[netfilter-cvslog] r4415 - in trunk/conntrack: . include src

pablo at netfilter.org pablo at netfilter.org
Tue Nov 1 01:36:43 CET 2005 

Author: pablo at netfilter.org
Date: 2005-11-01 01:36:42 +0100 (Tue, 01 Nov 2005)
New Revision: 4415

Modified:
   trunk/conntrack/ChangeLog
   trunk/conntrack/include/conntrack.h
   trunk/conntrack/src/conntrack.c
Log:
See ChangeLog



Modified: trunk/conntrack/ChangeLog
===================================================================
--- trunk/conntrack/ChangeLog	2005-11-01 00:28:14 UTC (rev 4414)
+++ trunk/conntrack/ChangeLog	2005-11-01 00:36:42 UTC (rev 4415)
@@ -1,3 +1,13 @@
+2005-11-01
+<pablo at eurodev.net>
+	o Fix error message describing illegal option -E -i
+	o -D -i ID requires tuple information: Display an error message
+	o Use NFCT_ALL_CT_GROUPS flag instead of NFCT_ALL_GROUPS
+	o Event mask doesn't make sense for expectations, kill dead code
+	o Bumped version to 0.95
+<olenf at ans.pl>
+	o Fix wrong formating in conntrack -h
+
 2005-10-30
 <pablo at eurodev.net>
 	Special thanks to Deti Fiegl from the Leibniz Supercomputing Centre in

Modified: trunk/conntrack/include/conntrack.h
===================================================================
--- trunk/conntrack/include/conntrack.h	2005-11-01 00:28:14 UTC (rev 4414)
+++ trunk/conntrack/include/conntrack.h	2005-11-01 00:36:42 UTC (rev 4415)
@@ -6,7 +6,7 @@
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 
 #define PROGNAME "conntrack"
-#define CONNTRACK_VERSION "0.94"
+#define CONNTRACK_VERSION "0.95"
 
 /* FIXME: These should be independent from kernel space */
 #define IPS_ASSURED (1 << 2)

Modified: trunk/conntrack/src/conntrack.c
===================================================================
--- trunk/conntrack/src/conntrack.c	2005-11-01 00:28:14 UTC (rev 4414)
+++ trunk/conntrack/src/conntrack.c	2005-11-01 00:36:42 UTC (rev 4415)
@@ -166,7 +166,7 @@
 #define NUMBER_OF_OPT   CT_OPT_MAX
 
 static const char optflags[NUMBER_OF_OPT]
-= {'s','d','r','q','p','t','u','z','e','[',']','{','}','a','i','m'};
+= {'s','d','r','q','p','t','u','z','e','[',']','{','}','a','m','i'};
 
 static struct option original_opts[] = {
 	{"dump", 2, 0, 'L'},
@@ -670,13 +670,13 @@
 fprintf(stdout, "Usage: %s [commands] [options]\n", prog);
 fprintf(stdout, "\n");
 fprintf(stdout, "Commands:\n");
-fprintf(stdout, "-L [table] [-z]   	List conntrack or expectation table\n");
-fprintf(stdout, "-G [table] parameters  Get conntrack or expectation\n");
-fprintf(stdout, "-D [table] parameters	Delete conntrack or expectation\n");
-fprintf(stdout, "-I [table] parameters	Create a conntrack or expectation\n");
-fprintf(stdout, "-U [table] parameters  Update a conntrack\n");
-fprintf(stdout, "-E [table] [options]	Show events\n");
-fprintf(stdout, "-F [table]	     	Flush table\n");
+fprintf(stdout, "-L [table] [-z]\t\tList conntrack or expectation table\n");
+fprintf(stdout, "-G [table] parameters\tGet conntrack or expectation\n");
+fprintf(stdout, "-D [table] parameters\tDelete conntrack or expectation\n");
+fprintf(stdout, "-I [table] parameters\tCreate a conntrack or expectation\n");
+fprintf(stdout, "-U [table] parameters\tUpdate a conntrack\n");
+fprintf(stdout, "-E [table] [options]\tShow events\n");
+fprintf(stdout, "-F [table]\t\tFlush table\n");
 fprintf(stdout, "\n");
 fprintf(stdout, "Options:\n");
 fprintf(stdout, "--orig-src ip	     	Source address from original direction\n");
@@ -1006,6 +1006,9 @@
 		break;
 		
 	case CT_DELETE:
+		if (!(options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+			exit_error(PARAMETER_PROBLEM, "Can't kill conntracks "
+						      "just by its ID");
 		cth = nfct_open(CONNTRACK, 0);
 		if (!cth)
 			exit_error(OTHER_PROBLEM, "Can't open handler");
@@ -1083,7 +1086,7 @@
 					nfct_default_conntrack_display);
 			res = nfct_event_conntrack(cth);
 		} else {
-			cth = nfct_open(CONNTRACK, NFCT_ALL_GROUPS);
+			cth = nfct_open(CONNTRACK, NFCT_ALL_CT_GROUPS);
 			if (!cth)
 				exit_error(OTHER_PROBLEM, "Can't open handler");
 			signal(SIGINT, event_sighandler);
@@ -1094,21 +1097,12 @@
 		break;
 
 	case EXP_EVENT:
-		if (options & CT_OPT_EVENT_MASK) {
-			cth = nfct_open(EXPECT, event_mask);
-			if (!cth)
-				exit_error(OTHER_PROBLEM, "Can't open handler");
-			signal(SIGINT, event_sighandler);
-			nfct_register_callback(cth, nfct_default_expect_display);
-			res = nfct_event_expectation(cth);
-		} else {
-			cth = nfct_open(EXPECT, NFCT_ALL_GROUPS);
-			if (!cth)
-				exit_error(OTHER_PROBLEM, "Can't open handler");
-			signal(SIGINT, event_sighandler);
-			nfct_register_callback(cth, nfct_default_expect_display);
-			res = nfct_event_expectation(cth);
-		}
+		cth = nfct_open(EXPECT, NF_NETLINK_CONNTRACK_EXP_NEW);
+		if (!cth)
+			exit_error(OTHER_PROBLEM, "Can't open handler");
+		signal(SIGINT, event_sighandler);
+		nfct_register_callback(cth, nfct_default_expect_display);
+		res = nfct_event_expectation(cth);
 		nfct_close(cth);
 		break;

More information about the netfilter-cvslog mailing list