static int dumpfn(void *arg)
{
int i;
struct args_t *args = arg;
int *pfd = args->pfd;
char *argv[] = { "iptables-save", "-c", NULL };
i = real_env_create(args->veid, VE_ENTER|VE_SKIPLOCK, 2, NULL, 0);
if (i < 0) {
eprintk("cannot enter ve to dump iptables\n");
module_put(THIS_MODULE);
return 255 << 8;
}
if (pfd[1] != 1)
sc_dup2(pfd[1], 1);
for (i=0; i<current->files->fdt->max_fds; i++) {
if (i != 1)
sc_close(i);
}
module_put(THIS_MODULE);
set_fs(KERNEL_DS);
i = sc_execve("/sbin/iptables-save", argv, NULL);
if (i == -ENOENT)
i = sc_execve("/usr/sbin/iptables-save", argv, NULL);
eprintk("failed to exec iptables-save: %d\n", i);
return 255 << 8;
}
static int dumpfn(void *arg)
{
int i;
int *pfd = arg;
char *argv[] = { "iptables-restore", "-c", NULL };
if (pfd[0] != 0)
sc_dup2(pfd[0], 0);
for (i=1; i<current->files->fdt->max_fds; i++)
sc_close(i);
module_put(THIS_MODULE);
set_fs(KERNEL_DS);
i = sc_execve("/sbin/iptables-restore", argv, NULL);
if (i == -ENOENT)
i = sc_execve("/usr/sbin/iptables-restore", argv, NULL);
eprintk("failed to exec iptables-restore: %d\n", i);
return 255 << 8;
}
