libxt_sctp.c revision 3810013331414e53a0bde3a791b2ce3648c892d0 
13810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Shared library add-on to iptables for SCTP matching
23810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
33810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * (C) 2003 by Harald Welte <laforge@gnumonks.org>
43810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
53810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * This program is distributed under the terms of GNU GPL v2, 1991
63810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
73810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * libipt_ecn.c borrowed heavily from libipt_dscp.c
83810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
93810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy */
103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <stdio.h>
113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <string.h>
123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <stdlib.h>
133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <getopt.h>
143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <netdb.h>
153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <ctype.h>
163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <ip6tables.h>
183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <linux/netfilter_ipv6/ip6_tables.h>
193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#ifndef ARRAY_SIZE
213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define ARRAY_SIZE(x) (sizeof(x) / sizeof((x)[0]))
223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#endif
233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <linux/netfilter/xt_sctp.h>
253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Some ZS!#@:$%*#$! has replaced the ELEMCOUNT macro in ipt_sctp.h with
273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * ARRAY_SIZE without noticing that this file is used from userserspace,
283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * and userspace doesn't have ARRAY_SIZE */
293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#ifndef ELEMCOUNT
313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define ELEMCOUNT ARRAY_SIZE
323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#endif
333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#if 0
353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define DEBUGP(format, first...) printf(format, ##first)
363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define static
373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#else
383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define DEBUGP(format, fist...)
393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#endif
403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint_chunk(u_int32_t chunknum, int numeric);
433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Initialize the match. */
453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyinit(struct ip6t_entry_match *m,
473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy     unsigned int *nfcache)
483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i;
503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	struct xt_sctp_info *einfo = (struct xt_sctp_info *)m->data;
513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	memset(einfo, 0, sizeof(struct xt_sctp_info));
533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 0; i < XT_NUM_SCTP_FLAGS; i++) {
553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flag_info[i].chunktype = -1;
563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void help(void)
603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	printf(
623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy"SCTP match v%s options\n"
633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --source-port [!] port[:port]                          match source port(s)\n"
643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --sport ...\n"
653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --destination-port [!] port[:port]                     match destination port(s)\n"
663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --dport ...\n"
673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --chunk-types [!] (all|any|none) (chunktype[:flags])+	match if all, any or none of\n"
683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy"						        chunktypes are present\n"
693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy"chunktypes - DATA INIT INIT_ACK SACK HEARTBEAT HEARTBEAT_ACK ABORT SHUTDOWN SHUTDOWN_ACK ERROR COOKIE_ECHO COOKIE_ACK ECN_ECNE ECN_CWR SHUTDOWN_COMPLETE ASCONF ASCONF_ACK ALL NONE\n",
703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	IPTABLES_VERSION);
713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic struct option opts[] = {
743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	{ .name = "source-port", .has_arg = 1, .flag = 0, .val = '1' },
753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	{ .name = "sport", .has_arg = 1, .flag = 0, .val = '1' },
763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	{ .name = "destination-port", .has_arg = 1, .flag = 0, .val = '2' },
773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	{ .name = "dport", .has_arg = 1, .flag = 0, .val = '2' },
783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	{ .name = "chunk-types", .has_arg = 1, .flag = 0, .val = '3' },
793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	{ .name = 0 }
803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_ports(const char *portstring,
843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		 u_int16_t *ports)
853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *buffer;
873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *cp;
883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	buffer = strdup(portstring);
903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("%s\n", portstring);
913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if ((cp = strchr(buffer, ':')) == NULL) {
923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		ports[0] = ports[1] = parse_port(buffer, "sctp");
933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	else {
953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*cp = '\0';
963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		cp++;
973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		ports[0] = buffer[0] ? parse_port(buffer, "sctp") : 0;
993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		ports[1] = cp[0] ? parse_port(cp, "sctp") : 0xFFFF;
1003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (ports[0] > ports[1])
1023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			exit_error(PARAMETER_PROBLEM,
1033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "invalid portrange (min > max)");
1043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	free(buffer);
1063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
1073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystruct sctp_chunk_names {
1093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const char *name;
1103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	unsigned int chunk_type;
1113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const char *valid_flags;
1123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
1133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/*'ALL' and 'NONE' will be treated specially. */
1153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic struct sctp_chunk_names sctp_chunk_names[]
1163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy= { { .name = "DATA", 		.chunk_type = 0,   .valid_flags = "-----UBE"},
1173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "INIT", 		.chunk_type = 1,   .valid_flags = "--------"},
1183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "INIT_ACK", 	.chunk_type = 2,   .valid_flags = "--------"},
1193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SACK",		.chunk_type = 3,   .valid_flags = "--------"},
1203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "HEARTBEAT",	.chunk_type = 4,   .valid_flags = "--------"},
1213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "HEARTBEAT_ACK",	.chunk_type = 5,   .valid_flags = "--------"},
1223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ABORT",		.chunk_type = 6,   .valid_flags = "-------T"},
1233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SHUTDOWN",	.chunk_type = 7,   .valid_flags = "--------"},
1243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SHUTDOWN_ACK",	.chunk_type = 8,   .valid_flags = "--------"},
1253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ERROR",		.chunk_type = 9,   .valid_flags = "--------"},
1263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "COOKIE_ECHO",	.chunk_type = 10,  .valid_flags = "--------"},
1273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "COOKIE_ACK",	.chunk_type = 11,  .valid_flags = "--------"},
1283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ECN_ECNE",	.chunk_type = 12,  .valid_flags = "--------"},
1293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ECN_CWR",	.chunk_type = 13,  .valid_flags = "--------"},
1303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SHUTDOWN_COMPLETE", .chunk_type = 14,  .valid_flags = "-------T"},
1313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ASCONF",		.chunk_type = 31,  .valid_flags = "--------"},
1323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ASCONF_ACK",	.chunk_type = 30,  .valid_flags = "--------"},
1333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
1343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
1363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardysave_chunk_flag_info(struct xt_sctp_flag_info *flag_info,
1373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int *flag_count,
1383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int chunktype,
1393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int bit,
1403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int set)
1413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
1423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i;
1433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 0; i < *flag_count; i++) {
1453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (flag_info[i].chunktype == chunktype) {
1463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			DEBUGP("Previous match found\n");
1473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			flag_info[i].chunktype = chunktype;
1483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			flag_info[i].flag_mask |= (1 << bit);
1493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (set) {
1503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				flag_info[i].flag |= (1 << bit);
1513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
1523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			return;
1543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
1553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (*flag_count == XT_NUM_SCTP_FLAGS) {
1583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		exit_error (PARAMETER_PROBLEM,
1593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"Number of chunk types with flags exceeds currently allowed limit."
1603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"Increasing this limit involves changing XT_NUM_SCTP_FLAGS and"
1613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"recompiling both the kernel space and user space modules\n");
1623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	flag_info[*flag_count].chunktype = chunktype;
1653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	flag_info[*flag_count].flag_mask |= (1 << bit);
1663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (set) {
1673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		flag_info[*flag_count].flag |= (1 << bit);
1683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	(*flag_count)++;
1703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
1713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
1733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_chunk(struct xt_sctp_info *einfo,
1743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		 const char *chunks)
1753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
1763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *ptr;
1773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *buffer;
1783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	unsigned int i, j;
1793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int found = 0;
1803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *chunk_flags;
1813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	buffer = strdup(chunks);
1833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("Buffer: %s\n", buffer);
1843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	SCTP_CHUNKMAP_RESET(einfo->chunkmap);
1863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (!strcasecmp(buffer, "ALL")) {
1883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		SCTP_CHUNKMAP_SET_ALL(einfo->chunkmap);
1893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
1903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (!strcasecmp(buffer, "NONE")) {
1933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		SCTP_CHUNKMAP_RESET(einfo->chunkmap);
1943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
1953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) {
1983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		found = 0;
1993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		DEBUGP("Next Chunk type %s\n", ptr);
2003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if ((chunk_flags = strchr(ptr, ':')) != NULL) {
2023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			*chunk_flags++ = 0;
2033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
2043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		for (i = 0; i < ELEMCOUNT(sctp_chunk_names); i++) {
2063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (strcasecmp(sctp_chunk_names[i].name, ptr) == 0) {
2073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				DEBUGP("Chunk num %d\n", sctp_chunk_names[i].chunk_type);
2083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				SCTP_CHUNKMAP_SET(einfo->chunkmap,
2093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					sctp_chunk_names[i].chunk_type);
2103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				found = 1;
2113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				break;
2123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
2133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
2143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (!found)
2153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			exit_error(PARAMETER_PROBLEM,
2163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "Unknown sctp chunk `%s'", ptr);
2173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (chunk_flags) {
2193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			DEBUGP("Chunk flags %s\n", chunk_flags);
2203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			for (j = 0; j < strlen(chunk_flags); j++) {
2213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				char *p;
2223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				int bit;
2233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				if ((p = strchr(sctp_chunk_names[i].valid_flags,
2253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						toupper(chunk_flags[j]))) != NULL) {
2263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					bit = p - sctp_chunk_names[i].valid_flags;
2273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					bit = 7 - bit;
2283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					save_chunk_flag_info(einfo->flag_info,
2303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						&(einfo->flag_count), i, bit,
2313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						isupper(chunk_flags[j]));
2323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				} else {
2333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					exit_error(PARAMETER_PROBLEM,
2343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						"Invalid flags for chunk type %d\n", i);
2353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				}
2363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
2373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
2383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
2393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyout:
2403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	free(buffer);
2413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
2423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
2443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_chunks(struct xt_sctp_info *einfo,
2453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		  const char *match_type,
2463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		  const char *chunks)
2473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
2483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("Match type: %s Chunks: %s\n", match_type, chunks);
2493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (!strcasecmp(match_type, "ANY")) {
2503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->chunk_match_type = SCTP_CHUNK_MATCH_ANY;
2513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	} else 	if (!strcasecmp(match_type, "ALL")) {
2523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->chunk_match_type = SCTP_CHUNK_MATCH_ALL;
2533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	} else 	if (!strcasecmp(match_type, "ONLY")) {
2543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->chunk_match_type = SCTP_CHUNK_MATCH_ONLY;
2553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	} else {
2563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		exit_error (PARAMETER_PROBLEM,
2573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"Match type has to be one of \"ALL\", \"ANY\" or \"ONLY\"");
2583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
2593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	SCTP_CHUNKMAP_RESET(einfo->chunkmap);
2613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	parse_sctp_chunk(einfo, chunks);
2623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
2633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic int
2653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse(int c, char **argv, int invert, unsigned int *flags,
2663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy      const struct ip6t_entry *entry,
2673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy      unsigned int *nfcache,
2683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy      struct ip6t_entry_match **match)
2693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
2703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	struct xt_sctp_info *einfo
2713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		= (struct xt_sctp_info *)(*match)->data;
2723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	switch (c) {
2743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	case '1':
2753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (*flags & XT_SCTP_SRC_PORTS)
2763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			exit_error(PARAMETER_PROBLEM,
2773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			           "Only one `--source-port' allowed");
2783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flags |= XT_SCTP_SRC_PORTS;
2793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		check_inverse(optarg, &invert, &optind, 0);
2803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		parse_sctp_ports(argv[optind-1], einfo->spts);
2813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (invert)
2823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags |= XT_SCTP_SRC_PORTS;
2833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*flags |= XT_SCTP_SRC_PORTS;
2843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		break;
2853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	case '2':
2873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (*flags & XT_SCTP_DEST_PORTS)
2883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			exit_error(PARAMETER_PROBLEM,
2893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "Only one `--destination-port' allowed");
2903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flags |= XT_SCTP_DEST_PORTS;
2913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		check_inverse(optarg, &invert, &optind, 0);
2923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		parse_sctp_ports(argv[optind-1], einfo->dpts);
2933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (invert)
2943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags |= XT_SCTP_DEST_PORTS;
2953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*flags |= XT_SCTP_DEST_PORTS;
2963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		break;
2973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	case '3':
2993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (*flags & XT_SCTP_CHUNK_TYPES)
3003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			exit_error(PARAMETER_PROBLEM,
3013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "Only one `--chunk-types' allowed");
3023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		check_inverse(optarg, &invert, &optind, 0);
3033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (!argv[optind]
3053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		    || argv[optind][0] == '-' || argv[optind][0] == '!')
3063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			exit_error(PARAMETER_PROBLEM,
3073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "--chunk-types requires two args");
3083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flags |= XT_SCTP_CHUNK_TYPES;
3103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		parse_sctp_chunks(einfo, argv[optind-1], argv[optind]);
3113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (invert)
3123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags |= XT_SCTP_CHUNK_TYPES;
3133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		optind++;
3143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*flags |= XT_SCTP_CHUNK_TYPES;
3153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		break;
3163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	default:
3183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		return 0;
3193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	return 1;
3213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyfinal_check(unsigned int flags)
3253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic char *
3293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyport_to_service(int port)
3303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	struct servent *service;
3323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if ((service = getservbyport(htons(port), "sctp")))
3343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		return service->s_name;
3353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	return NULL;
3373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint_port(u_int16_t port, int numeric)
3413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *service;
3433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (numeric || (service = port_to_service(port)) == NULL)
3453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("%u", port);
3463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	else
3473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("%s", service);
3483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint_ports(const char *name, u_int16_t min, u_int16_t max,
3523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	    int invert, int numeric)
3533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const char *inv = invert ? "!" : "";
3553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (min != 0 || max != 0xFFFF || invert) {
3573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("%s", name);
3583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (min == max) {
3593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf(":%s", inv);
3603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_port(min, numeric);
3613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		} else {
3623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("s:%s", inv);
3633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_port(min, numeric);
3643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf(":");
3653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_port(max, numeric);
3663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
3673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf(" ");
3683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint_chunk_flags(u_int32_t chunknum, u_int8_t chunk_flags, u_int8_t chunk_flags_mask)
3733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i;
3753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("type: %d\tflags: %x\tflag mask: %x\n", chunknum, chunk_flags,
3773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			chunk_flags_mask);
3783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (chunk_flags_mask) {
3803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf(":");
3813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 7; i >= 0; i--) {
3843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (chunk_flags_mask & (1 << i)) {
3853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (chunk_flags & (1 << i)) {
3863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf("%c", sctp_chunk_names[chunknum].valid_flags[7-i]);
3873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			} else {
3883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf("%c", tolower(sctp_chunk_names[chunknum].valid_flags[7-i]));
3893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
3903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
3913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint_chunk(u_int32_t chunknum, int numeric)
3963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (numeric) {
3983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("0x%04X", chunknum);
3993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	else {
4013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		int i;
4023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		for (i = 0; i < ELEMCOUNT(sctp_chunk_names); i++) {
4043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (sctp_chunk_names[i].chunk_type == chunknum)
4053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf("%s", sctp_chunk_names[chunknum].name);
4063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
4073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
4093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
4113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint_chunks(u_int32_t chunk_match_type,
4123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	     const u_int32_t *chunkmap,
4133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	     const struct xt_sctp_flag_info *flag_info,
4143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	     int flag_count,
4153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	     int numeric)
4163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
4173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i, j;
4183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int flag;
4193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	switch (chunk_match_type) {
4213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		case SCTP_CHUNK_MATCH_ANY:	printf("any "); break;
4223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		case SCTP_CHUNK_MATCH_ALL:	printf("all "); break;
4233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		case SCTP_CHUNK_MATCH_ONLY:	printf("only "); break;
4243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		default:	printf("Never reach herer\n"); break;
4253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (SCTP_CHUNKMAP_IS_CLEAR(chunkmap)) {
4283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("NONE ");
4293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
4303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (SCTP_CHUNKMAP_IS_ALL_SET(chunkmap)) {
4333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("ALL ");
4343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
4353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	flag = 0;
4383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 0; i < 256; i++) {
4393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (SCTP_CHUNKMAP_IS_SET(chunkmap, i)) {
4403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (flag)
4413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf(",");
4423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			flag = 1;
4433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_chunk(i, numeric);
4443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			for (j = 0; j < flag_count; j++) {
4453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				if (flag_info[j].chunktype == i) {
4463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					print_chunk_flags(i, flag_info[j].flag,
4473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						flag_info[j].flag_mask);
4483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				}
4493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
4503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
4513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (flag)
4543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf(" ");
4553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyout:
4563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	return;
4573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
4583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Prints out the matchinfo. */
4603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
4613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyprint(const struct ip6t_ip6 *ip,
4623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy      const struct ip6t_entry_match *match,
4633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy      int numeric)
4643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
4653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const struct xt_sctp_info *einfo =
4663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		(const struct xt_sctp_info *)match->data;
4673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	printf("sctp ");
4693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_SRC_PORTS) {
4713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		print_ports("spt", einfo->spts[0], einfo->spts[1],
4723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags & XT_SCTP_SRC_PORTS,
4733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			numeric);
4743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_DEST_PORTS) {
4773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		print_ports("dpt", einfo->dpts[0], einfo->dpts[1],
4783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags & XT_SCTP_DEST_PORTS,
4793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			numeric);
4803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_CHUNK_TYPES) {
4833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		/* FIXME: print_chunks() is used in save() where the printing of '!'
4843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		s taken care of, so we need to do that here as well */
4853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_CHUNK_TYPES) {
4863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
4873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
4883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		print_chunks(einfo->chunk_match_type, einfo->chunkmap,
4893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->flag_info, einfo->flag_count, numeric);
4903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
4923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Saves the union xt_matchinfo in parsable form to stdout. */
4943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
4953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardysave(const struct ip6t_ip6 *ip,
4963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy     const struct ip6t_entry_match *match)
4973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
4983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const struct xt_sctp_info *einfo =
4993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		(const struct xt_sctp_info *)match->data;
5003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_SRC_PORTS) {
5023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_SRC_PORTS)
5033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
5043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->spts[0] != einfo->spts[1])
5053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--sport %u:%u ",
5063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			       einfo->spts[0], einfo->spts[1]);
5073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		else
5083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--sport %u ", einfo->spts[0]);
5093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
5103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_DEST_PORTS) {
5123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_DEST_PORTS)
5133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
5143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->dpts[0] != einfo->dpts[1])
5153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--dport %u:%u ",
5163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			       einfo->dpts[0], einfo->dpts[1]);
5173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		else
5183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--dport %u ", einfo->dpts[0]);
5193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
5203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_CHUNK_TYPES) {
5223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_CHUNK_TYPES)
5233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
5243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("--chunk-types ");
5253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		print_chunks(einfo->chunk_match_type, einfo->chunkmap,
5273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->flag_info, einfo->flag_count, 0);
5283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
5293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
5303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic
5323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystruct ip6tables_match sctp
5333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy= { .name          = "sctp",
5343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .version       = IPTABLES_VERSION,
5353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .size          = IP6T_ALIGN(sizeof(struct xt_sctp_info)),
5363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .userspacesize = IP6T_ALIGN(sizeof(struct xt_sctp_info)),
5373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .help          = &help,
5383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .init          = &init,
5393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .parse         = &parse,
5403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .final_check   = &final_check,
5413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .print         = &print,
5423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .save          = &save,
5433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    .extra_opts    = opts
5443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
5453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyvoid _init(void)
5473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
5483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	register_match6(&sctp);
5493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
5503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
551