[PATCH] ipt_helper.c

From: quadong
Date: Thu Mar 04 2004 - 15:43:12 EST

Next message: Mariusz Mazur: "Re: [ANNOUNCE] linux-libc-headers 2.6.3.0"
Previous message: Arthur Corliss: "Re: [PATCH] 2.6.x BSD Process Accounting w/High UID"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Currently, if you tell iptables to match "-m helper ! --helper ftp" it
will match any packet from any helper other than FTP. What it should do
is match any packet that is not from an FTP helper, included packets that
are not from any helper (packets from master connections). Here's the
fix:

--- ipt_helper.c.old 2004-03-03 21:34:05.000000000 -0600
+++ ipt_helper.c 2004-03-04 14:34:17.709903456 -0600
@@ -48,7 +48,7 @@

if (!ct->master) {
DEBUGP("ipt_helper: conntrack %p has no master\n", ct);
- return 0;
+ return info->invert;
}

exp = ct->master;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Mariusz Mazur: "Re: [ANNOUNCE] linux-libc-headers 2.6.3.0"
Previous message: Arthur Corliss: "Re: [PATCH] 2.6.x BSD Process Accounting w/High UID"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]