From c1eae41e1957db56aaf7afcafa2f097042fa4217 Mon Sep 17 00:00:00 2001 From: Patrick McHardyJesper Brouer Date: Tue, 25 Jul 2006 01:50:48 +0000 Subject: Revert "proto_to_name duplication" patch, as noticed by Yasuyuki it can cause invalid arguments to get accepted. --- extensions/libipt_multiport.c | 21 +++++++++++++++++++-- include/iptables.h | 1 - iptables.c | 3 +-- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c index 28fd8503..2a10abd4 100644 --- a/extensions/libipt_multiport.c +++ b/extensions/libipt_multiport.c @@ -51,6 +51,23 @@ static struct option opts[] = { {0} }; +static char * +proto_to_name(u_int8_t proto) +{ + switch (proto) { + case IPPROTO_TCP: + return "tcp"; + case IPPROTO_UDP: + return "udp"; + case IPPROTO_SCTP: + return "sctp"; + case IPPROTO_DCCP: + return "dccp"; + default: + return NULL; + } +} + static unsigned int parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) { @@ -126,7 +143,7 @@ check_proto(const struct ipt_entry *entry) exit_error(PARAMETER_PROBLEM, "multiport only works with TCP or UDP"); - if ((proto = proto_to_name(entry->ip.proto, 1)) != NULL) + if ((proto = proto_to_name(entry->ip.proto)) != NULL) return proto; else if (!entry->ip.proto) exit_error(PARAMETER_PROBLEM, @@ -247,7 +264,7 @@ port_to_service(int port, u_int8_t proto) { struct servent *service; - if ((service = getservbyport(htons(port), proto_to_name(proto, 1)))) + if ((service = getservbyport(htons(port), proto_to_name(proto)))) return service->s_name; return NULL; diff --git a/include/iptables.h b/include/iptables.h index d616c8c4..ba27cac6 100644 --- a/include/iptables.h +++ b/include/iptables.h @@ -151,7 +151,6 @@ extern int line; extern void register_match(struct iptables_match *me); extern void register_target(struct iptables_target *me); -extern char *proto_to_name(u_int8_t proto, int nolookup); extern int service_to_port(const char *name, const char *proto); extern u_int16_t parse_port(const char *port, const char *proto); extern struct in_addr *dotted_to_addr(const char *dotted); diff --git a/iptables.c b/iptables.c index 74925af0..28917cf1 100644 --- a/iptables.c +++ b/iptables.c @@ -229,10 +229,9 @@ static const struct pprot chain_protos[] = { { "esp", IPPROTO_ESP }, { "ah", IPPROTO_AH }, { "sctp", IPPROTO_SCTP }, - { "dccp", IPPROTO_DCCP }, }; -char * +static char * proto_to_name(u_int8_t proto, int nolookup) { unsigned int i; -- cgit v1.2.3