[netfilter-cvslog] r4437 - trunk/iptables/extensions

Thu Nov 3 19:43:15 CET 2005

Author: laforge at netfilter.org
Date: 2005-11-03 19:43:14 +0100 (Thu, 03 Nov 2005)
New Revision: 4437

Modified:
   trunk/iptables/extensions/libipt_CONNMARK.c
   trunk/iptables/extensions/libipt_connmark.c
Log:
fix connmark, it's now only 32bits (Deti Fliegl <deti at fliegl.de)

We'ver screwed this up with the 2.6.14 release.  It refuses any mask that
extends 32bits.  We should have fixed this by adding a new target/match
revision, but now it's too late anyway :(



Modified: trunk/iptables/extensions/libipt_CONNMARK.c
===================================================================

--- trunk/iptables/extensions/libipt_CONNMARK.c	2005-11-03 18:20:25 UTC (rev 4436)
+++ trunk/iptables/extensions/libipt_CONNMARK.c	2005-11-03 18:43:14 UTC (rev 4437)
@@ -72,25 +72,17 @@
 	struct ipt_connmark_target_info *markinfo
 		= (struct ipt_connmark_target_info *)(*target)->data;
 
-#ifdef KERNEL_64_USERSPACE_32
-	markinfo->mask = ~0ULL;
-#else
-	markinfo->mask = ~0UL;
-#endif
+	markinfo->mask = 0xffffffffUL;
 
 	switch (c) {
 		char *end;
 	case '1':
 		markinfo->mode = IPT_CONNMARK_SET;
-#ifdef KERNEL_64_USERSPACE_32
-		markinfo->mark = strtoull(optarg, &end, 0);
-		if (*end == '/' && end[1] != '\0')
-		    markinfo->mask = strtoull(end+1, &end, 0);
-#else
+
 		markinfo->mark = strtoul(optarg, &end, 0);
 		if (*end == '/' && end[1] != '\0')
 		    markinfo->mask = strtoul(end+1, &end, 0);
-#endif
+
 		if (*end != '\0' || end == optarg)
 			exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
 		if (*flags)
@@ -116,11 +108,8 @@
 		if (!*flags)
 			exit_error(PARAMETER_PROBLEM,
 			           "CONNMARK target: Can't specify --mask without a operation");
-#ifdef KERNEL_64_USERSPACE_32
-		markinfo->mask = strtoull(optarg, &end, 0);
-#else
 		markinfo->mask = strtoul(optarg, &end, 0);
-#endif
+
 		if (*end != '\0' || end == optarg)
 			exit_error(PARAMETER_PROBLEM, "Bad MASK value `%s'", optarg);
 		break;
@@ -139,23 +128,7 @@
 		           "CONNMARK target: No operation specified");
 }
 
-#ifdef KERNEL_64_USERSPACE_32
 static void
-print_mark(unsigned long long mark)
-{
-	printf("0x%llx", mark);
-}
-
-static void
-print_mask(const char *text, unsigned long long mask)
-{
-	if (mask != ~0ULL)
-		printf("%s0x%llx", text, mask);
-}
-
-#else
-
-static void
 print_mark(unsigned long mark)
 {
 	printf("0x%lx", mark);
@@ -164,10 +137,9 @@
 static void
 print_mask(const char *text, unsigned long mask)
 {
-	if (mask != ~0UL)
+	if (mask != 0xffffffffUL)
 		printf("%s0x%lx", text, mask);
 }
-#endif
 
 
 /* Prints out the target info. */

Modified: trunk/iptables/extensions/libipt_connmark.c
===================================================================
--- trunk/iptables/extensions/libipt_connmark.c	2005-11-03 18:20:25 UTC (rev 4436)
+++ trunk/iptables/extensions/libipt_connmark.c	2005-11-03 18:43:14 UTC (rev 4437)
@@ -66,17 +66,13 @@
 		char *end;
 	case '1':
 		check_inverse(optarg, &invert, &optind, 0);
-#ifdef KERNEL_64_USERSPACE_32
-		markinfo->mark = strtoull(optarg, &end, 0);
-		markinfo->mask = ~0ULL;
-		if (*end == '/')
-			markinfo->mask = strtoull(end+1, &end, 0);
-#else
+
 		markinfo->mark = strtoul(optarg, &end, 0);
-		markinfo->mask = ~0UL;
+		markinfo->mask = 0xffffffffUL;
+		
 		if (*end == '/')
 			markinfo->mask = strtoul(end+1, &end, 0);
-#endif
+
 		if (*end != '\0' || end == optarg)
 			exit_error(PARAMETER_PROBLEM, "Bad MARK value `%s'", optarg);
 		if (invert)
@@ -90,25 +86,14 @@
 	return 1;
 }
 
-#ifdef KERNEL_64_USERSPACE_32
 static void
-print_mark(unsigned long long mark, unsigned long long mask, int numeric)
-{
-	if(mask != ~0ULL)
-		printf("0x%llx/0x%llx ", mark, mask);
-	else
-		printf("0x%llx ", mark);
-}
-#else
-static void
 print_mark(unsigned long mark, unsigned long mask, int numeric)
 {
-	if(mask != ~0UL)
+	if(mask != 0xffffffffUL)
 		printf("0x%lx/0x%lx ", mark, mask);
 	else
 		printf("0x%lx ", mark);
 }
-#endif
 
 /* Final check; must have specified --mark. */
 static void


