diff options
author | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-12-26 02:29:02 +0000 |
---|---|---|
committer | /C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org </C=DE/ST=Berlin/L=Berlin/O=Netfilter Project/OU=Development/CN=pablo/emailAddress=pablo@netfilter.org> | 2005-12-26 02:29:02 +0000 |
commit | 8aa719eb1afb6c6e0a5bf74cbdab79dc82da6c80 (patch) | |
tree | d297a64f5ff25395981334035d5deae8d13e69cc /extensions/libnetfilter_conntrack_tcp.c | |
parent | 5875e04f38e0e5c09e497dc735e287fc6cc626b3 (diff) |
o add IPv6 support
o clean up layer-4 compare functions
o finish the comparison infrastructure: support for tuple/mark matching
o fix bug in the default event display when used in conjunction with the
comparison infrastructure.
o Bumped version to 0.0.30
Thanks to Yasuyuki Kozakai for:
[LIBNETFILTER_CONNTRACK] fix dumping IPv6 connections
that in included in this commit.
Diffstat (limited to 'extensions/libnetfilter_conntrack_tcp.c')
-rw-r--r-- | extensions/libnetfilter_conntrack_tcp.c | 14 |
1 files changed, 6 insertions, 8 deletions
diff --git a/extensions/libnetfilter_conntrack_tcp.c b/extensions/libnetfilter_conntrack_tcp.c index dc50315..9efdbb7 100644 --- a/extensions/libnetfilter_conntrack_tcp.c +++ b/extensions/libnetfilter_conntrack_tcp.c @@ -98,29 +98,27 @@ static int compare(struct nfct_conntrack *ct1, struct nfct_conntrack *ct2, unsigned int flags) { - int ret = 1; - if (flags & TCP_ORIG_SPORT) if (ct1->tuple[NFCT_DIR_ORIGINAL].l4src.tcp.port != ct2->tuple[NFCT_DIR_ORIGINAL].l4src.tcp.port) - ret = 0; + return 0; if (flags & TCP_ORIG_DPORT) if (ct1->tuple[NFCT_DIR_ORIGINAL].l4dst.tcp.port != ct2->tuple[NFCT_DIR_ORIGINAL].l4dst.tcp.port) - ret = 0; + return 0; if (flags & TCP_REPL_SPORT) if (ct1->tuple[NFCT_DIR_REPLY].l4src.tcp.port != ct2->tuple[NFCT_DIR_REPLY].l4src.tcp.port) - ret = 0; + return 0; if (flags & TCP_REPL_DPORT) if (ct1->tuple[NFCT_DIR_REPLY].l4dst.tcp.port != ct2->tuple[NFCT_DIR_REPLY].l4dst.tcp.port) - ret = 0; + return 0; if (flags & TCP_STATE) if (ct1->protoinfo.tcp.state != ct2->protoinfo.tcp.state) - ret = 0; + return 0; - return ret; + return 1; } static struct nfct_proto tcp = { |