From 8b43e9234c211086041cc82e2810ff3daabbcf12 Mon Sep 17 00:00:00 2001 From: Daniel Wagner Date: Tue, 12 Mar 2013 18:16:40 +0100 Subject: [PATCH] iptables: Drop support for xtables < 1.4.11 The API changed between 1.4.10 (version code 5) and 1.4.11 (version code 6) and we needed to workaround with a bunch of ugly ifdefs. 1.4.11 was released on 26.05.2011 and even Debian testing ships 1.4.14 these days. --- configure.ac | 2 +- src/iptables.c | 71 ---------------------------------------------------------- 2 files changed, 1 insertion(+), 72 deletions(-) diff --git a/configure.ac b/configure.ac index 2be097d..4baeee0 100644 --- a/configure.ac +++ b/configure.ac @@ -258,7 +258,7 @@ if (test -n "${path_systemdunit}"); then fi AM_CONDITIONAL(SYSTEMD, test -n "${path_systemdunit}") -PKG_CHECK_MODULES(XTABLES, xtables, dummy=yes, +PKG_CHECK_MODULES(XTABLES, xtables >= 1.4.11, dummy=yes, AC_MSG_ERROR(Xtables library is required)) AC_SUBST(XTABLES_CFLAGS) AC_SUBST(XTABLES_LIBS) diff --git a/src/iptables.c b/src/iptables.c index 3fa8140..11aad30 100644 --- a/src/iptables.c +++ b/src/iptables.c @@ -1556,7 +1556,6 @@ static struct xtables_target *prepare_target(struct connman_iptables *table, xt_t->init(xt_t->t); } -#if XTABLES_VERSION_CODE > 5 if (xt_t->x6_options != NULL) iptables_globals.opts = xtables_options_xfrm( @@ -1565,12 +1564,9 @@ static struct xtables_target *prepare_target(struct connman_iptables *table, xt_t->x6_options, &xt_t->option_offset); else -#endif iptables_globals.opts = xtables_merge_options( -#if XTABLES_VERSION_CODE > 5 iptables_globals.orig_opts, -#endif iptables_globals.opts, xt_t->extra_opts, &xt_t->option_offset); @@ -1607,7 +1603,6 @@ static struct xtables_match *prepare_matches(struct connman_iptables *table, if (xt_m->init != NULL) xt_m->init(xt_m->m); -#if XTABLES_VERSION_CODE > 5 if (xt_m->x6_options != NULL) iptables_globals.opts = xtables_options_xfrm( @@ -1616,12 +1611,9 @@ static struct xtables_match *prepare_matches(struct connman_iptables *table, xt_m->x6_options, &xt_m->option_offset); else -#endif iptables_globals.opts = xtables_merge_options( -#if XTABLES_VERSION_CODE > 5 iptables_globals.orig_opts, -#endif iptables_globals.opts, xt_m->extra_opts, &xt_m->option_offset); @@ -1721,16 +1713,12 @@ static int prepare_getopt_args(const char *str, struct parse_context *ctx) return 0; } -#if XTABLES_VERSION_CODE > 5 - static int parse_xt_modules(int c, connman_bool_t invert, struct parse_context *ctx) { struct xtables_match *m; struct xtables_rule_match *rm; - DBG("xtables version code > 5"); - for (rm = ctx->xt_rm; rm != NULL; rm = rm->next) { if (rm->completed != 0) continue; @@ -1768,8 +1756,6 @@ static int final_check_xt_modules(struct parse_context *ctx) { struct xtables_rule_match *rm; - DBG("xtables version code > 5"); - for (rm = ctx->xt_rm; rm != NULL; rm = rm->next) xtables_option_mfcall(rm->match); @@ -1779,63 +1765,6 @@ static int final_check_xt_modules(struct parse_context *ctx) return 0; } -#else - -static int parse_xt_modules(int c, connman_bool_t invert, - struct parse_context *ctx) -{ - struct xtables_match *m; - struct xtables_rule_match *rm; - int err; - - DBG("xtables version code <= 5"); - - for (rm = ctx->xt_rm; rm != NULL; rm = rm->next) { - if (rm->completed == 1) - continue; - - m = rm->match; - - if (m->parse == NULL) - continue; - - err = m->parse(c - m->option_offset, - argv, invert, &m->mflags, - NULL, &m->m); - if (err > 0) - return -err; - } - - if (ctx->xt_t == NULL) - return 0; - - if (ctx->xt_t->parse == NULL) - return 0; - - err = ctx->xt_m->parse(c - ctx->xt_m->option_offset, - ctx->argv, invert, &ctx->xt_m->mflags, - NULL, &ctx->xt_m->m); - return -err; -} - -static int final_check_xt_modules(struct parse_context *ctx) -{ - struct xtables_rule_match *rm; - - DBG("xtables version code <= 5"); - - for (rm = ctx->xt_rm; rm != NULL; rm = rm->next) - if (rm->match->final_check != NULL) - rm->match->final_check(rm->match->mflags); - - if (ctx->xt_t != NULL && ctx->xt_t->final_check != NULL) - ctx->xt_t->final_check(ctx->xt_t->tflags); - - return 0; -} - -#endif - static int parse_rule_spec(struct connman_iptables *table, struct parse_context *ctx) { -- 2.7.4