Commit 83e8d007 authored by Jussi Laakkonen's avatar Jussi Laakkonen

[connman] Handle -j REJECT --reject-with in iptables saving. JB#42674

This commit adds handling of iptables rules that have REJECT target set.
Each -j REJECT has --reject-with "type" (e.g., icmp-unreachable, that is
the default) when applying rules from saved iptables files.

This is similar to the comment handling and same code is utilized in
this also.
parent 5e43f72b
......@@ -1035,6 +1035,30 @@ static int iptables_parse_rule(const gchar* table_name, gchar* rule)
iptables_append_arg(rule_str, opt, false);
iptables_append_arg(rule_str, txt, true);
}
} else if (!g_strcmp0(arg, "-j")) {
const char *match = argv[i++];
if (!match) {
DBG("trailing '-j' in rule \"%s\"", rule);
goto out;
}
iptables_append_arg(rule_str, arg, false);
iptables_append_arg(rule_str, match, false);
if (!g_strcmp0(match, "REJECT")) {
const char *opt = argv[i++];
if (g_strcmp0(opt, "--reject-with")) {
DBG("malformed '-j REJECT' "
"in rule \"%s\"", rule);
goto out;
}
const char *txt = argv[i++];
if (!txt || g_str_has_prefix(txt, "-")) {
DBG("malformed '--reject-with' "
"in rule \"%s\"", rule);
goto out;
}
iptables_append_arg(rule_str, opt, false);
iptables_append_arg(rule_str, txt, true);
}
} else {
iptables_append_arg(rule_str, arg, false);
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment