iptables/SOURCES/0002-xtables-translate-don-...

From eaad1950f1952733c2770b29b593613cfe9af8a8 Mon Sep 17 00:00:00 2001
From: Arturo Borrero Gonzalez <arturo@netfilter.org>
Date: Tue, 16 Jun 2020 11:20:42 +0200
Subject: [PATCH] xtables-translate: don't fail if help was requested

If the user called `iptables-translate -h` then we have CMD_NONE and we should gracefully handle
this case in do_command_xlate().

Before this patch, you would see:

 user@debian:~$ sudo iptables-translate -h
 [..]
 nft Unsupported command?
 user@debian:~$ echo $?
 1

After this patch:

 user@debian:~$ sudo iptables-translate -h
 [..]
 user@debian:~$ echo $?
 0

Fixes: d4409d449c10fa ("nft: Don't exit early after printing help texts")
Acked-by: Phil Sutter <phil@nwl.cc>
Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>
(cherry picked from commit 2757c0b5e5fbbf569695469b331453cecefdf069)
---
 iptables/xtables-translate.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 5aa42496b5a48..363c8be15b3fa 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -249,7 +249,7 @@ static int do_command_xlate(struct nft_handle *h, int argc, char *argv[],
 
 	cs.restore = restore;
 
-	if (!restore)
+	if (!restore && p.command != CMD_NONE)
 		printf("nft ");
 
 	switch (p.command) {
@@ -310,6 +310,9 @@ static int do_command_xlate(struct nft_handle *h, int argc, char *argv[],
 		break;
 	case CMD_SET_POLICY:
 		break;
+	case CMD_NONE:
+		ret = 1;
+		break;
 	default:
 		/* We should never reach this... */
 		printf("Unsupported command?\n");
-- 
2.40.0
import iptables-1.8.5-10.el8_9 11 months ago			`From eaad1950f1952733c2770b29b593613cfe9af8a8 Mon Sep 17 00:00:00 2001`
			`From: Arturo Borrero Gonzalez <arturo@netfilter.org>`
			`Date: Tue, 16 Jun 2020 11:20:42 +0200`
			`Subject: [PATCH] xtables-translate: don't fail if help was requested`

			If the user called `iptables-translate -h` then we have CMD_NONE and we should gracefully handle
			`this case in do_command_xlate().`

			`Before this patch, you would see:`

			`user@debian:~$ sudo iptables-translate -h`
			`[..]`
			`nft Unsupported command?`
			`user@debian:~$ echo $?`
			`1`

			`After this patch:`

			`user@debian:~$ sudo iptables-translate -h`
			`[..]`
			`user@debian:~$ echo $?`
			`0`

			`Fixes: d4409d449c10fa ("nft: Don't exit early after printing help texts")`
			`Acked-by: Phil Sutter <phil@nwl.cc>`
			`Signed-off-by: Arturo Borrero Gonzalez <arturo@netfilter.org>`
			`(cherry picked from commit 2757c0b5e5fbbf569695469b331453cecefdf069)`
			`---`
			`iptables/xtables-translate.c \| 5 ++++-`
			`1 file changed, 4 insertions(+), 1 deletion(-)`

			`diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c`
			`index 5aa42496b5a48..363c8be15b3fa 100644`
			`--- a/iptables/xtables-translate.c`
			`+++ b/iptables/xtables-translate.c`
			`@@ -249,7 +249,7 @@ static int do_command_xlate(struct nft_handle h, int argc, char argv[],`

			`cs.restore = restore;`

			`- if (!restore)`
			`+ if (!restore && p.command != CMD_NONE)`
			`printf("nft ");`

			`switch (p.command) {`
			`@@ -310,6 +310,9 @@ static int do_command_xlate(struct nft_handle h, int argc, char argv[],`
			`break;`
			`case CMD_SET_POLICY:`
			`break;`
			`+ case CMD_NONE:`
			`+ ret = 1;`
			`+ break;`
			`default:`
			`/* We should never reach this... */`
			`printf("Unsupported command?\n");`
			`--`
			`2.40.0`