bundle: Avoid GCC 4.5 warning about possibly uninitialized value.

[openvswitch] / utilities / ovs-ctl.in

diff --git a/utilities/ovs-ctl.in b/utilities/ovs-ctl.in
index d316adf023b701393b302efe09624b51f1623039..c783f3da85c96215e813061527f9c4f5e3e75f9a 100755 (executable)
--- a/utilities/ovs-ctl.in
+++ b/utilities/ovs-ctl.in
@@ -184,7 +184,7 @@ start () {
        if test X"$MLOCKALL" != Xno; then
            set "$@" --mlockall
        fi
-       start_daemon "$VSWITCHD_PRIORITY" "$@"
+       start_daemon "$OVS_VSWITCHD_PRIORITY" "$@"
     fi
 }
 
@@ -244,7 +244,7 @@ force_reload_kmod () {
     chmod +x "$script"
 
     for dp in `ovs-dpctl dump-dps`; do
-        action "Removing datapath: $dp" "$dpctl" del-dp "$dp"
+        action "Removing datapath: $dp" ovs-dpctl del-dp "$dp"
     done
 
     if test -e /sys/module/openvswitch_mod; then
@@ -270,37 +270,40 @@ force_reload_kmod () {
 ## --------------- ##
 
 enable_protocol () {
-    set X "-p $PROTOCOL"
+    # Translate the protocol name to a number, because "iptables -n -L" prints
+    # some protocols by name (despite the -n) and therefore we need to look for
+    # both forms.
+    #
+    # (iptables -S output is more uniform but old iptables doesn't have it.)
+    protonum=`grep "^$PROTOCOL[        ]" /etc/protocols | awk '{print $2}'`
+    if expr X"$protonum" : X'[0-9]\{1,\}$' > /dev/null; then :; else
+        log_failure_msg "unknown protocol $PROTOCOL"
+        return 1
+    fi
+
     name=$PROTOCOL
+    match="(\$2 == \"$PROTOCOL\" || \$2 == $protonum)"
+    insert="iptables -I INPUT -p $PROTOCOL"
     if test X"$DPORT" != X; then
-        set "$@" "--dport $DPORT"
         name="$name to port $DPORT"
+        match="$match && /dpt:$DPORT/"
+        insert="$insert --dport $DPORT"
     fi
     if test X"$SPORT" != X; then
-        set "$@" "--sport $SPORT"
         name="$name from port $SPORT"
+        match="$match && /spt:$SPORT/"
+        insert="$insert --sport $SPORT"
     fi
-    shift
-
-    search="/^-A INPUT/!d"
-    insert="iptables -I INPUT"
-    for arg; do
-        search="$search
-/ $arg /!d"
-        insert="$insert $arg"
-    done
     insert="$insert -j ACCEPT"
 
-    if (iptables -S INPUT) >/dev/null 2>&1; then
-        case `iptables -S INPUT | sed "$search"` in
-            '')
-                action "Enabling $name with iptables" $insert
-                ;;
-            *)
-                # There's already a rule for this protocol.  Don't override it.
-                log_success_msg "iptables already has a rule for $name, not explicitly enabling"
-                ;;
-        esac
+    if (iptables -n -L INPUT) >/dev/null 2>&1; then
+        if iptables -n -L INPUT | awk "$match { n++ } END { exit n == 0 }"
+        then
+            # There's already a rule for this protocol.  Don't override it.
+            log_success_msg "iptables already has a rule for $name, not explicitly enabling"
+        else
+            action "Enabling $name with iptables" $insert
+        fi
     elif (iptables --version) >/dev/null 2>&1; then
         action "cannot list iptables rules, not adding a rule for $name"
     else