In going to fix NF bug #611, "argv" would be needed in xtables_check_inverse to set "optarg" to the right spot in case of an intrapositional negation. Adding argv to the parameter list would cause an API change, which I would like to avoid because it is planned to be thrown out anyway. So deactive intrapositional support now already, but leave the error message (which has already been there for two releases). Slightly adjust it, because some users have been wondering whether iptables or they are at "fault". References: http://bugzilla.netfilter.org/show_bug.cgi?id=611 Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxx> --- xtables.c | 19 ++++--------------- 1 files changed, 4 insertions(+), 15 deletions(-) diff --git a/xtables.c b/xtables.c index 35a87e8..aaca09b 100644 --- a/xtables.c +++ b/xtables.c @@ -1648,21 +1648,10 @@ int xtables_check_inverse(const char option[], int *invert, if (option == NULL || strcmp(option, "!") != 0) return false; - fprintf(stderr, "Using intrapositioned negation " - "(`--option ! this`) is deprecated in favor of " - "extrapositioned (`! --option this`).\n"); - - if (*invert) - xt_params->exit_err(PARAMETER_PROBLEM, - "Multiple `!' flags not allowed"); - *invert = true; - if (my_optind != NULL) { - ++*my_optind; - if (argc && *my_optind > argc) - xt_params->exit_err(PARAMETER_PROBLEM, - "no argument following `!'"); - } - + xtables_error(PARAMETER_PROBLEM, "Using intrapositioned negation " + "(`--option ! this`) is disabled in favor of " + "extrapositioned (`! --option this`).\n" + "(= Please fix your ruleset.)\n"); return true; } -- 1.6.5.1 -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
