diff options
| author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-06-04 17:30:24 +0000 |
|---|---|---|
| committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2007-06-04 17:30:24 +0000 |
| commit | 37aa26983847cf1be7884427b16815da84e6b82a (patch) | |
| tree | 50a1b300c736226eec810e5a162913ea49fdc18f | |
| parent | 96e24fbed8e9e45c82e500eb4d34293696dced23 (diff) | |
add aliases --sport and --dport to make it more iptables-like
| -rw-r--r-- | ChangeLog | 1 | ||||
| -rw-r--r-- | examples/cli/test.sh | 22 | ||||
| -rw-r--r-- | extensions/libct_proto_tcp.c | 2 | ||||
| -rw-r--r-- | extensions/libct_proto_udp.c | 2 |
4 files changed, 15 insertions, 12 deletions
@@ -16,6 +16,7 @@ o lots of cleanups o fix segfault with conntrack --output (Krzysztof Oledzky) o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt o remove bogus option to get a conntrack in test.sh example file +o add aliases --sport and --dport to make it more iptables-like version 0.9.3 (2006/05/22) ------------------------------ diff --git a/examples/cli/test.sh b/examples/cli/test.sh index cb449bf..2a0fef7 100644 --- a/examples/cli/test.sh +++ b/examples/cli/test.sh @@ -24,32 +24,30 @@ case $1 in ;; new-simple) echo "creating a new conntrack (simplified)" - $CONNTRACK -I --orig-src $SRC --orig-dst $DST \ - -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT \ + $CONNTRACK -I -s $SRC -d $DST \ + -p tcp --sport $SPORT --dport $DPORT \ --state LISTEN -u SEEN_REPLY -t 50 ;; new-nat) echo "creating a new conntrack (NAT)" - $CONNTRACK -I --orig-src $SRC --orig-dst $DST \ - -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT \ + $CONNTRACK -I -s $SRC -d $DST \ + -p tcp --sport $SPORT --dport $DPORT \ --state LISTEN -u SEEN_REPLY -t 50 --dst-nat 8.8.8.8 ;; get) echo "getting a conntrack" - $CONNTRACK -G --orig-src $SRC --orig-dst $DST \ - -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT + $CONNTRACK -G -s $SRC -d $DST \ + -p tcp --sport $SPORT --dport $DPORT ;; change) echo "change a conntrack" - $CONNTRACK -U --orig-src $SRC --orig-dst $DST \ - --reply-src $DST --reply-dst $SRC -p tcp \ - --orig-port-src $SPORT --orig-port-dst $DPORT \ - --reply-port-src $DPORT --reply-port-dst $SPORT \ + $CONNTRACK -U -s $SRC -d $DST \ + -p tcp --sport $SPORT --dport $DPORT \ --state TIME_WAIT -u ASSURED,SEEN_REPLY -t 500 ;; delete) - $CONNTRACK -D --orig-src $SRC --orig-dst $DST \ - -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT + $CONNTRACK -D -s $SRC -d $DST \ + -p tcp --sport $SPORT --dport $DPORT ;; output) proc=$(cat /proc/net/ip_conntrack | wc -l) diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index 5a5c5c4..1f0cde6 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -19,7 +19,9 @@ static struct option opts[] = { {"orig-port-src", 1, 0, '1'}, + {"sport", 1, 0, '1'}, {"orig-port-dst", 1, 0, '2'}, + {"dport", 1, 0, '2'}, {"reply-port-src", 1, 0, '3'}, {"reply-port-dst", 1, 0, '4'}, {"mask-port-src", 1, 0, '5'}, diff --git a/extensions/libct_proto_udp.c b/extensions/libct_proto_udp.c index bae9bf8..ff9c3d2 100644 --- a/extensions/libct_proto_udp.c +++ b/extensions/libct_proto_udp.c @@ -19,7 +19,9 @@ static struct option opts[] = { {"orig-port-src", 1, 0, '1'}, + {"sport", 1, 0, '1'}, {"orig-port-dst", 1, 0, '2'}, + {"dport", 1, 0, '2'}, {"reply-port-src", 1, 0, '3'}, {"reply-port-dst", 1, 0, '4'}, {"mask-port-src", 1, 0, '5'}, |