diff options
Diffstat (limited to 'package')
| -rw-r--r-- | package/iptables/patches/04-multiport_v1.patch | 221 |
1 files changed, 221 insertions, 0 deletions
diff --git a/package/iptables/patches/04-multiport_v1.patch b/package/iptables/patches/04-multiport_v1.patch new file mode 100644 index 000000000..90b5144c7 --- /dev/null +++ b/package/iptables/patches/04-multiport_v1.patch @@ -0,0 +1,221 @@ +diff -urN iptables.old/extensions/libipt_multiport.c iptables.dev/extensions/libipt_multiport.c +--- iptables.old/extensions/libipt_multiport.c 2005-02-19 20:19:17.000000000 +0100 ++++ iptables.dev/extensions/libipt_multiport.c 2006-02-04 05:46:12.154127750 +0100 +@@ -8,24 +8,6 @@ + /* To ensure that iptables compiles with an old kernel */ + #include "../include/linux/netfilter_ipv4/ipt_multiport.h" + +-/* Function which prints out usage message. */ +-static void +-help(void) +-{ +- printf( +-"multiport v%s options:\n" +-" --source-ports port[,port,port...]\n" +-" --sports ...\n" +-" match source port(s)\n" +-" --destination-ports port[,port,port...]\n" +-" --dports ...\n" +-" match destination port(s)\n" +-" --ports port[,port,port]\n" +-" match both source and destination port(s)\n" +-" NOTE: this kernel does not support port ranges in multiport.\n", +-IPTABLES_VERSION); +-} +- + static void + help_v1(void) + { +@@ -75,26 +57,6 @@ + "invalid port/service `%s' specified", port); + } + +-static unsigned int +-parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) +-{ +- char *buffer, *cp, *next; +- unsigned int i; +- +- buffer = strdup(portstring); +- if (!buffer) exit_error(OTHER_PROBLEM, "strdup failed"); +- +- for (cp=buffer, i=0; cp && i<IPT_MULTI_PORTS; cp=next,i++) +- { +- next=strchr(cp, ','); +- if (next) *next++='\0'; +- ports[i] = parse_port(cp, proto); +- } +- if (cp) exit_error(PARAMETER_PROBLEM, "too many ports specified"); +- free(buffer); +- return i; +-} +- + static void + parse_multi_ports_v1(const char *portstring, + struct ipt_multiport_v1 *multiinfo, +@@ -160,58 +122,6 @@ + "multiport only works with TCP or UDP"); + } + +-/* Function which parses command options; returns true if it +- ate an option */ +-static int +-parse(int c, char **argv, int invert, unsigned int *flags, +- const struct ipt_entry *entry, +- unsigned int *nfcache, +- struct ipt_entry_match **match) +-{ +- const char *proto; +- struct ipt_multiport *multiinfo +- = (struct ipt_multiport *)(*match)->data; +- +- switch (c) { +- case '1': +- check_inverse(argv[optind-1], &invert, &optind, 0); +- proto = check_proto(entry); +- multiinfo->count = parse_multi_ports(argv[optind-1], +- multiinfo->ports, proto); +- multiinfo->flags = IPT_MULTIPORT_SOURCE; +- break; +- +- case '2': +- check_inverse(argv[optind-1], &invert, &optind, 0); +- proto = check_proto(entry); +- multiinfo->count = parse_multi_ports(argv[optind-1], +- multiinfo->ports, proto); +- multiinfo->flags = IPT_MULTIPORT_DESTINATION; +- break; +- +- case '3': +- check_inverse(argv[optind-1], &invert, &optind, 0); +- proto = check_proto(entry); +- multiinfo->count = parse_multi_ports(argv[optind-1], +- multiinfo->ports, proto); +- multiinfo->flags = IPT_MULTIPORT_EITHER; +- break; +- +- default: +- return 0; +- } +- +- if (invert) +- exit_error(PARAMETER_PROBLEM, +- "multiport does not support invert"); +- +- if (*flags) +- exit_error(PARAMETER_PROBLEM, +- "multiport can only have one option"); +- *flags = 1; +- return 1; +-} +- + static int + parse_v1(int c, char **argv, int invert, unsigned int *flags, + const struct ipt_entry *entry, +@@ -289,43 +199,6 @@ + printf("%s", service); + } + +-/* Prints out the matchinfo. */ +-static void +-print(const struct ipt_ip *ip, +- const struct ipt_entry_match *match, +- int numeric) +-{ +- const struct ipt_multiport *multiinfo +- = (const struct ipt_multiport *)match->data; +- unsigned int i; +- +- printf("multiport "); +- +- switch (multiinfo->flags) { +- case IPT_MULTIPORT_SOURCE: +- printf("sports "); +- break; +- +- case IPT_MULTIPORT_DESTINATION: +- printf("dports "); +- break; +- +- case IPT_MULTIPORT_EITHER: +- printf("ports "); +- break; +- +- default: +- printf("ERROR "); +- break; +- } +- +- for (i=0; i < multiinfo->count; i++) { +- printf("%s", i ? "," : ""); +- print_port(multiinfo->ports[i], ip->proto, numeric); +- } +- printf(" "); +-} +- + static void + print_v1(const struct ipt_ip *ip, + const struct ipt_entry_match *match, +@@ -369,34 +242,6 @@ + printf(" "); + } + +-/* Saves the union ipt_matchinfo in parsable form to stdout. */ +-static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match) +-{ +- const struct ipt_multiport *multiinfo +- = (const struct ipt_multiport *)match->data; +- unsigned int i; +- +- switch (multiinfo->flags) { +- case IPT_MULTIPORT_SOURCE: +- printf("--sports "); +- break; +- +- case IPT_MULTIPORT_DESTINATION: +- printf("--dports "); +- break; +- +- case IPT_MULTIPORT_EITHER: +- printf("--ports "); +- break; +- } +- +- for (i=0; i < multiinfo->count; i++) { +- printf("%s", i ? "," : ""); +- print_port(multiinfo->ports[i], ip->proto, 1); +- } +- printf(" "); +-} +- + static void save_v1(const struct ipt_ip *ip, + const struct ipt_entry_match *match) + { +@@ -432,19 +277,20 @@ + printf(" "); + } + ++ + static struct iptables_match multiport = { + .next = NULL, + .name = "multiport", +- .revision = 0, + .version = IPTABLES_VERSION, +- .size = IPT_ALIGN(sizeof(struct ipt_multiport)), +- .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport)), +- .help = &help, ++ .revision = 0, ++ .size = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), ++ .userspacesize = IPT_ALIGN(sizeof(struct ipt_multiport_v1)), ++ .help = &help_v1, + .init = &init, +- .parse = &parse, ++ .parse = &parse_v1, + .final_check = &final_check, +- .print = &print, +- .save = &save, ++ .print = &print_v1, ++ .save = &save_v1, + .extra_opts = opts + }; + |