source:
freewrt/package/iptables/patches/04-multiport_v1.patch@
475ad56
| Last change on this file since 475ad56 was 475ad56, checked in by , 19 years ago | |
|---|---|
|
|
| File size: 5.3 KB | |
-
extensions/libipt_multiport.c
diff -urN iptables.old/extensions/libipt_multiport.c iptables.dev/extensions/libipt_multiport.c
old new 8 8 /* To ensure that iptables compiles with an old kernel */ 9 9 #include "../include/linux/netfilter_ipv4/ipt_multiport.h" 10 10 11 /* Function which prints out usage message. */12 static void13 help(void)14 {15 printf(16 "multiport v%s options:\n"17 " --source-ports port[,port,port...]\n"18 " --sports ...\n"19 " match source port(s)\n"20 " --destination-ports port[,port,port...]\n"21 " --dports ...\n"22 " match destination port(s)\n"23 " --ports port[,port,port]\n"24 " match both source and destination port(s)\n"25 " NOTE: this kernel does not support port ranges in multiport.\n",26 IPTABLES_VERSION);27 }28 29 11 static void 30 12 help_v1(void) 31 13 { … … 75 57 "invalid port/service `%s' specified", port); 76 58 } 77 59 78 static unsigned int79 parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)80 {81 char *buffer, *cp, *next;82 unsigned int i;83 84 buffer = strdup(portstring);85 if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");86 87 for (cp=buffer, i=0; cp && i<IPT_MULTI_PORTS; cp=next,i++)88 {89 next=strchr(cp, ',');90 if (next) *next++='\0';91 ports[i] = parse_port(cp, proto);92 }93 if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");94 free(buffer);95 return i;96 }97 98 60 static void 99 61 parse_multi_ports_v1(const char *portstring, 100 62 struct ipt_multiport_v1 *multiinfo, … … 160 122 "multiport only works with TCP or UDP"); 161 123 } 162 124 163 /* Function which parses command options; returns true if it164 ate an option */165 static int166 parse(int c, char **argv, int invert, unsigned int *flags,167 const struct ipt_entry *entry,168 unsigned int *nfcache,169 struct ipt_entry_match **match)170 {171 const char *proto;172 struct ipt_multiport *multiinfo173 = (struct ipt_multiport *)(*match)->data;174 175 switch (c) {176 case '1':177 check_inverse(argv[optind-1], &invert, &optind, 0);178 proto = check_proto(entry);179 multiinfo->count = parse_multi_ports(argv[optind-1],180 multiinfo->ports, proto);181 multiinfo->flags = IPT_MULTIPORT_SOURCE;182 break;183 184 case '2':185 check_inverse(argv[optind-1], &invert, &optind, 0);186 proto = check_proto(entry);187 multiinfo->count = parse_multi_ports(argv[optind-1],188 multiinfo->ports, proto);189 multiinfo->flags = IPT_MULTIPORT_DESTINATION;190 break;191 192 case '3':193 check_inverse(argv[optind-1], &invert, &optind, 0);194 proto = check_proto(entry);195 multiinfo->count = parse_multi_ports(argv[optind-1],196 multiinfo->ports, proto);197 multiinfo->flags = IPT_MULTIPORT_EITHER;198 break;199 200 default:201 return 0;202 }203 204 if (invert)205 exit_error(PARAMETER_PROBLEM,206 "multiport does not support invert");207 208 if (*flags)209 exit_error(PARAMETER_PROBLEM,210 "multiport can only have one option");211 *flags = 1;212 return 1;213 }214 215 125 static int 216 126 parse_v1(int c, char **argv, int invert, unsigned int *flags, 217 127 const struct ipt_entry *entry, … … 289 199 printf("%s", service); 290 200 } 291 201 292 /* Prints out the matchinfo. */293 static void294 print(const struct ipt_ip *ip,295 const struct ipt_entry_match *match,296 int numeric)297 {298 const struct ipt_multiport *multiinfo299 = (const struct ipt_multiport *)match->data;300 unsigned int i;301 302 printf("multiport ");303 304 switch (multiinfo->flags) {305 case IPT_MULTIPORT_SOURCE:306 printf("sports ");307 break;308 309 case IPT_MULTIPORT_DESTINATION:310 printf("dports ");311 break;312 313 case IPT_MULTIPORT_EITHER:314 printf("ports ");315 break;316 317 default:318 printf("ERROR ");319 break;320 }321 322 for (i=0; i < multiinfo->count; i++) {323 printf("%s", i ? "," : "");324 print_port(multiinfo->ports[i], ip->proto, numeric);325 }326 printf(" ");327 }328 329 202 static void 330 203 print_v1(const struct ipt_ip *ip, 331 204 const struct ipt_entry_match *match, … … 369 242 printf(" "); 370 243 } 371 244 372 /* Saves the union ipt_matchinfo in parsable form to stdout. */373 static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)374 {375 const struct ipt_multiport *multiinfo376 = (const struct ipt_multiport *)match->data;377 unsigned int i;378 379 switch (multiinfo->flags) {380 case IPT_MULTIPORT_SOURCE:381 printf("--sports ");382 break;383 384 case IPT_MULTIPORT_DESTINATION:385 printf("--dports ");386 break;387 388 case IPT_MULTIPORT_EITHER:389 printf("--ports ");390 break;391 }392 393 for (i=0; i < multiinfo->count; i++) {394 printf("%s", i ? "," : "");395 print_port(multiinfo->ports[i], ip->proto, 1);396 }397 printf(" ");398 }399 400 245 static void save_v1(const struct ipt_ip *ip, 401 246 const struct ipt_entry_match *match) 402 247 { … … 432 277 printf(" "); 433 278 } 434 279 280 435 281 static struct iptables_match multiport = { 436 282 .next = NULL, 437 283 .name = "multiport", 438 .revision = 0,439 284 .version = IPTABLES_VERSION, 440 .size = IPT_ALIGN(sizeof(struct ipt_multiport)), 441 .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport)), 442 .help = &help, 285 .revision = 0, 286 .size = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), 287 .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), 288 .help = &help_v1, 443 289 .init = &init, 444 .parse = &parse ,290 .parse = &parse_v1, 445 291 .final_check = &final_check, 446 .print = &print ,447 .save = &save ,292 .print = &print_v1, 293 .save = &save_v1, 448 294 .extra_opts = opts 449 295 }; 450 296
Note:
See TracBrowser
for help on using the repository browser.
