mirror of
git://projects.qi-hardware.com/openwrt-xburst.git
synced 2024-09-21 02:37:15 +03:00
88c477db44
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@8286 3c298f89-4303-0410-b956-a3cf2f4a3e73
223 lines
5.3 KiB
Diff
223 lines
5.3 KiB
Diff
Index: iptables-1.3.8/extensions/libipt_multiport.c
|
|
===================================================================
|
|
--- iptables-1.3.8.orig/extensions/libipt_multiport.c 2007-07-31 15:27:55.000000000 -0500
|
|
+++ iptables-1.3.8/extensions/libipt_multiport.c 2007-07-31 15:27:56.000000000 -0500
|
|
@@ -8,24 +8,6 @@
|
|
/* To ensure that iptables compiles with an old kernel */
|
|
#include "../include/linux/netfilter_ipv4/ipt_multiport.h"
|
|
|
|
-/* Function which prints out usage message. */
|
|
-static void
|
|
-help(void)
|
|
-{
|
|
- printf(
|
|
-"multiport v%s options:\n"
|
|
-" --source-ports port[,port,port...]\n"
|
|
-" --sports ...\n"
|
|
-" match source port(s)\n"
|
|
-" --destination-ports port[,port,port...]\n"
|
|
-" --dports ...\n"
|
|
-" match destination port(s)\n"
|
|
-" --ports port[,port,port]\n"
|
|
-" match both source and destination port(s)\n"
|
|
-" NOTE: this kernel does not support port ranges in multiport.\n",
|
|
-IPTABLES_VERSION);
|
|
-}
|
|
-
|
|
static void
|
|
help_v1(void)
|
|
{
|
|
@@ -70,26 +52,6 @@
|
|
}
|
|
}
|
|
|
|
-static unsigned int
|
|
-parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
|
|
-{
|
|
- char *buffer, *cp, *next;
|
|
- unsigned int i;
|
|
-
|
|
- buffer = strdup(portstring);
|
|
- if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");
|
|
-
|
|
- for (cp=buffer, i=0; cp && i<IPT_MULTI_PORTS; cp=next,i++)
|
|
- {
|
|
- next=strchr(cp, ',');
|
|
- if (next) *next++='\0';
|
|
- ports[i] = parse_port(cp, proto);
|
|
- }
|
|
- if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
|
|
- free(buffer);
|
|
- return i;
|
|
-}
|
|
-
|
|
static void
|
|
parse_multi_ports_v1(const char *portstring,
|
|
struct ipt_multiport_v1 *multiinfo,
|
|
@@ -156,58 +118,6 @@
|
|
"multiport only works with TCP, UDP, UDPLITE, SCTP and DCCP");
|
|
}
|
|
|
|
-/* Function which parses command options; returns true if it
|
|
- ate an option */
|
|
-static int
|
|
-parse(int c, char **argv, int invert, unsigned int *flags,
|
|
- const struct ipt_entry *entry,
|
|
- unsigned int *nfcache,
|
|
- struct ipt_entry_match **match)
|
|
-{
|
|
- const char *proto;
|
|
- struct ipt_multiport *multiinfo
|
|
- = (struct ipt_multiport *)(*match)->data;
|
|
-
|
|
- switch (c) {
|
|
- case '1':
|
|
- check_inverse(argv[optind-1], &invert, &optind, 0);
|
|
- proto = check_proto(entry);
|
|
- multiinfo->count = parse_multi_ports(argv[optind-1],
|
|
- multiinfo->ports, proto);
|
|
- multiinfo->flags = IPT_MULTIPORT_SOURCE;
|
|
- break;
|
|
-
|
|
- case '2':
|
|
- check_inverse(argv[optind-1], &invert, &optind, 0);
|
|
- proto = check_proto(entry);
|
|
- multiinfo->count = parse_multi_ports(argv[optind-1],
|
|
- multiinfo->ports, proto);
|
|
- multiinfo->flags = IPT_MULTIPORT_DESTINATION;
|
|
- break;
|
|
-
|
|
- case '3':
|
|
- check_inverse(argv[optind-1], &invert, &optind, 0);
|
|
- proto = check_proto(entry);
|
|
- multiinfo->count = parse_multi_ports(argv[optind-1],
|
|
- multiinfo->ports, proto);
|
|
- multiinfo->flags = IPT_MULTIPORT_EITHER;
|
|
- break;
|
|
-
|
|
- default:
|
|
- return 0;
|
|
- }
|
|
-
|
|
- if (invert)
|
|
- exit_error(PARAMETER_PROBLEM,
|
|
- "multiport does not support invert");
|
|
-
|
|
- if (*flags)
|
|
- exit_error(PARAMETER_PROBLEM,
|
|
- "multiport can only have one option");
|
|
- *flags = 1;
|
|
- return 1;
|
|
-}
|
|
-
|
|
static int
|
|
parse_v1(int c, char **argv, int invert, unsigned int *flags,
|
|
const struct ipt_entry *entry,
|
|
@@ -284,43 +194,6 @@
|
|
printf("%s", service);
|
|
}
|
|
|
|
-/* Prints out the matchinfo. */
|
|
-static void
|
|
-print(const struct ipt_ip *ip,
|
|
- const struct ipt_entry_match *match,
|
|
- int numeric)
|
|
-{
|
|
- const struct ipt_multiport *multiinfo
|
|
- = (const struct ipt_multiport *)match->data;
|
|
- unsigned int i;
|
|
-
|
|
- printf("multiport ");
|
|
-
|
|
- switch (multiinfo->flags) {
|
|
- case IPT_MULTIPORT_SOURCE:
|
|
- printf("sports ");
|
|
- break;
|
|
-
|
|
- case IPT_MULTIPORT_DESTINATION:
|
|
- printf("dports ");
|
|
- break;
|
|
-
|
|
- case IPT_MULTIPORT_EITHER:
|
|
- printf("ports ");
|
|
- break;
|
|
-
|
|
- default:
|
|
- printf("ERROR ");
|
|
- break;
|
|
- }
|
|
-
|
|
- for (i=0; i < multiinfo->count; i++) {
|
|
- printf("%s", i ? "," : "");
|
|
- print_port(multiinfo->ports[i], ip->proto, numeric);
|
|
- }
|
|
- printf(" ");
|
|
-}
|
|
-
|
|
static void
|
|
print_v1(const struct ipt_ip *ip,
|
|
const struct ipt_entry_match *match,
|
|
@@ -364,34 +237,6 @@
|
|
printf(" ");
|
|
}
|
|
|
|
-/* Saves the union ipt_matchinfo in parsable form to stdout. */
|
|
-static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
|
|
-{
|
|
- const struct ipt_multiport *multiinfo
|
|
- = (const struct ipt_multiport *)match->data;
|
|
- unsigned int i;
|
|
-
|
|
- switch (multiinfo->flags) {
|
|
- case IPT_MULTIPORT_SOURCE:
|
|
- printf("--sports ");
|
|
- break;
|
|
-
|
|
- case IPT_MULTIPORT_DESTINATION:
|
|
- printf("--dports ");
|
|
- break;
|
|
-
|
|
- case IPT_MULTIPORT_EITHER:
|
|
- printf("--ports ");
|
|
- break;
|
|
- }
|
|
-
|
|
- for (i=0; i < multiinfo->count; i++) {
|
|
- printf("%s", i ? "," : "");
|
|
- print_port(multiinfo->ports[i], ip->proto, 1);
|
|
- }
|
|
- printf(" ");
|
|
-}
|
|
-
|
|
static void save_v1(const struct ipt_ip *ip,
|
|
const struct ipt_entry_match *match)
|
|
{
|
|
@@ -427,19 +272,20 @@
|
|
printf(" ");
|
|
}
|
|
|
|
+
|
|
static struct iptables_match multiport = {
|
|
.next = NULL,
|
|
.name = "multiport",
|
|
- .revision = 0,
|
|
.version = IPTABLES_VERSION,
|
|
- .size = IPT_ALIGN(sizeof(struct ipt_multiport)),
|
|
- .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport)),
|
|
- .help = &help,
|
|
+ .revision = 0,
|
|
+ .size = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
|
|
+ .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
|
|
+ .help = &help_v1,
|
|
.init = &init,
|
|
- .parse = &parse,
|
|
+ .parse = &parse_v1,
|
|
.final_check = &final_check,
|
|
- .print = &print,
|
|
- .save = &save,
|
|
+ .print = &print_v1,
|
|
+ .save = &save_v1,
|
|
.extra_opts = opts
|
|
};
|
|
|