backport multiport stuff from 2.6 to 2.4 (disable rev0 support in iptables itself...
[openwrt/svn-archive/archive.git] / openwrt / package / iptables / patches / 04-multiport_v1.patch
1 diff -urN iptables.old/extensions/libipt_multiport.c iptables.dev/extensions/libipt_multiport.c
2 --- iptables.old/extensions/libipt_multiport.c 2005-02-19 20:19:17.000000000 +0100
3 +++ iptables.dev/extensions/libipt_multiport.c 2006-02-04 05:46:12.154127750 +0100
4 @@ -8,24 +8,6 @@
5 /* To ensure that iptables compiles with an old kernel */
6 #include "../include/linux/netfilter_ipv4/ipt_multiport.h"
7
8 -/* Function which prints out usage message. */
9 -static void
10 -help(void)
11 -{
12 - printf(
13 -"multiport v%s options:\n"
14 -" --source-ports port[,port,port...]\n"
15 -" --sports ...\n"
16 -" match source port(s)\n"
17 -" --destination-ports port[,port,port...]\n"
18 -" --dports ...\n"
19 -" match destination port(s)\n"
20 -" --ports port[,port,port]\n"
21 -" match both source and destination port(s)\n"
22 -" NOTE: this kernel does not support port ranges in multiport.\n",
23 -IPTABLES_VERSION);
24 -}
25 -
26 static void
27 help_v1(void)
28 {
29 @@ -75,26 +57,6 @@
30 "invalid port/service `%s' specified", port);
31 }
32
33 -static unsigned int
34 -parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
35 -{
36 - char *buffer, *cp, *next;
37 - unsigned int i;
38 -
39 - buffer = strdup(portstring);
40 - if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");
41 -
42 - for (cp=buffer, i=0; cp && i<IPT_MULTI_PORTS; cp=next,i++)
43 - {
44 - next=strchr(cp, ',');
45 - if (next) *next++='\0';
46 - ports[i] = parse_port(cp, proto);
47 - }
48 - if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
49 - free(buffer);
50 - return i;
51 -}
52 -
53 static void
54 parse_multi_ports_v1(const char *portstring,
55 struct ipt_multiport_v1 *multiinfo,
56 @@ -160,58 +122,6 @@
57 "multiport only works with TCP or UDP");
58 }
59
60 -/* Function which parses command options; returns true if it
61 - ate an option */
62 -static int
63 -parse(int c, char **argv, int invert, unsigned int *flags,
64 - const struct ipt_entry *entry,
65 - unsigned int *nfcache,
66 - struct ipt_entry_match **match)
67 -{
68 - const char *proto;
69 - struct ipt_multiport *multiinfo
70 - = (struct ipt_multiport *)(*match)->data;
71 -
72 - switch (c) {
73 - case '1':
74 - check_inverse(argv[optind-1], &invert, &optind, 0);
75 - proto = check_proto(entry);
76 - multiinfo->count = parse_multi_ports(argv[optind-1],
77 - multiinfo->ports, proto);
78 - multiinfo->flags = IPT_MULTIPORT_SOURCE;
79 - break;
80 -
81 - case '2':
82 - check_inverse(argv[optind-1], &invert, &optind, 0);
83 - proto = check_proto(entry);
84 - multiinfo->count = parse_multi_ports(argv[optind-1],
85 - multiinfo->ports, proto);
86 - multiinfo->flags = IPT_MULTIPORT_DESTINATION;
87 - break;
88 -
89 - case '3':
90 - check_inverse(argv[optind-1], &invert, &optind, 0);
91 - proto = check_proto(entry);
92 - multiinfo->count = parse_multi_ports(argv[optind-1],
93 - multiinfo->ports, proto);
94 - multiinfo->flags = IPT_MULTIPORT_EITHER;
95 - break;
96 -
97 - default:
98 - return 0;
99 - }
100 -
101 - if (invert)
102 - exit_error(PARAMETER_PROBLEM,
103 - "multiport does not support invert");
104 -
105 - if (*flags)
106 - exit_error(PARAMETER_PROBLEM,
107 - "multiport can only have one option");
108 - *flags = 1;
109 - return 1;
110 -}
111 -
112 static int
113 parse_v1(int c, char **argv, int invert, unsigned int *flags,
114 const struct ipt_entry *entry,
115 @@ -289,43 +199,6 @@
116 printf("%s", service);
117 }
118
119 -/* Prints out the matchinfo. */
120 -static void
121 -print(const struct ipt_ip *ip,
122 - const struct ipt_entry_match *match,
123 - int numeric)
124 -{
125 - const struct ipt_multiport *multiinfo
126 - = (const struct ipt_multiport *)match->data;
127 - unsigned int i;
128 -
129 - printf("multiport ");
130 -
131 - switch (multiinfo->flags) {
132 - case IPT_MULTIPORT_SOURCE:
133 - printf("sports ");
134 - break;
135 -
136 - case IPT_MULTIPORT_DESTINATION:
137 - printf("dports ");
138 - break;
139 -
140 - case IPT_MULTIPORT_EITHER:
141 - printf("ports ");
142 - break;
143 -
144 - default:
145 - printf("ERROR ");
146 - break;
147 - }
148 -
149 - for (i=0; i < multiinfo->count; i++) {
150 - printf("%s", i ? "," : "");
151 - print_port(multiinfo->ports[i], ip->proto, numeric);
152 - }
153 - printf(" ");
154 -}
155 -
156 static void
157 print_v1(const struct ipt_ip *ip,
158 const struct ipt_entry_match *match,
159 @@ -369,34 +242,6 @@
160 printf(" ");
161 }
162
163 -/* Saves the union ipt_matchinfo in parsable form to stdout. */
164 -static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
165 -{
166 - const struct ipt_multiport *multiinfo
167 - = (const struct ipt_multiport *)match->data;
168 - unsigned int i;
169 -
170 - switch (multiinfo->flags) {
171 - case IPT_MULTIPORT_SOURCE:
172 - printf("--sports ");
173 - break;
174 -
175 - case IPT_MULTIPORT_DESTINATION:
176 - printf("--dports ");
177 - break;
178 -
179 - case IPT_MULTIPORT_EITHER:
180 - printf("--ports ");
181 - break;
182 - }
183 -
184 - for (i=0; i < multiinfo->count; i++) {
185 - printf("%s", i ? "," : "");
186 - print_port(multiinfo->ports[i], ip->proto, 1);
187 - }
188 - printf(" ");
189 -}
190 -
191 static void save_v1(const struct ipt_ip *ip,
192 const struct ipt_entry_match *match)
193 {
194 @@ -432,19 +277,20 @@
195 printf(" ");
196 }
197
198 +
199 static struct iptables_match multiport = {
200 .next = NULL,
201 .name = "multiport",
202 - .revision = 0,
203 .version = IPTABLES_VERSION,
204 - .size = IPT_ALIGN(sizeof(struct ipt_multiport)),
205 - .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport)),
206 - .help = &help,
207 + .revision = 0,
208 + .size = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
209 + .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport_v1)),
210 + .help = &help_v1,
211 .init = &init,
212 - .parse = &parse,
213 + .parse = &parse_v1,
214 .final_check = &final_check,
215 - .print = &print,
216 - .save = &save,
217 + .print = &print_v1,
218 + .save = &save_v1,
219 .extra_opts = opts
220 };
221