summaryrefslogtreecommitdiffstats
path: root/extensions
diff options
context:
space:
mode:
authorPatrick McHardy <kaber@trash.net>2003-04-13 16:32:49 +0000
committerHarald Welte <laforge@gnumonks.org>2003-04-13 16:32:49 +0000
commit5e3d5ca1b25b3cde9a40c5c74b7484dc909f097f (patch)
tree3e8b1003b6a3e56bde2825a34a8e0beffd926142 /extensions
parentfe7a121155fa6a44a7afa2fdb2102c6c57015c8f (diff)
apply ipv6 port of ownercmd patch (Patrick McHardy)
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libip6t_owner.c41
1 files changed, 41 insertions, 0 deletions
diff --git a/extensions/libip6t_owner.c b/extensions/libip6t_owner.c
index ce343589..ee3283cd 100644
--- a/extensions/libip6t_owner.c
+++ b/extensions/libip6t_owner.c
@@ -14,14 +14,26 @@
static void
help(void)
{
+#ifdef IP6T_OWNER_COMM
printf(
"OWNER match v%s options:\n"
"[!] --uid-owner userid Match local uid\n"
"[!] --gid-owner groupid Match local gid\n"
"[!] --pid-owner processid Match local pid\n"
"[!] --sid-owner sessionid Match local sid\n"
+"[!] --cmd-owner name Match local command name\n"
"\n",
IPTABLES_VERSION);
+#else
+ printf(
+"OWNER match v%s options:\n"
+"[!] --uid-owner userid Match local uid\n"
+"[!] --gid-owner groupid Match local gid\n"
+"[!] --pid-owner processid Match local pid\n"
+"[!] --sid-owner sessionid Match local sid\n"
+"\n",
+IPTABLES_VERSION);
+#endif /* IP6T_OWNER_COMM */
}
static struct option opts[] = {
@@ -29,6 +41,9 @@ static struct option opts[] = {
{ "gid-owner", 1, 0, '2' },
{ "pid-owner", 1, 0, '3' },
{ "sid-owner", 1, 0, '4' },
+#ifdef IP6T_OWNER_COMM
+ { "cmd-owner", 1, 0, '5' },
+#endif
{0}
};
@@ -107,6 +122,21 @@ parse(int c, char **argv, int invert, unsigned int *flags,
*flags = 1;
break;
+#ifdef IP6T_OWNER_COMM
+ case '5':
+ check_inverse(optarg, &invert, &optind, 0);
+ if(strlen(optarg) > sizeof(ownerinfo->comm))
+ exit_error(PARAMETER_PROBLEM, "OWNER CMD `%s' too long, max %d characters", optarg, sizeof(ownerinfo->comm));
+
+ strncpy(ownerinfo->comm, optarg, sizeof(ownerinfo->comm));
+
+ if (invert)
+ ownerinfo->invert |= IP6T_OWNER_COMM;
+ ownerinfo->match |= IP6T_OWNER_COMM;
+ *flags = 1;
+ break;
+#endif
+
default:
return 0;
}
@@ -154,6 +184,11 @@ print_item(struct ip6t_owner_info *info, u_int8_t flag, int numeric, char *label
case IP6T_OWNER_SID:
printf("%u ", info->sid);
break;
+#ifdef IP6T_OWNER_COMM
+ case IP6T_OWNER_COMM:
+ printf("%.*s ", (int)sizeof(info->comm), info->comm);
+ break;
+#endif
default:
break;
}
@@ -181,6 +216,9 @@ print(const struct ip6t_ip6 *ip,
print_item(info, IP6T_OWNER_GID, numeric, "OWNER GID match ");
print_item(info, IP6T_OWNER_PID, numeric, "OWNER PID match ");
print_item(info, IP6T_OWNER_SID, numeric, "OWNER SID match ");
+#ifdef IP6T_OWNER_COMM
+ print_item(info, IP6T_OWNER_COMM, numeric, "OWNER CMD match ");
+#endif
}
/* Saves the union ip6t_matchinfo in parsable form to stdout. */
@@ -193,6 +231,9 @@ save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match)
print_item(info, IP6T_OWNER_GID, 0, "--gid-owner ");
print_item(info, IP6T_OWNER_PID, 0, "--pid-owner ");
print_item(info, IP6T_OWNER_SID, 0, "--sid-owner ");
+#ifdef IP6T_OWNER_COMM
+ print_item(info, IP6T_OWNER_COMM, 0, "--cmd-owner ");
+#endif
}
static