diff options
author | Bernie Harris <bernie.harris@alliedtelesis.co.nz> | 2018-03-21 15:42:29 +1300 |
---|---|---|
committer | Pablo Neira Ayuso <pablo@netfilter.org> | 2018-04-27 00:27:31 +0200 |
commit | b1cdae87f25021eb835872d86d6e7206bd421c3f (patch) | |
tree | 24f875d58b4f4de5722c96d1eff8baeb0c6e61f2 /libebtc.c | |
parent | 2e783b2277665c467138e7685309622456c41db4 (diff) | |
download | ebtables-b1cdae87f25021eb835872d86d6e7206bd421c3f.tar.gz |
extensions: Add string filter to ebtables
This patch is part of a proposal to add a string filter to
ebtables, which would be similar to the string filter in
iptables.
Like iptables, the ebtables filter uses the xt_string module,
however some modifications have been made for this to work
correctly.
Currently ebtables assumes that the revision number of all match
modules is 0. The xt_string module doesn't register a match with
revision 0 so the solution is to modify ebtables to allow
extensions to specify a revision number, similar to iptables.
This gets passed down to the kernel, which is then able to find
the match module correctly.
Signed-off-by: Bernie Harris <bernie.harris@alliedtelesis.co.nz>
Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Diffstat (limited to 'libebtc.c')
-rw-r--r-- | libebtc.c | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -272,6 +272,7 @@ void ebt_reinit_extensions() if (!m->m) ebt_print_memory(); strcpy(m->m->u.name, m->name); + m->m->u.revision = m->revision; m->m->match_size = EBT_ALIGN(m->size); m->used = 0; } @@ -550,8 +551,10 @@ int ebt_check_rule_exists(struct ebt_u_replace *replace, while (m_l) { m = (struct ebt_u_match *)(m_l->m); m_l2 = u_e->m_list; - while (m_l2 && strcmp(m_l2->m->u.name, m->m->u.name)) + while (m_l2 && (strcmp(m_l2->m->u.name, m->m->u.name) || + m_l2->m->u.revision != m->m->u.revision)) { m_l2 = m_l2->next; + } if (!m_l2 || !m->compare(m->m, m_l2->m)) goto letscontinue; j++; @@ -1209,6 +1212,7 @@ void ebt_register_match(struct ebt_u_match *m) if (!m->m) ebt_print_memory(); strcpy(m->m->u.name, m->name); + m->m->u.revision = m->revision; m->m->match_size = EBT_ALIGN(m->size); m->init(m->m); |