package/iptables/patches/004-multiport_v1.patch

   1 diff -urN iptables.old/extensions/libipt_multiport.c iptables.dev/extensions/libipt_multiport.c
   2 --- iptables.old/extensions/libipt_multiport.c  2005-02-19 20:19:17.000000000 +0100
   3 +++ iptables.dev/extensions/libipt_multiport.c  2006-02-04 05:46:12.154127750 +0100
   4 @@ -8,24 +8,6 @@
   5  /* To ensure that iptables compiles with an old kernel */
   6  #include "../include/linux/netfilter_ipv4/ipt_multiport.h"
   7
   8 -/* Function which prints out usage message. */
   9 -static void
  10 -help(void)
  11 -{
  12 -       printf(
  13 -"multiport v%s options:\n"
  14 -" --source-ports port[,port,port...]\n"
  15 -" --sports ...\n"
  16 -"                              match source port(s)\n"
  17 -" --destination-ports port[,port,port...]\n"
  18 -" --dports ...\n"
  19 -"                              match destination port(s)\n"
  20 -" --ports port[,port,port]\n"
  21 -"                              match both source and destination port(s)\n"
  22 -" NOTE: this kernel does not support port ranges in multiport.\n",
  23 -IPTABLES_VERSION);
  24 -}
  25 -
  26  static void
  27  help_v1(void)
  28  {
  29 @@ -75,26 +57,6 @@
  30                    "invalid port/service `%s' specified", port);
  31  }
  32
  33 -static unsigned int
  34 -parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
  35 -{
  36 -       char *buffer, *cp, *next;
  37 -       unsigned int i;
  38 -
  39 -       buffer = strdup(portstring);
  40 -       if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");
  41 -
  42 -       for (cp=buffer, i=0; cp && i<IPT_MULTI_PORTS; cp=next,i++)
  43 -       {
  44 -               next=strchr(cp, ',');
  45 -               if (next) *next++='\0';
  46 -               ports[i] = parse_port(cp, proto);
  47 -       }
  48 -       if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
  49 -       free(buffer);
  50 -       return i;
  51 -}
  52 -
  53  static void
  54  parse_multi_ports_v1(const char *portstring,
  55                      struct ipt_multiport_v1 *multiinfo,
  56 @@ -160,58 +122,6 @@
  57                            "multiport only works with TCP or UDP");
  58  }
  59
  60 -/* Function which parses command options; returns true if it
  61 -   ate an option */
  62 -static int
  63 -parse(int c, char **argv, int invert, unsigned int *flags,
  64 -      const struct ipt_entry *entry,
  65 -      unsigned int *nfcache,
  66 -      struct ipt_entry_match **match)
  67 -{
  68 -       const char *proto;
  69 -       struct ipt_multiport *multiinfo
  70 -               = (struct ipt_multiport *)(*match)->data;
  71 -
  72 -       switch (c) {
  73 -       case '1':
  74 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  75 -               proto = check_proto(entry);
  76 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  77 -                                                    multiinfo->ports, proto);
  78 -               multiinfo->flags = IPT_MULTIPORT_SOURCE;
  79 -               break;
  80 -
  81 -       case '2':
  82 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  83 -               proto = check_proto(entry);
  84 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  85 -                                                    multiinfo->ports, proto);
  86 -               multiinfo->flags = IPT_MULTIPORT_DESTINATION;
  87 -               break;
  88 -
  89 -       case '3':
  90 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  91 -               proto = check_proto(entry);
  92 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  93 -                                                    multiinfo->ports, proto);
  94 -               multiinfo->flags = IPT_MULTIPORT_EITHER;
  95 -               break;
  96 -
  97 -       default:
  98 -               return 0;
  99 -       }
 100 -
 101 -       if (invert)
 102 -               exit_error(PARAMETER_PROBLEM,
 103 -                          "multiport does not support invert");
 104 -
 105 -       if (*flags)
 106 -               exit_error(PARAMETER_PROBLEM,
 107 -                          "multiport can only have one option");
 108 -       *flags = 1;
 109 -       return 1;
 110 -}
 111 -
 112  static int
 113  parse_v1(int c, char **argv, int invert, unsigned int *flags,
 114          const struct ipt_entry *entry,
 115 @@ -289,43 +199,6 @@
 116                 printf("%s", service);
 117  }
 118
 119 -/* Prints out the matchinfo. */
 120 -static void
 121 -print(const struct ipt_ip *ip,
 122 -      const struct ipt_entry_match *match,
 123 -      int numeric)
 124 -{
 125 -       const struct ipt_multiport *multiinfo
 126 -               = (const struct ipt_multiport *)match->data;
 127 -       unsigned int i;
 128 -
 129 -       printf("multiport ");
 130 -
 131 -       switch (multiinfo->flags) {
 132 -       case IPT_MULTIPORT_SOURCE:
 133 -               printf("sports ");
 134 -               break;
 135 -
 136 -       case IPT_MULTIPORT_DESTINATION:
 137 -               printf("dports ");
 138 -               break;
 139 -
 140 -       case IPT_MULTIPORT_EITHER:
 141 -               printf("ports ");
 142 -               break;
 143 -
 144 -       default:
 145 -               printf("ERROR ");
 146 -               break;
 147 -       }
 148 -
 149 -       for (i=0; i < multiinfo->count; i++) {
 150 -               printf("%s", i ? "," : "");
 151 -               print_port(multiinfo->ports[i], ip->proto, numeric);
 152 -       }
 153 -       printf(" ");
 154 -}
 155 -
 156  static void
 157  print_v1(const struct ipt_ip *ip,
 158          const struct ipt_entry_match *match,
 159 @@ -369,34 +242,6 @@
 160         printf(" ");
 161  }
 162
 163 -/* Saves the union ipt_matchinfo in parsable form to stdout. */
 164 -static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 165 -{
 166 -       const struct ipt_multiport *multiinfo
 167 -               = (const struct ipt_multiport *)match->data;
 168 -       unsigned int i;
 169 -
 170 -       switch (multiinfo->flags) {
 171 -       case IPT_MULTIPORT_SOURCE:
 172 -               printf("--sports ");
 173 -               break;
 174 -
 175 -       case IPT_MULTIPORT_DESTINATION:
 176 -               printf("--dports ");
 177 -               break;
 178 -
 179 -       case IPT_MULTIPORT_EITHER:
 180 -               printf("--ports ");
 181 -               break;
 182 -       }
 183 -
 184 -       for (i=0; i < multiinfo->count; i++) {
 185 -               printf("%s", i ? "," : "");
 186 -               print_port(multiinfo->ports[i], ip->proto, 1);
 187 -       }
 188 -       printf(" ");
 189 -}
 190 -
 191  static void save_v1(const struct ipt_ip *ip,
 192                     const struct ipt_entry_match *match)
 193  {
 194 @@ -432,19 +277,20 @@
 195         printf(" ");
 196  }
 197
 198 +
 199  static struct iptables_match multiport = {
 200         .next           = NULL,
 201         .name           = "multiport",
 202 -       .revision       = 0,
 203         .version        = IPTABLES_VERSION,
 204 -       .size           = IPT_ALIGN(sizeof(struct ipt_multiport)),
 205 -       .userspacesize  = IPT_ALIGN(sizeof(struct ipt_multiport)),
 206 -       .help           = &help,
 207 +       .revision       = 0,
 208 +       .size           = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
 209 +       .userspacesize  = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
 210 +       .help           = &help_v1,
 211         .init           = &init,
 212 -       .parse          = &parse,
 213 +       .parse          = &parse_v1,
 214         .final_check    = &final_check,
 215 -       .print          = &print,
 216 -       .save           = &save,
 217 +       .print          = &print_v1,
 218 +       .save           = &save_v1,
 219         .extra_opts     = opts
 220  };
 221