# nft add chain x y { type filter hook input priority -30\; }
nft: invalid option -- '3'
Fix this by restricting getopt_long() to the first curly brace.
Signed-off-by: Pablo Neira Ayuso <pa...@netfilter.org>
---
src/main.c | 23 +++++++++++++++++++++--
1 file changed, 21 insertions(+), 2 deletions(-)
diff --git a/src/main.c b/src/main.c
index f77d8a820a02..0d4a45b30d20 100644
--- a/src/main.c
+++ b/src/main.c
@@ -192,19 +192,38 @@ static const struct {
},
};
+static int argc_getopt(int argc, char * const *argv)
+{
+ int i;
+
+ /* Restrict getopt_long() parsing to the first curly brace, so users
+ * do not need to invoke nft with an upfront -- to specify chain
+ * priority.
+ */
+ for (i = 0; i < argc; i++) {
+ if (argv[i][0] == '{') {
+ return i;
+ }
+ }
+
+ return argc;
+}
+
int main(int argc, char * const *argv)
{
char *buf = NULL, *filename = NULL;
unsigned int output_flags = 0;
+ int i, val, rc, __argc;
bool interactive = false;
unsigned int debug_mask;
unsigned int len;
- int i, val, rc;
+
+ __argc = argc_getopt(argc, argv);
nft = nft_ctx_new(NFT_CTX_DEFAULT);
while (1) {
- val = getopt_long(argc, argv, OPTSTRING, options, NULL);
+ val = getopt_long(__argc, argv, OPTSTRING, options, NULL);
if (val == -1)
break;
--
2.11.0
