mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-16 09:34:56 +02:00
pknock: remove trailing whitespace
This commit is contained in:
Jan Engelhardt
@@ -71,7 +71,7 @@ parse_ports(const char *portstring, uint16_t *ports, const char *proto)
|
|||||||
*next++ = '\0';
|
*next++ = '\0';
|
||||||
ports[i] = xtables_parse_port(cp, proto);
|
ports[i] = xtables_parse_port(cp, proto);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (cp != NULL)
|
if (cp != NULL)
|
||||||
xtables_error(PARAMETER_PROBLEM, "too many ports specified");
|
xtables_error(PARAMETER_PROBLEM, "too many ports specified");
|
||||||
|
|
||||||
@@ -109,7 +109,7 @@ check_proto(uint16_t pnum, uint8_t invflags)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Function which parses command options; returns true if it ate an option */
|
/* Function which parses command options; returns true if it ate an option */
|
||||||
static int
|
static int
|
||||||
__pknock_parse(int c, char **argv, int invert, unsigned int *flags,
|
__pknock_parse(int c, char **argv, int invert, unsigned int *flags,
|
||||||
struct xt_entry_match **match, uint16_t pnum,
|
struct xt_entry_match **match, uint16_t pnum,
|
||||||
uint16_t invflags)
|
uint16_t invflags)
|
||||||
@@ -230,7 +230,7 @@ static int pknock_parse(int c, char **argv, int invert, unsigned int *flags,
|
|||||||
const void *e, struct xt_entry_match **match)
|
const void *e, struct xt_entry_match **match)
|
||||||
{
|
{
|
||||||
const struct ipt_entry *entry = e;
|
const struct ipt_entry *entry = e;
|
||||||
return __pknock_parse(c, argv, invert, flags, match,
|
return __pknock_parse(c, argv, invert, flags, match,
|
||||||
entry->ip.proto, entry->ip.invflags);
|
entry->ip.proto, entry->ip.invflags);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -274,7 +274,7 @@ static void pknock_check(unsigned int flags)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Prints out the matchinfo. */
|
/* Prints out the matchinfo. */
|
||||||
static void pknock_print(const void *ip,
|
static void pknock_print(const void *ip,
|
||||||
const struct xt_entry_match *match, int numeric)
|
const struct xt_entry_match *match, int numeric)
|
||||||
{
|
{
|
||||||
const struct xt_pknock_mtinfo *info = (void *)match->data;
|
const struct xt_pknock_mtinfo *info = (void *)match->data;
|
||||||
@@ -338,7 +338,7 @@ static struct xtables_match pknock_match = {
|
|||||||
.extra_opts = pknock_opts
|
.extra_opts = pknock_opts
|
||||||
};
|
};
|
||||||
|
|
||||||
void _init(void)
|
void _init(void)
|
||||||
{
|
{
|
||||||
xtables_register_match(&pknock_match);
|
xtables_register_match(&pknock_match);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -171,7 +171,7 @@ alloc_hashtable(unsigned int size)
|
|||||||
|
|
||||||
hash = kmalloc(sizeof(*hash) * size, GFP_ATOMIC);
|
hash = kmalloc(sizeof(*hash) * size, GFP_ATOMIC);
|
||||||
if (hash == NULL) {
|
if (hash == NULL) {
|
||||||
printk(KERN_ERR PKNOCK
|
printk(KERN_ERR PKNOCK
|
||||||
"kmalloc() error in alloc_hashtable() function.\n");
|
"kmalloc() error in alloc_hashtable() function.\n");
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
@@ -366,7 +366,7 @@ peer_gc(unsigned long r)
|
|||||||
hashtable_for_each_safe(pos, n, rule->peer_head, peer_hashsize, i) {
|
hashtable_for_each_safe(pos, n, rule->peer_head, peer_hashsize, i) {
|
||||||
peer = list_entry(pos, struct peer, head);
|
peer = list_entry(pos, struct peer, head);
|
||||||
|
|
||||||
if (!has_logged_during_this_minute(peer) &&
|
if (!has_logged_during_this_minute(peer) &&
|
||||||
is_time_exceeded(peer, rule->max_time))
|
is_time_exceeded(peer, rule->max_time))
|
||||||
{
|
{
|
||||||
pk_debug("DESTROYED", peer);
|
pk_debug("DESTROYED", peer);
|
||||||
@@ -976,7 +976,7 @@ static bool pknock_mt(const struct sk_buff *skb,
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
default:
|
default:
|
||||||
printk(KERN_INFO PKNOCK
|
printk(KERN_INFO PKNOCK
|
||||||
"IP payload protocol is neither tcp nor udp.\n");
|
"IP payload protocol is neither tcp nor udp.\n");
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
@@ -986,7 +986,7 @@ static bool pknock_mt(const struct sk_buff *skb,
|
|||||||
/* Searches a rule from the list depending on info structure options. */
|
/* Searches a rule from the list depending on info structure options. */
|
||||||
rule = search_rule(info);
|
rule = search_rule(info);
|
||||||
if (rule == NULL) {
|
if (rule == NULL) {
|
||||||
printk(KERN_INFO PKNOCK "The rule %s doesn't exist.\n",
|
printk(KERN_INFO PKNOCK "The rule %s doesn't exist.\n",
|
||||||
info->rule_name);
|
info->rule_name);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
@@ -998,17 +998,17 @@ static bool pknock_mt(const struct sk_buff *skb,
|
|||||||
ret = is_allowed(peer);
|
ret = is_allowed(peer);
|
||||||
goto out;
|
goto out;
|
||||||
}
|
}
|
||||||
|
|
||||||
if (iph->protocol == IPPROTO_UDP) {
|
if (iph->protocol == IPPROTO_UDP) {
|
||||||
hdr.payload = (void *)iph + hdr_len;
|
hdr.payload = (void *)iph + hdr_len;
|
||||||
hdr.payload_len = skb->len - hdr_len;
|
hdr.payload_len = skb->len - hdr_len;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Sets, updates, removes or checks the peer matching status. */
|
/* Sets, updates, removes or checks the peer matching status. */
|
||||||
if (info->option & XT_PKNOCK_KNOCKPORT) {
|
if (info->option & XT_PKNOCK_KNOCKPORT) {
|
||||||
if ((ret = is_allowed(peer))) {
|
if ((ret = is_allowed(peer))) {
|
||||||
#ifdef PK_CRYPTO
|
#ifdef PK_CRYPTO
|
||||||
if (info->option & XT_PKNOCK_CLOSESECRET &&
|
if (info->option & XT_PKNOCK_CLOSESECRET &&
|
||||||
iph->protocol == IPPROTO_UDP)
|
iph->protocol == IPPROTO_UDP)
|
||||||
{
|
{
|
||||||
if (is_close_knock(peer, info, hdr.payload, hdr.payload_len))
|
if (is_close_knock(peer, info, hdr.payload, hdr.payload_len))
|
||||||
@@ -1069,10 +1069,10 @@ static bool pknock_mt_check(const struct xt_mtchk_param *par)
|
|||||||
RETURN_ERR("Can't specify --knockports with --checkip.\n");
|
RETURN_ERR("Can't specify --knockports with --checkip.\n");
|
||||||
#ifdef PK_CRYPTO
|
#ifdef PK_CRYPTO
|
||||||
if ((info->option & XT_PKNOCK_OPENSECRET) &&
|
if ((info->option & XT_PKNOCK_OPENSECRET) &&
|
||||||
!(info->option & XT_PKNOCK_CLOSESECRET))
|
!(info->option & XT_PKNOCK_CLOSESECRET))
|
||||||
RETURN_ERR("--opensecret must go with --closesecret.\n");
|
RETURN_ERR("--opensecret must go with --closesecret.\n");
|
||||||
if ((info->option & XT_PKNOCK_CLOSESECRET) &&
|
if ((info->option & XT_PKNOCK_CLOSESECRET) &&
|
||||||
!(info->option & XT_PKNOCK_OPENSECRET))
|
!(info->option & XT_PKNOCK_OPENSECRET))
|
||||||
RETURN_ERR("--closesecret must go with --opensecret.\n");
|
RETURN_ERR("--closesecret must go with --opensecret.\n");
|
||||||
#endif
|
#endif
|
||||||
}
|
}
|
||||||
@@ -1135,7 +1135,7 @@ static int __init xt_pknock_mt_init(void)
|
|||||||
crypto.tfm = crypto_alloc_hash(crypto.algo, 0, CRYPTO_ALG_ASYNC);
|
crypto.tfm = crypto_alloc_hash(crypto.algo, 0, CRYPTO_ALG_ASYNC);
|
||||||
|
|
||||||
if (crypto.tfm == NULL) {
|
if (crypto.tfm == NULL) {
|
||||||
printk(KERN_ERR PKNOCK "failed to load transform for %s\n",
|
printk(KERN_ERR PKNOCK "failed to load transform for %s\n",
|
||||||
crypto.algo);
|
crypto.algo);
|
||||||
return -ENXIO;
|
return -ENXIO;
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user