 if (invert)
                         einfo->invflags |= XT_SCTP_DEST_PORTS;
@@ -280,7 +280,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & XT_SCTP_CHUNK_TYPES)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--chunk-types' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (!argv[optind] 
                     || argv[optind][0] == '-' || argv[optind][0] == '!')
diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c

index c8a7454a2605eb88d1531b396f3bb58c0108450a..94ef6b741ed3f7d446f52654a1c7cc5549b45cf4 100644 (file)
--- a/extensions/libxt_state.c
+++ b/extensions/libxt_state.c
@@ -71,7 +71,7 @@ state_parse(int c, char **argv, int invert, unsigned int *flags,
  
         switch (c) {
         case '1':
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 state_parse_states(argv[optind-1], sinfo);
                 if (invert)
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c

index 62c3a97a61ff18b15c67b67615331277ee00308b..ce2d30d9e74bddfc1160065d4e29b46c818d929d 100644 (file)
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -202,7 +202,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & STRING)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify multiple --string");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_string(argv[optind-1], stringinfo);
                 if (invert) {
                         if (revision == 0)
@@ -218,7 +218,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Can't specify multiple --hex-string");
  
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_hex_string(argv[optind-1], stringinfo);  /* sets length */
                 if (invert) {
                         if (revision == 0)
diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c

index 7abecc1629e584d242426a9ae63d8ac2e9e2cfcb..0f3e27de3aaba1f9d55c077b9b171ec5669d29c7 100644 (file)
--- a/extensions/libxt_tcp.c
+++ b/extensions/libxt_tcp.c
@@ -147,7 +147,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & TCP_SRC_PORTS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--source-port' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_tcp_ports(argv[optind-1], tcpinfo->spts);
                 if (invert)
                         tcpinfo->invflags |= XT_TCP_INV_SRCPT;
@@ -158,7 +158,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & TCP_DST_PORTS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--destination-port' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_tcp_ports(argv[optind-1], tcpinfo->dpts);
                 if (invert)
                         tcpinfo->invflags |= XT_TCP_INV_DSTPT;
@@ -179,7 +179,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one of `--syn' or `--tcp-flags' "
                                    " allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
  
                 if (!argv[optind]
                     || argv[optind][0] == '-' || argv[optind][0] == '!')
@@ -196,7 +196,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & TCP_OPTION)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--tcp-option' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_tcp_option(argv[optind-1], &tcpinfo->option);
                 if (invert)
                         tcpinfo->invflags |= XT_TCP_INV_OPTION;
diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c

index 36785a320141fb51be54b3b8e78c2a743a229072..35ddcd6c5f8e601586d2c73b24e6eed548abbc8f 100644 (file)
--- a/extensions/libxt_tcpmss.c
+++ b/extensions/libxt_tcpmss.c
@@ -65,7 +65,7 @@ tcpmss_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--mss' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_tcp_mssvalues(argv[optind-1],
                                     &mssinfo->mss_min, &mssinfo->mss_max);
                 if (invert)
diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c

index bf0b34fb8b4b54364d4638c4ee9c17919f265d07..8a80b6e292962d757a9038fa943056af7b26034d 100644 (file)
--- a/extensions/libxt_udp.c
+++ b/extensions/libxt_udp.c
@@ -72,7 +72,7 @@ udp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & UDP_SRC_PORTS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--source-port' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_udp_ports(argv[optind-1], udpinfo->spts);
                 if (invert)
                         udpinfo->invflags |= XT_UDP_INV_SRCPT;
@@ -83,7 +83,7 @@ udp_parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & UDP_DST_PORTS)
                         xtables_error(PARAMETER_PROBLEM,
                                    "Only one `--destination-port' allowed");
-               xtables_check_inverse(optarg, &invert, &optind, 0);
+               xtables_check_inverse(optarg, &invert, &optind, 0, argv);
                 parse_udp_ports(argv[optind-1], udpinfo->dpts);
                 if (invert)
                         udpinfo->invflags |= XT_UDP_INV_DSTPT;
diff --git a/include/xtables.h.in b/include/xtables.h.in

index 3955716d5cf4036e447bb78cfb4b1f60da82bc67..788ad7de3767cd14d84fdbc34cffe81c2cceb7fa 100644 (file)
--- a/include/xtables.h.in
+++ b/include/xtables.h.in
@@ -246,7 +246,7 @@ xtables_parse_interface(const char *arg, char *vianame, unsigned char *mask);
  #define aligned_u64 u_int64_t __attribute__((aligned(8)))
  
  int xtables_check_inverse(const char option[], int *invert,
-       int *my_optind, int argc);
+       int *my_optind, int argc, char **argv);
  extern struct xtables_globals *xt_params;
  #define xtables_error (xt_params->exit_err)
  
diff --git a/ip6tables.c b/ip6tables.c

index 53a1a5dfe805ebe56b0715563b90c908ee6c5881..36d10e53319b30410aae3039a12bbc93c57cebff 100644 (file)
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -1492,7 +1492,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
                          * Option selection
                          */
                 case 'p':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_PROTOCOL, &fw.ipv6.invflags,
                                    invert);
  
@@ -1518,14 +1518,14 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
                         break;
  
                 case 's':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_SOURCE, &fw.ipv6.invflags,
                                    invert);
                         shostnetworkmask = argv[optind-1];
                         break;
  
                 case 'd':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_DESTINATION, &fw.ipv6.invflags,
                                    invert);
                         dhostnetworkmask = argv[optind-1];
@@ -1571,7 +1571,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
  
  
                 case 'i':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_VIANAMEIN, &fw.ipv6.invflags,
                                    invert);
                         xtables_parse_interface(argv[optind-1],
@@ -1580,7 +1580,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand
                         break;
  
                 case 'o':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_VIANAMEOUT, &fw.ipv6.invflags,
                                    invert);
                         xtables_parse_interface(argv[optind-1],
diff --git a/iptables.c b/iptables.c

index 1160171933e1dda44f552ffed14ad0db16bf69e6..d778c12c2e160aeb2d68ff351c730903c5e58eb5 100644 (file)
--- a/iptables.c
+++ b/iptables.c
@@ -1515,7 +1515,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
                          * Option selection
                          */
                 case 'p':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_PROTOCOL, &fw.ip.invflags,
                                    invert);
  
@@ -1533,14 +1533,14 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
                         break;
  
                 case 's':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_SOURCE, &fw.ip.invflags,
                                    invert);
                         shostnetworkmask = argv[optind-1];
                         break;
  
                 case 'd':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_DESTINATION, &fw.ip.invflags,
                                    invert);
                         dhostnetworkmask = argv[optind-1];
@@ -1586,7 +1586,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
  
  
                 case 'i':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_VIANAMEIN, &fw.ip.invflags,
                                    invert);
                         xtables_parse_interface(argv[optind-1],
@@ -1595,7 +1595,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle
                         break;
  
                 case 'o':
-                       xtables_check_inverse(optarg, &invert, &optind, argc);
+                       xtables_check_inverse(optarg, &invert, &optind, argc, argv);
                         set_option(&options, OPT_VIANAMEOUT, &fw.ip.invflags,
                                    invert);
                         xtables_parse_interface(argv[optind-1],
diff --git a/xtables.c b/xtables.c

index 35a87e88051711e80940715c5d641a807f079741..63c5db77270f28b123fd04acf5f79628de1e8d5e 100644 (file)
--- a/xtables.c
+++ b/xtables.c
@@ -1643,7 +1643,7 @@ void xtables_save_string(const char *value)
   * Do not use in new code.
   */
  int xtables_check_inverse(const char option[], int *invert,
-                         int *my_optind, int argc)
+                         int *my_optind, int argc, char **argv)
  {
         if (option == NULL || strcmp(option, "!") != 0)
                 return false;
@@ -1657,6 +1657,7 @@ int xtables_check_inverse(const char option[], int *invert,
                            "Multiple `!' flags not allowed");
         *invert = true;
         if (my_optind != NULL) {
+               optarg = argv[*my_optind];
                 ++*my_optind;
                 if (argc && *my_optind > argc)
                         xt_params->exit_err(PARAMETER_PROBLEM,
author	Jan Engelhardt <jengelh@medozas.de>
	Tue, 3 Nov 2009 18:55:11 +0000 (19:55 +0100)
committer	Jan Engelhardt <jengelh@medozas.de>
	Tue, 3 Nov 2009 20:53:55 +0000 (21:53 +0100)
configure.ac		patch \| blob \| blame \| history
extensions/libip6t_HL.c		patch \| blob \| blame \| history
extensions/libip6t_LOG.c		patch \| blob \| blame \| history
extensions/libip6t_REJECT.c		patch \| blob \| blame \| history
extensions/libip6t_ah.c		patch \| blob \| blame \| history
extensions/libip6t_dst.c		patch \| blob \| blame \| history
extensions/libip6t_frag.c		patch \| blob \| blame \| history
extensions/libip6t_hbh.c		patch \| blob \| blame \| history
extensions/libip6t_hl.c		patch \| blob \| blame \| history
extensions/libip6t_icmp6.c		patch \| blob \| blame \| history
extensions/libip6t_ipv6header.c		patch \| blob \| blame \| history
extensions/libip6t_mh.c		patch \| blob \| blame \| history
extensions/libip6t_rt.c		patch \| blob \| blame \| history
extensions/libipt_DNAT.c		patch \| blob \| blame \| history
extensions/libipt_LOG.c		patch \| blob \| blame \| history
extensions/libipt_MASQUERADE.c		patch \| blob \| blame \| history
extensions/libipt_NETMAP.c		patch \| blob \| blame \| history
extensions/libipt_REDIRECT.c		patch \| blob \| blame \| history
extensions/libipt_REJECT.c		patch \| blob \| blame \| history
extensions/libipt_SAME.c		patch \| blob \| blame \| history
extensions/libipt_SET.c		patch \| blob \| blame \| history
extensions/libipt_SNAT.c		patch \| blob \| blame \| history
extensions/libipt_TTL.c		patch \| blob \| blame \| history
extensions/libipt_ULOG.c		patch \| blob \| blame \| history
extensions/libipt_addrtype.c		patch \| blob \| blame \| history
extensions/libipt_ah.c		patch \| blob \| blame \| history
extensions/libipt_ecn.c		patch \| blob \| blame \| history
extensions/libipt_icmp.c		patch \| blob \| blame \| history
extensions/libipt_realm.c		patch \| blob \| blame \| history
extensions/libipt_set.c		patch \| blob \| blame \| history
extensions/libipt_ttl.c		patch \| blob \| blame \| history
extensions/libxt_NFLOG.c		patch \| blob \| blame \| history
extensions/libxt_cluster.c		patch \| blob \| blame \| history
extensions/libxt_comment.c		patch \| blob \| blame \| history
extensions/libxt_connbytes.c		patch \| blob \| blame \| history
extensions/libxt_connlimit.c		patch \| blob \| blame \| history
extensions/libxt_connmark.c		patch \| blob \| blame \| history
extensions/libxt_conntrack.c		patch \| blob \| blame \| history
extensions/libxt_dccp.c		patch \| blob \| blame \| history
extensions/libxt_dscp.c		patch \| blob \| blame \| history
extensions/libxt_esp.c		patch \| blob \| blame \| history
extensions/libxt_hashlimit.c		patch \| blob \| blame \| history
extensions/libxt_helper.c		patch \| blob \| blame \| history
extensions/libxt_iprange.c		patch \| blob \| blame \| history
extensions/libxt_length.c		patch \| blob \| blame \| history
extensions/libxt_limit.c		patch \| blob \| blame \| history
extensions/libxt_mac.c		patch \| blob \| blame \| history
extensions/libxt_mark.c		patch \| blob \| blame \| history
extensions/libxt_multiport.c		patch \| blob \| blame \| history
extensions/libxt_physdev.c		patch \| blob \| blame \| history
extensions/libxt_pkttype.c		patch \| blob \| blame \| history
extensions/libxt_policy.c		patch \| blob \| blame \| history
extensions/libxt_quota.c		patch \| blob \| blame \| history
extensions/libxt_rateest.c		patch \| blob \| blame \| history
extensions/libxt_recent.c		patch \| blob \| blame \| history
extensions/libxt_sctp.c		patch \| blob \| blame \| history
extensions/libxt_state.c		patch \| blob \| blame \| history
extensions/libxt_string.c		patch \| blob \| blame \| history
extensions/libxt_tcp.c		patch \| blob \| blame \| history
extensions/libxt_tcpmss.c		patch \| blob \| blame \| history
extensions/libxt_udp.c		patch \| blob \| blame \| history
include/xtables.h.in		patch \| blob \| blame \| history
ip6tables.c		patch \| blob \| blame \| history
iptables.c		patch \| blob \| blame \| history
xtables.c		patch \| blob \| blame \| history