Revert "proto_to_name duplication" patch, as noticed by Yasuyuki it can cause

invalid arguments to get accepted.

diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c
index 28fd8503f5fa52eaf5ec4e391d537c6e89d267ae..2a10abd4f3a2f35048600fb856012b3d8e7d4bc2 100644 (file)
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -51,6 +51,23 @@ static struct option opts[] = {
        {0}
 };
 
+static char *
+proto_to_name(u_int8_t proto)
+{
+       switch (proto) {
+       case IPPROTO_TCP:
+               return "tcp";
+       case IPPROTO_UDP:
+               return "udp";
+       case IPPROTO_SCTP:
+               return "sctp";
+       case IPPROTO_DCCP:
+               return "dccp";
+       default:
+               return NULL;
+       }
+}
+
 static unsigned int
 parse_multi_ports(const char *portstring, u_int16_t *ports, const char *proto)
 {
@@ -126,7 +143,7 @@ check_proto(const struct ipt_entry *entry)
                exit_error(PARAMETER_PROBLEM,
                           "multiport only works with TCP or UDP");
 
-       if ((proto = proto_to_name(entry->ip.proto, 1)) != NULL)
+       if ((proto = proto_to_name(entry->ip.proto)) != NULL)
                return proto;
        else if (!entry->ip.proto)
                exit_error(PARAMETER_PROBLEM,
@@ -247,7 +264,7 @@ port_to_service(int port, u_int8_t proto)
 {
        struct servent *service;
 
-       if ((service = getservbyport(htons(port), proto_to_name(proto, 1))))
+       if ((service = getservbyport(htons(port), proto_to_name(proto))))
                return service->s_name;
 
        return NULL;

diff --git a/include/iptables.h b/include/iptables.h
index d616c8c4e8c529cb1a63ae3cb5d3d84890691566..ba27cac607831eeb1b53e440910768de83575666 100644 (file)
--- a/include/iptables.h
+++ b/include/iptables.h
@@ -151,7 +151,6 @@ extern int line;
 extern void register_match(struct iptables_match *me);
 extern void register_target(struct iptables_target *me);
 
-extern char *proto_to_name(u_int8_t proto, int nolookup);
 extern int service_to_port(const char *name, const char *proto);
 extern u_int16_t parse_port(const char *port, const char *proto);
 extern struct in_addr *dotted_to_addr(const char *dotted);

diff --git a/iptables.c b/iptables.c
index 74925af072506a65cc34ce7088ccfd2d6c5c9ae0..28917cf1b669161d7001f1e0e75057b105838cbd 100644 (file)
--- a/iptables.c
+++ b/iptables.c
@@ -229,10 +229,9 @@ static const struct pprot chain_protos[] = {
        { "esp", IPPROTO_ESP },
        { "ah", IPPROTO_AH },
        { "sctp", IPPROTO_SCTP },
-       { "dccp", IPPROTO_DCCP },
 };
 
-char *
+static char *
 proto_to_name(u_int8_t proto, int nolookup)
 {
        unsigned int i;