Add support for inversion to multiport revision 1.

author Phil Oester <kernel@linuxace.com>

Wed, 2 Feb 2005 19:20:15 +0000 (19:20 +0000)

committer Martin Josefsson <gandalf@wlug.westbo.se>

Wed, 2 Feb 2005 19:20:15 +0000 (19:20 +0000)
author Phil Oester <kernel@linuxace.com>
Wed, 2 Feb 2005 19:20:15 +0000 (19:20 +0000)
committer Martin Josefsson <gandalf@wlug.westbo.se>
Wed, 2 Feb 2005 19:20:15 +0000 (19:20 +0000)
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c

index 410a3906fa4a53d0684e6abcbf84759d7853e853..7fb6d72fd691fab5dff62104ede88b4ac18345b5 100644 (file)
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -31,13 +31,13 @@ help_v1(void)
  {
         printf(
  "multiport v%s options:\n"
-" --source-ports port[,port:port,port...]\n"
+" --source-ports [!] port[,port:port,port...]\n"
  " --sports ...\n"
  "                              match source port(s)\n"
-" --destination-ports port[,port:port,port...]\n"
+" --destination-ports [!] port[,port:port,port...]\n"
  " --dports ...\n"
  "                              match destination port(s)\n"
-" --ports port[,port:port,port]\n"
+" --ports [!] port[,port:port,port]\n"
  "                              match both source and destination port(s)\n",
  IPTABLES_VERSION);
  }
@@ -255,8 +255,7 @@ parse_v1(int c, char **argv, int invert, unsigned int *flags,
         }
  
         if (invert)
-               exit_error(PARAMETER_PROBLEM,
-                          "multiport does not support invert");
+               multiinfo->invert = 1;
  
         if (*flags)
                 exit_error(PARAMETER_PROBLEM,
@@ -362,6 +361,9 @@ print_v1(const struct ipt_ip *ip,
                 break;
         }
  
+       if (multiinfo->invert)
+               printf("! ");
+
         for (i=0; i < multiinfo->count; i++) {
                 printf("%s", i ? "," : "");
                 print_port(multiinfo->ports[i], ip->proto, numeric);
@@ -422,6 +424,9 @@ static void save_v1(const struct ipt_ip *ip,
                 break;
         }
  
+       if (multiinfo->invert)
+               printf("! ");
+
         for (i=0; i < multiinfo->count; i++) {
                 printf("%s", i ? "," : "");
                 print_port(multiinfo->ports[i], ip->proto, 1);
diff --git a/include/linux/netfilter_ipv4/ipt_multiport.h b/include/linux/netfilter_ipv4/ipt_multiport.h

index 3af85cf4b51fdf7f3cbd18c0d0a3bb33ef6cb248..4b95d131b1ddf7766585fbb43dc827420d4ef2ae 100644 (file)
--- a/include/linux/netfilter_ipv4/ipt_multiport.h
+++ b/include/linux/netfilter_ipv4/ipt_multiport.h
@@ -24,5 +24,6 @@ struct ipt_multiport_v1
         u_int8_t count;                         /* Number of ports */
         u_int16_t ports[IPT_MULTI_PORTS];       /* Ports */
         u_int8_t pflags[IPT_MULTI_PORTS];       /* Port flags */
+       u_int8_t invert;                        /* Invert flag */
  };
  #endif /*_IPT_MULTIPORT_H*/
author	Phil Oester <kernel@linuxace.com>
	Wed, 2 Feb 2005 19:20:15 +0000 (19:20 +0000)
committer	Martin Josefsson <gandalf@wlug.westbo.se>
	Wed, 2 Feb 2005 19:20:15 +0000 (19:20 +0000)
extensions/libipt_multiport.c		patch \| blob \| blame \| history
include/linux/netfilter_ipv4/ipt_multiport.h		patch \| blob \| blame \| history