diff options
author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org> | 2005-01-03 09:51:58 +0000 |
---|---|---|
committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=rusty/emailAddress=rusty@netfilter.org> | 2005-01-03 09:51:58 +0000 |
commit | 336c11fe36e8a03abadcd7bdceef1efccc2e84c5 (patch) | |
tree | 0c6a5a7c0b204cfa8547456e5806f355cf222537 /extensions/libipt_multiport.c | |
parent | 55283c74d4ca3284f61803581cf98c950f64dd70 (diff) |
Testsuite found an issue: multiport accepts -p ! tcp.
Diffstat (limited to 'extensions/libipt_multiport.c')
-rw-r--r-- | extensions/libipt_multiport.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c index 7442f94..410a390 100644 --- a/extensions/libipt_multiport.c +++ b/extensions/libipt_multiport.c @@ -144,6 +144,10 @@ init(struct ipt_entry_match *m, unsigned int *nfcache) static const char * check_proto(const struct ipt_entry *entry) { + if (entry->ip.invflags & IPT_INV_PROTO) + exit_error(PARAMETER_PROBLEM, + "multiport only works with TCP or UDP"); + if (entry->ip.proto == IPPROTO_TCP) return "tcp"; else if (entry->ip.proto == IPPROTO_UDP) |