summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorThomas Woerner <twoerner@redhat.com>2003-07-14 20:01:29 +0000
committerHarald Welte <laforge@gnumonks.org>2003-07-14 20:01:29 +0000
commit01cbaa6125344733148615c1664be83d24097136 (patch)
tree02bde6d046d03548598dd1e0a2681b2ca5148780 /extensions
parent0acde1f28a576f5d4f2b51881555c31644940372 (diff)
Fix iptables-save (save everything numerically)
by Thomas Woerner <twoerner@redhat.com>
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libip6t_LOG.c12
-rw-r--r--extensions/libip6t_multiport.c2
-rw-r--r--extensions/libipt_LOG.c12
-rw-r--r--extensions/libipt_mport.c4
-rw-r--r--extensions/libipt_multiport.c2
-rw-r--r--extensions/libipt_psd.c27
6 files changed, 22 insertions, 37 deletions
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c
index 843ff7e8..4a87946f 100644
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -230,16 +230,8 @@ save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
if (strcmp(loginfo->prefix, "") != 0)
printf("--log-prefix \"%s\" ", loginfo->prefix);
- if (loginfo->level != LOG_DEFAULT_LEVEL) {
- for (i = 0;
- i < sizeof(ip6t_log_names) / sizeof(struct ip6t_log_names);
- i++) {
- if (loginfo->level == ip6t_log_names[i].level) {
- printf("--log-level %s ", ip6t_log_names[i].name);
- break;
- }
- }
- }
+ if (loginfo->level != LOG_DEFAULT_LEVEL)
+ printf("--log-level %d ", loginfo->level);
if (loginfo->logflags & IP6T_LOG_TCPSEQ)
printf("--log-tcp-sequence ");
diff --git a/extensions/libip6t_multiport.c b/extensions/libip6t_multiport.c
index 4847a9df..dc5bbf48 100644
--- a/extensions/libip6t_multiport.c
+++ b/extensions/libip6t_multiport.c
@@ -237,7 +237,7 @@ static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match
for (i=0; i < multiinfo->count; i++) {
printf("%s", i ? "," : "");
- print_port(multiinfo->ports[i], ip->proto, 0);
+ print_port(multiinfo->ports[i], ip->proto, 1);
}
printf(" ");
}
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c
index 290ccf01..27995dcf 100644
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -230,16 +230,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
if (strcmp(loginfo->prefix, "") != 0)
printf("--log-prefix \"%s\" ", loginfo->prefix);
- if (loginfo->level != LOG_DEFAULT_LEVEL) {
- for (i = 0;
- i < sizeof(ipt_log_names) / sizeof(struct ipt_log_names);
- i++) {
- if (loginfo->level == ipt_log_names[i].level) {
- printf("--log-level %s ", ipt_log_names[i].name);
- break;
- }
- }
- }
+ if (loginfo->level != LOG_DEFAULT_LEVEL)
+ printf("--log-level %d ", loginfo->level);
if (loginfo->logflags & IPT_LOG_TCPSEQ)
printf("--log-tcp-sequence ");
diff --git a/extensions/libipt_mport.c b/extensions/libipt_mport.c
index df115832..2ae61ff4 100644
--- a/extensions/libipt_mport.c
+++ b/extensions/libipt_mport.c
@@ -276,10 +276,10 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
&& minfo->ports[i-1] == minfo->ports[i])
break;
printf("%s", i ? "," : "");
- print_port(minfo->ports[i], ip->proto, 0);
+ print_port(minfo->ports[i], ip->proto, 1);
if (pflags & (1<<i)) {
printf(":");
- print_port(minfo->ports[++i], ip->proto, 0);
+ print_port(minfo->ports[++i], ip->proto, 1);
}
}
printf(" ");
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c
index b12f2e9a..c9a98b3b 100644
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -237,7 +237,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
for (i=0; i < multiinfo->count; i++) {
printf("%s", i ? "," : "");
- print_port(multiinfo->ports[i], ip->proto, 0);
+ print_port(multiinfo->ports[i], ip->proto, 1);
}
printf(" ");
}
diff --git a/extensions/libipt_psd.c b/extensions/libipt_psd.c
index 201e909f..8a6198e0 100644
--- a/extensions/libipt_psd.c
+++ b/extensions/libipt_psd.c
@@ -11,6 +11,7 @@
2000-08-18 Dennis Koslowski <koslowski@astaro.de> : first release
2000-12-01 Dennis Koslowski <koslowski@astaro.de> : UDP scans detection added
2001-02-04 Jan Rekorajski <baggins@pld.org.pl> : converted from target to match
+ 2003-03-02 Harald Welte <laforge@netfilter.org>: fix 'storage' bug
*/
#include <stdio.h>
@@ -82,11 +83,11 @@ parse(int c, char **argv, int invert, unsigned int *flags,
{
struct ipt_psd_info *psdinfo = (struct ipt_psd_info *)(*match)->data;
unsigned int num;
- char storage[strlen(optarg) + 2];
+
+ if (!optarg)
+ exit_error(PARAMETER_PROBLEM, "missing optarg");
/* string_to_number needs a leading space */
- storage[0] = ' ';
- strcpy(&storage[1], optarg);
switch (c) {
/* PSD-weight-threshold */
@@ -95,7 +96,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-weight-threshold "
"twice");
- if (string_to_number(storage, 0, 10000, &num) == -1)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-weight-threshold `%s'", optarg);
psdinfo->weight_threshold = num;
@@ -107,7 +108,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_PSD_OPT_DTRESH)
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-delay-threshold twice");
- if (string_to_number(storage, 0, 10000, &num) == -1)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-delay-threshold `%s'", optarg);
psdinfo->delay_threshold = num;
@@ -119,7 +120,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_PSD_OPT_LPWEIGHT)
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-lo-ports-weight twice");
- if (string_to_number(storage, 0, 10000, &num) == -1)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-lo-ports-weight `%s'", optarg);
psdinfo->lo_ports_weight = num;
@@ -131,7 +132,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
if (*flags & IPT_PSD_OPT_HPWEIGHT)
exit_error(PARAMETER_PROBLEM,
"Can't specify --psd-hi-ports-weight twice");
- if (string_to_number(storage, 0, 10000, &num) == -1)
+ if (string_to_number(optarg, 0, 10000, &num) == -1)
exit_error(PARAMETER_PROBLEM,
"bad --psd-hi-ports-weight `%s'", optarg);
psdinfo->hi_ports_weight = num;
@@ -160,10 +161,10 @@ print(const struct ipt_ip *ip,
= (const struct ipt_psd_info *)match->data;
printf("psd ");
- printf("weight-threshold: %u ",psdinfo->weight_threshold);
- printf("delay-threshold: %u ",psdinfo->delay_threshold);
- printf("lo-ports-weight: %u ",psdinfo->lo_ports_weight);
- printf("hi-ports-weight: %u ",psdinfo->hi_ports_weight);
+ printf("weight-threshold: %u ", psdinfo->weight_threshold);
+ printf("delay-threshold: %u ", psdinfo->delay_threshold);
+ printf("lo-ports-weight: %u ", psdinfo->lo_ports_weight);
+ printf("hi-ports-weight: %u ", psdinfo->hi_ports_weight);
}
/* Saves the union ipt_targinfo in parsable form to stdout. */
@@ -175,8 +176,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
printf("--psd-weight-threshold %u ", psdinfo->weight_threshold);
printf("--psd-delay-threshold %u ", psdinfo->delay_threshold);
- printf("--psd-lo-ports-weight %u ",psdinfo->lo_ports_weight);
- printf("--psd-hi-ports-weight %u ",psdinfo->hi_ports_weight);
+ printf("--psd-lo-ports-weight %u ", psdinfo->lo_ports_weight);
+ printf("--psd-hi-ports-weight %u ", psdinfo->hi_ports_weight);
}
static