"--name option is required.\n");
if (flags & XT_PKNOCK_KNOCKPORT) {
- if (flags & XT_PKNOCK_CHECKIP) {
+ if (flags & XT_PKNOCK_CHECKIP)
xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --knockports with --checkip.\n");
- }
if ((flags & XT_PKNOCK_OPENSECRET)
&& !(flags & XT_PKNOCK_CLOSESECRET))
- {
xtables_error(PARAMETER_PROBLEM, PKNOCK
"--opensecret must go with --closesecret.\n");
- }
if ((flags & XT_PKNOCK_CLOSESECRET)
&& !(flags & XT_PKNOCK_OPENSECRET))
- {
xtables_error(PARAMETER_PROBLEM, PKNOCK
"--closesecret must go with --opensecret.\n");
- }
}
if (flags & XT_PKNOCK_CHECKIP) {
- if (flags & XT_PKNOCK_KNOCKPORT) {
+ if (flags & XT_PKNOCK_KNOCKPORT)
xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --checkip with --knockports.\n");
- }
if ((flags & XT_PKNOCK_OPENSECRET)
|| (flags & XT_PKNOCK_CLOSESECRET))
- {
xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --opensecret and"
" --closesecret with --checkip.\n");
- }
- if (flags & XT_PKNOCK_TIME) {
+ if (flags & XT_PKNOCK_TIME)
xtables_error(PARAMETER_PROBLEM, PKNOCK
"cannot specify --time with --checkip.\n");
- }
}
}
crypt_to_hex(hexresult, result, crypto.size);
- if (memcmp(hexresult, payload, hexa_size) != 0) {
+ if (memcmp(hexresult, payload, hexa_size) != 0)
pr_debug("secret match failed\n");
- } else {
+ else
fret = true;
- }
out:
kfree(hexresult);
if (!has_secret(info->open_secret,
info->open_secret_len, htonl(peer->ip),
payload, payload_len))
- {
return false;
- }
+
return true;
}
#endif /* PK_CRYPTO */
if (hdr->proto != IPPROTO_UDP)
return false;
- if (!pass_security(peer, info, hdr->payload, hdr->payload_len)) {
+ if (!pass_security(peer, info, hdr->payload, hdr->payload_len))
return false;
- }
}
#endif
#endif
if (info->option & XT_PKNOCK_KNOCKPORT) {
- if (info->option & XT_PKNOCK_CHECKIP) {
+ if (info->option & XT_PKNOCK_CHECKIP)
RETURN_ERR("Can't specify --knockports with --checkip.\n");
- }
#ifdef PK_CRYPTO
if ((info->option & XT_PKNOCK_OPENSECRET) &&
!(info->option & XT_PKNOCK_CLOSESECRET))
- {
RETURN_ERR("--opensecret must go with --closesecret.\n");
- }
if ((info->option & XT_PKNOCK_CLOSESECRET) &&
!(info->option & XT_PKNOCK_OPENSECRET))
- {
RETURN_ERR("--closesecret must go with --opensecret.\n");
- }
#endif
}
if (info->option & XT_PKNOCK_CHECKIP) {
if (info->option & XT_PKNOCK_KNOCKPORT)
- {
RETURN_ERR("Can't specify --checkip with --knockports.\n");
- }
#ifdef PK_CRYPTO
if ((info->option & XT_PKNOCK_OPENSECRET) ||
(info->option & XT_PKNOCK_CLOSESECRET))
- {
RETURN_ERR("Can't specify --opensecret and --closesecret"
" with --checkip.\n");
- }
#endif
if (info->option & XT_PKNOCK_TIME)
RETURN_ERR("Can't specify --time with --checkip.\n");
if (info->open_secret_len == info->close_secret_len) {
if (memcmp(info->open_secret, info->close_secret,
info->open_secret_len) == 0)
- {
RETURN_ERR("opensecret & closesecret cannot be equal.\n");
- }
}
}
#endif
projects / thirdparty / xtables-addons.git / commitdiff
