[netfilter-cvslog] r6651 - in trunk/iptables: . extensions include
kaber at netfilter.org
kaber at netfilter.org
Tue Jul 25 03:50:53 CEST 2006
Author: kaber at netfilter.org
Date: 2006-07-25 03:50:48 +0200 (Tue, 25 Jul 2006)
New Revision: 6651
Modified:
trunk/iptables/extensions/libipt_multiport.c
trunk/iptables/include/iptables.h
trunk/iptables/iptables.c
Log:
Revert "proto_to_name duplication" patch, as noticed by Yasuyuki it can cause
invalid arguments to get accepted.
Modified: trunk/iptables/extensions/libipt_multiport.c
===================================================================
--- trunk/iptables/extensions/libipt_multiport.c 2006-07-22 14:10:53 UTC (rev 6650)
+++ trunk/iptables/extensions/libipt_multiport.c 2006-07-25 01:50:48 UTC (rev 6651)
@@ -51,6 +51,23 @@
{0}
};
+static char *
+proto_to_name(u_int8_t proto)
+{
+ switch (proto) {
+ case IPPROTO_TCP:
+ return "tcp";
+ case IPPROTO_UDP:
+ return "udp";
+ case IPPROTO_SCTP:
+ return "sctp";
+ case IPPROTO_DCCP:
+ return "dccp";
+ default:
+ return NULL;
+ }
+}
+
static unsigned int
parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
{
@@ -126,7 +143,7 @@
exit_error(PARAMETER_PROBLEM,
"multiport only works with TCP or UDP");
- if ((proto = proto_to_name(entry->ip.proto, 1)) != NULL)
+ if ((proto = proto_to_name(entry->ip.proto)) != NULL)
return proto;
else if (!entry->ip.proto)
exit_error(PARAMETER_PROBLEM,
@@ -247,7 +264,7 @@
{
struct servent *service;
- if ((service = getservbyport(htons(port), proto_to_name(proto, 1))))
+ if ((service = getservbyport(htons(port), proto_to_name(proto))))
return service->s_name;
return NULL;
Modified: trunk/iptables/include/iptables.h
===================================================================
--- trunk/iptables/include/iptables.h 2006-07-22 14:10:53 UTC (rev 6650)
+++ trunk/iptables/include/iptables.h 2006-07-25 01:50:48 UTC (rev 6651)
@@ -151,7 +151,6 @@
extern void register_match(struct iptables_match *me);
extern void register_target(struct iptables_target *me);
-extern char *proto_to_name(u_int8_t proto, int nolookup);
extern int service_to_port(const char *name, const char *proto);
extern u_int16_t parse_port(const char *port, const char *proto);
extern struct in_addr *dotted_to_addr(const char *dotted);
Modified: trunk/iptables/iptables.c
===================================================================
--- trunk/iptables/iptables.c 2006-07-22 14:10:53 UTC (rev 6650)
+++ trunk/iptables/iptables.c 2006-07-25 01:50:48 UTC (rev 6651)
@@ -229,10 +229,9 @@
{ "esp", IPPROTO_ESP },
{ "ah", IPPROTO_AH },
{ "sctp", IPPROTO_SCTP },
- { "dccp", IPPROTO_DCCP },
};
-char *
+static char *
proto_to_name(u_int8_t proto, int nolookup)
{
unsigned int i;
More information about the netfilter-cvslog
mailing list