diff options
author | Stephen Frost <sfrost@snowman.net> | 2003-03-03 07:24:27 +0000 |
---|---|---|
committer | Harald Welte <laforge@gnumonks.org> | 2003-03-03 07:24:27 +0000 |
commit | d5903958e7fee47fa2828d7b2dc86238a15fa3dd (patch) | |
tree | 23469b8e96e02bd06aa8f9c7b46d67215aaf46d7 /extensions/libipt_recent.c | |
parent | f8ac329cc9a8822273aefc6686d58cae07e8a8f9 (diff) |
'recent' match update by Stephen Frost:
- Moved RECENT_NAME/RECENT_VER #define's to ipt_recent.h
- Added #define for IPT_RECENT_NAME_LEN instead of using constants directly
- Changed default packet count list length to 20 instead of 10
- Added option to define permissions for proc files created under
/proc/net/ipt_recent
- Changed printfs to be unsigned for unsigned variables
- Added explicit NULL termination for table name
- Fixed TTL checking to deal with TTL decrementing in routing logic, should
work across chains now.
- Side to check/set against is no longer per-table but per-rule, default src
- Created unsigned time_temp for time caluclations instead of using signed
temp variables
- Fixed spinlock handling in checkentry to not vmalloc while holding a
spinlock.
- Cleaned up memory free'ing routines to correctly free all memory on failure
- Fixed spinlock handling in destroy to not free while holding spinlock
- Added sanity check to hash table size, if an invalid size is given the
default will be used instead and a warning generated.
- Fixed save() function in libipt_recent.c
- Cleaned up and shortened recent.patch.help
Diffstat (limited to 'extensions/libipt_recent.c')
-rw-r--r-- | extensions/libipt_recent.c | 35 |
1 files changed, 18 insertions, 17 deletions
diff --git a/extensions/libipt_recent.c b/extensions/libipt_recent.c index 7c16d20d..e38fa319 100644 --- a/extensions/libipt_recent.c +++ b/extensions/libipt_recent.c @@ -32,6 +32,7 @@ help(void) " --name name Name of the recent list to be used. DEFAULT used if none given.\n" " --rsource Save the source address of each packet in the recent list table (default).\n" " --rdest Save the destination address of each packet in the recent list table.\n" +RECENT_NAME " " RECENT_VER ": Stephen Frost <sfrost@snowman.net>. http://snowman.net/projects/ipt_recent/\n" , IPTABLES_VERSION); @@ -59,7 +60,7 @@ init(struct ipt_entry_match *match, unsigned int *nfcache) *nfcache |= NFC_UNKNOWN; - strncpy(info->name,"DEFAULT",200); + strncpy(info->name,"DEFAULT",IPT_RECENT_NAME_LEN); info->side = IPT_RECENT_SOURCE; } @@ -75,7 +76,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 201: if (*flags) exit_error(PARAMETER_PROBLEM, - "recent: only one of `--set', `--check' " + "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); check_inverse(optarg, &invert, &optind, 0); info->check_set |= IPT_RECENT_SET; @@ -85,7 +86,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, case 202: if (*flags) exit_error(PARAMETER_PROBLEM, - "recent: only one of `--set', `--check' " + "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); check_inverse(optarg, &invert, &optind, 0); info->check_set |= IPT_RECENT_CHECK; @@ -95,7 +96,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, case 203: if (*flags) exit_error(PARAMETER_PROBLEM, - "recent: only one of `--set', `--check' " + "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); check_inverse(optarg, &invert, &optind, 0); info->check_set |= IPT_RECENT_UPDATE; @@ -105,7 +106,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, case 206: if (*flags) exit_error(PARAMETER_PROBLEM, - "recent: only one of `--set', `--check' " + "recent: only one of `--set', `--rcheck' " "`--update' or `--remove' may be set"); check_inverse(optarg, &invert, &optind, 0); info->check_set |= IPT_RECENT_REMOVE; @@ -126,7 +127,7 @@ parse(int c, char **argv, int invert, unsigned int *flags, break; case 208: - strncpy(info->name,optarg,200); + strncpy(info->name,optarg,IPT_RECENT_NAME_LEN); break; case 209: @@ -151,7 +152,7 @@ final_check(unsigned int flags) if (!flags) exit_error(PARAMETER_PROBLEM, - "recent: you must specify one of `--set', `--check' " + "recent: you must specify one of `--set', `--rcheck' " "`--update' or `--remove'"); } @@ -187,16 +188,16 @@ save(const struct ipt_ip *ip, const struct ipt_entry_match *match) if (info->invert) fputc('!', stdout); printf("recent: "); - if(info->check_set & IPT_RECENT_SET) printf("SET "); - if(info->check_set & IPT_RECENT_CHECK) printf("CHECK "); - if(info->check_set & IPT_RECENT_UPDATE) printf("UPDATE "); - if(info->check_set & IPT_RECENT_REMOVE) printf("REMOVE "); - if(info->seconds) printf("seconds: %d ",info->seconds); - if(info->hit_count) printf("hit_count: %d ",info->hit_count); - if(info->check_set & IPT_RECENT_TTL) printf("TTL-Match "); - if(info->name) printf("name: %s ",info->name); - if(info->side == IPT_RECENT_SOURCE) printf("side: source "); - if(info->side == IPT_RECENT_DEST) printf("side: dest"); + if(info->check_set & IPT_RECENT_SET) printf("--set "); + if(info->check_set & IPT_RECENT_CHECK) printf("--rcheck "); + if(info->check_set & IPT_RECENT_UPDATE) printf("--update "); + if(info->check_set & IPT_RECENT_REMOVE) printf("--remove "); + if(info->seconds) printf("--seconds %d ",info->seconds); + if(info->hit_count) printf("--hitcount %d ",info->hit_count); + if(info->check_set & IPT_RECENT_TTL) printf("-rttl "); + if(info->name) printf("--name %s ",info->name); + if(info->side == IPT_RECENT_SOURCE) printf("--rsource "); + if(info->side == IPT_RECENT_DEST) printf("--rdest "); } static |