Fix iptables-save (save everything numerically)

author Thomas Woerner <twoerner@redhat.com>

Mon, 14 Jul 2003 20:01:29 +0000 (20:01 +0000)

committer Harald Welte <laforge@gnumonks.org>

Mon, 14 Jul 2003 20:01:29 +0000 (20:01 +0000)
author Thomas Woerner <twoerner@redhat.com>
Mon, 14 Jul 2003 20:01:29 +0000 (20:01 +0000)
committer Harald Welte <laforge@gnumonks.org>
Mon, 14 Jul 2003 20:01:29 +0000 (20:01 +0000)
diff --git a/extensions/libip6t_LOG.c b/extensions/libip6t_LOG.c

index 843ff7e88d46eba608c6222edf9c450ffd7790d6..4a87946f513a1c26ea3ba877f7f074d5720a6d14 100644 (file)
--- a/extensions/libip6t_LOG.c
+++ b/extensions/libip6t_LOG.c
@@ -230,16 +230,8 @@ save(const struct ip6t_ip6 *ip, const struct ip6t_entry_target *target)
         if (strcmp(loginfo->prefix, "") != 0)
                 printf("--log-prefix \"%s\" ", loginfo->prefix);
  
-       if (loginfo->level != LOG_DEFAULT_LEVEL) {
-               for (i = 0;
-                    i < sizeof(ip6t_log_names) / sizeof(struct ip6t_log_names);
-                    i++) {
-                       if (loginfo->level == ip6t_log_names[i].level) {
-                               printf("--log-level %s ", ip6t_log_names[i].name);
-                               break;
-                       }
-        }
-    }
+       if (loginfo->level != LOG_DEFAULT_LEVEL)
+               printf("--log-level %d ", loginfo->level);
  
         if (loginfo->logflags & IP6T_LOG_TCPSEQ)
                 printf("--log-tcp-sequence ");
diff --git a/extensions/libip6t_multiport.c b/extensions/libip6t_multiport.c

index 4847a9df9f05a637cb58ac46f7342ad704ca794d..dc5bbf48b707c4f0b1df271640b46d309bbea4be 100644 (file)
--- a/extensions/libip6t_multiport.c
+++ b/extensions/libip6t_multiport.c
@@ -237,7 +237,7 @@ static void save(const struct ip6t_ip6 *ip, const struct ip6t_entry_match *match
  
         for (i=0; i < multiinfo->count; i++) {
                 printf("%s", i ? "," : "");
-               print_port(multiinfo->ports[i], ip->proto, 0);
+               print_port(multiinfo->ports[i], ip->proto, 1);
         }
         printf(" ");
  }
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c

index 290ccf013cd4621faacf4dcf2bae3e640e60a158..27995dcf7f22e7cf6af6198f22f81da5af333ec2 100644 (file)
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -230,16 +230,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_target *target)
         if (strcmp(loginfo->prefix, "") != 0)
                 printf("--log-prefix \"%s\" ", loginfo->prefix);
  
-       if (loginfo->level != LOG_DEFAULT_LEVEL) {
-               for (i = 0;
-                    i < sizeof(ipt_log_names) / sizeof(struct ipt_log_names);
-                    i++) {
-                       if (loginfo->level == ipt_log_names[i].level) {
-                               printf("--log-level %s ", ipt_log_names[i].name);
-                               break;
-                       }
-        }
-    }
+       if (loginfo->level != LOG_DEFAULT_LEVEL)
+               printf("--log-level %d ", loginfo->level);
  
         if (loginfo->logflags & IPT_LOG_TCPSEQ)
                 printf("--log-tcp-sequence ");
diff --git a/extensions/libipt_mport.c b/extensions/libipt_mport.c

index df115832099df52b6b5d7ddde3fd8d43401d886d..2ae61ff42c18afa4e232cf78a0ba76f85664f195 100644 (file)
--- a/extensions/libipt_mport.c
+++ b/extensions/libipt_mport.c
@@ -276,10 +276,10 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
                      && minfo->ports[i-1] == minfo->ports[i])
                          break;
                 printf("%s", i ? "," : "");
-               print_port(minfo->ports[i], ip->proto, 0);
+               print_port(minfo->ports[i], ip->proto, 1);
                  if (pflags & (1<<i)) {
                          printf(":");
-                        print_port(minfo->ports[++i], ip->proto, 0);
+                        print_port(minfo->ports[++i], ip->proto, 1);
                  }
         }
         printf(" ");
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c

index b12f2e9adec2c1b1214f9ee2d493a590b6bf84eb..c9a98b3bcb3a7c5cdd1f2fb7340eee38e938d7cb 100644 (file)
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -237,7 +237,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
  
         for (i=0; i < multiinfo->count; i++) {
                 printf("%s", i ? "," : "");
-               print_port(multiinfo->ports[i], ip->proto, 0);
+               print_port(multiinfo->ports[i], ip->proto, 1);
         }
         printf(" ");
  }
diff --git a/extensions/libipt_psd.c b/extensions/libipt_psd.c

index 201e909ffd9dda8be096b6b4e8084ff7fbe5a895..8a6198e0d8217560156a96d1211d7bf6d46f3df5 100644 (file)
--- a/extensions/libipt_psd.c
+++ b/extensions/libipt_psd.c
@@ -11,6 +11,7 @@
    2000-08-18 Dennis Koslowski <koslowski@astaro.de> : first release
    2000-12-01 Dennis Koslowski <koslowski@astaro.de> : UDP scans detection added
    2001-02-04 Jan Rekorajski <baggins@pld.org.pl> : converted from target to match
+  2003-03-02 Harald Welte <laforge@netfilter.org>: fix 'storage' bug
  */
  
  #include <stdio.h>
@@ -82,11 +83,11 @@ parse(int c, char **argv, int invert, unsigned int *flags,
  {
         struct ipt_psd_info *psdinfo = (struct ipt_psd_info *)(*match)->data;
         unsigned int num;
-       char storage[strlen(optarg) + 2];
+       
+       if (!optarg)
+               exit_error(PARAMETER_PROBLEM, "missing optarg");
  
         /* string_to_number needs a leading space */
-       storage[0] = ' ';
-       strcpy(&storage[1], optarg);
  
         switch (c) {
         /* PSD-weight-threshold */
@@ -95,7 +96,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
                         exit_error(PARAMETER_PROBLEM,
                                    "Can't specify --psd-weight-threshold "
                                    "twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                          exit_error(PARAMETER_PROBLEM,
                                     "bad --psd-weight-threshold `%s'", optarg);
                 psdinfo->weight_threshold = num;
@@ -107,7 +108,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_PSD_OPT_DTRESH)
                         exit_error(PARAMETER_PROBLEM,
                                    "Can't specify --psd-delay-threshold twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                          exit_error(PARAMETER_PROBLEM,
                                     "bad --psd-delay-threshold `%s'", optarg);
                 psdinfo->delay_threshold = num;
@@ -119,7 +120,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_PSD_OPT_LPWEIGHT)
                         exit_error(PARAMETER_PROBLEM,
                                    "Can't specify --psd-lo-ports-weight twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                          exit_error(PARAMETER_PROBLEM,
                                     "bad --psd-lo-ports-weight `%s'", optarg);
                 psdinfo->lo_ports_weight = num;
@@ -131,7 +132,7 @@ parse(int c, char **argv, int invert, unsigned int *flags,
                 if (*flags & IPT_PSD_OPT_HPWEIGHT)
                         exit_error(PARAMETER_PROBLEM,
                                    "Can't specify --psd-hi-ports-weight twice");
-                if (string_to_number(storage, 0, 10000, &num) == -1)
+                if (string_to_number(optarg, 0, 10000, &num) == -1)
                          exit_error(PARAMETER_PROBLEM,
                                     "bad --psd-hi-ports-weight `%s'", optarg);
                 psdinfo->hi_ports_weight = num;
@@ -160,10 +161,10 @@ print(const struct ipt_ip *ip,
                 = (const struct ipt_psd_info *)match->data;
  
         printf("psd ");
-       printf("weight-threshold: %u ",psdinfo->weight_threshold);
-       printf("delay-threshold: %u ",psdinfo->delay_threshold);
-       printf("lo-ports-weight: %u ",psdinfo->lo_ports_weight);
-       printf("hi-ports-weight: %u ",psdinfo->hi_ports_weight);
+       printf("weight-threshold: %u ", psdinfo->weight_threshold);
+       printf("delay-threshold: %u ", psdinfo->delay_threshold);
+       printf("lo-ports-weight: %u ", psdinfo->lo_ports_weight);
+       printf("hi-ports-weight: %u ", psdinfo->hi_ports_weight);
  }
  
  /* Saves the union ipt_targinfo in parsable form to stdout. */
@@ -175,8 +176,8 @@ save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
  
         printf("--psd-weight-threshold %u ", psdinfo->weight_threshold);
         printf("--psd-delay-threshold %u ", psdinfo->delay_threshold);
-       printf("--psd-lo-ports-weight %u ",psdinfo->lo_ports_weight);
-       printf("--psd-hi-ports-weight %u ",psdinfo->hi_ports_weight);
+       printf("--psd-lo-ports-weight %u ", psdinfo->lo_ports_weight);
+       printf("--psd-hi-ports-weight %u ", psdinfo->hi_ports_weight);
  }
  
  static
author	Thomas Woerner <twoerner@redhat.com>
	Mon, 14 Jul 2003 20:01:29 +0000 (20:01 +0000)
committer	Harald Welte <laforge@gnumonks.org>
	Mon, 14 Jul 2003 20:01:29 +0000 (20:01 +0000)
extensions/libip6t_LOG.c		patch \| blob \| blame \| history
extensions/libip6t_multiport.c		patch \| blob \| blame \| history
extensions/libipt_LOG.c		patch \| blob \| blame \| history
extensions/libipt_mport.c		patch \| blob \| blame \| history
extensions/libipt_multiport.c		patch \| blob \| blame \| history
extensions/libipt_psd.c		patch \| blob \| blame \| history