diff options
| author | Jan Engelhardt <jengelh@medozas.de> | 2011-05-13 00:15:45 +0200 |
|---|---|---|
| committer | Jan Engelhardt <jengelh@medozas.de> | 2011-05-13 02:00:01 +0200 |
| commit | f25b2355e889290879c8cecad3dd24ec0c384fb8 (patch) | |
| tree | a48977f15799809a3d22c9485c2cf0da6eb35ff5 /extensions | |
| parent | e82d031af24c8155357c6f2d2b2e236bd6cf67e4 (diff) | |
libipt_[SD]NAT: avoid false error about multiple destinations specified
iptables-restore v1.4.10: DNAT: Multiple --to-destination not supported
xtables_option_parse sets cb->xflags already, so that it cannot be
directly used to test whether an option is being used for the second
time. Thus use a private option/flag (X_TO_DEST/SRC) that is not under
the control of xtables_option_parse.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
Diffstat (limited to 'extensions')
| -rw-r--r-- | extensions/libipt_DNAT.c | 9 | ||||
| -rw-r--r-- | extensions/libipt_SNAT.c | 9 |
2 files changed, 12 insertions, 6 deletions
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c index 8c4c9c25..3b55c69c 100644 --- a/extensions/libipt_DNAT.c +++ b/extensions/libipt_DNAT.c @@ -12,8 +12,10 @@ enum { O_TO_DEST = 0, O_RANDOM, O_PERSISTENT, - F_TO_DEST = 1 << O_TO_DEST, - F_RANDOM = 1 << O_RANDOM, + O_X_TO_DEST, /* hidden flag */ + F_TO_DEST = 1 << O_TO_DEST, + F_RANDOM = 1 << O_RANDOM, + F_X_TO_DEST = 1 << O_X_TO_DEST, }; /* Dest NAT data consists of a multi-range, indicating where to map @@ -164,7 +166,7 @@ static void DNAT_parse(struct xt_option_call *cb) xtables_option_parse(cb); switch (cb->entry->id) { case O_TO_DEST: - if (cb->xflags & F_TO_DEST) { + if (cb->xflags & F_X_TO_DEST) { if (!kernel_version) get_kernel_version(); if (kernel_version > LINUX_VERSION(2, 6, 10)) @@ -175,6 +177,7 @@ static void DNAT_parse(struct xt_option_call *cb) /* WTF do we need this for?? */ if (cb->xflags & F_RANDOM) info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM; + cb->xflags |= F_X_TO_DEST; break; case O_RANDOM: if (cb->xflags & F_TO_DEST) diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c index 36910417..80233060 100644 --- a/extensions/libipt_SNAT.c +++ b/extensions/libipt_SNAT.c @@ -12,8 +12,10 @@ enum { O_TO_SRC = 0, O_RANDOM, O_PERSISTENT, - F_TO_SRC = 1 << O_TO_SRC, - F_RANDOM = 1 << O_RANDOM, + O_X_TO_SRC, + F_TO_SRC = 1 << O_TO_SRC, + F_RANDOM = 1 << O_RANDOM, + F_X_TO_SRC = 1 << O_X_TO_SRC, }; /* Source NAT data consists of a multi-range, indicating where to map @@ -164,7 +166,7 @@ static void SNAT_parse(struct xt_option_call *cb) xtables_option_parse(cb); switch (cb->entry->id) { case O_TO_SRC: - if (cb->xflags & F_TO_SRC) { + if (cb->xflags & F_X_TO_SRC) { if (!kernel_version) get_kernel_version(); if (kernel_version > LINUX_VERSION(2, 6, 10)) @@ -175,6 +177,7 @@ static void SNAT_parse(struct xt_option_call *cb) /* WTF do we need this for?? */ if (cb->xflags & F_RANDOM) info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM; + cb->xflags |= F_X_TO_SRC; break; case O_RANDOM: if (cb->xflags & F_TO_SRC) |