summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog2
-rw-r--r--examples/cli/test.sh3
-rw-r--r--src/conntrack.c110
3 files changed, 11 insertions, 104 deletions
diff --git a/ChangeLog b/ChangeLog
index 05348e1..aafd981 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -14,6 +14,8 @@ o lots of cleanups
= conntrack =
o fix segfault with conntrack --output (Krzysztof Oledzky)
+o use NFCT_SOPT_SETUP_* facilities: nfct_setobjopt
+o remove bogus option to get a conntrack in test.sh example file
version 0.9.3 (2006/05/22)
------------------------------
diff --git a/examples/cli/test.sh b/examples/cli/test.sh
index 36c4826..cb449bf 100644
--- a/examples/cli/test.sh
+++ b/examples/cli/test.sh
@@ -37,8 +37,7 @@ case $1 in
get)
echo "getting a conntrack"
$CONNTRACK -G --orig-src $SRC --orig-dst $DST \
- -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT \
- --reply-port-src $DPORT --reply-port-dst $SPORT
+ -p tcp --orig-port-src $SPORT --orig-port-dst $DPORT
;;
change)
echo "change a conntrack"
diff --git a/src/conntrack.c b/src/conntrack.c
index 18baf96..2555f2e 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -1024,57 +1024,10 @@ int main(int argc, char *argv[])
break;
case CT_CREATE:
- if ((options & CT_OPT_ORIG)
- && !(options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_REPL_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_ORIG_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_SRC));
- }
- } else if (!(options & CT_OPT_ORIG)
- && (options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_ORIG_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_REPL_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_SRC));
- }
- }
+ if ((options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_REPLY);
+ else if (!(options & CT_OPT_ORIG) && (options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_ORIGINAL);
cth = nfct_open(CONNTRACK, 0);
if (!cth)
@@ -1098,57 +1051,10 @@ int main(int argc, char *argv[])
break;
case CT_UPDATE:
- if ((options & CT_OPT_ORIG)
- && !(options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_REPL_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_ORIG_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_REPL_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_REPL_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_ORIG_IPV6_SRC));
- }
- } else if (!(options & CT_OPT_ORIG)
- && (options & CT_OPT_REPL)) {
- nfct_set_attr_u8(obj,
- ATTR_ORIG_L3PROTO,
- nfct_get_attr_u8(obj,
- ATTR_REPL_L3PROTO));
- if (family == AF_INET) {
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_SRC,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_DST));
- nfct_set_attr_u32(obj,
- ATTR_ORIG_IPV4_DST,
- nfct_get_attr_u32(obj,
- ATTR_REPL_IPV4_SRC));
- } else if (family == AF_INET6) {
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_SRC,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_DST));
- nfct_set_attr(obj,
- ATTR_ORIG_IPV6_DST,
- nfct_get_attr(obj,
- ATTR_REPL_IPV6_SRC));
- }
- }
+ if ((options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_REPLY);
+ else if (!(options & CT_OPT_ORIG) && (options & CT_OPT_REPL))
+ nfct_setobjopt(obj, NFCT_SOPT_SETUP_ORIGINAL);
cth = nfct_open(CONNTRACK, 0);
if (!cth)