search for: xtables_error

...led-delay you are using (other than inf) ends up with a rule at 0 ms. This is due to the checked value never assigned to the structure in https://git.netfilter.org/iptables/tree/extensions/libxt_LED.c#n63 else if (!xtables_strtoui(cb->arg, NULL, &delay, 0, UINT32_MAX)) xtables_error(PARAMETER_PROBLEM, "Delay value must be within range 0..%u", UINT32_MAX); led->delay is never assigned with the value given by the user I changed it to else if (!xtables_strtoui(cb->arg, NULL, &led->delay, 0, UINT32_MAX))...

https://bugzilla.netfilter.org/show_bug.cgi?id=863 Summary: Implied regression in errors Product: iptables Version: 1.4.x Platform: arm OS/Version: other Status: NEW Severity: trivial Priority: P5 Component: iptables AssignedTo: netfilter-buglog at lists.netfilter.org ReportedBy:

...bug is in iptables-restore.c line 369 if (noflush && ops->is_chain(chain, handle)) { DEBUGP("Flushing existing user defined chain '%s'\n", chain); if (!ops->flush_entries(chain, handle)) xtables_error(PARAMETER_PROBLEM, "error flushing chain " "'%s':%s\n", chain, strerror(errno)); where it should be if(!noflush %% ops->... -- You are receiving this mail because: You are...

...array. This pointer gets overwritten only when -t/--table option gets passed to do_command4() and we specifically check for this corner case: > iptables/iptables-restore.c:157 > if (!strncmp(param_buffer, "-t", 2) > || !strncmp(param_buffer, "--table", 8)) { > xtables_error(PARAMETER_PROBLEM, > "The -t option (seen in line %u) cannot be " > "used in iptables-restore.\n", line); > exit(1); > } Unfortunately, do_command4() uses getopt_long() to parse its arguments. This function is quite smart and provides some ways to bypass the chec...

...EW Severity: normal Priority: P1 Component: iptables AssignedTo: laforge at netfilter.org ReportedBy: rbarnhardt at bluecatnetworks.com In do_command(), if iptc_init() fails, it's expected that errno will be set to a useful value that is printed by xtables_error(). However, when iptc_init() fails for the first time, an attempt is made to load the ip_tables module via xtables_load_ko(), which in turn calls xtables_insmod(), which calls get_modprobe() to get the path of the binary from the proc filesystem (if it wasn't explicitly specified with --modpro...