summaryrefslogtreecommitdiffstats
path: root/iptables/xtables-translate.c
diff options
context:
space:
mode:
Diffstat (limited to 'iptables/xtables-translate.c')
-rw-r--r--iptables/xtables-translate.c17
1 files changed, 16 insertions, 1 deletions
diff --git a/iptables/xtables-translate.c b/iptables/xtables-translate.c
index 8ebe523c..3d8617f0 100644
--- a/iptables/xtables-translate.c
+++ b/iptables/xtables-translate.c
@@ -131,7 +131,6 @@ bool xlate_find_match(const struct iptables_command_state *cs, const char *p_nam
{
struct xtables_rule_match *matchp;
- /* Skip redundant protocol, eg. ip protocol tcp tcp dport */
for (matchp = cs->matches; matchp; matchp = matchp->next) {
if (strcmp(matchp->match->name, p_name) == 0)
return true;
@@ -139,6 +138,22 @@ bool xlate_find_match(const struct iptables_command_state *cs, const char *p_nam
return false;
}
+bool xlate_find_protomatch(const struct iptables_command_state *cs,
+ uint16_t proto)
+{
+ struct protoent *pent;
+ int i;
+
+ /* Skip redundant protocol, eg. ip protocol tcp tcp dport */
+ for (i = 0; xtables_chain_protos[i].name != NULL; i++) {
+ if (xtables_chain_protos[i].num == proto &&
+ xlate_find_match(cs, xtables_chain_protos[i].name))
+ return true;
+ }
+ pent = getprotobynumber(proto);
+ return pent && xlate_find_match(cs, pent->p_name);
+}
+
const char *family2str[] = {
[NFPROTO_ARP] = "arp",
[NFPROTO_IPV4] = "ip",