summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTed Trask <ttrask01@yahoo.com>2008-11-20 15:30:01 +0000
committerTed Trask <ttrask01@yahoo.com>2008-11-20 15:30:01 +0000
commit9a60931d93fc29a76453c6f7b023e8f93fda452a (patch)
tree14dc533a677fe66608b93f6fc1b8b77c6fe795b5
parent3311c33b5536f535cf3d9f9e7812874effbd209a (diff)
downloadacf-iptables-9a60931d93fc29a76453c6f7b023e8f93fda452a.tar.bz2
acf-iptables-9a60931d93fc29a76453c6f7b023e8f93fda452a.tar.xz
Added tcp and udp port support to iptables.v0.0.1
git-svn-id: svn://svn.alpinelinux.org/acf/iptables/trunk@1603 ab2d0c66-481e-0410-8bed-d214d4d58bed
-rw-r--r--iptables-editrule-html.lsp4
-rw-r--r--iptables-model.lua38
2 files changed, 42 insertions, 0 deletions
diff --git a/iptables-editrule-html.lsp b/iptables-editrule-html.lsp
index 6412039..4f7ba0b 100644
--- a/iptables-editrule-html.lsp
+++ b/iptables-editrule-html.lsp
@@ -47,6 +47,10 @@ displayformitem(form.value.sports)
displayformitem(form.value.dports)
displayformitem(form.value.ports)
displayformitem(form.value.state)
+displayformitem(form.value.tcp_sport)
+displayformitem(form.value.tcp_dport)
+displayformitem(form.value.udp_sport)
+displayformitem(form.value.udp_dport)
%>
</DL><H2><%= form.option %></H2>
<% displayformend(form) %>
diff --git a/iptables-model.lua b/iptables-model.lua
index 67304b7..e883752 100644
--- a/iptables-model.lua
+++ b/iptables-model.lua
@@ -110,6 +110,10 @@ local function validate_rule(rule)
basiccheck(rule.value.dports)
basiccheck(rule.value.ports)
basiccheck(rule.value.state)
+ basiccheck(rule.value.tcp_sport)
+ basiccheck(rule.value.tcp_dport)
+ basiccheck(rule.value.udp_sport)
+ basiccheck(rule.value.udp_dport)
return success, rule
end
@@ -173,6 +177,12 @@ local function generate_rule_specification(rule)
addparameter(rule.value.ports.value, "--ports", false)
addmodule({rule.value.state.value}, "state")
addparameter(rule.value.state.value, "--state")
+ addmodule({rule.value.tcp_sport.value, rule.value.tcp_dport.value}, "tcp")
+ addparameter(rule.value.tcp_sport.value, "--sport", false)
+ addparameter(rule.value.tcp_dport.value, "--dport", false)
+ addmodule({rule.value.udp_sport.value, rule.value.udp_dport.value}, "udp")
+ addparameter(rule.value.udp_sport.value, "--sport", false)
+ addparameter(rule.value.udp_dport.value, "--dport", false)
return table.concat(spec, " ")
end
@@ -349,6 +359,10 @@ function read_rule(tab, chain, pos)
retval.dports = cfe({ label="Destination Ports", descr="Up to 15 comma-separated ports can be specified. Port ranges (port:port) count as two ports. A '!' before the port definition inverts the test." })
retval.ports = cfe({ label="Ports", descr="Up to 15 comma-separated ports can be specified. Port ranges (port:port) count as two ports. A '!' before the port definition inverts the test." })
retval.state = cfe({ label="State", descr="Comma-separated list of states to match. Possible states are INVALID, ESTABLISHED, NEW, and RELATED." })
+ retval.tcp_sport = cfe({ label="TCP Source Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
+ retval.tcp_dport = cfe({ label="TCP Destination Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
+ retval.udp_sport = cfe({ label="UDP Source Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
+ retval.udp_dport = cfe({ label="UDP Destination Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
getdetails()
if tab and not details[tab] then
@@ -435,6 +449,30 @@ function read_rule(tab, chain, pos)
elseif words[i] == "state" then
retval.state.value = words[i+1]
i = i+1
+ elseif words[i] == "tcp" then
+ while true do
+ if string.match(words[i+1], "^spt") then
+ retval.tcp_sport.value = string.match(words[i+1], ":(.+)$")
+ i = i+1
+ elseif string.match(words[i+1], "^dpt") then
+ retval.tcp_dport.value = string.match(words[i+1], ":(.+)$")
+ i = i+1
+ else
+ break
+ end
+ end
+ elseif words[i] == "udp" then
+ while words[i+1] do
+ if string.match(words[i+1], "^spt") then
+ retval.udp_sport.value = string.match(words[i+1], ":(.+)$")
+ i = i+1
+ elseif string.match(words[i+1], "^dpt") then
+ retval.udp_dport.value = string.match(words[i+1], ":(.+)$")
+ i = i+1
+ else
+ break
+ end
+ end
end
i = i+1
end