package/iptables/patches/1.4.0/004-drop_multiport_v0_support.patch

   1 Index: iptables-1.4.0/extensions/libxt_multiport.c
   2 ===================================================================
   3 --- iptables-1.4.0.orig/extensions/libxt_multiport.c
   4 +++ iptables-1.4.0/extensions/libxt_multiport.c
   5 @@ -12,22 +12,6 @@
   6  #include "../include/linux/netfilter/xt_multiport.h"
   7
   8  /* Function which prints out usage message. */
   9 -static void multiport_help(void)
  10 -{
  11 -       printf(
  12 -"multiport v%s options:\n"
  13 -" --source-ports port[,port,port...]\n"
  14 -" --sports ...\n"
  15 -"                              match source port(s)\n"
  16 -" --destination-ports port[,port,port...]\n"
  17 -" --dports ...\n"
  18 -"                              match destination port(s)\n"
  19 -" --ports port[,port,port]\n"
  20 -"                              match both source and destination port(s)\n"
  21 -" NOTE: this kernel does not support port ranges in multiport.\n",
  22 -IPTABLES_VERSION);
  23 -}
  24 -
  25  static void multiport_help_v1(void)
  26  {
  27         printf(
  28 @@ -71,26 +55,6 @@ proto_to_name(u_int8_t proto)
  29         }
  30  }
  31
  32 -static unsigned int
  33 -parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
  34 -{
  35 -       char *buffer, *cp, *next;
  36 -       unsigned int i;
  37 -
  38 -       buffer = strdup(portstring);
  39 -       if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");
  40 -
  41 -       for (cp=buffer, i=0; cp && i<XT_MULTI_PORTS; cp=next,i++)
  42 -       {
  43 -               next=strchr(cp, ',');
  44 -               if (next) *next++='\0';
  45 -               ports[i] = parse_port(cp, proto);
  46 -       }
  47 -       if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
  48 -       free(buffer);
  49 -       return i;
  50 -}
  51 -
  52  static void
  53  parse_multi_ports_v1(const char *portstring,
  54                      struct xt_multiport_v1 *multiinfo,
  55 @@ -154,73 +118,6 @@ check_proto(u_int16_t pnum, u_int8_t inv
  56  /* Function which parses command options; returns true if it
  57     ate an option */
  58  static int
  59 -__multiport_parse(int c, char **argv, int invert, unsigned int *flags,
  60 -                  struct xt_entry_match **match, u_int16_t pnum,
  61 -                  u_int8_t invflags)
  62 -{
  63 -       const char *proto;
  64 -       struct xt_multiport *multiinfo
  65 -               = (struct xt_multiport *)(*match)->data;
  66 -
  67 -       switch (c) {
  68 -       case '1':
  69 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  70 -               proto = check_proto(pnum, invflags);
  71 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  72 -                                                    multiinfo->ports, proto);
  73 -               multiinfo->flags = XT_MULTIPORT_SOURCE;
  74 -               break;
  75 -
  76 -       case '2':
  77 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  78 -               proto = check_proto(pnum, invflags);
  79 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  80 -                                                    multiinfo->ports, proto);
  81 -               multiinfo->flags = XT_MULTIPORT_DESTINATION;
  82 -               break;
  83 -
  84 -       case '3':
  85 -               check_inverse(argv[optind-1], &invert, &optind, 0);
  86 -               proto = check_proto(pnum, invflags);
  87 -               multiinfo->count = parse_multi_ports(argv[optind-1],
  88 -                                                    multiinfo->ports, proto);
  89 -               multiinfo->flags = XT_MULTIPORT_EITHER;
  90 -               break;
  91 -
  92 -       default:
  93 -               return 0;
  94 -       }
  95 -
  96 -       if (invert)
  97 -               exit_error(PARAMETER_PROBLEM,
  98 -                          "multiport does not support invert");
  99 -
 100 -       if (*flags)
 101 -               exit_error(PARAMETER_PROBLEM,
 102 -                          "multiport can only have one option");
 103 -       *flags = 1;
 104 -       return 1;
 105 -}
 106 -
 107 -static int
 108 -multiport_parse(int c, char **argv, int invert, unsigned int *flags,
 109 -                const void *e, struct xt_entry_match **match)
 110 -{
 111 -       const struct ipt_entry *entry = e;
 112 -       return __multiport_parse(c, argv, invert, flags, match,
 113 -              entry->ip.proto, entry->ip.invflags);
 114 -}
 115 -
 116 -static int
 117 -multiport_parse6(int c, char **argv, int invert, unsigned int *flags,
 118 -                 const void *e, struct xt_entry_match **match)
 119 -{
 120 -       const struct ip6t_entry *entry = (const struct ip6t_entry *)e;
 121 -       return __multiport_parse(c, argv, invert, flags, match,
 122 -              entry->ipv6.proto, entry->ipv6.invflags);
 123 -}
 124 -
 125 -static int
 126  __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
 127                       struct xt_entry_match **match, u_int16_t pnum,
 128                       u_int8_t invflags)
 129 @@ -313,55 +210,6 @@ print_port(u_int16_t port, u_int8_t prot
 130  }
 131
 132  /* Prints out the matchinfo. */
 133 -static void
 134 -__multiport_print(const struct xt_entry_match *match, int numeric,
 135 -                  u_int16_t proto)
 136 -{
 137 -       const struct xt_multiport *multiinfo
 138 -               = (const struct xt_multiport *)match->data;
 139 -       unsigned int i;
 140 -
 141 -       printf("multiport ");
 142 -
 143 -       switch (multiinfo->flags) {
 144 -       case XT_MULTIPORT_SOURCE:
 145 -               printf("sports ");
 146 -               break;
 147 -
 148 -       case XT_MULTIPORT_DESTINATION:
 149 -               printf("dports ");
 150 -               break;
 151 -
 152 -       case XT_MULTIPORT_EITHER:
 153 -               printf("ports ");
 154 -               break;
 155 -
 156 -       default:
 157 -               printf("ERROR ");
 158 -               break;
 159 -       }
 160 -
 161 -       for (i=0; i < multiinfo->count; i++) {
 162 -               printf("%s", i ? "," : "");
 163 -               print_port(multiinfo->ports[i], proto, numeric);
 164 -       }
 165 -       printf(" ");
 166 -}
 167 -
 168 -static void multiport_print(const void *ip_void,
 169 -                            const struct xt_entry_match *match, int numeric)
 170 -{
 171 -       const struct ipt_ip *ip = ip_void;
 172 -       __multiport_print(match, numeric, ip->proto);
 173 -}
 174 -
 175 -static void multiport_print6(const void *ip_void,
 176 -                             const struct xt_entry_match *match, int numeric)
 177 -{
 178 -       const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
 179 -       __multiport_print(match, numeric, ip->proto);
 180 -}
 181 -
 182  static void __multiport_print_v1(const struct xt_entry_match *match,
 183                                   int numeric, u_int16_t proto)
 184  {
 185 @@ -418,48 +266,6 @@ static void multiport_print6_v1(const vo
 186  }
 187
 188  /* Saves the union ipt_matchinfo in parsable form to stdout. */
 189 -static void __multiport_save(const struct xt_entry_match *match,
 190 -                             u_int16_t proto)
 191 -{
 192 -       const struct xt_multiport *multiinfo
 193 -               = (const struct xt_multiport *)match->data;
 194 -       unsigned int i;
 195 -
 196 -       switch (multiinfo->flags) {
 197 -       case XT_MULTIPORT_SOURCE:
 198 -               printf("--sports ");
 199 -               break;
 200 -
 201 -       case XT_MULTIPORT_DESTINATION:
 202 -               printf("--dports ");
 203 -               break;
 204 -
 205 -       case XT_MULTIPORT_EITHER:
 206 -               printf("--ports ");
 207 -               break;
 208 -       }
 209 -
 210 -       for (i=0; i < multiinfo->count; i++) {
 211 -               printf("%s", i ? "," : "");
 212 -               print_port(multiinfo->ports[i], proto, 1);
 213 -       }
 214 -       printf(" ");
 215 -}
 216 -
 217 -static void multiport_save(const void *ip_void,
 218 -                           const struct xt_entry_match *match)
 219 -{
 220 -       const struct ipt_ip *ip = ip_void;
 221 -       __multiport_save(match, ip->proto);
 222 -}
 223 -
 224 -static void multiport_save6(const void *ip_void,
 225 -                            const struct xt_entry_match *match)
 226 -{
 227 -       const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
 228 -       __multiport_save(match, ip->proto);
 229 -}
 230 -
 231  static void __multiport_save_v1(const struct xt_entry_match *match,
 232                                  u_int16_t proto)
 233  {
 234 @@ -509,36 +315,6 @@ static void multiport_save6_v1(const voi
 235         __multiport_save_v1(match, ip->proto);
 236  }
 237
 238 -static struct xtables_match multiport_match = {
 239 -       .family         = AF_INET,
 240 -       .name           = "multiport",
 241 -       .revision       = 0,
 242 -       .version        = IPTABLES_VERSION,
 243 -       .size           = XT_ALIGN(sizeof(struct xt_multiport)),
 244 -       .userspacesize  = XT_ALIGN(sizeof(struct xt_multiport)),
 245 -       .help           = multiport_help,
 246 -       .parse          = multiport_parse,
 247 -       .final_check    = multiport_check,
 248 -       .print          = multiport_print,
 249 -       .save           = multiport_save,
 250 -       .extra_opts     = multiport_opts,
 251 -};
 252 -
 253 -static struct xtables_match multiport_match6 = {
 254 -       .family         = AF_INET6,
 255 -       .name           = "multiport",
 256 -       .revision       = 0,
 257 -       .version        = IPTABLES_VERSION,
 258 -       .size           = XT_ALIGN(sizeof(struct xt_multiport)),
 259 -       .userspacesize  = XT_ALIGN(sizeof(struct xt_multiport)),
 260 -       .help           = multiport_help,
 261 -       .parse          = multiport_parse6,
 262 -       .final_check    = multiport_check,
 263 -       .print          = multiport_print6,
 264 -       .save           = multiport_save6,
 265 -       .extra_opts     = multiport_opts,
 266 -};
 267 -
 268  static struct xtables_match multiport_match_v1 = {
 269         .family         = AF_INET,
 270         .name           = "multiport",
 271 @@ -572,8 +348,6 @@ static struct xtables_match multiport_ma
 272  void
 273  _init(void)
 274  {
 275 -       xtables_register_match(&multiport_match);
 276 -       xtables_register_match(&multiport_match6);
 277         xtables_register_match(&multiport_match_v1);
 278         xtables_register_match(&multiport_match6_v1);
 279  }