* [PATCH] Cleanup ttl match option parsing
@ 2004-08-22 17:38 Phil Oester
2004-08-23 18:54 ` Patrick McHardy
0 siblings, 1 reply; 4+ messages in thread
From: Phil Oester @ 2004-08-22 17:38 UTC (permalink / raw)
To: netfilter-devel
The below patch allows the ttl match to be used with other matches
without assuming it 'owns' all options. For example, this command
currently causes the '...TTL option twice error':
iptables -A foo -d 1.2.3.4 -m ttl --ttl-eq 1 -m state --state NEW -j ACCEPT
But works with the below patch.
This fixes bugzilla #183
Phil
diff -ru ipt-orig/extensions/libipt_ttl.c ipt-new/extensions/libipt_ttl.c
--- ipt-orig/extensions/libipt_ttl.c 2002-05-29 09:08:16.000000000 -0400
+++ ipt-new/extensions/libipt_ttl.c 2004-08-22 13:07:01.161108504 -0400
@@ -40,10 +40,6 @@
check_inverse(optarg, &invert, &optind, 0);
value = atoi(argv[optind-1]);
- if (*flags)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify TTL option twice");
-
if (!optarg)
exit_error(PARAMETER_PROBLEM,
"ttl: You must specify a value");
@@ -56,8 +52,6 @@
/* is 0 allowed? */
info->ttl = value;
- *flags = 1;
-
break;
case '3':
if (invert)
@@ -66,8 +60,6 @@
info->mode = IPT_TTL_LT;
info->ttl = value;
- *flags = 1;
-
break;
case '4':
if (invert)
@@ -76,14 +68,17 @@
info->mode = IPT_TTL_GT;
info->ttl = value;
- *flags = 1;
-
break;
default:
return 0;
}
+ if (*flags)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify TTL option twice");
+ *flags = 1;
+
return 1;
}
^ permalink raw reply [flat|nested] 4+ messages in thread* Re: [PATCH] Cleanup ttl match option parsing
2004-08-22 17:38 [PATCH] Cleanup ttl match option parsing Phil Oester
@ 2004-08-23 18:54 ` Patrick McHardy
2004-08-23 19:57 ` Phil Oester
0 siblings, 1 reply; 4+ messages in thread
From: Patrick McHardy @ 2004-08-23 18:54 UTC (permalink / raw)
To: Phil Oester; +Cc: netfilter-devel
Phil Oester wrote:
>The below patch allows the ttl match to be used with other matches
>without assuming it 'owns' all options. For example, this command
>currently causes the '...TTL option twice error':
>
>iptables -A foo -d 1.2.3.4 -m ttl --ttl-eq 1 -m state --state NEW -j ACCEPT
>
>But works with the below patch.
>
>This fixes bugzilla #183
>
>
I get rejects with this patch, please send it again as attachment.
Regards
Patrick
>Phil
>
>
>
>diff -ru ipt-orig/extensions/libipt_ttl.c ipt-new/extensions/libipt_ttl.c
>--- ipt-orig/extensions/libipt_ttl.c 2002-05-29 09:08:16.000000000 -0400
>+++ ipt-new/extensions/libipt_ttl.c 2004-08-22 13:07:01.161108504 -0400
>@@ -40,10 +40,6 @@
> check_inverse(optarg, &invert, &optind, 0);
> value = atoi(argv[optind-1]);
>
>- if (*flags)
>- exit_error(PARAMETER_PROBLEM,
>- "Can't specify TTL option twice");
>-
> if (!optarg)
> exit_error(PARAMETER_PROBLEM,
> "ttl: You must specify a value");
>@@ -56,8 +52,6 @@
>
> /* is 0 allowed? */
> info->ttl = value;
>- *flags = 1;
>-
> break;
> case '3':
> if (invert)
>@@ -66,8 +60,6 @@
>
> info->mode = IPT_TTL_LT;
> info->ttl = value;
>- *flags = 1;
>-
> break;
> case '4':
> if (invert)
>@@ -76,14 +68,17 @@
>
> info->mode = IPT_TTL_GT;
> info->ttl = value;
>- *flags = 1;
>-
> break;
> default:
> return 0;
>
> }
>
>+ if (*flags)
>+ exit_error(PARAMETER_PROBLEM,
>+ "Can't specify TTL option twice");
>+ *flags = 1;
>+
> return 1;
> }
>
>
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] Cleanup ttl match option parsing
2004-08-23 18:54 ` Patrick McHardy
@ 2004-08-23 19:57 ` Phil Oester
2004-08-23 20:45 ` Patrick McHardy
0 siblings, 1 reply; 4+ messages in thread
From: Phil Oester @ 2004-08-23 19:57 UTC (permalink / raw)
To: Patrick McHardy; +Cc: netfilter-devel
[-- Attachment #1: Type: text/plain, Size: 553 bytes --]
On Mon, Aug 23, 2004 at 08:54:39PM +0200, Patrick McHardy wrote:
> Phil Oester wrote:
>
> >The below patch allows the ttl match to be used with other matches
> >without assuming it 'owns' all options. For example, this command
> >currently causes the '...TTL option twice error':
> >
> >iptables -A foo -d 1.2.3.4 -m ttl --ttl-eq 1 -m state --state NEW -j ACCEPT
> >
> >But works with the below patch.
> >
> >This fixes bugzilla #183
> >
> >
> I get rejects with this patch, please send it again as attachment.
Indeed -- appologies.
Attached
Phil
[-- Attachment #2: patch-ttl --]
[-- Type: text/plain, Size: 1011 bytes --]
diff -ru ipt-orig/extensions/libipt_ttl.c ipt-new/extensions/libipt_ttl.c
--- ipt-orig/extensions/libipt_ttl.c 2002-05-29 09:08:16.000000000 -0400
+++ ipt-new/extensions/libipt_ttl.c 2004-08-23 15:55:07.886209960 -0400
@@ -40,10 +40,6 @@
check_inverse(optarg, &invert, &optind, 0);
value = atoi(argv[optind-1]);
- if (*flags)
- exit_error(PARAMETER_PROBLEM,
- "Can't specify TTL option twice");
-
if (!optarg)
exit_error(PARAMETER_PROBLEM,
"ttl: You must specify a value");
@@ -56,8 +52,6 @@
/* is 0 allowed? */
info->ttl = value;
- *flags = 1;
-
break;
case '3':
if (invert)
@@ -66,8 +60,6 @@
info->mode = IPT_TTL_LT;
info->ttl = value;
- *flags = 1;
-
break;
case '4':
if (invert)
@@ -76,14 +68,17 @@
info->mode = IPT_TTL_GT;
info->ttl = value;
- *flags = 1;
-
break;
default:
return 0;
}
+ if (*flags)
+ exit_error(PARAMETER_PROBLEM,
+ "Can't specify TTL option twice");
+ *flags = 1;
+
return 1;
}
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] Cleanup ttl match option parsing
2004-08-23 19:57 ` Phil Oester
@ 2004-08-23 20:45 ` Patrick McHardy
0 siblings, 0 replies; 4+ messages in thread
From: Patrick McHardy @ 2004-08-23 20:45 UTC (permalink / raw)
To: Phil Oester; +Cc: netfilter-devel
Phil Oester wrote:
>Attached
>
>
Applied, thanks.
>Phil
>
>
>------------------------------------------------------------------------
>
>diff -ru ipt-orig/extensions/libipt_ttl.c ipt-new/extensions/libipt_ttl.c
>--- ipt-orig/extensions/libipt_ttl.c 2002-05-29 09:08:16.000000000 -0400
>+++ ipt-new/extensions/libipt_ttl.c 2004-08-23 15:55:07.886209960 -0400
>@@ -40,10 +40,6 @@
> check_inverse(optarg, &invert, &optind, 0);
> value = atoi(argv[optind-1]);
>
>- if (*flags)
>- exit_error(PARAMETER_PROBLEM,
>- "Can't specify TTL option twice");
>-
> if (!optarg)
> exit_error(PARAMETER_PROBLEM,
> "ttl: You must specify a value");
>@@ -56,8 +52,6 @@
>
> /* is 0 allowed? */
> info->ttl = value;
>- *flags = 1;
>-
> break;
> case '3':
> if (invert)
>@@ -66,8 +60,6 @@
>
> info->mode = IPT_TTL_LT;
> info->ttl = value;
>- *flags = 1;
>-
> break;
> case '4':
> if (invert)
>@@ -76,14 +68,17 @@
>
> info->mode = IPT_TTL_GT;
> info->ttl = value;
>- *flags = 1;
>-
> break;
> default:
> return 0;
>
> }
>
>+ if (*flags)
>+ exit_error(PARAMETER_PROBLEM,
>+ "Can't specify TTL option twice");
>+ *flags = 1;
>+
> return 1;
> }
>
>
>
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2004-08-23 20:45 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-22 17:38 [PATCH] Cleanup ttl match option parsing Phil Oester
2004-08-23 18:54 ` Patrick McHardy
2004-08-23 19:57 ` Phil Oester
2004-08-23 20:45 ` Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.