[netfilter-cvslog] r3564 - trunk/iptables/extensions
rusty at netfilter.org
rusty at netfilter.org
Mon Jan 3 10:51:59 CET 2005
Author: rusty at netfilter.org
Date: 2005-01-03 10:51:58 +0100 (Mon, 03 Jan 2005)
New Revision: 3564
Modified:
trunk/iptables/extensions/libipt_multiport.c
Log:
Testsuite found an issue: multiport accepts -p ! tcp.
Modified: trunk/iptables/extensions/libipt_multiport.c
===================================================================
--- trunk/iptables/extensions/libipt_multiport.c 2005-01-03 09:44:52 UTC (rev 3563)
+++ trunk/iptables/extensions/libipt_multiport.c 2005-01-03 09:51:58 UTC (rev 3564)
@@ -144,6 +144,10 @@
static const char *
check_proto(const struct ipt_entry *entry)
{
+ if (entry->ip.invflags & IPT_INV_PROTO)
+ exit_error(PARAMETER_PROBLEM,
+ "multiport only works with TCP or UDP");
+
if (entry->ip.proto == IPPROTO_TCP)
return "tcp";
else if (entry->ip.proto == IPPROTO_UDP)
More information about the netfilter-cvslog
mailing list