summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog10
-rw-r--r--include/conntrack.h2
-rw-r--r--src/conntrack.c42
3 files changed, 29 insertions, 25 deletions
diff --git a/ChangeLog b/ChangeLog
index fdb8c75..7d2c085 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,13 @@
+2005-11-01
+<pablo@eurodev.net>
+ o Fix error message describing illegal option -E -i
+ o -D -i ID requires tuple information: Display an error message
+ o Use NFCT_ALL_CT_GROUPS flag instead of NFCT_ALL_GROUPS
+ o Event mask doesn't make sense for expectations, kill dead code
+ o Bumped version to 0.95
+<olenf@ans.pl>
+ o Fix wrong formating in conntrack -h
+
2005-10-30
<pablo@eurodev.net>
Special thanks to Deti Fiegl from the Leibniz Supercomputing Centre in
diff --git a/include/conntrack.h b/include/conntrack.h
index 256fa00..58a9170 100644
--- a/include/conntrack.h
+++ b/include/conntrack.h
@@ -6,7 +6,7 @@
#include <libnetfilter_conntrack/libnetfilter_conntrack.h>
#define PROGNAME "conntrack"
-#define CONNTRACK_VERSION "0.94"
+#define CONNTRACK_VERSION "0.95"
/* FIXME: These should be independent from kernel space */
#define IPS_ASSURED (1 << 2)
diff --git a/src/conntrack.c b/src/conntrack.c
index 4f9a687..fcd0ce4 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -166,7 +166,7 @@ enum options {
#define NUMBER_OF_OPT CT_OPT_MAX
static const char optflags[NUMBER_OF_OPT]
-= {'s','d','r','q','p','t','u','z','e','[',']','{','}','a','i','m'};
+= {'s','d','r','q','p','t','u','z','e','[',']','{','}','a','m','i'};
static struct option original_opts[] = {
{"dump", 2, 0, 'L'},
@@ -670,13 +670,13 @@ fprintf(stdout, "Tool to manipulate conntrack and expectations. Version %s\n", C
fprintf(stdout, "Usage: %s [commands] [options]\n", prog);
fprintf(stdout, "\n");
fprintf(stdout, "Commands:\n");
-fprintf(stdout, "-L [table] [-z] List conntrack or expectation table\n");
-fprintf(stdout, "-G [table] parameters Get conntrack or expectation\n");
-fprintf(stdout, "-D [table] parameters Delete conntrack or expectation\n");
-fprintf(stdout, "-I [table] parameters Create a conntrack or expectation\n");
-fprintf(stdout, "-U [table] parameters Update a conntrack\n");
-fprintf(stdout, "-E [table] [options] Show events\n");
-fprintf(stdout, "-F [table] Flush table\n");
+fprintf(stdout, "-L [table] [-z]\t\tList conntrack or expectation table\n");
+fprintf(stdout, "-G [table] parameters\tGet conntrack or expectation\n");
+fprintf(stdout, "-D [table] parameters\tDelete conntrack or expectation\n");
+fprintf(stdout, "-I [table] parameters\tCreate a conntrack or expectation\n");
+fprintf(stdout, "-U [table] parameters\tUpdate a conntrack\n");
+fprintf(stdout, "-E [table] [options]\tShow events\n");
+fprintf(stdout, "-F [table]\t\tFlush table\n");
fprintf(stdout, "\n");
fprintf(stdout, "Options:\n");
fprintf(stdout, "--orig-src ip Source address from original direction\n");
@@ -1006,6 +1006,9 @@ int main(int argc, char *argv[])
break;
case CT_DELETE:
+ if (!(options & CT_OPT_ORIG) && !(options & CT_OPT_REPL))
+ exit_error(PARAMETER_PROBLEM, "Can't kill conntracks "
+ "just by its ID");
cth = nfct_open(CONNTRACK, 0);
if (!cth)
exit_error(OTHER_PROBLEM, "Can't open handler");
@@ -1083,7 +1086,7 @@ int main(int argc, char *argv[])
nfct_default_conntrack_display);
res = nfct_event_conntrack(cth);
} else {
- cth = nfct_open(CONNTRACK, NFCT_ALL_GROUPS);
+ cth = nfct_open(CONNTRACK, NFCT_ALL_CT_GROUPS);
if (!cth)
exit_error(OTHER_PROBLEM, "Can't open handler");
signal(SIGINT, event_sighandler);
@@ -1094,21 +1097,12 @@ int main(int argc, char *argv[])
break;
case EXP_EVENT:
- if (options & CT_OPT_EVENT_MASK) {
- cth = nfct_open(EXPECT, event_mask);
- if (!cth)
- exit_error(OTHER_PROBLEM, "Can't open handler");
- signal(SIGINT, event_sighandler);
- nfct_register_callback(cth, nfct_default_expect_display);
- res = nfct_event_expectation(cth);
- } else {
- cth = nfct_open(EXPECT, NFCT_ALL_GROUPS);
- if (!cth)
- exit_error(OTHER_PROBLEM, "Can't open handler");
- signal(SIGINT, event_sighandler);
- nfct_register_callback(cth, nfct_default_expect_display);
- res = nfct_event_expectation(cth);
- }
+ cth = nfct_open(EXPECT, NF_NETLINK_CONNTRACK_EXP_NEW);
+ if (!cth)
+ exit_error(OTHER_PROBLEM, "Can't open handler");
+ signal(SIGINT, event_sighandler);
+ nfct_register_callback(cth, nfct_default_expect_display);
+ res = nfct_event_expectation(cth);
nfct_close(cth);
break;