Print a line explaining what was wrong before the general help text.
Also catch multiple family selectors, they overwrite each other and
hence could cause unexpected behaviour.
Signed-off-by: Phil Sutter <phil@xxxxxx>
---
iptables/xtables-monitor.c | 15 +++++++++++++--
1 file changed, 13 insertions(+), 2 deletions(-)
diff --git a/iptables/xtables-monitor.c b/iptables/xtables-monitor.c
index eb80bac81c645..02e8e446b1c8c 100644
--- a/iptables/xtables-monitor.c
+++ b/iptables/xtables-monitor.c
@@ -588,6 +588,16 @@ static void print_usage(void)
exit(EXIT_FAILURE);
}
+static void set_nfproto(struct cb_arg *arg, uint32_t val)
+{
+ if (arg->nfproto != NFPROTO_UNSPEC && arg->nfproto != val) {
+ fprintf(stderr, "Only one of '-4' or '-6' may be specified at once.\n\n");
+ print_usage();
+ exit(PARAMETER_PROBLEM);
+ }
+ arg->nfproto = val;
+}
+
int xtables_monitor_main(int argc, char *argv[])
{
struct mnl_socket *nl;
@@ -626,10 +636,10 @@ int xtables_monitor_main(int argc, char *argv[])
print_usage();
exit(0);
case '4':
- cb_arg.nfproto = NFPROTO_IPV4;
+ set_nfproto(&cb_arg, NFPROTO_IPV4);
break;
case '6':
- cb_arg.nfproto = NFPROTO_IPV6;
+ set_nfproto(&cb_arg, NFPROTO_IPV6);
break;
case 'V':
printf("xtables-monitor %s\n", PACKAGE_VERSION);
@@ -647,6 +657,7 @@ int xtables_monitor_main(int argc, char *argv[])
nfgroup |= 1 << (NFNLGRP_NFTABLES - 1);
if (nfgroup == 0) {
+ fprintf(stderr, "Missing mandatory argument, specify either '-t' or '-e' (or both).\n\n");
print_usage();
exit(EXIT_FAILURE);
}
--
2.22.0
