Don't need ipt_entry_target()/ip6t_entry_target() now kernel uses static inline instead of extern inline (otherwise it doesn't compile without -O).
Don't re-initialize libiptc/libip6t unless modprobe attempt actually succeeds. This makes nfsim run about 20 times faster, as it doesn't have to explore failures in the first iptc_init().
diff --git a/ip6tables.c b/ip6tables.c
index ced26a5..aac9531 100644
--- a/ip6tables.c
+++ b/ip6tables.c
@@ -148,14 +148,6 @@
* magic number of -1 */
int line = -1;
-#ifndef __OPTIMIZE__
-struct ip6t_entry_target *
-ip6t_get_target(struct ip6t_entry *e)
-{
- return (void *)e + e->target_offset;
-}
-#endif
-
static struct option *opts = original_opts;
static unsigned int global_option_offset = 0;
@@ -1624,6 +1616,7 @@
{
char *buf = NULL;
char *argv[3];
+ int status;
/* If they don't explicitly set it, read out of kernel */
if (!modprobe) {
@@ -1641,16 +1634,18 @@
execv(argv[0], argv);
/* not usually reached */
- exit(0);
+ exit(1);
case -1:
return -1;
default: /* parent */
- wait(NULL);
+ wait(&status);
}
free(buf);
- return 0;
+ if (WIFEXITED(status) && WEXITSTATUS(status) == 0)
+ return 0;
+ return -1;
}
static struct ip6t_entry *
@@ -2193,11 +2188,9 @@
if (!*handle)
*handle = ip6tc_init(*table);
- if (!*handle) {
- /* try to insmod the module if iptc_init failed */
- ip6tables_insmod("ip6_tables", modprobe);
+ /* try to insmod the module if iptc_init failed */
+ if (!*handle && ip6tables_insmod("ip6_tables", modprobe) != -1)
*handle = ip6tc_init(*table);
- }
if (!*handle)
exit_error(VERSION_PROBLEM,