Failure to load an extension leads to iptables cmdline parser complaining about any extension options instead of the extension itself. This is at least misleading. This series eliminates the odd error message and instead adds a warning if a requested extension is not available at all in kernel. Things are a bit complicated due to the fact that newer kernels not necessarily support revision 0 of all extensions. So change iptables first to only register revision 0 if no higher one was accepted earlier. This allows for a "not even revision 0 is supported" logic. Phil Sutter (2): libxtables: Register only the highest revision extension Improve error messages for unsupported extensions iptables/nft.c | 12 +++++++++--- libxtables/xtables.c | 17 ++++++++++++++--- 2 files changed, 23 insertions(+), 6 deletions(-) -- 2.34.1
