+/* SPDX-License-Identifier: LGPL-2.1+ */
/***
- This file is part of systemd.
-
Copyright 2015 Lennart Poettering
-
- systemd is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by
- the Free Software Foundation; either version 2.1 of the License, or
- (at your option) any later version.
-
- systemd is distributed in the hope that it will be useful, but
- WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
- Lesser General Public License for more details.
-
- You should have received a copy of the GNU Lesser General Public License
- along with systemd; If not, see <http://www.gnu.org/licenses/>.
***/
-#warning "Temporary work-around for broken glibc vs. linux kernel header definitions"
-#warning "This really should be removed sooner rather than later, when this is fixed upstream"
+/* Temporary work-around for broken glibc vs. linux kernel header definitions
+ * This is already fixed upstream, remove this when distributions have updated.
+ */
#define _NET_IF_H 1
#include <alloca.h>
}
if (source) {
entry->ip.src = source->in;
- in_addr_prefixlen_to_netmask(&entry->ip.smsk, source_prefixlen);
+ in4_addr_prefixlen_to_netmask(&entry->ip.smsk, source_prefixlen);
}
if (out_interface) {
+ size_t l = strlen(out_interface);
+ assert(l < sizeof entry->ip.outiface);
+ assert(l < sizeof entry->ip.outiface_mask);
+
strcpy(entry->ip.outiface, out_interface);
- memset(entry->ip.outiface_mask, 0xFF, strlen(out_interface)+1);
+ memset(entry->ip.outiface_mask, 0xFF, l + 1);
}
if (destination) {
entry->ip.dst = destination->in;
- in_addr_prefixlen_to_netmask(&entry->ip.dmsk, destination_prefixlen);
+ in4_addr_prefixlen_to_netmask(&entry->ip.dmsk, destination_prefixlen);
}
return 0;
if (af != AF_INET)
return -EOPNOTSUPP;
- if (protocol != 0 && protocol != IPPROTO_TCP && protocol != IPPROTO_UDP)
+ if (!IN_SET(protocol, 0, IPPROTO_TCP, IPPROTO_UDP))
return -EOPNOTSUPP;
h = iptc_init("nat");
uint16_t remote_port,
const union in_addr_union *previous_remote) {
-
_cleanup_(iptc_freep) struct xtc_handle *h = NULL;
struct ipt_entry *entry, *mask;
struct ipt_entry_target *t;
if (af != AF_INET)
return -EOPNOTSUPP;
- if (protocol != IPPROTO_TCP && protocol != IPPROTO_UDP)
+ if (!IN_SET(protocol, IPPROTO_TCP, IPPROTO_UDP))
return -EOPNOTSUPP;
if (local_port <= 0)