summaryrefslogtreecommitdiff
path: root/extensions
diff options
context:
space:
mode:
Diffstat (limited to 'extensions')
-rw-r--r--extensions/libct_proto_sctp.c20
-rw-r--r--extensions/libct_proto_tcp.c17
-rw-r--r--extensions/libct_proto_udp.c17
3 files changed, 53 insertions, 1 deletions
diff --git a/extensions/libct_proto_sctp.c b/extensions/libct_proto_sctp.c
index 825cbd9..1c8f0d1 100644
--- a/extensions/libct_proto_sctp.c
+++ b/extensions/libct_proto_sctp.c
@@ -1,5 +1,6 @@
/*
* (C) 2005 by Harald Welte <laforge@netfilter.org>
+ * 2006 by Pablo Neira Ayuso <pablo@netfilter.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -21,7 +22,9 @@ static struct option opts[] = {
{"orig-port-dst", 1, 0, '2'},
{"reply-port-src", 1, 0, '3'},
{"reply-port-dst", 1, 0, '4'},
- {"state", 1, 0, '7'},
+ {"state", 1, 0, '5'},
+ {"tuple-port-src", 1, 0, '6'},
+ {"tuple-port-dst", 1, 0, '7'},
{0, 0, 0, 0}
};
@@ -43,11 +46,14 @@ static void help()
fprintf(stdout, "--reply-port-src reply source port\n");
fprintf(stdout, "--reply-port-dst reply destination port\n");
fprintf(stdout, "--state SCTP state, fe. ESTABLISHED\n");
+ fprintf(stdout, "--tuple-port-src expectation tuple src port\n");
+ fprintf(stdout, "--tuple-port-src expectation tuple dst port\n");
}
static int parse_options(char c, char *argv[],
struct nfct_tuple *orig,
struct nfct_tuple *reply,
+ struct nfct_tuple *exptuple,
struct nfct_tuple *mask,
union nfct_protoinfo *proto,
unsigned int *flags)
@@ -95,6 +101,18 @@ static int parse_options(char c, char *argv[],
*flags |= SCTP_STATE;
}
break;
+ case '6':
+ if (optarg) {
+ exptuple->l4src.sctp.port = htons(atoi(optarg));
+ *flags |= SCTP_EXPTUPLE_SPORT;
+ }
+ break;
+ case '7':
+ if (optarg) {
+ exptuple->l4dst.sctp.port = htons(atoi(optarg));
+ *flags |= SCTP_EXPTUPLE_DPORT;
+ }
+
}
return 1;
}
diff --git a/extensions/libct_proto_tcp.c b/extensions/libct_proto_tcp.c
index 35fa292..ee24206 100644
--- a/extensions/libct_proto_tcp.c
+++ b/extensions/libct_proto_tcp.c
@@ -25,6 +25,8 @@ static struct option opts[] = {
{"mask-port-src", 1, 0, '5'},
{"mask-port-dst", 1, 0, '6'},
{"state", 1, 0, '7'},
+ {"tuple-port-src", 1, 0, '8'},
+ {"tuple-port-dst", 1, 0, '9'},
{0, 0, 0, 0}
};
@@ -49,12 +51,15 @@ static void help()
fprintf(stdout, "--reply-port-dst reply destination port\n");
fprintf(stdout, "--mask-port-src mask source port\n");
fprintf(stdout, "--mask-port-dst mask destination port\n");
+ fprintf(stdout, "--tuple-port-src expectation tuple src port\n");
+ fprintf(stdout, "--tuple-port-src expectation tuple dst port\n");
fprintf(stdout, "--state TCP state, fe. ESTABLISHED\n");
}
static int parse_options(char c, char *argv[],
struct nfct_tuple *orig,
struct nfct_tuple *reply,
+ struct nfct_tuple *exptuple,
struct nfct_tuple *mask,
union nfct_protoinfo *proto,
unsigned int *flags)
@@ -112,6 +117,18 @@ static int parse_options(char c, char *argv[],
*flags |= TCP_STATE;
}
break;
+ case '8':
+ if (optarg) {
+ exptuple->l4src.tcp.port = htons(atoi(optarg));
+ *flags |= TCP_EXPTUPLE_SPORT;
+ }
+ break;
+ case '9':
+ if (optarg) {
+ exptuple->l4dst.tcp.port = htons(atoi(optarg));
+ *flags |= TCP_EXPTUPLE_DPORT;
+ }
+ break;
}
return 1;
}
diff --git a/extensions/libct_proto_udp.c b/extensions/libct_proto_udp.c
index 974e455..48079e0 100644
--- a/extensions/libct_proto_udp.c
+++ b/extensions/libct_proto_udp.c
@@ -22,6 +22,8 @@ static struct option opts[] = {
{"reply-port-dst", 1, 0, '4'},
{"mask-port-src", 1, 0, '5'},
{"mask-port-dst", 1, 0, '6'},
+ {"tuple-port-src", 1, 0, '7'},
+ {"tuple-port-dst", 1, 0, '8'},
{0, 0, 0, 0}
};
@@ -33,11 +35,14 @@ static void help()
fprintf(stdout, "--reply-port-dst reply destination port\n");
fprintf(stdout, "--mask-port-src mask source port\n");
fprintf(stdout, "--mask-port-dst mask destination port\n");
+ fprintf(stdout, "--tuple-port-src expectation tuple src port\n");
+ fprintf(stdout, "--tuple-port-src expectation tuple dst port\n");
}
static int parse_options(char c, char *argv[],
struct nfct_tuple *orig,
struct nfct_tuple *reply,
+ struct nfct_tuple *exptuple,
struct nfct_tuple *mask,
union nfct_protoinfo *proto,
unsigned int *flags)
@@ -79,6 +84,18 @@ static int parse_options(char c, char *argv[],
*flags |= UDP_MASK_DPORT;
}
break;
+ case '7':
+ if (optarg) {
+ exptuple->l4src.udp.port = htons(atoi(optarg));
+ *flags |= UDP_EXPTUPLE_SPORT;
+ }
+ break;
+ case '8':
+ if (optarg) {
+ exptuple->l4dst.udp.port = htons(atoi(optarg));
+ *flags |= UDP_EXPTUPLE_DPORT;
+ }
+
}
return 1;
}