The group ID used by xt_pknock is configurable, but pknlusr hard-codes
it to 1. Modify pknlusr to accept an optional ID from the command-line.
Signed-off-by: Jeremy Sowden <jeremy@xxxxxxxxxx>
---
extensions/pknock/pknlusr.c | 33 ++++++++++++++++++++++++++++++++-
1 file changed, 32 insertions(+), 1 deletion(-)
diff --git a/extensions/pknock/pknlusr.c b/extensions/pknock/pknlusr.c
index 161a9610a018..ca3af835c9a8 100644
--- a/extensions/pknock/pknlusr.c
+++ b/extensions/pknock/pknlusr.c
@@ -7,6 +7,8 @@
#include <arpa/inet.h>
#include <linux/netlink.h>
#include <linux/connector.h>
+#include <libgen.h>
+#include <limits.h>
#include "xt_pknock.h"
@@ -19,7 +21,19 @@ static unsigned char *buf;
static struct xt_pknock_nl_msg *nlmsg;
-int main(void)
+static void
+usage(const char *argv0)
+{
+ char *prog;
+ if (!(prog = strdup (argv0))) {
+ perror("strdup()");
+ } else {
+ fprintf(stderr, "%s [ group-id ]\n", basename(prog));
+ free(prog);
+ }
+}
+
+int main(int argc, char **argv)
{
socklen_t addrlen;
int status;
@@ -30,6 +44,23 @@ int main(void)
const char *ip;
char ipbuf[48];
+ if (argc > 2) {
+ usage(argv[0]);
+ exit(EXIT_FAILURE);
+ }
+
+ if (argc == 2) {
+ long n;
+ char *end;
+
+ n = strtol(argv[1], &end, 10);
+ if (*end || n < INT_MIN || n > INT_MAX) {
+ usage(argv[0]);
+ exit(EXIT_FAILURE);
+ }
+ group = n;
+ }
+
sock_fd = socket(PF_NETLINK, SOCK_DGRAM, NETLINK_CONNECTOR);
if (sock_fd == -1) {
--
2.28.0
