Pablo suggested to print full config file path for connlabel.conf
parsing errors.
Signed-off-by: Florian Westphal <fw@xxxxxxxxx>
---
Pablo,
I could also add the suggested nfct_labels_get_path() to lnf_conntrack
but that means next iptables-release depends on a new library version.
Given this name is set in stone anyway I would prefer this patch instead.
Let me know, thanks.
I will send a separate patch to change nftables location.
diff --git a/extensions/libxt_connlabel.c b/extensions/libxt_connlabel.c
index 7e4ff26..728f6ac 100644
--- a/extensions/libxt_connlabel.c
+++ b/extensions/libxt_connlabel.c
@@ -34,6 +34,8 @@ static const struct xt_option_entry connlabel_mt_opts[] = {
*/
static void connlabel_open(void)
{
+ static const char fname[]="/etc/xtables/connlabel.conf";
+
if (map)
return;
@@ -43,10 +45,10 @@ static void connlabel_open(void)
if (errno) {
xtables_error(RESOURCE_PROBLEM,
- "cannot open connlabel.conf: %s", strerror(errno));
+ "cannot open %s: %s", fname, strerror(errno));
} else {
xtables_error(RESOURCE_PROBLEM,
- "cannot parse label, maybe valid label map is empty");
+ "cannot parse %s: no labels found", fname);
}
}
--
2.7.3
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
