libxt_sctp.c revision 7ac405297ec38449b30e3b05fd6bf2082fd3d803
13810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/* Shared library add-on to iptables for SCTP matching 23810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * 33810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * (C) 2003 by Harald Welte <laforge@gnumonks.org> 43810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * 53810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * This program is distributed under the terms of GNU GPL v2, 1991 63810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * 73810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * libipt_ecn.c borrowed heavily from libipt_dscp.c 83810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy * 93810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy */ 1032b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt#include <stdbool.h> 113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <stdio.h> 123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <string.h> 133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <stdlib.h> 143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <getopt.h> 153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <netdb.h> 163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <ctype.h> 173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 18ecae0c3efc6851d767c759b77d897d113af821a0Thomas Jarosch#include <netinet/in.h> 1919f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI#include <xtables.h> 203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#include <linux/netfilter/xt_sctp.h> 223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#if 0 243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define DEBUGP(format, first...) printf(format, ##first) 253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define static 263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#else 273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#define DEBUGP(format, fist...) 283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy#endif 293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 317ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_chunk(uint32_t chunknum, int numeric); 323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 33181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic void sctp_init(struct xt_entry_match *m) 343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int i; 363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy struct xt_sctp_info *einfo = (struct xt_sctp_info *)m->data; 373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy memset(einfo, 0, sizeof(struct xt_sctp_info)); 393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (i = 0; i < XT_NUM_SCTP_FLAGS; i++) { 413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->flag_info[i].chunktype = -1; 423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 45181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic void sctp_help(void) 463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf( 488b7c64d6ba156a99008fcd810cba874c73294333Jan Engelhardt"sctp match options\n" 49967279231a9ecfa99f26694a954afc535c63db1dJan Engelhardt"[!] --source-port port[:port] match source port(s)\n" 503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --sport ...\n" 51967279231a9ecfa99f26694a954afc535c63db1dJan Engelhardt"[!] --destination-port port[:port] match destination port(s)\n" 523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" --dport ...\n" 53967279231a9ecfa99f26694a954afc535c63db1dJan Engelhardt"[!] --chunk-types (all|any|none) (chunktype[:flags])+ match if all, any or none of\n" 543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy" chunktypes are present\n" 554a498502c10e690798aa78eb92e3aed7ce79f4e0Shan Wei"chunktypes - DATA INIT INIT_ACK SACK HEARTBEAT HEARTBEAT_ACK ABORT SHUTDOWN SHUTDOWN_ACK ERROR COOKIE_ECHO COOKIE_ACK ECN_ECNE ECN_CWR SHUTDOWN_COMPLETE ASCONF ASCONF_ACK FORWARD_TSN ALL NONE\n"); 563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 58181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic const struct option sctp_opts[] = { 5932b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt {.name = "source-port", .has_arg = true, .val = '1'}, 6032b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt {.name = "sport", .has_arg = true, .val = '1'}, 6132b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt {.name = "destination-port", .has_arg = true, .val = '2'}, 6232b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt {.name = "dport", .has_arg = true, .val = '2'}, 6332b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt {.name = "chunk-types", .has_arg = true, .val = '3'}, 6432b8e61e4e5bd405d9ad07bf9468498dfbb19f9eJan Engelhardt XT_GETOPT_TABLEEND, 653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}; 663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_ports(const char *portstring, 697ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardt uint16_t *ports) 703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *buffer; 723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *cp; 733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy buffer = strdup(portstring); 753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("%s\n", portstring); 763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if ((cp = strchr(buffer, ':')) == NULL) { 77aae6be9edc99e58164a3592c510fe5488141c698Jan Engelhardt ports[0] = ports[1] = xtables_parse_port(buffer, "sctp"); 783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy else { 803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *cp = '\0'; 813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy cp++; 823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 83aae6be9edc99e58164a3592c510fe5488141c698Jan Engelhardt ports[0] = buffer[0] ? xtables_parse_port(buffer, "sctp") : 0; 84aae6be9edc99e58164a3592c510fe5488141c698Jan Engelhardt ports[1] = cp[0] ? xtables_parse_port(cp, "sctp") : 0xFFFF; 853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (ports[0] > ports[1]) 871829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "invalid portrange (min > max)"); 893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy free(buffer); 913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystruct sctp_chunk_names { 943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const char *name; 953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy unsigned int chunk_type; 963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const char *valid_flags; 973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}; 983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy/*'ALL' and 'NONE' will be treated specially. */ 1000e2abed11985e16215559cefd90625f99317b96cJan Engelhardtstatic const struct sctp_chunk_names sctp_chunk_names[] 101b9f458f87453a62cea7aeb0441e7a2ac05689f91Shan Wei= { { .name = "DATA", .chunk_type = 0, .valid_flags = "----IUBE"}, 1023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "INIT", .chunk_type = 1, .valid_flags = "--------"}, 1033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "INIT_ACK", .chunk_type = 2, .valid_flags = "--------"}, 1043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "SACK", .chunk_type = 3, .valid_flags = "--------"}, 1053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "HEARTBEAT", .chunk_type = 4, .valid_flags = "--------"}, 1063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "HEARTBEAT_ACK", .chunk_type = 5, .valid_flags = "--------"}, 1073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "ABORT", .chunk_type = 6, .valid_flags = "-------T"}, 1083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "SHUTDOWN", .chunk_type = 7, .valid_flags = "--------"}, 1093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "SHUTDOWN_ACK", .chunk_type = 8, .valid_flags = "--------"}, 1103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "ERROR", .chunk_type = 9, .valid_flags = "--------"}, 1113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "COOKIE_ECHO", .chunk_type = 10, .valid_flags = "--------"}, 1123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "COOKIE_ACK", .chunk_type = 11, .valid_flags = "--------"}, 1133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "ECN_ECNE", .chunk_type = 12, .valid_flags = "--------"}, 1143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "ECN_CWR", .chunk_type = 13, .valid_flags = "--------"}, 1153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy { .name = "SHUTDOWN_COMPLETE", .chunk_type = 14, .valid_flags = "-------T"}, 116ecd7f5ed3bbdb45f7edc8febea6f29cd61bf58dbNaohiro Ooiwa { .name = "ASCONF", .chunk_type = 193, .valid_flags = "--------"}, 117ecd7f5ed3bbdb45f7edc8febea6f29cd61bf58dbNaohiro Ooiwa { .name = "ASCONF_ACK", .chunk_type = 128, .valid_flags = "--------"}, 1184a498502c10e690798aa78eb92e3aed7ce79f4e0Shan Wei { .name = "FORWARD_TSN", .chunk_type = 192, .valid_flags = "--------"}, 1193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}; 1203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 1223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardysave_chunk_flag_info(struct xt_sctp_flag_info *flag_info, 1233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int *flag_count, 1243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int chunktype, 1253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int bit, 1263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int set) 1273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 1283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int i; 1293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (i = 0; i < *flag_count; i++) { 1313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (flag_info[i].chunktype == chunktype) { 1323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("Previous match found\n"); 1333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[i].chunktype = chunktype; 1343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[i].flag_mask |= (1 << bit); 1353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (set) { 1363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[i].flag |= (1 << bit); 1373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy return; 1403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (*flag_count == XT_NUM_SCTP_FLAGS) { 1441829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error (PARAMETER_PROBLEM, 1453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Number of chunk types with flags exceeds currently allowed limit." 14619f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI "Increasing this limit involves changing IPT_NUM_SCTP_FLAGS and" 1473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "recompiling both the kernel space and user space modules\n"); 1483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[*flag_count].chunktype = chunktype; 1513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[*flag_count].flag_mask |= (1 << bit); 1523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (set) { 1533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[*flag_count].flag |= (1 << bit); 1543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy (*flag_count)++; 1563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 1573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 1593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_chunk(struct xt_sctp_info *einfo, 1603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const char *chunks) 1613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 1623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *ptr; 1633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *buffer; 1643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy unsigned int i, j; 1653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int found = 0; 1663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *chunk_flags; 1673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy buffer = strdup(chunks); 1693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("Buffer: %s\n", buffer); 1703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy SCTP_CHUNKMAP_RESET(einfo->chunkmap); 1723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (!strcasecmp(buffer, "ALL")) { 1743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy SCTP_CHUNKMAP_SET_ALL(einfo->chunkmap); 1753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy goto out; 1763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (!strcasecmp(buffer, "NONE")) { 1793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy SCTP_CHUNKMAP_RESET(einfo->chunkmap); 1803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy goto out; 1813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (ptr = strtok(buffer, ","); ptr; ptr = strtok(NULL, ",")) { 1843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy found = 0; 1853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("Next Chunk type %s\n", ptr); 1863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if ((chunk_flags = strchr(ptr, ':')) != NULL) { 1883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *chunk_flags++ = 0; 1893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 1912c69b55e55f2efc5a334b87ccdceaa9de0ecb658Jan Engelhardt for (i = 0; i < ARRAY_SIZE(sctp_chunk_names); ++i) 1923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (strcasecmp(sctp_chunk_names[i].name, ptr) == 0) { 1933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("Chunk num %d\n", sctp_chunk_names[i].chunk_type); 1943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy SCTP_CHUNKMAP_SET(einfo->chunkmap, 1953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy sctp_chunk_names[i].chunk_type); 1963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy found = 1; 1973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy break; 1983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 1993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (!found) 2001829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Unknown sctp chunk `%s'", ptr); 2023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (chunk_flags) { 2043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("Chunk flags %s\n", chunk_flags); 2053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (j = 0; j < strlen(chunk_flags); j++) { 2063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *p; 2073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int bit; 2083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if ((p = strchr(sctp_chunk_names[i].valid_flags, 2103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy toupper(chunk_flags[j]))) != NULL) { 2113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy bit = p - sctp_chunk_names[i].valid_flags; 2123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy bit = 7 - bit; 2133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy save_chunk_flag_info(einfo->flag_info, 2153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy &(einfo->flag_count), i, bit, 2163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy isupper(chunk_flags[j])); 2173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } else { 2181829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Invalid flags for chunk type %d\n", i); 2203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 2213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 2223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 2233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 2243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyout: 2253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy free(buffer); 2263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 2273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 2293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyparse_sctp_chunks(struct xt_sctp_info *einfo, 2303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const char *match_type, 2313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const char *chunks) 2323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 2333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("Match type: %s Chunks: %s\n", match_type, chunks); 2343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (!strcasecmp(match_type, "ANY")) { 2353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->chunk_match_type = SCTP_CHUNK_MATCH_ANY; 2363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } else if (!strcasecmp(match_type, "ALL")) { 2373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->chunk_match_type = SCTP_CHUNK_MATCH_ALL; 2383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } else if (!strcasecmp(match_type, "ONLY")) { 2393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->chunk_match_type = SCTP_CHUNK_MATCH_ONLY; 2403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } else { 2411829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error (PARAMETER_PROBLEM, 2423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Match type has to be one of \"ALL\", \"ANY\" or \"ONLY\""); 2433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 2443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy SCTP_CHUNKMAP_RESET(einfo->chunkmap); 2463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy parse_sctp_chunk(einfo, chunks); 2473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 2483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic int 250181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtsctp_parse(int c, char **argv, int invert, unsigned int *flags, 251181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt const void *entry, struct xt_entry_match **match) 2523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 2533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy struct xt_sctp_info *einfo 2543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy = (struct xt_sctp_info *)(*match)->data; 2553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy switch (c) { 2573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy case '1': 2583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (*flags & XT_SCTP_SRC_PORTS) 2591829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Only one `--source-port' allowed"); 2613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->flags |= XT_SCTP_SRC_PORTS; 262bf97128c7262f17a02fec41cdae75b472ba77f88Jan Engelhardt xtables_check_inverse(optarg, &invert, &optind, 0, argv); 263bbe83862a5e1baf15f7c923352d4afdf59bc70e2Jan Engelhardt parse_sctp_ports(optarg, einfo->spts); 2643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (invert) 2653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->invflags |= XT_SCTP_SRC_PORTS; 2663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *flags |= XT_SCTP_SRC_PORTS; 2673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy break; 2683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy case '2': 2703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (*flags & XT_SCTP_DEST_PORTS) 2711829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Only one `--destination-port' allowed"); 2733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->flags |= XT_SCTP_DEST_PORTS; 274bf97128c7262f17a02fec41cdae75b472ba77f88Jan Engelhardt xtables_check_inverse(optarg, &invert, &optind, 0, argv); 275bbe83862a5e1baf15f7c923352d4afdf59bc70e2Jan Engelhardt parse_sctp_ports(optarg, einfo->dpts); 2763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (invert) 2773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->invflags |= XT_SCTP_DEST_PORTS; 2783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *flags |= XT_SCTP_DEST_PORTS; 2793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy break; 2803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy case '3': 2823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (*flags & XT_SCTP_CHUNK_TYPES) 2831829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "Only one `--chunk-types' allowed"); 285bf97128c7262f17a02fec41cdae75b472ba77f88Jan Engelhardt xtables_check_inverse(optarg, &invert, &optind, 0, argv); 2863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (!argv[optind] 2883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy || argv[optind][0] == '-' || argv[optind][0] == '!') 2891829ed482efbc8b390cc760d012b3a4450494e1aJan Engelhardt xtables_error(PARAMETER_PROBLEM, 2903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy "--chunk-types requires two args"); 2913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 2923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->flags |= XT_SCTP_CHUNK_TYPES; 293bbe83862a5e1baf15f7c923352d4afdf59bc70e2Jan Engelhardt parse_sctp_chunks(einfo, optarg, argv[optind]); 2943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (invert) 2953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->invflags |= XT_SCTP_CHUNK_TYPES; 2963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy optind++; 2973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy *flags |= XT_SCTP_CHUNK_TYPES; 2983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy break; 2993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy default: 3013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy return 0; 3023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3033810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy return 1; 3043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 3053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic char * 3073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyport_to_service(int port) 3083810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 3093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy struct servent *service; 3103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if ((service = getservbyport(htons(port), "sctp"))) 3123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy return service->s_name; 3133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy return NULL; 3153810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 3163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 3187ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_port(uint16_t port, int numeric) 3193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 3203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy char *service; 3213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (numeric || (service = port_to_service(port)) == NULL) 3233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("%u", port); 3243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy else 3253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("%s", service); 3263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 3273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 3297ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_ports(const char *name, uint16_t min, uint16_t max, 3303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int invert, int numeric) 3313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 3323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const char *inv = invert ? "!" : ""; 3333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (min != 0 || max != 0xFFFF || invert) { 3353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("%s", name); 3363810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (min == max) { 3373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf(":%s", inv); 3383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_port(min, numeric); 3393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } else { 3403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("s:%s", inv); 3413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_port(min, numeric); 3423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf(":"); 3433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_port(max, numeric); 3443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf(" "); 3463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 3483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 3507ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_chunk_flags(uint32_t chunknum, uint8_t chunk_flags, uint8_t chunk_flags_mask) 3513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 3523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int i; 3533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy DEBUGP("type: %d\tflags: %x\tflag mask: %x\n", chunknum, chunk_flags, 3553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy chunk_flags_mask); 3563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (chunk_flags_mask) { 3583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf(":"); 3593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3613810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (i = 7; i >= 0; i--) { 3623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (chunk_flags_mask & (1 << i)) { 3633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (chunk_flags & (1 << i)) { 3643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("%c", sctp_chunk_names[chunknum].valid_flags[7-i]); 3653810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } else { 3663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("%c", tolower(sctp_chunk_names[chunknum].valid_flags[7-i])); 3673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 3713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 3737ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardtprint_chunk(uint32_t chunknum, int numeric) 3743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 3753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (numeric) { 3763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("0x%04X", chunknum); 3773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy else { 3793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int i; 3803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3812c69b55e55f2efc5a334b87ccdceaa9de0ecb658Jan Engelhardt for (i = 0; i < ARRAY_SIZE(sctp_chunk_names); ++i) 3823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (sctp_chunk_names[i].chunk_type == chunknum) 3833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("%s", sctp_chunk_names[chunknum].name); 3843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 3853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 3863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 3881f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefanprint_chunks(const struct xt_sctp_info *einfo, int numeric) 3893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 3907ac405297ec38449b30e3b05fd6bf2082fd3d803Jan Engelhardt uint32_t chunk_match_type = einfo->chunk_match_type; 3911f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan const struct xt_sctp_flag_info *flag_info = einfo->flag_info; 3921f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan int flag_count = einfo->flag_count; 3933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int i, j; 3943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy int flag; 3953810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 3963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy switch (chunk_match_type) { 3973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy case SCTP_CHUNK_MATCH_ANY: printf("any "); break; 3983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy case SCTP_CHUNK_MATCH_ALL: printf("all "); break; 3993810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy case SCTP_CHUNK_MATCH_ONLY: printf("only "); break; 4003810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy default: printf("Never reach herer\n"); break; 4013810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4023810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4031f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan if (SCTP_CHUNKMAP_IS_CLEAR(einfo->chunkmap)) { 4043810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("NONE "); 4053810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy goto out; 4063810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4073810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4081f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan if (SCTP_CHUNKMAP_IS_ALL_SET(einfo->chunkmap)) { 4093810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("ALL "); 4103810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy goto out; 4113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag = 0; 4143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (i = 0; i < 256; i++) { 4151f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan if (SCTP_CHUNKMAP_IS_SET(einfo->chunkmap, i)) { 4163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (flag) 4173810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf(","); 4183810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag = 1; 4193810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_chunk(i, numeric); 4203810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy for (j = 0; j < flag_count; j++) { 4213810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (flag_info[j].chunktype == i) { 4223810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_chunk_flags(i, flag_info[j].flag, 4233810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy flag_info[j].flag_mask); 4243810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4253810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4263810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4273810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4283810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4293810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (flag) 4303810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf(" "); 4313810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyout: 4323810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy return; 4333810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 4343810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4353810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardystatic void 436181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtsctp_print(const void *ip, const struct xt_entry_match *match, int numeric) 4373810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 4383810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const struct xt_sctp_info *einfo = 4393810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy (const struct xt_sctp_info *)match->data; 4403810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4413810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("sctp "); 4423810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4433810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->flags & XT_SCTP_SRC_PORTS) { 4443810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_ports("spt", einfo->spts[0], einfo->spts[1], 4453810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->invflags & XT_SCTP_SRC_PORTS, 4463810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy numeric); 4473810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4483810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4493810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->flags & XT_SCTP_DEST_PORTS) { 4503810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy print_ports("dpt", einfo->dpts[0], einfo->dpts[1], 4513810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->invflags & XT_SCTP_DEST_PORTS, 4523810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy numeric); 4533810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4543810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4553810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->flags & XT_SCTP_CHUNK_TYPES) { 4563810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy /* FIXME: print_chunks() is used in save() where the printing of '!' 4573810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy s taken care of, so we need to do that here as well */ 4583810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->invflags & XT_SCTP_CHUNK_TYPES) { 4593810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("! "); 4603810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4611f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan print_chunks(einfo, numeric); 4623810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4633810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 4643810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 465181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic void sctp_save(const void *ip, const struct xt_entry_match *match) 4663810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 4673810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy const struct xt_sctp_info *einfo = 4683810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy (const struct xt_sctp_info *)match->data; 4693810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4703810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->flags & XT_SCTP_SRC_PORTS) { 4713810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->invflags & XT_SCTP_SRC_PORTS) 4723810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("! "); 4733810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->spts[0] != einfo->spts[1]) 4743810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("--sport %u:%u ", 4753810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->spts[0], einfo->spts[1]); 4763810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy else 4773810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("--sport %u ", einfo->spts[0]); 4783810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4793810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4803810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->flags & XT_SCTP_DEST_PORTS) { 4813810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->invflags & XT_SCTP_DEST_PORTS) 4823810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("! "); 4833810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->dpts[0] != einfo->dpts[1]) 4843810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("--dport %u:%u ", 4853810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy einfo->dpts[0], einfo->dpts[1]); 4863810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy else 4873810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("--dport %u ", einfo->dpts[0]); 4883810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4893810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4903810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->flags & XT_SCTP_CHUNK_TYPES) { 4913810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy if (einfo->invflags & XT_SCTP_CHUNK_TYPES) 4923810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("! "); 4933810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy printf("--chunk-types "); 4943810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 4951f25b402553db8dd4448ee502d7ebcf47c9151c9Li Zefan print_chunks(einfo, 0); 4963810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy } 4973810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 4983810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 499181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardtstatic struct xtables_match sctp_match = { 50019f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI .name = "sctp", 501c5e85736c207f211d82d2878a5781f512327dfceJan Engelhardt .family = NFPROTO_UNSPEC, 5028b7c64d6ba156a99008fcd810cba874c73294333Jan Engelhardt .version = XTABLES_VERSION, 50319f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI .size = XT_ALIGN(sizeof(struct xt_sctp_info)), 50419f29509c8a97219c578aeaf8be15cf005d46eb3Yasuyuki KOZAKAI .userspacesize = XT_ALIGN(sizeof(struct xt_sctp_info)), 505181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt .help = sctp_help, 506181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt .init = sctp_init, 507181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt .parse = sctp_parse, 508181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt .print = sctp_print, 509181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt .save = sctp_save, 510181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt .extra_opts = sctp_opts, 5113810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy}; 5123810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy 5133810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardyvoid _init(void) 5143810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy{ 515181dead3f13befe02769ef479bcbb51801b7fc4eJan Engelhardt xtables_register_match(&sctp_match); 5163810013331414e53a0bde3a791b2ce3648c892d0Patrick McHardy} 517