[server] Account for older versions of iptables that don't have -C
authorMichael Rash <mbr@cipherdyne.org>
Sat, 13 Jul 2013 03:22:50 +0000 (23:22 -0400)
committerMichael Rash <mbr@cipherdyne.org>
Sat, 13 Jul 2013 03:22:50 +0000 (23:22 -0400)
commita7de80e66eda7317c428d3c38dd08212553473ce
tree53c1d4cefb0bcd376d71cab86edfa0f50fd7175b
parentf391b1391dd73faf8e65ff47d31431d6585049cf
[server] Account for older versions of iptables that don't have -C

This commit updates fwknopd to test for the existance of the iptables '-C'
rule checking functionality since older versions of iptables don't have this.
If it isn't offered by the installed version of iptables, then revert to parsing
fwknop chains to see if iptables rules already exist before adding new rules (to
avoid duplicates).
server/fw_util_iptables.c
server/fw_util_iptables.h