Norbert Sendetzky .................................. (2002. április 17.)
Hi!
Thanks for the IPv6 port! I can't test it now (when will the
Netfilter/Iptables run on XP? :)) ), but the patch is broken in the current
form. At this level the Ipv4 and IPv6 code mainly identical.
> diff -ru linux-2.4.9-13.orig/net/ipv6/netfilter/ip6t_multiport.c
>linux-2.4.9-13/net/ipv6/netfilter/ip6t_multiport.c
> --- linux-2.4.9-13.orig/net/ipv6/netfilter/ip6t_multiport.c Wed Apr 17 22:16:00
>2002
> +++ linux-2.4.9-13/net/ipv6/netfilter/ip6t_multiport.c Wed Apr 17 22:18:14
>2002
> @@ -74,6 +77,9 @@
> {
> const struct ip6t_multiport *multiinfo = matchinfo;
>
> + if (matchsize != IPT_ALIGN(sizeof(struct ip6t_multiport)))
+ if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_multiport)))
> + return 0;
> +
> /* Must specify proto == TCP/UDP, no unknown flags or bad count */
> return (ip->proto == IPPROTO_TCP || ip->proto == IPPROTO_UDP)
> && !(ip->flags & IP6T_INV_PROTO)
Except that misspeled keyword the patch looks good (if worked with IPv4 it
will work with IPv6, too)
Regards,
kisza
--
Andras Kis-Szabo Security Development, Design and Audit
-------------------------/ Zorp, NetFilter and IPv6
[EMAIL PROTECTED] /-----Member of the BUTE-MIS-SEARCHlab---------->
