From 336c11fe36e8a03abadcd7bdceef1efccc2e84c5 Mon Sep 17 00:00:00 2001
From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter
 Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org"
 </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org>
Date: Mon, 3 Jan 2005 09:51:58 +0000
Subject: Testsuite found an issue: multiport accepts -p ! tcp.

---
 extensions/libipt_multiport.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c
index 7442f94..410a390 100644
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -144,6 +144,10 @@ init(struct ipt_entry_match *m, unsigned int *nfcache)
 static const char *
 check_proto(const struct ipt_entry *entry)
 {
+	if (entry->ip.invflags & IPT_INV_PROTO)
+		exit_error(PARAMETER_PROBLEM,
+			   "multiport only works with TCP or UDP");
+
 	if (entry->ip.proto == IPPROTO_TCP)
 		return "tcp";
 	else if (entry->ip.proto == IPPROTO_UDP)
-- 
cgit v1.2.3