summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--ChangeLog3
-rw-r--r--extensions/libct_proto_sctp.c10
-rw-r--r--extensions/libct_proto_tcp.c10
-rw-r--r--include/conntrack.h2
4 files changed, 20 insertions, 5 deletions
diff --git a/ChangeLog b/ChangeLog
index 7ce1169..51bdeb5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
o moves conntrack tool from bin to sbin directory since this
application is an administration utility and it requires uid==0 or
CAP_NET_ADMIN
+<pablo@eurodev.net>
+ o check if --state missing when -p is passed
+ o Bumped version to 0.96
2005-11-01
<pablo@eurodev.net>
diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c
index 2b1a337..5e96391 100644
--- a/extensions/libct_proto_sctp.c
+++ b/extensions/libct_proto_sctp.c
@@ -108,6 +108,7 @@ int parse_options(char c, char *argv[],
printf("doh?\n");
return 0;
}
+ *flags |= STATE;
}
break;
}
@@ -118,19 +119,24 @@ int final_check(unsigned int flags,
struct nfct_tuple *orig,
struct nfct_tuple *reply)
{
+ int ret = 0;
+
if ((flags & (ORIG_SPORT|ORIG_DPORT))
&& !(flags & (REPL_SPORT|REPL_DPORT))) {
reply->l4src.sctp.port = orig->l4dst.sctp.port;
reply->l4dst.sctp.port = orig->l4src.sctp.port;
- return 1;
+ ret = 1;
} else if (!(flags & (ORIG_SPORT|ORIG_DPORT))
&& (flags & (REPL_SPORT|REPL_DPORT))) {
orig->l4src.sctp.port = reply->l4dst.sctp.port;
orig->l4dst.sctp.port = reply->l4src.sctp.port;
- return 1;
+ ret = 1;
}
if ((flags & (ORIG_SPORT|ORIG_DPORT))
&& ((flags & (REPL_SPORT|REPL_DPORT))))
+ ret = 1;
+
+ if (ret & (flags & STATE))
return 1;
return 0;
diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c
index 4aa6587..7c1e605 100644
--- a/extensions/libct_proto_tcp.c
+++ b/extensions/libct_proto_tcp.c
@@ -131,6 +131,7 @@ int parse_options(char c, char *argv[],
printf("doh?\n");
return 0;
}
+ *flags |= STATE;
}
break;
}
@@ -141,19 +142,24 @@ int final_check(unsigned int flags,
struct nfct_tuple *orig,
struct nfct_tuple *reply)
{
+ int ret = 0;
+
if ((flags & (ORIG_SPORT|ORIG_DPORT))
&& !(flags & (REPL_SPORT|REPL_DPORT))) {
reply->l4src.tcp.port = orig->l4dst.tcp.port;
reply->l4dst.tcp.port = orig->l4src.tcp.port;
- return 1;
+ ret = 1;
} else if (!(flags & (ORIG_SPORT|ORIG_DPORT))
&& (flags & (REPL_SPORT|REPL_DPORT))) {
orig->l4src.tcp.port = reply->l4dst.tcp.port;
orig->l4dst.tcp.port = reply->l4src.tcp.port;
- return 1;
+ ret = 1;
}
if ((flags & (ORIG_SPORT|ORIG_DPORT))
&& ((flags & (REPL_SPORT|REPL_DPORT))))
+ ret = 1;
+
+ if (ret && (flags & STATE))
return 1;
return 0;
diff --git a/include/conntrack.h b/include/conntrack.h
index 58a9170..efe4417 100644
--- a/include/conntrack.h
+++ b/include/conntrack.h
@@ -6,7 +6,7 @@
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#define PROGNAME "conntrack"
-#define CONNTRACK_VERSION "0.95"
+#define CONNTRACK_VERSION "0.96"
/* FIXME: These should be independent from kernel space */
#define IPS_ASSURED (1 << 2)