package/iptables/patches/004-multiport_v1.patch

   1 Index: iptables-1.3.8/extensions/libipt_multiport.c
   2 ===================================================================
   3 --- iptables-1.3.8.orig/extensions/libipt_multiport.c   2007-07-31 15:27:55.000000000 -0500
   4 +++ iptables-1.3.8/extensions/libipt_multiport.c        2007-07-31 15:27:56.000000000 -0500
   5 @@ -8,24 +8,6 @@
   6  /* To ensure that iptables compiles with an old kernel */
   7  #include "../include/linux/netfilter_ipv4/ipt_multiport.h"
   8
   9 -/* Function which prints out usage message. */
  10 -static void
  11 -help(void)
  12 -{
  13 -       printf(
  14 -"multiport v%s options:\n"
  15 -" --source-ports port[,port,port...]\n"
  16 -" --sports ...\n"
  17 -"                              match source port(s)\n"
  18 -" --destination-ports port[,port,port...]\n"
  19 -" --dports ...\n"
  20 -"                              match destination port(s)\n"
  21 -" --ports port[,port,port]\n"
  22 -"                              match both source and destination port(s)\n"
  23 -" NOTE: this kernel does not support port ranges in multiport.\n",
  24 -IPTABLES_VERSION);
  25 -}
  26 -
  27  static void
  28  help_v1(void)
  29  {
  30 @@ -70,26 +52,6 @@
  31         }
  32  }
  33
  34 -static unsigned int
  35 -parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
  36 -{
  37 -       char *buffer, *cp, *next;
  38 -       unsigned int i;
  39 -
  40 -       buffer = strdup(portstring);
  41 -       if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");
  42 -
  43 -       for (cp=buffer, i=0; cp && i<IPT_MULTI_PORTS; cp=next,i++)
  44 -       {
  45 -               next=strchr(cp, ',');
  46 -               if (next) *next++='\0';
  47 -               ports[i] = parse_port(cp, proto);
  48 -       }
  49 -       if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
  50 -       free(buffer);
  51 -       return i;
  52 -}
  53 -
  54  static void
  55  parse_multi_ports_v1(const char *portstring,
  56                      struct ipt_multiport_v1 *multiinfo,
  57 @@ -156,58 +118,6 @@
  58                            "multiport only works with TCP, UDP, UDPLITE, SCTP and DCCP");
  59  }
  60
  61 -/* Function which parses command options; returns true if it
  62 -   ate an option */
  63 -static int
  64 -parse(int c, char **argv, int invert, unsigned int *flags,
  65 -      const struct ipt_entry *entry,
  66 -      unsigned int *nfcache,
  67 -      struct ipt_entry_match **match)
  68 -{
  69 -       const char *proto;
  70 -       struct ipt_multiport *multiinfo
  71 -               = (struct ipt_multiport *)(*match)->data;
  72 -
  73 -       switch (c) {
  74 -       case '1':
  75 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  76 -               proto = check_proto(entry);
  77 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  78 -                                                    multiinfo->ports, proto);
  79 -               multiinfo->flags = IPT_MULTIPORT_SOURCE;
  80 -               break;
  81 -
  82 -       case '2':
  83 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  84 -               proto = check_proto(entry);
  85 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  86 -                                                    multiinfo->ports, proto);
  87 -               multiinfo->flags = IPT_MULTIPORT_DESTINATION;
  88 -               break;
  89 -
  90 -       case '3':
  91 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  92 -               proto = check_proto(entry);
  93 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  94 -                                                    multiinfo->ports, proto);
  95 -               multiinfo->flags = IPT_MULTIPORT_EITHER;
  96 -               break;
  97 -
  98 -       default:
  99 -               return 0;
 100 -       }
 101 -
 102 -       if (invert)
 103 -               exit_error(PARAMETER_PROBLEM,
 104 -                          "multiport does not support invert");
 105 -
 106 -       if (*flags)
 107 -               exit_error(PARAMETER_PROBLEM,
 108 -                          "multiport can only have one option");
 109 -       *flags = 1;
 110 -       return 1;
 111 -}
 112 -
 113  static int
 114  parse_v1(int c, char **argv, int invert, unsigned int *flags,
 115          const struct ipt_entry *entry,
 116 @@ -284,43 +194,6 @@
 117                 printf("%s", service);
 118  }
 119
 120 -/* Prints out the matchinfo. */
 121 -static void
 122 -print(const struct ipt_ip *ip,
 123 -      const struct ipt_entry_match *match,
 124 -      int numeric)
 125 -{
 126 -       const struct ipt_multiport *multiinfo
 127 -               = (const struct ipt_multiport *)match->data;
 128 -       unsigned int i;
 129 -
 130 -       printf("multiport ");
 131 -
 132 -       switch (multiinfo->flags) {
 133 -       case IPT_MULTIPORT_SOURCE:
 134 -               printf("sports ");
 135 -               break;
 136 -
 137 -       case IPT_MULTIPORT_DESTINATION:
 138 -               printf("dports ");
 139 -               break;
 140 -
 141 -       case IPT_MULTIPORT_EITHER:
 142 -               printf("ports ");
 143 -               break;
 144 -
 145 -       default:
 146 -               printf("ERROR ");
 147 -               break;
 148 -       }
 149 -
 150 -       for (i=0; i < multiinfo->count; i++) {
 151 -               printf("%s", i ? "," : "");
 152 -               print_port(multiinfo->ports[i], ip->proto, numeric);
 153 -       }
 154 -       printf(" ");
 155 -}
 156 -
 157  static void
 158  print_v1(const struct ipt_ip *ip,
 159          const struct ipt_entry_match *match,
 160 @@ -364,34 +237,6 @@
 161         printf(" ");
 162  }
 163
 164 -/* Saves the union ipt_matchinfo in parsable form to stdout. */
 165 -static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 166 -{
 167 -       const struct ipt_multiport *multiinfo
 168 -               = (const struct ipt_multiport *)match->data;
 169 -       unsigned int i;
 170 -
 171 -       switch (multiinfo->flags) {
 172 -       case IPT_MULTIPORT_SOURCE:
 173 -               printf("--sports ");
 174 -               break;
 175 -
 176 -       case IPT_MULTIPORT_DESTINATION:
 177 -               printf("--dports ");
 178 -               break;
 179 -
 180 -       case IPT_MULTIPORT_EITHER:
 181 -               printf("--ports ");
 182 -               break;
 183 -       }
 184 -
 185 -       for (i=0; i < multiinfo->count; i++) {
 186 -               printf("%s", i ? "," : "");
 187 -               print_port(multiinfo->ports[i], ip->proto, 1);
 188 -       }
 189 -       printf(" ");
 190 -}
 191 -
 192  static void save_v1(const struct ipt_ip *ip,
 193                     const struct ipt_entry_match *match)
 194  {
 195 @@ -427,19 +272,20 @@
 196         printf(" ");
 197  }
 198
 199 +
 200  static struct iptables_match multiport = {
 201         .next           = NULL,
 202         .name           = "multiport",
 203 -       .revision       = 0,
 204         .version        = IPTABLES_VERSION,
 205 -       .size           = IPT_ALIGN(sizeof(struct ipt_multiport)),
 206 -       .userspacesize  = IPT_ALIGN(sizeof(struct ipt_multiport)),
 207 -       .help           = &help,
 208 +       .revision       = 0,
 209 +       .size           = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
 210 +       .userspacesize  = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
 211 +       .help           = &help_v1,
 212         .init           = &init,
 213 -       .parse          = &parse,
 214 +       .parse          = &parse_v1,
 215         .final_check    = &final_check,
 216 -       .print          = &print,
 217 -       .save           = &save,
 218 +       .print          = &print_v1,
 219 +       .save           = &save_v1,
 220         .extra_opts     = opts
 221  };
 222