From 639bbe9d2f41b776bc3384590151265367de01d9 Mon Sep 17 00:00:00 2001 From: Bart De Schuymer Date: Mon, 23 Jan 2006 18:08:07 +0000 Subject: allow SCTP/DCCP (Patrick McHardy) --- extensions/ebt_ip.c | 13 ++++++++----- 1 file changed, 8 insertions(+), 5 deletions(-) (limited to 'extensions/ebt_ip.c') diff --git a/extensions/ebt_ip.c b/extensions/ebt_ip.c index 8e45171..4fac896 100644 --- a/extensions/ebt_ip.c +++ b/extensions/ebt_ip.c @@ -208,18 +208,21 @@ static void final_check(const struct ebt_u_entry *entry, const struct ebt_entry_match *match, const char *name, unsigned int hookmask, unsigned int time) { - struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)match->data; + struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)match->data; if (entry->ethproto != ETH_P_IP || entry->invflags & EBT_IPROTO) { ebt_print_error("For IP filtering the protocol must be " "specified as IPv4"); } else if (ipinfo->bitmask & (EBT_IP_SPORT|EBT_IP_DPORT) && - (!(ipinfo->bitmask & EBT_IP_PROTO) || + (!(ipinfo->bitmask & EBT_IP_PROTO) || ipinfo->invflags & EBT_IP_PROTO || - (ipinfo->protocol!=IPPROTO_TCP && - ipinfo->protocol!=IPPROTO_UDP))) + (ipinfo->protocol!=IPPROTO_TCP && + ipinfo->protocol!=IPPROTO_UDP && + ipinfo->protocol!=IPPROTO_SCTP && + ipinfo->protocol!=IPPROTO_DCCP))) ebt_print_error("For port filtering the IP protocol must be " - "either 6 (tcp) or 17 (udp)"); + "either 6 (tcp), 17 (udp), 33 (dccp) or " + "132 (sctp)"); } static void print(const struct ebt_u_entry *entry, -- cgit v1.2.3