libxt_sctp.c revision 7ac405297ec38449b30e3b05fd6bf2082fd3d803 
13810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Shared library add-on to iptables for SCTP matching
23810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
33810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * (C) 2003 by Harald Welte <laforge@gnumonks.org>
43810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
53810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * This program is distributed under the terms of GNU GPL v2, 1991
63810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
73810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * libipt_ecn.c borrowed heavily from libipt_dscp.c
83810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *
93810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy */
1032b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt#include <stdbool.h>
113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <stdio.h>
123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <string.h>
133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <stdlib.h>
143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <getopt.h>
153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <netdb.h>
163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <ctype.h>
173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
18ecae0c3efc6851d767c759b77d897d113af821a0Thomas Jarosch#include <netinet/in.h>
1919f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI#include <xtables.h>
203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <linux/netfilter/xt_sctp.h>
223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#if 0
243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define DEBUGP(format, first...) printf(format, ##first)
253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define static
263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#else
273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define DEBUGP(format, fist...)
283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#endif
293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
317ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_chunk(uint32_t chunknum, int numeric);
323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
33181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic void sctp_init(struct xt_entry_match *m)
343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i;
363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	struct xt_sctp_info *einfo = (struct xt_sctp_info *)m->data;
373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	memset(einfo, 0, sizeof(struct xt_sctp_info));
393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 0; i < XT_NUM_SCTP_FLAGS; i++) {
413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flag_info[i].chunktype = -1;
423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
45181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic void sctp_help(void)
463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	printf(
488b7c64d6ba156a99008fcd810cba874c73294333Jan Engelhardt"sctp match options\n"
49967279231a9ecfa99f26694a954afc535c63db1dJan Engelhardt"[!] --source-port port[:port]                          match source port(s)\n"
503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --sport ...\n"
51967279231a9ecfa99f26694a954afc535c63db1dJan Engelhardt"[!] --destination-port port[:port]                     match destination port(s)\n"
523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --dport ...\n"
53967279231a9ecfa99f26694a954afc535c63db1dJan Engelhardt"[!] --chunk-types (all|any|none) (chunktype[:flags])+	match if all, any or none of\n"
543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy"						        chunktypes are present\n"
554a498502c10e690798aa78eb92e3aed7ce79f4e0Shan Wei"chunktypes - DATA INIT INIT_ACK SACK HEARTBEAT HEARTBEAT_ACK ABORT SHUTDOWN SHUTDOWN_ACK ERROR COOKIE_ECHO COOKIE_ACK ECN_ECNE ECN_CWR SHUTDOWN_COMPLETE ASCONF ASCONF_ACK FORWARD_TSN ALL NONE\n");
563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
58181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic const struct option sctp_opts[] = {
5932b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt	{.name = "source-port",      .has_arg = true, .val = '1'},
6032b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt	{.name = "sport",            .has_arg = true, .val = '1'},
6132b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt	{.name = "destination-port", .has_arg = true, .val = '2'},
6232b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt	{.name = "dport",            .has_arg = true, .val = '2'},
6332b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt	{.name = "chunk-types",      .has_arg = true, .val = '3'},
6432b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt	XT_GETOPT_TABLEEND,
653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_ports(const char *portstring,
697ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardt		 uint16_t *ports)
703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *buffer;
723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *cp;
733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	buffer = strdup(portstring);
753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("%s\n", portstring);
763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if ((cp = strchr(buffer, ':')) == NULL) {
77aae6be9edc99e58164a3592c510fe5488141c698Jan Engelhardt		ports[0] = ports[1] = xtables_parse_port(buffer, "sctp");
783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	else {
803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*cp = '\0';
813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		cp++;
823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
83aae6be9edc99e58164a3592c510fe5488141c698Jan Engelhardt		ports[0] = buffer[0] ? xtables_parse_port(buffer, "sctp") : 0;
84aae6be9edc99e58164a3592c510fe5488141c698Jan Engelhardt		ports[1] = cp[0] ? xtables_parse_port(cp, "sctp") : 0xFFFF;
853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (ports[0] > ports[1])
871829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt			xtables_error(PARAMETER_PROBLEM,
883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "invalid portrange (min > max)");
893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	free(buffer);
913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystruct sctp_chunk_names {
943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const char *name;
953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	unsigned int chunk_type;
963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const char *valid_flags;
973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/*'ALL' and 'NONE' will be treated specially. */
1000e2abed11985e16215559cefd90625f99317b96cJan Engelhardtstatic const struct sctp_chunk_names sctp_chunk_names[]
101b9f458f87453a62cea7aeb0441e7a2ac05689f91Shan Wei= { { .name = "DATA", 		.chunk_type = 0,   .valid_flags = "----IUBE"},
1023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "INIT", 		.chunk_type = 1,   .valid_flags = "--------"},
1033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "INIT_ACK", 	.chunk_type = 2,   .valid_flags = "--------"},
1043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SACK",		.chunk_type = 3,   .valid_flags = "--------"},
1053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "HEARTBEAT",	.chunk_type = 4,   .valid_flags = "--------"},
1063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "HEARTBEAT_ACK",	.chunk_type = 5,   .valid_flags = "--------"},
1073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ABORT",		.chunk_type = 6,   .valid_flags = "-------T"},
1083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SHUTDOWN",	.chunk_type = 7,   .valid_flags = "--------"},
1093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SHUTDOWN_ACK",	.chunk_type = 8,   .valid_flags = "--------"},
1103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ERROR",		.chunk_type = 9,   .valid_flags = "--------"},
1113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "COOKIE_ECHO",	.chunk_type = 10,  .valid_flags = "--------"},
1123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "COOKIE_ACK",	.chunk_type = 11,  .valid_flags = "--------"},
1133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ECN_ECNE",	.chunk_type = 12,  .valid_flags = "--------"},
1143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "ECN_CWR",	.chunk_type = 13,  .valid_flags = "--------"},
1153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy    { .name = "SHUTDOWN_COMPLETE", .chunk_type = 14,  .valid_flags = "-------T"},
116ecd7f5ed3bbdb45f7edc8febea6f29cd61bf58dbNaohiro Ooiwa    { .name = "ASCONF",		.chunk_type = 193,  .valid_flags = "--------"},
117ecd7f5ed3bbdb45f7edc8febea6f29cd61bf58dbNaohiro Ooiwa    { .name = "ASCONF_ACK",	.chunk_type = 128,  .valid_flags = "--------"},
1184a498502c10e690798aa78eb92e3aed7ce79f4e0Shan Wei    { .name = "FORWARD_TSN",	.chunk_type = 192,  .valid_flags = "--------"},
1193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
1203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
1223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardysave_chunk_flag_info(struct xt_sctp_flag_info *flag_info,
1233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int *flag_count,
1243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int chunktype,
1253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int bit,
1263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		     int set)
1273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
1283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i;
1293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 0; i < *flag_count; i++) {
1313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (flag_info[i].chunktype == chunktype) {
1323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			DEBUGP("Previous match found\n");
1333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			flag_info[i].chunktype = chunktype;
1343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			flag_info[i].flag_mask |= (1 << bit);
1353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (set) {
1363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				flag_info[i].flag |= (1 << bit);
1373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
1383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			return;
1403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
1413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (*flag_count == XT_NUM_SCTP_FLAGS) {
1441829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt		xtables_error (PARAMETER_PROBLEM,
1453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"Number of chunk types with flags exceeds currently allowed limit."
14619f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI			"Increasing this limit involves changing IPT_NUM_SCTP_FLAGS and"
1473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"recompiling both the kernel space and user space modules\n");
1483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	flag_info[*flag_count].chunktype = chunktype;
1513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	flag_info[*flag_count].flag_mask |= (1 << bit);
1523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (set) {
1533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		flag_info[*flag_count].flag |= (1 << bit);
1543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	(*flag_count)++;
1563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
1573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
1593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_chunk(struct xt_sctp_info *einfo,
1603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		 const char *chunks)
1613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
1623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *ptr;
1633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *buffer;
1643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	unsigned int i, j;
1653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int found = 0;
1663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *chunk_flags;
1673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	buffer = strdup(chunks);
1693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("Buffer: %s\n", buffer);
1703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	SCTP_CHUNKMAP_RESET(einfo->chunkmap);
1723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (!strcasecmp(buffer, "ALL")) {
1743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		SCTP_CHUNKMAP_SET_ALL(einfo->chunkmap);
1753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
1763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (!strcasecmp(buffer, "NONE")) {
1793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		SCTP_CHUNKMAP_RESET(einfo->chunkmap);
1803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
1813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
1823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) {
1843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		found = 0;
1853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		DEBUGP("Next Chunk type %s\n", ptr);
1863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if ((chunk_flags = strchr(ptr, ':')) != NULL) {
1883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			*chunk_flags++ = 0;
1893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
1903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
1912c69b55e55f2efc5a334b87ccdceaa9de0ecb658Jan Engelhardt		for (i = 0; i < ARRAY_SIZE(sctp_chunk_names); ++i)
1923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (strcasecmp(sctp_chunk_names[i].name, ptr) == 0) {
1933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				DEBUGP("Chunk num %d\n", sctp_chunk_names[i].chunk_type);
1943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				SCTP_CHUNKMAP_SET(einfo->chunkmap,
1953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					sctp_chunk_names[i].chunk_type);
1963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				found = 1;
1973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				break;
1983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
1993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (!found)
2001829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt			xtables_error(PARAMETER_PROBLEM,
2013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "Unknown sctp chunk `%s'", ptr);
2023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (chunk_flags) {
2043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			DEBUGP("Chunk flags %s\n", chunk_flags);
2053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			for (j = 0; j < strlen(chunk_flags); j++) {
2063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				char *p;
2073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				int bit;
2083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				if ((p = strchr(sctp_chunk_names[i].valid_flags,
2103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						toupper(chunk_flags[j]))) != NULL) {
2113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					bit = p - sctp_chunk_names[i].valid_flags;
2123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					bit = 7 - bit;
2133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					save_chunk_flag_info(einfo->flag_info,
2153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						&(einfo->flag_count), i, bit,
2163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						isupper(chunk_flags[j]));
2173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				} else {
2181829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt					xtables_error(PARAMETER_PROBLEM,
2193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						"Invalid flags for chunk type %d\n", i);
2203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				}
2213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
2223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
2233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
2243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyout:
2253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	free(buffer);
2263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
2273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
2293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_chunks(struct xt_sctp_info *einfo,
2303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		  const char *match_type,
2313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		  const char *chunks)
2323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
2333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("Match type: %s Chunks: %s\n", match_type, chunks);
2343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (!strcasecmp(match_type, "ANY")) {
2353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->chunk_match_type = SCTP_CHUNK_MATCH_ANY;
2363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	} else 	if (!strcasecmp(match_type, "ALL")) {
2373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->chunk_match_type = SCTP_CHUNK_MATCH_ALL;
2383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	} else 	if (!strcasecmp(match_type, "ONLY")) {
2393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->chunk_match_type = SCTP_CHUNK_MATCH_ONLY;
2403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	} else {
2411829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt		xtables_error (PARAMETER_PROBLEM,
2423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			"Match type has to be one of \"ALL\", \"ANY\" or \"ONLY\"");
2433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
2443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	SCTP_CHUNKMAP_RESET(einfo->chunkmap);
2463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	parse_sctp_chunk(einfo, chunks);
2473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
2483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic int
250181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtsctp_parse(int c, char **argv, int invert, unsigned int *flags,
251181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt           const void *entry, struct xt_entry_match **match)
2523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
2533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	struct xt_sctp_info *einfo
2543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		= (struct xt_sctp_info *)(*match)->data;
2553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	switch (c) {
2573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	case '1':
2583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (*flags & XT_SCTP_SRC_PORTS)
2591829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt			xtables_error(PARAMETER_PROBLEM,
2603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			           "Only one `--source-port' allowed");
2613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flags |= XT_SCTP_SRC_PORTS;
262bf97128c7262f17a02fec41cdae75b472ba77f88Jan Engelhardt		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
263bbe83862a5e1baf15f7c923352d4afdf59bc70e2Jan Engelhardt		parse_sctp_ports(optarg, einfo->spts);
2643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (invert)
2653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags |= XT_SCTP_SRC_PORTS;
2663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*flags |= XT_SCTP_SRC_PORTS;
2673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		break;
2683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	case '2':
2703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (*flags & XT_SCTP_DEST_PORTS)
2711829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt			xtables_error(PARAMETER_PROBLEM,
2723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "Only one `--destination-port' allowed");
2733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flags |= XT_SCTP_DEST_PORTS;
274bf97128c7262f17a02fec41cdae75b472ba77f88Jan Engelhardt		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
275bbe83862a5e1baf15f7c923352d4afdf59bc70e2Jan Engelhardt		parse_sctp_ports(optarg, einfo->dpts);
2763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (invert)
2773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags |= XT_SCTP_DEST_PORTS;
2783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*flags |= XT_SCTP_DEST_PORTS;
2793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		break;
2803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	case '3':
2823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (*flags & XT_SCTP_CHUNK_TYPES)
2831829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt			xtables_error(PARAMETER_PROBLEM,
2843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "Only one `--chunk-types' allowed");
285bf97128c7262f17a02fec41cdae75b472ba77f88Jan Engelhardt		xtables_check_inverse(optarg, &invert, &optind, 0, argv);
2863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (!argv[optind]
2883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		    || argv[optind][0] == '-' || argv[optind][0] == '!')
2891829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt			xtables_error(PARAMETER_PROBLEM,
2903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				   "--chunk-types requires two args");
2913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
2923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		einfo->flags |= XT_SCTP_CHUNK_TYPES;
293bbe83862a5e1baf15f7c923352d4afdf59bc70e2Jan Engelhardt		parse_sctp_chunks(einfo, optarg, argv[optind]);
2943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (invert)
2953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags |= XT_SCTP_CHUNK_TYPES;
2963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		optind++;
2973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		*flags |= XT_SCTP_CHUNK_TYPES;
2983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		break;
2993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	default:
3013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		return 0;
3023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	return 1;
3043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic char *
3073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyport_to_service(int port)
3083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	struct servent *service;
3103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if ((service = getservbyport(htons(port), "sctp")))
3123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		return service->s_name;
3133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	return NULL;
3153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3187ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_port(uint16_t port, int numeric)
3193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	char *service;
3213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (numeric || (service = port_to_service(port)) == NULL)
3233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("%u", port);
3243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	else
3253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("%s", service);
3263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3297ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_ports(const char *name, uint16_t min, uint16_t max,
3303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	    int invert, int numeric)
3313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const char *inv = invert ? "!" : "";
3333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (min != 0 || max != 0xFFFF || invert) {
3353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("%s", name);
3363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (min == max) {
3373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf(":%s", inv);
3383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_port(min, numeric);
3393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		} else {
3403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("s:%s", inv);
3413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_port(min, numeric);
3423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf(":");
3433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_port(max, numeric);
3443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
3453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf(" ");
3463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3507ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_chunk_flags(uint32_t chunknum, uint8_t chunk_flags, uint8_t chunk_flags_mask)
3513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i;
3533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	DEBUGP("type: %d\tflags: %x\tflag mask: %x\n", chunknum, chunk_flags,
3553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			chunk_flags_mask);
3563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (chunk_flags_mask) {
3583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf(":");
3593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 7; i >= 0; i--) {
3623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (chunk_flags_mask & (1 << i)) {
3633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (chunk_flags & (1 << i)) {
3643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf("%c", sctp_chunk_names[chunknum].valid_flags[7-i]);
3653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			} else {
3663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf("%c", tolower(sctp_chunk_names[chunknum].valid_flags[7-i]));
3673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
3683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
3693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3737ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_chunk(uint32_t chunknum, int numeric)
3743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (numeric) {
3763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("0x%04X", chunknum);
3773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	else {
3793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		int i;
3803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3812c69b55e55f2efc5a334b87ccdceaa9de0ecb658Jan Engelhardt		for (i = 0; i < ARRAY_SIZE(sctp_chunk_names); ++i)
3823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (sctp_chunk_names[i].chunk_type == chunknum)
3833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf("%s", sctp_chunk_names[chunknum].name);
3843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
3853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
3863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
3881f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefanprint_chunks(const struct xt_sctp_info *einfo, int numeric)
3893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
3907ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardt	uint32_t chunk_match_type = einfo->chunk_match_type;
3911f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan	const struct xt_sctp_flag_info *flag_info = einfo->flag_info;
3921f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan	int flag_count = einfo->flag_count;
3933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int i, j;
3943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	int flag;
3953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
3963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	switch (chunk_match_type) {
3973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		case SCTP_CHUNK_MATCH_ANY:	printf("any "); break;
3983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		case SCTP_CHUNK_MATCH_ALL:	printf("all "); break;
3993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		case SCTP_CHUNK_MATCH_ONLY:	printf("only "); break;
4003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		default:	printf("Never reach herer\n"); break;
4013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4031f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan	if (SCTP_CHUNKMAP_IS_CLEAR(einfo->chunkmap)) {
4043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("NONE ");
4053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
4063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4081f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan	if (SCTP_CHUNKMAP_IS_ALL_SET(einfo->chunkmap)) {
4093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("ALL ");
4103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		goto out;
4113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	flag = 0;
4143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	for (i = 0; i < 256; i++) {
4151f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan		if (SCTP_CHUNKMAP_IS_SET(einfo->chunkmap, i)) {
4163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			if (flag)
4173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				printf(",");
4183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			flag = 1;
4193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			print_chunk(i, numeric);
4203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			for (j = 0; j < flag_count; j++) {
4213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				if (flag_info[j].chunktype == i) {
4223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy					print_chunk_flags(i, flag_info[j].flag,
4233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy						flag_info[j].flag_mask);
4243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy				}
4253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			}
4263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
4273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (flag)
4303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf(" ");
4313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyout:
4323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	return;
4333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
4343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void
436181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtsctp_print(const void *ip, const struct xt_entry_match *match, int numeric)
4373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
4383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const struct xt_sctp_info *einfo =
4393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		(const struct xt_sctp_info *)match->data;
4403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	printf("sctp ");
4423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_SRC_PORTS) {
4443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		print_ports("spt", einfo->spts[0], einfo->spts[1],
4453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags & XT_SCTP_SRC_PORTS,
4463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			numeric);
4473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_DEST_PORTS) {
4503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		print_ports("dpt", einfo->dpts[0], einfo->dpts[1],
4513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			einfo->invflags & XT_SCTP_DEST_PORTS,
4523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			numeric);
4533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_CHUNK_TYPES) {
4563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		/* FIXME: print_chunks() is used in save() where the printing of '!'
4573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		s taken care of, so we need to do that here as well */
4583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_CHUNK_TYPES) {
4593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
4603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		}
4611f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan		print_chunks(einfo, numeric);
4623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
4643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
465181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic void sctp_save(const void *ip, const struct xt_entry_match *match)
4663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
4673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	const struct xt_sctp_info *einfo =
4683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		(const struct xt_sctp_info *)match->data;
4693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_SRC_PORTS) {
4713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_SRC_PORTS)
4723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
4733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->spts[0] != einfo->spts[1])
4743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--sport %u:%u ",
4753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			       einfo->spts[0], einfo->spts[1]);
4763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		else
4773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--sport %u ", einfo->spts[0]);
4783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_DEST_PORTS) {
4813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_DEST_PORTS)
4823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
4833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->dpts[0] != einfo->dpts[1])
4843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--dport %u:%u ",
4853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			       einfo->dpts[0], einfo->dpts[1]);
4863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		else
4873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("--dport %u ", einfo->dpts[0]);
4883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	if (einfo->flags & XT_SCTP_CHUNK_TYPES) {
4913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		if (einfo->invflags & XT_SCTP_CHUNK_TYPES)
4923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy			printf("! ");
4933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy		printf("--chunk-types ");
4943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
4951f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan		print_chunks(einfo, 0);
4963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy	}
4973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
4983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
499181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic struct xtables_match sctp_match = {
50019f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI	.name		= "sctp",
501c5e85736c207f211d82d2878a5781f512327dfceJan Engelhardt	.family		= NFPROTO_UNSPEC,
5028b7c64d6ba156a99008fcd810cba874c73294333Jan Engelhardt	.version	= XTABLES_VERSION,
50319f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI	.size		= XT_ALIGN(sizeof(struct xt_sctp_info)),
50419f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI	.userspacesize	= XT_ALIGN(sizeof(struct xt_sctp_info)),
505181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	.help		= sctp_help,
506181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	.init		= sctp_init,
507181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	.parse		= sctp_parse,
508181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	.print		= sctp_print,
509181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	.save		= sctp_save,
510181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	.extra_opts	= sctp_opts,
5113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy};
5123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy
5133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyvoid _init(void)
5143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{
515181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt	xtables_register_match(&sctp_match);
5163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}
517