From d5903958e7fee47fa2828d7b2dc86238a15fa3dd Mon Sep 17 00:00:00 2001
From: Stephen Frost <sfrost@snowman.net>
Date: Mon, 3 Mar 2003 07:24:27 +0000
Subject: 'recent' match update by Stephen Frost: - Moved
 RECENT_NAME/RECENT_VER #define's to ipt_recent.h - Added #define for
 IPT_RECENT_NAME_LEN instead of using constants directly - Changed default
 packet count list length to 20 instead of 10 - Added option to define
 permissions for proc files created under   /proc/net/ipt_recent - Changed
 printfs to be unsigned for unsigned variables - Added explicit NULL
 termination for table name - Fixed TTL checking to deal with TTL decrementing
 in routing logic, should   work across chains now. - Side to check/set
 against is no longer per-table but per-rule, default src - Created unsigned
 time_temp for time caluclations instead of using signed   temp variables -
 Fixed spinlock handling in checkentry to not vmalloc while holding a  
 spinlock. - Cleaned up memory free'ing routines to correctly free all memory
 on failure - Fixed spinlock handling in destroy to not free while holding
 spinlock - Added sanity check to hash table size, if an invalid size is given
 the   default will be used instead and a warning generated. - Fixed save()
 function in libipt_recent.c - Cleaned up and shortened recent.patch.help

---
 extensions/libipt_recent.c | 35 ++++++++++++++++++-----------------
 1 file changed, 18 insertions(+), 17 deletions(-)

(limited to 'extensions')

diff --git a/extensions/libipt_recent.c b/extensions/libipt_recent.c
index 7c16d20d..e38fa319 100644
--- a/extensions/libipt_recent.c
+++ b/extensions/libipt_recent.c
@@ -32,6 +32,7 @@ help(void)
 "    --name name                 Name of the recent list to be used.  DEFAULT used if none given.\n"
 "    --rsource                   Save the source address of each packet in the recent list table (default).\n"
 "    --rdest                     Save the destination address of each packet in the recent list table.\n"
+RECENT_NAME " " RECENT_VER ": Stephen Frost <sfrost@snowman.net>.  http://snowman.net/projects/ipt_recent/\n"
 ,
 IPTABLES_VERSION);
 
@@ -59,7 +60,7 @@ init(struct ipt_entry_match *match, unsigned int *nfcache)
 
 	*nfcache |= NFC_UNKNOWN;
 
-	strncpy(info->name,"DEFAULT",200);
+	strncpy(info->name,"DEFAULT",IPT_RECENT_NAME_LEN);
 	info->side = IPT_RECENT_SOURCE;
 }
 
@@ -75,7 +76,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 	switch (c) {
 		case 201:
 			if (*flags) exit_error(PARAMETER_PROBLEM,
-					"recent: only one of `--set', `--check' "
+					"recent: only one of `--set', `--rcheck' "
 					"`--update' or `--remove' may be set");
 			check_inverse(optarg, &invert, &optind, 0);
 			info->check_set |= IPT_RECENT_SET;
@@ -85,7 +86,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 			
 		case 202:
 			if (*flags) exit_error(PARAMETER_PROBLEM,
-					"recent: only one of `--set', `--check' "
+					"recent: only one of `--set', `--rcheck' "
 					"`--update' or `--remove' may be set");
 			check_inverse(optarg, &invert, &optind, 0);
 			info->check_set |= IPT_RECENT_CHECK;
@@ -95,7 +96,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 
 		case 203:
 			if (*flags) exit_error(PARAMETER_PROBLEM,
-					"recent: only one of `--set', `--check' "
+					"recent: only one of `--set', `--rcheck' "
 					"`--update' or `--remove' may be set");
 			check_inverse(optarg, &invert, &optind, 0);
 			info->check_set |= IPT_RECENT_UPDATE;
@@ -105,7 +106,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 
 		case 206:
 			if (*flags) exit_error(PARAMETER_PROBLEM,
-					"recent: only one of `--set', `--check' "
+					"recent: only one of `--set', `--rcheck' "
 					"`--update' or `--remove' may be set");
 			check_inverse(optarg, &invert, &optind, 0);
 			info->check_set |= IPT_RECENT_REMOVE;
@@ -126,7 +127,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
 			break;
 
 		case 208:
-			strncpy(info->name,optarg,200);
+			strncpy(info->name,optarg,IPT_RECENT_NAME_LEN);
 			break;
 
 		case 209:
@@ -151,7 +152,7 @@ final_check(unsigned int flags)
 
 	if (!flags)
 		exit_error(PARAMETER_PROBLEM,
-			"recent: you must specify one of `--set', `--check' "
+			"recent: you must specify one of `--set', `--rcheck' "
 			"`--update' or `--remove'");
 }
 
@@ -187,16 +188,16 @@ save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 	if (info->invert) fputc('!', stdout);
 
 	printf("recent: ");
-	if(info->check_set & IPT_RECENT_SET) printf("SET ");
-	if(info->check_set & IPT_RECENT_CHECK) printf("CHECK ");
-	if(info->check_set & IPT_RECENT_UPDATE) printf("UPDATE ");
-	if(info->check_set & IPT_RECENT_REMOVE) printf("REMOVE ");
-	if(info->seconds) printf("seconds: %d ",info->seconds);
-	if(info->hit_count) printf("hit_count: %d ",info->hit_count);
-	if(info->check_set & IPT_RECENT_TTL) printf("TTL-Match ");
-	if(info->name) printf("name: %s ",info->name);
-	if(info->side == IPT_RECENT_SOURCE) printf("side: source ");
-	if(info->side == IPT_RECENT_DEST) printf("side: dest");
+	if(info->check_set & IPT_RECENT_SET) printf("--set ");
+	if(info->check_set & IPT_RECENT_CHECK) printf("--rcheck ");
+	if(info->check_set & IPT_RECENT_UPDATE) printf("--update ");
+	if(info->check_set & IPT_RECENT_REMOVE) printf("--remove ");
+	if(info->seconds) printf("--seconds %d ",info->seconds);
+	if(info->hit_count) printf("--hitcount %d ",info->hit_count);
+	if(info->check_set & IPT_RECENT_TTL) printf("-rttl ");
+	if(info->name) printf("--name %s ",info->name);
+	if(info->side == IPT_RECENT_SOURCE) printf("--rsource ");
+	if(info->side == IPT_RECENT_DEST) printf("--rdest ");
 }
 
 static
-- 
cgit v1.2.3