This patch prevents user to set negative port value of SNAT/DNAT.

author Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>

Wed, 22 Jun 2005 12:22:44 +0000 (12:22 +0000)

committer Harald Welte <laforge@gnumonks.org>

Wed, 22 Jun 2005 12:22:44 +0000 (12:22 +0000)
author Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
Wed, 22 Jun 2005 12:22:44 +0000 (12:22 +0000)
committer Harald Welte <laforge@gnumonks.org>
Wed, 22 Jun 2005 12:22:44 +0000 (12:22 +0000)
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c

index 94d04e8e8860dd13416f9aebe35475f70bbc3037..9e4f525355f84f5745c69abb8863d452c151310b 100644 (file)
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -73,7 +73,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
                 range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
  
                 port = atoi(colon+1);
-               if (port == 0 || port > 65535)
+               if (port <= 0 || port > 65535)
                         exit_error(PARAMETER_PROBLEM,
                                    "Port `%s' not valid\n", colon+1);
  
@@ -91,7 +91,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
                         int maxport;
  
                         maxport = atoi(dash + 1);
-                       if (maxport == 0 || maxport > 65535)
+                       if (maxport <= 0 || maxport > 65535)
                                 exit_error(PARAMETER_PROBLEM,
                                            "Port `%s' not valid\n", dash+1);
                         if (maxport < port)
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c

index 7510f6e7f445f1e8c768f6ce3eaedb321e7c7a85..a893a47d1a5ddf221b0b3367383b9a26c08a8b2d 100644 (file)
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -73,7 +73,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
                 range.flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
  
                 port = atoi(colon+1);
-               if (port == 0 || port > 65535)
+               if (port <= 0 || port > 65535)
                         exit_error(PARAMETER_PROBLEM,
                                    "Port `%s' not valid\n", colon+1);
  
@@ -91,7 +91,7 @@ parse_to(char *arg, int portok, struct ipt_natinfo *info)
                         int maxport;
  
                         maxport = atoi(dash + 1);
-                       if (maxport == 0 || maxport > 65535)
+                       if (maxport <= 0 || maxport > 65535)
                                 exit_error(PARAMETER_PROBLEM,
                                            "Port `%s' not valid\n", dash+1);
                         if (maxport < port)
author	Yasuyuki KOZAKAI <yasuyuki.kozakai@toshiba.co.jp>
	Wed, 22 Jun 2005 12:22:44 +0000 (12:22 +0000)
committer	Harald Welte <laforge@gnumonks.org>
	Wed, 22 Jun 2005 12:22:44 +0000 (12:22 +0000)
extensions/libipt_DNAT.c		patch \| blob \| blame \| history
extensions/libipt_SNAT.c		patch \| blob \| blame \| history