summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--Rules.make16
-rw-r--r--extensions/libipt_LOG.c4
-rw-r--r--extensions/libipt_MARK.c8
-rw-r--r--extensions/libipt_REJECT.c34
-rw-r--r--extensions/libipt_TOS.c12
-rw-r--r--extensions/libipt_limit.c2
-rw-r--r--extensions/libipt_mark.c2
-rw-r--r--extensions/libipt_tos.c6
-rw-r--r--iptables-restore.c2
-rw-r--r--iptables-save.c2
-rw-r--r--iptables.c20
-rw-r--r--libipq/libipq.c22
-rw-r--r--libiptc/libiptc.c14
13 files changed, 72 insertions, 72 deletions
diff --git a/Rules.make b/Rules.make
index b90866d..1623c46 100644
--- a/Rules.make
+++ b/Rules.make
@@ -25,10 +25,10 @@ $(SHARED_LIBS): %.so : %_sh.o
%_sh.o : %.c
$(CC) $(SH_CFLAGS) -o $@ -c $<
-distrib: nowhitespace distclean delrelease /home/public/netfilter/netfilter-$(NETFILTER_VERSION).tar.bz2 #diff md5sums
+distrib: nowhitespace distclean delrelease /home/public/netfilter/iptables-$(NETFILTER_VERSION).tar.bz2 #diff md5sums
delrelease:
- rm -f /home/public/netfilter/netfilter-$(NETFILTER_VERSION).tar.bz2
+ rm -f /home/public/netfilter/iptables-$(NETFILTER_VERSION).tar.bz2
distclean: clean
@rm -f TAGS `find . -name '*~' -o -name '*.[do]' -o -name '*.rej'` .makefirst
@@ -36,17 +36,17 @@ distclean: clean
nowhitespace:
@if grep -n '[ ]$$' `find . -name 'Makefile' -o -name '*.[ch]'`; then exit 1; else exit 0; fi
-/home/public/netfilter/netfilter-$(NETFILTER_VERSION).tar.bz2:
- cd .. && ln -sfn netfilter netfilter-$(NETFILTER_VERSION) && tar cvf - --exclude install-kernel --exclude transfer --exclude netfilter-$(NETFILTER_VERSION)/bugs --exclude CVS --exclude .depend --exclude netfilter-$(NETFILTER_VERSION)/./NAT/userspace/.depend --exclude netfilter-$(NETFILTER_VERSION)/linux-netfilter netfilter-$(NETFILTER_VERSION)/. | bzip2 -9 > $@ && rm netfilter-$(NETFILTER_VERSION)
+/home/public/netfilter/iptables-$(NETFILTER_VERSION).tar.bz2:
+ cd .. && ln -sfn userspace iptables-$(NETFILTER_VERSION) && tar cvf - --exclude install-kernel --exclude transfer --exclude iptables-$(NETFILTER_VERSION)/bugs --exclude CVS --exclude .depend iptables-$(NETFILTER_VERSION)/. | bzip2 -9 > $@ && rm iptables-$(NETFILTER_VERSION)
-diff: /home/public/netfilter/netfilter-$(NETFILTER_VERSION).tar.bz2
+diff: /home/public/netfilter/iptables-$(NETFILTER_VERSION).tar.bz2
@mkdir /tmp/diffdir
- @cd /tmp/diffdir && tar xfI /home/public/netfilter/netfilter-$(NETFILTER_VERSION).tar.bz2
- @set -e; cd /tmp/diffdir; tar xfI /home/public/netfilter/netfilter-$(OLD_NETFILTER_VERSION).tar.bz2; echo Creating patch-netfilter-$(OLD_NETFILTER_VERSION)-$(NETFILTER_VERSION).bz2; diff -urN netfilter-$(OLD_NETFILTER_VERSION) netfilter-$(NETFILTER_VERSION) | bzip2 -9 > /home/public/netfilter/patch-netfilter-$(OLD_NETFILTER_VERSION)-$(NETFILTER_VERSION).bz2
+ @cd /tmp/diffdir && tar xfI /home/public/netfilter/iptables-$(NETFILTER_VERSION).tar.bz2
+ @set -e; cd /tmp/diffdir; tar xfI /home/public/netfilter/iptables-$(OLD_NETFILTER_VERSION).tar.bz2; echo Creating patch-iptables-$(OLD_NETFILTER_VERSION)-$(NETFILTER_VERSION).bz2; diff -urN iptables-$(OLD_NETFILTER_VERSION) iptables-$(NETFILTER_VERSION) | bzip2 -9 > /home/public/netfilter/patch-iptables-$(OLD_NETFILTER_VERSION)-$(NETFILTER_VERSION).bz2
@rm -rf /tmp/diffdir
md5sums:
- cd /home/public/netfilter/ && md5sum patch-netfilter-*-$(NETFILTER_VERSION).bz2 netfilter-$(NETFILTER_VERSION).tar.bz2
+ cd /home/public/netfilter/ && md5sum patch-iptables-*-$(NETFILTER_VERSION).bz2 iptables-$(NETFILTER_VERSION).tar.bz2
.makefirst:
@echo Making dependencies: please wait...
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index cab5739..ce4adb2 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -113,7 +113,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_LOG_OPT_LEVEL)
exit_error(PARAMETER_PROBLEM,
"Can't specify --log-level twice");
-
+
if (check_inverse(optarg, &invert))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --log-level");
@@ -126,7 +126,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_LOG_OPT_PREFIX)
exit_error(PARAMETER_PROBLEM,
"Can't specify --log-prefix twice");
-
+
if (check_inverse(optarg, &invert))
exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --log-prefix");
diff --git a/extensions/libipt_MARK.c b/extensions/libipt_MARK.c
index ef5a60d..a7cb60c 100644
--- a/extensions/libipt_MARK.c
+++ b/extensions/libipt_MARK.c
@@ -56,7 +56,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
"MARK target: Can't specify --set-mark twice");
*flags = 1;
break;
-
+
default:
return 0;
}
@@ -87,7 +87,7 @@ print(const struct ipt_ip *ip,
const struct ipt_mark_target_info *markinfo =
(const struct ipt_mark_target_info *)target->data;
printf("MARK set ");
- print_mark(markinfo->mark, numeric);
+ print_mark(markinfo->mark, numeric);
}
/* Saves the union ipt_targinfo in parsable form to stdout. */
@@ -96,8 +96,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
{
const struct ipt_mark_target_info *markinfo =
(const struct ipt_mark_target_info *)target->data;
-
- printf("--set-mark 0x%lx ", markinfo->mark);
+
+ printf("--set-mark 0x%lx ", markinfo->mark);
}
struct iptables_target mark
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c
index e336587..f174c6a 100644
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -18,7 +18,7 @@ struct reject_names {
};
static const struct reject_names reject_table[] = {
- {"icmp-net-unreachable", "net-unreach",
+ {"icmp-net-unreachable", "net-unreach",
IPT_ICMP_NET_UNREACHABLE, "ICMP network unreachable"},
{"icmp-host-unreachable", "host-unreach",
IPT_ICMP_HOST_UNREACHABLE, "ICMP host unreachable"},
@@ -26,17 +26,17 @@ static const struct reject_names reject_table[] = {
IPT_ICMP_PORT_UNREACHABLE, "ICMP port unreachable (default)"},
{"icmp-proto-unreachable", "proto-unreach",
IPT_ICMP_PROT_UNREACHABLE, "ICMP protocol unreachable"},
- {"tcp-reset", "rst",
+ {"tcp-reset", "rst",
IPT_TCP_RESET, "for TCP only: faked TCP RST"},
{"echo-reply", "echoreply",
IPT_ICMP_ECHOREPLY, "for ICMP echo only: faked ICMP echo reply"},
};
-static void
+static void
print_reject_types()
{
unsigned int i;
-
+
printf("Valid reject types:\n");
for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++) {
@@ -49,7 +49,7 @@ print_reject_types()
/* Saves the union ipt_targinfo in parsable form to stdout. */
/* Function which prints out usage message. */
-static void
+static void
help(void)
{
printf(
@@ -70,10 +70,10 @@ static void
init(struct ipt_entry_target *t, unsigned int *nfcache)
{
struct ipt_reject_info *reject = (struct ipt_reject_info *)t->data;
-
+
/* default */
reject->with = IPT_ICMP_PORT_UNREACHABLE;
-
+
/* Can't cache this */
*nfcache |= NFC_UNKNOWN;
}
@@ -84,15 +84,15 @@ static int
parse(int c, char **argv, int invert, unsigned int *flags,
const struct ipt_entry *entry,
struct ipt_entry_target **target)
-{
+{
struct ipt_reject_info *reject = (struct ipt_reject_info *)(*target)->data;
unsigned int limit = sizeof(reject_table)/sizeof(struct reject_names);
unsigned int i;
-
+
switch(c) {
case '1':
if (check_inverse(optarg, &invert))
- exit_error(PARAMETER_PROBLEM,
+ exit_error(PARAMETER_PROBLEM,
"Unexpected `!' after --reject-with");
for (i = 0; i < limit; i++) {
if ((strncasecmp(reject_table[i].name, optarg, strlen(optarg)) == 0)
@@ -106,7 +106,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
/* Fall through */
}
return 0;
-}
+}
/* Final check; nothing. */
static void final_check(unsigned int flags)
@@ -114,15 +114,15 @@ static void final_check(unsigned int flags)
}
/* Prints out ipt_reject_info. */
-static void
+static void
print(const struct ipt_ip *ip,
- const struct ipt_entry_target *target,
+ const struct ipt_entry_target *target,
int numeric)
{
- const struct ipt_reject_info *reject
+ const struct ipt_reject_info *reject
= (const struct ipt_reject_info *)target->data;
unsigned int i;
-
+
for (i = 0; i < sizeof(reject_table)/sizeof(struct reject_names); i++) {
if (reject_table[i].with == reject->with)
break;
@@ -133,9 +133,9 @@ print(const struct ipt_ip *ip,
/* Saves ipt_reject in parsable form to stdout. */
static void save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
{
- const struct ipt_reject_info *reject
+ const struct ipt_reject_info *reject
= (const struct ipt_reject_info *)target->data;
-
+
printf("--reject-with %s ", reject_table[reject->with].name);
}
diff --git a/extensions/libipt_TOS.c b/extensions/libipt_TOS.c
index 4a8e91b..f01fc26 100644
--- a/extensions/libipt_TOS.c
+++ b/extensions/libipt_TOS.c
@@ -31,7 +31,7 @@ static void
help(void)
{
unsigned int i;
-
+
printf(
"TOS target v%s options:\n"
" --set-tos value Set Type of Service field to one of the\n"
@@ -100,7 +100,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
parse_tos(optarg, tosinfo);
*flags = 1;
break;
-
+
default:
return 0;
}
@@ -120,7 +120,7 @@ static void
print_tos(u_int8_t tos, int numeric)
{
unsigned int i;
-
+
if (!numeric) {
for (i = 0; i<sizeof(TOS_values)/sizeof(struct TOS_value); i++)
if (TOS_values[i].TOS == tos) {
@@ -140,7 +140,7 @@ print(const struct ipt_ip *ip,
const struct ipt_tos_target_info *tosinfo =
(const struct ipt_tos_target_info *)target->data;
printf("TOS set ");
- print_tos(tosinfo->tos, numeric);
+ print_tos(tosinfo->tos, numeric);
}
/* Saves the union ipt_targinfo in parsable form to stdout. */
@@ -149,8 +149,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
{
const struct ipt_tos_target_info *tosinfo =
(const struct ipt_tos_target_info *)target->data;
-
- printf("--set-tos 0x%02x ", tosinfo->tos);
+
+ printf("--set-tos 0x%02x ", tosinfo->tos);
}
struct iptables_target tos
diff --git a/extensions/libipt_limit.c b/extensions/libipt_limit.c
index aed6305..b6cc74f 100644
--- a/extensions/libipt_limit.c
+++ b/extensions/libipt_limit.c
@@ -107,7 +107,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (!parse_rate(optarg, &r->avg))
exit_error(PARAMETER_PROBLEM,
"bad rate `%s'", optarg);
- break;
+ break;
case '$':
if (check_inverse(optarg, &invert))
diff --git a/extensions/libipt_mark.c b/extensions/libipt_mark.c
index 318cd94..dcf5448 100644
--- a/extensions/libipt_mark.c
+++ b/extensions/libipt_mark.c
@@ -70,7 +70,7 @@ print_mark(unsigned long mark, unsigned long mask, int invert, int numeric)
{
if (invert)
fputc('!', stdout);
-
+
if(mask != 0xffffffff)
printf("0x%lx/0x%lx ", mark, mask);
else
diff --git a/extensions/libipt_tos.c b/extensions/libipt_tos.c
index eb62081..6d2d772 100644
--- a/extensions/libipt_tos.c
+++ b/extensions/libipt_tos.c
@@ -26,7 +26,7 @@ static void
help(void)
{
unsigned int i;
-
+
printf(
"TOS match v%s options:\n"
"[!] --tos value Match Type of Service field from one of the\n"
@@ -108,10 +108,10 @@ static void
print_tos(u_int8_t tos, int invert, int numeric)
{
unsigned int i;
-
+
if (invert)
fputc('!', stdout);
-
+
if (!numeric) {
for (i = 0; i<sizeof(TOS_values)/sizeof(struct TOS_value); i++)
if (TOS_values[i].TOS == tos) {
diff --git a/iptables-restore.c b/iptables-restore.c
index 9b4ece2..f9a9595 100644
--- a/iptables-restore.c
+++ b/iptables-restore.c
@@ -126,7 +126,7 @@ int main(int argc, char *argv[])
"Bad line %u: need ]\n",
line);
}
-
+
/* strtok: a function only a coder could love */
newargv[0] = argv[0];
for (i = 1; i < sizeof(newargv)/sizeof(char *); i++) {
diff --git a/iptables-save.c b/iptables-save.c
index 40e9d6a..6b0e419 100644
--- a/iptables-save.c
+++ b/iptables-save.c
@@ -32,7 +32,7 @@ print_iface(char letter, const char *iface, const unsigned char *mask,
if (mask[0] == 0)
return;
-
+
printf("-%c %s", letter, invert ? "! " : "");
for (i = 0; i < IFNAMSIZ; i++) {
diff --git a/iptables.c b/iptables.c
index e7110ea..eb772be 100644
--- a/iptables.c
+++ b/iptables.c
@@ -663,7 +663,7 @@ parse_interface(const char *arg, char *vianame, unsigned char *mask)
exit_error(PARAMETER_PROBLEM,
"interface name `%s' must be shorter than IFNAMSIZ"
" (%i)", arg, IFNAMSIZ-1);
-
+
strcpy(vianame, arg);
if (vialen == 0)
memset(mask, 0, IFNAMSIZ);
@@ -1285,11 +1285,11 @@ flush_entries(const ipt_chainlabel chain, int verbose,
{
if (!chain)
return for_each_chain(flush_entries, verbose, handle);
-
- if (verbose)
- fprintf(stdout, "Flushing chain `%s'\n", chain);
- return iptc_flush_entries(chain, handle);
- }
+
+ if (verbose)
+ fprintf(stdout, "Flushing chain `%s'\n", chain);
+ return iptc_flush_entries(chain, handle);
+}
static int
zero_entries(const ipt_chainlabel chain, int verbose,
@@ -1297,7 +1297,7 @@ zero_entries(const ipt_chainlabel chain, int verbose,
{
if (!chain)
return for_each_chain(zero_entries, verbose, handle);
-
+
if (verbose)
fprintf(stdout, "Zeroing chain `%s'\n", chain);
return iptc_zero_entries(chain, handle);
@@ -1320,7 +1320,7 @@ delete_chain(const ipt_chainlabel chain, int verbose,
/* No user-defined chains? */
if (!i)
return ret;
-
+
/* Be careful iterating: it isn't safe during delete. */
/* Re-iterate after each delete successful */
while ((i = iptc_next_chain(last, handle)) != NULL) {
@@ -1867,9 +1867,9 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
target->init(target->t, &fw.nfcache);
}
- if (!target) {
+ if (!target) {
struct ipt_entry_target unknown_target;
-
+
/* Don't know it. Must be extension with no
options? */
unknown_target.target_size = sizeof(unknown_target);
diff --git a/libipq/libipq.c b/libipq/libipq.c
index 06e4a02..c017f3a 100644
--- a/libipq/libipq.c
+++ b/libipq/libipq.c
@@ -22,7 +22,7 @@
#include <stdio.h>
#include <string.h>
#include <unistd.h>
-
+
#include <libipq/libipq.h>
/****************************************************************************
@@ -75,14 +75,14 @@ static int ipq_errno = IPQ_ERR_NONE;
static ssize_t ipq_netlink_sendto(const struct ipq_handle *h,
const void *msg, size_t len);
-
+
static ssize_t ipq_netlink_recvfrom(const struct ipq_handle *h,
unsigned char *buf, size_t len);
-
+
static ssize_t ipq_netlink_sendmsg(const struct ipq_handle *h,
const struct msghdr *msg,
unsigned int flags);
-
+
static char *ipq_strerror(int errcode);
static ssize_t ipq_netlink_sendto(const struct ipq_handle *h,
@@ -92,7 +92,7 @@ static ssize_t ipq_netlink_sendto(const struct ipq_handle *h,
(struct sockaddr *)&h->peer, sizeof(h->peer));
if (status < 0)
ipq_errno = IPQ_ERR_SEND;
- return status;
+ return status;
}
static ssize_t ipq_netlink_sendmsg(const struct ipq_handle *h,
@@ -102,7 +102,7 @@ static ssize_t ipq_netlink_sendmsg(const struct ipq_handle *h,
int status = sendmsg(h->fd, msg, flags);
if (status < 0)
ipq_errno = IPQ_ERR_SEND;
- return status;
+ return status;
}
static ssize_t ipq_netlink_recvfrom(const struct ipq_handle *h,
@@ -110,7 +110,7 @@ static ssize_t ipq_netlink_recvfrom(const struct ipq_handle *h,
{
int addrlen, status;
struct nlmsghdr *nlh;
-
+
if (len < sizeof(struct nlmsgerr)) {
ipq_errno = IPQ_ERR_RECVBUF;
return -1;
@@ -151,7 +151,7 @@ static char *ipq_strerror(int errcode)
*
****************************************************************************/
-/*
+/*
* Create and initialise an ipq handle.
* FIXME: implement flags.
*/
@@ -159,7 +159,7 @@ struct ipq_handle *ipq_create_handle(u_int32_t flags)
{
int status;
struct ipq_handle *h;
-
+
h = (struct ipq_handle *)malloc(sizeof(struct ipq_handle));
if (h == NULL) {
ipq_errno = IPQ_ERR_HANDLE;
@@ -192,7 +192,7 @@ struct ipq_handle *ipq_create_handle(u_int32_t flags)
}
/*
- * No error condition is checked here at this stage, but it may happen
+ * No error condition is checked here at this stage, but it may happen
* if/when reliable messaging is implemented.
*/
int ipq_destroy_handle(struct ipq_handle *h)
@@ -211,7 +211,7 @@ int ipq_set_mode(const struct ipq_handle *h,
struct nlmsghdr nlh;
ipq_peer_msg_t pm;
} req;
-
+
memset(&req, 0, sizeof(req));
req.nlh.nlmsg_len = NLMSG_LENGTH(sizeof(req));
req.nlh.nlmsg_flags = NLM_F_REQUEST;
diff --git a/libiptc/libiptc.c b/libiptc/libiptc.c
index 9109703..e96c0a9 100644
--- a/libiptc/libiptc.c
+++ b/libiptc/libiptc.c
@@ -248,7 +248,7 @@ iptc_init(const char *tablename)
free(h);
return NULL;
}
-
+
CHECK(h);
return h;
}
@@ -802,7 +802,7 @@ standard_map(struct ipt_entry *e, int verdict)
return 1;
}
-
+
static int
map_target(const iptc_handle_t handle,
struct ipt_entry *e,
@@ -1096,7 +1096,7 @@ iptc_delete_entry(const ipt_chainlabel chain,
free(fw);
errno = ENOENT;
return 0;
-}
+}
/* Delete the rule in position `rulenum' in `chain'. */
int
@@ -1179,7 +1179,7 @@ int
iptc_zero_entries(const ipt_chainlabel chain, iptc_handle_t *handle)
{
unsigned int i, end;
-
+
CHECK(*handle);
if (!find_label(&i, chain, *handle)) {
errno = ENOENT;
@@ -1305,7 +1305,7 @@ iptc_delete_chain(const ipt_chainlabel chain, iptc_handle_t *handle)
CHECK(*handle);
if (!iptc_get_references(&references, chain, handle))
return 0;
-
+
iptc_fn = iptc_delete_chain;
if (iptc_builtin(chain, *handle)) {
@@ -1483,7 +1483,7 @@ iptc_commit(iptc_handle_t *handle)
errno = ENOMEM;
return 0;
}
-
+
/* These are the counters we're going to put back, later. */
newcounters = malloc(counterlen);
if (!newcounters) {
@@ -1550,7 +1550,7 @@ iptc_commit(iptc_handle_t *handle)
}
}
- if (setsockopt(sockfd, IPPROTO_IP, IPT_SO_SET_ADD_COUNTERS,
+ if (setsockopt(sockfd, IPPROTO_IP, IPT_SO_SET_ADD_COUNTERS,
newcounters, counterlen) < 0) {
free(repl->counters);
free(repl);