[netfilter-cvslog] r4415 - in trunk/conntrack: . include src
pablo at netfilter.org
pablo at netfilter.org
Tue Nov 1 01:36:43 CET 2005
Author: pablo at netfilter.org
Date: 2005-11-01 01:36:42 +0100 (Tue, 01 Nov 2005)
New Revision: 4415
Modified:
trunk/conntrack/ChangeLog
trunk/conntrack/include/conntrack.h
trunk/conntrack/src/conntrack.c
Log:
See ChangeLog
Modified: trunk/conntrack/ChangeLog
===================================================================
--- trunk/conntrack/ChangeLog 2005-11-01 00:28:14 UTC (rev 4414)
+++ trunk/conntrack/ChangeLog 2005-11-01 00:36:42 UTC (rev 4415)
@@ -1,3 +1,13 @@
+2005-11-01
+<pablo at eurodev.net>
+ o Fix error message describing illegal option -E -i
+ o -D -i ID requires tuple information: Display an error message
+ o Use NFCT_ALL_CT_GROUPS flag instead of NFCT_ALL_GROUPS
+ o Event mask doesn't make sense for expectations, kill dead code
+ o Bumped version to 0.95
+<olenf at ans.pl>
+ o Fix wrong formating in conntrack -h
+
2005-10-30
<pablo at eurodev.net>
Special thanks to Deti Fiegl from the Leibniz Supercomputing Centre in
Modified: trunk/conntrack/include/conntrack.h
===================================================================
--- trunk/conntrack/include/conntrack.h 2005-11-01 00:28:14 UTC (rev 4414)
+++ trunk/conntrack/include/conntrack.h 2005-11-01 00:36:42 UTC (rev 4415)
@@ -6,7 +6,7 @@
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#define PROGNAME "conntrack"
-#define CONNTRACK_VERSION "0.94"
+#define CONNTRACK_VERSION "0.95"
/* FIXME: These should be independent from kernel space */
#define IPS_ASSURED (1 << 2)
Modified: trunk/conntrack/src/conntrack.c
===================================================================
--- trunk/conntrack/src/conntrack.c 2005-11-01 00:28:14 UTC (rev 4414)
+++ trunk/conntrack/src/conntrack.c 2005-11-01 00:36:42 UTC (rev 4415)
@@ -166,7 +166,7 @@
#define NUMBER_OF_OPT CT_OPT_MAX
static const char optflags[NUMBER_OF_OPT]
-= {'s','d','r','q','p','t','u','z','e','[',']','{','}','a','i','m'};
+= {'s','d','r','q','p','t','u','z','e','[',']','{','}','a','m','i'};
static struct option original_opts[] = {
{"dump", 2, 0, 'L'},
@@ -670,13 +670,13 @@
fprintf(stdout, "Usage: %s [commands] [options]\n", prog);
fprintf(stdout, "\n");
fprintf(stdout, "Commands:\n");
-fprintf(stdout, "-L [table] [-z] List conntrack or expectation table\n");
-fprintf(stdout, "-G [table] parameters Get conntrack or expectation\n");
-fprintf(stdout, "-D [table] parameters Delete conntrack or expectation\n");
-fprintf(stdout, "-I [table] parameters Create a conntrack or expectation\n");
-fprintf(stdout, "-U [table] parameters Update a conntrack\n");
-fprintf(stdout, "-E [table] [options] Show events\n");
-fprintf(stdout, "-F [table] Flush table\n");
+fprintf(stdout, "-L [table] [-z]\t\tList conntrack or expectation table\n");
+fprintf(stdout, "-G [table] parameters\tGet conntrack or expectation\n");
+fprintf(stdout, "-D [table] parameters\tDelete conntrack or expectation\n");
+fprintf(stdout, "-I [table] parameters\tCreate a conntrack or expectation\n");
+fprintf(stdout, "-U [table] parameters\tUpdate a conntrack\n");
+fprintf(stdout, "-E [table] [options]\tShow events\n");
+fprintf(stdout, "-F [table]\t\tFlush table\n");
fprintf(stdout, "\n");
fprintf(stdout, "Options:\n");
fprintf(stdout, "--orig-src ip Source address from original direction\n");
@@ -1006,6 +1006,9 @@
break;
case CT_DELETE:
+ if (!(options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+ exit_error(PARAMETER_PROBLEM, "Can't kill conntracks "
+ "just by its ID");
cth = nfct_open(CONNTRACK, 0);
if (!cth)
exit_error(OTHER_PROBLEM, "Can't open handler");
@@ -1083,7 +1086,7 @@
nfct_default_conntrack_display);
res = nfct_event_conntrack(cth);
} else {
- cth = nfct_open(CONNTRACK, NFCT_ALL_GROUPS);
+ cth = nfct_open(CONNTRACK, NFCT_ALL_CT_GROUPS);
if (!cth)
exit_error(OTHER_PROBLEM, "Can't open handler");
signal(SIGINT, event_sighandler);
@@ -1094,21 +1097,12 @@
break;
case EXP_EVENT:
- if (options & CT_OPT_EVENT_MASK) {
- cth = nfct_open(EXPECT, event_mask);
- if (!cth)
- exit_error(OTHER_PROBLEM, "Can't open handler");
- signal(SIGINT, event_sighandler);
- nfct_register_callback(cth, nfct_default_expect_display);
- res = nfct_event_expectation(cth);
- } else {
- cth = nfct_open(EXPECT, NFCT_ALL_GROUPS);
- if (!cth)
- exit_error(OTHER_PROBLEM, "Can't open handler");
- signal(SIGINT, event_sighandler);
- nfct_register_callback(cth, nfct_default_expect_display);
- res = nfct_event_expectation(cth);
- }
+ cth = nfct_open(EXPECT, NF_NETLINK_CONNTRACK_EXP_NEW);
+ if (!cth)
+ exit_error(OTHER_PROBLEM, "Can't open handler");
+ signal(SIGINT, event_sighandler);
+ nfct_register_callback(cth, nfct_default_expect_display);
+ res = nfct_event_expectation(cth);
nfct_close(cth);
break;
More information about the netfilter-cvslog
mailing list