diff options
Diffstat (limited to 'iptables/iptables-restore.c')
-rw-r--r-- | iptables/iptables-restore.c | 49 |
1 files changed, 29 insertions, 20 deletions
diff --git a/iptables/iptables-restore.c b/iptables/iptables-restore.c index a41a46d3..113045df 100644 --- a/iptables/iptables-restore.c +++ b/iptables/iptables-restore.c @@ -6,7 +6,7 @@ */ #include <getopt.h> -#include <sys/errno.h> +#include <errno.h> #include <stdbool.h> #include <string.h> #include <stdio.h> @@ -23,19 +23,23 @@ #define DEBUGP(x, args...) #endif -static int binary = 0, counters = 0, verbose = 0, noflush = 0, wait = 0; +static int counters = 0, verbose = 0, noflush = 0, wait = 0; + +static struct timeval wait_interval = { + .tv_sec = 1, +}; /* Keeping track of external matches and targets. */ static const struct option options[] = { - {.name = "binary", .has_arg = false, .val = 'b'}, - {.name = "counters", .has_arg = false, .val = 'c'}, - {.name = "verbose", .has_arg = false, .val = 'v'}, - {.name = "test", .has_arg = false, .val = 't'}, - {.name = "help", .has_arg = false, .val = 'h'}, - {.name = "noflush", .has_arg = false, .val = 'n'}, - {.name = "wait", .has_arg = false, .val = 'w'}, - {.name = "modprobe", .has_arg = true, .val = 'M'}, - {.name = "table", .has_arg = true, .val = 'T'}, + {.name = "counters", .has_arg = 0, .val = 'c'}, + {.name = "verbose", .has_arg = 0, .val = 'v'}, + {.name = "test", .has_arg = 0, .val = 't'}, + {.name = "help", .has_arg = 0, .val = 'h'}, + {.name = "noflush", .has_arg = 0, .val = 'n'}, + {.name = "modprobe", .has_arg = 1, .val = 'M'}, + {.name = "table", .has_arg = 1, .val = 'T'}, + {.name = "wait", .has_arg = 2, .val = 'w'}, + {.name = "wait-interval", .has_arg = 2, .val = 'W'}, {NULL}, }; @@ -45,16 +49,16 @@ static void print_usage(const char *name, const char *version) __attribute__((no static void print_usage(const char *name, const char *version) { - fprintf(stderr, "Usage: %s [-b] [-c] [-v] [-t] [-h] [-w]\n" - " [ --binary ]\n" + fprintf(stderr, "Usage: %s [-c] [-v] [-t] [-h] [-n] [-w secs] [-W usecs] [-T table] [-M command]\n" " [ --counters ]\n" " [ --verbose ]\n" " [ --test ]\n" " [ --help ]\n" " [ --noflush ]\n" - " [ --wait ]\n" + " [ --wait=<seconds>\n" + " [ --wait-interval=<usecs>\n" " [ --table=<TABLE> ]\n" - " [ --modprobe=<command>]\n", name); + " [ --modprobe=<command> ]\n", name); exit(1); } @@ -208,10 +212,10 @@ iptables_restore_main(int argc, char *argv[]) init_extensions4(); #endif - while ((c = getopt_long(argc, argv, "bcvthnwM:T:", options, NULL)) != -1) { + while ((c = getopt_long(argc, argv, "bcvthnwWM:T:", options, NULL)) != -1) { switch (c) { case 'b': - binary = 1; + fprintf(stderr, "-b/--binary option is not implemented\n"); break; case 'c': counters = 1; @@ -230,7 +234,10 @@ iptables_restore_main(int argc, char *argv[]) noflush = 1; break; case 'w': - wait = 1; + wait = parse_wait_time(argc, argv); + break; + case 'W': + parse_wait_interval(argc, argv, &wait_interval); break; case 'M': xtables_modprobe_program = optarg; @@ -279,14 +286,16 @@ iptables_restore_main(int argc, char *argv[]) ret = 1; } - /* Release the lock since we're done with the current table. */ + /* Done with the current table, release the lock. */ if (lock >= 0) { xtables_unlock(lock); + lock = XT_LOCK_NOT_ACQUIRED; } + in_table = 0; } else if ((buffer[0] == '*') && (!in_table)) { /* Acquire a lock before we create a new table handle */ - lock = xtables_lock(wait); + lock = xtables_lock(wait, &wait_interval); if (lock == XT_LOCK_BUSY) { fprintf(stderr, "Another app is currently holding the xtables lock. " "Perhaps you want to use the -w option?\n"); |