From 97b2940031e3f690ebfafa0f3e94ba5709371272 Mon Sep 17 00:00:00 2001
From: Jiri Slachta <[email protected]>
Date: Thu, 18 Oct 2012 17:20:57 +0200
Subject: [PATCH] This patch repairs mangled CR-LF EOL's in patch that repairs
paths to iptables binary. Signed-off-by: Jiri Slachta
<[email protected]>
---
net/snortsam/patches/100-iptables-path-fix.patch | 280 +++++++++++-----------
1 file changed, 140 insertions(+), 140 deletions(-)
diff --git a/net/snortsam/patches/100-iptables-path-fix.patch
b/net/snortsam/patches/100-iptables-path-fix.patch
index c8900c6..971a706 100644
--- a/net/snortsam/patches/100-iptables-path-fix.patch
+++ b/net/snortsam/patches/100-iptables-path-fix.patch
@@ -30,150 +30,150 @@ diff -ruN snortsam-orig/src/ssp_iptables.c
snortsam/src/ssp_iptables.c
#ifdef FWSAMDEBUG
@@ -131,14 +131,14 @@
- { case FWSAM_HOW_IN:
- /* Assemble command */
- if (snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -I INPUT -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ { case FWSAM_HOW_IN:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -148,14 +148,14 @@
- case FWSAM_HOW_OUT:
- /* Assemble command */
- if (snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -I INPUT -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ case FWSAM_HOW_OUT:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -165,18 +165,18 @@
- case FWSAM_HOW_INOUT:
- /* Assemble command - block src*/
- if ((snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) ||
(snprintf(iptcmd1,sizeof(iptcmd1)-1,
-- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -I INPUT -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) ||
(snprintf(iptcmd4,sizeof(iptcmd4)-1,
-- "/sbin/iptables -I INPUT -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ case FWSAM_HOW_INOUT:
+ /* Assemble command - block src*/
+ if ((snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) ||
(snprintf(iptcmd1,sizeof(iptcmd1)-1,
+- "/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) ||
(snprintf(iptcmd4,sizeof(iptcmd4)-1,
+- "/sbin/iptables -I INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -186,14 +186,14 @@
- case FWSAM_HOW_THIS:
- /* Assemble command */
- if (snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport
%d -j DROP",
-+ "/usr/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d
--dport %d -j DROP",
- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d
-j DROP",
-+ "/usr/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d
--dport %d -j DROP",
- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd2)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ case FWSAM_HOW_THIS:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d --dport
%d -j DROP",
++ "/usr/sbin/iptables -I FORWARD -i %s -s %s -d %s -p %d
--dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d --dport %d
-j DROP",
++ "/usr/sbin/iptables -I INPUT -i %s -s %s -d %s -p %d
--dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -210,14 +210,14 @@
- { case FWSAM_HOW_IN:
- /* Assemble command */
- if (snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ { case FWSAM_HOW_IN:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -227,14 +227,14 @@
- case FWSAM_HOW_OUT:
- /* Assemble command */
- if (snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -D INPUT -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ case FWSAM_HOW_OUT:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -244,18 +244,18 @@
- case FWSAM_HOW_INOUT:
- /* Assemble command - block src*/
- if ((snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) ||
(snprintf(iptcmd1,sizeof(iptcmd1)-1,
-- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
-+ "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) ||
(snprintf(iptcmd4,sizeof(iptcmd4)-1,
-- "/sbin/iptables -D INPUT -i %s -d %s -j DROP",
-+ "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP",
- iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ case FWSAM_HOW_INOUT:
+ /* Assemble command - block src*/
+ if ((snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd)) ||
(snprintf(iptcmd1,sizeof(iptcmd1)-1,
+- "/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd1))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if ((snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -s %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -s %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd2)) ||
(snprintf(iptcmd4,sizeof(iptcmd4)-1,
+- "/sbin/iptables -D INPUT -i %s -d %s -j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -d %s -j DROP",
+ iptp->iface, inettoa(bd->blockip)) >= sizeof(iptcmd4))) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
@@ -265,14 +265,14 @@
- case FWSAM_HOW_THIS:
- /* Assemble command */
- if (snprintf(iptcmd,sizeof(iptcmd)-1,
-- "/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport
%d -j DROP",
-+ "/usr/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d
--dport %d -j DROP",
- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
- logmessage(1,msg,"iptables",0);
- return;
- }
- if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
-- "/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d
-j DROP",
-+ "/usr/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d
--dport %d -j DROP",
- iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd)) {
- snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
- logmessage(1,msg,"iptables",0);
+ case FWSAM_HOW_THIS:
+ /* Assemble command */
+ if (snprintf(iptcmd,sizeof(iptcmd)-1,
+- "/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d --dport
%d -j DROP",
++ "/usr/sbin/iptables -D FORWARD -i %s -s %s -d %s -p %d
--dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command %s is too long",
iptcmd);
+ logmessage(1,msg,"iptables",0);
+ return;
+ }
+ if (snprintf(iptcmd2,sizeof(iptcmd2)-1,
+- "/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d --dport %d
-j DROP",
++ "/usr/sbin/iptables -D INPUT -i %s -s %s -d %s -p %d
--dport %d -j DROP",
+ iptp->iface, inettoa(bd->blockip), inettoa(bd->peerip),
bd->proto, bd->port) >= sizeof(iptcmd)) {
+ snprintf(msg,sizeof(msg)-1,"Error: Command2 %s is too long",
iptcmd2);
+ logmessage(1,msg,"iptables",0);
--
1.7.9.5
_______________________________________________
openwrt-devel mailing list
[email protected]
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
