Aligning matchsize and targetsize now responsibility of extension writers

author Rusty Russell <rusty@linuxcare.com.au>

Mon, 3 Jul 2000 10:17:57 +0000 (10:17 +0000)

committer Rusty Russell <rusty@rustcorp.com.au>

Mon, 3 Jul 2000 10:17:57 +0000 (10:17 +0000)
author Rusty Russell <rusty@linuxcare.com.au>
Mon, 3 Jul 2000 10:17:57 +0000 (10:17 +0000)
committer Rusty Russell <rusty@rustcorp.com.au>
Mon, 3 Jul 2000 10:17:57 +0000 (10:17 +0000)
diff --git a/extensions/libip6t_icmp.c b/extensions/libip6t_icmp.c

index d864112982867c78529848c5307048ccf4391ca2..8025175ac1e6ff011b1d9b8743a408de5b8f9f29 100644 (file)
--- a/extensions/libip6t_icmp.c
+++ b/extensions/libip6t_icmp.c
@@ -264,8 +264,8 @@ struct ip6tables_match icmp
  = { NULL,
      "icmp",
      NETFILTER_VERSION,
-    sizeof(struct ip6t_icmp),
-    sizeof(struct ip6t_icmp),
+    IP6T_ALIGN(sizeof(struct ip6t_icmp)),
+    IP6T_ALIGN(sizeof(struct ip6t_icmp)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libip6t_standard.c b/extensions/libip6t_standard.c

index 589b90583fb24ff8a36c4ff38772b90f068f8f11..1ffb1d7ab88adf58d8ee938ff9fa709f1725aba1 100644 (file)
--- a/extensions/libip6t_standard.c
+++ b/extensions/libip6t_standard.c
@@ -51,8 +51,8 @@ struct ip6tables_target standard
  = { NULL,
      "standard",
      NETFILTER_VERSION,
-    sizeof(int),
-    sizeof(int),
+    IP6T_ALIGN(sizeof(int)),
+    IP6T_ALIGN(sizeof(int)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libip6t_tcp.c b/extensions/libip6t_tcp.c

index 1cbba9a2b6477fdc5971ff89122768f134eafcff..28e7bdf6ec8e26996e1c0fa01ba3e02ea4cc7fb1 100644 (file)
--- a/extensions/libip6t_tcp.c
+++ b/extensions/libip6t_tcp.c
@@ -425,8 +425,8 @@ struct ip6tables_match tcp
  = { NULL,
      "tcp",
      NETFILTER_VERSION,
-    sizeof(struct ip6t_tcp),
-    sizeof(struct ip6t_tcp),
+    IP6T_ALIGN(sizeof(struct ip6t_tcp)),
+    IP6T_ALIGN(sizeof(struct ip6t_tcp)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libip6t_udp.c b/extensions/libip6t_udp.c

index f2c0b6ad60b2019eaecb22915128737097ff48c8..7fe16dd732fbdf1bc6efe279b34fc6eb370fcbfc 100644 (file)
--- a/extensions/libip6t_udp.c
+++ b/extensions/libip6t_udp.c
@@ -235,8 +235,8 @@ struct ip6tables_match udp
  = { NULL,
      "udp",
      NETFILTER_VERSION,
-    sizeof(struct ip6t_udp),
-    sizeof(struct ip6t_udp),
+    IP6T_ALIGN(sizeof(struct ip6t_udp)),
+    IP6T_ALIGN(sizeof(struct ip6t_udp)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_DNAT.c b/extensions/libipt_DNAT.c

index af08cc0a7cb9d98883071301950d51ba86e0fe4c..8ae9a62b73a74da6fe472e2584f2815a66282687 100644 (file)
--- a/extensions/libipt_DNAT.c
+++ b/extensions/libipt_DNAT.c
@@ -228,8 +228,8 @@ struct iptables_target dnat
  = { NULL,
      "DNAT",
      NETFILTER_VERSION,
-    sizeof(struct ip_nat_multi_range),
-    sizeof(struct ip_nat_multi_range),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_LOG.c b/extensions/libipt_LOG.c

index d634cd5532a5d3bfdb2782ff465c5dee2768c8b1..f098df2f395221f4fbc18a5d3163112d5b11c271 100644 (file)
--- a/extensions/libipt_LOG.c
+++ b/extensions/libipt_LOG.c
@@ -244,8 +244,8 @@ struct iptables_target log
  = { NULL,
      "LOG",
      NETFILTER_VERSION,
-    sizeof(struct ipt_log_info),
-    sizeof(struct ipt_log_info),
+    IPT_ALIGN(sizeof(struct ipt_log_info)),
+    IPT_ALIGN(sizeof(struct ipt_log_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_MARK.c b/extensions/libipt_MARK.c

index b8afe5504b64c666cade438255216d73c435ce08..ef7d7331a8745af4f12ef302b60d6bf15582a68a 100644 (file)
--- a/extensions/libipt_MARK.c
+++ b/extensions/libipt_MARK.c
@@ -104,8 +104,8 @@ struct iptables_target mark
  = { NULL,
      "MARK",
      NETFILTER_VERSION,
-    sizeof(struct ipt_mark_target_info),
-    sizeof(struct ipt_mark_target_info),
+    IPT_ALIGN(sizeof(struct ipt_mark_target_info)),
+    IPT_ALIGN(sizeof(struct ipt_mark_target_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_MASQUERADE.c b/extensions/libipt_MASQUERADE.c

index 902f06f33e509484466b7b0f8dfde207b78fe00f..2159016d71e0190dc4e1f5730222f68ec139b757 100644 (file)
--- a/extensions/libipt_MASQUERADE.c
+++ b/extensions/libipt_MASQUERADE.c
@@ -150,8 +150,8 @@ struct iptables_target masq
  = { NULL,
      "MASQUERADE",
      NETFILTER_VERSION,
-    sizeof(struct ip_nat_multi_range),
-    sizeof(struct ip_nat_multi_range),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_REDIRECT.c b/extensions/libipt_REDIRECT.c

index dd7024308e2a6f19100a80447e3bad83ef57a2be..d729cefe0dbd171eeadd98dd90a807e16e739a99 100644 (file)
--- a/extensions/libipt_REDIRECT.c
+++ b/extensions/libipt_REDIRECT.c
@@ -151,8 +151,8 @@ struct iptables_target redir
  = { NULL,
      "REDIRECT",
      NETFILTER_VERSION,
-    sizeof(struct ip_nat_multi_range),
-    sizeof(struct ip_nat_multi_range),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_REJECT.c b/extensions/libipt_REJECT.c

index e13d4b1e5702d0e69e44a0b678042269852531a5..5f723f7cd46efba6e391d581f7279349d8ad979a 100644 (file)
--- a/extensions/libipt_REJECT.c
+++ b/extensions/libipt_REJECT.c
@@ -147,8 +147,8 @@ struct iptables_target reject
  = { NULL,
      "REJECT",
      NETFILTER_VERSION,
-    sizeof(struct ipt_reject_info),
-    sizeof(struct ipt_reject_info),
+    IPT_ALIGN(sizeof(struct ipt_reject_info)),
+    IPT_ALIGN(sizeof(struct ipt_reject_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_SNAT.c b/extensions/libipt_SNAT.c

index e1d275234e738cddde2fbd957c34be6dd7e148f2..83f4ce9eef2e514d003c4485c3660cc5dc73084a 100644 (file)
--- a/extensions/libipt_SNAT.c
+++ b/extensions/libipt_SNAT.c
@@ -228,8 +228,8 @@ struct iptables_target snat
  = { NULL,
      "SNAT",
      NETFILTER_VERSION,
-    sizeof(struct ip_nat_multi_range),
-    sizeof(struct ip_nat_multi_range),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
+    IPT_ALIGN(sizeof(struct ip_nat_multi_range)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_TOS.c b/extensions/libipt_TOS.c

index ed599005b923bb28c147f66c10d77079cfa057e6..0c91cb5450f472a67c05c9ccba5244335928f54a 100644 (file)
--- a/extensions/libipt_TOS.c
+++ b/extensions/libipt_TOS.c
@@ -157,8 +157,8 @@ struct iptables_target tos
  = { NULL,
      "TOS",
      NETFILTER_VERSION,
-    sizeof(struct ipt_tos_target_info),
-    sizeof(struct ipt_tos_target_info),
+    IPT_ALIGN(sizeof(struct ipt_tos_target_info)),
+    IPT_ALIGN(sizeof(struct ipt_tos_target_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c

index 0a47e4121f63fd10b22340b244b0f68db01d7245..63905181d211c966e2839e3cb6d7dac5f5aead9a 100644 (file)
--- a/extensions/libipt_icmp.c
+++ b/extensions/libipt_icmp.c
@@ -279,8 +279,8 @@ struct iptables_match icmp
  = { NULL,
      "icmp",
      NETFILTER_VERSION,
-    sizeof(struct ipt_icmp),
-    sizeof(struct ipt_icmp),
+    IPT_ALIGN(sizeof(struct ipt_icmp)),
+    IPT_ALIGN(sizeof(struct ipt_icmp)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_limit.c b/extensions/libipt_limit.c

index e7dda7bc64fc96f44b9a15ac865d97a326c13edb..58c2ebd0e608d38f56a915a5a02728d4a8aaaa19 100644 (file)
--- a/extensions/libipt_limit.c
+++ b/extensions/libipt_limit.c
@@ -181,7 +181,7 @@ struct iptables_match limit
  = { NULL,
      "limit",
      NETFILTER_VERSION,
-    sizeof(struct ipt_rateinfo),
+    IPT_ALIGN(sizeof(struct ipt_rateinfo)),
      offsetof(struct ipt_rateinfo, prev),
      &help,
      &init,
diff --git a/extensions/libipt_mac.c b/extensions/libipt_mac.c

index f740ecc5097c09d598734a5d20f55ad3e41de872..6d61d6051d38694bae699c2959c6f1e5ca6fdc88 100644 (file)
--- a/extensions/libipt_mac.c
+++ b/extensions/libipt_mac.c
@@ -128,8 +128,8 @@ struct iptables_match mac
  = { NULL,
      "mac",
      NETFILTER_VERSION,
-    sizeof(struct ipt_mac_info),
-    sizeof(struct ipt_mac_info),
+    IPT_ALIGN(sizeof(struct ipt_mac_info)),
+    IPT_ALIGN(sizeof(struct ipt_mac_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_mark.c b/extensions/libipt_mark.c

index 2cd6193b9a7667e8a28735cd7a5ea7b81f2bab8f..aced54757f6405f10c80cf756cb61532c3b432d5 100644 (file)
--- a/extensions/libipt_mark.c
+++ b/extensions/libipt_mark.c
@@ -112,8 +112,8 @@ struct iptables_match mark
  = { NULL,
      "mark",
      NETFILTER_VERSION,
-    sizeof(struct ipt_mark_info),
-    sizeof(struct ipt_mark_info),
+    IPT_ALIGN(sizeof(struct ipt_mark_info)),
+    IPT_ALIGN(sizeof(struct ipt_mark_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_multiport.c b/extensions/libipt_multiport.c

index 8c58bddddf4e239923e32a46a50a7706d3f30e80..bac4621fdbe674bbd7dcb636dcfd472caa1e8b72 100644 (file)
--- a/extensions/libipt_multiport.c
+++ b/extensions/libipt_multiport.c
@@ -245,8 +245,8 @@ struct iptables_match multiport
  = { NULL,
      "multiport",
      NETFILTER_VERSION,
-    sizeof(struct ipt_multiport),
-    sizeof(struct ipt_multiport),
+    IPT_ALIGN(sizeof(struct ipt_multiport)),
+    IPT_ALIGN(sizeof(struct ipt_multiport)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_owner.c b/extensions/libipt_owner.c

index 027f5383dfd196460b58560310da4e71f04a700c..233cd0be1431ce2adb9a7c5421599baa1b4be93e 100644 (file)
--- a/extensions/libipt_owner.c
+++ b/extensions/libipt_owner.c
@@ -203,8 +203,8 @@ struct iptables_match owner
  = { NULL,
      "owner",
      NETFILTER_VERSION,
-    sizeof(struct ipt_owner_info),
-    sizeof(struct ipt_owner_info),
+    IPT_ALIGN(sizeof(struct ipt_owner_info)),
+    IPT_ALIGN(sizeof(struct ipt_owner_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_standard.c b/extensions/libipt_standard.c

index c63669f03536f4c19c9b8d5d2979bb33bbe89a7f..22db24ba31d073f4d0ed0d3b69351bbcd418e072 100644 (file)
--- a/extensions/libipt_standard.c
+++ b/extensions/libipt_standard.c
@@ -51,8 +51,8 @@ struct iptables_target standard
  = { NULL,
      "standard",
      NETFILTER_VERSION,
-    sizeof(int),
-    sizeof(int),
+    IPT_ALIGN(sizeof(int)),
+    IPT_ALIGN(sizeof(int)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_state.c b/extensions/libipt_state.c

index d3dcbc2d837246c2345568cb13ef1c83868dd0d4..d21ccf16e0c0fc73c824c92fdd7a22d0b369ff7b 100644 (file)
--- a/extensions/libipt_state.c
+++ b/extensions/libipt_state.c
@@ -146,8 +146,8 @@ struct iptables_match state
  = { NULL,
      "state",
      NETFILTER_VERSION,
-    sizeof(struct ipt_state_info),
-    sizeof(struct ipt_state_info),
+    IPT_ALIGN(sizeof(struct ipt_state_info)),
+    IPT_ALIGN(sizeof(struct ipt_state_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_tcp.c b/extensions/libipt_tcp.c

index 276d0e2a39ebf5e5030b72f04743cf47c9fa03bb..47336f6cb9a6c9197205c2c04e25ef0e9c678712 100644 (file)
--- a/extensions/libipt_tcp.c
+++ b/extensions/libipt_tcp.c
@@ -374,7 +374,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
         const struct ipt_tcp *tcpinfo = (struct ipt_tcp *)match->data;
  
         if (tcpinfo->spts[0] != 0
-           && tcpinfo->spts[1] != 0xFFFF) {
+           || tcpinfo->spts[1] != 0xFFFF) {
                 if (tcpinfo->invflags & IPT_TCP_INV_SRCPT)
                         printf("! ");
                 if (tcpinfo->spts[0]
@@ -388,7 +388,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
         }
  
         if (tcpinfo->dpts[0] != 0
-           && tcpinfo->dpts[1] != 0xFFFF) {
+           || tcpinfo->dpts[1] != 0xFFFF) {
                 if (tcpinfo->invflags & IPT_TCP_INV_DSTPT)
                         printf("! ");
                 if (tcpinfo->dpts[0]
@@ -425,8 +425,8 @@ struct iptables_match tcp
  = { NULL,
      "tcp",
      NETFILTER_VERSION,
-    sizeof(struct ipt_tcp),
-    sizeof(struct ipt_tcp),
+    IPT_ALIGN(sizeof(struct ipt_tcp)),
+    IPT_ALIGN(sizeof(struct ipt_tcp)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_tos.c b/extensions/libipt_tos.c

index 99c89ea778369a4147f46c2bdbf458255804d988..ec83e18d0338804510a12fd28b1fe4259ec99e91 100644 (file)
--- a/extensions/libipt_tos.c
+++ b/extensions/libipt_tos.c
@@ -155,8 +155,8 @@ struct iptables_match tos
  = { NULL,
      "tos",
      NETFILTER_VERSION,
-    sizeof(struct ipt_tos_info),
-    sizeof(struct ipt_tos_info),
+    IPT_ALIGN(sizeof(struct ipt_tos_info)),
+    IPT_ALIGN(sizeof(struct ipt_tos_info)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_udp.c b/extensions/libipt_udp.c

index 507937b190e16e851c65a76224f9ef9df043a16d..06c61c515d19e40688d54bd11bb12c3c1645cd79 100644 (file)
--- a/extensions/libipt_udp.c
+++ b/extensions/libipt_udp.c
@@ -203,7 +203,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
         const struct ipt_udp *udpinfo = (struct ipt_udp *)match->data;
  
         if (udpinfo->spts[0] != 0
-           && udpinfo->spts[1] != 0xFFFF) {
+           || udpinfo->spts[1] != 0xFFFF) {
                 if (udpinfo->invflags & IPT_UDP_INV_SRCPT)
                         printf("! ");
                 if (udpinfo->spts[0]
@@ -217,7 +217,7 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
         }
  
         if (udpinfo->dpts[0] != 0
-           && udpinfo->dpts[1] != 0xFFFF) {
+           || udpinfo->dpts[1] != 0xFFFF) {
                 if (udpinfo->invflags & IPT_UDP_INV_DSTPT)
                         printf("! ");
                 if (udpinfo->dpts[0]
@@ -235,8 +235,8 @@ struct iptables_match udp
  = { NULL,
      "udp",
      NETFILTER_VERSION,
-    sizeof(struct ipt_udp),
-    sizeof(struct ipt_udp),
+    IPT_ALIGN(sizeof(struct ipt_udp)),
+    IPT_ALIGN(sizeof(struct ipt_udp)),
      &help,
      &init,
      &parse,
diff --git a/extensions/libipt_unclean.c b/extensions/libipt_unclean.c

index bef513e6835333d150b57dc33805df1942c2a3b1..c433bc7c83a20ba9d515db669a45cfd6b4c8cad9 100644 (file)
--- a/extensions/libipt_unclean.c
+++ b/extensions/libipt_unclean.c
@@ -50,8 +50,8 @@ struct iptables_match unclean
  = { NULL,
      "unclean",
      NETFILTER_VERSION,
-    0,
-    0,
+    IPT_ALIGN(0),
+    IPT_ALIGN(0),
      &help,
      &init,
      &parse,
diff --git a/iptables.c b/iptables.c

index a3ce827c9a6672569adddfd7f75094a89e3aa65b..6d62cabc7c62ebdb942394fe42181475866a4728 100644 (file)
--- a/iptables.c
+++ b/iptables.c
@@ -928,6 +928,12 @@ register_match(struct iptables_match *me)
                 exit(1);
         }
  
+       if (me->size != IPT_ALIGN(me->size)) {
+               fprintf(stderr, "%s: match `%s' has invalid size %u.\n",
+                       program_name, me->name, me->size);
+               exit(1);
+       }
+
         /* Prepend to list. */
         me->next = iptables_matches;
         iptables_matches = me;
@@ -952,6 +958,12 @@ register_target(struct iptables_target *me)
                 exit(1);
         }
  
+       if (me->size != IPT_ALIGN(me->size)) {
+               fprintf(stderr, "%s: target `%s' has invalid size %u.\n",
+                       program_name, me->name, me->size);
+               exit(1);
+       }
+
         /* Prepend to list. */
         me->next = iptables_targets;
         iptables_targets = me;
@@ -1266,10 +1278,10 @@ make_delete_mask(struct ipt_entry *fw)
  
         size = sizeof(struct ipt_entry);
         for (m = iptables_matches; m; m = m->next)
-               size += sizeof(struct ipt_entry_match) + m->size;
+               size += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
  
         mask = fw_calloc(1, size
-                        + sizeof(struct ipt_entry_target)
+                        + IPT_ALIGN(sizeof(struct ipt_entry_target))
                          + iptables_targets->size);
  
         memset(mask, 0xFF, sizeof(struct ipt_entry));
@@ -1277,13 +1289,14 @@ make_delete_mask(struct ipt_entry *fw)
  
         for (m = iptables_matches; m; m = m->next) {
                 memset(mptr, 0xFF,
-                      sizeof(struct ipt_entry_match) + m->userspacesize);
-               mptr += sizeof(struct ipt_entry_match) + m->size;
+                      IPT_ALIGN(sizeof(struct ipt_entry_match))
+                      + m->userspacesize);
+               mptr += IPT_ALIGN(sizeof(struct ipt_entry_match)) + m->size;
         }
  
-       memset(mptr, 0xFF, sizeof(struct ipt_entry_target));
-       mptr += sizeof(struct ipt_entry_target);
-       memset(mptr, 0xFF, iptables_targets->userspacesize);
+       memset(mptr, 0xFF, 
+              IPT_ALIGN(sizeof(struct ipt_entry_target))
+              + iptables_targets->userspacesize);
  
         return mask;
  }
@@ -1703,8 +1716,8 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
                         if (target) {
                                 size_t size;
  
-                               size = IPT_ALIGN(sizeof(struct ipt_entry_target)
-                                                + target->size);
+                               size = IPT_ALIGN(sizeof(struct ipt_entry_target))
+                                       + target->size;
  
                                 target->t = fw_calloc(1, size);
                                 target->t->u.target_size = size;
@@ -1758,8 +1771,8 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
                                            "unexpected ! flag before --match");
  
                         m = find_match(optarg, LOAD_MUST_SUCCEED);
-                       size = IPT_ALIGN(sizeof(struct ipt_entry_match)
-                                        + m->size);
+                       size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+                                        + m->size;
                         m->m = fw_calloc(1, size);
                         m->m->u.match_size = size;
                         strcpy(m->m->u.user.name, m->name);
@@ -1839,8 +1852,8 @@ int do_command(int argc, char *argv[], char **table, iptc_handle_t *handle)
                                         /* Try loading protocol */
                                         size_t size;
  
-                                       size = IPT_ALIGN(sizeof(struct ipt_entry_match)
-                                                        + m->size);
+                                       size = IPT_ALIGN(sizeof(struct ipt_entry_match))
+                                                        + m->size;
  
                                         m->m = fw_calloc(1, size);
                                         m->m->u.match_size = size;
author	Rusty Russell <rusty@linuxcare.com.au>
	Mon, 3 Jul 2000 10:17:57 +0000 (10:17 +0000)
committer	Rusty Russell <rusty@rustcorp.com.au>
	Mon, 3 Jul 2000 10:17:57 +0000 (10:17 +0000)
extensions/libip6t_icmp.c		patch \| blob \| blame \| history
extensions/libip6t_standard.c		patch \| blob \| blame \| history
extensions/libip6t_tcp.c		patch \| blob \| blame \| history
extensions/libip6t_udp.c		patch \| blob \| blame \| history
extensions/libipt_DNAT.c		patch \| blob \| blame \| history
extensions/libipt_LOG.c		patch \| blob \| blame \| history
extensions/libipt_MARK.c		patch \| blob \| blame \| history
extensions/libipt_MASQUERADE.c		patch \| blob \| blame \| history
extensions/libipt_REDIRECT.c		patch \| blob \| blame \| history
extensions/libipt_REJECT.c		patch \| blob \| blame \| history
extensions/libipt_SNAT.c		patch \| blob \| blame \| history
extensions/libipt_TOS.c		patch \| blob \| blame \| history
extensions/libipt_icmp.c		patch \| blob \| blame \| history
extensions/libipt_limit.c		patch \| blob \| blame \| history
extensions/libipt_mac.c		patch \| blob \| blame \| history
extensions/libipt_mark.c		patch \| blob \| blame \| history
extensions/libipt_multiport.c		patch \| blob \| blame \| history
extensions/libipt_owner.c		patch \| blob \| blame \| history
extensions/libipt_standard.c		patch \| blob \| blame \| history
extensions/libipt_state.c		patch \| blob \| blame \| history
extensions/libipt_tcp.c		patch \| blob \| blame \| history
extensions/libipt_tos.c		patch \| blob \| blame \| history
extensions/libipt_udp.c		patch \| blob \| blame \| history
extensions/libipt_unclean.c		patch \| blob \| blame \| history
iptables.c		patch \| blob \| blame \| history