|
 |
b30164 |
From 4dceb905dfda4a34dfcb0ad3d010d77acd43981d Mon Sep 17 00:00:00 2001
|
|
|
b30164 |
From: Phil Sutter <psutter@redhat.com>
|
|
|
b30164 |
Date: Tue, 19 May 2020 11:15:30 +0200
|
|
|
b30164 |
Subject: [RHEL7.9 net 2/2] nfnl_osf: Improve error handling
|
|
|
b30164 |
|
|
|
b30164 |
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1829820
|
|
|
b30164 |
Upstream Status: iptables commit 3e09bd1888575
|
|
|
b30164 |
|
|
|
b30164 |
commit 3e09bd1888575cfec136574d2b0e810ba33f1cfb
|
|
|
b30164 |
Author: Phil Sutter <phil@nwl.cc>
|
|
|
b30164 |
Date: Sat May 9 13:42:56 2020 +0200
|
|
|
b30164 |
|
|
|
b30164 |
nfnl_osf: Improve error handling
|
|
|
b30164 |
|
|
|
b30164 |
For some error cases, no log message was created - hence apart from the
|
|
|
b30164 |
return code there was no indication of failing execution.
|
|
|
b30164 |
|
|
|
b30164 |
If a line load fails, don't abort but continue with the remaining
|
|
|
b30164 |
file contents. The current pf.os file in this repository serves as
|
|
|
b30164 |
proof-of-concept:
|
|
|
b30164 |
|
|
|
b30164 |
Lines 700 and 701: Duplicates of lines 698 and 699 because 'W*' and 'W0'
|
|
|
b30164 |
parse into the same data.
|
|
|
b30164 |
|
|
|
b30164 |
Line 704: Duplicate of line 702 because apart from 'W*' and 'W0', only
|
|
|
b30164 |
the first three fields on right-hand side are sent to the kernel.
|
|
|
b30164 |
|
|
|
b30164 |
When loading, these dups are ignored (they would bounce if NLM_F_EXCL
|
|
|
b30164 |
was given). Upon deletion, they cause ENOENT response from kernel. In
|
|
|
b30164 |
order to align duplicate-tolerance in both modes, just ignore that
|
|
|
b30164 |
ENOENT.
|
|
|
b30164 |
|
|
|
b30164 |
Signed-off-by: Phil Sutter <phil@nwl.cc>
|
|
|
b30164 |
|
|
|
b30164 |
Signed-off-by: Phil Sutter <psutter@redhat.com>
|
|
|
b30164 |
---
|
|
|
b30164 |
utils/nfnl_osf.c | 15 ++++++++++-----
|
|
|
b30164 |
1 file changed, 10 insertions(+), 5 deletions(-)
|
|
|
b30164 |
|
|
|
b30164 |
diff --git a/utils/nfnl_osf.c b/utils/nfnl_osf.c
|
|
|
b30164 |
index d726e0a6f1cf9..73fb29e7099b6 100644
|
|
|
b30164 |
--- a/utils/nfnl_osf.c
|
|
|
b30164 |
+++ b/utils/nfnl_osf.c
|
|
|
b30164 |
@@ -389,7 +389,7 @@ static int osf_load_line(char *buffer, int len, int del)
|
|
|
b30164 |
static int osf_load_entries(char *path, int del)
|
|
|
b30164 |
{
|
|
|
b30164 |
FILE *inf;
|
|
|
b30164 |
- int err = 0;
|
|
|
b30164 |
+ int err = 0, lineno = 0;
|
|
|
b30164 |
char buf[1024];
|
|
|
b30164 |
|
|
|
b30164 |
inf = fopen(path, "r");
|
|
|
b30164 |
@@ -399,7 +399,9 @@ static int osf_load_entries(char *path, int del)
|
|
|
b30164 |
}
|
|
|
b30164 |
|
|
|
b30164 |
while(fgets(buf, sizeof(buf), inf)) {
|
|
|
b30164 |
- int len;
|
|
|
b30164 |
+ int len, rc;
|
|
|
b30164 |
+
|
|
|
b30164 |
+ lineno++;
|
|
|
b30164 |
|
|
|
b30164 |
if (buf[0] == '#' || buf[0] == '\n' || buf[0] == '\r')
|
|
|
b30164 |
continue;
|
|
|
b30164 |
@@ -411,9 +413,11 @@ static int osf_load_entries(char *path, int del)
|
|
|
b30164 |
|
|
|
b30164 |
buf[len] = '\0';
|
|
|
b30164 |
|
|
|
b30164 |
- err = osf_load_line(buf, len, del);
|
|
|
b30164 |
- if (err)
|
|
|
b30164 |
- break;
|
|
|
b30164 |
+ rc = osf_load_line(buf, len, del);
|
|
|
b30164 |
+ if (rc && (!del || errno != ENOENT)) {
|
|
|
b30164 |
+ ulog_err("Failed to load line %d", lineno);
|
|
|
b30164 |
+ err = rc;
|
|
|
b30164 |
+ }
|
|
|
b30164 |
|
|
|
b30164 |
memset(buf, 0, sizeof(buf));
|
|
|
b30164 |
}
|
|
|
b30164 |
@@ -445,6 +449,7 @@ int main(int argc, char *argv[])
|
|
|
b30164 |
|
|
|
b30164 |
if (!fingerprints) {
|
|
|
b30164 |
err = -ENOENT;
|
|
|
b30164 |
+ ulog("Missing fingerprints file argument.\n");
|
|
|
b30164 |
goto err_out_exit;
|
|
|
b30164 |
}
|
|
|
b30164 |
|
|
|
b30164 |
--
|
|
|
b30164 |
2.26.2
|
|
|
b30164 |
|