diff --git a/configure.ac b/configure.ac index 2d63f97ba5..877cf54efc 100644 --- a/configure.ac +++ b/configure.ac @@ -369,6 +369,19 @@ if test -n "${RESOLVCONF_PATH}"; then AC_DEFINE_UNQUOTED(RESOLVCONF_PATH, "$RESOLVCONF_PATH", [Define if you have a resolvconf implementation]) fi +# iptables path +AC_ARG_WITH(iptables, AC_HELP_STRING([--with-iptables=/path/to/iptables], [path to iptables])) +if test "x${with_iptables}" = x; then + AC_PATH_PROG(IPTABLES_PATH, iptables, [], $PATH:/sbin:/usr/sbin) + if ! test -x "$IPTABLES_PATH"; then + AC_MSG_ERROR(iptables was not installed.) + fi +else + IPTABLES_PATH="$with_iptables" +fi +AC_DEFINE_UNQUOTED(IPTABLES_PATH, "$IPTABLES_PATH", [Define to path of iptables binary]) +AC_SUBST(IPTABLES_PATH) + # system CA certificates path AC_ARG_WITH(system-ca-path, AS_HELP_STRING([--with-system-ca-path=/path/to/ssl/certs], [path to system CA certificates])) if test "x${with_system_ca_path}" = x; then diff --git a/src/nm-activation-request.c b/src/nm-activation-request.c index 45851d9938..8d97e37499 100644 --- a/src/nm-activation-request.c +++ b/src/nm-activation-request.c @@ -575,22 +575,24 @@ nm_act_request_set_shared (NMActRequest *req, gboolean shared) for (iter = list; iter; iter = g_slist_next (iter)) { ShareRule *rule = (ShareRule *) iter->data; char *envp[1] = { NULL }; - char **argv; + char *argv[6]; char *cmd; int status; GError *error = NULL; + argv[0] = IPTABLES_PATH; + argv[1] = "--table"; + argv[2] = rule->table; + if (shared) - cmd = g_strdup_printf ("/sbin/iptables --table %s --insert %s", rule->table, rule->rule); + argv[3] = "--insert"; else - cmd = g_strdup_printf ("/sbin/iptables --table %s --delete %s", rule->table, rule->rule); + argv[3] = "--delete"; - argv = g_strsplit (cmd, " ", 0); - if (!argv || !argv[0]) { - continue; - g_free (cmd); - } + argv[4] = rule->rule; + argv[5] = NULL; + cmd = g_strjoinv (" ", argv); nm_info ("Executing: %s", cmd); g_free (cmd); @@ -602,8 +604,6 @@ nm_act_request_set_shared (NMActRequest *req, gboolean shared) g_error_free (error); } else if (WEXITSTATUS (status)) nm_info ("** Command returned exit status %d.", WEXITSTATUS (status)); - - g_strfreev (argv); } g_slist_free (list);