summaryrefslogtreecommitdiffstats
path: root/extensions/libxt_multiport.c
diff options
context:
space:
mode:
Diffstat (limited to 'extensions/libxt_multiport.c')
-rw-r--r--extensions/libxt_multiport.c50
1 files changed, 35 insertions, 15 deletions
diff --git a/extensions/libxt_multiport.c b/extensions/libxt_multiport.c
index 07ad4cfd..813a3555 100644
--- a/extensions/libxt_multiport.c
+++ b/extensions/libxt_multiport.c
@@ -87,8 +87,7 @@ parse_multi_ports(const char *portstring, uint16_t *ports, const char *proto)
char *buffer, *cp, *next;
unsigned int i;
- buffer = strdup(portstring);
- if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
+ buffer = xtables_strdup(portstring);
for (cp=buffer, i=0; cp && i<XT_MULTI_PORTS; cp=next,i++)
{
@@ -109,8 +108,7 @@ parse_multi_ports_v1(const char *portstring,
char *buffer, *cp, *next, *range;
unsigned int i;
- buffer = strdup(portstring);
- if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed");
+ buffer = xtables_strdup(portstring);
for (i=0; i<XT_MULTI_PORTS; i++)
multiinfo->pflags[i] = 0;
@@ -250,7 +248,7 @@ static void multiport_parse6_v1(struct xt_option_call *cb)
static void multiport_check(struct xt_fcheck_call *cb)
{
if (cb->xflags == 0)
- xtables_error(PARAMETER_PROBLEM, "multiport expection an option");
+ xtables_error(PARAMETER_PROBLEM, "no ports specified");
}
static const char *
@@ -467,7 +465,8 @@ static void multiport_save6_v1(const void *ip_void,
}
static int __multiport_xlate(struct xt_xlate *xl,
- const struct xt_xlate_mt_params *params)
+ const struct xt_xlate_mt_params *params,
+ uint8_t proto)
{
const struct xt_multiport *multiinfo
= (const struct xt_multiport *)params->match->data;
@@ -481,14 +480,24 @@ static int __multiport_xlate(struct xt_xlate *xl,
xt_xlate_add(xl, " dport ");
break;
case XT_MULTIPORT_EITHER:
- return 0;
+ xt_xlate_add(xl, " sport . %s dport { ", proto_to_name(proto));
+ for (i = 0; i < multiinfo->count; i++) {
+ if (i != 0)
+ xt_xlate_add(xl, ", ");
+
+ xt_xlate_add(xl, "0-65535 . %u, %u . 0-65535",
+ multiinfo->ports[i], multiinfo->ports[i]);
+ }
+ xt_xlate_add(xl, " }");
+
+ return 1;
}
if (multiinfo->count > 1)
xt_xlate_add(xl, "{ ");
for (i = 0; i < multiinfo->count; i++)
- xt_xlate_add(xl, "%s%u", i ? "," : "", multiinfo->ports[i]);
+ xt_xlate_add(xl, "%s%u", i ? ", " : "", multiinfo->ports[i]);
if (multiinfo->count > 1)
xt_xlate_add(xl, "}");
@@ -502,7 +511,7 @@ static int multiport_xlate(struct xt_xlate *xl,
uint8_t proto = ((const struct ipt_ip *)params->ip)->proto;
xt_xlate_add(xl, "%s", proto_to_name(proto));
- return __multiport_xlate(xl, params);
+ return __multiport_xlate(xl, params, proto);
}
static int multiport_xlate6(struct xt_xlate *xl,
@@ -511,11 +520,12 @@ static int multiport_xlate6(struct xt_xlate *xl,
uint8_t proto = ((const struct ip6t_ip6 *)params->ip)->proto;
xt_xlate_add(xl, "%s", proto_to_name(proto));
- return __multiport_xlate(xl, params);
+ return __multiport_xlate(xl, params, proto);
}
static int __multiport_xlate_v1(struct xt_xlate *xl,
- const struct xt_xlate_mt_params *params)
+ const struct xt_xlate_mt_params *params,
+ uint8_t proto)
{
const struct xt_multiport_v1 *multiinfo =
(const struct xt_multiport_v1 *)params->match->data;
@@ -529,7 +539,17 @@ static int __multiport_xlate_v1(struct xt_xlate *xl,
xt_xlate_add(xl, " dport ");
break;
case XT_MULTIPORT_EITHER:
- return 0;
+ xt_xlate_add(xl, " sport . %s dport { ", proto_to_name(proto));
+ for (i = 0; i < multiinfo->count; i++) {
+ if (i != 0)
+ xt_xlate_add(xl, ", ");
+
+ xt_xlate_add(xl, "0-65535 . %u, %u . 0-65535",
+ multiinfo->ports[i], multiinfo->ports[i]);
+ }
+ xt_xlate_add(xl, " }");
+
+ return 1;
}
if (multiinfo->invert)
@@ -540,7 +560,7 @@ static int __multiport_xlate_v1(struct xt_xlate *xl,
xt_xlate_add(xl, "{ ");
for (i = 0; i < multiinfo->count; i++) {
- xt_xlate_add(xl, "%s%u", i ? "," : "", multiinfo->ports[i]);
+ xt_xlate_add(xl, "%s%u", i ? ", " : "", multiinfo->ports[i]);
if (multiinfo->pflags[i])
xt_xlate_add(xl, "-%u", multiinfo->ports[++i]);
}
@@ -558,7 +578,7 @@ static int multiport_xlate_v1(struct xt_xlate *xl,
uint8_t proto = ((const struct ipt_ip *)params->ip)->proto;
xt_xlate_add(xl, "%s", proto_to_name(proto));
- return __multiport_xlate_v1(xl, params);
+ return __multiport_xlate_v1(xl, params, proto);
}
static int multiport_xlate6_v1(struct xt_xlate *xl,
@@ -567,7 +587,7 @@ static int multiport_xlate6_v1(struct xt_xlate *xl,
uint8_t proto = ((const struct ip6t_ip6 *)params->ip)->proto;
xt_xlate_add(xl, "%s", proto_to_name(proto));
- return __multiport_xlate_v1(xl, params);
+ return __multiport_xlate_v1(xl, params, proto);
}
static struct xtables_match multiport_mt_reg[] = {