Automatically load modules in iptables-save

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Resubmitting as per
http://marc.info/?l=netfilter-devel&m=123722008913373&w=2

If the iptables modules are not loaded when iptables-save is run,
iptables-save will fail, because it can't open the relevant files in
/proc.  This patch makes iptables-save attempt to load the modules, and
then retries.


Index: iptables-1.4.1.1/iptables-save.c
===================================================================
--- iptables-1.4.1.1.orig/iptables-save.c	2009-03-16 11:19:25.233429856 +0100
+++ iptables-1.4.1.1/iptables-save.c	2009-03-16 12:42:10.200735326 +0100
@@ -28,17 +28,22 @@
 	{.name = "counters", .has_arg = false, .val = 'c'},
 	{.name = "dump",     .has_arg = false, .val = 'd'},
 	{.name = "table",    .has_arg = true,  .val = 't'},
+	{.name = "modprobe", .has_arg = true,  .val = 'M'},
 	{NULL},
 };
 
 /* Debugging prototype. */
-static int for_each_table(int (*func)(const char *tablename))
+static int for_each_table(int (*func)(const char *tablename), const char *modprobe)
 {
 	int ret = 1;
 	FILE *procfile = NULL;
 	char tablename[IPT_TABLE_MAXNAMELEN+1];
 
 	procfile = fopen("/proc/net/ip_tables_names", "r");
+	if (!procfile) {
+		load_xtables_ko(modprobe, 0);
+		procfile = fopen("/proc/net/ip_tables_names", "r");
+	}
 	if (!procfile)
 		exit_error(OTHER_PROBLEM,
 			   "Unable to open /proc/net/ip_tables_names: %s\n",
@@ -57,15 +62,20 @@
 }
 
 
-static int do_output(const char *tablename)
+static int do_output(const char *tablename, const char *modprobe)
 {
 	iptc_handle_t h;
 	const char *chain = NULL;
 
 	if (!tablename)
-		return for_each_table(&do_output);
+		return for_each_table(&do_output, modprobe);
 
 	h = iptc_init(tablename);
+	if (!h) {
+		load_xtables_ko(modprobe, 0);
+		h = iptc_init(tablename);
+	}
+
 	if (!h)
 		exit_error(OTHER_PROBLEM, "Can't initialize: %s\n",
 			   iptc_strerror(errno));
@@ -134,6 +144,7 @@
 #endif
 {
 	const char *tablename = NULL;
+	const char *modprobe = NULL;
 	int c;
 
 	program_name = "iptables-save";
@@ -152,7 +163,7 @@
 	init_extensions();
 #endif
 
-	while ((c = getopt_long(argc, argv, "bcdt:", options, NULL)) != -1) {
+	while ((c = getopt_long(argc, argv, "bcdt:M:", options, NULL)) != -1) {
 		switch (c) {
 		case 'b':
 			show_binary = 1;
@@ -166,8 +177,11 @@
 			/* Select specific table. */
 			tablename = optarg;
 			break;
+		case 'M':
+			modprobe = optarg;
+			break;
 		case 'd':
-			do_output(tablename);
+			do_output(tablename, modprobe);
 			exit(0);
 		}
 	}
@@ -177,5 +191,5 @@
 		exit(1);
 	}
 
-	return !do_output(tablename);
+	return !do_output(tablename, modprobe);
 }


-- 
Soren Hansen                 | 
Lead Virtualisation Engineer | Ubuntu Server Team
Canonical Ltd.               | http://www.ubuntu.com/

Attachment: signature.asc
Description: Digital signature


[Index of Archives]     [Netfitler Users]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux