From: Jan Engelhardt <jengelh@medozas.de>
To: kaber@trash.net
Cc: netfilter-devel@vger.kernel.org
Subject: [PATCH 08/12] libipt_[SD]NAT: avoid false error about multiple destinations specified
Date: Fri, 13 May 2011 02:47:32 +0200 [thread overview]
Message-ID: <1305247657-29158-9-git-send-email-jengelh@medozas.de> (raw)
In-Reply-To: <1305247657-29158-1-git-send-email-jengelh@medozas.de>
iptables-restore v1.4.10: DNAT: Multiple --to-destination not supported
xtables_option_parse sets cb->xflags already, so that it cannot be
directly used to test whether an option is being used for the second
time. Thus use a private option/flag (X_TO_DEST/SRC) that is not under
the control of xtables_option_parse.
Signed-off-by: Jan Engelhardt <jengelh@medozas.de>
---
extensions/libipt_DNAT.c | 9 ++++++---
extensions/libipt_SNAT.c | 9 ++++++---
2 files changed, 12 insertions(+), 6 deletions(-)
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c
index 8c4c9c2..3b55c69 100644
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -12,8 +12,10 @@ enum {
O_TO_DEST = 0,
O_RANDOM,
O_PERSISTENT,
- F_TO_DEST = 1 << O_TO_DEST,
- F_RANDOM = 1 << O_RANDOM,
+ O_X_TO_DEST, /* hidden flag */
+ F_TO_DEST = 1 << O_TO_DEST,
+ F_RANDOM = 1 << O_RANDOM,
+ F_X_TO_DEST = 1 << O_X_TO_DEST,
};
/* Dest NAT data consists of a multi-range, indicating where to map
@@ -164,7 +166,7 @@ static void DNAT_parse(struct xt_option_call *cb)
xtables_option_parse(cb);
switch (cb->entry->id) {
case O_TO_DEST:
- if (cb->xflags & F_TO_DEST) {
+ if (cb->xflags & F_X_TO_DEST) {
if (!kernel_version)
get_kernel_version();
if (kernel_version > LINUX_VERSION(2, 6, 10))
@@ -175,6 +177,7 @@ static void DNAT_parse(struct xt_option_call *cb)
/* WTF do we need this for?? */
if (cb->xflags & F_RANDOM)
info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+ cb->xflags |= F_X_TO_DEST;
break;
case O_RANDOM:
if (cb->xflags & F_TO_DEST)
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c
index 3691041..8023306 100644
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -12,8 +12,10 @@ enum {
O_TO_SRC = 0,
O_RANDOM,
O_PERSISTENT,
- F_TO_SRC = 1 << O_TO_SRC,
- F_RANDOM = 1 << O_RANDOM,
+ O_X_TO_SRC,
+ F_TO_SRC = 1 << O_TO_SRC,
+ F_RANDOM = 1 << O_RANDOM,
+ F_X_TO_SRC = 1 << O_X_TO_SRC,
};
/* Source NAT data consists of a multi-range, indicating where to map
@@ -164,7 +166,7 @@ static void SNAT_parse(struct xt_option_call *cb)
xtables_option_parse(cb);
switch (cb->entry->id) {
case O_TO_SRC:
- if (cb->xflags & F_TO_SRC) {
+ if (cb->xflags & F_X_TO_SRC) {
if (!kernel_version)
get_kernel_version();
if (kernel_version > LINUX_VERSION(2, 6, 10))
@@ -175,6 +177,7 @@ static void SNAT_parse(struct xt_option_call *cb)
/* WTF do we need this for?? */
if (cb->xflags & F_RANDOM)
info->mr.range[0].flags |= IP_NAT_RANGE_PROTO_RANDOM;
+ cb->xflags |= F_X_TO_SRC;
break;
case O_RANDOM:
if (cb->xflags & F_TO_SRC)
--
1.7.1
next prev parent reply other threads:[~2011-05-13 0:49 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-05-13 0:47 Guided option parser run 8 Jan Engelhardt
2011-05-13 0:47 ` [PATCH 01/12] src: replace old IP*T_ALIGN macros Jan Engelhardt
2011-05-13 0:47 ` [PATCH 02/12] src: combine default_command functions Jan Engelhardt
2011-05-13 0:47 ` [PATCH 03/12] libxt_policy: option table fixes, improved error tracking Jan Engelhardt
2011-05-13 0:47 ` [PATCH 04/12] libxtables: avoid running into .also checks when option not used Jan Engelhardt
2011-05-13 0:47 ` [PATCH 05/12] libxt_policy: use XTTYPE_PROTOCOL type Jan Engelhardt
2011-05-13 0:47 ` [PATCH 06/12] libxtables: collapse double protocol parsing Jan Engelhardt
2011-05-13 0:47 ` [PATCH 07/12] libipt_[SD]NAT: flag up module name on error Jan Engelhardt
2011-05-13 0:47 ` Jan Engelhardt [this message]
2011-05-13 0:47 ` [PATCH 09/12] libxt_conntrack: correct printed module name Jan Engelhardt
2011-05-13 0:47 ` [PATCH 10/12] libxt_conntrack: fix assignment to wrong member Jan Engelhardt
2011-05-13 0:47 ` [PATCH 11/12] libxt_conntrack: resolve erroneous rev-2 port range message Jan Engelhardt
2011-05-13 0:47 ` [PATCH 12/12] libip6t_rt: rt-0-not-strict should take no arg Jan Engelhardt
2011-05-23 13:23 ` Guided option parser run 8 Patrick McHardy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1305247657-29158-9-git-send-email-jengelh@medozas.de \
--to=jengelh@medozas.de \
--cc=kaber@trash.net \
--cc=netfilter-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).