diff options
Diffstat (limited to 'extensions/libct_proto_tcp.c')
-rw-r--r-- | extensions/libct_proto_tcp.c | 33 |
1 files changed, 8 insertions, 25 deletions
diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index a3b1826..b17a931 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -44,10 +44,10 @@ static char tcp_commands_v_options[NUMBER_OF_CMD][TCP_NUMBER_OF_OPT] = { /* 1 2 3 4 5 6 7 8 9 */ /*CT_LIST*/ {2,2,2,2,0,0,2,0,0}, -/*CT_CREATE*/ {1,1,1,1,0,0,1,0,0}, -/*CT_UPDATE*/ {1,1,1,1,0,0,2,0,0}, -/*CT_DELETE*/ {1,1,1,1,0,0,0,0,0}, -/*CT_GET*/ {1,1,1,1,0,0,2,0,0}, +/*CT_CREATE*/ {2,2,2,2,0,0,1,0,0}, +/*CT_UPDATE*/ {2,2,2,2,0,0,2,0,0}, +/*CT_DELETE*/ {2,2,2,2,0,0,0,0,0}, +/*CT_GET*/ {2,2,2,2,0,0,2,0,0}, /*CT_FLUSH*/ {0,0,0,0,0,0,0,0,0}, /*CT_EVENT*/ {2,2,2,2,0,0,2,0,0}, /*CT_VERSION*/ {0,0,0,0,0,0,0,0,0}, @@ -200,27 +200,10 @@ static void final_check(unsigned int flags, unsigned int cmd, struct nf_conntrack *ct) { - if ((flags & (TCP_ORIG_SPORT|TCP_ORIG_DPORT)) - && !(flags & (TCP_REPL_SPORT|TCP_REPL_DPORT))) { - nfct_set_attr_u16(ct, - ATTR_REPL_PORT_SRC, - nfct_get_attr_u16(ct, ATTR_ORIG_PORT_DST)); - nfct_set_attr_u16(ct, - ATTR_REPL_PORT_DST, - nfct_get_attr_u16(ct, ATTR_ORIG_PORT_SRC)); - flags |= TCP_REPL_SPORT; - flags |= TCP_REPL_DPORT; - } else if (!(flags & (TCP_ORIG_SPORT|TCP_ORIG_DPORT)) - && (flags & (TCP_REPL_SPORT|TCP_REPL_DPORT))) { - nfct_set_attr_u16(ct, - ATTR_ORIG_PORT_SRC, - nfct_get_attr_u16(ct, ATTR_REPL_PORT_DST)); - nfct_set_attr_u16(ct, - ATTR_ORIG_PORT_DST, - nfct_get_attr_u16(ct, ATTR_REPL_PORT_SRC)); - flags |= TCP_ORIG_SPORT; - flags |= TCP_ORIG_DPORT; - } + if ((1 << cmd) & (CT_CREATE|CT_UPDATE|CT_DELETE|CT_GET) && + !((flags & TCP_ORIG_SPORT && flags & TCP_ORIG_DPORT) || + (flags & TCP_REPL_SPORT && flags & TCP_REPL_DPORT))) + exit_error(PARAMETER_PROBLEM, "missing ports"); generic_opt_check(flags, TCP_NUMBER_OF_OPT, |