diff options
| author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-10-16 21:13:29 +0000 | 
|---|---|---|
| committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-10-16 21:13:29 +0000 | 
| commit | da9b980f8d34c436b31d5a0a09b4ea27849c9c82 (patch) | |
| tree | 8b3e27bae375b64c2b3d35e1e9b1bb226f9514a1 /extensions | |
| parent | cce8dd1bd45465dd9b18e4f02b5d007cb39079b0 (diff) | |
See ChangeLog
Diffstat (limited to 'extensions')
| -rw-r--r-- | extensions/libct_proto_icmp.c | 41 | ||||
| -rw-r--r-- | extensions/libct_proto_sctp.c | 31 | ||||
| -rw-r--r-- | extensions/libct_proto_tcp.c | 49 | ||||
| -rw-r--r-- | extensions/libct_proto_udp.c | 35 | 
4 files changed, 37 insertions, 119 deletions
| diff --git a/extensions/libct_proto_icmp.c b/extensions/libct_proto_icmp.c index be81507..7142fa7 100644 --- a/extensions/libct_proto_icmp.c +++ b/extensions/libct_proto_icmp.c @@ -13,6 +13,7 @@  #include <stdlib.h>  #include <netinet/in.h> /* For htons */  #include <netinet/ip_icmp.h> +#include <libnetfilter_conntrack/libnetfilter_conntrack.h>  #include "libct_proto.h"  static struct option opts[] = { @@ -52,10 +53,10 @@ static u_int8_t invmap[]  	    [ICMP_ADDRESSREPLY] = ICMP_ADDRESS + 1};  int parse(char c, char *argv[],  -	   struct ctnl_tuple *orig, -	   struct ctnl_tuple *reply, -	   struct ctnl_tuple *mask, -	   union ctnl_protoinfo *proto, +	   struct nfct_tuple *orig, +	   struct nfct_tuple *reply, +	   struct nfct_tuple *mask, +	   union nfct_protoinfo *proto,  	   unsigned int *flags)  {  	switch(c) { @@ -85,24 +86,9 @@ int parse(char c, char *argv[],  	return 1;  } -void parse_proto(struct nfattr *cda[], struct ctnl_tuple *tuple) -{ -	if (cda[CTA_PROTO_ICMP_TYPE-1]) -		tuple->l4dst.icmp.type = -			*(u_int8_t *)NFA_DATA(cda[CTA_PROTO_ICMP_TYPE-1]); - -	if (cda[CTA_PROTO_ICMP_CODE-1]) -		tuple->l4dst.icmp.code = -			*(u_int8_t *)NFA_DATA(cda[CTA_PROTO_ICMP_CODE-1]); - -	if (cda[CTA_PROTO_ICMP_ID-1]) -		tuple->l4src.icmp.id = -			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_ICMP_ID-1]); -} -  int final_check(unsigned int flags, -		struct ctnl_tuple *orig, -		struct ctnl_tuple *reply) +		struct nfct_tuple *orig, +		struct nfct_tuple *reply)  {  	if (!(flags & ICMP_TYPE))  		return 0; @@ -112,21 +98,10 @@ int final_check(unsigned int flags,  	return 1;  } -void print_proto(struct ctnl_tuple *t) -{ -	fprintf(stdout, "type=%d code=%d ", t->l4dst.icmp.type, -					    t->l4dst.icmp.code); -	/* ID only makes sense with ECHO */ -	if (t->l4dst.icmp.type == 8) -		fprintf(stdout, "id=%d ", t->l4src.icmp.id); -} -  static struct ctproto_handler icmp = {  	.name 		= "icmp", -	.protonum	= 1, +	.protonum	= IPPROTO_ICMP,  	.parse_opts	= parse, -	.parse_proto	= parse_proto, -	.print_proto	= print_proto,  	.final_check	= final_check,  	.help		= help,  	.opts		= opts, diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c index 9afb661..bc91966 100644 --- a/extensions/libct_proto_sctp.c +++ b/extensions/libct_proto_sctp.c @@ -12,9 +12,8 @@  #include <stdlib.h>  #include <string.h>  #include <netinet/in.h> /* For htons */ -#include <linux/netfilter/nfnetlink_conntrack.h>  #include "libct_proto.h" -#include <libnfnetlink_conntrack/libnfnetlink_conntrack.h> +#include <libnetfilter_conntrack/libnetfilter_conntrack.h>  static struct option opts[] = {  	{"orig-port-src", 1, 0, '1'}, @@ -63,10 +62,10 @@ void help()  }  int parse_options(char c, char *argv[],  -		  struct ctnl_tuple *orig, -		  struct ctnl_tuple *reply, -		  struct ctnl_tuple *mask, -		  union ctnl_protoinfo *proto, +		  struct nfct_tuple *orig, +		  struct nfct_tuple *reply, +		  struct nfct_tuple *mask, +		  union nfct_protoinfo *proto,  		  unsigned int *flags)  {  	switch(c) { @@ -100,7 +99,7 @@ int parse_options(char c, char *argv[],  				for (i=0; i<10; i++) {  					if (strcmp(optarg, states[i]) == 0) {  						/* FIXME: Add state to -						 * ctnl_protoinfo +						 * nfct_protoinfo  						proto->sctp.state = i; */  						break;  					} @@ -116,8 +115,8 @@ int parse_options(char c, char *argv[],  }  int final_check(unsigned int flags, -		struct ctnl_tuple *orig, -		struct ctnl_tuple *reply) +		struct nfct_tuple *orig, +		struct nfct_tuple *reply)  {  	if ((flags & (ORIG_SPORT|ORIG_DPORT))   	    && !(flags & (REPL_SPORT|REPL_DPORT))) { @@ -137,7 +136,7 @@ int final_check(unsigned int flags,  	return 0;  } -void parse_proto(struct nfattr *cda[], struct ctnl_tuple *tuple) +void parse_proto(struct nfattr *cda[], struct nfct_tuple *tuple)  {  	if (cda[CTA_PROTO_SRC_PORT-1])  		tuple->l4src.sctp.port = @@ -147,7 +146,7 @@ void parse_proto(struct nfattr *cda[], struct ctnl_tuple *tuple)  			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_DST_PORT-1]);  } -void parse_protoinfo(struct nfattr *cda[], struct ctnl_conntrack *ct) +void parse_protoinfo(struct nfattr *cda[], struct nfct_conntrack *ct)  {  /*	if (cda[CTA_PROTOINFO_SCTP_STATE-1])                  ct->protoinfo.sctp.state = @@ -155,12 +154,12 @@ void parse_protoinfo(struct nfattr *cda[], struct ctnl_conntrack *ct)  */  } -void print_protoinfo(union ctnl_protoinfo *protoinfo) +void print_protoinfo(union nfct_protoinfo *protoinfo)  {  /*	fprintf(stdout, "%s ", states[protoinfo->sctp.state]); */  } -void print_proto(struct ctnl_tuple *tuple) +void print_proto(struct nfct_tuple *tuple)  {  	fprintf(stdout, "sport=%u dport=%u ", htons(tuple->l4src.sctp.port),  					      htons(tuple->l4dst.sctp.port)); @@ -168,12 +167,8 @@ void print_proto(struct ctnl_tuple *tuple)  static struct ctproto_handler sctp = {  	.name 			= "sctp", -	.protonum		= 132, +	.protonum		= IPPROTO_SCTP,  	.parse_opts		= parse_options, -	.parse_protoinfo	= parse_protoinfo, -	.parse_proto		= parse_proto, -	.print_proto		= print_proto, -	.print_protoinfo	= print_protoinfo,  	.final_check		= final_check,  	.help			= help,  	.opts			= opts, diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index 4f3094f..3b06aa2 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -12,8 +12,7 @@  #include <stdlib.h>  #include <string.h>  #include <netinet/in.h> /* For htons */ -#include <linux/netfilter/nfnetlink_conntrack.h> -#include <libnfnetlink_conntrack/libnfnetlink_conntrack.h> +#include <libnetfilter_conntrack/libnetfilter_conntrack.h>  #include "libct_proto.h" @@ -76,10 +75,10 @@ void help()  }  int parse_options(char c, char *argv[],  -		  struct ctnl_tuple *orig, -		  struct ctnl_tuple *reply, -		  struct ctnl_tuple *mask, -		  union ctnl_protoinfo *proto, +		  struct nfct_tuple *orig, +		  struct nfct_tuple *reply, +		  struct nfct_tuple *mask, +		  union nfct_protoinfo *proto,  		  unsigned int *flags)  {  	switch(c) { @@ -139,8 +138,8 @@ int parse_options(char c, char *argv[],  }  int final_check(unsigned int flags, -		struct ctnl_tuple *orig, -		struct ctnl_tuple *reply) +		struct nfct_tuple *orig, +		struct nfct_tuple *reply)  {  	if ((flags & (ORIG_SPORT|ORIG_DPORT))   	    && !(flags & (REPL_SPORT|REPL_DPORT))) { @@ -160,42 +159,10 @@ int final_check(unsigned int flags,  	return 0;  } -void parse_proto(struct nfattr *cda[], struct ctnl_tuple *tuple) -{ -	if (cda[CTA_PROTO_SRC_PORT-1]) -		tuple->l4src.tcp.port = -			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_SRC_PORT-1]); -	if (cda[CTA_PROTO_DST_PORT-1]) -		tuple->l4dst.tcp.port = -			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_DST_PORT-1]); -} - -void parse_protoinfo(struct nfattr *cda[], struct ctnl_conntrack *ct) -{ -	if (cda[CTA_PROTOINFO_TCP_STATE-1]) -                ct->protoinfo.tcp.state = -                        *(u_int8_t *)NFA_DATA(cda[CTA_PROTOINFO_TCP_STATE-1]); -} - -void print_protoinfo(union ctnl_protoinfo *protoinfo) -{ -	fprintf(stdout, "%s ", states[protoinfo->tcp.state]); -} - -void print_proto(struct ctnl_tuple *tuple) -{ -	fprintf(stdout, "sport=%u dport=%u ", htons(tuple->l4src.tcp.port), -					      htons(tuple->l4dst.tcp.port)); -} -  static struct ctproto_handler tcp = {  	.name 			= "tcp", -	.protonum		= 6, +	.protonum		= IPPROTO_TCP,  	.parse_opts		= parse_options, -	.parse_protoinfo	= parse_protoinfo, -	.parse_proto		= parse_proto, -	.print_proto		= print_proto, -	.print_protoinfo	= print_protoinfo,  	.final_check		= final_check,  	.help			= help,  	.opts			= opts, diff --git a/extensions/libct_proto_udp.c b/extensions/libct_proto_udp.c index ecde5f2..8e77f0c 100644 --- a/extensions/libct_proto_udp.c +++ b/extensions/libct_proto_udp.c @@ -11,9 +11,8 @@  #include <getopt.h>  #include <stdlib.h>  #include <netinet/in.h> /* For htons */ -#include <linux/netfilter/nfnetlink_conntrack.h>  #include "libct_proto.h" -#include <libnfnetlink_conntrack/libnfnetlink_conntrack.h> +#include <libnetfilter_conntrack/libnetfilter_conntrack.h>  static struct option opts[] = {  	{"orig-port-src", 1, 0, '1'}, @@ -56,10 +55,10 @@ void help()  }  int parse_options(char c, char *argv[],  -		  struct ctnl_tuple *orig, -		  struct ctnl_tuple *reply, -		  struct ctnl_tuple *mask, -		  union ctnl_protoinfo *proto, +		  struct nfct_tuple *orig, +		  struct nfct_tuple *reply, +		  struct nfct_tuple *mask, +		  union nfct_protoinfo *proto,  		  unsigned int *flags)  {  	switch(c) { @@ -104,8 +103,8 @@ int parse_options(char c, char *argv[],  }  int final_check(unsigned int flags, -		struct ctnl_tuple *orig, -		struct ctnl_tuple *reply) +		struct nfct_tuple *orig, +		struct nfct_tuple *reply)  {  	if ((flags & (ORIG_SPORT|ORIG_DPORT))   	    && !(flags & (REPL_SPORT|REPL_DPORT))) { @@ -125,28 +124,10 @@ int final_check(unsigned int flags,  	return 0;  } -void parse_proto(struct nfattr *cda[], struct ctnl_tuple *tuple) -{ -	if (cda[CTA_PROTO_SRC_PORT-1]) -		tuple->l4src.udp.port = -			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_SRC_PORT-1]); -	if (cda[CTA_PROTO_DST_PORT-1]) -		tuple->l4dst.udp.port = -			*(u_int16_t *)NFA_DATA(cda[CTA_PROTO_DST_PORT-1]); -} - -void print_proto(struct ctnl_tuple *tuple) -{ -	fprintf(stdout, "sport=%u dport=%u ", htons(tuple->l4src.udp.port), -					      htons(tuple->l4dst.udp.port)); -} -  static struct ctproto_handler udp = {  	.name 			= "udp", -	.protonum		= 17, +	.protonum		= IPPROTO_UDP,  	.parse_opts		= parse_options, -	.parse_proto		= parse_proto, -	.print_proto		= print_proto,  	.final_check		= final_check,  	.help			= help,  	.opts			= opts, | 
