[iptables] Add SCTP/DCCP support to NAT targets

Patrick McHardy netfilter-cvslog-bounces at lists.netfilter.org
Tue Nov 4 13:23:09 CET 2008 

Gitweb:		http://git.netfilter.org/cgi-bin/gitweb.cgi?p=iptables.git;a=commit;h=5a942f9501f7ce287e1c37c553eb02a1e269e081
commit 5a942f9501f7ce287e1c37c553eb02a1e269e081
Author:     Patrick McHardy <kaber at trash.net>
AuthorDate: Tue Nov 4 13:22:40 2008 +0100
Commit:     Patrick McHardy <kaber at trash.net>
CommitDate: Tue Nov 4 13:22:40 2008 +0100

    Add SCTP/DCCP support to NAT targets
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>
       via  5a942f9501f7ce287e1c37c553eb02a1e269e081 (commit)
      from  6362bc843fa1fb4071b3deb5b9363f0c9dd95747 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 5a942f9501f7ce287e1c37c553eb02a1e269e081
Author: Patrick McHardy <kaber at trash.net>
Date:   Tue Nov 4 13:22:40 2008 +0100

    Add SCTP/DCCP support to NAT targets
    
    Signed-off-by: Patrick McHardy <kaber at trash.net>

-----------------------------------------------------------------------

 extensions/libipt_DNAT.c       |    4 +++-
 extensions/libipt_MASQUERADE.c |    4 +++-
 extensions/libipt_REDIRECT.c   |    4 +++-
 extensions/libipt_SNAT.c       |    4 +++-
 4 files changed, 12 insertions(+), 4 deletions(-)
Signed-off-by: Patrick McHardy <kaber at trash.net>

diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index b5c6ff5..5608947 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -69,7 +69,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
 
 		if (!portok)
 			exit_error(PARAMETER_PROBLEM,
-				   "Need TCP or UDP with port specification");
+				   "Need TCP, UDP, SCTP or DCCP with port specification");
 
 		range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 
@@ -142,6 +142,8 @@ static int DNAT_parse(int c, char **argv, int invert, unsigned int *flags,
 
 	if (entry->ip.proto == IPPROTO_TCP
 	    || entry->ip.proto == IPPROTO_UDP
+	    || entry->ip.proto == IPPROTO_SCTP
+	    || entry->ip.proto == IPPROTO_DCCP
 	    || entry->ip.proto == IPPROTO_ICMP)
 		portok = 1;
 	else
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 7670765..32410c0 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -77,6 +77,8 @@ static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
 
 	if (entry->ip.proto == IPPROTO_TCP
 	    || entry->ip.proto == IPPROTO_UDP
+	    || entry->ip.proto == IPPROTO_SCTP
+	    || entry->ip.proto == IPPROTO_DCCP
 	    || entry->ip.proto == IPPROTO_ICMP)
 		portok = 1;
 	else
@@ -86,7 +88,7 @@ static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,
 	case '1':
 		if (!portok)
 			exit_error(PARAMETER_PROBLEM,
-				   "Need TCP or UDP with port specification");
+				   "Need TCP, UDP, SCTP or DCCP with port specification");
 
 		if (check_inverse(optarg, &invert, NULL, 0))
 			exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c
index ffef3bf..e30c139 100644
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -84,6 +84,8 @@ static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
 
 	if (entry->ip.proto == IPPROTO_TCP
 	    || entry->ip.proto == IPPROTO_UDP
+	    || entry->ip.proto == IPPROTO_SCTP
+	    || entry->ip.proto == IPPROTO_DCCP
 	    || entry->ip.proto == IPPROTO_ICMP)
 		portok = 1;
 	else
@@ -93,7 +95,7 @@ static int REDIRECT_parse(int c, char **argv, int invert, unsigned int *flags,
 	case '1':
 		if (!portok)
 			exit_error(PARAMETER_PROBLEM,
-				   "Need TCP or UDP with port specification");
+				   "Need TCP, UDP, SCTP or DCCP with port specification");
 
 		if (check_inverse(optarg, &invert, NULL, 0))
 			exit_error(PARAMETER_PROBLEM,
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index b2a4925..7d04761 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -69,7 +69,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
 
 		if (!portok)
 			exit_error(PARAMETER_PROBLEM,
-				   "Need TCP or UDP with port specification");
+				   "Need TCP, UDP, SCTP or DCCP with port specification");
 
 		range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 
@@ -142,6 +142,8 @@ static int SNAT_parse(int c, char **argv, int invert, unsigned int *flags,
 
 	if (entry->ip.proto == IPPROTO_TCP
 	    || entry->ip.proto == IPPROTO_UDP
+	    || entry->ip.proto == IPPROTO_SCTP
+	    || entry->ip.proto == IPPROTO_DCCP
 	    || entry->ip.proto == IPPROTO_ICMP)
 		portok = 1;
 	else

More information about the netfilter-cvslog mailing list