From 9a60931d93fc29a76453c6f7b023e8f93fda452a Mon Sep 17 00:00:00 2001
From: Ted Trask <ttrask01@yahoo.com>
Date: Thu, 20 Nov 2008 15:30:01 +0000
Subject: Added tcp and udp port support to iptables.

git-svn-id: svn://svn.alpinelinux.org/acf/iptables/trunk@1603 ab2d0c66-481e-0410-8bed-d214d4d58bed
---
 iptables-editrule-html.lsp |  4 ++++
 iptables-model.lua         | 38 ++++++++++++++++++++++++++++++++++++++
 2 files changed, 42 insertions(+)

diff --git a/iptables-editrule-html.lsp b/iptables-editrule-html.lsp
index 6412039..4f7ba0b 100644
--- a/iptables-editrule-html.lsp
+++ b/iptables-editrule-html.lsp
@@ -47,6 +47,10 @@ displayformitem(form.value.sports)
 displayformitem(form.value.dports)
 displayformitem(form.value.ports)
 displayformitem(form.value.state)
+displayformitem(form.value.tcp_sport)
+displayformitem(form.value.tcp_dport)
+displayformitem(form.value.udp_sport)
+displayformitem(form.value.udp_dport)
 %>
 </DL><H2><%= form.option %></H2>
 <% displayformend(form) %>
diff --git a/iptables-model.lua b/iptables-model.lua
index 67304b7..e883752 100644
--- a/iptables-model.lua
+++ b/iptables-model.lua
@@ -110,6 +110,10 @@ local function validate_rule(rule)
 	basiccheck(rule.value.dports)
 	basiccheck(rule.value.ports)
 	basiccheck(rule.value.state)
+	basiccheck(rule.value.tcp_sport)
+	basiccheck(rule.value.tcp_dport)
+	basiccheck(rule.value.udp_sport)
+	basiccheck(rule.value.udp_dport)
 
 	return success, rule
 end
@@ -173,6 +177,12 @@ local function generate_rule_specification(rule)
 	addparameter(rule.value.ports.value, "--ports", false)
 	addmodule({rule.value.state.value}, "state")
 	addparameter(rule.value.state.value, "--state")
+	addmodule({rule.value.tcp_sport.value, rule.value.tcp_dport.value}, "tcp")
+	addparameter(rule.value.tcp_sport.value, "--sport", false)
+	addparameter(rule.value.tcp_dport.value, "--dport", false)
+	addmodule({rule.value.udp_sport.value, rule.value.udp_dport.value}, "udp")
+	addparameter(rule.value.udp_sport.value, "--sport", false)
+	addparameter(rule.value.udp_dport.value, "--dport", false)
 
 	return table.concat(spec, " ")
 end
@@ -349,6 +359,10 @@ function read_rule(tab, chain, pos)
 	retval.dports = cfe({ label="Destination Ports", descr="Up to 15 comma-separated ports can be specified. Port ranges (port:port) count as two ports. A '!' before the port definition inverts the test." })
 	retval.ports = cfe({ label="Ports", descr="Up to 15 comma-separated ports can be specified. Port ranges (port:port) count as two ports. A '!' before the port definition inverts the test." })
 	retval.state = cfe({ label="State", descr="Comma-separated list of states to match. Possible states are INVALID, ESTABLISHED, NEW, and RELATED." })
+	retval.tcp_sport = cfe({ label="TCP Source Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
+	retval.tcp_dport = cfe({ label="TCP Destination Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
+	retval.udp_sport = cfe({ label="UDP Source Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
+	retval.udp_dport = cfe({ label="UDP Destination Port", descr="A port or port range (port:port) specification. This can either be a service name or port number. A '!' before the port definition inverts the test." })
 
 	getdetails()
 	if tab and not details[tab] then
@@ -435,6 +449,30 @@ function read_rule(tab, chain, pos)
 				elseif words[i] == "state" then
 					retval.state.value = words[i+1]
 					i = i+1
+				elseif words[i] == "tcp" then
+					while true do
+						if string.match(words[i+1], "^spt") then
+							retval.tcp_sport.value = string.match(words[i+1], ":(.+)$")
+							i = i+1
+						elseif string.match(words[i+1], "^dpt") then
+							retval.tcp_dport.value = string.match(words[i+1], ":(.+)$")
+							i = i+1
+						else
+							break
+						end
+					end
+				elseif words[i] == "udp" then
+					while words[i+1] do
+						if string.match(words[i+1], "^spt") then
+							retval.udp_sport.value = string.match(words[i+1], ":(.+)$")
+							i = i+1
+						elseif string.match(words[i+1], "^dpt") then
+							retval.udp_dport.value = string.match(words[i+1], ":(.+)$")
+							i = i+1
+						else
+							break
+						end
+					end
 				end
 				i = i+1
 			end
-- 
cgit v1.2.3