--- a/extensions/libxt_multiport.c +++ b/extensions/libxt_multiport.c @@ -14,21 +14,6 @@ #include /* Function which prints out usage message. */ -static void multiport_help(void) -{ - printf( -"multiport match options:\n" -" --source-ports port[,port,port...]\n" -" --sports ...\n" -" match source port(s)\n" -" --destination-ports port[,port,port...]\n" -" --dports ...\n" -" match destination port(s)\n" -" --ports port[,port,port]\n" -" match both source and destination port(s)\n" -" NOTE: this kernel does not support port ranges in multiport.\n"); -} - static void multiport_help_v1(void) { printf( @@ -71,26 +56,6 @@ proto_to_name(u_int8_t proto) } } -static unsigned int -parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto) -{ - char *buffer, *cp, *next; - unsigned int i; - - buffer = strdup(portstring); - if (!buffer) xtables_error(OTHER_PROBLEM, "strdup failed"); - - for (cp=buffer, i=0; cp && idata; - - switch (c) { - case '1': - xtables_check_inverse(optarg, &invert, &optind, 0, argv); - proto = check_proto(pnum, invflags); - multiinfo->count = parse_multi_ports(optarg, - multiinfo->ports, proto); - multiinfo->flags = XT_MULTIPORT_SOURCE; - break; - - case '2': - xtables_check_inverse(optarg, &invert, &optind, 0, argv); - proto = check_proto(pnum, invflags); - multiinfo->count = parse_multi_ports(optarg, - multiinfo->ports, proto); - multiinfo->flags = XT_MULTIPORT_DESTINATION; - break; - - case '3': - xtables_check_inverse(optarg, &invert, &optind, 0, argv); - proto = check_proto(pnum, invflags); - multiinfo->count = parse_multi_ports(optarg, - multiinfo->ports, proto); - multiinfo->flags = XT_MULTIPORT_EITHER; - break; - - default: - return 0; - } - - if (invert) - xtables_error(PARAMETER_PROBLEM, - "multiport does not support invert"); - - if (*flags) - xtables_error(PARAMETER_PROBLEM, - "multiport can only have one option"); - *flags = 1; - return 1; -} - -static int -multiport_parse(int c, char **argv, int invert, unsigned int *flags, - const void *e, struct xt_entry_match **match) -{ - const struct ipt_entry *entry = e; - return __multiport_parse(c, argv, invert, flags, match, - entry->ip.proto, entry->ip.invflags); -} - -static int -multiport_parse6(int c, char **argv, int invert, unsigned int *flags, - const void *e, struct xt_entry_match **match) -{ - const struct ip6t_entry *entry = e; - return __multiport_parse(c, argv, invert, flags, match, - entry->ipv6.proto, entry->ipv6.invflags); -} - -static int __multiport_parse_v1(int c, char **argv, int invert, unsigned int *flags, struct xt_entry_match **match, u_int16_t pnum, u_int8_t invflags) @@ -313,55 +211,6 @@ print_port(u_int16_t port, u_int8_t prot } /* Prints out the matchinfo. */ -static void -__multiport_print(const struct xt_entry_match *match, int numeric, - u_int16_t proto) -{ - const struct xt_multiport *multiinfo - = (const struct xt_multiport *)match->data; - unsigned int i; - - printf("multiport "); - - switch (multiinfo->flags) { - case XT_MULTIPORT_SOURCE: - printf("sports "); - break; - - case XT_MULTIPORT_DESTINATION: - printf("dports "); - break; - - case XT_MULTIPORT_EITHER: - printf("ports "); - break; - - default: - printf("ERROR "); - break; - } - - for (i=0; i < multiinfo->count; i++) { - printf("%s", i ? "," : ""); - print_port(multiinfo->ports[i], proto, numeric); - } - printf(" "); -} - -static void multiport_print(const void *ip_void, - const struct xt_entry_match *match, int numeric) -{ - const struct ipt_ip *ip = ip_void; - __multiport_print(match, numeric, ip->proto); -} - -static void multiport_print6(const void *ip_void, - const struct xt_entry_match *match, int numeric) -{ - const struct ip6t_ip6 *ip = ip_void; - __multiport_print(match, numeric, ip->proto); -} - static void __multiport_print_v1(const struct xt_entry_match *match, int numeric, u_int16_t proto) { @@ -418,48 +267,6 @@ static void multiport_print6_v1(const vo } /* Saves the union ipt_matchinfo in parsable form to stdout. */ -static void __multiport_save(const struct xt_entry_match *match, - u_int16_t proto) -{ - const struct xt_multiport *multiinfo - = (const struct xt_multiport *)match->data; - unsigned int i; - - switch (multiinfo->flags) { - case XT_MULTIPORT_SOURCE: - printf("--sports "); - break; - - case XT_MULTIPORT_DESTINATION: - printf("--dports "); - break; - - case XT_MULTIPORT_EITHER: - printf("--ports "); - break; - } - - for (i=0; i < multiinfo->count; i++) { - printf("%s", i ? "," : ""); - print_port(multiinfo->ports[i], proto, 1); - } - printf(" "); -} - -static void multiport_save(const void *ip_void, - const struct xt_entry_match *match) -{ - const struct ipt_ip *ip = ip_void; - __multiport_save(match, ip->proto); -} - -static void multiport_save6(const void *ip_void, - const struct xt_entry_match *match) -{ - const struct ip6t_ip6 *ip = ip_void; - __multiport_save(match, ip->proto); -} - static void __multiport_save_v1(const struct xt_entry_match *match, u_int16_t proto) { @@ -513,34 +320,6 @@ static struct xtables_match multiport_mt { .family = NFPROTO_IPV4, .name = "multiport", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_multiport)), - .userspacesize = XT_ALIGN(sizeof(struct xt_multiport)), - .help = multiport_help, - .parse = multiport_parse, - .final_check = multiport_check, - .print = multiport_print, - .save = multiport_save, - .extra_opts = multiport_opts, - }, - { - .family = NFPROTO_IPV6, - .name = "multiport", - .revision = 0, - .version = XTABLES_VERSION, - .size = XT_ALIGN(sizeof(struct xt_multiport)), - .userspacesize = XT_ALIGN(sizeof(struct xt_multiport)), - .help = multiport_help, - .parse = multiport_parse6, - .final_check = multiport_check, - .print = multiport_print6, - .save = multiport_save6, - .extra_opts = multiport_opts, - }, - { - .family = NFPROTO_IPV4, - .name = "multiport", .version = XTABLES_VERSION, .revision = 1, .size = XT_ALIGN(sizeof(struct xt_multiport_v1)),