update iptables to 1.4.0 (2.6 kernels only), refresh kernel patches

[openwrt/svn-archive/archive.git] / package / iptables / patches / 1.4.0 / 004-drop_multiport_v0_support.patch

Index: iptables-1.4.0/extensions/libxt_multiport.c
===================================================================
--- iptables-1.4.0.orig/extensions/libxt_multiport.c
+++ iptables-1.4.0/extensions/libxt_multiport.c
@@ -12,22 +12,6 @@
 #include "../include/linux/netfilter/xt_multiport.h"
 
 /* Function which prints out usage message. */
-static void multiport_help(void)
-{
-       printf(
-"multiport v%s options:\n"
-" --source-ports port[,port,port...]\n"
-" --sports ...\n"
-"                              match source port(s)\n"
-" --destination-ports port[,port,port...]\n"
-" --dports ...\n"
-"                              match destination port(s)\n"
-" --ports port[,port,port]\n"
-"                              match both source and destination port(s)\n"
-" NOTE: this kernel does not support port ranges in multiport.\n",
-IPTABLES_VERSION);
-}
-
 static void multiport_help_v1(void)
 {
        printf(
@@ -71,26 +55,6 @@ proto_to_name(u_int8_t proto)
        }
 }
 
-static unsigned int
-parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
-{
-       char *buffer, *cp, *next;
-       unsigned int i;
-
-       buffer = strdup(portstring);
-       if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed");
-
-       for (cp=buffer, i=0; cp && i<XT_MULTI_PORTS; cp=next,i++)
-       {
-               next=strchr(cp, ',');
-               if (next) *next++='\0';
-               ports[i] = parse_port(cp, proto);
-       }
-       if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified");
-       free(buffer);
-       return i;
-}
-
 static void
 parse_multi_ports_v1(const char *portstring, 
                     struct xt_multiport_v1 *multiinfo,
@@ -154,73 +118,6 @@ check_proto(u_int16_t pnum, u_int8_t inv
 /* Function which parses command options; returns true if it
    ate an option */
 static int
-__multiport_parse(int c, char **argv, int invert, unsigned int *flags,
-                  struct xt_entry_match **match, u_int16_t pnum,
-                  u_int8_t invflags)
-{
-       const char *proto;
-       struct xt_multiport *multiinfo
-               = (struct xt_multiport *)(*match)->data;
-
-       switch (c) {
-       case '1':
-               check_inverse(argv[optind-1], &invert, &optind, 0);
-               proto = check_proto(pnum, invflags);
-               multiinfo->count = parse_multi_ports(argv[optind-1],
-                                                    multiinfo->ports, proto);
-               multiinfo->flags = XT_MULTIPORT_SOURCE;
-               break;
-
-       case '2':
-               check_inverse(argv[optind-1], &invert, &optind, 0);
-               proto = check_proto(pnum, invflags);
-               multiinfo->count = parse_multi_ports(argv[optind-1],
-                                                    multiinfo->ports, proto);
-               multiinfo->flags = XT_MULTIPORT_DESTINATION;
-               break;
-
-       case '3':
-               check_inverse(argv[optind-1], &invert, &optind, 0);
-               proto = check_proto(pnum, invflags);
-               multiinfo->count = parse_multi_ports(argv[optind-1],
-                                                    multiinfo->ports, proto);
-               multiinfo->flags = XT_MULTIPORT_EITHER;
-               break;
-
-       default:
-               return 0;
-       }
-
-       if (invert)
-               exit_error(PARAMETER_PROBLEM,
-                          "multiport does not support invert");
-
-       if (*flags)
-               exit_error(PARAMETER_PROBLEM,
-                          "multiport can only have one option");
-       *flags = 1;
-       return 1;
-}
-
-static int
-multiport_parse(int c, char **argv, int invert, unsigned int *flags,
-                const void *e, struct xt_entry_match **match)
-{
-       const struct ipt_entry *entry = e;
-       return __multiport_parse(c, argv, invert, flags, match,
-              entry->ip.proto, entry->ip.invflags);
-}
-
-static int
-multiport_parse6(int c, char **argv, int invert, unsigned int *flags,
-                 const void *e, struct xt_entry_match **match)
-{
-       const struct ip6t_entry *entry = (const struct ip6t_entry *)e;
-       return __multiport_parse(c, argv, invert, flags, match,
-              entry->ipv6.proto, entry->ipv6.invflags);
-}
-
-static int
 __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags,
                      struct xt_entry_match **match, u_int16_t pnum,
                      u_int8_t invflags)
@@ -313,55 +210,6 @@ print_port(u_int16_t port, u_int8_t prot
 }
 
 /* Prints out the matchinfo. */
-static void
-__multiport_print(const struct xt_entry_match *match, int numeric,
-                  u_int16_t proto)
-{
-       const struct xt_multiport *multiinfo
-               = (const struct xt_multiport *)match->data;
-       unsigned int i;
-
-       printf("multiport ");
-
-       switch (multiinfo->flags) {
-       case XT_MULTIPORT_SOURCE:
-               printf("sports ");
-               break;
-
-       case XT_MULTIPORT_DESTINATION:
-               printf("dports ");
-               break;
-
-       case XT_MULTIPORT_EITHER:
-               printf("ports ");
-               break;
-
-       default:
-               printf("ERROR ");
-               break;
-       }
-
-       for (i=0; i < multiinfo->count; i++) {
-               printf("%s", i ? "," : "");
-               print_port(multiinfo->ports[i], proto, numeric);
-       }
-       printf(" ");
-}
-
-static void multiport_print(const void *ip_void,
-                            const struct xt_entry_match *match, int numeric)
-{
-       const struct ipt_ip *ip = ip_void;
-       __multiport_print(match, numeric, ip->proto);
-}
-
-static void multiport_print6(const void *ip_void,
-                             const struct xt_entry_match *match, int numeric)
-{
-       const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
-       __multiport_print(match, numeric, ip->proto);
-}
-
 static void __multiport_print_v1(const struct xt_entry_match *match,
                                  int numeric, u_int16_t proto)
 {
@@ -418,48 +266,6 @@ static void multiport_print6_v1(const vo
 }
 
 /* Saves the union ipt_matchinfo in parsable form to stdout. */
-static void __multiport_save(const struct xt_entry_match *match,
-                             u_int16_t proto)
-{
-       const struct xt_multiport *multiinfo
-               = (const struct xt_multiport *)match->data;
-       unsigned int i;
-
-       switch (multiinfo->flags) {
-       case XT_MULTIPORT_SOURCE:
-               printf("--sports ");
-               break;
-
-       case XT_MULTIPORT_DESTINATION:
-               printf("--dports ");
-               break;
-
-       case XT_MULTIPORT_EITHER:
-               printf("--ports ");
-               break;
-       }
-
-       for (i=0; i < multiinfo->count; i++) {
-               printf("%s", i ? "," : "");
-               print_port(multiinfo->ports[i], proto, 1);
-       }
-       printf(" ");
-}
-
-static void multiport_save(const void *ip_void,
-                           const struct xt_entry_match *match)
-{
-       const struct ipt_ip *ip = ip_void;
-       __multiport_save(match, ip->proto);
-}
-
-static void multiport_save6(const void *ip_void,
-                            const struct xt_entry_match *match)
-{
-       const struct ip6t_ip6 *ip = (const struct ip6t_ip6 *)ip_void;
-       __multiport_save(match, ip->proto);
-}
-
 static void __multiport_save_v1(const struct xt_entry_match *match,
                                 u_int16_t proto)
 {
@@ -509,36 +315,6 @@ static void multiport_save6_v1(const voi
        __multiport_save_v1(match, ip->proto);
 }
 
-static struct xtables_match multiport_match = {
-       .family         = AF_INET,
-       .name           = "multiport",
-       .revision       = 0,
-       .version        = IPTABLES_VERSION,
-       .size           = XT_ALIGN(sizeof(struct xt_multiport)),
-       .userspacesize  = XT_ALIGN(sizeof(struct xt_multiport)),
-       .help           = multiport_help,
-       .parse          = multiport_parse,
-       .final_check    = multiport_check,
-       .print          = multiport_print,
-       .save           = multiport_save,
-       .extra_opts     = multiport_opts,
-};
-
-static struct xtables_match multiport_match6 = {
-       .family         = AF_INET6,
-       .name           = "multiport",
-       .revision       = 0,
-       .version        = IPTABLES_VERSION,
-       .size           = XT_ALIGN(sizeof(struct xt_multiport)),
-       .userspacesize  = XT_ALIGN(sizeof(struct xt_multiport)),
-       .help           = multiport_help,
-       .parse          = multiport_parse6,
-       .final_check    = multiport_check,
-       .print          = multiport_print6,
-       .save           = multiport_save6,
-       .extra_opts     = multiport_opts,
-};
-
 static struct xtables_match multiport_match_v1 = {
        .family         = AF_INET,
        .name           = "multiport",
@@ -572,8 +348,6 @@ static struct xtables_match multiport_ma
 void
 _init(void)
 {
-       xtables_register_match(&multiport_match);
-       xtables_register_match(&multiport_match6);
        xtables_register_match(&multiport_match_v1);
        xtables_register_match(&multiport_match6_v1);
 }