diff options
Diffstat (limited to 'extensions')
-rw-r--r-- | extensions/libct_proto_sctp.c | 20 | ||||
-rw-r--r-- | extensions/libct_proto_tcp.c | 17 | ||||
-rw-r--r-- | extensions/libct_proto_udp.c | 17 |
3 files changed, 53 insertions, 1 deletions
diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c index 825cbd9..1c8f0d1 100644 --- a/extensions/libct_proto_sctp.c +++ b/extensions/libct_proto_sctp.c @@ -1,5 +1,6 @@ /* * (C) 2005 by Harald Welte <laforge@netfilter.org> + * 2006 by Pablo Neira Ayuso <pablo@netfilter.org> * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -21,7 +22,9 @@ static struct option opts[] = { {"orig-port-dst", 1, 0, '2'}, {"reply-port-src", 1, 0, '3'}, {"reply-port-dst", 1, 0, '4'}, - {"state", 1, 0, '7'}, + {"state", 1, 0, '5'}, + {"tuple-port-src", 1, 0, '6'}, + {"tuple-port-dst", 1, 0, '7'}, {0, 0, 0, 0} }; @@ -43,11 +46,14 @@ static void help() fprintf(stdout, "--reply-port-src reply source port\n"); fprintf(stdout, "--reply-port-dst reply destination port\n"); fprintf(stdout, "--state SCTP state, fe. ESTABLISHED\n"); + fprintf(stdout, "--tuple-port-src expectation tuple src port\n"); + fprintf(stdout, "--tuple-port-src expectation tuple dst port\n"); } static int parse_options(char c, char *argv[], struct nfct_tuple *orig, struct nfct_tuple *reply, + struct nfct_tuple *exptuple, struct nfct_tuple *mask, union nfct_protoinfo *proto, unsigned int *flags) @@ -95,6 +101,18 @@ static int parse_options(char c, char *argv[], *flags |= SCTP_STATE; } break; + case '6': + if (optarg) { + exptuple->l4src.sctp.port = htons(atoi(optarg)); + *flags |= SCTP_EXPTUPLE_SPORT; + } + break; + case '7': + if (optarg) { + exptuple->l4dst.sctp.port = htons(atoi(optarg)); + *flags |= SCTP_EXPTUPLE_DPORT; + } + } return 1; } diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c index 35fa292..ee24206 100644 --- a/extensions/libct_proto_tcp.c +++ b/extensions/libct_proto_tcp.c @@ -25,6 +25,8 @@ static struct option opts[] = { {"mask-port-src", 1, 0, '5'}, {"mask-port-dst", 1, 0, '6'}, {"state", 1, 0, '7'}, + {"tuple-port-src", 1, 0, '8'}, + {"tuple-port-dst", 1, 0, '9'}, {0, 0, 0, 0} }; @@ -49,12 +51,15 @@ static void help() fprintf(stdout, "--reply-port-dst reply destination port\n"); fprintf(stdout, "--mask-port-src mask source port\n"); fprintf(stdout, "--mask-port-dst mask destination port\n"); + fprintf(stdout, "--tuple-port-src expectation tuple src port\n"); + fprintf(stdout, "--tuple-port-src expectation tuple dst port\n"); fprintf(stdout, "--state TCP state, fe. ESTABLISHED\n"); } static int parse_options(char c, char *argv[], struct nfct_tuple *orig, struct nfct_tuple *reply, + struct nfct_tuple *exptuple, struct nfct_tuple *mask, union nfct_protoinfo *proto, unsigned int *flags) @@ -112,6 +117,18 @@ static int parse_options(char c, char *argv[], *flags |= TCP_STATE; } break; + case '8': + if (optarg) { + exptuple->l4src.tcp.port = htons(atoi(optarg)); + *flags |= TCP_EXPTUPLE_SPORT; + } + break; + case '9': + if (optarg) { + exptuple->l4dst.tcp.port = htons(atoi(optarg)); + *flags |= TCP_EXPTUPLE_DPORT; + } + break; } return 1; } diff --git a/extensions/libct_proto_udp.c b/extensions/libct_proto_udp.c index 974e455..48079e0 100644 --- a/extensions/libct_proto_udp.c +++ b/extensions/libct_proto_udp.c @@ -22,6 +22,8 @@ static struct option opts[] = { {"reply-port-dst", 1, 0, '4'}, {"mask-port-src", 1, 0, '5'}, {"mask-port-dst", 1, 0, '6'}, + {"tuple-port-src", 1, 0, '7'}, + {"tuple-port-dst", 1, 0, '8'}, {0, 0, 0, 0} }; @@ -33,11 +35,14 @@ static void help() fprintf(stdout, "--reply-port-dst reply destination port\n"); fprintf(stdout, "--mask-port-src mask source port\n"); fprintf(stdout, "--mask-port-dst mask destination port\n"); + fprintf(stdout, "--tuple-port-src expectation tuple src port\n"); + fprintf(stdout, "--tuple-port-src expectation tuple dst port\n"); } static int parse_options(char c, char *argv[], struct nfct_tuple *orig, struct nfct_tuple *reply, + struct nfct_tuple *exptuple, struct nfct_tuple *mask, union nfct_protoinfo *proto, unsigned int *flags) @@ -79,6 +84,18 @@ static int parse_options(char c, char *argv[], *flags |= UDP_MASK_DPORT; } break; + case '7': + if (optarg) { + exptuple->l4src.udp.port = htons(atoi(optarg)); + *flags |= UDP_EXPTUPLE_SPORT; + } + break; + case '8': + if (optarg) { + exptuple->l4dst.udp.port = htons(atoi(optarg)); + *flags |= UDP_EXPTUPLE_DPORT; + } + } return 1; } |