From b203b5a06389be2bc9338e2d2d4a48352fc5c297 Mon Sep 17 00:00:00 2001
From: laforge <laforge>
Date: Mon, 14 Jul 2003 20:01:29 +0000
Subject: Fix iptables-save (save everything numerically) by Thomas Woerner
 <twoerner@redhat.com>

---
 extensions/libip6t_LOG.c       | 12 ++----------
 extensions/libip6t_multiport.c |  2 +-
 extensions/libipt_LOG.c        | 12 ++----------
 extensions/libipt_mport.c      |  4 ++--
 extensions/libipt_multiport.c  |  2 +-
 extensions/libipt_psd.c        | 27 ++++++++++++++-------------
 6 files changed, 22 insertions(+), 37 deletions(-)

diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 843ff7e..4a87946 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -230,16 +230,8 @@ save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
 	if (strcmp(loginfo->prefix, "") != 0)
 		printf("--log-prefix \"%s\" ", loginfo->prefix);
 
-	if (loginfo->level != LOG_DEFAULT_LEVEL) {
-		for (i = 0;
-		     i < sizeof(ip6t_log_names) / sizeof(struct ip6t_log_names);
-		     i++) {
-			if (loginfo->level == ip6t_log_names[i].level) {
-				printf("--log-level %s ", ip6t_log_names[i].name);
-				break;
-			}
-        }
-    }
+	if (loginfo->level != LOG_DEFAULT_LEVEL)
+		printf("--log-level %d ", loginfo->level);
 
 	if (loginfo->logflags & IP6T_LOG_TCPSEQ)
 		printf("--log-tcp-sequence ");
diff --git a/extensions/libip6t_multiport.c b/extensions/libip6t_multiport.c
index 4847a9d..dc5bbf4 100644
--- a/extensions/libip6t_multiport.c
+++ b/extensions/libip6t_multiport.c
@@ -237,7 +237,7 @@ static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match
 
 	for (i=0; i < multiinfo->count; i++) {
 		printf("%s", i ? "," : "");
-		print_port(multiinfo->ports[i], ip->proto, 0);
+		print_port(multiinfo->ports[i], ip->proto, 1);
 	}
 	printf(" ");
 }
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 290ccf0..27995dc 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -230,16 +230,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
 	if (strcmp(loginfo->prefix, "") != 0)
 		printf("--log-prefix \"%s\" ", loginfo->prefix);
 
-	if (loginfo->level != LOG_DEFAULT_LEVEL) {
-		for (i = 0;
-		     i < sizeof(ipt_log_names) / sizeof(struct ipt_log_names);
-		     i++) {
-			if (loginfo->level == ipt_log_names[i].level) {
-				printf("--log-level %s ", ipt_log_names[i].name);
-				break;
-			}
-        }
-    }
+	if (loginfo->level != LOG_DEFAULT_LEVEL)
+		printf("--log-level %d ", loginfo->level);
 
 	if (loginfo->logflags & IPT_LOG_TCPSEQ)
 		printf("--log-tcp-sequence ");
diff --git a/extensions/libipt_mport.c b/extensions/libipt_mport.c
index df11583..2ae61ff 100644
--- a/extensions/libipt_mport.c
+++ b/extensions/libipt_mport.c
@@ -276,10 +276,10 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
                     && minfo->ports[i-1] == minfo->ports[i])
                         break;
 		printf("%s", i ? "," : "");
-		print_port(minfo->ports[i], ip->proto, 0);
+		print_port(minfo->ports[i], ip->proto, 1);
                 if (pflags & (1<<i)) {
                         printf(":");
-                        print_port(minfo->ports[++i], ip->proto, 0);
+                        print_port(minfo->ports[++i], ip->proto, 1);
                 }
 	}
 	printf(" ");
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c
index b12f2e9..c9a98b3 100644
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -237,7 +237,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 
 	for (i=0; i < multiinfo->count; i++) {
 		printf("%s", i ? "," : "");
-		print_port(multiinfo->ports[i], ip->proto, 0);
+		print_port(multiinfo->ports[i], ip->proto, 1);
 	}
 	printf(" ");
 }
diff --git a/extensions/libipt_psd.c b/extensions/libipt_psd.c
index 201e909..8a6198e 100644
--- a/extensions/libipt_psd.c
+++ b/extensions/libipt_psd.c
@@ -11,6 +11,7 @@
   2000-08-18 Dennis Koslowski <koslowski@astaro.de> : first release
   2000-12-01 Dennis Koslowski <koslowski@astaro.de> : UDP scans detection added
   2001-02-04 Jan Rekorajski <baggins@pld.org.pl> : converted from target to match
+  2003-03-02 Harald Welte <laforge@netfilter.org>: fix 'storage' bug
 */
 
 #include <stdio.h>
@@ -82,11 +83,11 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 {
 	struct ipt_psd_info *psdinfo = (struct ipt_psd_info *)(*match)->data;
 	unsigned int num;
-	char storage[strlen(optarg) + 2];
+	
+	if (!optarg)
+		exit_error(PARAMETER_PROBLEM, "missing optarg");
 
 	/* string_to_number needs a leading space */
-	storage[0] = ' ';
-	strcpy(&storage[1], optarg);
 
 	switch (c) {
 	/* PSD-weight-threshold */
@@ -95,7 +96,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 			exit_error(PARAMETER_PROBLEM,
 				   "Can't specify --psd-weight-threshold "
 				   "twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                         exit_error(PARAMETER_PROBLEM,
                                    "bad --psd-weight-threshold `%s'", optarg);
 		psdinfo->weight_threshold = num;
@@ -107,7 +108,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 		if (*flags & IPT_PSD_OPT_DTRESH)
 			exit_error(PARAMETER_PROBLEM,
 				   "Can't specify --psd-delay-threshold twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                         exit_error(PARAMETER_PROBLEM,
                                    "bad --psd-delay-threshold `%s'", optarg);
 		psdinfo->delay_threshold = num;
@@ -119,7 +120,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 		if (*flags & IPT_PSD_OPT_LPWEIGHT)
 			exit_error(PARAMETER_PROBLEM,
 				   "Can't specify --psd-lo-ports-weight twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                         exit_error(PARAMETER_PROBLEM,
                                    "bad --psd-lo-ports-weight `%s'", optarg);
 		psdinfo->lo_ports_weight = num;
@@ -131,7 +132,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 		if (*flags & IPT_PSD_OPT_HPWEIGHT)
 			exit_error(PARAMETER_PROBLEM,
 				   "Can't specify --psd-hi-ports-weight twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                         exit_error(PARAMETER_PROBLEM,
                                    "bad --psd-hi-ports-weight `%s'", optarg);
 		psdinfo->hi_ports_weight = num;
@@ -160,10 +161,10 @@ print(const struct ipt_ip *ip,
 		= (const struct ipt_psd_info *)match->data;
 
 	printf("psd ");
-	printf("weight-threshold: %u ",psdinfo->weight_threshold);
-	printf("delay-threshold: %u ",psdinfo->delay_threshold);
-	printf("lo-ports-weight: %u ",psdinfo->lo_ports_weight);
-	printf("hi-ports-weight: %u ",psdinfo->hi_ports_weight);
+	printf("weight-threshold: %u ", psdinfo->weight_threshold);
+	printf("delay-threshold: %u ", psdinfo->delay_threshold);
+	printf("lo-ports-weight: %u ", psdinfo->lo_ports_weight);
+	printf("hi-ports-weight: %u ", psdinfo->hi_ports_weight);
 }
 
 /* Saves the union ipt_targinfo in parsable form to stdout. */
@@ -175,8 +176,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 
 	printf("--psd-weight-threshold %u ", psdinfo->weight_threshold);
 	printf("--psd-delay-threshold %u ", psdinfo->delay_threshold);
-	printf("--psd-lo-ports-weight %u ",psdinfo->lo_ports_weight);
-	printf("--psd-hi-ports-weight %u ",psdinfo->hi_ports_weight);
+	printf("--psd-lo-ports-weight %u ", psdinfo->lo_ports_weight);
+	printf("--psd-hi-ports-weight %u ", psdinfo->hi_ports_weight);
 }
 
 static
-- 
cgit v1.2.3