[PATCH] ipv6 limit match does not support invert

Phil Oester kernel at linuxace.com
Tue Sep 21 01:57:48 CEST 2004


Should have included this in earlier ipv4 version, but here is the
ipv6 version which clarifies that invert is not supported by limit.

Phil


-------------- next part --------------
diff -ru ipt-orig/extensions/libip6t_limit.c ipt-new/extensions/libip6t_limit.c
--- ipt-orig/extensions/libip6t_limit.c	2004-06-14 15:02:16.000000000 -0700
+++ ipt-new/extensions/libip6t_limit.c	2004-09-20 16:55:14.752980888 -0700
@@ -104,19 +104,14 @@
 
 	switch(c) {
 	case '%':
-		if (check_inverse(optarg, &invert, NULL, 0))
-			exit_error(PARAMETER_PROBLEM,
-				   "Unexpected `!' after --limit");
+		if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
 		if (!parse_rate(optarg, &r->avg))
 			exit_error(PARAMETER_PROBLEM,
 				   "bad rate `%s'", optarg);
 		break;
 
 	case '$':
-		if (check_inverse(optarg, &invert, NULL, 0))
-			exit_error(PARAMETER_PROBLEM,
-				   "Unexpected `!' after --limit-burst");
-
+		if (check_inverse(argv[optind-1], &invert, &optind, 0)) break;
 		if (string_to_number(optarg, 0, 10000, &num) == -1)
 			exit_error(PARAMETER_PROBLEM,
 				   "bad --limit-burst `%s'", optarg);
@@ -127,6 +122,10 @@
 		return 0;
 	}
 
+	if (invert)
+		exit_error(PARAMETER_PROBLEM,
+			   "limit does not support invert");
+
 	return 1;
 }
 


More information about the netfilter-devel mailing list