From 97a217a62a342bc88a48fa79fb62c668816595f6 Mon Sep 17 00:00:00 2001 From: "/C=EU/ST=EU/CN=Pablo Neira Ayuso/emailAddress=pablo@netfilter.org" Date: Sun, 13 Apr 2008 01:06:29 +0000 Subject: fix missing bitset in the autocomplete code --- include/internal.h | 22 ++++++++++++++++++++++ src/conntrack/objopt.c | 3 +++ 2 files changed, 25 insertions(+) diff --git a/include/internal.h b/include/internal.h index f38b7d3..9c3b64b 100644 --- a/include/internal.h +++ b/include/internal.h @@ -223,4 +223,26 @@ extern struct nfct_proto udp; extern struct nfct_proto sctp; extern struct nfct_proto icmp; +#define TS_ORIG \ +({ \ + ((1 << ATTR_ORIG_IPV4_SRC) | (1 << ATTR_ORIG_IPV4_DST) | \ + (1 << ATTR_ORIG_IPV6_SRC) | (1 << ATTR_ORIG_IPV6_DST) | \ + (1 << ATTR_ORIG_PORT_SRC) | (1 << ATTR_ORIG_PORT_DST) | \ + (1 << ATTR_ORIG_L3PROTO) | (1 << ATTR_ORIG_L4PROTO) | \ + (1 << ATTR_ICMP_TYPE) | (1 << ATTR_ICMP_CODE) | \ + (1 << ATTR_ICMP_ID)); \ +}) + +#define TS_REPL \ +({ \ + ((1 << ATTR_REPL_IPV4_SRC) | (1 << ATTR_REPL_IPV4_DST) | \ + (1 << ATTR_REPL_IPV6_SRC) | (1 << ATTR_REPL_IPV6_DST) | \ + (1 << ATTR_REPL_PORT_SRC) | (1 << ATTR_REPL_PORT_DST) | \ + (1 << ATTR_REPL_L3PROTO) | (1 << ATTR_REPL_L4PROTO) | \ + (1 << ATTR_ICMP_TYPE) | (1 << ATTR_ICMP_CODE) | \ + (1 << ATTR_ICMP_ID)); \ +}) + +#define TUPLE_SET(dir) (dir == __DIR_ORIG ? TS_ORIG : TS_REPL) + #endif diff --git a/src/conntrack/objopt.c b/src/conntrack/objopt.c index 1a058fe..f5692f4 100644 --- a/src/conntrack/objopt.c +++ b/src/conntrack/objopt.c @@ -23,6 +23,9 @@ static void __autocomplete(struct nf_conntrack *ct, int dir) ct->tuple[dir].l4src.all = ct->tuple[other].l4dst.all; ct->tuple[dir].l4dst.all = ct->tuple[other].l4src.all; + + /* XXX: this is safe but better convert bitset to uint64_t */ + ct->set[0] |= TS_ORIG | TS_REPL; } int __setobjopt(struct nf_conntrack *ct, unsigned int option) -- cgit v1.2.3