diff --git a/INSTALL b/INSTALL index 608bce2..483d526 100644 --- a/INSTALL +++ b/INSTALL @@ -12,8 +12,7 @@ in combination with the kernel's Kbuild system. Supported configurations for this release ========================================= - * iptables >= 1.4.1 - upper bound: iptables <= 1.4.3-rc1 + * iptables >= 1.4.3 * kernel-source >= 2.6.17, no upper bound known with prepared build/output directory diff --git a/Makefile.am b/Makefile.am index d76c2f1..f03174a 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1,7 +1,6 @@ # -*- Makefile -*- ACLOCAL_AMFLAGS = -I m4 -AUTOMAKE_OPTIONS = foreign subdir-objects SUBDIRS = extensions man_MANS := xtables-addons.8 diff --git a/configure.ac b/configure.ac index cc27f1a..33af515 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_INIT([xtables-addons], [1.12]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_MACRO_DIR([m4]) AC_PROG_INSTALL -AM_INIT_AUTOMAKE([-Wall]) +AM_INIT_AUTOMAKE([-Wall foreign subdir-objects]) AC_PROG_CC AM_PROG_CC_C_O AC_DISABLE_STATIC @@ -28,8 +28,11 @@ AC_ARG_WITH([xtlibdir], [xtlibdir="$withval"], [xtlibdir='${libexecdir}/xtables']) -AC_MSG_CHECKING([xtables.h presence]) +# +# --with-xtables= overrides a possibly installed pkgconfig file. +# if [[ -n "$xtables_location" ]]; then + AC_MSG_CHECKING([xtables.h presence]) if [[ -f "$xtables_location/xtables.h" ]]; then AC_MSG_RESULT([$xtables_location/xtables.h]) xtables_CFLAGS="-I $xtables_location"; @@ -37,13 +40,15 @@ if [[ -n "$xtables_location" ]]; then AC_MSG_RESULT([$xtables_location/include/xtables.h]) xtables_CFLAGS="-I $xtables_location/include"; fi; -fi; -if [[ -z "$xtables_CFLAGS" ]]; then - if [[ -f "$includedir/xtables.h" ]]; then - AC_MSG_RESULT([$includedir/xtables.h]) - else - AC_MSG_RESULT([no]) + if [[ -z "$xtables_CFLAGS" ]]; then + if [[ -f "$includedir/xtables.h" ]]; then + AC_MSG_RESULT([$includedir/xtables.h]) + else + AC_MSG_RESULT([no]) + fi; fi; +else + PKG_CHECK_MODULES([libxtables], [xtables >= 1.4.3]) fi; regular_CFLAGS="-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64 \ diff --git a/doc/changelog.txt b/doc/changelog.txt index 1575fbc..558612d 100644 --- a/doc/changelog.txt +++ b/doc/changelog.txt @@ -1,6 +1,7 @@ - added a reworked ipv4options match +- upgrade to iptables 1.4.3 API Xtables-addons 1.12 (March 07 2009) diff --git a/extensions/libxt_CHAOS.c b/extensions/libxt_CHAOS.c index 1fdcbf3..9c88961 100644 --- a/extensions/libxt_CHAOS.c +++ b/extensions/libxt_CHAOS.c @@ -58,7 +58,7 @@ static void chaos_tg_check(unsigned int flags) { if (flags == (F_DELUDE | F_TARPIT)) /* If flags == 0x03, both were specified, which should not be. */ - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "CHAOS: only one of --tarpit or --delude " "may be specified"); } diff --git a/extensions/libxt_DHCPADDR.c b/extensions/libxt_DHCPADDR.c index 28cbb40..c4dd62b 100644 --- a/extensions/libxt_DHCPADDR.c +++ b/extensions/libxt_DHCPADDR.c @@ -42,10 +42,10 @@ static int dhcpaddr_tg_parse(int c, char **argv, int invert, switch (c) { case 'M': - param_act(P_ONLY_ONCE, "DHCPADDR", "--set-mac", *flags & F_MAC); - param_act(P_NO_INVERT, "DHCPADDR", "--set-mac", invert); + xtables_param_act(XTF_ONLY_ONCE, "DHCPADDR", "--set-mac", *flags & F_MAC); + xtables_param_act(XTF_NO_INVERT, "DHCPADDR", "--set-mac", invert); if (!mac_parse(optarg, info->addr, &info->mask)) - param_act(P_BAD_VALUE, "DHCPADDR", "--set-mac", optarg); + xtables_param_act(XTF_BAD_VALUE, "DHCPADDR", "--set-mac", optarg); *flags |= F_MAC; return true; } @@ -56,7 +56,7 @@ static int dhcpaddr_tg_parse(int c, char **argv, int invert, static void dhcpaddr_tg_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "DHCPADDR target: " + xtables_error(PARAMETER_PROBLEM, "DHCPADDR target: " "--set-mac parameter required"); } diff --git a/extensions/libxt_IPMARK.c b/extensions/libxt_IPMARK.c index f440758..626f182 100644 --- a/extensions/libxt_IPMARK.c +++ b/extensions/libxt_IPMARK.c @@ -58,44 +58,44 @@ static int ipmark_tg_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': - param_act(P_ONLY_ONCE, "IPMARK", "addr", *flags & FL_ADDR_USED); - param_act(P_NO_INVERT, "IPMARK", "addr", invert); + xtables_param_act(XTF_ONLY_ONCE, "IPMARK", "addr", *flags & FL_ADDR_USED); + xtables_param_act(XTF_NO_INVERT, "IPMARK", "addr", invert); if (strcmp(optarg, "src") == 0) info->selector = XT_IPMARK_SRC; else if (strcmp(optarg, "dst") == 0) info->selector = XT_IPMARK_DST; else - exit_error(PARAMETER_PROBLEM, "Bad addr value `%s' - should be `src' or `dst'", optarg); + xtables_error(PARAMETER_PROBLEM, "Bad addr value `%s' - should be `src' or `dst'", optarg); *flags |= FL_ADDR_USED; return true; case '2': - param_act(P_ONLY_ONCE, "IPMARK", "and-mask", *flags & FL_AND_MASK_USED); - param_act(P_NO_INVERT, "IPMARK", "and-mask", invert); - if (!strtonum(optarg, NULL, &n, 0, ~0U)) - param_act(P_BAD_VALUE, "IPMARK", "and-mask", optarg); + xtables_param_act(XTF_ONLY_ONCE, "IPMARK", "and-mask", *flags & FL_AND_MASK_USED); + xtables_param_act(XTF_NO_INVERT, "IPMARK", "and-mask", invert); + if (!xtables_strtoui(optarg, NULL, &n, 0, ~0U)) + xtables_param_act(XTF_BAD_VALUE, "IPMARK", "and-mask", optarg); info->andmask = n; *flags |= FL_AND_MASK_USED; return true; case '3': - param_act(P_ONLY_ONCE, "IPMARK", "or-mask", *flags & FL_OR_MASK_USED); - param_act(P_NO_INVERT, "IPMARK", "or-mask", invert); - if (!strtonum(optarg, NULL, &n, 0, ~0U)) - param_act(P_BAD_VALUE, "IPMARK", "or-mask", optarg); + xtables_param_act(XTF_ONLY_ONCE, "IPMARK", "or-mask", *flags & FL_OR_MASK_USED); + xtables_param_act(XTF_NO_INVERT, "IPMARK", "or-mask", invert); + if (!xtables_strtoui(optarg, NULL, &n, 0, ~0U)) + xtables_param_act(XTF_BAD_VALUE, "IPMARK", "or-mask", optarg); info->ormask = n; *flags |= FL_OR_MASK_USED; return true; case '4': - param_act(P_ONLY_ONCE, "IPMARK", "--shift", *flags & FL_SHIFT); - param_act(P_NO_INVERT, "IPMARK", "--shift", invert); + xtables_param_act(XTF_ONLY_ONCE, "IPMARK", "--shift", *flags & FL_SHIFT); + xtables_param_act(XTF_NO_INVERT, "IPMARK", "--shift", invert); /* * Anything >31 does not make sense for IPv4, but it still * does the right thing. */ - if (!strtonum(optarg, NULL, &n, 0, 128)) - param_act(P_BAD_VALUE, "IPMARK", "--shift", optarg); + if (!xtables_strtoui(optarg, NULL, &n, 0, 128)) + xtables_param_act(XTF_BAD_VALUE, "IPMARK", "--shift", optarg); info->shift = n; return true; } @@ -106,7 +106,7 @@ static int ipmark_tg_parse(int c, char **argv, int invert, unsigned int *flags, static void ipmark_tg_check(unsigned int flags) { if (!(flags & FL_ADDR_USED)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "IPMARK target: Parameter --addr is required"); } diff --git a/extensions/libxt_LOGMARK.c b/extensions/libxt_LOGMARK.c index 42659d9..671175a 100644 --- a/extensions/libxt_LOGMARK.c +++ b/extensions/libxt_LOGMARK.c @@ -51,23 +51,23 @@ logmark_tg_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'l': /* --log-level */ - param_act(P_ONLY_ONCE, "LOGMARK", "--log-level", *flags & F_LEVEL); - param_act(P_NO_INVERT, "LOGMARK", "--log-level", invert); - if (!strtonum(optarg, NULL, &x, 0, 8)) - param_act(P_BAD_VALUE, "LOGMARK", "--log-level", optarg); + xtables_param_act(XTF_ONLY_ONCE, "LOGMARK", "--log-level", *flags & F_LEVEL); + xtables_param_act(XTF_NO_INVERT, "LOGMARK", "--log-level", invert); + if (!xtables_strtoui(optarg, NULL, &x, 0, 8)) + xtables_param_act(XTF_BAD_VALUE, "LOGMARK", "--log-level", optarg); info->level = x; *flags |= F_LEVEL; return true; case 'p': /* --log-prefix */ - param_act(P_ONLY_ONCE, "LOGMARK", "--log-prefix", *flags & F_PREFIX); - param_act(P_NO_INVERT, "LOGMARK", "--log-prefix", invert); + xtables_param_act(XTF_ONLY_ONCE, "LOGMARK", "--log-prefix", *flags & F_PREFIX); + xtables_param_act(XTF_NO_INVERT, "LOGMARK", "--log-prefix", invert); if (strlen(optarg) > sizeof(info->prefix)) - exit_error(PARAMETER_PROBLEM, "LOGMARK: Maximum " + xtables_error(PARAMETER_PROBLEM, "LOGMARK: Maximum " "prefix length is %zu", sizeof(info->prefix)); if (strchr(optarg, '\n')) - exit_error(PARAMETER_PROBLEM, "LOGMARK: Newlines not " + xtables_error(PARAMETER_PROBLEM, "LOGMARK: Newlines not " "allowed in log prefix"); strncpy(info->prefix, optarg, sizeof(info->prefix)); *flags |= F_PREFIX; diff --git a/extensions/libxt_TEE.c b/extensions/libxt_TEE.c index 33005c9..953e01d 100644 --- a/extensions/libxt_TEE.c +++ b/extensions/libxt_TEE.c @@ -50,12 +50,12 @@ static int tee_tg_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'g': if (*flags & FLAG_GATEWAY) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --gw more than once"); - ia = numeric_to_ipaddr(optarg); + ia = xtables_numeric_to_ipaddr(optarg); if (ia == NULL) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid IP address %s", optarg); memcpy(&info->gw, ia, sizeof(*ia)); @@ -75,12 +75,12 @@ static int tee_tg6_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'g': if (*flags & FLAG_GATEWAY) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Cannot specify --gw more than once"); - ia = numeric_to_ip6addr(optarg); + ia = xtables_numeric_to_ip6addr(optarg); if (ia == NULL) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Invalid IP address %s", optarg); memcpy(&info->gw, ia, sizeof(*ia)); @@ -94,7 +94,7 @@ static int tee_tg6_parse(int c, char **argv, int invert, unsigned int *flags, static void tee_tg_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "TEE target: " + xtables_error(PARAMETER_PROBLEM, "TEE target: " "--gateway parameter required"); } @@ -104,9 +104,9 @@ static void tee_tg_print(const void *ip, const struct xt_entry_target *target, const struct xt_tee_tginfo *info = (const void *)target->data; if (numeric) - printf("TEE gw:%s ", ipaddr_to_numeric(&info->gw.in)); + printf("TEE gw:%s ", xtables_ipaddr_to_numeric(&info->gw.in)); else - printf("TEE gw:%s ", ipaddr_to_anyname(&info->gw.in)); + printf("TEE gw:%s ", xtables_ipaddr_to_anyname(&info->gw.in)); } static void tee_tg6_print(const void *ip, const struct xt_entry_target *target, @@ -115,23 +115,23 @@ static void tee_tg6_print(const void *ip, const struct xt_entry_target *target, const struct xt_tee_tginfo *info = (const void *)target->data; if (numeric) - printf("TEE gw:%s ", ip6addr_to_numeric(&info->gw.in6)); + printf("TEE gw:%s ", xtables_ip6addr_to_numeric(&info->gw.in6)); else - printf("TEE gw:%s ", ip6addr_to_anyname(&info->gw.in6)); + printf("TEE gw:%s ", xtables_ip6addr_to_anyname(&info->gw.in6)); } static void tee_tg_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tee_tginfo *info = (const void *)target->data; - printf("--gateway %s ", ipaddr_to_numeric(&info->gw.in)); + printf("--gateway %s ", xtables_ipaddr_to_numeric(&info->gw.in)); } static void tee_tg6_save(const void *ip, const struct xt_entry_target *target) { const struct xt_tee_tginfo *info = (const void *)target->data; - printf("--gateway %s ", ip6addr_to_numeric(&info->gw.in6)); + printf("--gateway %s ", xtables_ip6addr_to_numeric(&info->gw.in6)); } static struct xtables_target tee_tg_reg = { diff --git a/extensions/libxt_condition.c b/extensions/libxt_condition.c index 18b1ca3..6438e45 100644 --- a/extensions/libxt_condition.c +++ b/extensions/libxt_condition.c @@ -37,13 +37,13 @@ static int condition_parse(int c, char **argv, int invert, unsigned int *flags, if (c == 'X') { if (*flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Can't specify multiple conditions"); if (strlen(optarg) < sizeof(info->name)) strcpy(info->name, optarg); else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "File name too long"); info->invert = invert; @@ -57,7 +57,7 @@ static int condition_parse(int c, char **argv, int invert, unsigned int *flags, static void condition_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "Condition match: must specify --condition"); } diff --git a/extensions/libxt_dhcpaddr.c b/extensions/libxt_dhcpaddr.c index 089a722..2b56381 100644 --- a/extensions/libxt_dhcpaddr.c +++ b/extensions/libxt_dhcpaddr.c @@ -41,10 +41,10 @@ static int dhcpaddr_mt_parse(int c, char **argv, int invert, switch (c) { case 'M': - param_act(P_ONLY_ONCE, "dhcpaddr", "--mac", *flags & F_MAC); - param_act(P_NO_INVERT, "dhcpaddr", "--mac", invert); + xtables_param_act(XTF_ONLY_ONCE, "dhcpaddr", "--mac", *flags & F_MAC); + xtables_param_act(XTF_NO_INVERT, "dhcpaddr", "--mac", invert); if (!mac_parse(optarg, info->addr, &info->mask)) - param_act(P_BAD_VALUE, "dhcpaddr", "--mac", optarg); + xtables_param_act(XTF_BAD_VALUE, "dhcpaddr", "--mac", optarg); if (invert) info->invert = true; *flags |= F_MAC; @@ -57,7 +57,7 @@ static int dhcpaddr_mt_parse(int c, char **argv, int invert, static void dhcpaddr_mt_check(unsigned int flags) { if (flags == 0) - exit_error(PARAMETER_PROBLEM, "dhcpaddr match: " + xtables_error(PARAMETER_PROBLEM, "dhcpaddr match: " "--mac parameter required"); } diff --git a/extensions/libxt_fuzzy.c b/extensions/libxt_fuzzy.c index a588ed3..df55604 100644 --- a/extensions/libxt_fuzzy.c +++ b/extensions/libxt_fuzzy.c @@ -54,22 +54,22 @@ static int fuzzy_mt_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (invert) - exit_error(PARAMETER_PROBLEM,"Can't specify ! --lower-limit"); + xtables_error(PARAMETER_PROBLEM,"Can't specify ! --lower-limit"); if (*flags & IPT_FUZZY_OPT_MINIMUM) - exit_error(PARAMETER_PROBLEM,"Can't specify --lower-limit twice"); - if (string_to_number(optarg,1,FUZZY_MAX_RATE,&num) == -1 || num < 1) - exit_error(PARAMETER_PROBLEM,"BAD --lower-limit"); + xtables_error(PARAMETER_PROBLEM,"Can't specify --lower-limit twice"); + if (!xtables_strtoui(optarg, NULL, &num, 1, FUZZY_MAX_RATE) == -1 || num < 1) + xtables_error(PARAMETER_PROBLEM,"BAD --lower-limit"); info->minimum_rate = num; *flags |= IPT_FUZZY_OPT_MINIMUM; return true; case '2': if (invert) - exit_error(PARAMETER_PROBLEM,"Can't specify ! --upper-limit"); + xtables_error(PARAMETER_PROBLEM,"Can't specify ! --upper-limit"); if (*flags & IPT_FUZZY_OPT_MAXIMUM) - exit_error(PARAMETER_PROBLEM,"Can't specify --upper-limit twice"); - if (string_to_number(optarg,1,FUZZY_MAX_RATE,&num) == -1 || num < 1) - exit_error(PARAMETER_PROBLEM,"BAD --upper-limit"); + xtables_error(PARAMETER_PROBLEM,"Can't specify --upper-limit twice"); + if (!xtables_strtoui(optarg, NULL, &num, 1, FUZZY_MAX_RATE) == -1 || num < 1) + xtables_error(PARAMETER_PROBLEM,"BAD --upper-limit"); info->maximum_rate = num; *flags |= IPT_FUZZY_OPT_MAXIMUM; return true; diff --git a/extensions/libxt_geoip.c b/extensions/libxt_geoip.c index f0927e3..ef95922 100644 --- a/extensions/libxt_geoip.c +++ b/extensions/libxt_geoip.c @@ -64,16 +64,16 @@ static struct geoip_subnet *geoip_get_subnets(const char *code, uint32_t *count) if ((fd = open(buf, O_RDONLY)) < 0) { fprintf(stderr, "Could not open %s: %s\n", buf, strerror(errno)); - exit_error(OTHER_PROBLEM, "Could not read geoip database"); + xtables_error(OTHER_PROBLEM, "Could not read geoip database"); } fstat(fd, &sb); if (sb.st_size % sizeof(struct geoip_subnet) != 0) - exit_error(OTHER_PROBLEM, "Database file %s seems to be " + xtables_error(OTHER_PROBLEM, "Database file %s seems to be " "corrupted", buf); subnets = malloc(sb.st_size); if (subnets == NULL) - exit_error(OTHER_PROBLEM, "geoip: insufficient memory"); + xtables_error(OTHER_PROBLEM, "geoip: insufficient memory"); read(fd, subnets, sb.st_size); close(fd); *count = sb.st_size / sizeof(struct geoip_subnet); @@ -103,7 +103,7 @@ check_geoip_cc(char *cc, u_int16_t cc_used[], u_int8_t count) if (strlen(cc) != 2) /* Country must be 2 chars long according to the ISO3166 standard */ - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: invalid country code '%s'", cc); // Verification will fail if chars aren't uppercased. @@ -112,7 +112,7 @@ check_geoip_cc(char *cc, u_int16_t cc_used[], u_int8_t count) if (isalnum(cc[i]) != 0) cc[i] = toupper(cc[i]); else - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: invalid country code '%s'", cc); /* Convert chars into a single 16 bit integer. @@ -140,7 +140,7 @@ static unsigned int parse_geoip_cc(const char *ccstr, uint16_t *cc, buffer = strdup(ccstr); if (!buffer) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "geoip: insufficient memory available"); for (cp = buffer, i = 0; cp && i < XT_GEOIP_MAX; cp = next, i++) @@ -150,19 +150,19 @@ static unsigned int parse_geoip_cc(const char *ccstr, uint16_t *cc, if ((cctmp = check_geoip_cc(cp, cc, count)) != 0) { if ((mem[count++].user = (unsigned long)geoip_load_cc(cp, cctmp)) == 0) - exit_error(OTHER_PROBLEM, + xtables_error(OTHER_PROBLEM, "geoip: insufficient memory available"); cc[count-1] = cctmp; } } if (cp) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: too many countries specified"); free(buffer); if (count == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: don't know what happened"); return count; @@ -176,7 +176,7 @@ static int geoip_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '1': if (*flags & (XT_GEOIP_SRC | XT_GEOIP_DST)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: Only exactly one of --source-country " "or --destination-country must be specified!"); @@ -190,7 +190,7 @@ static int geoip_parse(int c, char **argv, int invert, unsigned int *flags, case '2': if (*flags & (XT_GEOIP_SRC | XT_GEOIP_DST)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: Only exactly one of --source-country " "or --destination-country must be specified!"); @@ -210,7 +210,7 @@ static void geoip_final_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "geoip: missing arguments"); } diff --git a/extensions/libxt_ipp2p.c b/extensions/libxt_ipp2p.c index 5fa1e9c..a6c3232 100644 --- a/extensions/libxt_ipp2p.c +++ b/extensions/libxt_ipp2p.c @@ -63,109 +63,109 @@ static int ipp2p_mt_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '2': /*cmd: edk*/ - param_act(P_ONLY_ONCE, "--edk", *flags & IPP2P_EDK); - param_act(P_NO_INVERT, "--edk", invert); + xtables_param_act(XTF_ONLY_ONCE, "--edk", *flags & IPP2P_EDK); + xtables_param_act(XTF_NO_INVERT, "--edk", invert); if (*flags & IPP2P_DATA_EDK) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ipp2p: use `--edk' OR `--edk-data' but not both of them!"); *flags |= IPP2P_EDK; info->cmd |= IPP2P_EDK; break; case '7': /*cmd: dc*/ - param_act(P_ONLY_ONCE, "--dc", *flags & IPP2P_DC); - param_act(P_NO_INVERT, "--dc", invert); + xtables_param_act(XTF_ONLY_ONCE, "--dc", *flags & IPP2P_DC); + xtables_param_act(XTF_NO_INVERT, "--dc", invert); if (*flags & IPP2P_DATA_DC) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ipp2p: use `--dc' OR `--dc-data' but not both of them!"); *flags |= IPP2P_DC; info->cmd |= IPP2P_DC; break; case '9': /*cmd: gnu*/ - param_act(P_ONLY_ONCE, "--gnu", *flags & IPP2P_GNU); - param_act(P_NO_INVERT, "--gnu", invert); + xtables_param_act(XTF_ONLY_ONCE, "--gnu", *flags & IPP2P_GNU); + xtables_param_act(XTF_NO_INVERT, "--gnu", invert); if (*flags & IPP2P_DATA_GNU) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ipp2p: use `--gnu' OR `--gnu-data' but not both of them!"); *flags |= IPP2P_GNU; info->cmd |= IPP2P_GNU; break; case 'a': /*cmd: kazaa*/ - param_act(P_ONLY_ONCE, "--kazaa", *flags & IPP2P_KAZAA); - param_act(P_NO_INVERT, "--kazaa", invert); + xtables_param_act(XTF_ONLY_ONCE, "--kazaa", *flags & IPP2P_KAZAA); + xtables_param_act(XTF_NO_INVERT, "--kazaa", invert); if (*flags & IPP2P_DATA_KAZAA) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ipp2p: use `--kazaa' OR `--kazaa-data' but not both of them!"); *flags |= IPP2P_KAZAA; info->cmd |= IPP2P_KAZAA; break; case 'b': /*cmd: bit*/ - param_act(P_ONLY_ONCE, "--kazaa", *flags & IPP2P_BIT); - param_act(P_NO_INVERT, "--kazaa", invert); + xtables_param_act(XTF_ONLY_ONCE, "--kazaa", *flags & IPP2P_BIT); + xtables_param_act(XTF_NO_INVERT, "--kazaa", invert); *flags |= IPP2P_BIT; info->cmd |= IPP2P_BIT; break; case 'c': /*cmd: apple*/ - param_act(P_ONLY_ONCE, "--apple", *flags & IPP2P_APPLE); - param_act(P_NO_INVERT, "--apple", invert); + xtables_param_act(XTF_ONLY_ONCE, "--apple", *flags & IPP2P_APPLE); + xtables_param_act(XTF_NO_INVERT, "--apple", invert); *flags |= IPP2P_APPLE; info->cmd |= IPP2P_APPLE; break; case 'd': /*cmd: soul*/ - param_act(P_ONLY_ONCE, "--soul", *flags & IPP2P_SOUL); - param_act(P_NO_INVERT, "--soul", invert); + xtables_param_act(XTF_ONLY_ONCE, "--soul", *flags & IPP2P_SOUL); + xtables_param_act(XTF_NO_INVERT, "--soul", invert); *flags |= IPP2P_SOUL; info->cmd |= IPP2P_SOUL; break; case 'e': /*cmd: winmx*/ - param_act(P_ONLY_ONCE, "--winmx", *flags & IPP2P_WINMX); - param_act(P_NO_INVERT, "--winmx", invert); + xtables_param_act(XTF_ONLY_ONCE, "--winmx", *flags & IPP2P_WINMX); + xtables_param_act(XTF_NO_INVERT, "--winmx", invert); *flags |= IPP2P_WINMX; info->cmd |= IPP2P_WINMX; break; case 'f': /*cmd: ares*/ - param_act(P_ONLY_ONCE, "--ares", *flags & IPP2P_ARES); - param_act(P_NO_INVERT, "--ares", invert); + xtables_param_act(XTF_ONLY_ONCE, "--ares", *flags & IPP2P_ARES); + xtables_param_act(XTF_NO_INVERT, "--ares", invert); *flags |= IPP2P_ARES; info->cmd |= IPP2P_ARES; break; case 'g': /*cmd: mute*/ - param_act(P_ONLY_ONCE, "--mute", *flags & IPP2P_MUTE); - param_act(P_NO_INVERT, "--mute", invert); + xtables_param_act(XTF_ONLY_ONCE, "--mute", *flags & IPP2P_MUTE); + xtables_param_act(XTF_NO_INVERT, "--mute", invert); *flags |= IPP2P_MUTE; info->cmd |= IPP2P_MUTE; break; case 'h': /*cmd: waste*/ - param_act(P_ONLY_ONCE, "--waste", *flags & IPP2P_WASTE); - param_act(P_NO_INVERT, "--waste", invert); + xtables_param_act(XTF_ONLY_ONCE, "--waste", *flags & IPP2P_WASTE); + xtables_param_act(XTF_NO_INVERT, "--waste", invert); *flags |= IPP2P_WASTE; info->cmd |= IPP2P_WASTE; break; case 'i': /*cmd: xdcc*/ - param_act(P_ONLY_ONCE, "--xdcc", *flags & IPP2P_XDCC); - param_act(P_NO_INVERT, "--xdcc", invert); + xtables_param_act(XTF_ONLY_ONCE, "--xdcc", *flags & IPP2P_XDCC); + xtables_param_act(XTF_NO_INVERT, "--xdcc", invert); *flags |= IPP2P_XDCC; info->cmd |= IPP2P_XDCC; break; case 'j': /*cmd: debug*/ - param_act(P_ONLY_ONCE, "--debug", info->debug); - param_act(P_NO_INVERT, "--debug", invert); + xtables_param_act(XTF_ONLY_ONCE, "--debug", info->debug); + xtables_param_act(XTF_NO_INVERT, "--debug", invert); info->debug = 1; break; default: -// exit_error(PARAMETER_PROBLEM, +// xtables_error(PARAMETER_PROBLEM, // "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); return 0; } @@ -175,7 +175,7 @@ static int ipp2p_mt_parse(int c, char **argv, int invert, unsigned int *flags, static void ipp2p_mt_check(unsigned int flags) { if (!flags) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "\nipp2p-parameter problem: for ipp2p usage type: iptables -m ipp2p --help\n"); } diff --git a/extensions/libxt_ipv4options.c b/extensions/libxt_ipv4options.c index 86244cd..f0ad151 100644 --- a/extensions/libxt_ipv4options.c +++ b/extensions/libxt_ipv4options.c @@ -74,12 +74,12 @@ static void ipv4options_parse_flagspec(struct xt_ipv4options_mtinfo1 *info, } if (opt == 0 && - !strtonum(arg, NULL, &opt, 0, UINT8_MAX)) - exit_error(PARAMETER_PROBLEM, + !xtables_strtoui(arg, NULL, &opt, 0, UINT8_MAX)) + xtables_error(PARAMETER_PROBLEM, "ipv4options: Bad option value \"%s\"", arg); if (opt == 0) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "ipv4options: Option value may not be zero"); info->map |= (1 << opt); @@ -98,11 +98,11 @@ static int ipv4options_mt_parse(int c, char **argv, int invert, switch (c) { case 'a': /* --any */ - param_act(P_NO_INVERT, "ipv4options", "--any", invert); + xtables_param_act(XTF_NO_INVERT, "ipv4options", "--any", invert); info->flags |= XT_V4OPTS_ANY; return true; case 'f': /* --flags */ - param_act(P_NO_INVERT, "ipv4options", "--flags", invert); + xtables_param_act(XTF_NO_INVERT, "ipv4options", "--flags", invert); ipv4options_parse_flagspec(info, optarg); return true; } diff --git a/extensions/libxt_length2.c b/extensions/libxt_length2.c index 130a321..bcea64c 100644 --- a/extensions/libxt_length2.c +++ b/extensions/libxt_length2.c @@ -52,42 +52,42 @@ static int length_mt_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case '3': /* --layer3 */ - param_act(P_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); + xtables_param_act(XTF_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); info->flags &= ~XT_LENGTH_LAYER_MASK; info->flags |= XT_LENGTH_LAYER3; *flags |= F_LAYER; return true; case '4': /* --layer4 */ - param_act(P_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); + xtables_param_act(XTF_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); info->flags &= ~XT_LENGTH_LAYER_MASK; info->flags |= XT_LENGTH_LAYER4; *flags |= F_LAYER; return true; case '5': /* --layer5 */ - param_act(P_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); + xtables_param_act(XTF_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); info->flags &= ~XT_LENGTH_LAYER_MASK; info->flags |= XT_LENGTH_LAYER5; *flags |= F_LAYER; return true; case '7': /* --layer7 */ - param_act(P_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); + xtables_param_act(XTF_ONLY_ONCE, "length", "--layer*", *flags & F_LAYER); info->flags &= ~XT_LENGTH_LAYER_MASK; info->flags |= XT_LENGTH_LAYER7; *flags |= F_LAYER; return true; case '=': /* --length */ - param_act(P_ONLY_ONCE, "length", "--length", *flags & F_LENGTH); + xtables_param_act(XTF_ONLY_ONCE, "length", "--length", *flags & F_LENGTH); if (invert) info->flags |= XT_LENGTH_INVERT; - if (!strtonum(optarg, &end, &from, 0, ~0U)) - param_act(P_BAD_VALUE, "length", "--length", optarg); + if (!xtables_strtoui(optarg, &end, &from, 0, ~0U)) + xtables_param_act(XTF_BAD_VALUE, "length", "--length", optarg); to = from; if (*end == ':') - if (!strtonum(end + 1, &end, &to, 0, ~0U)) - param_act(P_BAD_VALUE, "length", + if (!xtables_strtoui(end + 1, &end, &to, 0, ~0U)) + xtables_param_act(XTF_BAD_VALUE, "length", "--length", optarg); if (*end != '\0') - param_act(P_BAD_VALUE, "length", "--length", optarg); + xtables_param_act(XTF_BAD_VALUE, "length", "--length", optarg); info->min = from; info->max = to; *flags |= F_LENGTH; @@ -99,7 +99,7 @@ static int length_mt_parse(int c, char **argv, int invert, unsigned int *flags, static void length_mt_check(unsigned int flags) { if (!(flags & F_LENGTH)) - exit_error(PARAMETER_PROBLEM, + xtables_error(PARAMETER_PROBLEM, "length: You must specify \"--length\""); if (!(flags & F_LAYER)) fprintf(stderr, "iptables: length match: Defaulting to " diff --git a/extensions/libxt_quota2.c b/extensions/libxt_quota2.c index de7a5f4..3b7ee44 100644 --- a/extensions/libxt_quota2.c +++ b/extensions/libxt_quota2.c @@ -51,31 +51,31 @@ quota_mt2_parse(int c, char **argv, int invert, unsigned int *flags, switch (c) { case 'g': - param_act(P_ONLY_ONCE, "quota", "--grow", *flags & FL_GROW); - param_act(P_NO_INVERT, "quota", "--grow", invert); + xtables_param_act(XTF_ONLY_ONCE, "quota", "--grow", *flags & FL_GROW); + xtables_param_act(XTF_NO_INVERT, "quota", "--grow", invert); info->flags |= XT_QUOTA_GROW; *flags |= FL_GROW; return true; case 'n': /* zero termination done on behalf of the kernel module */ - param_act(P_ONLY_ONCE, "quota", "--name", *flags & FL_NAME); - param_act(P_NO_INVERT, "quota", "--name", invert); + xtables_param_act(XTF_ONLY_ONCE, "quota", "--name", *flags & FL_NAME); + xtables_param_act(XTF_NO_INVERT, "quota", "--name", invert); strncpy(info->name, optarg, sizeof(info->name)); *flags |= FL_NAME; return true; case 'p': - param_act(P_ONLY_ONCE, "quota", "--packets", *flags & FL_PACKET); - param_act(P_NO_INVERT, "quota", "--packets", invert); + xtables_param_act(XTF_ONLY_ONCE, "quota", "--packets", *flags & FL_PACKET); + xtables_param_act(XTF_NO_INVERT, "quota", "--packets", invert); info->flags |= XT_QUOTA_PACKET; *flags |= FL_PACKET; return true; case 'q': - param_act(P_ONLY_ONCE, "quota", "--quota", *flags & FL_QUOTA); + xtables_param_act(XTF_ONLY_ONCE, "quota", "--quota", *flags & FL_QUOTA); if (invert) info->flags |= XT_QUOTA_INVERT; info->quota = strtoull(optarg, &end, 0); if (*end != '\0') - exit_error(PARAMETER_PROBLEM, "quota match: " + xtables_error(PARAMETER_PROBLEM, "quota match: " "invalid value for --quota"); *flags |= FL_QUOTA; return true; diff --git a/extensions/mac.c b/extensions/mac.c index 1149791..5c81452 100644 --- a/extensions/mac.c +++ b/extensions/mac.c @@ -19,7 +19,7 @@ static bool mac_parse(const char *addr, unsigned char *dest, uint8_t *mask) *mask = 48; if (*end == '/') { - if (!strtonum(end + 1, &end, &value, 0, 48)) + if (!xtables_strtoui(end + 1, &end, &value, 0, 48)) return false; if (*end != '\0') return false;