[netfilter-cvslog] r6860 - in trunk/conntrack-tools: . examples/cli
src
pablo at netfilter.org
pablo at netfilter.org
Mon Jun 4 19:02:37 CEST 2007
Author: pablo at netfilter.org
Date: 2007-06-04 19:02:36 +0200 (Mon, 04 Jun 2007)
New Revision: 6860
Modified:
trunk/conntrack-tools/ChangeLog
trunk/conntrack-tools/examples/cli/test.sh
trunk/conntrack-tools/src/conntrack.c
Log:
o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt
o remove bogus option to get a conntrack in test.sh example file
Modified: trunk/conntrack-tools/ChangeLog
===================================================================
--- trunk/conntrack-tools/ChangeLog 2007-06-04 17:00:24 UTC (rev 6859)
+++ trunk/conntrack-tools/ChangeLog 2007-06-04 17:02:36 UTC (rev 6860)
@@ -14,6 +14,8 @@
= conntrack =
o fix segfault with conntrack --output (Krzysztof Oledzky)
+o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt
+o remove bogus option to get a conntrack in test.sh example file
version 0.9.3 (2006/05/22)
------------------------------
Modified: trunk/conntrack-tools/examples/cli/test.sh
===================================================================
--- trunk/conntrack-tools/examples/cli/test.sh 2007-06-04 17:00:24 UTC (rev 6859)
+++ trunk/conntrack-tools/examples/cli/test.sh 2007-06-04 17:02:36 UTC (rev 6860)
@@ -37,8 +37,7 @@
get)
echo "getting a conntrack"
$CONNTRACK -G --orig-src $SRC --orig-dst $DST \
- -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT \
- --reply-port-src $DPORT --reply-port-dst $SPORT
+ -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT
;;
change)
echo "change a conntrack"
Modified: trunk/conntrack-tools/src/conntrack.c
===================================================================
--- trunk/conntrack-tools/src/conntrack.c 2007-06-04 17:00:24 UTC (rev 6859)
+++ trunk/conntrack-tools/src/conntrack.c 2007-06-04 17:02:36 UTC (rev 6860)
@@ -1024,57 +1024,10 @@
break;
case CT_CREATE:
- if ((options & CT_OPT_ORIG)
- && !(options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_REPL_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_ORIG_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_SRC));
- }
- } else if (!(options & CT_OPT_ORIG)
- && (options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_ORIG_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_REPL_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_SRC));
- }
- }
+ if ((options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_REPLY);
+ else if (!(options & CT_OPT_ORIG) && (options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_ORIGINAL);
cth = nfct_open(CONNTRACK, 0);
if (!cth)
@@ -1098,57 +1051,10 @@
break;
case CT_UPDATE:
- if ((options & CT_OPT_ORIG)
- && !(options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_REPL_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_ORIG_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_SRC));
- }
- } else if (!(options & CT_OPT_ORIG)
- && (options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_ORIG_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_REPL_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_SRC));
- }
- }
+ if ((options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_REPLY);
+ else if (!(options & CT_OPT_ORIG) && (options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_ORIGINAL);
cth = nfct_open(CONNTRACK, 0);
if (!cth)
More information about the netfilter-cvslog
mailing list