summaryrefslogtreecommitdiffstats
path: root/extensions/libipt_MASQUERADE.c
diff options
context:
space:
mode:
authorDmitry V. Levin <ldv@altlinux.org>2010-05-20 16:00:48 +0200
committerPatrick McHardy <kaber@trash.net>2010-05-20 16:00:48 +0200
commit7278461dfad72e2008585dd0bac0e889e5bba99e (patch)
treefeb3d32598f9940b9417c0e6c49963231f98adc2 /extensions/libipt_MASQUERADE.c
parent30290aea009cf3fd76f27336fb4370be3467c4da (diff)
extensions: MASQUERADE: fix --to-ports parser
Rewrite port range validator to use xtables_strtoui() and xtables_param_act(). Original check failed to recognize such port range errors as "1a-2" and "1-2a". Also, original parser erroneously denied using port 0, which is now allowed. Signed-off-by: Dmitry V. Levin <ldv@altlinux.org> Signed-off-by: Patrick McHardy <kaber@trash.net>
Diffstat (limited to 'extensions/libipt_MASQUERADE.c')
-rw-r--r--extensions/libipt_MASQUERADE.c32
1 files changed, 16 insertions, 16 deletions
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c
index 9d7fc172..3386ff34 100644
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -38,34 +38,34 @@ static void MASQUERADE_init(struct xt_entry_target *t)
static void
parse_ports(const char *arg, struct nf_nat_multi_range *mr)
{
- const char *dash;
- int port;
+ char *end;
+ unsigned int port, maxport;
mr->range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
- port = atoi(arg);
- if (port <= 0 || port > 65535)
- xtables_error(PARAMETER_PROBLEM, "Port \"%s\" not valid\n", arg);
+ if (!xtables_strtoui(arg, &end, &port, 0, UINT16_MAX))
+ xtables_param_act(XTF_BAD_VALUE, "MASQUERADE", "--to-ports", arg);
- dash = strchr(arg, '-');
- if (!dash) {
+ switch (*end) {
+ case '\0':
mr->range[0].min.tcp.port
= mr->range[0].max.tcp.port
= htons(port);
- } else {
- int maxport;
+ return;
+ case '-':
+ if (!xtables_strtoui(end + 1, NULL, &maxport, 0, UINT16_MAX))
+ break;
- maxport = atoi(dash + 1);
- if (maxport == 0 || maxport > 65535)
- xtables_error(PARAMETER_PROBLEM,
- "Port `%s' not valid\n", dash+1);
if (maxport < port)
- /* People are stupid. Present reader excepted. */
- xtables_error(PARAMETER_PROBLEM,
- "Port range `%s' funky\n", arg);
+ break;
+
mr->range[0].min.tcp.port = htons(port);
mr->range[0].max.tcp.port = htons(maxport);
+ return;
+ default:
+ break;
}
+ xtables_param_act(XTF_BAD_VALUE, "MASQUERADE", "--to-ports", arg);
}
static int MASQUERADE_parse(int c, char **argv, int invert, unsigned int *flags,