From ba2a63e1b8e18e0d1f383af50d3d40c2eb785d3e Mon Sep 17 00:00:00 2001
From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter
 Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org"
 </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org>
Date: Thu, 3 Nov 2005 19:57:50 +0000
Subject: See ChangeLog

---
 ChangeLog                     |  3 +++
 extensions/libct_proto_sctp.c | 10 ++++++++--
 extensions/libct_proto_tcp.c  | 10 ++++++++--
 include/conntrack.h           |  2 +-
 4 files changed, 20 insertions(+), 5 deletions(-)

diff --git a/ChangeLog b/ChangeLog
index 7ce1169..51bdeb5 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -3,6 +3,9 @@
 	o moves conntrack tool from bin to sbin directory since this
 	application is an administration utility and it requires uid==0 or
 	CAP_NET_ADMIN
+<pablo@eurodev.net>
+	o check if --state missing when -p is passed
+	o Bumped version to 0.96
 
 2005-11-01
 <pablo@eurodev.net>
diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c
index 2b1a337..5e96391 100644
--- a/extensions/libct_proto_sctp.c
+++ b/extensions/libct_proto_sctp.c
@@ -108,6 +108,7 @@ int parse_options(char c, char *argv[],
 					printf("doh?\n");
 					return 0;
 				}
+				*flags |= STATE;
 			}
 			break;
 	}
@@ -118,19 +119,24 @@ int final_check(unsigned int flags,
 		struct nfct_tuple *orig,
 		struct nfct_tuple *reply)
 {
+	int ret = 0;
+	
 	if ((flags & (ORIG_SPORT|ORIG_DPORT)) 
 	    && !(flags & (REPL_SPORT|REPL_DPORT))) {
 		reply->l4src.sctp.port = orig->l4dst.sctp.port;
 		reply->l4dst.sctp.port = orig->l4src.sctp.port;
-		return 1;
+		ret = 1;
 	} else if (!(flags & (ORIG_SPORT|ORIG_DPORT))
 	            && (flags & (REPL_SPORT|REPL_DPORT))) {
 		orig->l4src.sctp.port = reply->l4dst.sctp.port;
 		orig->l4dst.sctp.port = reply->l4src.sctp.port;
-		return 1;
+		ret = 1;
 	}
 	if ((flags & (ORIG_SPORT|ORIG_DPORT)) 
 	    && ((flags & (REPL_SPORT|REPL_DPORT))))
+		ret = 1;
+
+	if (ret & (flags & STATE))
 		return 1;
 
 	return 0;
diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c
index 4aa6587..7c1e605 100644
--- a/extensions/libct_proto_tcp.c
+++ b/extensions/libct_proto_tcp.c
@@ -131,6 +131,7 @@ int parse_options(char c, char *argv[],
 					printf("doh?\n");
 					return 0;
 				}
+				*flags |= STATE;
 			}
 			break;
 	}
@@ -141,19 +142,24 @@ int final_check(unsigned int flags,
 		struct nfct_tuple *orig,
 		struct nfct_tuple *reply)
 {
+	int ret = 0;
+	
 	if ((flags & (ORIG_SPORT|ORIG_DPORT)) 
 	    && !(flags & (REPL_SPORT|REPL_DPORT))) {
 		reply->l4src.tcp.port = orig->l4dst.tcp.port;
 		reply->l4dst.tcp.port = orig->l4src.tcp.port;
-		return 1;
+		ret = 1;
 	} else if (!(flags & (ORIG_SPORT|ORIG_DPORT))
 	            && (flags & (REPL_SPORT|REPL_DPORT))) {
 		orig->l4src.tcp.port = reply->l4dst.tcp.port;
 		orig->l4dst.tcp.port = reply->l4src.tcp.port;
-		return 1;
+		ret = 1;
 	}
 	if ((flags & (ORIG_SPORT|ORIG_DPORT)) 
 	    && ((flags & (REPL_SPORT|REPL_DPORT))))
+		ret = 1;
+
+	if (ret && (flags & STATE))
 		return 1;
 
 	return 0;
diff --git a/include/conntrack.h b/include/conntrack.h
index 58a9170..efe4417 100644
--- a/include/conntrack.h
+++ b/include/conntrack.h
@@ -6,7 +6,7 @@
 #include <libnetfilter_conntrack/libnetfilter_conntrack.h>
 
 #define PROGNAME "conntrack"
-#define CONNTRACK_VERSION "0.95"
+#define CONNTRACK_VERSION "0.96"
 
 /* FIXME: These should be independent from kernel space */
 #define IPS_ASSURED (1 << 2)
-- 
cgit v1.2.3