From 27a579fceeabfdffd47d1e6618e0fa5d8dfc2b93 Mon Sep 17 00:00:00 2001 From: "/C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=kaber/emailAddress=kaber@netfilter.org" Date: Tue, 25 Jul 2006 01:50:48 +0000 Subject: Revert "proto_to_name duplication" patch, as noticed by Yasuyuki it can cause invalid arguments to get accepted. --- extensions/libipt_multiport.c | 21 +++++++++++++++++++-- include/iptables.h | 1 - iptables.c | 3 +-- 3 files changed, 20 insertions(+), 5 deletions(-) diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c index 28fd850..2a10abd 100644 --- a/extensions/libipt_multiport.c +++ b/extensions/libipt_multiport.c @@ -51,6 +51,23 @@ static struct option opts[] = { {0} }; +static char * +proto_to_name(u_int8_t proto) +{ + switch (proto) { + case IPPROTO_TCP: + return "tcp"; + case IPPROTO_UDP: + return "udp"; + case IPPROTO_SCTP: + return "sctp"; + case IPPROTO_DCCP: + return "dccp"; + default: + return NULL; + } +} + static unsigned int parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) { @@ -126,7 +143,7 @@ check_proto(const struct ipt_entry *entry) exit_error(PARAMETER_PROBLEM, "multiport only works with TCP or UDP"); - if ((proto = proto_to_name(entry->ip.proto, 1)) != NULL) + if ((proto = proto_to_name(entry->ip.proto)) != NULL) return proto; else if (!entry->ip.proto) exit_error(PARAMETER_PROBLEM, @@ -247,7 +264,7 @@ port_to_service(int port, u_int8_t proto) { struct servent *service; - if ((service = getservbyport(htons(port), proto_to_name(proto, 1)))) + if ((service = getservbyport(htons(port), proto_to_name(proto)))) return service->s_name; return NULL; diff --git a/include/iptables.h b/include/iptables.h index d616c8c..ba27cac 100644 --- a/include/iptables.h +++ b/include/iptables.h @@ -151,7 +151,6 @@ extern int line; extern void register_match(struct iptables_match *me); extern void register_target(struct iptables_target *me); -extern char *proto_to_name(u_int8_t proto, int nolookup); extern int service_to_port(const char *name, const char *proto); extern u_int16_t parse_port(const char *port, const char *proto); extern struct in_addr *dotted_to_addr(const char *dotted); diff --git a/iptables.c b/iptables.c index 74925af..28917cf 100644 --- a/iptables.c +++ b/iptables.c @@ -229,10 +229,9 @@ static const struct pprot chain_protos[] = { { "esp", IPPROTO_ESP }, { "ah", IPPROTO_AH }, { "sctp", IPPROTO_SCTP }, - { "dccp", IPPROTO_DCCP }, }; -char * +static char * proto_to_name(u_int8_t proto, int nolookup) { unsigned int i; -- cgit v1.2.3