From 40efc1ebb15be022453f8c820c31099a8a0ebebd Mon Sep 17 00:00:00 2001 From: Pablo Neira Ayuso Date: Tue, 18 Nov 2008 10:33:35 +0100 Subject: conntrack: cleanup command line tool protocol extensions This patch cleans up the protocol extensions. Signed-off-by: Pablo Neira Ayuso --- extensions/libct_proto_icmp.c | 32 ++++---------- extensions/libct_proto_icmpv6.c | 34 ++++----------- extensions/libct_proto_tcp.c | 92 +++++++++-------------------------------- extensions/libct_proto_udp.c | 81 ++++++++---------------------------- 4 files changed, 52 insertions(+), 187 deletions(-) (limited to 'extensions') diff --git a/extensions/libct_proto_icmp.c b/extensions/libct_proto_icmp.c index 62ad00f..a2c9a85 100644 --- a/extensions/libct_proto_icmp.c +++ b/extensions/libct_proto_icmp.c @@ -67,40 +67,24 @@ static int parse(char c, unsigned int *flags) { switch(c) { + u_int8_t tmp; + u_int16_t id; case '1': - if (!optarg) - break; - - nfct_set_attr_u8(ct, - ATTR_ICMP_TYPE, - atoi(optarg)); - + tmp = atoi(optarg); + nfct_set_attr_u8(ct, ATTR_ICMP_TYPE, tmp); nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_ICMP); - *flags |= ICMP_TYPE; break; case '2': - if (!optarg) - break; - - nfct_set_attr_u8(ct, - ATTR_ICMP_CODE, - atoi(optarg)); - + tmp = atoi(optarg); + nfct_set_attr_u8(ct, ATTR_ICMP_CODE, tmp); nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_ICMP); - *flags |= ICMP_CODE; break; case '3': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_ICMP_ID, - htons(atoi(optarg))); - + id = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_ICMP_ID, id); nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_ICMP); - *flags |= ICMP_ID; break; } diff --git a/extensions/libct_proto_icmpv6.c b/extensions/libct_proto_icmpv6.c index 5346b59..388087d 100644 --- a/extensions/libct_proto_icmpv6.c +++ b/extensions/libct_proto_icmpv6.c @@ -70,42 +70,24 @@ static int parse(char c, unsigned int *flags) { switch(c) { + u_int8_t tmp; + u_int16_t id; case '1': - if (!optarg) - break; - - nfct_set_attr_u8(ct, - ATTR_ICMP_TYPE, - atoi(optarg)); - + tmp = atoi(optarg); + nfct_set_attr_u8(ct, ATTR_ICMP_TYPE, tmp); nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_ICMPV6); - *flags |= ICMP_TYPE; break; - case '2': - if (!optarg) - break; - - nfct_set_attr_u8(ct, - ATTR_ICMP_CODE, - atoi(optarg)); - + tmp = atoi(optarg); + nfct_set_attr_u8(ct, ATTR_ICMP_CODE, tmp); nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_ICMPV6); - *flags |= ICMP_CODE; break; - case '3': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_ICMP_ID, - htons(atoi(optarg))); - + id = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_ICMP_ID, id); nfct_set_attr_u8(ct, ATTR_L4PROTO, IPPROTO_ICMPV6); - *flags |= ICMP_ID; break; } diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index 0246758..d854c7f 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -93,84 +93,46 @@ static int parse_options(char c, unsigned int *flags) { int i; + u_int16_t port; switch(c) { case '1': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_ORIG_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, port); nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_TCP); - *flags |= TCP_ORIG_SPORT; break; case '2': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_ORIG_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, port); nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_TCP); - *flags |= TCP_ORIG_DPORT; break; case '3': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_REPL_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_REPL_PORT_SRC, port); nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_TCP); - *flags |= TCP_REPL_SPORT; break; case '4': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_REPL_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_REPL_PORT_DST, port); nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_TCP); - *flags |= TCP_REPL_DPORT; break; case '5': - if (!optarg) - break; - - nfct_set_attr_u16(mask, - ATTR_ORIG_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(mask, ATTR_ORIG_PORT_SRC, port); nfct_set_attr_u8(mask, ATTR_ORIG_L4PROTO, IPPROTO_TCP); - *flags |= TCP_MASK_SPORT; break; case '6': - if (!optarg) - break; - - nfct_set_attr_u16(mask, - ATTR_ORIG_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(mask, ATTR_ORIG_PORT_DST, port); nfct_set_attr_u8(mask, ATTR_ORIG_L4PROTO, IPPROTO_TCP); - *flags |= TCP_MASK_DPORT; break; case '7': - if (!optarg) - break; - for (i=0; i<10; i++) { if (strcmp(optarg, states[i]) == 0) { nfct_set_attr_u8(ct, @@ -185,31 +147,15 @@ static int parse_options(char c, *flags |= TCP_STATE; break; case '8': - if (!optarg) - break; - - nfct_set_attr_u16(exptuple, - ATTR_ORIG_PORT_SRC, - htons(atoi(optarg))); - - nfct_set_attr_u8(exptuple, - ATTR_ORIG_L4PROTO, - IPPROTO_TCP); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(exptuple, ATTR_ORIG_PORT_SRC, port); + nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, port); *flags |= TCP_EXPTUPLE_SPORT; break; case '9': - if (!optarg) - break; - - nfct_set_attr_u16(exptuple, - ATTR_ORIG_PORT_DST, - htons(atoi(optarg))); - - nfct_set_attr_u8(exptuple, - ATTR_ORIG_L4PROTO, - IPPROTO_TCP); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(exptuple, ATTR_ORIG_PORT_DST, port); + nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, port); *flags |= TCP_EXPTUPLE_DPORT; break; } diff --git a/extensions/libct_proto_udp.c b/extensions/libct_proto_udp.c index f9793d0..0f8bf5c 100644 --- a/extensions/libct_proto_udp.c +++ b/extensions/libct_proto_udp.c @@ -77,104 +77,57 @@ static int parse_options(char c, unsigned int *flags) { switch(c) { + u_int16_t port; case '1': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_ORIG_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_ORIG_PORT_SRC, port); nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_UDP); - *flags |= UDP_ORIG_SPORT; break; case '2': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_ORIG_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_ORIG_PORT_DST, port); nfct_set_attr_u8(ct, ATTR_ORIG_L4PROTO, IPPROTO_UDP); - *flags |= UDP_ORIG_DPORT; break; case '3': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_REPL_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_REPL_PORT_SRC, port); nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_UDP); - *flags |= UDP_REPL_SPORT; break; case '4': - if (!optarg) - break; - - nfct_set_attr_u16(ct, - ATTR_REPL_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(ct, ATTR_REPL_PORT_DST, port); nfct_set_attr_u8(ct, ATTR_REPL_L4PROTO, IPPROTO_UDP); - *flags |= UDP_REPL_DPORT; break; case '5': - if (!optarg) - break; - - nfct_set_attr_u16(mask, - ATTR_ORIG_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(mask, ATTR_ORIG_PORT_SRC, port); nfct_set_attr_u8(mask, ATTR_ORIG_L4PROTO, IPPROTO_UDP); - *flags |= UDP_MASK_SPORT; break; case '6': - if (!optarg) - break; - - nfct_set_attr_u16(mask, - ATTR_ORIG_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(mask, ATTR_ORIG_PORT_DST, port); nfct_set_attr_u8(mask, ATTR_ORIG_L4PROTO, IPPROTO_UDP); - *flags |= UDP_MASK_DPORT; break; case '7': - if (!optarg) - break; - - nfct_set_attr_u16(exptuple, - ATTR_ORIG_PORT_SRC, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(exptuple, ATTR_ORIG_PORT_SRC, port); nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, IPPROTO_UDP); - *flags |= UDP_EXPTUPLE_SPORT; break; case '8': - if (!optarg) - break; - - nfct_set_attr_u16(exptuple, - ATTR_ORIG_PORT_DST, - htons(atoi(optarg))); - + port = htons(atoi(optarg)); + nfct_set_attr_u16(exptuple, ATTR_ORIG_PORT_DST, port); nfct_set_attr_u8(exptuple, ATTR_ORIG_L4PROTO, IPPROTO_UDP); - *flags |= UDP_EXPTUPLE_DPORT; break; } -- cgit v1.2.3