Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx> --- extensions/dscp_helper.c | 4 +- extensions/expr | 179 +++++++++++++++++++++++++++++++++++++++ extensions/libip6t_HL.c | 14 ++-- extensions/libip6t_LOG.c | 26 +++--- extensions/libip6t_REJECT.c | 4 +- extensions/libip6t_ah.c | 12 ++-- extensions/libip6t_dst.c | 24 +++--- extensions/libip6t_frag.c | 18 ++-- extensions/libip6t_hbh.c | 24 +++--- extensions/libip6t_hl.c | 10 +- extensions/libip6t_icmp6.c | 10 +- extensions/libip6t_ipv6header.c | 12 ++-- extensions/libip6t_mh.c | 6 +- extensions/libip6t_policy.c | 52 ++++++------ extensions/libip6t_rt.c | 32 ++++---- extensions/libipt_CLUSTERIP.c | 38 ++++---- extensions/libipt_DNAT.c | 22 +++--- extensions/libipt_ECN.c | 16 ++-- extensions/libipt_LOG.c | 26 +++--- extensions/libipt_MASQUERADE.c | 10 +- extensions/libipt_NETMAP.c | 14 ++-- extensions/libipt_REDIRECT.c | 12 ++-- extensions/libipt_REJECT.c | 4 +- extensions/libipt_SAME.c | 14 ++-- extensions/libipt_SET.c | 10 +- extensions/libipt_SNAT.c | 22 +++--- extensions/libipt_TTL.c | 14 ++-- extensions/libipt_ULOG.c | 26 +++--- extensions/libipt_addrtype.c | 22 +++--- extensions/libipt_ah.c | 8 +- extensions/libipt_ecn.c | 10 +- extensions/libipt_icmp.c | 8 +- extensions/libipt_policy.c | 52 ++++++------ extensions/libipt_realm.c | 6 +- extensions/libipt_set.c | 8 +- extensions/libipt_set.h | 18 ++-- extensions/libipt_ttl.c | 14 ++-- extensions/libxt_CLASSIFY.c | 6 +- extensions/libxt_CONNMARK.c | 20 ++-- extensions/libxt_CONNSECMARK.c | 10 +- extensions/libxt_DSCP.c | 10 +- extensions/libxt_MARK.c | 16 ++-- extensions/libxt_NFLOG.c | 24 +++--- extensions/libxt_NFQUEUE.c | 4 +- extensions/libxt_RATEEST.c | 20 ++-- extensions/libxt_SECMARK.c | 8 +- extensions/libxt_TCPMSS.c | 8 +- extensions/libxt_TCPOPTSTRIP.c | 10 +- extensions/libxt_TOS.c | 4 +- extensions/libxt_TPROXY.c | 2 +- extensions/libxt_comment.c | 6 +- extensions/libxt_connbytes.c | 10 +- extensions/libxt_connlimit.c | 10 +- extensions/libxt_connmark.c | 4 +- extensions/libxt_conntrack.c | 54 ++++++------ extensions/libxt_dccp.c | 14 ++-- extensions/libxt_dscp.c | 10 +- extensions/libxt_esp.c | 10 +- extensions/libxt_hashlimit.c | 32 ++++---- extensions/libxt_helper.c | 4 +- extensions/libxt_iprange.c | 10 +- extensions/libxt_length.c | 8 +- extensions/libxt_limit.c | 10 +- extensions/libxt_mac.c | 6 +- extensions/libxt_mark.c | 4 +- extensions/libxt_multiport.c | 26 +++--- extensions/libxt_owner.c | 4 +- extensions/libxt_physdev.c | 4 +- extensions/libxt_pkttype.c | 4 +- extensions/libxt_quota.c | 6 +- extensions/libxt_rateest.c | 44 +++++----- extensions/libxt_recent.c | 12 ++-- extensions/libxt_sctp.c | 18 ++-- extensions/libxt_state.c | 8 +- extensions/libxt_statistic.c | 32 ++++---- extensions/libxt_string.c | 38 ++++---- extensions/libxt_tcp.c | 18 ++-- extensions/libxt_tcpmss.c | 6 +- extensions/libxt_time.c | 36 ++++---- extensions/libxt_tos.c | 4 +- extensions/libxt_u32.c | 30 +++--- extensions/libxt_udp.c | 6 +- extensions/tos_values.c | 6 +- include/xtables.h.in | 2 +- ip6tables-restore.c | 26 +++--- ip6tables-save.c | 8 +- ip6tables.c | 72 ++++++++-------- iptables-restore.c | 26 +++--- iptables-save.c | 8 +- iptables-xml.c | 16 ++-- iptables.c | 76 ++++++++-------- 91 files changed, 925 insertions(+), 746 deletions(-) create mode 100644 extensions/expr diff --git a/extensions/dscp_helper.c b/extensions/dscp_helper.c index 217df09..8fa0f4a 100644 --- a/extensions/dscp_helper.c +++ b/extensions/dscp_helper.c @@ -57,7 +57,7 @@ class_to_dscp(const char *name) return ds_classes[i].dscp; } - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid DSCP value `%s'\n", name); } @@ -74,7 +74,7 @@ dscp_to_name(unsigned int dscp) } - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid DSCP value `%d'\n", dscp); } #endif diff --git a/extensions/expr b/extensions/expr new file mode 100644 index 0000000..f00b70d --- /dev/null +++ b/extensions/expr @@ -0,0 +1,179 @@ +#include <stdio.h> +#include <stdint.h> +#include <libHX/option.h> + +enum ttl_rel { + REL_EQ, + REL_LT, + REL_GT, +}; + +static bool ttl_inv; +static uint8_t ttl_value; +static unsigned int ttl_rel; + +/** + * @name: name of the option + * @act: pointer to variable to indicate the action + */ +struct edesc { + const char *name; + unsigned int *act; +}; + +static const struct HXoption ttl_options[] = { + {.name = "ttl-eq", .act = &ttl_rel, .avl = TTL_EQ, + .type = XTO_UINT8, .ptr = &ttl_value, + .inv = &ttl_inv, .opt_id = 0x01, .opt_conflict = 0xFF, + .help = "Match time to live value"}, + {.ln = "ttl-lt", .type = XTO_UINT8, .ptr = &ttl_value, + .inv = &ttl_inv, .optid = 0x02, .optconflict = 0xFF, + .help = "Match TTL < value"}, + {.ln = "ttl-gt", .type = XTO_UINT8, .ptr = &ttl_value, + .val = TTL_GT, + .help = "Match TTL > value"}, + HXOPT_TABLEEND, +}; + +static const char *const ttl_relsym[] = {"=", "<", ">"}; + +static int ttl_mt_expr(void) +{ + snprintf(exprbuf, sizeof(exprbuf), "*8(nh+1)%s%hhu", ttl_relsym, ttl_rel); +} + +static struct expr_expander ttl_reg[] = { + {.name = "ttl", .build_expr = ttl_mt_expr}, + {.name = "TTL", .build_expr = ttl_tg_expr}, +}; + + + if (invert) + info->mode = IPT_TTL_NE; + else + info->mode = IPT_TTL_EQ; + + /* is 0 allowed? */ + info->ttl = value; + break; + case '3': + if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) + exit_error(PARAMETER_PROBLEM, + "ttl: Expected value between 0 and 255"); + + if (invert) + exit_error(PARAMETER_PROBLEM, + "ttl: unexpected `!'"); + + info->mode = IPT_TTL_LT; + info->ttl = value; + break; + case '4': + if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) + exit_error(PARAMETER_PROBLEM, + "ttl: Expected value between 0 and 255"); + + if (invert) + exit_error(PARAMETER_PROBLEM, + "ttl: unexpected `!'"); + + info->mode = IPT_TTL_GT; + info->ttl = value; + break; + default: + return 0; + + } + + if (*flags) + exit_error(PARAMETER_PROBLEM, + "Can't specify TTL option twice"); + *flags = 1; + + return 1; +} + +static void ttl_check(unsigned int flags) +{ + if (!flags) + exit_error(PARAMETER_PROBLEM, + "TTL match: You must specify one of " + "`--ttl-eq', `--ttl-lt', `--ttl-gt"); +} + +static void ttl_print(const void *ip, const struct xt_entry_match *match, + int numeric) +{ + const struct ipt_ttl_info *info = + (struct ipt_ttl_info *) match->data; + + printf("TTL match "); + switch (info->mode) { + case IPT_TTL_EQ: + printf("TTL == "); + break; + case IPT_TTL_NE: + printf("TTL != "); + break; + case IPT_TTL_LT: + printf("TTL < "); + break; + case IPT_TTL_GT: + printf("TTL > "); + break; + } + printf("%u ", info->ttl); +} + +static void ttl_save(const void *ip, const struct xt_entry_match *match) +{ + const struct ipt_ttl_info *info = + (struct ipt_ttl_info *) match->data; + + switch (info->mode) { + case IPT_TTL_EQ: + printf("--ttl-eq "); + break; + case IPT_TTL_NE: + printf("! --ttl-eq "); + break; + case IPT_TTL_LT: + printf("--ttl-lt "); + break; + case IPT_TTL_GT: + printf("--ttl-gt "); + break; + default: + /* error */ + break; + } + printf("%u ", info->ttl); +} + +static const struct option ttl_opts[] = { + { "ttl", 1, NULL, '2' }, + { "ttl-eq", 1, NULL, '2'}, + { "ttl-lt", 1, NULL, '3'}, + { "ttl-gt", 1, NULL, '4'}, + { .name = NULL } +}; + +static struct xtables_match ttl_mt_reg = { + .name = "ttl", + .version = XTABLES_VERSION, + .family = NFPROTO_IPV4, + .size = XT_ALIGN(sizeof(struct ipt_ttl_info)), + .userspacesize = XT_ALIGN(sizeof(struct ipt_ttl_info)), + .help = ttl_help, + .parse = ttl_parse, + .final_check = ttl_check, + .print = ttl_print, + .save = ttl_save, + .extra_opts = ttl_opts, +}; + + +void _init(void) +{ + xtables_register_match(&ttl_mt_reg); +} diff --git a/extensions/libip6t_HL.c b/extensions/libip6t_HL.c index 0a98713..ee117f1 100644 --- a/extensions/libip6t_HL.c +++ b/extensions/libip6t_HL.c @@ -32,20 +32,20 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags, unsigned int value; if (*flags & IP6T_HL_USED) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify HL option twice"); } if (!optarg) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL: You must specify a value"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL: unexpected `!'"); if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL: Expected value between 0 and 255"); switch (c) { @@ -56,7 +56,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (value == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL: decreasing by 0?"); } @@ -65,7 +65,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (value == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL: increasing by 0?"); } @@ -86,7 +86,7 @@ static int HL_parse(int c, char **argv, int invert, unsigned int *flags, static void HL_check(unsigned int flags) { if (!(flags & IP6T_HL_USED)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL: You must specify an action"); } diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c index 7987735..c6bf2a7 100644 --- a/extensions/libip6t_LOG.c +++ b/extensions/libip6t_LOG.c @@ -79,7 +79,7 @@ parse_level(const char *level) if (strncasecmp(level, ip6t_log_names[i].name, strlen(level)) == 0) { if (set++) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "log-level `%s' ambiguous", level); lev = ip6t_log_names[i].level; @@ -87,7 +87,7 @@ parse_level(const char *level) } if (!set) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "log-level `%s' unknown", level); } @@ -109,11 +109,11 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '!': if (*flags & IP6T_LOG_OPT_LEVEL) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-level twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --log-level"); loginfo->level = parse_level(optarg); @@ -122,24 +122,24 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '#': if (*flags & IP6T_LOG_OPT_PREFIX) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-prefix twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --log-prefix"); if (strlen(optarg) > sizeof(loginfo->prefix) - 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Maximum prefix length %u for --log-prefix", (unsigned int)sizeof(loginfo->prefix) - 1); if (strlen(optarg) == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "No prefix specified for --log-prefix"); if (strlen(optarg) != strlen(strtok(optarg, "\n"))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Newlines not allowed in --log-prefix"); strcpy(loginfo->prefix, optarg); @@ -148,7 +148,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '1': if (*flags & IP6T_LOG_OPT_TCPSEQ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-tcp-sequence " "twice"); @@ -158,7 +158,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & IP6T_LOG_OPT_TCPOPT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-tcp-options twice"); loginfo->logflags |= IP6T_LOG_TCPOPT; @@ -167,7 +167,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (*flags & IP6T_LOG_OPT_IPOPT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-ip-options twice"); loginfo->logflags |= IP6T_LOG_IPOPT; @@ -176,7 +176,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '4': if (*flags & IP6T_LOG_OPT_UID) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-uid twice"); loginfo->logflags |= IP6T_LOG_UID; diff --git a/extensions/libip6t_REJECT.c b/extensions/libip6t_REJECT.c index 1c2be68..94013ec 100644 --- a/extensions/libip6t_REJECT.c +++ b/extensions/libip6t_REJECT.c @@ -86,7 +86,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags, switch(c) { case '1': if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --reject-with"); for (i = 0; i < limit; i++) { if ((strncasecmp(reject_table[i].name, optarg, strlen(optarg)) == 0) @@ -95,7 +95,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags, return 1; } } - exit_error(PARAMETER_PROBLEM, "unknown reject type `%s'",optarg); + xtables_error(PARAMETER_PROBLEM, "unknown reject type \"%s\"", optarg); default: /* Fall through */ break; diff --git a/extensions/libip6t_ah.c b/extensions/libip6t_ah.c index 83ed451..19b7ad4 100644 --- a/extensions/libip6t_ah.c +++ b/extensions/libip6t_ah.c @@ -33,16 +33,16 @@ parse_ah_spi(const char *spistr, const char *typestr) spi = strtoul(spistr, &ep, 0); if ( spistr == ep ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "AH no valid digits in %s `%s'", typestr, spistr); if ( spi == ULONG_MAX && errno == ERANGE ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s `%s' specified too big: would overflow", typestr, spistr); if ( *spistr != '\0' && *ep != '\0' ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "AH error parsing %s `%s'", typestr, spistr); return spi; @@ -84,7 +84,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IP6T_AH_SPI) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--ahspi' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_ah_spis(argv[optind-1], ahinfo->spis); @@ -94,7 +94,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags & IP6T_AH_LEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--ahlen' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); ahinfo->hdrlen = parse_ah_spi(argv[optind-1], "length"); @@ -104,7 +104,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (*flags & IP6T_AH_RES) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--ahres' allowed"); ahinfo->hdrres = 1; *flags |= IP6T_AH_RES; diff --git a/extensions/libip6t_dst.c b/extensions/libip6t_dst.c index e19abc4..a47e3a3 100644 --- a/extensions/libip6t_dst.c +++ b/extensions/libip6t_dst.c @@ -37,16 +37,16 @@ parse_opts_num(const char *idstr, const char *typestr) id = strtoul(idstr, &ep, 0); if ( idstr == ep ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "dst: no valid digits in %s `%s'", typestr, idstr); } if ( id == ULONG_MAX && errno == ERANGE ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s `%s' specified too big: would overflow", typestr, idstr); } if ( *idstr != '\0' && *ep != '\0' ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "dst: error parsing %s `%s'", typestr, idstr); } return id; @@ -60,7 +60,7 @@ parse_options(const char *optsstr, u_int16_t *opts) buffer = strdup(optsstr); if (!buffer) - exit_error(OTHER_PROBLEM, "strdup failed"); + xtables_error(OTHER_PROBLEM, "strdup failed"); for (cp = buffer, i = 0; cp && i < IP6T_OPTS_OPTSNR; cp = next, i++) { @@ -73,7 +73,7 @@ parse_options(const char *optsstr, u_int16_t *opts) if (range) { if (i == IP6T_OPTS_OPTSNR-1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "too many ports specified"); *range++ = '\0'; } @@ -81,7 +81,7 @@ parse_options(const char *optsstr, u_int16_t *opts) opts[i] = (parse_opts_num(cp, "opt") & 0xFF) << 8; if (range) { if (opts[i] == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "PAD0 hasn't got length"); opts[i] |= parse_opts_num(range, "length") & 0xFF; } else @@ -94,7 +94,7 @@ parse_options(const char *optsstr, u_int16_t *opts) } if (cp) - exit_error(PARAMETER_PROBLEM, "too many addresses specified"); + xtables_error(PARAMETER_PROBLEM, "too many addresses specified"); free(buffer); @@ -123,7 +123,7 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IP6T_OPTS_LEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--dst-len' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); optinfo->hdrlen = parse_opts_num(argv[optind-1], "length"); @@ -134,11 +134,11 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags & IP6T_OPTS_OPTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--dst-opts' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, " '!' not allowed with `--dst-opts'"); optinfo->optsnr = parse_options(argv[optind-1], optinfo->opts); optinfo->flags |= IP6T_OPTS_OPTS; @@ -146,10 +146,10 @@ static int dst_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (*flags & IP6T_OPTS_NSTRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--dst-not-strict' allowed"); if ( !(*flags & IP6T_OPTS_OPTS) ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "`--dst-opts ...' required before " "`--dst-not-strict'"); optinfo->flags |= IP6T_OPTS_NSTRICT; diff --git a/extensions/libip6t_frag.c b/extensions/libip6t_frag.c index b55ef26..905b494 100644 --- a/extensions/libip6t_frag.c +++ b/extensions/libip6t_frag.c @@ -39,16 +39,16 @@ parse_frag_id(const char *idstr, const char *typestr) id = strtoul(idstr, &ep, 0); if ( idstr == ep ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "FRAG no valid digits in %s `%s'", typestr, idstr); } if ( id == ULONG_MAX && errno == ERANGE ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s `%s' specified too big: would overflow", typestr, idstr); } if ( *idstr != '\0' && *ep != '\0' ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "FRAG error parsing %s `%s'", typestr, idstr); } return id; @@ -92,7 +92,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IP6T_FRAG_IDS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--fragid' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_frag_ids(argv[optind-1], fraginfo->ids); @@ -103,7 +103,7 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags & IP6T_FRAG_LEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--fraglen' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); fraginfo->hdrlen = parse_frag_id(argv[optind-1], "length"); @@ -114,28 +114,28 @@ static int frag_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (*flags & IP6T_FRAG_RES) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--fragres' allowed"); fraginfo->flags |= IP6T_FRAG_RES; *flags |= IP6T_FRAG_RES; break; case '4': if (*flags & IP6T_FRAG_FST) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--fragfirst' allowed"); fraginfo->flags |= IP6T_FRAG_FST; *flags |= IP6T_FRAG_FST; break; case '5': if (*flags & (IP6T_FRAG_MF|IP6T_FRAG_NMF)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--fragmore' or `--fraglast' allowed"); fraginfo->flags |= IP6T_FRAG_MF; *flags |= IP6T_FRAG_MF; break; case '6': if (*flags & (IP6T_FRAG_MF|IP6T_FRAG_NMF)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--fragmore' or `--fraglast' allowed"); fraginfo->flags |= IP6T_FRAG_NMF; *flags |= IP6T_FRAG_NMF; diff --git a/extensions/libip6t_hbh.c b/extensions/libip6t_hbh.c index 3354eae..e08d84a 100644 --- a/extensions/libip6t_hbh.c +++ b/extensions/libip6t_hbh.c @@ -40,16 +40,16 @@ parse_opts_num(const char *idstr, const char *typestr) id = strtoul(idstr,&ep,0) ; if ( idstr == ep ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "hbh: no valid digits in %s `%s'", typestr, idstr); } if ( id == ULONG_MAX && errno == ERANGE ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s `%s' specified too big: would overflow", typestr, idstr); } if ( *idstr != '\0' && *ep != '\0' ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "hbh: error parsing %s `%s'", typestr, idstr); } return id; @@ -62,7 +62,7 @@ parse_options(const char *optsstr, u_int16_t *opts) unsigned int i; buffer = strdup(optsstr); - if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); + if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed"); for (cp=buffer, i=0; cp && i<IP6T_OPTS_OPTSNR; cp=next,i++) { @@ -71,14 +71,14 @@ parse_options(const char *optsstr, u_int16_t *opts) range = strchr(cp, ':'); if (range) { if (i == IP6T_OPTS_OPTSNR-1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "too many ports specified"); *range++ = '\0'; } opts[i] = (parse_opts_num(cp, "opt") & 0xFF) << 8; if (range) { if (opts[i] == 0) - exit_error(PARAMETER_PROBLEM, "PAD0 hasn't got length"); + xtables_error(PARAMETER_PROBLEM, "PAD0 has not got length"); opts[i] |= parse_opts_num(range, "length") & 0xFF; } else { opts[i] |= (0x00FF); @@ -89,7 +89,7 @@ parse_options(const char *optsstr, u_int16_t *opts) printf("opts opt: %04X\n", opts[i]); #endif } - if (cp) exit_error(PARAMETER_PROBLEM, "too many addresses specified"); + if (cp) xtables_error(PARAMETER_PROBLEM, "too many addresses specified"); free(buffer); @@ -118,7 +118,7 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IP6T_OPTS_LEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--hbh-len' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); optinfo->hdrlen = parse_opts_num(argv[optind-1], "length"); @@ -129,11 +129,11 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags & IP6T_OPTS_OPTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--hbh-opts' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, " '!' not allowed with `--hbh-opts'"); optinfo->optsnr = parse_options(argv[optind-1], optinfo->opts); optinfo->flags |= IP6T_OPTS_OPTS; @@ -141,10 +141,10 @@ static int hbh_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (*flags & IP6T_OPTS_NSTRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--hbh-not-strict' allowed"); if ( !(*flags & IP6T_OPTS_OPTS) ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "`--hbh-opts ...' required before `--hbh-not-strict'"); optinfo->flags |= IP6T_OPTS_NSTRICT; *flags |= IP6T_OPTS_NSTRICT; diff --git a/extensions/libip6t_hl.c b/extensions/libip6t_hl.c index 286f432..2280e03 100644 --- a/extensions/libip6t_hl.c +++ b/extensions/libip6t_hl.c @@ -34,11 +34,11 @@ static int hl_parse(int c, char **argv, int invert, unsigned int *flags, value = atoi(argv[optind-1]); if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify HL option twice"); if (!optarg) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "hl: You must specify a value"); switch (c) { case '2': @@ -54,7 +54,7 @@ static int hl_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "hl: unexpected `!'"); info->mode = IP6T_HL_LT; @@ -64,7 +64,7 @@ static int hl_parse(int c, char **argv, int invert, unsigned int *flags, break; case '4': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "hl: unexpected `!'"); info->mode = IP6T_HL_GT; @@ -82,7 +82,7 @@ static int hl_parse(int c, char **argv, int invert, unsigned int *flags, static void hl_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "HL match: You must specify one of " "`--hl-eq', `--hl-lt', `--hl-gt'"); } diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c index 5af9b02..69171d1 100644 --- a/extensions/libip6t_icmp6.c +++ b/extensions/libip6t_icmp6.c @@ -98,7 +98,7 @@ parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[]) if (strncasecmp(icmpv6_codes[i].name, icmpv6type, strlen(icmpv6type)) == 0) { if (match != limit) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Ambiguous ICMPv6 type `%s':" " `%s' or `%s'?", icmpv6type, @@ -124,12 +124,12 @@ parse_icmpv6(const char *icmpv6type, u_int8_t *type, u_int8_t code[]) *slash = '\0'; if (!xtables_strtoui(buffer, NULL, &number, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid ICMPv6 type `%s'\n", buffer); *type = number; if (slash) { if (!xtables_strtoui(slash+1, NULL, &number, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid ICMPv6 code `%s'\n", slash+1); code[0] = code[1] = number; @@ -155,7 +155,7 @@ static int icmp6_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags == 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "icmpv6 match: only use --icmpv6-type once!"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_icmpv6(argv[optind-1], &icmpv6info->type, @@ -240,7 +240,7 @@ static void icmp6_save(const void *ip, const struct xt_entry_match *match) static void icmp6_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "icmpv6 match: You must specify `--icmpv6-type'"); } diff --git a/extensions/libip6t_ipv6header.c b/extensions/libip6t_ipv6header.c index 982e6a7..296bd5f 100644 --- a/extensions/libip6t_ipv6header.c +++ b/extensions/libip6t_ipv6header.c @@ -105,7 +105,7 @@ name_to_proto(const char *s) } if (i == sizeof(chain_protos)/sizeof(struct pprot)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unknown header `%s' specified", s); } @@ -127,7 +127,7 @@ add_proto_to_mask(int proto){ } if (i == sizeof(chain_flags)/sizeof(struct numflag)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unknown header `%d' specified", proto); @@ -189,13 +189,13 @@ ipv6header_parse(int c, char **argv, int invert, unsigned int *flags, case '1' : /* Parse the provided header names */ if (*flags & IPV6_HDR_HEADER) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--header' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); if (! (info->matchflags = parse_header(argv[optind-1])) ) - exit_error(PARAMETER_PROBLEM, "ip6t_ipv6header: cannot parse header names"); + xtables_error(PARAMETER_PROBLEM, "ip6t_ipv6header: cannot parse header names"); if (invert) info->invflags |= 0xFF; @@ -204,7 +204,7 @@ ipv6header_parse(int c, char **argv, int invert, unsigned int *flags, case '2' : /* Soft-mode requested? */ if (*flags & IPV6_HDR_SOFT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--soft' allowed"); info->modeflag |= 0xFF; @@ -219,7 +219,7 @@ ipv6header_parse(int c, char **argv, int invert, unsigned int *flags, static void ipv6header_check(unsigned int flags) { - if (!flags) exit_error(PARAMETER_PROBLEM, "ip6t_ipv6header: no options specified"); + if (!flags) xtables_error(PARAMETER_PROBLEM, "ip6t_ipv6header: no options specified"); } static void diff --git a/extensions/libip6t_mh.c b/extensions/libip6t_mh.c index 78fc804..f476c93 100644 --- a/extensions/libip6t_mh.c +++ b/extensions/libip6t_mh.c @@ -94,7 +94,7 @@ static unsigned int name_to_type(const char *name) unsigned int number; if (!xtables_strtoui(name, NULL, &number, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid MH type `%s'\n", name); return number; } @@ -116,7 +116,7 @@ static void parse_mh_types(const char *mhtype, u_int8_t *types) types[1] = cp[0] ? name_to_type(cp) : 0xFF; if (types[0] > types[1]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid MH type range (min > max)"); } free(buffer); @@ -132,7 +132,7 @@ static int mh_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & MH_TYPES) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--mh-type' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_mh_types(argv[optind-1], mhinfo->types); diff --git a/extensions/libip6t_policy.c b/extensions/libip6t_policy.c index 7ea72cd..70f320f 100644 --- a/extensions/libip6t_policy.c +++ b/extensions/libip6t_policy.c @@ -130,7 +130,7 @@ static int parse_direction(char *s) return IP6T_POLICY_MATCH_IN; if (strcmp(s, "out") == 0) return IP6T_POLICY_MATCH_OUT; - exit_error(PARAMETER_PROBLEM, "policy_match: invalid dir `%s'", s); + xtables_error(PARAMETER_PROBLEM, "policy_match: invalid dir \"%s\"", s); } static int parse_policy(char *s) @@ -139,7 +139,7 @@ static int parse_policy(char *s) return IP6T_POLICY_MATCH_NONE; if (strcmp(s, "ipsec") == 0) return 0; - exit_error(PARAMETER_PROBLEM, "policy match: invalid policy `%s'", s); + xtables_error(PARAMETER_PROBLEM, "policy match: invalid policy \"%s\"", s); } static int parse_mode(char *s) @@ -148,7 +148,7 @@ static int parse_mode(char *s) return IP6T_POLICY_MODE_TRANSPORT; if (strcmp(s, "tunnel") == 0) return IP6T_POLICY_MODE_TUNNEL; - exit_error(PARAMETER_PROBLEM, "policy match: invalid mode `%s'", s); + xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s); } static int policy_parse(int c, char **argv, int invert, unsigned int *flags, @@ -165,35 +165,35 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (info->flags & (IP6T_POLICY_MATCH_IN|IP6T_POLICY_MATCH_OUT)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --dir option"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --dir option"); info->flags |= parse_direction(argv[optind-1]); break; case '2': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --policy option"); info->flags |= parse_policy(argv[optind-1]); break; case '3': if (info->flags & IP6T_POLICY_MATCH_STRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --strict option"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --strict option"); info->flags |= IP6T_POLICY_MATCH_STRICT; break; case '4': if (e->match.reqid) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --reqid option"); e->match.reqid = 1; @@ -202,7 +202,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '5': if (e->match.spi) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --spi option"); e->match.spi = 1; @@ -211,12 +211,12 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '6': if (e->match.saddr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --tunnel-src option"); xtables_ip6parse_any(argv[optind-1], &addr, &mask, &naddr); if (naddr > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: name resolves to multiple IPs"); e->match.saddr = 1; @@ -226,12 +226,12 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '7': if (e->match.daddr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --tunnel-dst option"); xtables_ip6parse_any(argv[optind-1], &addr, &mask, &naddr); if (naddr > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: name resolves to multiple IPs"); e->match.daddr = 1; @@ -241,20 +241,20 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '8': if (e->match.proto) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --proto option"); e->proto = xtables_parse_protocol(argv[optind-1]); if (e->proto != IPPROTO_AH && e->proto != IPPROTO_ESP && e->proto != IPPROTO_COMP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: protocol must ah/esp/ipcomp"); e->match.proto = 1; e->invert.proto = invert; break; case '9': if (e->match.mode) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --mode option"); mode = parse_mode(argv[optind-1]); @@ -264,11 +264,11 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case 'a': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --next option"); if (++info->len == IP6T_POLICY_MAX_ELEM) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: maximum policy depth reached"); break; default: @@ -286,26 +286,26 @@ static void policy_check(unsigned int flags) int i; if (info == NULL) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: no parameters given"); if (!(info->flags & (IP6T_POLICY_MATCH_IN|IP6T_POLICY_MATCH_OUT))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: neither --in nor --out specified"); if (info->flags & IP6T_POLICY_MATCH_NONE) { if (info->flags & IP6T_POLICY_MATCH_STRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: policy none but --strict given"); if (info->len != 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: policy none but policy given"); } else info->len++; /* increase len by 1, no --next after last element */ if (!(info->flags & IP6T_POLICY_MATCH_STRICT) && info->len > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: multiple elements but no --strict"); for (i = 0; i < info->len; i++) { @@ -314,13 +314,13 @@ static void policy_check(unsigned int flags) if (info->flags & IP6T_POLICY_MATCH_STRICT && !(e->match.reqid || e->match.spi || e->match.saddr || e->match.daddr || e->match.proto || e->match.mode)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: empty policy element"); if ((e->match.saddr || e->match.daddr) && ((e->mode == IP6T_POLICY_MODE_TUNNEL && e->invert.mode) || (e->mode == IP6T_POLICY_MODE_TRANSPORT && !e->invert.mode))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: --tunnel-src/--tunnel-dst " "is only valid in tunnel mode"); } diff --git a/extensions/libip6t_rt.c b/extensions/libip6t_rt.c index 64c98ef..c9bf994 100644 --- a/extensions/libip6t_rt.c +++ b/extensions/libip6t_rt.c @@ -46,16 +46,16 @@ parse_rt_num(const char *idstr, const char *typestr) id = strtoul(idstr,&ep,0) ; if ( idstr == ep ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RT no valid digits in %s `%s'", typestr, idstr); } if ( id == ULONG_MAX && errno == ERANGE ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s `%s' specified too big: would overflow", typestr, idstr); } if ( *idstr != '\0' && *ep != '\0' ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RT error parsing %s `%s'", typestr, idstr); } return id; @@ -98,7 +98,7 @@ numeric_to_addr(const char *num) #ifdef DEBUG fprintf(stderr, "\nnumeric2addr: %d\n", err); #endif - exit_error(PARAMETER_PROBLEM, "bad address: %s", num); + xtables_error(PARAMETER_PROBLEM, "bad address: %s", num); return (struct in6_addr *)NULL; } @@ -111,7 +111,7 @@ parse_addresses(const char *addrstr, struct in6_addr *addrp) unsigned int i; buffer = strdup(addrstr); - if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); + if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed"); for (cp=buffer, i=0; cp && i<IP6T_RT_HOPS; cp=next,i++) { @@ -124,7 +124,7 @@ parse_addresses(const char *addrstr, struct in6_addr *addrp) printf("addr [%d]: %s\n", i, addr_to_numeric(&(addrp[i]))); #endif } - if (cp) exit_error(PARAMETER_PROBLEM, "too many addresses specified"); + if (cp) xtables_error(PARAMETER_PROBLEM, "too many addresses specified"); free(buffer); @@ -156,7 +156,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IP6T_RT_TYP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--rt-type' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); rtinfo->rt_type = parse_rt_num(argv[optind-1], "type"); @@ -167,7 +167,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags & IP6T_RT_SGS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--rt-segsleft' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_rt_segsleft(argv[optind-1], rtinfo->segsleft); @@ -178,7 +178,7 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (*flags & IP6T_RT_LEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--rt-len' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); rtinfo->hdrlen = parse_rt_num(argv[optind-1], "length"); @@ -189,24 +189,24 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags, break; case '4': if (*flags & IP6T_RT_RES) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--rt-0-res' allowed"); if ( !(*flags & IP6T_RT_TYP) || (rtinfo->rt_type != 0) || (rtinfo->invflags & IP6T_RT_INV_TYP) ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "`--rt-type 0' required before `--rt-0-res'"); rtinfo->flags |= IP6T_RT_RES; *flags |= IP6T_RT_RES; break; case '5': if (*flags & IP6T_RT_FST) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--rt-0-addrs' allowed"); if ( !(*flags & IP6T_RT_TYP) || (rtinfo->rt_type != 0) || (rtinfo->invflags & IP6T_RT_INV_TYP) ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "`--rt-type 0' required before `--rt-0-addrs'"); xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, " '!' not allowed with `--rt-0-addrs'"); rtinfo->addrnr = parse_addresses(argv[optind-1], rtinfo->addrs); rtinfo->flags |= IP6T_RT_FST; @@ -214,10 +214,10 @@ static int rt_parse(int c, char **argv, int invert, unsigned int *flags, break; case '6': if (*flags & IP6T_RT_FST_NSTRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--rt-0-not-strict' allowed"); if ( !(*flags & IP6T_RT_FST) ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "`--rt-0-addr ...' required before `--rt-0-not-strict'"); rtinfo->flags |= IP6T_RT_FST_NSTRICT; *flags |= IP6T_RT_FST_NSTRICT; diff --git a/extensions/libipt_CLUSTERIP.c b/extensions/libipt_CLUSTERIP.c index 38909ea..2bb2292 100644 --- a/extensions/libipt_CLUSTERIP.c +++ b/extensions/libipt_CLUSTERIP.c @@ -57,7 +57,7 @@ parse_mac(const char *mac, char *macbuf) unsigned int i = 0; if (strlen(mac) != ETH_ALEN*3-1) - exit_error(PARAMETER_PROBLEM, "Bad mac address `%s'", mac); + xtables_error(PARAMETER_PROBLEM, "Bad mac address \"%s\"", mac); for (i = 0; i < ETH_ALEN; i++) { long number; @@ -70,7 +70,7 @@ parse_mac(const char *mac, char *macbuf) && number <= 255) macbuf[i] = number; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad mac address `%s'", mac); } } @@ -86,14 +86,14 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags, case '1': cipinfo->flags |= CLUSTERIP_FLAG_NEW; if (*flags & PARAM_NEW) - exit_error(PARAMETER_PROBLEM, "Can only specify `--new' once\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify \"--new\" once\n"); *flags |= PARAM_NEW; break; case '2': if (!(*flags & PARAM_NEW)) - exit_error(PARAMETER_PROBLEM, "Can only specify hashmode combined with `--new'\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify hashmode combined with \"--new\"\n"); if (*flags & PARAM_HMODE) - exit_error(PARAMETER_PROBLEM, "Can only specify hashmode once\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify hashmode once\n"); if (!strcmp(optarg, "sourceip")) cipinfo->hash_mode = CLUSTERIP_HASHMODE_SIP; else if (!strcmp(optarg, "sourceip-sourceport")) @@ -101,48 +101,48 @@ static int CLUSTERIP_parse(int c, char **argv, int invert, unsigned int *flags, else if (!strcmp(optarg, "sourceip-sourceport-destport")) cipinfo->hash_mode = CLUSTERIP_HASHMODE_SIP_SPT_DPT; else - exit_error(PARAMETER_PROBLEM, "Unknown hashmode `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Unknown hashmode \"%s\"\n", optarg); *flags |= PARAM_HMODE; break; case '3': if (!(*flags & PARAM_NEW)) - exit_error(PARAMETER_PROBLEM, "Can only specify MAC combined with `--new'\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify MAC combined with \"--new\"\n"); if (*flags & PARAM_MAC) - exit_error(PARAMETER_PROBLEM, "Can only specify MAC once\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify MAC once\n"); parse_mac(optarg, (char *)cipinfo->clustermac); if (!(cipinfo->clustermac[0] & 0x01)) - exit_error(PARAMETER_PROBLEM, "MAC has to be a multicast ethernet address\n"); + xtables_error(PARAMETER_PROBLEM, "MAC has to be a multicast ethernet address\n"); *flags |= PARAM_MAC; break; case '4': if (!(*flags & PARAM_NEW)) - exit_error(PARAMETER_PROBLEM, "Can only specify node number combined with `--new'\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify node number combined with \"--new\"\n"); if (*flags & PARAM_TOTALNODE) - exit_error(PARAMETER_PROBLEM, "Can only specify total node number once\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify total node number once\n"); if (!xtables_strtoui(optarg, NULL, &num, 1, CLUSTERIP_MAX_NODES)) - exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg); + xtables_error(PARAMETER_PROBLEM, "Unable to parse \"%s\"\n", optarg); cipinfo->num_total_nodes = num; *flags |= PARAM_TOTALNODE; break; case '5': if (!(*flags & PARAM_NEW)) - exit_error(PARAMETER_PROBLEM, "Can only specify node number combined with `--new'\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify node number combined with \"--new\"\n"); if (*flags & PARAM_LOCALNODE) - exit_error(PARAMETER_PROBLEM, "Can only specify local node number once\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify local node number once\n"); if (!xtables_strtoui(optarg, NULL, &num, 1, CLUSTERIP_MAX_NODES)) - exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg); + xtables_error(PARAMETER_PROBLEM, "Unable to parse \"%s\"\n", optarg); cipinfo->num_local_nodes = 1; cipinfo->local_nodes[0] = num; *flags |= PARAM_LOCALNODE; break; case '6': if (!(*flags & PARAM_NEW)) - exit_error(PARAMETER_PROBLEM, "Can only specify hash init value combined with `--new'\n"); + xtables_error(PARAMETER_PROBLEM, "Can only specify hash init value combined with \"--new\"\n"); if (*flags & PARAM_HASHINIT) - exit_error(PARAMETER_PROBLEM, "Can specify hash init value only once\n"); + xtables_error(PARAMETER_PROBLEM, "Can specify hash init value only once\n"); if (!xtables_strtoui(optarg, NULL, &num, 0, UINT_MAX)) - exit_error(PARAMETER_PROBLEM, "Unable to parse `%s'\n", optarg); + xtables_error(PARAMETER_PROBLEM, "Unable to parse \"%s\"\n", optarg); cipinfo->hash_initval = num; *flags |= PARAM_HASHINIT; break; @@ -162,7 +162,7 @@ static void CLUSTERIP_check(unsigned int flags) == (PARAM_NEW|PARAM_HMODE|PARAM_MAC|PARAM_TOTALNODE|PARAM_LOCALNODE)) return; - exit_error(PARAMETER_PROBLEM, "CLUSTERIP target: Invalid parameter combination\n"); + xtables_error(PARAMETER_PROBLEM, "CLUSTERIP target: Invalid parameter combination\n"); } static char *hashmode2str(enum clusterip_hashmode mode) diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c index 371ec79..a3e1462 100644 --- a/extensions/libipt_DNAT.c +++ b/extensions/libipt_DNAT.c @@ -45,7 +45,7 @@ append_range(struct ipt_natinfo *info, const struct ip_nat_range *range) info = realloc(info, size); if (!info) - exit_error(OTHER_PROBLEM, "Out of memory\n"); + xtables_error(OTHER_PROBLEM, "Out of memory\n"); info->t.u.target_size = size; info->mr.range[info->mr.rangesize] = *range; @@ -69,19 +69,19 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) int port; if (!portok) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Need TCP, UDP, SCTP or DCCP with port specification"); range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED; port = atoi(colon+1); if (port <= 0 || port > 65535) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", colon+1); error = strchr(colon+1, ':'); if (error) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid port:port syntax - use dash\n"); dash = strchr(colon, '-'); @@ -94,11 +94,11 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) maxport = atoi(dash + 1); if (maxport <= 0 || maxport > 65535) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", dash+1); if (maxport < port) /* People are stupid. */ - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port range `%s' funky\n", colon+1); range.min.tcp.port = htons(port); range.max.tcp.port = htons(maxport); @@ -119,13 +119,13 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) ip = xtables_numeric_to_ipaddr(arg); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", arg); range.min_ip = ip->s_addr; if (dash) { ip = xtables_numeric_to_ipaddr(dash+1); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", dash+1); range.max_ip = ip->s_addr; } else @@ -153,14 +153,14 @@ static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --to-destination"); if (*flags) { if (!kernel_version) get_kernel_version(); if (kernel_version > LINUX_VERSION(2, 6, 10)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Multiple --to-destination not supported"); } *target = parse_to(optarg, portok, info); @@ -185,7 +185,7 @@ static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags, static void DNAT_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must specify --to-destination"); } diff --git a/extensions/libipt_ECN.c b/extensions/libipt_ECN.c index c4e8e34..b107d16 100644 --- a/extensions/libipt_ECN.c +++ b/extensions/libipt_ECN.c @@ -50,7 +50,7 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'F': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Only use --ecn-tcp-remove ONCE!"); einfo->operation = IPT_ECN_OP_SET_ECE | IPT_ECN_OP_SET_CWR; einfo->proto.tcp.ece = 0; @@ -59,10 +59,10 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags, break; case 'G': if (*flags & IPT_ECN_OP_SET_CWR) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Only use --ecn-tcp-cwr ONCE!"); if (!xtables_strtoui(optarg, NULL, &result, 0, 1)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Value out of range"); einfo->operation |= IPT_ECN_OP_SET_CWR; einfo->proto.tcp.cwr = result; @@ -70,10 +70,10 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags, break; case 'H': if (*flags & IPT_ECN_OP_SET_ECE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Only use --ecn-tcp-ece ONCE!"); if (!xtables_strtoui(optarg, NULL, &result, 0, 1)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Value out of range"); einfo->operation |= IPT_ECN_OP_SET_ECE; einfo->proto.tcp.ece = result; @@ -81,10 +81,10 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags, break; case '9': if (*flags & IPT_ECN_OP_SET_IP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Only use --ecn-ip-ect ONCE!"); if (!xtables_strtoui(optarg, NULL, &result, 0, 3)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Value out of range"); einfo->operation |= IPT_ECN_OP_SET_IP; einfo->ip_ect = result; @@ -100,7 +100,7 @@ static int ECN_parse(int c, char **argv, int invert, unsigned int *flags, static void ECN_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN target: Parameter --ecn-tcp-remove is required"); } diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c index bc7e8a4..4da412c 100644 --- a/extensions/libipt_LOG.c +++ b/extensions/libipt_LOG.c @@ -79,7 +79,7 @@ parse_level(const char *level) if (strncasecmp(level, ipt_log_names[i].name, strlen(level)) == 0) { if (set++) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "log-level `%s' ambiguous", level); lev = ipt_log_names[i].level; @@ -87,7 +87,7 @@ parse_level(const char *level) } if (!set) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "log-level `%s' unknown", level); } @@ -109,11 +109,11 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '!': if (*flags & IPT_LOG_OPT_LEVEL) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-level twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --log-level"); loginfo->level = parse_level(optarg); @@ -122,24 +122,24 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '#': if (*flags & IPT_LOG_OPT_PREFIX) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-prefix twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --log-prefix"); if (strlen(optarg) > sizeof(loginfo->prefix) - 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Maximum prefix length %u for --log-prefix", (unsigned int)sizeof(loginfo->prefix) - 1); if (strlen(optarg) == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "No prefix specified for --log-prefix"); if (strlen(optarg) != strlen(strtok(optarg, "\n"))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Newlines not allowed in --log-prefix"); strcpy(loginfo->prefix, optarg); @@ -148,7 +148,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '1': if (*flags & IPT_LOG_OPT_TCPSEQ) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-tcp-sequence " "twice"); @@ -158,7 +158,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & IPT_LOG_OPT_TCPOPT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-tcp-options twice"); loginfo->logflags |= IPT_LOG_TCPOPT; @@ -167,7 +167,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (*flags & IPT_LOG_OPT_IPOPT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-ip-options twice"); loginfo->logflags |= IPT_LOG_IPOPT; @@ -176,7 +176,7 @@ static int LOG_parse(int c, char **argv, int invert, unsigned int *flags, case '4': if (*flags & IPT_LOG_OPT_UID) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --log-uid twice"); loginfo->logflags |= IPT_LOG_UID; diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c index 0ee155c..0180bf6 100644 --- a/extensions/libipt_MASQUERADE.c +++ b/extensions/libipt_MASQUERADE.c @@ -44,7 +44,7 @@ parse_ports(const char *arg, struct ip_nat_multi_range *mr) port = atoi(arg); if (port <= 0 || port > 65535) - exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", arg); + xtables_error(PARAMETER_PROBLEM, "Port \"%s\" not valid\n", arg); dash = strchr(arg, '-'); if (!dash) { @@ -56,11 +56,11 @@ parse_ports(const char *arg, struct ip_nat_multi_range *mr) maxport = atoi(dash + 1); if (maxport == 0 || maxport > 65535) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", dash+1); if (maxport < port) /* People are stupid. Present reader excepted. */ - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port range `%s' funky\n", arg); mr->range[0].min.tcp.port = htons(port); mr->range[0].max.tcp.port = htons(maxport); @@ -87,11 +87,11 @@ static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (!portok) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Need TCP, UDP, SCTP or DCCP with port specification"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --to-ports"); parse_ports(optarg, mr); diff --git a/extensions/libipt_NETMAP.c b/extensions/libipt_NETMAP.c index 9949c99..b1d79ce 100644 --- a/extensions/libipt_NETMAP.c +++ b/extensions/libipt_NETMAP.c @@ -77,26 +77,26 @@ parse_to(char *arg, struct ip_nat_range *range) ip = xtables_numeric_to_ipaddr(arg); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", arg); range->min_ip = ip->s_addr; if (slash) { if (strchr(slash+1, '.')) { ip = xtables_numeric_to_ipmask(slash+1); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad netmask \"%s\"\n", slash+1); netmask = ip->s_addr; } else { if (!xtables_strtoui(slash+1, NULL, &bits, 0, 32)) - exit_error(PARAMETER_PROBLEM, "Bad netmask `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad netmask \"%s\"\n", slash+1); netmask = bits2netmask(bits); } /* Don't allow /0 (/1 is probably insane, too) */ if (netmask == 0) - exit_error(PARAMETER_PROBLEM, "Netmask needed\n"); + xtables_error(PARAMETER_PROBLEM, "Netmask needed\n"); } else netmask = ~0; @@ -104,7 +104,7 @@ parse_to(char *arg, struct ip_nat_range *range) if (range->min_ip & ~netmask) { if (slash) *slash = '/'; - exit_error(PARAMETER_PROBLEM, "Bad network address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad network address \"%s\"\n", arg); } range->max_ip = range->min_ip | ~netmask; @@ -119,7 +119,7 @@ static int NETMAP_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --%s", NETMAP_opts[0].name); parse_to(optarg, &mr->range[0]); @@ -134,7 +134,7 @@ static int NETMAP_parse(int c, char **argv, int invert, unsigned int *flags, static void NETMAP_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, MODULENAME" needs --%s", NETMAP_opts[0].name); } diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c index c6afbdc..8fcb46a 100644 --- a/extensions/libipt_REDIRECT.c +++ b/extensions/libipt_REDIRECT.c @@ -44,14 +44,14 @@ parse_ports(const char *arg, struct ip_nat_multi_range *mr) mr->range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED; if (strchr(arg, '.')) - exit_error(PARAMETER_PROBLEM, "IP address not permitted\n"); + xtables_error(PARAMETER_PROBLEM, "IP address not permitted\n"); port = atoi(arg); if (port == 0) port = xtables_service_to_port(arg, NULL); if (port == 0 || port > 65535) - exit_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", arg); + xtables_error(PARAMETER_PROBLEM, "Port \"%s\" not valid\n", arg); dash = strchr(arg, '-'); if (!dash) { @@ -63,11 +63,11 @@ parse_ports(const char *arg, struct ip_nat_multi_range *mr) maxport = atoi(dash + 1); if (maxport == 0 || maxport > 65535) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", dash+1); if (maxport < port) /* People are stupid. */ - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port range `%s' funky\n", arg); mr->range[0].min.tcp.port = htons(port); mr->range[0].max.tcp.port = htons(maxport); @@ -94,11 +94,11 @@ static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (!portok) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Need TCP, UDP, SCTP or DCCP with port specification"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --to-ports"); parse_ports(optarg, mr); diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c index db94306..98d8dcb 100644 --- a/extensions/libipt_REJECT.c +++ b/extensions/libipt_REJECT.c @@ -100,7 +100,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags, switch(c) { case '1': if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --reject-with"); for (i = 0; i < limit; i++) { if ((strncasecmp(reject_table[i].name, optarg, strlen(optarg)) == 0) @@ -114,7 +114,7 @@ static int REJECT_parse(int c, char **argv, int invert, unsigned int *flags, || strncasecmp("echoreply", optarg, strlen(optarg)) == 0) fprintf(stderr, "--reject-with echo-reply no longer" " supported\n"); - exit_error(PARAMETER_PROBLEM, "unknown reject type `%s'",optarg); + xtables_error(PARAMETER_PROBLEM, "unknown reject type \"%s\"", optarg); default: /* Fall through */ break; diff --git a/extensions/libipt_SAME.c b/extensions/libipt_SAME.c index 007ebc3..444a520 100644 --- a/extensions/libipt_SAME.c +++ b/extensions/libipt_SAME.c @@ -58,20 +58,20 @@ parse_to(char *arg, struct ip_nat_range *range) ip = xtables_numeric_to_ipaddr(arg); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", arg); range->min_ip = ip->s_addr; if (dash) { ip = xtables_numeric_to_ipaddr(dash+1); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", dash+1); } range->max_ip = ip->s_addr; if (dash) if (range->min_ip > range->max_ip) - exit_error(PARAMETER_PROBLEM, "Bad IP range `%s-%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP range \"%s-%s\"\n", arg, dash+1); } @@ -89,12 +89,12 @@ static int SAME_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (mr->rangesize == IPT_SAME_MAX_RANGE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Too many ranges specified, maximum " "is %i ranges.\n", IPT_SAME_MAX_RANGE); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --to"); parse_to(optarg, &mr->range[mr->rangesize]); @@ -108,7 +108,7 @@ static int SAME_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & IPT_SAME_OPT_NODST) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --nodst twice"); mr->info |= IPT_SAME_NODST; @@ -131,7 +131,7 @@ static int SAME_parse(int c, char **argv, int invert, unsigned int *flags, static void SAME_check(unsigned int flags) { if (!(flags & IPT_SAME_OPT_TO)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "SAME needs --to"); } diff --git a/extensions/libipt_SET.c b/extensions/libipt_SET.c index 45967be..e9bdab4 100644 --- a/extensions/libipt_SET.c +++ b/extensions/libipt_SET.c @@ -54,20 +54,20 @@ parse_target(char **argv, int invert, unsigned int *flags, struct ipt_set_info *info, const char *what) { if (info->flags[0]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--%s can be specified only once", what); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --%s", what); if (!argv[optind] || argv[optind][0] == '-' || argv[optind][0] == '!') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--%s requires two args.", what); if (strlen(argv[optind-1]) > IP_SET_MAXNAMELEN - 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "setname `%s' too long, max %d characters.", argv[optind-1], IP_SET_MAXNAMELEN - 1); @@ -103,7 +103,7 @@ static int SET_parse(int c, char **argv, int invert, unsigned int *flags, static void SET_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must specify either `--add-set' or `--del-set'"); } diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c index 96ef56e..fda03ea 100644 --- a/extensions/libipt_SNAT.c +++ b/extensions/libipt_SNAT.c @@ -45,7 +45,7 @@ append_range(struct ipt_natinfo *info, const struct ip_nat_range *range) info = realloc(info, size); if (!info) - exit_error(OTHER_PROBLEM, "Out of memory\n"); + xtables_error(OTHER_PROBLEM, "Out of memory\n"); info->t.u.target_size = size; info->mr.range[info->mr.rangesize] = *range; @@ -69,19 +69,19 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) int port; if (!portok) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Need TCP, UDP, SCTP or DCCP with port specification"); range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED; port = atoi(colon+1); if (port <= 0 || port > 65535) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", colon+1); error = strchr(colon+1, ':'); if (error) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid port:port syntax - use dash\n"); dash = strchr(colon, '-'); @@ -94,11 +94,11 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) maxport = atoi(dash + 1); if (maxport <= 0 || maxport > 65535) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port `%s' not valid\n", dash+1); if (maxport < port) /* People are stupid. */ - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Port range `%s' funky\n", colon+1); range.min.tcp.port = htons(port); range.max.tcp.port = htons(maxport); @@ -119,13 +119,13 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info) ip = xtables_numeric_to_ipaddr(arg); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", arg); range.min_ip = ip->s_addr; if (dash) { ip = xtables_numeric_to_ipaddr(dash+1); if (!ip) - exit_error(PARAMETER_PROBLEM, "Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n", dash+1); range.max_ip = ip->s_addr; } else @@ -153,14 +153,14 @@ static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --to-source"); if (*flags & IPT_SNAT_OPT_SOURCE) { if (!kernel_version) get_kernel_version(); if (kernel_version > LINUX_VERSION(2, 6, 10)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Multiple --to-source not supported"); } *target = parse_to(optarg, portok, info); @@ -186,7 +186,7 @@ static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags, static void SNAT_check(unsigned int flags) { if (!(flags & IPT_SNAT_OPT_SOURCE)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must specify --to-source"); } diff --git a/extensions/libipt_TTL.c b/extensions/libipt_TTL.c index 15d23ba..2501877 100644 --- a/extensions/libipt_TTL.c +++ b/extensions/libipt_TTL.c @@ -32,20 +32,20 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags, unsigned int value; if (*flags & IPT_TTL_USED) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify TTL option twice"); } if (!optarg) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL: You must specify a value"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL: unexpected `!'"); if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL: Expected value between 0 and 255"); switch (c) { @@ -56,7 +56,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (value == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL: decreasing by 0?"); } @@ -65,7 +65,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (value == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL: increasing by 0?"); } @@ -86,7 +86,7 @@ static int TTL_parse(int c, char **argv, int invert, unsigned int *flags, static void TTL_check(unsigned int flags) { if (!(flags & IPT_TTL_USED)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL: You must specify an action"); } diff --git a/extensions/libipt_ULOG.c b/extensions/libipt_ULOG.c index 89d0940..9633a87 100644 --- a/extensions/libipt_ULOG.c +++ b/extensions/libipt_ULOG.c @@ -74,15 +74,15 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '!': if (*flags & IPT_LOG_OPT_NLGROUP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --ulog-nlgroup twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --ulog-nlgroup"); group_d = atoi(optarg); if (group_d > 32 || group_d < 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--ulog-nlgroup has to be between 1 and 32"); loginfo->nl_group = (1 << (group_d - 1)); @@ -92,24 +92,24 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags, case '#': if (*flags & IPT_LOG_OPT_PREFIX) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --ulog-prefix twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --ulog-prefix"); if (strlen(optarg) > sizeof(loginfo->prefix) - 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Maximum prefix length %u for --ulog-prefix", (unsigned int)sizeof(loginfo->prefix) - 1); if (strlen(optarg) == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "No prefix specified for --ulog-prefix"); if (strlen(optarg) != strlen(strtok(optarg, "\n"))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Newlines not allowed in --ulog-prefix"); strcpy(loginfo->prefix, optarg); @@ -117,23 +117,23 @@ static int ULOG_parse(int c, char **argv, int invert, unsigned int *flags, break; case 'A': if (*flags & IPT_LOG_OPT_CPRANGE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --ulog-cprange twice"); if (atoi(optarg) < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Negative copy range?"); loginfo->copy_range = atoi(optarg); *flags |= IPT_LOG_OPT_CPRANGE; break; case 'B': if (*flags & IPT_LOG_OPT_QTHRESHOLD) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --ulog-qthreshold twice"); if (atoi(optarg) < 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Negative or zero queue threshold ?"); if (atoi(optarg) > ULOG_MAX_QLEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Maximum queue length exceeded"); loginfo->qthreshold = atoi(optarg); *flags |= IPT_LOG_OPT_QTHRESHOLD; diff --git a/extensions/libipt_addrtype.c b/extensions/libipt_addrtype.c index 446cf0f..22b35d4 100644 --- a/extensions/libipt_addrtype.c +++ b/extensions/libipt_addrtype.c @@ -81,13 +81,13 @@ static void parse_types(const char *arg, u_int16_t *mask) while ((comma = strchr(arg, ',')) != NULL) { if (comma == arg || !parse_type(arg, comma-arg, mask)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: bad type `%s'", arg); arg = comma + 1; } if (strlen(arg) == 0 || !parse_type(arg, strlen(arg), mask)) - exit_error(PARAMETER_PROBLEM, "addrtype: bad type `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "addrtype: bad type \"%s\"", arg); } #define IPT_ADDRTYPE_OPT_SRCTYPE 0x1 @@ -105,7 +105,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags&IPT_ADDRTYPE_OPT_SRCTYPE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: can't specify src-type twice"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_types(argv[optind-1], &info->source); @@ -115,7 +115,7 @@ addrtype_parse_v0(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags&IPT_ADDRTYPE_OPT_DSTTYPE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: can't specify dst-type twice"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_types(argv[optind-1], &info->dest); @@ -140,7 +140,7 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IPT_ADDRTYPE_OPT_SRCTYPE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: can't specify src-type twice"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_types(argv[optind-1], &info->source); @@ -150,7 +150,7 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags, break; case '2': if (*flags & IPT_ADDRTYPE_OPT_DSTTYPE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: can't specify dst-type twice"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_types(argv[optind-1], &info->dest); @@ -160,14 +160,14 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (*flags & IPT_ADDRTYPE_OPT_LIMIT_IFACE_IN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: can't specify limit-iface-in twice"); info->flags |= IPT_ADDRTYPE_LIMIT_IFACE_IN; *flags |= IPT_ADDRTYPE_OPT_LIMIT_IFACE_IN; break; case '4': if (*flags & IPT_ADDRTYPE_OPT_LIMIT_IFACE_OUT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: can't specify limit-iface-out twice"); info->flags |= IPT_ADDRTYPE_LIMIT_IFACE_OUT; *flags |= IPT_ADDRTYPE_OPT_LIMIT_IFACE_OUT; @@ -182,18 +182,18 @@ addrtype_parse_v1(int c, char **argv, int invert, unsigned int *flags, static void addrtype_check_v0(unsigned int flags) { if (!(flags & (IPT_ADDRTYPE_OPT_SRCTYPE|IPT_ADDRTYPE_OPT_DSTTYPE))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: you must specify --src-type or --dst-type"); } static void addrtype_check_v1(unsigned int flags) { if (!(flags & (IPT_ADDRTYPE_OPT_SRCTYPE|IPT_ADDRTYPE_OPT_DSTTYPE))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: you must specify --src-type or --dst-type"); if (flags & IPT_ADDRTYPE_OPT_LIMIT_IFACE_IN && flags & IPT_ADDRTYPE_OPT_LIMIT_IFACE_OUT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "addrtype: you can't specify both --limit-iface-in " "and --limit-iface-out"); } diff --git a/extensions/libipt_ah.c b/extensions/libipt_ah.c index 31977dd..d049b42 100644 --- a/extensions/libipt_ah.c +++ b/extensions/libipt_ah.c @@ -30,15 +30,15 @@ parse_ah_spi(const char *spistr) spi = strtoul(spistr,&ep,0) ; if ( spistr == ep ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "AH no valid digits in spi `%s'", spistr); } if ( spi == ULONG_MAX && errno == ERANGE ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "spi `%s' specified too big: would overflow", spistr); } if ( *spistr != '\0' && *ep != '\0' ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "AH error parsing spi `%s'", spistr); } return spi; @@ -80,7 +80,7 @@ static int ah_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & AH_SPI) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--ahspi' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_ah_spis(argv[optind-1], ahinfo->spis); diff --git a/extensions/libipt_ecn.c b/extensions/libipt_ecn.c index 3b9da71..0f8849d 100644 --- a/extensions/libipt_ecn.c +++ b/extensions/libipt_ecn.c @@ -42,7 +42,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'F': if (*flags & IPT_ECN_OP_MATCH_CWR) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN match: can only use parameter ONCE!"); xtables_check_inverse(optarg, &invert, &optind, 0); einfo->operation |= IPT_ECN_OP_MATCH_CWR; @@ -53,7 +53,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags, case 'G': if (*flags & IPT_ECN_OP_MATCH_ECE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN match: can only use parameter ONCE!"); xtables_check_inverse(optarg, &invert, &optind, 0); einfo->operation |= IPT_ECN_OP_MATCH_ECE; @@ -64,7 +64,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags, case 'H': if (*flags & IPT_ECN_OP_MATCH_IP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN match: can only use parameter ONCE!"); xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) @@ -72,7 +72,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags, *flags |= IPT_ECN_OP_MATCH_IP; einfo->operation |= IPT_ECN_OP_MATCH_IP; if (!xtables_strtoui(optarg, NULL, &result, 0, 3)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN match: Value out of range"); einfo->ip_ect = result; break; @@ -86,7 +86,7 @@ static int ecn_parse(int c, char **argv, int invert, unsigned int *flags, static void ecn_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ECN match: some option required"); } diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c index 0fd132b..7dac0b7 100644 --- a/extensions/libipt_icmp.c +++ b/extensions/libipt_icmp.c @@ -122,7 +122,7 @@ parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[]) if (strncasecmp(icmp_codes[i].name, icmptype, strlen(icmptype)) == 0) { if (match != limit) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Ambiguous ICMP type `%s':" " `%s' or `%s'?", icmptype, @@ -148,12 +148,12 @@ parse_icmp(const char *icmptype, u_int8_t *type, u_int8_t code[]) *slash = '\0'; if (!xtables_strtoui(buffer, NULL, &number, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid ICMP type `%s'\n", buffer); *type = number; if (slash) { if (!xtables_strtoui(slash+1, NULL, &number, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid ICMP code `%s'\n", slash+1); code[0] = code[1] = number; @@ -180,7 +180,7 @@ static int icmp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags == 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "icmp match: only use --icmp-type once!"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_icmp(argv[optind-1], &icmpinfo->type, diff --git a/extensions/libipt_policy.c b/extensions/libipt_policy.c index a538927..964c19a 100644 --- a/extensions/libipt_policy.c +++ b/extensions/libipt_policy.c @@ -98,7 +98,7 @@ static int parse_direction(char *s) return IPT_POLICY_MATCH_IN; if (strcmp(s, "out") == 0) return IPT_POLICY_MATCH_OUT; - exit_error(PARAMETER_PROBLEM, "policy_match: invalid dir `%s'", s); + xtables_error(PARAMETER_PROBLEM, "policy_match: invalid dir \"%s\"", s); } static int parse_policy(char *s) @@ -107,7 +107,7 @@ static int parse_policy(char *s) return IPT_POLICY_MATCH_NONE; if (strcmp(s, "ipsec") == 0) return 0; - exit_error(PARAMETER_PROBLEM, "policy match: invalid policy `%s'", s); + xtables_error(PARAMETER_PROBLEM, "policy match: invalid policy \"%s\"", s); } static int parse_mode(char *s) @@ -116,7 +116,7 @@ static int parse_mode(char *s) return IPT_POLICY_MODE_TRANSPORT; if (strcmp(s, "tunnel") == 0) return IPT_POLICY_MODE_TUNNEL; - exit_error(PARAMETER_PROBLEM, "policy match: invalid mode `%s'", s); + xtables_error(PARAMETER_PROBLEM, "policy match: invalid mode \"%s\"", s); } static int policy_parse(int c, char **argv, int invert, unsigned int *flags, @@ -133,35 +133,35 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (info->flags & (IPT_POLICY_MATCH_IN|IPT_POLICY_MATCH_OUT)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --dir option"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --dir option"); info->flags |= parse_direction(argv[optind-1]); break; case '2': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --policy option"); info->flags |= parse_policy(argv[optind-1]); break; case '3': if (info->flags & IPT_POLICY_MATCH_STRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --strict option"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --strict option"); info->flags |= IPT_POLICY_MATCH_STRICT; break; case '4': if (e->match.reqid) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --reqid option"); e->match.reqid = 1; @@ -170,7 +170,7 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '5': if (e->match.spi) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --spi option"); e->match.spi = 1; @@ -179,12 +179,12 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '6': if (e->match.saddr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --tunnel-src option"); xtables_ipparse_any(argv[optind-1], &addr, &mask, &naddr); if (naddr > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: name resolves to multiple IPs"); e->match.saddr = 1; @@ -194,12 +194,12 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '7': if (e->match.daddr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --tunnel-dst option"); xtables_ipparse_any(argv[optind-1], &addr, &mask, &naddr); if (naddr > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: name resolves to multiple IPs"); e->match.daddr = 1; @@ -209,20 +209,20 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case '8': if (e->match.proto) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --proto option"); e->proto = xtables_parse_protocol(argv[optind-1]); if (e->proto != IPPROTO_AH && e->proto != IPPROTO_ESP && e->proto != IPPROTO_COMP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: protocol must ah/esp/ipcomp"); e->match.proto = 1; e->invert.proto = invert; break; case '9': if (e->match.mode) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: double --mode option"); mode = parse_mode(argv[optind-1]); @@ -232,11 +232,11 @@ static int policy_parse(int c, char **argv, int invert, unsigned int *flags, break; case 'a': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: can't invert --next option"); if (++info->len == IPT_POLICY_MAX_ELEM) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: maximum policy depth reached"); break; default: @@ -254,26 +254,26 @@ static void policy_check(unsigned int flags) int i; if (info == NULL) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: no parameters given"); if (!(info->flags & (IPT_POLICY_MATCH_IN|IPT_POLICY_MATCH_OUT))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: neither --in nor --out specified"); if (info->flags & IPT_POLICY_MATCH_NONE) { if (info->flags & IPT_POLICY_MATCH_STRICT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: policy none but --strict given"); if (info->len != 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: policy none but policy given"); } else info->len++; /* increase len by 1, no --next after last element */ if (!(info->flags & IPT_POLICY_MATCH_STRICT) && info->len > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: multiple elements but no --strict"); for (i = 0; i < info->len; i++) { @@ -282,13 +282,13 @@ static void policy_check(unsigned int flags) if (info->flags & IPT_POLICY_MATCH_STRICT && !(e->match.reqid || e->match.spi || e->match.saddr || e->match.daddr || e->match.proto || e->match.mode)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: empty policy element"); if ((e->match.saddr || e->match.daddr) && ((e->mode == IPT_POLICY_MODE_TUNNEL && e->invert.mode) || (e->mode == IPT_POLICY_MODE_TRANSPORT && !e->invert.mode))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "policy match: --tunnel-src/--tunnel-dst " "is only valid in tunnel mode"); } diff --git a/extensions/libipt_realm.c b/extensions/libipt_realm.c index e602dad..3dd63d3 100644 --- a/extensions/libipt_realm.c +++ b/extensions/libipt_realm.c @@ -166,12 +166,12 @@ static int realm_parse(int c, char **argv, int invert, unsigned int *flags, else realminfo->mask = 0xffffffff; if (*end != '\0' || end == optarg) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad realm value `%s'", optarg); } else { id = realm_name2id(optarg); if (id == -1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Realm `%s' not found", optarg); realminfo->id = id; realminfo->mask = 0xffffffff; @@ -230,7 +230,7 @@ static void realm_save(const void *ip, const struct xt_entry_match *match) static void realm_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "realm match: You must specify `--realm'"); } diff --git a/extensions/libipt_set.c b/extensions/libipt_set.c index 5b9e1fd..845b2b0 100644 --- a/extensions/libipt_set.c +++ b/extensions/libipt_set.c @@ -55,7 +55,7 @@ static int set_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': /* --set <set> <flag>[,<flag> */ if (info->flags[0]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--set can be specified only once"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -65,11 +65,11 @@ static int set_parse(int c, char **argv, int invert, unsigned int *flags, if (!argv[optind] || argv[optind][0] == '-' || argv[optind][0] == '!') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--set requires two args."); if (strlen(argv[optind-1]) > IP_SET_MAXNAMELEN - 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "setname `%s' too long, max %d characters.", argv[optind-1], IP_SET_MAXNAMELEN - 1); @@ -91,7 +91,7 @@ static int set_parse(int c, char **argv, int invert, unsigned int *flags, static void set_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must specify `--set' with proper arguments"); DEBUGP("final check OK\n"); } diff --git a/extensions/libipt_set.h b/extensions/libipt_set.h index 3e70d7b..f521e05 100644 --- a/extensions/libipt_set.h +++ b/extensions/libipt_set.h @@ -25,12 +25,12 @@ parse_bindings(const char *opt_arg, struct ipt_set_info *info) else if (strncmp(ptr, "dst", 3) == 0) info->flags[i++] |= IPSET_DST; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must spefify (the comma separated list of) 'src' or 'dst'."); } if (tmp) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't follow bindings deeper than %i.", IP_SET_MAX_BINDINGS - 1); @@ -42,7 +42,7 @@ static int get_set_getsockopt(void *data, socklen_t * size) int sockfd = -1; sockfd = socket(AF_INET, SOCK_RAW, IPPROTO_RAW); if (sockfd < 0) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Can't open socket to ipset.\n"); /* Send! */ return getsockopt(sockfd, SOL_IP, SO_IP_SET, data, size); @@ -60,16 +60,16 @@ static void get_set_byname(const char *setname, struct ipt_set_info *info) req.set.name[IP_SET_MAXNAMELEN - 1] = '\0'; res = get_set_getsockopt(&req, &size); if (res != 0) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Problem when communicating with ipset, errno=%d.\n", errno); if (size != sizeof(struct ip_set_req_get_set)) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Incorrect return size from kernel during ipset lookup, " "(want %zu, got %zu)\n", sizeof(struct ip_set_req_get_set), (size_t)size); if (req.set.index == IP_SET_INVALID_ID) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Set %s doesn't exist.\n", setname); info->index = req.set.index; @@ -86,16 +86,16 @@ static void get_set_byid(char * setname, ip_set_id_t idx) req.set.index = idx; res = get_set_getsockopt(&req, &size); if (res != 0) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Problem when communicating with ipset, errno=%d.\n", errno); if (size != sizeof(struct ip_set_req_get_set)) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Incorrect return size from kernel during ipset lookup, " "(want %zu, got %zu)\n", sizeof(struct ip_set_req_get_set), (size_t)size); if (req.set.name[0] == '\0') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Set id %i in kernel doesn't exist.\n", idx); strncpy(setname, req.set.name, IP_SET_MAXNAMELEN); diff --git a/extensions/libipt_ttl.c b/extensions/libipt_ttl.c index 3387e92..67f0b1a 100644 --- a/extensions/libipt_ttl.c +++ b/extensions/libipt_ttl.c @@ -34,7 +34,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '2': if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ttl: Expected value between 0 and 255"); if (invert) @@ -47,11 +47,11 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, break; case '3': if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ttl: Expected value between 0 and 255"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ttl: unexpected `!'"); info->mode = IPT_TTL_LT; @@ -59,11 +59,11 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, break; case '4': if (!xtables_strtoui(optarg, NULL, &value, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ttl: Expected value between 0 and 255"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ttl: unexpected `!'"); info->mode = IPT_TTL_GT; @@ -75,7 +75,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, } if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify TTL option twice"); *flags = 1; @@ -85,7 +85,7 @@ static int ttl_parse(int c, char **argv, int invert, unsigned int *flags, static void ttl_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TTL match: You must specify one of " "`--ttl-eq', `--ttl-lt', `--ttl-gt"); } diff --git a/extensions/libxt_CLASSIFY.c b/extensions/libxt_CLASSIFY.c index 113f680..119922d 100644 --- a/extensions/libxt_CLASSIFY.c +++ b/extensions/libxt_CLASSIFY.c @@ -45,10 +45,10 @@ CLASSIFY_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (CLASSIFY_string_to_priority(optarg, &clinfo->priority)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad class value `%s'", optarg); if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CLASSIFY: Can't specify --set-class twice"); *flags = 1; break; @@ -64,7 +64,7 @@ static void CLASSIFY_final_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CLASSIFY: Parameter --set-class is required"); } diff --git a/extensions/libxt_CONNMARK.c b/extensions/libxt_CONNMARK.c index e426e4f..6e42898 100644 --- a/extensions/libxt_CONNMARK.c +++ b/extensions/libxt_CONNMARK.c @@ -111,34 +111,34 @@ CONNMARK_parse(int c, char **argv, int invert, unsigned int *flags, markinfo->mask = strtoul(end+1, &end, 0); if (*end != '\0' || end == optarg) - exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CONNMARK target: Can't specify --set-mark twice"); *flags = 1; break; case '2': markinfo->mode = XT_CONNMARK_SAVE; if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CONNMARK target: Can't specify --save-mark twice"); *flags = 1; break; case '3': markinfo->mode = XT_CONNMARK_RESTORE; if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CONNMARK target: Can't specify --restore-mark twice"); *flags = 1; break; case '4': if (!*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CONNMARK target: Can't specify --mask without a operation"); markinfo->mask = strtoul(optarg, &end, 0); if (*end != '\0' || end == optarg) - exit_error(PARAMETER_PROBLEM, "Bad MASK value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad MASK value \"%s\"", optarg); break; default: return 0; @@ -218,7 +218,7 @@ static int connmark_tg_parse(int c, char **argv, int invert, case 'n': /* --nfmask */ if (!(*flags & F_SR_MARK)) - exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " + xtables_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " "or --restore-mark is required for " "--nfmask"); if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) @@ -228,7 +228,7 @@ static int connmark_tg_parse(int c, char **argv, int invert, case 'c': /* --ctmask */ if (!(*flags & F_SR_MARK)) - exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " + xtables_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " "or --restore-mark is required for " "--ctmask"); if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) @@ -238,7 +238,7 @@ static int connmark_tg_parse(int c, char **argv, int invert, case 'm': /* --mask */ if (!(*flags & F_SR_MARK)) - exit_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " + xtables_error(PARAMETER_PROBLEM, "CONNMARK: --save-mark " "or --restore-mark is required for " "--mask"); if (!xtables_strtoui(optarg, NULL, &value, 0, UINT32_MAX)) @@ -253,7 +253,7 @@ static int connmark_tg_parse(int c, char **argv, int invert, static void connmark_tg_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CONNMARK target: No operation specified"); } diff --git a/extensions/libxt_CONNSECMARK.c b/extensions/libxt_CONNSECMARK.c index 05dbf70..1515f6f 100644 --- a/extensions/libxt_CONNSECMARK.c +++ b/extensions/libxt_CONNSECMARK.c @@ -38,7 +38,7 @@ CONNSECMARK_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & CONNSECMARK_SAVE) - exit_error(PARAMETER_PROBLEM, PFX + xtables_error(PARAMETER_PROBLEM, PFX "Can't specify --save twice"); info->mode = CONNSECMARK_SAVE; *flags |= CONNSECMARK_SAVE; @@ -46,7 +46,7 @@ CONNSECMARK_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & CONNSECMARK_RESTORE) - exit_error(PARAMETER_PROBLEM, PFX + xtables_error(PARAMETER_PROBLEM, PFX "Can't specify --restore twice"); info->mode = CONNSECMARK_RESTORE; *flags |= CONNSECMARK_RESTORE; @@ -62,10 +62,10 @@ CONNSECMARK_parse(int c, char **argv, int invert, unsigned int *flags, static void CONNSECMARK_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, PFX "parameter required"); + xtables_error(PARAMETER_PROBLEM, PFX "parameter required"); if (flags == (CONNSECMARK_SAVE|CONNSECMARK_RESTORE)) - exit_error(PARAMETER_PROBLEM, PFX "only one flag of --save " + xtables_error(PARAMETER_PROBLEM, PFX "only one flag of --save " "or --restore is allowed"); } @@ -81,7 +81,7 @@ static void print_connsecmark(struct xt_connsecmark_target_info *info) break; default: - exit_error(OTHER_PROBLEM, PFX "invalid mode %hhu\n", info->mode); + xtables_error(OTHER_PROBLEM, PFX "invalid mode %hhu\n", info->mode); } } diff --git a/extensions/libxt_DSCP.c b/extensions/libxt_DSCP.c index aac8f9b..ddb9c99 100644 --- a/extensions/libxt_DSCP.c +++ b/extensions/libxt_DSCP.c @@ -49,11 +49,11 @@ parse_dscp(const char *s, struct xt_DSCP_info *dinfo) unsigned int dscp; if (!xtables_strtoui(s, NULL, &dscp, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid dscp `%s'\n", s); if (dscp > XT_DSCP_MAX) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP `%d` out of range\n", dscp); dinfo->dscp = dscp; @@ -79,14 +79,14 @@ static int DSCP_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'F': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP target: Only use --set-dscp ONCE!"); parse_dscp(optarg, dinfo); *flags = 1; break; case 'G': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP target: Only use --set-dscp-class ONCE!"); parse_class(optarg, dinfo); *flags = 1; @@ -102,7 +102,7 @@ static int DSCP_parse(int c, char **argv, int invert, unsigned int *flags, static void DSCP_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP target: Parameter --set-dscp is required"); } diff --git a/extensions/libxt_MARK.c b/extensions/libxt_MARK.c index 8f04e8e..ec2fe96 100644 --- a/extensions/libxt_MARK.c +++ b/extensions/libxt_MARK.c @@ -63,18 +63,18 @@ MARK_parse_v0(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (!xtables_strtoui(optarg, NULL, &mark, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); markinfo->mark = mark; if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "MARK target: Can't specify --set-mark twice"); *flags = 1; break; case '2': - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "MARK target: kernel too old for --and-mark"); case '3': - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "MARK target: kernel too old for --or-mark"); default: return 0; @@ -86,7 +86,7 @@ MARK_parse_v0(int c, char **argv, int invert, unsigned int *flags, static void MARK_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "MARK target: Parameter --set/and/or-mark" " is required"); } @@ -114,10 +114,10 @@ MARK_parse_v1(int c, char **argv, int invert, unsigned int *flags, } if (!xtables_strtoui(optarg, NULL, &mark, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); markinfo->mark = mark; if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "MARK target: Can't specify --set-mark twice"); *flags = 1; @@ -188,7 +188,7 @@ static int mark_tg_parse(int c, char **argv, int invert, unsigned int *flags, static void mark_tg_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "MARK: One of the --set-xmark, " + xtables_error(PARAMETER_PROBLEM, "MARK: One of the --set-xmark, " "--{and,or,xor,set}-mark options is required"); } diff --git a/extensions/libxt_NFLOG.c b/extensions/libxt_NFLOG.c index 6d8c9dc..007c7b4 100644 --- a/extensions/libxt_NFLOG.c +++ b/extensions/libxt_NFLOG.c @@ -49,56 +49,56 @@ static int NFLOG_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case NFLOG_GROUP: if (*flags & NFLOG_GROUP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --nflog-group twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --nflog-group"); n = atoi(optarg); if (n < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--nflog-group can not be negative"); info->group = n; break; case NFLOG_PREFIX: if (*flags & NFLOG_PREFIX) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --nflog-prefix twice"); if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --nflog-prefix"); length = strlen(optarg); if (length == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "No prefix specified for --nflog-prefix"); if (length >= sizeof(info->prefix)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--nflog-prefix too long, max %Zu characters", sizeof(info->prefix) - 1); if (length != strlen(strtok(optarg, "\n"))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Newlines are not allowed in --nflog-prefix"); strcpy(info->prefix, optarg); break; case NFLOG_RANGE: if (*flags & NFLOG_RANGE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --nflog-range twice"); n = atoi(optarg); if (n < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid --nflog-range, must be >= 0"); info->len = n; break; case NFLOG_THRESHOLD: if (*flags & NFLOG_THRESHOLD) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify --nflog-threshold twice"); n = atoi(optarg); if (n < 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid --nflog-threshold, must be >= 1"); info->threshold = n; break; diff --git a/extensions/libxt_NFQUEUE.c b/extensions/libxt_NFQUEUE.c index 1c0c23d..3ca2239 100644 --- a/extensions/libxt_NFQUEUE.c +++ b/extensions/libxt_NFQUEUE.c @@ -34,7 +34,7 @@ parse_num(const char *s, struct xt_NFQ_info *tinfo) unsigned int num; if (!xtables_strtoui(s, NULL, &num, 0, UINT16_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid queue number `%s'\n", s); tinfo->queuenum = num & 0xffff; @@ -50,7 +50,7 @@ NFQUEUE_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'F': if (*flags) - exit_error(PARAMETER_PROBLEM, "NFQUEUE target: " + xtables_error(PARAMETER_PROBLEM, "NFQUEUE target: " "Only use --queue-num ONCE!"); parse_num(optarg, tinfo); break; diff --git a/extensions/libxt_RATEEST.c b/extensions/libxt_RATEEST.c index cf1284f..d4fd6dd 100644 --- a/extensions/libxt_RATEEST.c +++ b/extensions/libxt_RATEEST.c @@ -99,7 +99,7 @@ RATEEST_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case RATEEST_OPT_NAME: if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: can't specify --rateest-name twice"); *flags |= 1 << c; @@ -108,24 +108,24 @@ RATEEST_parse(int c, char **argv, int invert, unsigned int *flags, case RATEEST_OPT_INTERVAL: if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: can't specify --rateest-interval twice"); *flags |= 1 << c; if (RATEEST_get_time(&interval, optarg) < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: bad interval value `%s'", optarg); break; case RATEEST_OPT_EWMALOG: if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: can't specify --rateest-ewmalog twice"); *flags |= 1 << c; if (RATEEST_get_time(&ewma_log, optarg) < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: bad ewmalog value `%s'", optarg); break; @@ -143,11 +143,11 @@ RATEEST_final_check(unsigned int flags) struct xt_rateest_target_info *info = RATEEST_info; if (!(flags & (1 << RATEEST_OPT_NAME))) - exit_error(PARAMETER_PROBLEM, "RATEEST: no name specified"); + xtables_error(PARAMETER_PROBLEM, "RATEEST: no name specified"); if (!(flags & (1 << RATEEST_OPT_INTERVAL))) - exit_error(PARAMETER_PROBLEM, "RATEEST: no interval specified"); + xtables_error(PARAMETER_PROBLEM, "RATEEST: no interval specified"); if (!(flags & (1 << RATEEST_OPT_EWMALOG))) - exit_error(PARAMETER_PROBLEM, "RATEEST: no ewmalog specified"); + xtables_error(PARAMETER_PROBLEM, "RATEEST: no ewmalog specified"); for (info->interval = 0; info->interval <= 5; info->interval++) { if (interval <= (1 << info->interval) * (TIME_UNITS_PER_SEC / 4)) @@ -155,7 +155,7 @@ RATEEST_final_check(unsigned int flags) } if (info->interval > 5) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: interval value is too large"); info->interval -= 2; @@ -167,7 +167,7 @@ RATEEST_final_check(unsigned int flags) info->ewma_log--; if (info->ewma_log == 0 || info->ewma_log >= 31) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "RATEEST: ewmalog value is out of range"); } diff --git a/extensions/libxt_SECMARK.c b/extensions/libxt_SECMARK.c index c62fb44..9db2327 100644 --- a/extensions/libxt_SECMARK.c +++ b/extensions/libxt_SECMARK.c @@ -35,12 +35,12 @@ static int SECMARK_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & SECMARK_MODE_SEL) - exit_error(PARAMETER_PROBLEM, PFX + xtables_error(PARAMETER_PROBLEM, PFX "Can't specify --selctx twice"); info->mode = SECMARK_MODE_SEL; if (strlen(optarg) > SECMARK_SELCTX_MAX-1) - exit_error(PARAMETER_PROBLEM, PFX + xtables_error(PARAMETER_PROBLEM, PFX "Maximum length %u exceeded by --selctx" " parameter (%zu)", SECMARK_SELCTX_MAX-1, strlen(optarg)); @@ -58,7 +58,7 @@ static int SECMARK_parse(int c, char **argv, int invert, unsigned int *flags, static void SECMARK_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, PFX "parameter required"); + xtables_error(PARAMETER_PROBLEM, PFX "parameter required"); } static void print_secmark(struct xt_secmark_target_info *info) @@ -69,7 +69,7 @@ static void print_secmark(struct xt_secmark_target_info *info) break; default: - exit_error(OTHER_PROBLEM, PFX "invalid mode %hhu\n", info->mode); + xtables_error(OTHER_PROBLEM, PFX "invalid mode %hhu\n", info->mode); } } diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c index 33fc71c..ac9e2d0 100644 --- a/extensions/libxt_TCPMSS.c +++ b/extensions/libxt_TCPMSS.c @@ -53,11 +53,11 @@ static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags, case '1': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TCPMSS target: Only one option may be specified"); if (!xtables_strtoui(optarg, NULL, &mssval, 0, UINT16_MAX - hdrsize)) - exit_error(PARAMETER_PROBLEM, "Bad TCPMSS value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad TCPMSS value \"%s\"", optarg); mssinfo->mss = mssval; *flags = 1; @@ -65,7 +65,7 @@ static int __TCPMSS_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TCPMSS target: Only one option may be specified"); mssinfo->mss = XT_TCPMSS_CLAMP_PMTU; *flags = 1; @@ -93,7 +93,7 @@ static int TCPMSS_parse6(int c, char **argv, int invert, unsigned int *flags, static void TCPMSS_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TCPMSS target: At least one parameter is required"); } diff --git a/extensions/libxt_TCPOPTSTRIP.c b/extensions/libxt_TCPOPTSTRIP.c index c053a8b..cf946fc 100644 --- a/extensions/libxt_TCPOPTSTRIP.c +++ b/extensions/libxt_TCPOPTSTRIP.c @@ -84,15 +84,15 @@ static void parse_list(struct xt_tcpoptstrip_target_info *info, char *arg) if (option == 0 && !xtables_strtoui(arg, NULL, &option, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad TCP option value \"%s\"", arg); if (option < 2) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Option value may not be 0 or 1"); if (tcpoptstrip_test_bit(info->strip_bmap, option)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Option \"%s\" already specified", arg); tcpoptstrip_set_bit(info->strip_bmap, option); @@ -111,7 +111,7 @@ static int tcpoptstrip_tg_parse(int c, char **argv, int invert, switch (c) { case 's': if (*flags & FLAG_STRIP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You can specify --strip-options only once"); parse_list(info, optarg); *flags |= FLAG_STRIP; @@ -124,7 +124,7 @@ static int tcpoptstrip_tg_parse(int c, char **argv, int invert, static void tcpoptstrip_tg_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TCPOPTSTRIP: --strip-options parameter required"); } diff --git a/extensions/libxt_TOS.c b/extensions/libxt_TOS.c index 7b1f7f8..c08f53b 100644 --- a/extensions/libxt_TOS.c +++ b/extensions/libxt_TOS.c @@ -87,7 +87,7 @@ static int tos_tg_parse_v0(int c, char **argv, int invert, unsigned int *flags, if (!tos_parse_symbolic(optarg, &tvm, 0xFF)) xtables_param_act(XTF_BAD_VALUE, "TOS", "--set-tos", optarg); if (tvm.mask != 0xFF) - exit_error(PARAMETER_PROBLEM, "tos match: Your kernel " + xtables_error(PARAMETER_PROBLEM, "tos match: Your kernel " "is too old to support anything besides " "/0xFF as a mask."); info->tos = tvm.value; @@ -153,7 +153,7 @@ static int tos_tg_parse(int c, char **argv, int invert, unsigned int *flags, static void tos_tg_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TOS: The --set-tos parameter is required"); } diff --git a/extensions/libxt_TPROXY.c b/extensions/libxt_TPROXY.c index 54ae96d..d410c52 100644 --- a/extensions/libxt_TPROXY.c +++ b/extensions/libxt_TPROXY.c @@ -105,7 +105,7 @@ static int tproxy_tg_parse(int c, char **argv, int invert, unsigned int *flags, static void tproxy_tg_check(unsigned int flags) { if (!(flags & PARAM_ONPORT)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "TPROXY target: Parameter --on-port is required"); } diff --git a/extensions/libxt_comment.c b/extensions/libxt_comment.c index 9bad125..0ff0144 100644 --- a/extensions/libxt_comment.c +++ b/extensions/libxt_comment.c @@ -32,7 +32,7 @@ parse_comment(const char *s, struct xt_comment_info *info) int slen = strlen(s); if (slen >= XT_MAX_COMMENT_LEN) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "COMMENT must be shorter than %i characters", XT_MAX_COMMENT_LEN); } strcpy((char *)info->comment, s); @@ -48,7 +48,7 @@ comment_parse(int c, char **argv, int invert, unsigned int *flags, case '1': xtables_check_inverse(argv[optind-1], &invert, &optind, 0); if (invert) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Sorry, you can't have an inverted comment"); } parse_comment(argv[optind-1], commentinfo); @@ -64,7 +64,7 @@ comment_parse(int c, char **argv, int invert, unsigned int *flags, static void comment_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "COMMENT match: You must specify `--comment'"); } diff --git a/extensions/libxt_connbytes.c b/extensions/libxt_connbytes.c index 5fc0f2a..9f6af1c 100644 --- a/extensions/libxt_connbytes.c +++ b/extensions/libxt_connbytes.c @@ -31,14 +31,14 @@ parse_range(const char *arg, struct xt_connbytes_info *si) si->count.from = strtoul(arg,&colon,10); if (*colon != ':') - exit_error(PARAMETER_PROBLEM, "Bad range `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad range \"%s\"", arg); si->count.to = strtoul(colon+1,&p,10); if (p == colon+1) { /* second number omited */ si->count.to = 0xffffffff; } if (si->count.from > si->count.to) - exit_error(PARAMETER_PROBLEM, "%llu should be less than %llu", + xtables_error(PARAMETER_PROBLEM, "%llu should be less than %llu", (unsigned long long)si->count.from, (unsigned long long)si->count.to); } @@ -71,7 +71,7 @@ connbytes_parse(int c, char **argv, int invert, unsigned int *flags, else if (!strcmp(optarg, "both")) sinfo->direction = XT_CONNBYTES_DIR_BOTH; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown --connbytes-dir `%s'", optarg); *flags |= 2; @@ -84,7 +84,7 @@ connbytes_parse(int c, char **argv, int invert, unsigned int *flags, else if (!strcmp(optarg, "avgpkt")) sinfo->what = XT_CONNBYTES_AVGPKT; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown --connbytes-mode `%s'", optarg); *flags |= 4; break; @@ -98,7 +98,7 @@ connbytes_parse(int c, char **argv, int invert, unsigned int *flags, static void connbytes_check(unsigned int flags) { if (flags != 7) - exit_error(PARAMETER_PROBLEM, "You must specify `--connbytes'" + xtables_error(PARAMETER_PROBLEM, "You must specify `--connbytes'" "`--connbytes-dir' and `--connbytes-mode'"); } diff --git a/extensions/libxt_connlimit.c b/extensions/libxt_connlimit.c index f43eada..f001a2e 100644 --- a/extensions/libxt_connlimit.c +++ b/extensions/libxt_connlimit.c @@ -60,7 +60,7 @@ static int connlimit_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'A': if (*flags & 0x1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--connlimit-above may be given only once"); *flags |= 0x1; xtables_check_inverse(optarg, &invert, &optind, 0); @@ -69,20 +69,20 @@ static int connlimit_parse(int c, char **argv, int invert, unsigned int *flags, break; case 'M': if (*flags & 0x2) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--connlimit-mask may be given only once"); *flags |= 0x2; i = strtoul(argv[optind-1], &err, 0); if (family == NFPROTO_IPV6) { if (i > 128 || *err != '\0') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--connlimit-mask must be between " "0 and 128"); prefix_to_netmask(info->v6_mask, i); } else { if (i > 32 || *err != '\0') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--connlimit-mask must be between " "0 and 32"); if (i == 0) @@ -117,7 +117,7 @@ static int connlimit_parse6(int c, char **argv, int invert, static void connlimit_check(unsigned int flags) { if (!(flags & 0x1)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must specify \"--connlimit-above\""); } diff --git a/extensions/libxt_connmark.c b/extensions/libxt_connmark.c index d5ca4e0..2dca5a5 100644 --- a/extensions/libxt_connmark.c +++ b/extensions/libxt_connmark.c @@ -91,7 +91,7 @@ connmark_parse(int c, char **argv, int invert, unsigned int *flags, markinfo->mask = strtoul(end+1, &end, 0); if (*end != '\0' || end == optarg) - exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); if (invert) markinfo->invert = 1; *flags = 1; @@ -114,7 +114,7 @@ static void print_mark(unsigned int mark, unsigned int mask) static void connmark_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "connmark: The --mark option is required"); } diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c index 45783f4..a3fcafc 100644 --- a/extensions/libxt_conntrack.c +++ b/extensions/libxt_conntrack.c @@ -103,15 +103,15 @@ parse_states(const char *arg, struct xt_conntrack_info *sinfo) while ((comma = strchr(arg, ',')) != NULL) { if (comma == arg || !parse_state(arg, comma-arg, sinfo)) - exit_error(PARAMETER_PROBLEM, "Bad ctstate `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad ctstate \"%s\"", arg); arg = comma+1; } if (!*arg) - exit_error(PARAMETER_PROBLEM, "`--ctstate' requires a list of " + xtables_error(PARAMETER_PROBLEM, "\"--ctstate\" requires a list of " "states with no spaces, e.g. " "ESTABLISHED,RELATED"); if (strlen(arg) == 0 || !parse_state(arg, strlen(arg), sinfo)) - exit_error(PARAMETER_PROBLEM, "Bad ctstate `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad ctstate \"%s\"", arg); } static bool @@ -144,13 +144,13 @@ conntrack_ps_states(struct xt_conntrack_mtinfo1 *info, const char *arg) while ((comma = strchr(arg, ',')) != NULL) { if (comma == arg || !conntrack_ps_state(info, arg, comma - arg)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad ctstate \"%s\"", arg); arg = comma + 1; } if (strlen(arg) == 0 || !conntrack_ps_state(info, arg, strlen(arg))) - exit_error(PARAMETER_PROBLEM, "Bad ctstate \"%s\"", arg); + xtables_error(PARAMETER_PROBLEM, "Bad ctstate \"%s\"", arg); } static int @@ -180,12 +180,12 @@ parse_statuses(const char *arg, struct xt_conntrack_info *sinfo) while ((comma = strchr(arg, ',')) != NULL) { if (comma == arg || !parse_status(arg, comma-arg, sinfo)) - exit_error(PARAMETER_PROBLEM, "Bad ctstatus `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad ctstatus \"%s\"", arg); arg = comma+1; } if (strlen(arg) == 0 || !parse_status(arg, strlen(arg), sinfo)) - exit_error(PARAMETER_PROBLEM, "Bad ctstatus `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad ctstatus \"%s\"", arg); } static bool @@ -214,13 +214,13 @@ conntrack_ps_statuses(struct xt_conntrack_mtinfo1 *info, const char *arg) while ((comma = strchr(arg, ',')) != NULL) { if (comma == arg || !conntrack_ps_status(info, arg, comma - arg)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad ctstatus \"%s\"", arg); arg = comma + 1; } if (strlen(arg) == 0 || !conntrack_ps_status(info, arg, strlen(arg))) - exit_error(PARAMETER_PROBLEM, "Bad ctstatus \"%s\"", arg); + xtables_error(PARAMETER_PROBLEM, "Bad ctstatus \"%s\"", arg); } static unsigned long @@ -229,7 +229,7 @@ parse_expire(const char *s) unsigned int len; if (!xtables_strtoui(s, NULL, &len, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, "expire value invalid: `%s'\n", s); + xtables_error(PARAMETER_PROBLEM, "expire value invalid: \"%s\"\n", s); else return len; } @@ -257,7 +257,7 @@ parse_expires(const char *s, struct xt_conntrack_info *sinfo) free(buffer); if (sinfo->expires_min > sinfo->expires_max) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "expire min. range value `%lu' greater than max. " "range value `%lu'", sinfo->expires_min, sinfo->expires_max); } @@ -278,7 +278,7 @@ conntrack_ps_expires(struct xt_conntrack_mtinfo1 *info, const char *s) xtables_param_act(XTF_BAD_VALUE, "conntrack", "--expires", s); if (min > max) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "expire min. range value \"%u\" greater than max. " "range value \"%u\"", min, max); @@ -322,7 +322,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags, if (sinfo->tuple[IP_CT_DIR_ORIGINAL].dst.protonum == 0 && (sinfo->invflags & XT_INV_PROTO)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rule would never match protocol"); sinfo->flags |= XT_CONNTRACK_PROTO; @@ -338,7 +338,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags, &sinfo->sipmsk[IP_CT_DIR_ORIGINAL], &naddrs); if(naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if(naddrs == 1) { @@ -358,7 +358,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags, &sinfo->dipmsk[IP_CT_DIR_ORIGINAL], &naddrs); if(naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if(naddrs == 1) { @@ -378,7 +378,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags, &sinfo->sipmsk[IP_CT_DIR_REPLY], &naddrs); if(naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if(naddrs == 1) { @@ -398,7 +398,7 @@ static int conntrack_parse(int c, char **argv, int invert, unsigned int *flags, &sinfo->dipmsk[IP_CT_DIR_REPLY], &naddrs); if(naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if(naddrs == 1) { @@ -459,7 +459,7 @@ conntrack_mt_parse(int c, char **argv, int invert, unsigned int *flags, info->l4proto = xtables_parse_protocol(optarg); if (info->l4proto == 0 && (info->invert_flags & XT_INV_PROTO)) - exit_error(PARAMETER_PROBLEM, "conntrack: rule would " + xtables_error(PARAMETER_PROBLEM, "conntrack: rule would " "never match protocol"); info->match_flags |= XT_CONNTRACK_PROTO; @@ -555,7 +555,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ipparse_any(optarg, &addr, &info->origsrc_mask.in, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->origsrc_addr.in, addr, sizeof(*addr)); @@ -568,7 +568,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ipparse_any(optarg, &addr, &info->origdst_mask.in, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->origdst_addr.in, addr, sizeof(*addr)); @@ -581,7 +581,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ipparse_any(optarg, &addr, &info->replsrc_mask.in, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->replsrc_addr.in, addr, sizeof(*addr)); @@ -594,7 +594,7 @@ conntrack_mt4_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ipparse_any(optarg, &addr, &info->repldst_mask.in, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->repldst_addr.in, addr, sizeof(*addr)); @@ -625,7 +625,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ip6parse_any(optarg, &addr, &info->origsrc_mask.in6, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->origsrc_addr.in6, addr, sizeof(*addr)); @@ -638,7 +638,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ip6parse_any(optarg, &addr, &info->origdst_mask.in6, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->origdst_addr.in, addr, sizeof(*addr)); @@ -651,7 +651,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ip6parse_any(optarg, &addr, &info->replsrc_mask.in6, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->replsrc_addr.in, addr, sizeof(*addr)); @@ -664,7 +664,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags, xtables_ip6parse_any(optarg, &addr, &info->repldst_mask.in6, &naddrs); if (naddrs > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not allowed"); if (naddrs == 1) memcpy(&info->repldst_addr.in, addr, sizeof(*addr)); @@ -685,7 +685,7 @@ conntrack_mt6_parse(int c, char **argv, int invert, unsigned int *flags, static void conntrack_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "conntrack: At least one option " + xtables_error(PARAMETER_PROBLEM, "conntrack: At least one option " "is required"); } diff --git a/extensions/libxt_dccp.c b/extensions/libxt_dccp.c index dbf6223..413624e 100644 --- a/extensions/libxt_dccp.c +++ b/extensions/libxt_dccp.c @@ -72,7 +72,7 @@ parse_dccp_ports(const char *portstring, ports[1] = cp[0] ? xtables_parse_port(cp, "dccp") : 0xFFFF; if (ports[0] > ports[1]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid portrange (min > max)"); } free(buffer); @@ -109,7 +109,7 @@ parse_dccp_types(const char *typestring) } } if (i == sizeof(dccp_pkt_types)/sizeof(char *)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown DCCP type `%s'", ptr); } @@ -122,7 +122,7 @@ static u_int8_t parse_dccp_option(char *optstring) unsigned int ret; if (!xtables_strtoui(optstring, NULL, &ret, 1, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, "Bad DCCP option `%s'", + xtables_error(PARAMETER_PROBLEM, "Bad DCCP option \"%s\"", optstring); return ret; @@ -138,7 +138,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & XT_DCCP_SRC_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--source-port' allowed"); einfo->flags |= XT_DCCP_SRC_PORTS; xtables_check_inverse(optarg, &invert, &optind, 0); @@ -150,7 +150,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & XT_DCCP_DEST_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--destination-port' allowed"); einfo->flags |= XT_DCCP_DEST_PORTS; xtables_check_inverse(optarg, &invert, &optind, 0); @@ -162,7 +162,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (*flags & XT_DCCP_TYPE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--dccp-types' allowed"); einfo->flags |= XT_DCCP_TYPE; xtables_check_inverse(optarg, &invert, &optind, 0); @@ -174,7 +174,7 @@ dccp_parse(int c, char **argv, int invert, unsigned int *flags, case '4': if (*flags & XT_DCCP_OPTION) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--dccp-option' allowed"); einfo->flags |= XT_DCCP_OPTION; xtables_check_inverse(optarg, &invert, &optind, 0); diff --git a/extensions/libxt_dscp.c b/extensions/libxt_dscp.c index e57c267..62fa6af 100644 --- a/extensions/libxt_dscp.c +++ b/extensions/libxt_dscp.c @@ -49,11 +49,11 @@ parse_dscp(const char *s, struct xt_dscp_info *dinfo) unsigned int dscp; if (!xtables_strtoui(s, NULL, &dscp, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid dscp `%s'\n", s); if (dscp > XT_DSCP_MAX) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP `%d` out of range\n", dscp); dinfo->dscp = dscp; @@ -80,7 +80,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'F': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP match: Only use --dscp ONCE!"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_dscp(argv[optind-1], dinfo); @@ -91,7 +91,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags, case 'G': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP match: Only use --dscp-class ONCE!"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_class(argv[optind - 1], dinfo); @@ -110,7 +110,7 @@ dscp_parse(int c, char **argv, int invert, unsigned int *flags, static void dscp_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "DSCP match: Parameter --dscp is required"); } diff --git a/extensions/libxt_esp.c b/extensions/libxt_esp.c index 2cc6b60..5769edb 100644 --- a/extensions/libxt_esp.c +++ b/extensions/libxt_esp.c @@ -32,15 +32,15 @@ parse_esp_spi(const char *spistr) spi = strtoul(spistr,&ep,0) ; if ( spistr == ep ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ESP no valid digits in spi `%s'", spistr); } if ( spi == ULONG_MAX && errno == ERANGE ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "spi `%s' specified too big: would overflow", spistr); } if ( *spistr != '\0' && *ep != '\0' ) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ESP error parsing spi `%s'", spistr); } return spi; @@ -62,7 +62,7 @@ parse_esp_spis(const char *spistring, u_int32_t *spis) spis[0] = buffer[0] ? parse_esp_spi(buffer) : 0; spis[1] = cp[0] ? parse_esp_spi(cp) : 0xFFFFFFFF; if (spis[0] > spis[1]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid ESP spi range: %s", spistring); } free(buffer); @@ -86,7 +86,7 @@ esp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & ESP_SPI) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--espspi' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_esp_spis(argv[optind-1], espinfo->spis); diff --git a/extensions/libxt_hashlimit.c b/extensions/libxt_hashlimit.c index b05e8c8..5377b6d 100644 --- a/extensions/libxt_hashlimit.c +++ b/extensions/libxt_hashlimit.c @@ -124,7 +124,7 @@ int parse_rate(const char *rate, u_int32_t *val) /* This would get mapped to infinite (1/day is minimum they can specify, so we're ok at that end). */ if (r / mult > XT_HASHLIMIT_SCALE) - exit_error(PARAMETER_PROBLEM, "Rate too fast `%s'\n", rate); + xtables_error(PARAMETER_PROBLEM, "Rate too fast \"%s\"\n", rate); *val = XT_HASHLIMIT_SCALE * mult / r; return 1; @@ -221,7 +221,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_LIMIT); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!parse_rate(optarg, &r->cfg.avg)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad rate `%s'", optarg); *flags |= PARAM_LIMIT; break; @@ -231,7 +231,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_BURST); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!xtables_strtoui(optarg, NULL, &num, 0, 10000)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --hashlimit-burst `%s'", optarg); r->cfg.burst = num; *flags |= PARAM_BURST; @@ -241,7 +241,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_SIZE); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --hashlimit-htable-size: `%s'", optarg); r->cfg.size = num; *flags |= PARAM_SIZE; @@ -251,7 +251,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_MAX); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --hashlimit-htable-max: `%s'", optarg); r->cfg.max = num; *flags |= PARAM_MAX; @@ -262,7 +262,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_GCINTERVAL); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --hashlimit-htable-gcinterval: `%s'", optarg); /* FIXME: not HZ dependent!! */ @@ -274,7 +274,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, "--hashlimit-htable-expire", *flags & PARAM_EXPIRE); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!xtables_strtoui(optarg, NULL, &num, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --hashlimit-htable-expire: `%s'", optarg); /* FIXME: not HZ dependent */ r->cfg.expire = num; @@ -285,7 +285,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_MODE); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (parse_mode(&r->cfg.mode, optarg) < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --hashlimit-mode: `%s'\n", optarg); *flags |= PARAM_MODE; break; @@ -294,7 +294,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, *flags & PARAM_NAME); if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (strlen(optarg) == 0) - exit_error(PARAMETER_PROBLEM, "Zero-length name?"); + xtables_error(PARAMETER_PROBLEM, "Zero-length name?"); strncpy(r->name, optarg, sizeof(r->name)); *flags |= PARAM_NAME; break; @@ -303,7 +303,7 @@ hashlimit_parse(int c, char **argv, int invert, unsigned int *flags, } if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "hashlimit does not support invert"); return 1; @@ -404,7 +404,7 @@ hashlimit_mt_parse(struct xt_hashlimit_mtinfo1 *info, unsigned int *flags, xtables_param_act(XTF_ONLY_ONCE, "hashlimit", "--hashlimit-name", *flags & PARAM_NAME); if (strlen(optarg) == 0) - exit_error(PARAMETER_PROBLEM, "Zero-length name?"); + xtables_error(PARAMETER_PROBLEM, "Zero-length name?"); strncpy(info->name, optarg, sizeof(info->name)); info->name[sizeof(info->name)-1] = '\0'; *flags |= PARAM_NAME; @@ -452,23 +452,23 @@ hashlimit_mt6_parse(int c, char **argv, int invert, unsigned int *flags, static void hashlimit_check(unsigned int flags) { if (!(flags & PARAM_LIMIT)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You have to specify --hashlimit"); if (!(flags & PARAM_MODE)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You have to specify --hashlimit-mode"); if (!(flags & PARAM_NAME)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You have to specify --hashlimit-name"); } static void hashlimit_mt_check(unsigned int flags) { if (!(flags & PARAM_LIMIT)) - exit_error(PARAMETER_PROBLEM, "You have to specify " + xtables_error(PARAMETER_PROBLEM, "You have to specify " "--hashlimit-upto or --hashlimit-above"); if (!(flags & PARAM_NAME)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You have to specify --hashlimit-name"); } diff --git a/extensions/libxt_helper.c b/extensions/libxt_helper.c index 569ad69..8378be7 100644 --- a/extensions/libxt_helper.c +++ b/extensions/libxt_helper.c @@ -29,7 +29,7 @@ helper_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "helper match: Only use --helper ONCE!"); xtables_check_inverse(optarg, &invert, &invert, 0); strncpy(info->name, optarg, 29); @@ -48,7 +48,7 @@ helper_parse(int c, char **argv, int invert, unsigned int *flags, static void helper_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "helper match: You must specify `--helper'"); } diff --git a/extensions/libxt_iprange.c b/extensions/libxt_iprange.c index df6be14..bc5b2ae 100644 --- a/extensions/libxt_iprange.c +++ b/extensions/libxt_iprange.c @@ -42,14 +42,14 @@ parse_iprange(char *arg, struct ipt_iprange *range) ip = xtables_numeric_to_ipaddr(arg); if (!ip) - exit_error(PARAMETER_PROBLEM, "iprange match: Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "iprange match: Bad IP address \"%s\"\n", arg); range->min_ip = ip->s_addr; if (dash != NULL) { ip = xtables_numeric_to_ipaddr(dash+1); if (!ip) - exit_error(PARAMETER_PROBLEM, "iprange match: Bad IP address `%s'\n", + xtables_error(PARAMETER_PROBLEM, "iprange match: Bad IP address \"%s\"\n", dash+1); range->max_ip = ip->s_addr; } else { @@ -65,7 +65,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & IPRANGE_SRC) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "iprange match: Only use --src-range ONCE!"); *flags |= IPRANGE_SRC; @@ -79,7 +79,7 @@ static int iprange_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & IPRANGE_DST) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "iprange match: Only use --dst-range ONCE!"); *flags |= IPRANGE_DST; @@ -201,7 +201,7 @@ iprange_mt6_parse(int c, char **argv, int invert, unsigned int *flags, static void iprange_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "iprange match: You must specify `--src-range' or `--dst-range'"); } diff --git a/extensions/libxt_length.c b/extensions/libxt_length.c index cf944e2..7bb31a8 100644 --- a/extensions/libxt_length.c +++ b/extensions/libxt_length.c @@ -27,7 +27,7 @@ parse_length(const char *s) unsigned int len; if (!xtables_strtoui(s, NULL, &len, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, "length invalid: `%s'\n", s); + xtables_error(PARAMETER_PROBLEM, "length invalid: \"%s\"\n", s); else return len; } @@ -52,7 +52,7 @@ parse_lengths(const char *s, struct xt_length_info *info) free(buffer); if (info->min > info->max) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "length min. range value `%u' greater than max. " "range value `%u'", info->min, info->max); @@ -67,7 +67,7 @@ length_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "length: `--length' may only be " "specified once"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -86,7 +86,7 @@ length_parse(int c, char **argv, int invert, unsigned int *flags, static void length_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "length: You must specify `--length'"); } diff --git a/extensions/libxt_limit.c b/extensions/libxt_limit.c index 7edfa3d..f785d2d 100644 --- a/extensions/libxt_limit.c +++ b/extensions/libxt_limit.c @@ -64,7 +64,7 @@ int parse_rate(const char *rate, u_int32_t *val) /* This would get mapped to infinite (1/day is minimum they can specify, so we're ok at that end). */ if (r / mult > XT_LIMIT_SCALE) - exit_error(PARAMETER_PROBLEM, "Rate too fast `%s'\n", rate); + xtables_error(PARAMETER_PROBLEM, "Rate too fast \"%s\"\n", rate); *val = XT_LIMIT_SCALE * mult / r; return 1; @@ -81,7 +81,7 @@ static void limit_init(struct xt_entry_match *m) /* FIXME: handle overflow: if (r->avg*r->burst/r->burst != r->avg) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Sorry: burst too large for that avg rate.\n"); */ @@ -96,14 +96,14 @@ limit_parse(int c, char **argv, int invert, unsigned int *flags, case '%': if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!parse_rate(optarg, &r->avg)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad rate `%s'", optarg); break; case '$': if (xtables_check_inverse(argv[optind-1], &invert, &optind, 0)) break; if (!xtables_strtoui(optarg, NULL, &num, 0, 10000)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad --limit-burst `%s'", optarg); r->burst = num; break; @@ -113,7 +113,7 @@ limit_parse(int c, char **argv, int invert, unsigned int *flags, } if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "limit does not support invert"); return 1; diff --git a/extensions/libxt_mac.c b/extensions/libxt_mac.c index b516d80..a57e341 100644 --- a/extensions/libxt_mac.c +++ b/extensions/libxt_mac.c @@ -31,7 +31,7 @@ parse_mac(const char *mac, struct xt_mac_info *info) unsigned int i = 0; if (strlen(mac) != ETH_ALEN*3-1) - exit_error(PARAMETER_PROBLEM, "Bad mac address `%s'", mac); + xtables_error(PARAMETER_PROBLEM, "Bad mac address \"%s\"", mac); for (i = 0; i < ETH_ALEN; i++) { long number; @@ -44,7 +44,7 @@ parse_mac(const char *mac, struct xt_mac_info *info) && number <= 255) info->srcaddr[i] = number; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad mac address `%s'", mac); } } @@ -84,7 +84,7 @@ static void print_mac(const unsigned char macaddress[ETH_ALEN]) static void mac_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You must specify `--mac-source'"); } diff --git a/extensions/libxt_mark.c b/extensions/libxt_mark.c index 1143ba9..ceca995 100644 --- a/extensions/libxt_mark.c +++ b/extensions/libxt_mark.c @@ -69,7 +69,7 @@ mark_parse(int c, char **argv, int invert, unsigned int *flags, } else markinfo->mask = 0xffffffff; if (*end != '\0' || end == optarg) - exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad MARK value \"%s\"", optarg); if (invert) markinfo->invert = 1; *flags = 1; @@ -92,7 +92,7 @@ static void print_mark(unsigned int mark, unsigned int mask) static void mark_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "mark match: The --mark option is required"); } diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c index d0e830d..8141441 100644 --- a/extensions/libxt_multiport.c +++ b/extensions/libxt_multiport.c @@ -75,7 +75,7 @@ parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) unsigned int i; buffer = strdup(portstring); - if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); + if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed"); for (cp=buffer, i=0; cp && i<XT_MULTI_PORTS; cp=next,i++) { @@ -83,7 +83,7 @@ parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) if (next) *next++='\0'; ports[i] = xtables_parse_port(cp, proto); } - if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified"); + if (cp) xtables_error(PARAMETER_PROBLEM, "too many ports specified"); free(buffer); return i; } @@ -98,7 +98,7 @@ parse_multi_ports_v1(const char *portstring, u_int16_t m; buffer = strdup(portstring); - if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); + if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed"); for (i=0; i<XT_MULTI_PORTS; i++) multiinfo->pflags[i] = 0; @@ -109,7 +109,7 @@ parse_multi_ports_v1(const char *portstring, range = strchr(cp, ':'); if (range) { if (i == XT_MULTI_PORTS-1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "too many ports specified"); *range++ = '\0'; } @@ -118,13 +118,13 @@ parse_multi_ports_v1(const char *portstring, multiinfo->pflags[i] = 1; multiinfo->ports[++i] = xtables_parse_port(range, proto); if (multiinfo->ports[i-1] >= multiinfo->ports[i]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid portrange specified"); m <<= 1; } } multiinfo->count = i; - if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified"); + if (cp) xtables_error(PARAMETER_PROBLEM, "too many ports specified"); free(buffer); } @@ -134,17 +134,17 @@ check_proto(u_int16_t pnum, u_int8_t invflags) char *proto; if (invflags & XT_INV_PROTO) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiport only works with TCP, UDP, UDPLITE, SCTP and DCCP"); if ((proto = proto_to_name(pnum)) != NULL) return proto; else if (!pnum) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiport needs `-p tcp', `-p udp', `-p udplite', " "`-p sctp' or `-p dccp'"); else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiport only works with TCP, UDP, UDPLITE, SCTP and DCCP"); } @@ -189,11 +189,11 @@ __multiport_parse(int c, char **argv, int invert, unsigned int *flags, } if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiport does not support invert"); if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiport can only have one option"); *flags = 1; return 1; @@ -256,7 +256,7 @@ __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags, multiinfo->invert = 1; if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiport can only have one option"); *flags = 1; return 1; @@ -284,7 +284,7 @@ multiport_parse6_v1(int c, char **argv, int invert, unsigned int *flags, static void multiport_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, "multiport expection an option"); + xtables_error(PARAMETER_PROBLEM, "multiport expection an option"); } static char * diff --git a/extensions/libxt_owner.c b/extensions/libxt_owner.c index bf26f35..d27b3ae 100644 --- a/extensions/libxt_owner.c +++ b/extensions/libxt_owner.c @@ -163,7 +163,7 @@ owner_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags, case 'c': xtables_param_act(XTF_ONLY_ONCE, "owner", "--cmd-owner", *flags & FLAG_COMM); if (strlen(optarg) > sizeof(info->comm)) - exit_error(PARAMETER_PROBLEM, "owner match: command " + xtables_error(PARAMETER_PROBLEM, "owner match: command " "\"%s\" too long, max. %zu characters", optarg, sizeof(info->comm)); @@ -316,7 +316,7 @@ static int owner_mt_parse(int c, char **argv, int invert, unsigned int *flags, static void owner_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "owner: At least one of " + xtables_error(PARAMETER_PROBLEM, "owner: At least one of " "--uid-owner, --gid-owner or --socket-exists " "is required"); } diff --git a/extensions/libxt_physdev.c b/extensions/libxt_physdev.c index 4275a1a..c87779b 100644 --- a/extensions/libxt_physdev.c +++ b/extensions/libxt_physdev.c @@ -100,7 +100,7 @@ physdev_parse(int c, char **argv, int invert, unsigned int *flags, return 1; multiple_use: - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple use of the same physdev option is not allowed"); } @@ -108,7 +108,7 @@ multiple_use: static void physdev_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "PHYSDEV: no physdev option specified"); + xtables_error(PARAMETER_PROBLEM, "PHYSDEV: no physdev option specified"); } static void diff --git a/extensions/libxt_pkttype.c b/extensions/libxt_pkttype.c index 8caba91..0fa933f 100644 --- a/extensions/libxt_pkttype.c +++ b/extensions/libxt_pkttype.c @@ -80,7 +80,7 @@ static void parse_pkttype(const char *pkttype, struct xt_pkttype_info *info) } } - exit_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype); + xtables_error(PARAMETER_PROBLEM, "Bad packet type '%s'", pkttype); } static int pkttype_parse(int c, char **argv, int invert, unsigned int *flags, @@ -108,7 +108,7 @@ static int pkttype_parse(int c, char **argv, int invert, unsigned int *flags, static void pkttype_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, "You must specify `--pkt-type'"); + xtables_error(PARAMETER_PROBLEM, "You must specify \"--pkt-type\""); } static void print_pkttype(struct xt_pkttype_info *info) diff --git a/extensions/libxt_quota.c b/extensions/libxt_quota.c index 8c91fb8..2657b2a 100644 --- a/extensions/libxt_quota.c +++ b/extensions/libxt_quota.c @@ -47,7 +47,7 @@ parse_quota(const char *s, u_int64_t * quota) #endif if (*quota == UINT64_MAX) - exit_error(PARAMETER_PROBLEM, "quota invalid: '%s'\n", s); + xtables_error(PARAMETER_PROBLEM, "quota invalid: '%s'\n", s); else return 1; } @@ -61,9 +61,9 @@ quota_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (xtables_check_inverse(optarg, &invert, NULL, 0)) - exit_error(PARAMETER_PROBLEM, "quota: unexpected '!'"); + xtables_error(PARAMETER_PROBLEM, "quota: unexpected '!'"); if (!parse_quota(optarg, &info->quota)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "bad quota: '%s'", optarg); break; diff --git a/extensions/libxt_rateest.c b/extensions/libxt_rateest.c index 8a8836b..3cff07d 100644 --- a/extensions/libxt_rateest.c +++ b/extensions/libxt_rateest.c @@ -120,11 +120,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST1: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest1 twice"); *flags |= 1 << c; @@ -134,11 +134,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST2: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest2 twice"); *flags |= 1 << c; @@ -149,11 +149,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST_BPS1: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest-bps can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest-bps1 twice"); *flags |= 1 << c; @@ -164,7 +164,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, break; if (rateest_get_rate(&info->bps1, argv[optind]) < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: could not parse rate `%s'", argv[optind]); optind++; @@ -173,11 +173,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST_PPS1: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest-pps can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest-pps1 twice"); *flags |= 1 << c; @@ -188,7 +188,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, break; if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: could not parse pps `%s'", argv[optind]); info->pps1 = val; @@ -198,11 +198,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST_BPS2: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest-bps can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest-bps2 twice"); *flags |= 1 << c; @@ -213,7 +213,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, break; if (rateest_get_rate(&info->bps2, argv[optind]) < 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: could not parse rate `%s'", argv[optind]); optind++; @@ -222,11 +222,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST_PPS2: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest-pps can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest-pps2 twice"); *flags |= 1 << c; @@ -237,7 +237,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, break; if (!xtables_strtoui(argv[optind], NULL, &val, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: could not parse pps `%s'", argv[optind]); info->pps2 = val; @@ -247,11 +247,11 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, case OPT_RATEEST_DELTA: xtables_check_inverse(optarg, &invert, &optind, 0); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: rateest-delta can't be inverted"); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify --rateest-delta twice"); *flags |= 1 << c; @@ -262,7 +262,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, xtables_check_inverse(argv[optind-1], &invert, &optind, 0); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify lt/gt/eq twice"); *flags |= 1 << c; @@ -275,7 +275,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, xtables_check_inverse(argv[optind-1], &invert, &optind, 0); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify lt/gt/eq twice"); *flags |= 1 << c; @@ -288,7 +288,7 @@ rateest_parse(int c, char **argv, int invert, unsigned int *flags, xtables_check_inverse(argv[optind-1], &invert, &optind, 0); if (*flags & (1 << c)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rateest: can't specify lt/gt/eq twice"); *flags |= 1 << c; @@ -310,7 +310,7 @@ rateest_final_check(unsigned int flags) struct xt_rateest_match_info *info = rateest_info; if (info == NULL) - exit_error(PARAMETER_PROBLEM, "rateest match: " + xtables_error(PARAMETER_PROBLEM, "rateest match: " "you need to specify some flags"); if (!(info->flags & XT_RATEEST_MATCH_REL)) info->flags |= XT_RATEEST_MATCH_ABS; diff --git a/extensions/libxt_recent.c b/extensions/libxt_recent.c index 1646705..47c35ff 100644 --- a/extensions/libxt_recent.c +++ b/extensions/libxt_recent.c @@ -70,7 +70,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 201: if (*flags & RECENT_CMDS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -81,7 +81,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags, case 202: if (*flags & RECENT_CMDS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -92,7 +92,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags, case 203: if (*flags & RECENT_CMDS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -103,7 +103,7 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags, case 206: if (*flags & RECENT_CMDS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -148,12 +148,12 @@ static int recent_parse(int c, char **argv, int invert, unsigned int *flags, static void recent_check(unsigned int flags) { if (!(flags & RECENT_CMDS)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "recent: you must specify one of `--set', `--rcheck' " "`--update' or `--remove'"); if ((flags & XT_RECENT_TTL) && (flags & (XT_RECENT_SET | XT_RECENT_REMOVE))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "recent: --rttl may only be used with --rcheck or " "--update"); } diff --git a/extensions/libxt_sctp.c b/extensions/libxt_sctp.c index 2ee4861..b889406 100644 --- a/extensions/libxt_sctp.c +++ b/extensions/libxt_sctp.c @@ -95,7 +95,7 @@ parse_sctp_ports(const char *portstring, ports[1] = cp[0] ? xtables_parse_port(cp, "sctp") : 0xFFFF; if (ports[0] > ports[1]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid portrange (min > max)"); } free(buffer); @@ -151,7 +151,7 @@ save_chunk_flag_info(struct xt_sctp_flag_info *flag_info, } if (*flag_count == XT_NUM_SCTP_FLAGS) { - exit_error (PARAMETER_PROBLEM, + xtables_error (PARAMETER_PROBLEM, "Number of chunk types with flags exceeds currently allowed limit." "Increasing this limit involves changing IPT_NUM_SCTP_FLAGS and" "recompiling both the kernel space and user space modules\n"); @@ -208,7 +208,7 @@ parse_sctp_chunk(struct xt_sctp_info *einfo, } } if (!found) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown sctp chunk `%s'", ptr); if (chunk_flags) { @@ -226,7 +226,7 @@ parse_sctp_chunk(struct xt_sctp_info *einfo, &(einfo->flag_count), i, bit, isupper(chunk_flags[j])); } else { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid flags for chunk type %d\n", i); } } @@ -249,7 +249,7 @@ parse_sctp_chunks(struct xt_sctp_info *einfo, } else if (!strcasecmp(match_type, "ONLY")) { einfo->chunk_match_type = SCTP_CHUNK_MATCH_ONLY; } else { - exit_error (PARAMETER_PROBLEM, + xtables_error (PARAMETER_PROBLEM, "Match type has to be one of \"ALL\", \"ANY\" or \"ONLY\""); } @@ -267,7 +267,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & XT_SCTP_SRC_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--source-port' allowed"); einfo->flags |= XT_SCTP_SRC_PORTS; xtables_check_inverse(optarg, &invert, &optind, 0); @@ -279,7 +279,7 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & XT_SCTP_DEST_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--destination-port' allowed"); einfo->flags |= XT_SCTP_DEST_PORTS; xtables_check_inverse(optarg, &invert, &optind, 0); @@ -291,13 +291,13 @@ sctp_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (*flags & XT_SCTP_CHUNK_TYPES) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--chunk-types' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); if (!argv[optind] || argv[optind][0] == '-' || argv[optind][0] == '!') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--chunk-types requires two args"); einfo->flags |= XT_SCTP_CHUNK_TYPES; diff --git a/extensions/libxt_state.c b/extensions/libxt_state.c index 5182230..0f26443 100644 --- a/extensions/libxt_state.c +++ b/extensions/libxt_state.c @@ -51,15 +51,15 @@ state_parse_states(const char *arg, struct xt_state_info *sinfo) while ((comma = strchr(arg, ',')) != NULL) { if (comma == arg || !state_parse_state(arg, comma-arg, sinfo)) - exit_error(PARAMETER_PROBLEM, "Bad state `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad state \"%s\"", arg); arg = comma+1; } if (!*arg) - exit_error(PARAMETER_PROBLEM, "`--state' requires a list of " + xtables_error(PARAMETER_PROBLEM, "\"--state\" requires a list of " "states with no spaces, e.g. " "ESTABLISHED,RELATED"); if (strlen(arg) == 0 || !state_parse_state(arg, strlen(arg), sinfo)) - exit_error(PARAMETER_PROBLEM, "Bad state `%s'", arg); + xtables_error(PARAMETER_PROBLEM, "Bad state \"%s\"", arg); } static int @@ -89,7 +89,7 @@ state_parse(int c, char **argv, int invert, unsigned int *flags, static void state_final_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, "You must specify `--state'"); + xtables_error(PARAMETER_PROBLEM, "You must specify \"--state\""); } static void state_print_state(unsigned int statemask) diff --git a/extensions/libxt_statistic.c b/extensions/libxt_statistic.c index 574f8f7..fa044ad 100644 --- a/extensions/libxt_statistic.c +++ b/extensions/libxt_statistic.c @@ -49,42 +49,42 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & 0x1) - exit_error(PARAMETER_PROBLEM, "double --mode"); + xtables_error(PARAMETER_PROBLEM, "double --mode"); if (!strcmp(optarg, "random")) info->mode = XT_STATISTIC_MODE_RANDOM; else if (!strcmp(optarg, "nth")) info->mode = XT_STATISTIC_MODE_NTH; else - exit_error(PARAMETER_PROBLEM, "Bad mode `%s'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad mode \"%s\"", optarg); *flags |= 0x1; break; case '2': if (*flags & 0x2) - exit_error(PARAMETER_PROBLEM, "double --probability"); + xtables_error(PARAMETER_PROBLEM, "double --probability"); prob = atof(optarg); if (prob < 0 || prob > 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--probability must be between 0 and 1"); info->u.random.probability = 0x80000000 * prob; *flags |= 0x2; break; case '3': if (*flags & 0x4) - exit_error(PARAMETER_PROBLEM, "double --every"); + xtables_error(PARAMETER_PROBLEM, "double --every"); if (!xtables_strtoui(optarg, NULL, &val, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "cannot parse --every `%s'", optarg); info->u.nth.every = val; if (info->u.nth.every == 0) - exit_error(PARAMETER_PROBLEM, "--every cannot be 0"); + xtables_error(PARAMETER_PROBLEM, "--every cannot be 0"); info->u.nth.every--; *flags |= 0x4; break; case '4': if (*flags & 0x8) - exit_error(PARAMETER_PROBLEM, "double --packet"); + xtables_error(PARAMETER_PROBLEM, "double --packet"); if (!xtables_strtoui(optarg, NULL, &val, 0, UINT32_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "cannot parse --packet `%s'", optarg); info->u.nth.packet = val; *flags |= 0x8; @@ -98,25 +98,25 @@ statistic_parse(int c, char **argv, int invert, unsigned int *flags, static void statistic_check(unsigned int flags) { if (!(flags & 0x1)) - exit_error(PARAMETER_PROBLEM, "no mode specified"); + xtables_error(PARAMETER_PROBLEM, "no mode specified"); if ((flags & 0x2) && (flags & (0x4 | 0x8))) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "both nth and random parameters given"); if (flags & 0x2 && global_info->mode != XT_STATISTIC_MODE_RANDOM) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--probability can only be used in random mode"); if (flags & 0x4 && global_info->mode != XT_STATISTIC_MODE_NTH) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--every can only be used in nth mode"); if (flags & 0x8 && global_info->mode != XT_STATISTIC_MODE_NTH) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--packet can only be used in nth mode"); if ((flags & 0x8) && !(flags & 0x4)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--packet can only be used with --every"); /* at this point, info->u.nth.every have been decreased. */ if (global_info->u.nth.packet > global_info->u.nth.every) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "the --packet p must be 0 <= p <= n-1"); diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c index aa52fa8..5ea529e 100644 --- a/extensions/libxt_string.c +++ b/extensions/libxt_string.c @@ -69,7 +69,7 @@ parse_string(const char *s, struct xt_string_info *info) info->patlen = strlen(s); return; } - exit_error(PARAMETER_PROBLEM, "STRING too long `%s'", s); + xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s); } static void @@ -79,7 +79,7 @@ parse_algo(const char *s, struct xt_string_info *info) strncpy(info->algo, s, XT_STRING_MAX_ALGO_NAME_SIZE); return; } - exit_error(PARAMETER_PROBLEM, "ALGO too long `%s'", s); + xtables_error(PARAMETER_PROBLEM, "ALGO too long \"%s\"", s); } static void @@ -92,7 +92,7 @@ parse_hex_string(const char *s, struct xt_string_info *info) slen = strlen(s); if (slen == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "STRING must contain at least one char"); } @@ -100,7 +100,7 @@ parse_hex_string(const char *s, struct xt_string_info *info) if (s[i] == '\\' && !hex_f) { literal_f = 1; } else if (s[i] == '\\') { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot include literals in hex data"); } else if (s[i] == '|') { if (hex_f) @@ -119,7 +119,7 @@ parse_hex_string(const char *s, struct xt_string_info *info) if (literal_f) { if (i+1 >= slen) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad literal placement at end of string"); } info->pattern[sindex] = s[i+1]; @@ -127,22 +127,22 @@ parse_hex_string(const char *s, struct xt_string_info *info) literal_f = 0; } else if (hex_f) { if (i+1 >= slen) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Odd number of hex digits"); } if (i+2 >= slen) { /* must end with a "|" */ - exit_error(PARAMETER_PROBLEM, "Invalid hex block"); + xtables_error(PARAMETER_PROBLEM, "Invalid hex block"); } if (! isxdigit(s[i])) /* check for valid hex char */ - exit_error(PARAMETER_PROBLEM, "Invalid hex char `%c'", s[i]); + xtables_error(PARAMETER_PROBLEM, "Invalid hex char '%c'", s[i]); if (! isxdigit(s[i+1])) /* check for valid hex char */ - exit_error(PARAMETER_PROBLEM, "Invalid hex char `%c'", s[i+1]); + xtables_error(PARAMETER_PROBLEM, "Invalid hex char '%c'", s[i+1]); hextmp[0] = s[i]; hextmp[1] = s[i+1]; hextmp[2] = '\0'; if (! sscanf(hextmp, "%x", &schar)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid hex char `%c'", s[i]); info->pattern[sindex] = (char) schar; if (s[i+2] == ' ') @@ -154,7 +154,7 @@ parse_hex_string(const char *s, struct xt_string_info *info) i++; } if (sindex > XT_STRING_MAX_PATTERN_SIZE) - exit_error(PARAMETER_PROBLEM, "STRING too long `%s'", s); + xtables_error(PARAMETER_PROBLEM, "STRING too long \"%s\"", s); sindex++; } info->patlen = sindex; @@ -177,28 +177,28 @@ string_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & FROM) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify multiple --from"); stringinfo->from_offset = atoi(optarg); *flags |= FROM; break; case '2': if (*flags & TO) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify multiple --to"); stringinfo->to_offset = atoi(optarg); *flags |= TO; break; case '3': if (*flags & ALGO) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify multiple --algo"); parse_algo(optarg, stringinfo); *flags |= ALGO; break; case '4': if (*flags & STRING) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify multiple --string"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_string(argv[optind-1], stringinfo); @@ -215,7 +215,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags, case '5': if (*flags & STRING) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify multiple --hex-string"); xtables_check_inverse(optarg, &invert, &optind, 0); @@ -231,7 +231,7 @@ string_parse(int c, char **argv, int invert, unsigned int *flags, case '6': if (revision == 0) - exit_error(VERSION_PROBLEM, + xtables_error(VERSION_PROBLEM, "Kernel doesn't support --icase"); stringinfo->u.v1.flags |= XT_STRING_FLAG_IGNORECASE; @@ -247,11 +247,11 @@ string_parse(int c, char **argv, int invert, unsigned int *flags, static void string_check(unsigned int flags) { if (!(flags & STRING)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "STRING match: You must specify `--string' or " "`--hex-string'"); if (!(flags & ALGO)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "STRING match: You must specify `--algo'"); } diff --git a/extensions/libxt_tcp.c b/extensions/libxt_tcp.c index 069bb7f..d2ad53b 100644 --- a/extensions/libxt_tcp.c +++ b/extensions/libxt_tcp.c @@ -53,7 +53,7 @@ parse_tcp_ports(const char *portstring, u_int16_t *ports) ports[1] = cp[0] ? xtables_parse_port(cp, "tcp") : 0xFFFF; if (ports[0] > ports[1]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid portrange (min > max)"); } free(buffer); @@ -95,7 +95,7 @@ parse_tcp_flag(const char *flags) } } if (i == sizeof(tcp_flag_names)/sizeof(struct tcp_flag_names)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown TCP flag `%s'", ptr); } @@ -122,7 +122,7 @@ parse_tcp_option(const char *option, u_int8_t *result) unsigned int ret; if (!xtables_strtoui(option, NULL, &ret, 1, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, "Bad TCP option `%s'", option); + xtables_error(PARAMETER_PROBLEM, "Bad TCP option \"%s\"", option); *result = ret; } @@ -148,7 +148,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & TCP_SRC_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--source-port' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_tcp_ports(argv[optind-1], tcpinfo->spts); @@ -159,7 +159,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & TCP_DST_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--destination-port' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_tcp_ports(argv[optind-1], tcpinfo->dpts); @@ -170,7 +170,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, case '3': if (*flags & TCP_FLAGS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one of `--syn' or `--tcp-flags' " " allowed"); parse_tcp_flags(tcpinfo, "SYN,RST,ACK,FIN", "SYN", invert); @@ -179,14 +179,14 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, case '4': if (*flags & TCP_FLAGS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one of `--syn' or `--tcp-flags' " " allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); if (!argv[optind] || argv[optind][0] == '-' || argv[optind][0] == '!') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "--tcp-flags requires two args."); parse_tcp_flags(tcpinfo, argv[optind-1], argv[optind], @@ -197,7 +197,7 @@ tcp_parse(int c, char **argv, int invert, unsigned int *flags, case '5': if (*flags & TCP_OPTION) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--tcp-option' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_tcp_option(argv[optind-1], &tcpinfo->option); diff --git a/extensions/libxt_tcpmss.c b/extensions/libxt_tcpmss.c index 5c013a7..43a4a0d 100644 --- a/extensions/libxt_tcpmss.c +++ b/extensions/libxt_tcpmss.c @@ -29,7 +29,7 @@ parse_tcp_mssvalue(const char *mssvalue) if (!xtables_strtoui(mssvalue, NULL, &mssvaluenum, 0, UINT16_MAX)) return mssvaluenum; - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid mss `%s' specified", mssvalue); } @@ -63,7 +63,7 @@ tcpmss_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--mss' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_tcp_mssvalues(argv[optind-1], @@ -81,7 +81,7 @@ tcpmss_parse(int c, char **argv, int invert, unsigned int *flags, static void tcpmss_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "tcpmss match: You must specify `--mss'"); } diff --git a/extensions/libxt_time.c b/extensions/libxt_time.c index 41aa5c7..eb8b671 100644 --- a/extensions/libxt_time.c +++ b/extensions/libxt_time.c @@ -142,10 +142,10 @@ static time_t time_parse_date(const char *s, bool end) if (ret >= 0) return ret; perror("mktime"); - exit_error(OTHER_PROBLEM, "mktime returned an error"); + xtables_error(OTHER_PROBLEM, "mktime returned an error"); out: - exit_error(PARAMETER_PROBLEM, "Invalid date \"%s\" specified. Should " + xtables_error(PARAMETER_PROBLEM, "Invalid date \"%s\" specified. Should " "be YYYY[-MM[-DD[Thh[:mm[:ss]]]]]", os); return -1; } @@ -175,7 +175,7 @@ static unsigned int time_parse_minutes(const char *s) return 60 * 60 * hour + 60 * minute + second; out: - exit_error(PARAMETER_PROBLEM, "invalid time \"%s\" specified, " + xtables_error(PARAMETER_PROBLEM, "invalid time \"%s\" specified, " "should be hh:mm[:ss] format and within the boundaries", s); return -1; } @@ -207,7 +207,7 @@ static uint32_t time_parse_monthdays(const char *arg) while (my_strseg(day, sizeof(day), &arg, ',') != NULL) { i = strtoul(day, &err, 0); if ((*err != ',' && *err != '\0') || i > 31) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s is not a valid day for --monthdays", day); ret |= 1 << i; } @@ -225,7 +225,7 @@ static unsigned int time_parse_weekdays(const char *arg) i = strtoul(day, &err, 0); if (*err == '\0') { if (i == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "No, the week does NOT begin with Sunday."); ret |= 1 << i; continue; @@ -239,7 +239,7 @@ static unsigned int time_parse_weekdays(const char *arg) } if (!valid) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s is not a valid day specifier", day); } @@ -254,54 +254,54 @@ static int time_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'D': /* --datestart */ if (*flags & F_DATE_START) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --datestart twice"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected \"!\" with --datestart"); info->date_start = time_parse_date(optarg, false); *flags |= F_DATE_START; return 1; case 'E': /* --datestop */ if (*flags & F_DATE_STOP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --datestop more than once"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unexpected \"!\" with --datestop"); info->date_stop = time_parse_date(optarg, true); *flags |= F_DATE_STOP; return 1; case 'X': /* --timestart */ if (*flags & F_TIME_START) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --timestart more than once"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected \"!\" with --timestart"); info->daytime_start = time_parse_minutes(optarg); *flags |= F_TIME_START; return 1; case 'Y': /* --timestop */ if (*flags & F_TIME_STOP) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --timestop more than once"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unexpected \"!\" with --timestop"); info->daytime_stop = time_parse_minutes(optarg); *flags |= F_TIME_STOP; return 1; case 'l': /* --localtz */ if (*flags & F_TIMEZONE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can only specify exactly one of --localtz or --utc"); info->flags |= XT_TIME_LOCAL_TZ; *flags |= F_TIMEZONE; return 1; case 'm': /* --monthdays */ if (*flags & F_MONTHDAYS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --monthdays more than once"); info->monthdays_match = time_parse_monthdays(optarg); if (invert) @@ -310,7 +310,7 @@ static int time_parse(int c, char **argv, int invert, unsigned int *flags, return 1; case 'w': /* --weekdays */ if (*flags & F_WEEKDAYS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --weekdays more than once"); info->weekdays_match = time_parse_weekdays(optarg); if (invert) @@ -319,7 +319,7 @@ static int time_parse(int c, char **argv, int invert, unsigned int *flags, return 1; case 'u': /* --utc */ if (*flags & F_TIMEZONE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can only specify exactly one of --localtz or --utc"); info->flags &= ~XT_TIME_LOCAL_TZ; *flags |= F_TIMEZONE; diff --git a/extensions/libxt_tos.c b/extensions/libxt_tos.c index a611840..b810ea6 100644 --- a/extensions/libxt_tos.c +++ b/extensions/libxt_tos.c @@ -54,7 +54,7 @@ static int tos_mt_parse_v0(int c, char **argv, int invert, unsigned int *flags, if (!tos_parse_symbolic(optarg, &tvm, 0xFF)) xtables_param_act(XTF_BAD_VALUE, "tos", "--tos", optarg); if (tvm.mask != 0xFF) - exit_error(PARAMETER_PROBLEM, "tos: Your kernel is " + xtables_error(PARAMETER_PROBLEM, "tos: Your kernel is " "too old to support anything besides /0xFF " "as a mask."); info->tos = tvm.value; @@ -90,7 +90,7 @@ static int tos_mt_parse(int c, char **argv, int invert, unsigned int *flags, static void tos_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "tos: --tos parameter required"); } diff --git a/extensions/libxt_u32.c b/extensions/libxt_u32.c index f0bb61a..c2aeb27 100644 --- a/extensions/libxt_u32.c +++ b/extensions/libxt_u32.c @@ -92,10 +92,10 @@ static u_int32_t parse_number(char **s, int pos) errno = 0; number = strtoul(*s, &end, 0); if (end == *s) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %d: expected number", pos); if (errno != 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %d: error reading number", pos); *s = end; return number; @@ -129,10 +129,10 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, if (*arg == '\0') { /* end of argument found */ if (state == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: abrupt end of input after location specifier"); if (valind == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: test ended with no value specified"); ct->nnums = locind; @@ -140,7 +140,7 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, data->ntests = ++testind; if (testind > XT_U32_MAXSIZE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: too many \"&&\"s", (unsigned int)(arg - start)); return 1; @@ -153,7 +153,7 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, */ if (*arg == '=') { if (locind == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: " "location spec missing", (unsigned int)(arg - start)); @@ -168,18 +168,18 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, ct->location[locind].nextop = XT_U32_AND; } else if (*arg == '<') { if (*++arg != '<') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: a second '<' was expected", (unsigned int)(arg - start)); ct->location[locind].nextop = XT_U32_LEFTSH; } else if (*arg == '>') { if (*++arg != '>') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: a second '>' was expected", (unsigned int)(arg - start)); ct->location[locind].nextop = XT_U32_RIGHTSH; } else if (*arg == '@') { ct->location[locind].nextop = XT_U32_AT; } else { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: operator expected", (unsigned int)(arg - start)); } ++arg; @@ -188,7 +188,7 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, ct->location[locind].number = parse_number(&arg, arg - start); if (++locind > XT_U32_MAXSIZE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: too many operators", (unsigned int)(arg - start)); } } else { @@ -199,17 +199,17 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, */ if (*arg == '&') { if (*++arg != '&') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: a second '&' was expected", (unsigned int)(arg - start)); if (valind == 0) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: value spec missing", (unsigned int)(arg - start)); } else { ct->nnums = locind; ct->nvalues = valind; ct = &data->tests[++testind]; if (testind > XT_U32_MAXSIZE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: too many \"&&\"s", (unsigned int)(arg - start)); ++arg; state = 0; @@ -219,7 +219,7 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, } else { /* read value range */ if (valind > 0) { /* need , before number */ if (*arg != ',') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: expected \",\" or \"&&\"", (unsigned int)(arg - start)); ++arg; } @@ -239,7 +239,7 @@ static int u32_parse(int c, char **argv, int invert, unsigned int *flags, } if (++valind > XT_U32_MAXSIZE) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "u32: at char %u: too many \",\"s", (unsigned int)(arg - start)); } } diff --git a/extensions/libxt_udp.c b/extensions/libxt_udp.c index 8f57f4e..4b4e84f 100644 --- a/extensions/libxt_udp.c +++ b/extensions/libxt_udp.c @@ -45,7 +45,7 @@ parse_udp_ports(const char *portstring, u_int16_t *ports) ports[1] = cp[0] ? xtables_parse_port(cp, "udp") : 0xFFFF; if (ports[0] > ports[1]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid portrange (min > max)"); } free(buffer); @@ -70,7 +70,7 @@ udp_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & UDP_SRC_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--source-port' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_udp_ports(argv[optind-1], udpinfo->spts); @@ -81,7 +81,7 @@ udp_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & UDP_DST_PORTS) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Only one `--destination-port' allowed"); xtables_check_inverse(optarg, &invert, &optind, 0); parse_udp_ports(argv[optind-1], udpinfo->dpts); diff --git a/extensions/tos_values.c b/extensions/tos_values.c index 81f6de1..2676d81 100644 --- a/extensions/tos_values.c +++ b/extensions/tos_values.c @@ -42,13 +42,13 @@ static bool tos_parse_numeric(const char *str, struct tos_value_mask *tvm, const char *p = end + 1; if (!xtables_strtoui(p, &end, &value, 0, max)) - exit_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"", + xtables_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"", str); tvm->mask = value; } if (*end != '\0') - exit_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"", str); + xtables_error(PARAMETER_PROBLEM, "Illegal value: \"%s\"", str); return true; } @@ -70,7 +70,7 @@ static bool tos_parse_symbolic(const char *str, struct tos_value_mask *tvm, return true; } - exit_error(PARAMETER_PROBLEM, "Symbolic name \"%s\" is unknown", str); + xtables_error(PARAMETER_PROBLEM, "Symbolic name \"%s\" is unknown", str); return false; } diff --git a/include/xtables.h.in b/include/xtables.h.in index c4d2b92..3f556c1 100644 --- a/include/xtables.h.in +++ b/include/xtables.h.in @@ -234,7 +234,7 @@ xtables_parse_interface(const char *arg, char *vianame, unsigned char *mask); int xtables_check_inverse(const char option[], int *invert, int *my_optind, int argc); extern struct xtables_globals *xt_params; -#define exit_error xt_params->exit_err +#define xtables_error (xt_params->exit_err) extern void xtables_param_act(unsigned int, const char *, ...); diff --git a/ip6tables-restore.c b/ip6tables-restore.c index 9b8596e..324dd1f 100644 --- a/ip6tables-restore.c +++ b/ip6tables-restore.c @@ -70,7 +70,7 @@ static struct ip6tc_handle *create_handle(const char *tablename) } if (!handle) { - exit_error(PARAMETER_PROBLEM, "%s: unable to initialize " + xtables_error(PARAMETER_PROBLEM, "%s: unable to initialize " "table '%s'\n", ip6tables_globals.program_name, tablename); exit(1); @@ -211,7 +211,7 @@ int main(int argc, char *argv[]) table = strtok(buffer+1, " \t\n"); DEBUGP("line %u, table '%s'\n", line, table); if (!table) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u table name invalid\n", ip6tables_globals.program_name, line); @@ -246,7 +246,7 @@ int main(int argc, char *argv[]) chain = strtok(buffer+1, " \t\n"); DEBUGP("line %u, chain '%s'\n", line, chain); if (!chain) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u chain name invalid\n", ip6tables_globals.program_name, line); @@ -257,14 +257,14 @@ int main(int argc, char *argv[]) if (noflush && ip6tc_is_chain(chain, handle)) { DEBUGP("Flushing existing user defined chain '%s'\n", chain); if (!ip6tc_flush_entries(chain, handle)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "error flushing chain " "'%s':%s\n", chain, strerror(errno)); } else { DEBUGP("Creating new chain '%s'\n", chain); if (!ip6tc_create_chain(chain, handle)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "error creating chain " "'%s':%s\n", chain, strerror(errno)); @@ -274,7 +274,7 @@ int main(int argc, char *argv[]) policy = strtok(NULL, " \t\n"); DEBUGP("line %u, policy '%s'\n", line, policy); if (!policy) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u policy invalid\n", ip6tables_globals.program_name, line); @@ -289,7 +289,7 @@ int main(int argc, char *argv[]) ctrs = strtok(NULL, " \t\n"); if (!ctrs || !parse_counters(ctrs, &count)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid policy counters " "for chain '%s'\n", chain); @@ -303,7 +303,7 @@ int main(int argc, char *argv[]) if (!ip6tc_set_policy(chain, policy, &count, handle)) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Can't set policy `%s'" " on `%s' line %u: %s\n", chain, policy, line, @@ -331,19 +331,19 @@ int main(int argc, char *argv[]) /* we have counters in our input */ ptr = strchr(buffer, ']'); if (!ptr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need ]\n", line); pcnt = strtok(buffer+1, ":"); if (!pcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need :\n", line); bcnt = strtok(NULL, "]"); if (!bcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need ]\n", line); @@ -410,7 +410,7 @@ int main(int argc, char *argv[]) /* check if table name specified */ if (!strncmp(param_buffer, "-t", 2) || !strncmp(param_buffer, "--table", 8)) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Line %u seems to have a " "-t table option.\n", line); exit(1); @@ -423,7 +423,7 @@ int main(int argc, char *argv[]) param_buffer[param_len++] = *curchar; if (param_len >= sizeof(param_buffer)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Parameter too long!"); } } diff --git a/ip6tables-save.c b/ip6tables-save.c index 874542d..55010c4 100644 --- a/ip6tables-save.c +++ b/ip6tables-save.c @@ -42,13 +42,13 @@ static int for_each_table(int (*func)(const char *tablename)) procfile = fopen("/proc/net/ip6_tables_names", "r"); if (!procfile) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Unable to open /proc/net/ip6_tables_names: %s\n", strerror(errno)); while (fgets(tablename, sizeof(tablename), procfile)) { if (tablename[strlen(tablename) - 1] != '\n') - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Badly formed tablename `%s'\n", tablename); tablename[strlen(tablename) - 1] = '\0'; @@ -69,7 +69,7 @@ static int do_output(const char *tablename) h = ip6tc_init(tablename); if (!h) - exit_error(OTHER_PROBLEM, "Can't initialize: %s\n", + xtables_error(OTHER_PROBLEM, "Cannot initialize: %s\n", ip6tc_strerror(errno)); if (!show_binary) { @@ -115,7 +115,7 @@ static int do_output(const char *tablename) printf("# Completed on %s", ctime(&now)); } else { /* Binary, huh? OK. */ - exit_error(OTHER_PROBLEM, "Binary NYI\n"); + xtables_error(OTHER_PROBLEM, "Binary NYI\n"); } ip6tc_free(h); diff --git a/ip6tables.c b/ip6tables.c index 7847ebc..87663ef 100644 --- a/ip6tables.c +++ b/ip6tables.c @@ -361,7 +361,7 @@ generic_opt_check(int command, int options) if (!(options & (1<<i))) { if (commands_v_options[j][i] == '+') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You need to supply the `-%c' " "option for this command\n", optflags[i]); @@ -373,7 +373,7 @@ generic_opt_check(int command, int options) } } if (legal == -1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Illegal option `-%c' with this command\n", optflags[i]); } @@ -402,9 +402,9 @@ add_command(unsigned int *cmd, const int newcmd, const int othercmds, int invert) { if (invert) - exit_error(PARAMETER_PROBLEM, "unexpected ! flag"); + xtables_error(PARAMETER_PROBLEM, "unexpected '!' flag"); if (*cmd & (~othercmds)) - exit_error(PARAMETER_PROBLEM, "Can't use -%c with -%c\n", + xtables_error(PARAMETER_PROBLEM, "Cannot use -%c with -%c\n", cmd2char(newcmd), cmd2char(*cmd & (~othercmds))); *cmd |= newcmd; } @@ -452,7 +452,7 @@ parse_rulenumber(const char *rule) unsigned int rulenum; if (!xtables_strtoui(rule, NULL, &rulenum, 1, INT_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid rule number `%s'", rule); return rulenum; @@ -464,17 +464,17 @@ parse_target(const char *targetname) const char *ptr; if (strlen(targetname) < 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid target name (too short)"); if (strlen(targetname)+1 > sizeof(ip6t_chainlabel)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid target name `%s' (%u chars max)", targetname, (unsigned int)sizeof(ip6t_chainlabel)-1); for (ptr = targetname; *ptr; ptr++) if (isspace(*ptr)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid target name `%s'", targetname); return targetname; } @@ -484,7 +484,7 @@ set_option(unsigned int *options, unsigned int option, u_int8_t *invflg, int invert) { if (*options & option) - exit_error(PARAMETER_PROBLEM, "multiple -%c flags not allowed", + xtables_error(PARAMETER_PROBLEM, "multiple -%c flags not allowed", opt2char(option)); *options |= option; @@ -493,7 +493,7 @@ set_option(unsigned int *options, unsigned int option, u_int8_t *invflg, for (i = 0; 1 << i != option; i++); if (!inverse_for_options[i]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "cannot have ! before -%c", opt2char(option)); *invflg |= inverse_for_options[i]; @@ -1362,7 +1362,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand && argv[optind][0] != '!') rulenum = parse_rulenumber(argv[optind++]); else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires a rule number", cmd2char(CMD_REPLACE)); break; @@ -1421,11 +1421,11 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand case 'N': if (optarg && (*optarg == '-' || *optarg == '!')) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "chain name not allowed to start " "with `%c'\n", *optarg); if (xtables_find_target(optarg, XTF_TRY_LOAD)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "chain name may not clash " "with target name\n"); add_command(&command, CMD_NEW_CHAIN, CMD_NONE, @@ -1450,7 +1450,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand && argv[optind][0] != '!') newname = argv[optind++]; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires old-chain-name and " "new-chain-name", cmd2char(CMD_RENAME_CHAIN)); @@ -1464,7 +1464,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand && argv[optind][0] != '!') policy = argv[optind++]; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires a chain and a policy", cmd2char(CMD_SET_POLICY)); break; @@ -1498,7 +1498,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand if (fw.ipv6.proto == 0 && (fw.ipv6.invflags & IP6T_INV_PROTO)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rule would never match protocol"); if (is_exthdr(fw.ipv6.proto) @@ -1556,7 +1556,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand target->extra_opts, &target->option_offset); if (opts == NULL) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } break; @@ -1591,7 +1591,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand size_t size; if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unexpected ! flag before --match"); m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, @@ -1617,7 +1617,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand case 't': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unexpected ! flag before --table"); *table = optarg; break; @@ -1656,18 +1656,18 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand && argv[optind][0] != '!') bcnt = argv[optind++]; if (!bcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires packet and byte counter", opt2char(OPT_COUNTERS)); if (sscanf(pcnt, "%llu", &cnt) != 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c packet counter not numeric", opt2char(OPT_COUNTERS)); fw.counters.pcnt = cnt; if (sscanf(bcnt, "%llu", &cnt) != 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c byte counter not numeric", opt2char(OPT_COUNTERS)); fw.counters.bcnt = cnt; @@ -1676,7 +1676,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand case 1: /* non option */ if (optarg[0] == '!' && optarg[1] == '\0') { if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple consecutive ! not" " allowed"); invert = TRUE; @@ -1763,21 +1763,21 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand if (!m) { if (c == '?') { if (optopt) { - exit_error( + xtables_error( PARAMETER_PROBLEM, "option `%s' " "requires an " "argument", argv[optind-1]); } else { - exit_error( + xtables_error( PARAMETER_PROBLEM, "unknown option " "`%s'", argv[optind-1]); } } - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown arg `%s'", optarg); } } @@ -1795,12 +1795,12 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand /* Fix me: must put inverse options checking here --MN */ if (optind < argc) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unknown arguments found on commandline"); if (!command) - exit_error(PARAMETER_PROBLEM, "no command specified"); + xtables_error(PARAMETER_PROBLEM, "no command specified"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "nothing appropriate following !"); if (command & (CMD_REPLACE | CMD_INSERT | CMD_DELETE | CMD_APPEND)) { @@ -1820,17 +1820,17 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand if ((nsaddrs > 1 || ndaddrs > 1) && (fw.ipv6.invflags & (IP6T_INV_SRCIP | IP6T_INV_DSTIP))) - exit_error(PARAMETER_PROBLEM, "! not allowed with multiple" + xtables_error(PARAMETER_PROBLEM, "! not allowed with multiple" " source or destination IP addresses"); if (command == CMD_REPLACE && (nsaddrs != 1 || ndaddrs != 1)) - exit_error(PARAMETER_PROBLEM, "Replacement rule does not " + xtables_error(PARAMETER_PROBLEM, "Replacement rule does not " "specify a unique address"); generic_opt_check(command, options); if (chain && strlen(chain) > IP6T_FUNCTION_MAXNAMELEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "chain name `%s' too long (must be under %i chars)", chain, IP6T_FUNCTION_MAXNAMELEN); @@ -1843,7 +1843,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand *handle = ip6tc_init(*table); if (!*handle) - exit_error(VERSION_PROBLEM, + xtables_error(VERSION_PROBLEM, "can't initialize ip6tables table `%s': %s", *table, ip6tc_strerror(errno)); @@ -1855,7 +1855,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand || strcmp(chain, "INPUT") == 0) { /* -o not valid with incoming packets. */ if (options & OPT_VIANAMEOUT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't use -%c with %s\n", opt2char(OPT_VIANAMEOUT), chain); @@ -1865,7 +1865,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand || strcmp(chain, "OUTPUT") == 0) { /* -i not valid with outgoing packets */ if (options & OPT_VIANAMEIN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't use -%c with %s\n", opt2char(OPT_VIANAMEIN), chain); @@ -1908,7 +1908,7 @@ int do_command6(int argc, char *argv[], char **table, struct ip6tc_handle **hand * chain. */ #ifdef IP6T_F_GOTO if (fw.ipv6.flags & IP6T_F_GOTO) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "goto '%s' is not a chain\n", jumpto); #endif xtables_find_target(jumpto, XTF_LOAD_MUST_SUCCEED); diff --git a/iptables-restore.c b/iptables-restore.c index c8eb2e3..f1c5e3e 100644 --- a/iptables-restore.c +++ b/iptables-restore.c @@ -71,7 +71,7 @@ static struct iptc_handle *create_handle(const char *tablename) } if (!handle) { - exit_error(PARAMETER_PROBLEM, "%s: unable to initialize " + xtables_error(PARAMETER_PROBLEM, "%s: unable to initialize " "table '%s'\n", prog_name, tablename); exit(1); } @@ -217,7 +217,7 @@ main(int argc, char *argv[]) table = strtok(buffer+1, " \t\n"); DEBUGP("line %u, table '%s'\n", line, table); if (!table) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u table name invalid\n", prog_name, line); exit(1); @@ -253,7 +253,7 @@ main(int argc, char *argv[]) chain = strtok(buffer+1, " \t\n"); DEBUGP("line %u, chain '%s'\n", line, chain); if (!chain) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u chain name invalid\n", prog_name, line); exit(1); @@ -263,14 +263,14 @@ main(int argc, char *argv[]) if (noflush && iptc_is_chain(chain, handle)) { DEBUGP("Flushing existing user defined chain '%s'\n", chain); if (!iptc_flush_entries(chain, handle)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "error flushing chain " "'%s':%s\n", chain, strerror(errno)); } else { DEBUGP("Creating new chain '%s'\n", chain); if (!iptc_create_chain(chain, handle)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "error creating chain " "'%s':%s\n", chain, strerror(errno)); @@ -280,7 +280,7 @@ main(int argc, char *argv[]) policy = strtok(NULL, " \t\n"); DEBUGP("line %u, policy '%s'\n", line, policy); if (!policy) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u policy invalid\n", prog_name, line); exit(1); @@ -294,7 +294,7 @@ main(int argc, char *argv[]) ctrs = strtok(NULL, " \t\n"); if (!ctrs || !parse_counters(ctrs, &count)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "invalid policy counters " "for chain '%s'\n", chain); @@ -308,7 +308,7 @@ main(int argc, char *argv[]) if (!iptc_set_policy(chain, policy, &count, handle)) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Can't set policy `%s'" " on `%s' line %u: %s\n", chain, policy, line, @@ -336,19 +336,19 @@ main(int argc, char *argv[]) /* we have counters in our input */ ptr = strchr(buffer, ']'); if (!ptr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need ]\n", line); pcnt = strtok(buffer+1, ":"); if (!pcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need :\n", line); bcnt = strtok(NULL, "]"); if (!bcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need ]\n", line); @@ -415,7 +415,7 @@ main(int argc, char *argv[]) /* check if table name specified */ if (!strncmp(param_buffer, "-t", 2) || !strncmp(param_buffer, "--table", 8)) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Line %u seems to have a " "-t table option.\n", line); exit(1); @@ -428,7 +428,7 @@ main(int argc, char *argv[]) param_buffer[param_len++] = *curchar; if (param_len >= sizeof(param_buffer)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Parameter too long!"); } } diff --git a/iptables-save.c b/iptables-save.c index e273435..55cfe6a 100644 --- a/iptables-save.c +++ b/iptables-save.c @@ -40,13 +40,13 @@ static int for_each_table(int (*func)(const char *tablename)) procfile = fopen("/proc/net/ip_tables_names", "r"); if (!procfile) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Unable to open /proc/net/ip_tables_names: %s\n", strerror(errno)); while (fgets(tablename, sizeof(tablename), procfile)) { if (tablename[strlen(tablename) - 1] != '\n') - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "Badly formed tablename `%s'\n", tablename); tablename[strlen(tablename) - 1] = '\0'; @@ -67,7 +67,7 @@ static int do_output(const char *tablename) h = iptc_init(tablename); if (!h) - exit_error(OTHER_PROBLEM, "Can't initialize: %s\n", + xtables_error(OTHER_PROBLEM, "Cannot initialize: %s\n", iptc_strerror(errno)); if (!show_binary) { @@ -113,7 +113,7 @@ static int do_output(const char *tablename) printf("# Completed on %s", ctime(&now)); } else { /* Binary, huh? OK. */ - exit_error(OTHER_PROBLEM, "Binary NYI\n"); + xtables_error(OTHER_PROBLEM, "Binary NYI\n"); } iptc_free(h); diff --git a/iptables-xml.c b/iptables-xml.c index f1837ed..543715b 100644 --- a/iptables-xml.c +++ b/iptables-xml.c @@ -296,7 +296,7 @@ static void saveChain(char *chain, char *policy, struct ipt_counters *ctr) { if (nextChain >= maxChains) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u chain name invalid\n", prog_name, line); exit(1); @@ -697,7 +697,7 @@ main(int argc, char *argv[]) table = strtok(buffer + 1, " \t\n"); DEBUGP("line %u, table '%s'\n", line, table); if (!table) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u table name invalid\n", prog_name, line); exit(1); @@ -714,7 +714,7 @@ main(int argc, char *argv[]) chain = strtok(buffer + 1, " \t\n"); DEBUGP("line %u, chain '%s'\n", line, chain); if (!chain) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u chain name invalid\n", prog_name, line); exit(1); @@ -725,7 +725,7 @@ main(int argc, char *argv[]) policy = strtok(NULL, " \t\n"); DEBUGP("line %u, policy '%s'\n", line, policy); if (!policy) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "%s: line %u policy invalid\n", prog_name, line); exit(1); @@ -755,19 +755,19 @@ main(int argc, char *argv[]) /* we have counters in our input */ ptr = strchr(buffer, ']'); if (!ptr) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need ]\n", line); pcnt = strtok(buffer + 1, ":"); if (!pcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need :\n", line); bcnt = strtok(NULL, "]"); if (!bcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Bad line %u: need ]\n", line); @@ -827,7 +827,7 @@ main(int argc, char *argv[]) if (!strncmp(param_buffer, "-t", 3) || !strncmp(param_buffer, "--table", 8)) { - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Line %u seems to have a " "-t table option.\n", line); diff --git a/iptables.c b/iptables.c index 8448c18..bd177c7 100644 --- a/iptables.c +++ b/iptables.c @@ -375,7 +375,7 @@ generic_opt_check(int command, int options) if (!(options & (1<<i))) { if (commands_v_options[j][i] == '+') - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "You need to supply the `-%c' " "option for this command\n", optflags[i]); @@ -387,7 +387,7 @@ generic_opt_check(int command, int options) } } if (legal == -1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Illegal option `-%c' with this command\n", optflags[i]); } @@ -416,9 +416,9 @@ add_command(unsigned int *cmd, const int newcmd, const int othercmds, int invert) { if (invert) - exit_error(PARAMETER_PROBLEM, "unexpected ! flag"); + xtables_error(PARAMETER_PROBLEM, "unexpected ! flag"); if (*cmd & (~othercmds)) - exit_error(PARAMETER_PROBLEM, "Can't use -%c with -%c\n", + xtables_error(PARAMETER_PROBLEM, "Cannot use -%c with -%c\n", cmd2char(newcmd), cmd2char(*cmd & (~othercmds))); *cmd |= newcmd; } @@ -457,7 +457,7 @@ parse_rulenumber(const char *rule) unsigned int rulenum; if (!xtables_strtoui(rule, NULL, &rulenum, 1, INT_MAX)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid rule number `%s'", rule); return rulenum; @@ -469,17 +469,17 @@ parse_target(const char *targetname) const char *ptr; if (strlen(targetname) < 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid target name (too short)"); if (strlen(targetname)+1 > sizeof(ipt_chainlabel)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid target name `%s' (%u chars max)", targetname, (unsigned int)sizeof(ipt_chainlabel)-1); for (ptr = targetname; *ptr; ptr++) if (isspace(*ptr)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid target name `%s'", targetname); return targetname; } @@ -489,7 +489,7 @@ set_option(unsigned int *options, unsigned int option, u_int8_t *invflg, int invert) { if (*options & option) - exit_error(PARAMETER_PROBLEM, "multiple -%c flags not allowed", + xtables_error(PARAMETER_PROBLEM, "multiple -%c flags not allowed", opt2char(option)); *options |= option; @@ -498,7 +498,7 @@ set_option(unsigned int *options, unsigned int option, u_int8_t *invflg, for (i = 0; 1 << i != option; i++); if (!inverse_for_options[i]) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "cannot have ! before -%c", opt2char(option)); *invflg |= inverse_for_options[i]; @@ -1385,7 +1385,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle && argv[optind][0] != '!') rulenum = parse_rulenumber(argv[optind++]); else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires a rule number", cmd2char(CMD_REPLACE)); break; @@ -1444,11 +1444,11 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle case 'N': if (optarg && (*optarg == '-' || *optarg == '!')) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "chain name not allowed to start " "with `%c'\n", *optarg); if (xtables_find_target(optarg, XTF_TRY_LOAD)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "chain name may not clash " "with target name\n"); add_command(&command, CMD_NEW_CHAIN, CMD_NONE, @@ -1473,7 +1473,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle && argv[optind][0] != '!') newname = argv[optind++]; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires old-chain-name and " "new-chain-name", cmd2char(CMD_RENAME_CHAIN)); @@ -1487,7 +1487,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle && argv[optind][0] != '!') policy = argv[optind++]; else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires a chain and a policy", cmd2char(CMD_SET_POLICY)); break; @@ -1520,7 +1520,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle if (fw.ip.proto == 0 && (fw.ip.invflags & IPT_INV_PROTO)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "rule would never match protocol"); break; @@ -1571,7 +1571,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle target->extra_opts, &target->option_offset); if (opts == NULL) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } break; @@ -1612,7 +1612,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle size_t size; if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unexpected ! flag before --match"); m = xtables_find_match(optarg, XTF_LOAD_MUST_SUCCEED, @@ -1631,7 +1631,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle m->extra_opts, &m->option_offset); if (opts == NULL) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "can't alloc memory!"); } } @@ -1644,7 +1644,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle case 't': if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unexpected ! flag before --table"); *table = optarg; break; @@ -1683,18 +1683,18 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle && argv[optind][0] != '!') bcnt = argv[optind++]; if (!bcnt) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c requires packet and byte counter", opt2char(OPT_COUNTERS)); if (sscanf(pcnt, "%llu", &cnt) != 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c packet counter not numeric", opt2char(OPT_COUNTERS)); fw.counters.pcnt = cnt; if (sscanf(bcnt, "%llu", &cnt) != 1) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "-%c byte counter not numeric", opt2char(OPT_COUNTERS)); fw.counters.bcnt = cnt; @@ -1704,7 +1704,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle case 1: /* non option */ if (optarg[0] == '!' && optarg[1] == '\0') { if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "multiple consecutive ! not" " allowed"); invert = TRUE; @@ -1785,7 +1785,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle m->extra_opts, &m->option_offset); if (opts == NULL) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "can't alloc memory!"); optind--; @@ -1794,21 +1794,21 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle if (!m) { if (c == '?') { if (optopt) { - exit_error( + xtables_error( PARAMETER_PROBLEM, "option `%s' " "requires an " "argument", argv[optind-1]); } else { - exit_error( + xtables_error( PARAMETER_PROBLEM, "unknown option " "`%s'", argv[optind-1]); } } - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Unknown arg `%s'", optarg); } } @@ -1834,12 +1834,12 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle /* Fix me: must put inverse options checking here --MN */ if (optind < argc) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "unknown arguments found on commandline"); if (!command) - exit_error(PARAMETER_PROBLEM, "no command specified"); + xtables_error(PARAMETER_PROBLEM, "no command specified"); if (invert) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "nothing appropriate following !"); if (command & (CMD_REPLACE | CMD_INSERT | CMD_DELETE | CMD_APPEND)) { @@ -1859,17 +1859,17 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle if ((nsaddrs > 1 || ndaddrs > 1) && (fw.ip.invflags & (IPT_INV_SRCIP | IPT_INV_DSTIP))) - exit_error(PARAMETER_PROBLEM, "! not allowed with multiple" + xtables_error(PARAMETER_PROBLEM, "! not allowed with multiple" " source or destination IP addresses"); if (command == CMD_REPLACE && (nsaddrs != 1 || ndaddrs != 1)) - exit_error(PARAMETER_PROBLEM, "Replacement rule does not " + xtables_error(PARAMETER_PROBLEM, "Replacement rule does not " "specify a unique address"); generic_opt_check(command, options); if (chain && strlen(chain) > IPT_FUNCTION_MAXNAMELEN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "chain name `%s' too long (must be under %i chars)", chain, IPT_FUNCTION_MAXNAMELEN); @@ -1882,7 +1882,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle *handle = iptc_init(*table); if (!*handle) - exit_error(VERSION_PROBLEM, + xtables_error(VERSION_PROBLEM, "can't initialize iptables table `%s': %s", *table, iptc_strerror(errno)); @@ -1894,7 +1894,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle || strcmp(chain, "INPUT") == 0) { /* -o not valid with incoming packets. */ if (options & OPT_VIANAMEOUT) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't use -%c with %s\n", opt2char(OPT_VIANAMEOUT), chain); @@ -1904,7 +1904,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle || strcmp(chain, "OUTPUT") == 0) { /* -i not valid with outgoing packets */ if (options & OPT_VIANAMEIN) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't use -%c with %s\n", opt2char(OPT_VIANAMEIN), chain); @@ -1950,7 +1950,7 @@ int do_command(int argc, char *argv[], char **table, struct iptc_handle **handle * chain. */ #ifdef IPT_F_GOTO if (fw.ip.flags & IPT_F_GOTO) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "goto '%s' is not a chain\n", jumpto); #endif xtables_find_target(jumpto, XTF_LOAD_MUST_SUCCEED); -- 1.6.1.3 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html