summaryrefslogtreecommitdiff
path: root/src/conntrack.c
diff options
context:
space:
mode:
authorPablo Neira Ayuso <pablo@netfilter.org>2010-07-01 16:45:26 +0200
committerPablo Neira Ayuso <pablo@netfilter.org>2010-07-01 16:45:26 +0200
commitc4413a601ba46e336e624b035a1b69f7aa1a9318 (patch)
tree9be01a914716034e0f9ec886f3e038d58800da91 /src/conntrack.c
parentfd3827bc74b6d9e5acb7f5fcf79e6e1cb326640d (diff)
downloadconntrack-tools-c4413a601ba46e336e624b035a1b69f7aa1a9318.tar.gz
conntrack-tools-c4413a601ba46e336e624b035a1b69f7aa1a9318.zip
conntrack: --[src|dst|any]-nat requires IP:PORT as argument
This patch restricts the behaviour that we previously introduced in 142606c60808b3ab0496155ac3d086765e6baef3. Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'src/conntrack.c')
-rw-r--r--src/conntrack.c4
1 files changed, 3 insertions, 1 deletions
diff --git a/src/conntrack.c b/src/conntrack.c
index 82fe844..a5b49dd 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -816,6 +816,8 @@ nat_parse(char *arg, int portok, struct nf_conntrack *obj, int type)
if (colon) {
uint16_t port;
+ *colon = '\0';
+
if (!portok)
exit_error(PARAMETER_PROBLEM,
"Need TCP or UDP with port specification");
@@ -841,7 +843,7 @@ nat_parse(char *arg, int portok, struct nf_conntrack *obj, int type)
}
if (parse_addr(arg, &parse) == AF_UNSPEC)
- return;
+ exit_error(PARAMETER_PROBLEM, "Invalid IP address `%s'", arg);
if (type == CT_OPT_SRC_NAT || type == CT_OPT_ANY_NAT)
nfct_set_attr_u32(obj, ATTR_SNAT_IPV4, parse.v4);