From 9e45a28ca467f08b9c01baf73d1849055e53ea0b Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Fri, 24 Aug 2018 11:04:30 +0200 Subject: src: honor /etc/services This partial patch reverts: ccc5da470e76 ("datatype: Replace getnameinfo() by internal lookup table") f0f99006d34b ("datatype: Replace getaddrinfo() by internal lookup table") so /etc/services is used to interpret service names, eg. # nft add rule x y tcp dport \"ssh\" Then, listing looks like: # nft list ruleset -l table x { chain y { ... tcp dport "ssh" } } Major changes with regards to the original approach are: 1) Services are displayed in text via `-l' option. 2) Services are user-defined, just like mappings in /etc/iproute2/* files and connlabel.conf, so they are displayed enclosed in quotes. Note that original service name code was broken since it parses both udp and tcp service names but it only displays tcp services names as literal. This is because NI_DGRAM is missing. This patch makes nft falls back on udp services if no literal was found in the initial tcp service name query. Proper way to handle would be to add infrastructure to store protocol context information in struct output_ctx. Signed-off-by: Pablo Neira Ayuso --- src/services.c | 344 --------------------------------------------------------- 1 file changed, 344 deletions(-) delete mode 100644 src/services.c (limited to 'src/services.c') diff --git a/src/services.c b/src/services.c deleted file mode 100644 index 83c26723..00000000 --- a/src/services.c +++ /dev/null @@ -1,344 +0,0 @@ -#include -#include - -const struct symbol_table inet_service_tbl = { - .base = BASE_DECIMAL, - .symbols = { - SYMBOL("tcpmux", __constant_htons(1)), - SYMBOL("echo", __constant_htons(7)), - SYMBOL("discard", __constant_htons(9)), - SYMBOL("systat", __constant_htons(11)), - SYMBOL("daytime", __constant_htons(13)), - SYMBOL("netstat", __constant_htons(15)), - SYMBOL("qotd", __constant_htons(17)), - SYMBOL("msp", __constant_htons(18)), - SYMBOL("chargen", __constant_htons(19)), - SYMBOL("ftp-data", __constant_htons(20)), - SYMBOL("ftp", __constant_htons(21)), - SYMBOL("ssh", __constant_htons(22)), - SYMBOL("telnet", __constant_htons(23)), - SYMBOL("smtp", __constant_htons(25)), - SYMBOL("time", __constant_htons(37)), - SYMBOL("rlp", __constant_htons(39)), - SYMBOL("nameserver", __constant_htons(42)), - SYMBOL("whois", __constant_htons(43)), - SYMBOL("tacacs", __constant_htons(49)), - SYMBOL("re-mail-ck", __constant_htons(50)), - SYMBOL("domain", __constant_htons(53)), - SYMBOL("mtp", __constant_htons(57)), - SYMBOL("tacacs-ds", __constant_htons(65)), - SYMBOL("bootps", __constant_htons(67)), - SYMBOL("bootpc", __constant_htons(68)), - SYMBOL("tftp", __constant_htons(69)), - SYMBOL("gopher", __constant_htons(70)), - SYMBOL("rje", __constant_htons(77)), - SYMBOL("finger", __constant_htons(79)), - SYMBOL("http", __constant_htons(80)), - SYMBOL("link", __constant_htons(87)), - SYMBOL("kerberos", __constant_htons(88)), - SYMBOL("supdup", __constant_htons(95)), - SYMBOL("linuxconf", __constant_htons(98)), - SYMBOL("hostnames", __constant_htons(101)), - SYMBOL("iso-tsap", __constant_htons(102)), - SYMBOL("acr-nema", __constant_htons(104)), - SYMBOL("csnet-ns", __constant_htons(105)), - SYMBOL("poppassd", __constant_htons(106)), - SYMBOL("rtelnet", __constant_htons(107)), - SYMBOL("pop2", __constant_htons(109)), - SYMBOL("pop3", __constant_htons(110)), - SYMBOL("sunrpc", __constant_htons(111)), - SYMBOL("auth", __constant_htons(113)), - SYMBOL("sftp", __constant_htons(115)), - SYMBOL("uucp-path", __constant_htons(117)), - SYMBOL("nntp", __constant_htons(119)), - SYMBOL("ntp", __constant_htons(123)), - SYMBOL("pwdgen", __constant_htons(129)), - SYMBOL("loc-srv", __constant_htons(135)), - SYMBOL("netbios-ns", __constant_htons(137)), - SYMBOL("netbios-dgm", __constant_htons(138)), - SYMBOL("netbios-ssn", __constant_htons(139)), - SYMBOL("imap2", __constant_htons(143)), - SYMBOL("snmp", __constant_htons(161)), - SYMBOL("snmp-trap", __constant_htons(162)), - SYMBOL("cmip-man", __constant_htons(163)), - SYMBOL("cmip-agent", __constant_htons(164)), - SYMBOL("mailq", __constant_htons(174)), - SYMBOL("xdmcp", __constant_htons(177)), - SYMBOL("nextstep", __constant_htons(178)), - SYMBOL("bgp", __constant_htons(179)), - SYMBOL("prospero", __constant_htons(191)), - SYMBOL("irc", __constant_htons(194)), - SYMBOL("smux", __constant_htons(199)), - SYMBOL("at-rtmp", __constant_htons(201)), - SYMBOL("at-nbp", __constant_htons(202)), - SYMBOL("at-echo", __constant_htons(204)), - SYMBOL("at-zis", __constant_htons(206)), - SYMBOL("qmtp", __constant_htons(209)), - SYMBOL("z3950", __constant_htons(210)), - SYMBOL("ipx", __constant_htons(213)), - SYMBOL("imap3", __constant_htons(220)), - SYMBOL("pawserv", __constant_htons(345)), - SYMBOL("zserv", __constant_htons(346)), - SYMBOL("fatserv", __constant_htons(347)), - SYMBOL("rpc2portmap", __constant_htons(369)), - SYMBOL("codaauth2", __constant_htons(370)), - SYMBOL("clearcase", __constant_htons(371)), - SYMBOL("ulistserv", __constant_htons(372)), - SYMBOL("ldap", __constant_htons(389)), - SYMBOL("imsp", __constant_htons(406)), - SYMBOL("svrloc", __constant_htons(427)), - SYMBOL("https", __constant_htons(443)), - SYMBOL("snpp", __constant_htons(444)), - SYMBOL("microsoft-ds", __constant_htons(445)), - SYMBOL("kpasswd", __constant_htons(464)), - SYMBOL("urd", __constant_htons(465)), - SYMBOL("saft", __constant_htons(487)), - SYMBOL("isakmp", __constant_htons(500)), - SYMBOL("exec", __constant_htons(512)), - SYMBOL("login", __constant_htons(513)), - SYMBOL("shell", __constant_htons(514)), - SYMBOL("printer", __constant_htons(515)), - SYMBOL("talk", __constant_htons(517)), - SYMBOL("ntalk", __constant_htons(518)), - SYMBOL("route", __constant_htons(520)), - SYMBOL("timed", __constant_htons(525)), - SYMBOL("tempo", __constant_htons(526)), - SYMBOL("courier", __constant_htons(530)), - SYMBOL("conference", __constant_htons(531)), - SYMBOL("netnews", __constant_htons(532)), - SYMBOL("netwall", __constant_htons(533)), - SYMBOL("gdomap", __constant_htons(538)), - SYMBOL("uucp", __constant_htons(540)), - SYMBOL("klogin", __constant_htons(543)), - SYMBOL("kshell", __constant_htons(544)), - SYMBOL("dhcpv6-client", __constant_htons(546)), - SYMBOL("dhcpv6-server", __constant_htons(547)), - SYMBOL("afpovertcp", __constant_htons(548)), - SYMBOL("idfp", __constant_htons(549)), - SYMBOL("rtsp", __constant_htons(554)), - SYMBOL("remotefs", __constant_htons(556)), - SYMBOL("nntps", __constant_htons(563)), - SYMBOL("submission", __constant_htons(587)), - SYMBOL("nqs", __constant_htons(607)), - SYMBOL("npmp-local", __constant_htons(610)), - SYMBOL("npmp-gui", __constant_htons(611)), - SYMBOL("hmmp-ind", __constant_htons(612)), - SYMBOL("asf-rmcp", __constant_htons(623)), - SYMBOL("qmqp", __constant_htons(628)), - SYMBOL("ipp", __constant_htons(631)), - SYMBOL("ldaps", __constant_htons(636)), - SYMBOL("tinc", __constant_htons(655)), - SYMBOL("silc", __constant_htons(706)), - SYMBOL("kerberos-adm", __constant_htons(749)), - SYMBOL("kerberos4", __constant_htons(750)), - SYMBOL("kerberos-master", __constant_htons(751)), - SYMBOL("passwd-server", __constant_htons(752)), - SYMBOL("krb-prop", __constant_htons(754)), - SYMBOL("krbupdate", __constant_htons(760)), - SYMBOL("webster", __constant_htons(765)), - SYMBOL("moira-db", __constant_htons(775)), - SYMBOL("moira-update", __constant_htons(777)), - SYMBOL("moira-ureg", __constant_htons(779)), - SYMBOL("spamd", __constant_htons(783)), - SYMBOL("omirr", __constant_htons(808)), - SYMBOL("supfilesrv", __constant_htons(871)), - SYMBOL("rsync", __constant_htons(873)), - SYMBOL("swat", __constant_htons(901)), - SYMBOL("ftps-data", __constant_htons(989)), - SYMBOL("ftps", __constant_htons(990)), - SYMBOL("telnets", __constant_htons(992)), - SYMBOL("imaps", __constant_htons(993)), - SYMBOL("ircs", __constant_htons(994)), - SYMBOL("pop3s", __constant_htons(995)), - SYMBOL("customs", __constant_htons(1001)), - SYMBOL("socks", __constant_htons(1080)), - SYMBOL("proofd", __constant_htons(1093)), - SYMBOL("rootd", __constant_htons(1094)), - SYMBOL("rmiregistry", __constant_htons(1099)), - SYMBOL("kpop", __constant_htons(1109)), - SYMBOL("supfiledbg", __constant_htons(1127)), - SYMBOL("skkserv", __constant_htons(1178)), - SYMBOL("openvpn", __constant_htons(1194)), - SYMBOL("predict", __constant_htons(1210)), - SYMBOL("kazaa", __constant_htons(1214)), - SYMBOL("rmtcfg", __constant_htons(1236)), - SYMBOL("nessus", __constant_htons(1241)), - SYMBOL("wipld", __constant_htons(1300)), - SYMBOL("xtel", __constant_htons(1313)), - SYMBOL("xtelw", __constant_htons(1314)), - SYMBOL("lotusnote", __constant_htons(1352)), - SYMBOL("ms-sql-s", __constant_htons(1433)), - SYMBOL("ms-sql-m", __constant_htons(1434)), - SYMBOL("ingreslock", __constant_htons(1524)), - SYMBOL("prospero-np", __constant_htons(1525)), - SYMBOL("support", __constant_htons(1529)), - SYMBOL("datametrics", __constant_htons(1645)), - SYMBOL("sa-msg-port", __constant_htons(1646)), - SYMBOL("kermit", __constant_htons(1649)), - SYMBOL("groupwise", __constant_htons(1677)), - SYMBOL("l2f", __constant_htons(1701)), - SYMBOL("radius", __constant_htons(1812)), - SYMBOL("radius-acct", __constant_htons(1813)), - SYMBOL("msnp", __constant_htons(1863)), - SYMBOL("unix-status", __constant_htons(1957)), - SYMBOL("log-server", __constant_htons(1958)), - SYMBOL("remoteping", __constant_htons(1959)), - SYMBOL("cisco-sccp", __constant_htons(2000)), - SYMBOL("cfinger", __constant_htons(2003)), - SYMBOL("search", __constant_htons(2010)), - SYMBOL("nfs", __constant_htons(2049)), - SYMBOL("knetd", __constant_htons(2053)), - SYMBOL("gnunet", __constant_htons(2086)), - SYMBOL("rtcm-sc104", __constant_htons(2101)), - SYMBOL("zephyr-srv", __constant_htons(2102)), - SYMBOL("zephyr-clt", __constant_htons(2103)), - SYMBOL("zephyr-hm", __constant_htons(2104)), - SYMBOL("eklogin", __constant_htons(2105)), - SYMBOL("kx", __constant_htons(2111)), - SYMBOL("gsigatekeeper", __constant_htons(2119)), - SYMBOL("iprop", __constant_htons(2121)), - SYMBOL("gris", __constant_htons(2135)), - SYMBOL("ninstall", __constant_htons(2150)), - SYMBOL("cvspserver", __constant_htons(2401)), - SYMBOL("venus", __constant_htons(2430)), - SYMBOL("venus-se", __constant_htons(2431)), - SYMBOL("codasrv", __constant_htons(2432)), - SYMBOL("codasrv-se", __constant_htons(2433)), - SYMBOL("mon", __constant_htons(2583)), - SYMBOL("zebrasrv", __constant_htons(2600)), - SYMBOL("zebra", __constant_htons(2601)), - SYMBOL("ripd", __constant_htons(2602)), - SYMBOL("ripngd", __constant_htons(2603)), - SYMBOL("ospfd", __constant_htons(2604)), - SYMBOL("bgpd", __constant_htons(2605)), - SYMBOL("ospf6d", __constant_htons(2606)), - SYMBOL("ospfapi", __constant_htons(2607)), - SYMBOL("isisd", __constant_htons(2608)), - SYMBOL("dict", __constant_htons(2628)), - SYMBOL("f5-globalsite", __constant_htons(2792)), - SYMBOL("gsiftp", __constant_htons(2811)), - SYMBOL("gpsd", __constant_htons(2947)), - SYMBOL("afbackup", __constant_htons(2988)), - SYMBOL("afmbackup", __constant_htons(2989)), - SYMBOL("gds-db", __constant_htons(3050)), - SYMBOL("icpv2", __constant_htons(3130)), - SYMBOL("iscsi-target", __constant_htons(3260)), - SYMBOL("mysql", __constant_htons(3306)), - SYMBOL("nut", __constant_htons(3493)), - SYMBOL("distcc", __constant_htons(3632)), - SYMBOL("daap", __constant_htons(3689)), - SYMBOL("svn", __constant_htons(3690)), - SYMBOL("suucp", __constant_htons(4031)), - SYMBOL("sysrqd", __constant_htons(4094)), - SYMBOL("sieve", __constant_htons(4190)), - SYMBOL("xtell", __constant_htons(4224)), - SYMBOL("f5-iquery", __constant_htons(4353)), - SYMBOL("epmd", __constant_htons(4369)), - SYMBOL("remctl", __constant_htons(4373)), - SYMBOL("ipsec-nat-t", __constant_htons(4500)), - SYMBOL("fax", __constant_htons(4557)), - SYMBOL("hylafax", __constant_htons(4559)), - SYMBOL("iax", __constant_htons(4569)), - SYMBOL("distmp3", __constant_htons(4600)), - SYMBOL("mtn", __constant_htons(4691)), - SYMBOL("radmin-port", __constant_htons(4899)), - SYMBOL("munin", __constant_htons(4949)), - SYMBOL("rfe", __constant_htons(5002)), - SYMBOL("mmcc", __constant_htons(5050)), - SYMBOL("enbd-cstatd", __constant_htons(5051)), - SYMBOL("enbd-sstatd", __constant_htons(5052)), - SYMBOL("sip", __constant_htons(5060)), - SYMBOL("sip-tls", __constant_htons(5061)), - SYMBOL("pcrd", __constant_htons(5151)), - SYMBOL("aol", __constant_htons(5190)), - SYMBOL("xmpp-client", __constant_htons(5222)), - SYMBOL("xmpp-server", __constant_htons(5269)), - SYMBOL("cfengine", __constant_htons(5308)), - SYMBOL("mdns", __constant_htons(5353)), - SYMBOL("noclog", __constant_htons(5354)), - SYMBOL("hostmon", __constant_htons(5355)), - SYMBOL("postgresql", __constant_htons(5432)), - SYMBOL("rplay", __constant_htons(5555)), - SYMBOL("freeciv", __constant_htons(5556)), - SYMBOL("nrpe", __constant_htons(5666)), - SYMBOL("nsca", __constant_htons(5667)), - SYMBOL("amqps", __constant_htons(5671)), - SYMBOL("amqp", __constant_htons(5672)), - SYMBOL("mrtd", __constant_htons(5674)), - SYMBOL("bgpsim", __constant_htons(5675)), - SYMBOL("canna", __constant_htons(5680)), - SYMBOL("ggz", __constant_htons(5688)), - SYMBOL("x11", __constant_htons(6000)), - SYMBOL("x11-1", __constant_htons(6001)), - SYMBOL("x11-2", __constant_htons(6002)), - SYMBOL("x11-3", __constant_htons(6003)), - SYMBOL("x11-4", __constant_htons(6004)), - SYMBOL("x11-5", __constant_htons(6005)), - SYMBOL("x11-6", __constant_htons(6006)), - SYMBOL("x11-7", __constant_htons(6007)), - SYMBOL("gnutella-svc", __constant_htons(6346)), - SYMBOL("gnutella-rtr", __constant_htons(6347)), - SYMBOL("sge-qmaster", __constant_htons(6444)), - SYMBOL("sge-execd", __constant_htons(6445)), - SYMBOL("mysql-proxy", __constant_htons(6446)), - SYMBOL("syslog-tls", __constant_htons(6514)), - SYMBOL("sane-port", __constant_htons(6566)), - SYMBOL("ircd", __constant_htons(6667)), - SYMBOL("afs3-fileserver", __constant_htons(7000)), - SYMBOL("afs3-callback", __constant_htons(7001)), - SYMBOL("afs3-prserver", __constant_htons(7002)), - SYMBOL("afs3-vlserver", __constant_htons(7003)), - SYMBOL("afs3-kaserver", __constant_htons(7004)), - SYMBOL("afs3-volser", __constant_htons(7005)), - SYMBOL("afs3-errors", __constant_htons(7006)), - SYMBOL("afs3-bos", __constant_htons(7007)), - SYMBOL("afs3-update", __constant_htons(7008)), - SYMBOL("afs3-rmtsys", __constant_htons(7009)), - SYMBOL("font-service", __constant_htons(7100)), - SYMBOL("zope-ftp", __constant_htons(8021)), - SYMBOL("http-alt", __constant_htons(8080)), - SYMBOL("tproxy", __constant_htons(8081)), - SYMBOL("omniorb", __constant_htons(8088)), - SYMBOL("clc-build-daemon", __constant_htons(8990)), - SYMBOL("xinetd", __constant_htons(9098)), - SYMBOL("bacula-dir", __constant_htons(9101)), - SYMBOL("bacula-fd", __constant_htons(9102)), - SYMBOL("bacula-sd", __constant_htons(9103)), - SYMBOL("mandelspawn", __constant_htons(9359)), - SYMBOL("git", __constant_htons(9418)), - SYMBOL("xmms2", __constant_htons(9667)), - SYMBOL("zope", __constant_htons(9673)), - SYMBOL("webmin", __constant_htons(10000)), - SYMBOL("zabbix-agent", __constant_htons(10050)), - SYMBOL("zabbix-trapper", __constant_htons(10051)), - SYMBOL("amanda", __constant_htons(10080)), - SYMBOL("kamanda", __constant_htons(10081)), - SYMBOL("amandaidx", __constant_htons(10082)), - SYMBOL("amidxtape", __constant_htons(10083)), - SYMBOL("nbd", __constant_htons(10809)), - SYMBOL("dicom", __constant_htons(11112)), - SYMBOL("smsqp", __constant_htons(11201)), - SYMBOL("hkp", __constant_htons(11371)), - SYMBOL("bprd", __constant_htons(13720)), - SYMBOL("bpdbm", __constant_htons(13721)), - SYMBOL("bpjava-msvc", __constant_htons(13722)), - SYMBOL("vnetd", __constant_htons(13724)), - SYMBOL("bpcd", __constant_htons(13782)), - SYMBOL("vopied", __constant_htons(13783)), - SYMBOL("xpilot", __constant_htons(15345)), - SYMBOL("sgi-cmsd", __constant_htons(17001)), - SYMBOL("sgi-crsd", __constant_htons(17002)), - SYMBOL("sgi-gcd", __constant_htons(17003)), - SYMBOL("sgi-cad", __constant_htons(17004)), - SYMBOL("db-lsp", __constant_htons(17500)), - SYMBOL("isdnlog", __constant_htons(20011)), - SYMBOL("vboxd", __constant_htons(20012)), - SYMBOL("dcap", __constant_htons(22125)), - SYMBOL("gsidcap", __constant_htons(22128)), - SYMBOL("wnn6", __constant_htons(22273)), - SYMBOL("binkp", __constant_htons(24554)), - SYMBOL("asp", __constant_htons(27374)), - SYMBOL("csync2", __constant_htons(30865)), - SYMBOL_LIST_END - }, -}; -- cgit v1.2.3