* PolicyCompiler_PrintRule.cpp (_printIpSetMatch): fixed #1705

"iptables (v>=1.4.4) "--set option deprecated ..." (SF bug 3059893) Option "--set" has been deprecated and renamed "--match-set" in iptales 1.4.4
2026-03-23 11:47:24 +01:00 · 2010-09-14 19:57:41 +00:00 · 2010-09-14 19:57:41 +00:00 · 75da3a7bac
commit 75da3a7bac
parent 1eb64086e3
4 changed files with 16 additions and 3 deletions
--- a/2
+++ b/2
@ -1 +1 @@
-#define BUILD_NUM 3247
+#define BUILD_NUM 3248
--- a/doc/ChangeLog
+++ b/doc/ChangeLog
@ -1,5 +1,10 @@
 2010-09-14  Vadim Kurland  <vadim@vk.crocodile.org>

+	* PolicyCompiler_PrintRule.cpp (_printIpSetMatch): fixed #1705
+	"iptables (v>=1.4.4) "--set option deprecated ..."  (SF bug 3059893)
+	Option "--set" has been deprecated and renamed "--match-set" in
+	iptales 1.4.4
+
 	* CompilerDriver_pf.cpp (printPathForAllTools): fixed SF bug
 	3061034 "ifconfig definition missing". Script generated for the
 	ipfw firewall on Mac OS X missed definition of variable IFCONFIG.
--- a/src/gui/platforms.cpp
+++ b/src/gui/platforms.cpp
@ -405,7 +405,8 @@ void getVersionsForPlatform(const QString &platform, std::list<QStringPair> &res
        res.push_back(QStringPair("1.3.0", QObject::tr("1.3.x")));
        res.push_back(QStringPair("1.4.0", QObject::tr("1.4.0 or later")));
        res.push_back(QStringPair("1.4.1.1", QObject::tr("1.4.1.1 or later")));
-        res.push_back(QStringPair("1.4.3", QObject::tr("1.4.3 or later")));
+        res.push_back(QStringPair("1.4.3", QObject::tr("1.4.3")));
+        res.push_back(QStringPair("1.4.4", QObject::tr("1.4.4 or later")));
    } else
    {
        // we list supported versions for the following platforms in
--- a/src/iptlib/PolicyCompiler_PrintRule.cpp
+++ b/src/iptlib/PolicyCompiler_PrintRule.cpp
@ -1197,7 +1197,14 @@ string PolicyCompiler_ipt::PrintRule::_printIpSetMatch(Address *o, RuleElement *
    string suffix = "dst";
    if (RuleElementSrc::isA(rel)) suffix = "src";
    if (RuleElementDst::isA(rel)) suffix = "dst";
-    string set_match = "--set " + set_name + " " + suffix;
+
+    string set_match_option;
+    if (XMLTools::version_compare(version, "1.4.4")>=0)
+        set_match_option = "--match-set";
+    else
+        set_match_option = "--set";
+
+    string set_match = set_match_option + " " + set_name + " " + suffix;
    ostringstream ostr;
    ostr << "-m set " << _printSingleOptionWithNegation("", rel, set_match);
    return ostr.str();