[PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command
@ 2022-07-08 11:18 Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul() Pablo Neira Ayuso
  0 siblings, 2 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 11:18 UTC (permalink / raw)
  To: netfilter-devel; +Cc: mikhail.sennikovskii

Extend manpage to document the new -A/--add command.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 conntrack.8 | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/conntrack.8 b/conntrack.8
index 0db427b7b9ea..6fbb41fe81fc 100644
--- a/conntrack.8
+++ b/conntrack.8
@@ -14,6 +14,8 @@ conntrack \- command line interface for netfilter connection tracking
 .br
 .BR "conntrack -I [table] parameters"
 .br
+.BR "conntrack -A [table] parameters"
+.br
 .BR "conntrack -U [table] parameters"
 .br
 .BR "conntrack -E [table] [options]"
@@ -88,7 +90,10 @@ Search for and show a particular (matching) entry in the given table.
 Delete an entry from the given table.
 .TP
 .BI "-I, --create "
-Create a new entry from the given table.
+Create a new entry from the given table, it fails if it already exists.
+.TP
+.BI "-A, --add "
+Add a new entry from the given table.
 .TP
 .BI "-U, --update "
 Update an entry from the given table.
@@ -186,8 +191,8 @@ Use multiple \-l options to specify multiple labels that need to be set.
 .TP
 .BI "--label-add " "LABEL"
 Specify the conntrack label to add to the selected conntracks.
-This option is only available in conjunction with "\-I, \-\-create" or
-"\-U, \-\-update".
+This option is only available in conjunction with "\-I, \-\-create",
+"\-A, \-\-add" or "\-U, \-\-update".
 .TP
 .BI "--label-del " "[LABEL]"
 Specify the conntrack label to delete from the selected conntracks.
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW
  2022-07-08 11:18 [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command Pablo Neira Ayuso
@ 2022-07-08 11:18 ` Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul() Pablo Neira Ayuso
  1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 11:18 UTC (permalink / raw)
  To: netfilter-devel; +Cc: mikhail.sennikovskii

IPPROTO_MPTCP defeats the purpose of IPPROTO_MAX to check for the
maximum layer 4 protocol supported in the IP header.

Use IPPROTO_RAW (255) instead.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index 33f60239580f..4afccde4b027 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -840,7 +840,7 @@ static int parse_proto_num(const char *str)
 	long val;
 
 	val = strtol(str, &endptr, 0);
-	if (val >= IPPROTO_MAX ||
+	if (val > IPPROTO_RAW ||
 	    val < 0 ||
 	    endptr == str ||
 	    *endptr != '\0')
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul()
  2022-07-08 11:18 [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW Pablo Neira Ayuso
@ 2022-07-08 11:18 ` Pablo Neira Ayuso
  1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 11:18 UTC (permalink / raw)
  To: netfilter-devel; +Cc: mikhail.sennikovskii

Use strtoul() instead and remove check for negative value.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index 4afccde4b027..859a4835580b 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -836,12 +836,11 @@ extern struct ctproto_handler ct_proto_unknown;
 
 static int parse_proto_num(const char *str)
 {
+	unsigned long val;
 	char *endptr;
-	long val;
 
-	val = strtol(str, &endptr, 0);
+	val = strtoul(str, &endptr, 0);
 	if (val > IPPROTO_RAW ||
-	    val < 0 ||
 	    endptr == str ||
 	    *endptr != '\0')
 		return -1;
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2022-07-08 11:18 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2022-07-08 11:18 [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command Pablo Neira Ayuso
2022-07-08 11:18 ` [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW Pablo Neira Ayuso
2022-07-08 11:18 ` [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul() Pablo Neira Ayuso

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).