diff options
| author | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-04-13 01:06:29 +0000 |
|---|---|---|
| committer | /C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org </C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org> | 2008-04-13 01:06:29 +0000 |
| commit | 97a217a62a342bc88a48fa79fb62c668816595f6 (patch) | |
| tree | b12434a5b2126f8745a254e793126a0d290ca7db | |
| parent | c3704c0e73d0dda9d9d5919af22831a439fbc611 (diff) | |
fix missing bitset in the autocomplete code
| -rw-r--r-- | include/internal.h | 22 | ||||
| -rw-r--r-- | src/conntrack/objopt.c | 3 |
2 files changed, 25 insertions, 0 deletions
diff --git a/include/internal.h b/include/internal.h index f38b7d3..9c3b64b 100644 --- a/include/internal.h +++ b/include/internal.h @@ -223,4 +223,26 @@ extern struct nfct_proto udp; extern struct nfct_proto sctp; extern struct nfct_proto icmp; +#define TS_ORIG \ +({ \ + ((1 << ATTR_ORIG_IPV4_SRC) | (1 << ATTR_ORIG_IPV4_DST) | \ + (1 << ATTR_ORIG_IPV6_SRC) | (1 << ATTR_ORIG_IPV6_DST) | \ + (1 << ATTR_ORIG_PORT_SRC) | (1 << ATTR_ORIG_PORT_DST) | \ + (1 << ATTR_ORIG_L3PROTO) | (1 << ATTR_ORIG_L4PROTO) | \ + (1 << ATTR_ICMP_TYPE) | (1 << ATTR_ICMP_CODE) | \ + (1 << ATTR_ICMP_ID)); \ +}) + +#define TS_REPL \ +({ \ + ((1 << ATTR_REPL_IPV4_SRC) | (1 << ATTR_REPL_IPV4_DST) | \ + (1 << ATTR_REPL_IPV6_SRC) | (1 << ATTR_REPL_IPV6_DST) | \ + (1 << ATTR_REPL_PORT_SRC) | (1 << ATTR_REPL_PORT_DST) | \ + (1 << ATTR_REPL_L3PROTO) | (1 << ATTR_REPL_L4PROTO) | \ + (1 << ATTR_ICMP_TYPE) | (1 << ATTR_ICMP_CODE) | \ + (1 << ATTR_ICMP_ID)); \ +}) + +#define TUPLE_SET(dir) (dir == __DIR_ORIG ? TS_ORIG : TS_REPL) + #endif diff --git a/src/conntrack/objopt.c b/src/conntrack/objopt.c index 1a058fe..f5692f4 100644 --- a/src/conntrack/objopt.c +++ b/src/conntrack/objopt.c @@ -23,6 +23,9 @@ static void __autocomplete(struct nf_conntrack *ct, int dir) ct->tuple[dir].l4src.all = ct->tuple[other].l4dst.all; ct->tuple[dir].l4dst.all = ct->tuple[other].l4src.all; + + /* XXX: this is safe but better convert bitset to uint64_t */ + ct->set[0] |= TS_ORIG | TS_REPL; } int __setobjopt(struct nf_conntrack *ct, unsigned int option) |