From b6e00345ebf01b06d792cd89522e6b7b114783f7 Mon Sep 17 00:00:00 2001
From: Bart De Schuymer <bdschuym@pandora.be>
Date: Mon, 23 Jan 2006 18:08:07 +0000
Subject: allow SCTP/DCCP (Patrick McHardy)

---
 userspace/ebtables2/extensions/ebt_ip.c  | 13 ++++++++-----
 userspace/ebtables2/include/ebtables_u.h |  7 +++++++
 2 files changed, 15 insertions(+), 5 deletions(-)

(limited to 'userspace')

diff --git a/userspace/ebtables2/extensions/ebt_ip.c b/userspace/ebtables2/extensions/ebt_ip.c
index 8e45171..4fac896 100644
--- a/userspace/ebtables2/extensions/ebt_ip.c
+++ b/userspace/ebtables2/extensions/ebt_ip.c
@@ -208,18 +208,21 @@ static void final_check(const struct ebt_u_entry *entry,
    const struct ebt_entry_match *match, const char *name,
    unsigned int hookmask, unsigned int time)
 {
- 	struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)match->data;
+	struct ebt_ip_info *ipinfo = (struct ebt_ip_info *)match->data;
 
 	if (entry->ethproto != ETH_P_IP || entry->invflags & EBT_IPROTO) {
 		ebt_print_error("For IP filtering the protocol must be "
 		            "specified as IPv4");
 	} else if (ipinfo->bitmask & (EBT_IP_SPORT|EBT_IP_DPORT) &&
-		(!(ipinfo->bitmask & EBT_IP_PROTO) || 
+		(!(ipinfo->bitmask & EBT_IP_PROTO) ||
 		ipinfo->invflags & EBT_IP_PROTO ||
-		(ipinfo->protocol!=IPPROTO_TCP && 
-			ipinfo->protocol!=IPPROTO_UDP)))
+		(ipinfo->protocol!=IPPROTO_TCP &&
+		 ipinfo->protocol!=IPPROTO_UDP &&
+		 ipinfo->protocol!=IPPROTO_SCTP &&
+		 ipinfo->protocol!=IPPROTO_DCCP)))
 		ebt_print_error("For port filtering the IP protocol must be "
-				"either 6 (tcp) or 17 (udp)");
+				"either 6 (tcp), 17 (udp), 33 (dccp) or "
+				"132 (sctp)");
 }
 
 static void print(const struct ebt_u_entry *entry,
diff --git a/userspace/ebtables2/include/ebtables_u.h b/userspace/ebtables2/include/ebtables_u.h
index d24cf9c..25f3fbb 100644
--- a/userspace/ebtables2/include/ebtables_u.h
+++ b/userspace/ebtables2/include/ebtables_u.h
@@ -26,6 +26,13 @@
 #include <netinet/in.h>
 #include <linux/netfilter_bridge/ebtables.h>
 
+#ifndef IPPROTO_SCTP
+#define IPPROTO_SCTP		132
+#endif
+#ifndef IPPROTO_DCCP
+#define IPPROTO_DCCP		33
+#endif
+
 #define EXEC_STYLE_PRG		0
 #define EXEC_STYLE_DAEMON	1
 
-- 
cgit v1.2.3