summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorlaforge <laforge>2003-03-03 07:24:27 +0000
committerlaforge <laforge>2003-03-03 07:24:27 +0000
commit4a4e44d628b332828fea920ebeaa8340293748e9 (patch)
tree23469b8e96e02bd06aa8f9c7b46d67215aaf46d7 /extensions
parent5cb247474d61329b8524e952e7f7ae350e28927b (diff)
'recent' match update by Stephen Frost:
- Moved RECENT_NAME/RECENT_VER #define's to ipt_recent.h - Added #define for IPT_RECENT_NAME_LEN instead of using constants directly - Changed default packet count list length to 20 instead of 10 - Added option to define permissions for proc files created under /proc/net/ipt_recent - Changed printfs to be unsigned for unsigned variables - Added explicit NULL termination for table name - Fixed TTL checking to deal with TTL decrementing in routing logic, should work across chains now. - Side to check/set against is no longer per-table but per-rule, default src - Created unsigned time_temp for time caluclations instead of using signed temp variables - Fixed spinlock handling in checkentry to not vmalloc while holding a spinlock. - Cleaned up memory free'ing routines to correctly free all memory on failure - Fixed spinlock handling in destroy to not free while holding spinlock - Added sanity check to hash table size, if an invalid size is given the default will be used instead and a warning generated. - Fixed save() function in libipt_recent.c - Cleaned up and shortened recent.patch.help
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libipt_recent.c35
1 files changed, 18 insertions, 17 deletions
diff --git a/extensions/libipt_recent.c b/extensions/libipt_recent.c
index 7c16d20..e38fa31 100644
--- a/extensions/libipt_recent.c
+++ b/extensions/libipt_recent.c
@@ -32,6 +32,7 @@ help(void)
" --name name Name of the recent list to be used. DEFAULT used if none given.\n"
" --rsource Save the source address of each packet in the recent list table (default).\n"
" --rdest Save the destination address of each packet in the recent list table.\n"
+RECENT_NAME " " RECENT_VER ": Stephen Frost <sfrost@snowman.net>. http://snowman.net/projects/ipt_recent/\n"
,
IPTABLES_VERSION);
@@ -59,7 +60,7 @@ init(struct ipt_entry_match *match, unsigned int *nfcache)
*nfcache |= NFC_UNKNOWN;
- strncpy(info->name,"DEFAULT",200);
+ strncpy(info->name,"DEFAULT",IPT_RECENT_NAME_LEN);
info->side = IPT_RECENT_SOURCE;
}
@@ -75,7 +76,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
switch (c) {
case 201:
if (*flags) exit_error(PARAMETER_PROBLEM,
- "recent: only one of `--set', `--check' "
+ "recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
check_inverse(optarg, &invert, &optind, 0);
info->check_set |= IPT_RECENT_SET;
@@ -85,7 +86,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
case 202:
if (*flags) exit_error(PARAMETER_PROBLEM,
- "recent: only one of `--set', `--check' "
+ "recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
check_inverse(optarg, &invert, &optind, 0);
info->check_set |= IPT_RECENT_CHECK;
@@ -95,7 +96,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
case 203:
if (*flags) exit_error(PARAMETER_PROBLEM,
- "recent: only one of `--set', `--check' "
+ "recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
check_inverse(optarg, &invert, &optind, 0);
info->check_set |= IPT_RECENT_UPDATE;
@@ -105,7 +106,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
case 206:
if (*flags) exit_error(PARAMETER_PROBLEM,
- "recent: only one of `--set', `--check' "
+ "recent: only one of `--set', `--rcheck' "
"`--update' or `--remove' may be set");
check_inverse(optarg, &invert, &optind, 0);
info->check_set |= IPT_RECENT_REMOVE;
@@ -126,7 +127,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
break;
case 208:
- strncpy(info->name,optarg,200);
+ strncpy(info->name,optarg,IPT_RECENT_NAME_LEN);
break;
case 209:
@@ -151,7 +152,7 @@ final_check(unsigned int flags)
if (!flags)
exit_error(PARAMETER_PROBLEM,
- "recent: you must specify one of `--set', `--check' "
+ "recent: you must specify one of `--set', `--rcheck' "
"`--update' or `--remove'");
}
@@ -187,16 +188,16 @@ save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
if (info->invert) fputc('!', stdout);
printf("recent: ");
- if(info->check_set & IPT_RECENT_SET) printf("SET ");
- if(info->check_set & IPT_RECENT_CHECK) printf("CHECK ");
- if(info->check_set & IPT_RECENT_UPDATE) printf("UPDATE ");
- if(info->check_set & IPT_RECENT_REMOVE) printf("REMOVE ");
- if(info->seconds) printf("seconds: %d ",info->seconds);
- if(info->hit_count) printf("hit_count: %d ",info->hit_count);
- if(info->check_set & IPT_RECENT_TTL) printf("TTL-Match ");
- if(info->name) printf("name: %s ",info->name);
- if(info->side == IPT_RECENT_SOURCE) printf("side: source ");
- if(info->side == IPT_RECENT_DEST) printf("side: dest");
+ if(info->check_set & IPT_RECENT_SET) printf("--set ");
+ if(info->check_set & IPT_RECENT_CHECK) printf("--rcheck ");
+ if(info->check_set & IPT_RECENT_UPDATE) printf("--update ");
+ if(info->check_set & IPT_RECENT_REMOVE) printf("--remove ");
+ if(info->seconds) printf("--seconds %d ",info->seconds);
+ if(info->hit_count) printf("--hitcount %d ",info->hit_count);
+ if(info->check_set & IPT_RECENT_TTL) printf("-rttl ");
+ if(info->name) printf("--name %s ",info->name);
+ if(info->side == IPT_RECENT_SOURCE) printf("--rsource ");
+ if(info->side == IPT_RECENT_DEST) printf("--rdest ");
}
static