[PATCH 6/6] conntrack: fix -o save dump for unknown protocols

Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx> · Thu, 23 Jun 2022 19:50:00 +0200

Make sure the protocol (-p) option is included in the -o save
ct entry dumps for L4 protocols unknown to the conntrack tool

Signed-off-by: Mikhail Sennikovsky <mikhail.sennikovskii@xxxxxxxxx>
---
 src/conntrack.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index dca7da6..f8a228f 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -870,9 +870,18 @@ static int ct_save_snprintf(char *buf, size_t len,
 
 		ret = ct_snprintf_opts(buf + offset, len, ct, cur->print_opts);
 		BUFFER_SIZE(ret, size, len, offset);
-		break;
+		goto done_proto4;
 	}
 
+	/**
+	 * Do not use getprotobynumber here to ensure
+	 * "-o save" data incompatibility between hosts having
+	 * different /etc/protocols contents
+	 */
+	ret = snprintf(buf + offset, len, "-p %d ", l4proto);
+	BUFFER_SIZE(ret, size, len, offset);
+
+done_proto4:
 	/* skip trailing space, if any */
 	for (; size && buf[size-1] == ' '; --size)
 		buf[size-1] = '\0';
-- 
2.25.1







