[netfilter-cvslog] r6860 - in trunk/conntrack-tools: . examples/cli src

pablo at netfilter.org pablo at netfilter.org
Mon Jun 4 19:02:37 CEST 2007 

Author: pablo at netfilter.org
Date: 2007-06-04 19:02:36 +0200 (Mon, 04 Jun 2007)
New Revision: 6860

Modified:
   trunk/conntrack-tools/ChangeLog
   trunk/conntrack-tools/examples/cli/test.sh
   trunk/conntrack-tools/src/conntrack.c
Log:
o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt
o remove bogus option to get a conntrack in test.sh example file


Modified: trunk/conntrack-tools/ChangeLog
===================================================================
--- trunk/conntrack-tools/ChangeLog	2007-06-04 17:00:24 UTC (rev 6859)
+++ trunk/conntrack-tools/ChangeLog	2007-06-04 17:02:36 UTC (rev 6860)
@@ -14,6 +14,8 @@
 
 = conntrack =
 o fix segfault with conntrack --output (Krzysztof Oledzky)
+o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt
+o remove bogus option to get a conntrack in test.sh example file
 
 version 0.9.3 (2006/05/22)
 ------------------------------

Modified: trunk/conntrack-tools/examples/cli/test.sh
===================================================================
--- trunk/conntrack-tools/examples/cli/test.sh	2007-06-04 17:00:24 UTC (rev 6859)
+++ trunk/conntrack-tools/examples/cli/test.sh	2007-06-04 17:02:36 UTC (rev 6860)
@@ -37,8 +37,7 @@
 	get)
 		echo "getting a conntrack"
 		$CONNTRACK -G --orig-src $SRC --orig-dst $DST \
-		-p tcp --orig-port-src $SPORT --orig-port-dst $DPORT \
-		--reply-port-src $DPORT --reply-port-dst $SPORT
+		-p tcp --orig-port-src $SPORT --orig-port-dst $DPORT
 		;;
 	change)
 		echo "change a conntrack"

Modified: trunk/conntrack-tools/src/conntrack.c
===================================================================
--- trunk/conntrack-tools/src/conntrack.c	2007-06-04 17:00:24 UTC (rev 6859)
+++ trunk/conntrack-tools/src/conntrack.c	2007-06-04 17:02:36 UTC (rev 6860)
@@ -1024,57 +1024,10 @@
 		break;
 			
 	case CT_CREATE:
-		if ((options & CT_OPT_ORIG) 
-		    && !(options & CT_OPT_REPL)) {
-		    	nfct_set_attr_u8(obj, 
-					 ATTR_REPL_L3PROTO, 
-					 nfct_get_attr_u8(obj,
-					 		  ATTR_ORIG_L3PROTO));
-			if (family == AF_INET) {
-				nfct_set_attr_u32(obj,
-						  ATTR_REPL_IPV4_SRC,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_ORIG_IPV4_DST));
-				nfct_set_attr_u32(obj,
-						  ATTR_REPL_IPV4_DST,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_ORIG_IPV4_SRC));
-			} else if (family == AF_INET6) {
-				nfct_set_attr(obj,
-					      ATTR_REPL_IPV6_SRC,
-					      nfct_get_attr(obj,
-					      		ATTR_ORIG_IPV6_DST));
-				nfct_set_attr(obj,
-					      ATTR_REPL_IPV6_DST,
-					      nfct_get_attr(obj,
-					      		ATTR_ORIG_IPV6_SRC));
-			}
-		} else if (!(options & CT_OPT_ORIG)
-			   && (options & CT_OPT_REPL)) {
-		    	nfct_set_attr_u8(obj, 
-					 ATTR_ORIG_L3PROTO, 
-					 nfct_get_attr_u8(obj,
-					 		  ATTR_REPL_L3PROTO));
-			if (family == AF_INET) {
-				nfct_set_attr_u32(obj,
-						  ATTR_ORIG_IPV4_SRC,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_REPL_IPV4_DST));
-				nfct_set_attr_u32(obj,
-						  ATTR_ORIG_IPV4_DST,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_REPL_IPV4_SRC));
-			} else if (family == AF_INET6) {
-				nfct_set_attr(obj,
-					      ATTR_ORIG_IPV6_SRC,
-					      nfct_get_attr(obj,
-					      		ATTR_REPL_IPV6_DST));
-				nfct_set_attr(obj,
-					      ATTR_ORIG_IPV6_DST,
-					      nfct_get_attr(obj,
-					      		ATTR_REPL_IPV6_SRC));
-			}
-		}
+		if ((options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+		    	nfct_setobjopt(obj, NFCT_SOPT_SETUP_REPLY);
+		else if (!(options & CT_OPT_ORIG) && (options & CT_OPT_REPL))
+			nfct_setobjopt(obj, NFCT_SOPT_SETUP_ORIGINAL);
 
 		cth = nfct_open(CONNTRACK, 0);
 		if (!cth)
@@ -1098,57 +1051,10 @@
 		break;
 
 	case CT_UPDATE:
-		if ((options & CT_OPT_ORIG) 
-		    && !(options & CT_OPT_REPL)) {
-		    	nfct_set_attr_u8(obj, 
-					 ATTR_REPL_L3PROTO, 
-					 nfct_get_attr_u8(obj,
-					 		  ATTR_ORIG_L3PROTO));
-			if (family == AF_INET) {
-				nfct_set_attr_u32(obj,
-						  ATTR_REPL_IPV4_SRC,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_ORIG_IPV4_DST));
-				nfct_set_attr_u32(obj,
-						  ATTR_REPL_IPV4_DST,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_ORIG_IPV4_SRC));
-			} else if (family == AF_INET6) {
-				nfct_set_attr(obj,
-					      ATTR_REPL_IPV6_SRC,
-					      nfct_get_attr(obj,
-					      		ATTR_ORIG_IPV6_DST));
-				nfct_set_attr(obj,
-					      ATTR_REPL_IPV6_DST,
-					      nfct_get_attr(obj,
-					      		ATTR_ORIG_IPV6_SRC));
-			}
-		} else if (!(options & CT_OPT_ORIG)
-			   && (options & CT_OPT_REPL)) {
-		    	nfct_set_attr_u8(obj, 
-					 ATTR_ORIG_L3PROTO, 
-					 nfct_get_attr_u8(obj,
-					 		  ATTR_REPL_L3PROTO));
-			if (family == AF_INET) {
-				nfct_set_attr_u32(obj,
-						  ATTR_ORIG_IPV4_SRC,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_REPL_IPV4_DST));
-				nfct_set_attr_u32(obj,
-						  ATTR_ORIG_IPV4_DST,
-						  nfct_get_attr_u32(obj,
-						  	ATTR_REPL_IPV4_SRC));
-			} else if (family == AF_INET6) {
-				nfct_set_attr(obj,
-					      ATTR_ORIG_IPV6_SRC,
-					      nfct_get_attr(obj,
-					      		ATTR_REPL_IPV6_DST));
-				nfct_set_attr(obj,
-					      ATTR_ORIG_IPV6_DST,
-					      nfct_get_attr(obj,
-					      		ATTR_REPL_IPV6_SRC));
-			}
-		}
+		if ((options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+		    	nfct_setobjopt(obj, NFCT_SOPT_SETUP_REPLY);
+		else if (!(options & CT_OPT_ORIG) && (options & CT_OPT_REPL))
+			nfct_setobjopt(obj, NFCT_SOPT_SETUP_ORIGINAL);
 
 		cth = nfct_open(CONNTRACK, 0);
 		if (!cth)

More information about the netfilter-cvslog mailing list