headers
Tom Eastep | 19 Aug 2011 00:11
Favicon

[PATCH] Parsing bug in libxt_conntrack.c 1.4.12

Just discovered this little gem:

sami:/home/teastep/iptables# iptables -N foo
sami:/home/teastep/iptables# iptables -A foo -m conntrack --ctorigdstport 22
iptables v1.4.12: conntrack rev 2 does not support port ranges
Try `iptables -h' or 'iptables --help' for more information.
sami:/home/teastep/iptables# 

The attached seems to correct it.

-Tom

--

-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________


commit 57c7c7995326a37c983ac6ca4026eb176595fb37
Author: Tom Eastep <teastep <at> shorewall.net>
Date:   Thu Aug 18 15:09:14 2011 -0700

    Correct parsing bug in libxt_conntrack.c
    
    Signed-off-by: Tom Eastep <teastep <at> shorewall.net>

diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
index be95529..6a79e37 100644
(Continue reading)

Permalink | Reply |
headers
Jan Engelhardt | 27 Aug 2011 18:12
Picon

Re: [PATCH] Parsing bug in libxt_conntrack.c 1.4.12

On Friday 2011-08-19 00:11, Tom Eastep wrote:

>Just discovered this little gem:
>
>sami:/home/teastep/iptables# iptables -N foo
>sami:/home/teastep/iptables# iptables -A foo -m conntrack --ctorigdstport 22
>iptables v1.4.12: conntrack rev 2 does not support port ranges
>Try `iptables -h' or 'iptables --help' for more information.
>sami:/home/teastep/iptables# 

Thanks for your reminder (via priv). I have taken your patch, but also 
the liberty to fix the actual cause.

Pending merge, you can see the tree/commits at 
git://dev.medozas.de/iptables fixes-2
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo <at> vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Permalink | Reply |

Gmane