iptables: Support matches rule list loading

diff --git a/src/iptables.c b/src/iptables.c
index 3d8c5b9..e1370c4 100644 (file)
--- a/src/iptables.c
+++ b/src/iptables.c
@@ -1317,7 +1317,7 @@ static struct xtables_target *prepare_target(struct connman_iptables *table,
 }
 
 static struct xtables_match *prepare_matches(struct connman_iptables *table,
-                                                       char *match_name)
+                       struct xtables_rule_match **xt_rm, char *match_name)
 {
        struct xtables_match *xt_m;
        size_t match_size;
@@ -1325,7 +1325,7 @@ static struct xtables_match *prepare_matches(struct connman_iptables *table,
        if (match_name == NULL)
                return NULL;
 
-       xt_m = xtables_find_match(match_name, XTF_LOAD_MUST_SUCCEED, NULL);
+       xt_m = xtables_find_match(match_name, XTF_LOAD_MUST_SUCCEED, xt_rm);
        match_size = ALIGN(sizeof(struct ipt_entry_match)) + xt_m->size;
 
        xt_m->m = g_try_malloc0(match_size);
@@ -1361,6 +1361,7 @@ static struct xtables_match *prepare_matches(struct connman_iptables *table,
 static int iptables_command(int argc, char *argv[])
 {
        struct connman_iptables *table;
+       struct xtables_rule_match *xt_rm;
        struct xtables_match *xt_m;
        struct xtables_target *xt_t;
        struct ipt_ip ip;
@@ -1381,6 +1382,7 @@ static int iptables_command(int argc, char *argv[])
        flush_chain = delete_chain = NULL;
        memset(&ip, 0, sizeof(struct ipt_ip));
        table = NULL;
+       xt_rm = NULL;
        xt_m = NULL;
        xt_t = NULL;
        ret = 0;
@@ -1575,7 +1577,7 @@ static int iptables_command(int argc, char *argv[])
                        goto out;
 
                if (match_name != NULL) {
-                       xt_m = prepare_matches(table, match_name);
+                       xt_m = prepare_matches(table, &xt_rm, match_name);
                        if (xt_m == NULL)
                                goto out;
                }