summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rwxr-xr-xautogen.sh2
-rw-r--r--configure.ac4
-rw-r--r--extensions/GNUmakefile.in2
-rw-r--r--extensions/libxt_TCPMSS.c62
-rw-r--r--extensions/libxt_TEE.c56
-rw-r--r--extensions/libxt_string.c1
-rw-r--r--iptables/xtables.c2
-rw-r--r--iptables/xtoptions.c4
-rw-r--r--libipq/.gitignore1
-rw-r--r--libipq/Makefile.am2
-rw-r--r--libipq/libipq.pc.in11
11 files changed, 83 insertions, 64 deletions
diff --git a/autogen.sh b/autogen.sh
index 62a89e1b..a0c4395f 100755
--- a/autogen.sh
+++ b/autogen.sh
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh -e
autoreconf -fi;
rm -Rf autom4te*.cache;
diff --git a/configure.ac b/configure.ac
index 252ff39e..84fa47a4 100644
--- a/configure.ac
+++ b/configure.ac
@@ -68,6 +68,7 @@ if test "$ac_cv_header_linux_ip_vs_h" != "yes"; then
fi;
AC_SUBST([blacklist_modules])
+AC_CHECK_SIZEOF([struct ip6_hdr], [], [#include <netinet/ip6.h>])
AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" = "yes"])
AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" = "yes"])
@@ -110,6 +111,7 @@ AC_SUBST([libxtables_vmajor])
AC_CONFIG_FILES([Makefile extensions/GNUmakefile include/Makefile
iptables/Makefile iptables/xtables.pc
- libipq/Makefile libiptc/Makefile libiptc/libiptc.pc utils/Makefile
+ libipq/Makefile libipq/libipq.pc
+ libiptc/Makefile libiptc/libiptc.pc utils/Makefile
include/xtables.h include/iptables/internal.h])
AC_OUTPUT
diff --git a/extensions/GNUmakefile.in b/extensions/GNUmakefile.in
index fbaf2eca..2b48d841 100644
--- a/extensions/GNUmakefile.in
+++ b/extensions/GNUmakefile.in
@@ -21,7 +21,7 @@ regular_CPPFLAGS := @regular_CPPFLAGS@
kinclude_CPPFLAGS := @kinclude_CPPFLAGS@
AM_CFLAGS := ${regular_CFLAGS}
-AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_srcdir}/include ${kinclude_CPPFLAGS}
+AM_CPPFLAGS = ${regular_CPPFLAGS} -I${top_builddir}/include -I${top_builddir} -I${top_srcdir}/include ${kinclude_CPPFLAGS}
AM_DEPFLAGS = -Wp,-MMD,$(@D)/.$(@F).d,-MT,$@
ifeq (${V},)
diff --git a/extensions/libxt_TCPMSS.c b/extensions/libxt_TCPMSS.c
index 2266326d..4b71e44a 100644
--- a/extensions/libxt_TCPMSS.c
+++ b/extensions/libxt_TCPMSS.c
@@ -2,10 +2,10 @@
*
* Copyright (c) 2000 Marc Boucher
*/
+#include "config.h"
#include <stdio.h>
#include <xtables.h>
#include <netinet/ip.h>
-#include <netinet/ip6.h>
#include <linux/netfilter/xt_TCPMSS.h>
enum {
@@ -34,7 +34,7 @@ static void TCPMSS_help(void)
static void TCPMSS_help6(void)
{
- __TCPMSS_help(sizeof(struct ip6_hdr));
+ __TCPMSS_help(SIZEOF_STRUCT_IP6_HDR);
}
static const struct xt_option_entry TCPMSS4_opts[] = {
@@ -47,7 +47,7 @@ static const struct xt_option_entry TCPMSS4_opts[] = {
static const struct xt_option_entry TCPMSS6_opts[] = {
{.name = "set-mss", .id = O_SET_MSS, .type = XTTYPE_UINT16,
- .min = 0, .max = UINT16_MAX - sizeof(struct ip6_hdr),
+ .min = 0, .max = UINT16_MAX - SIZEOF_STRUCT_IP6_HDR,
.flags = XTOPT_PUT, XTOPT_POINTER(struct xt_tcpmss_info, mss)},
{.name = "clamp-mss-to-pmtu", .id = O_CLAMP_MSS, .type = XTTYPE_NONE},
XTOPT_TABLEEND,
@@ -91,36 +91,36 @@ static void TCPMSS_save(const void *ip, const struct xt_entry_target *target)
printf(" --set-mss %u", mssinfo->mss);
}
-static struct xtables_target tcpmss_target = {
- .family = NFPROTO_IPV4,
- .name = "TCPMSS",
- .version = XTABLES_VERSION,
- .size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
- .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
- .help = TCPMSS_help,
- .print = TCPMSS_print,
- .save = TCPMSS_save,
- .x6_parse = TCPMSS_parse,
- .x6_fcheck = TCPMSS_check,
- .x6_options = TCPMSS4_opts,
-};
-
-static struct xtables_target tcpmss_target6 = {
- .family = NFPROTO_IPV6,
- .name = "TCPMSS",
- .version = XTABLES_VERSION,
- .size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
- .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
- .help = TCPMSS_help6,
- .print = TCPMSS_print,
- .save = TCPMSS_save,
- .x6_parse = TCPMSS_parse,
- .x6_fcheck = TCPMSS_check,
- .x6_options = TCPMSS6_opts,
+static struct xtables_target tcpmss_tg_reg[] = {
+ {
+ .family = NFPROTO_IPV4,
+ .name = "TCPMSS",
+ .version = XTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .help = TCPMSS_help,
+ .print = TCPMSS_print,
+ .save = TCPMSS_save,
+ .x6_parse = TCPMSS_parse,
+ .x6_fcheck = TCPMSS_check,
+ .x6_options = TCPMSS4_opts,
+ },
+ {
+ .family = NFPROTO_IPV6,
+ .name = "TCPMSS",
+ .version = XTABLES_VERSION,
+ .size = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tcpmss_info)),
+ .help = TCPMSS_help6,
+ .print = TCPMSS_print,
+ .save = TCPMSS_save,
+ .x6_parse = TCPMSS_parse,
+ .x6_fcheck = TCPMSS_check,
+ .x6_options = TCPMSS6_opts,
+ },
};
void _init(void)
{
- xtables_register_target(&tcpmss_target);
- xtables_register_target(&tcpmss_target6);
+ xtables_register_targets(tcpmss_tg_reg, ARRAY_SIZE(tcpmss_tg_reg));
}
diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c
index c89e5809..92c7601c 100644
--- a/extensions/libxt_TEE.c
+++ b/extensions/libxt_TEE.c
@@ -92,36 +92,36 @@ static void tee_tg6_save(const void *ip, const struct xt_entry_target *target)
printf(" --oif %s", info->oif);
}
-static struct xtables_target tee_tg_reg = {
- .name = "TEE",
- .version = XTABLES_VERSION,
- .revision = 1,
- .family = NFPROTO_IPV4,
- .size = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
- .userspacesize = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
- .help = tee_tg_help,
- .print = tee_tg_print,
- .save = tee_tg_save,
- .x6_parse = xtables_option_parse,
- .x6_options = tee_tg_opts,
-};
-
-static struct xtables_target tee_tg6_reg = {
- .name = "TEE",
- .version = XTABLES_VERSION,
- .revision = 1,
- .family = NFPROTO_IPV6,
- .size = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
- .userspacesize = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
- .help = tee_tg_help,
- .print = tee_tg6_print,
- .save = tee_tg6_save,
- .x6_parse = xtables_option_parse,
- .x6_options = tee_tg_opts,
+static struct xtables_target tee_tg_reg[] = {
+ {
+ .name = "TEE",
+ .version = XTABLES_VERSION,
+ .revision = 1,
+ .family = NFPROTO_IPV4,
+ .size = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
+ .help = tee_tg_help,
+ .print = tee_tg_print,
+ .save = tee_tg_save,
+ .x6_parse = xtables_option_parse,
+ .x6_options = tee_tg_opts,
+ },
+ {
+ .name = "TEE",
+ .version = XTABLES_VERSION,
+ .revision = 1,
+ .family = NFPROTO_IPV6,
+ .size = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
+ .userspacesize = XT_ALIGN(sizeof(struct xt_tee_tginfo)),
+ .help = tee_tg_help,
+ .print = tee_tg6_print,
+ .save = tee_tg6_save,
+ .x6_parse = xtables_option_parse,
+ .x6_options = tee_tg_opts,
+ },
};
void _init(void)
{
- xtables_register_target(&tee_tg_reg);
- xtables_register_target(&tee_tg6_reg);
+ xtables_register_targets(tee_tg_reg, ARRAY_SIZE(tee_tg_reg));
}
diff --git a/extensions/libxt_string.c b/extensions/libxt_string.c
index eef0b081..8cee3359 100644
--- a/extensions/libxt_string.c
+++ b/extensions/libxt_string.c
@@ -20,6 +20,7 @@
* updated to work with slightly modified
* ipt_string_info.
*/
+#define _GNU_SOURCE 1 /* strnlen for older glibcs */
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
diff --git a/iptables/xtables.c b/iptables/xtables.c
index 1a5e568c..233efa30 100644
--- a/iptables/xtables.c
+++ b/iptables/xtables.c
@@ -37,6 +37,8 @@
# include <linux/magic.h> /* for PROC_SUPER_MAGIC */
#elif defined(HAVE_LINUX_PROC_FS_H)
# include <linux/proc_fs.h> /* Linux 2.4 */
+#else
+# define PROC_SUPER_MAGIC 0x9fa0
#endif
#include <xtables.h>
diff --git a/iptables/xtoptions.c b/iptables/xtoptions.c
index 1423724b..7095e3ea 100644
--- a/iptables/xtoptions.c
+++ b/iptables/xtoptions.c
@@ -757,13 +757,13 @@ static void xtopt_parse_ethermac(struct xt_option_call *cb)
for (i = 0; i < ARRAY_SIZE(cb->val.ethermac) - 1; ++i) {
cb->val.ethermac[i] = strtoul(arg, &end, 16);
- if (cb->val.ethermac[i] > UINT8_MAX || *end != ':')
+ if (*end != ':' || end - arg > 2)
goto out;
arg = end + 1;
}
i = ARRAY_SIZE(cb->val.ethermac) - 1;
cb->val.ethermac[i] = strtoul(arg, &end, 16);
- if (cb->val.ethermac[i] > UINT8_MAX || *end != '\0')
+ if (*end != '\0' || end - arg > 2)
goto out;
if (cb->entry->flags & XTOPT_PUT)
memcpy(XTOPT_MKPTR(cb), cb->val.ethermac,
diff --git a/libipq/.gitignore b/libipq/.gitignore
new file mode 100644
index 00000000..6cb21a35
--- /dev/null
+++ b/libipq/.gitignore
@@ -0,0 +1 @@
+/libipq.pc
diff --git a/libipq/Makefile.am b/libipq/Makefile.am
index 93e5b1c8..9e3a2ca6 100644
--- a/libipq/Makefile.am
+++ b/libipq/Makefile.am
@@ -9,3 +9,5 @@ man_MANS = ipq_create_handle.3 ipq_destroy_handle.3 ipq_errstr.3 \
ipq_get_msgerr.3 ipq_get_packet.3 ipq_message_type.3 \
ipq_perror.3 ipq_read.3 ipq_set_mode.3 ipq_set_verdict.3 \
libipq.3
+
+pkgconfig_DATA = libipq.pc
diff --git a/libipq/libipq.pc.in b/libipq/libipq.pc.in
new file mode 100644
index 00000000..ea31ec73
--- /dev/null
+++ b/libipq/libipq.pc.in
@@ -0,0 +1,11 @@
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+libdir=@libdir@
+includedir=@includedir@
+
+Name: libipq
+Description: Interface to the (old) ip_queue mechanism
+Version: @PACKAGE_VERSION@
+Libs: -L${libdir} -lipq
+Cflags: -I${includedir}