greetings,
perhaps someone be able assist me?
I made tine embedded tool so as to customize iptables rules, but I
can't add rules with proto and langth, only proto or length. what so I
did...
struct ipt_entry_match *match = NULL, *mlength = NULL,*tmp=NULL;
//whatever ******************************
//tmp = realloc( match, match->u.match_size + mlength->u.match_size );
tmp = realloc( mlength, mlength->u.match_size + match->u.match_size );
if( tmp ){
//memcpy( tmp + mlength->u.match_size, mlength, mlength->u.match_size );
memcpy( tmp + match->u.match_size, match, match->u.match_size );
match=malloc(tmp->u.match_size );
memcpy(match, tmp, tmp->u.match_size );
}
//whatever ******************************
if(match) memcpy(chain_entry->elems, match,match->u.match_size);
e.g. it works well it I use only match or mlength
ACCEPT udp -- 10.20.30.40 anywhere udp
spt:8889 dpt:555
ACCEPT udp -- 10.20.30.40 anywhere length 0:5
but I looking something like that...
ACCEPT udp -- 10.20.30.40 anywhere length
0:5 udp spt:666 dpt:777
I guess it had little bit specific with sequence or so?
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
