All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command
@ 2022-07-08 11:18 Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul() Pablo Neira Ayuso
  0 siblings, 2 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 11:18 UTC (permalink / raw)
  To: netfilter-devel; +Cc: mikhail.sennikovskii

Extend manpage to document the new -A/--add command.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 conntrack.8 | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/conntrack.8 b/conntrack.8
index 0db427b7b9ea..6fbb41fe81fc 100644
--- a/conntrack.8
+++ b/conntrack.8
@@ -14,6 +14,8 @@ conntrack \- command line interface for netfilter connection tracking
 .br
 .BR "conntrack -I [table] parameters"
 .br
+.BR "conntrack -A [table] parameters"
+.br
 .BR "conntrack -U [table] parameters"
 .br
 .BR "conntrack -E [table] [options]"
@@ -88,7 +90,10 @@ Search for and show a particular (matching) entry in the given table.
 Delete an entry from the given table.
 .TP
 .BI "-I, --create "
-Create a new entry from the given table.
+Create a new entry from the given table, it fails if it already exists.
+.TP
+.BI "-A, --add "
+Add a new entry from the given table.
 .TP
 .BI "-U, --update "
 Update an entry from the given table.
@@ -186,8 +191,8 @@ Use multiple \-l options to specify multiple labels that need to be set.
 .TP
 .BI "--label-add " "LABEL"
 Specify the conntrack label to add to the selected conntracks.
-This option is only available in conjunction with "\-I, \-\-create" or
-"\-U, \-\-update".
+This option is only available in conjunction with "\-I, \-\-create",
+"\-A, \-\-add" or "\-U, \-\-update".
 .TP
 .BI "--label-del " "[LABEL]"
 Specify the conntrack label to delete from the selected conntracks.
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW
  2022-07-08 11:18 [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command Pablo Neira Ayuso
@ 2022-07-08 11:18 ` Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul() Pablo Neira Ayuso
  1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 11:18 UTC (permalink / raw)
  To: netfilter-devel; +Cc: mikhail.sennikovskii

IPPROTO_MPTCP defeats the purpose of IPPROTO_MAX to check for the
maximum layer 4 protocol supported in the IP header.

Use IPPROTO_RAW (255) instead.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index 33f60239580f..4afccde4b027 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -840,7 +840,7 @@ static int parse_proto_num(const char *str)
 	long val;
 
 	val = strtol(str, &endptr, 0);
-	if (val >= IPPROTO_MAX ||
+	if (val > IPPROTO_RAW ||
 	    val < 0 ||
 	    endptr == str ||
 	    *endptr != '\0')
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul()
  2022-07-08 11:18 [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command Pablo Neira Ayuso
  2022-07-08 11:18 ` [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW Pablo Neira Ayuso
@ 2022-07-08 11:18 ` Pablo Neira Ayuso
  1 sibling, 0 replies; 3+ messages in thread
From: Pablo Neira Ayuso @ 2022-07-08 11:18 UTC (permalink / raw)
  To: netfilter-devel; +Cc: mikhail.sennikovskii

Use strtoul() instead and remove check for negative value.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
---
 src/conntrack.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/conntrack.c b/src/conntrack.c
index 4afccde4b027..859a4835580b 100644
--- a/src/conntrack.c
+++ b/src/conntrack.c
@@ -836,12 +836,11 @@ extern struct ctproto_handler ct_proto_unknown;
 
 static int parse_proto_num(const char *str)
 {
+	unsigned long val;
 	char *endptr;
-	long val;
 
-	val = strtol(str, &endptr, 0);
+	val = strtoul(str, &endptr, 0);
 	if (val > IPPROTO_RAW ||
-	    val < 0 ||
 	    endptr == str ||
 	    *endptr != '\0')
 		return -1;
-- 
2.30.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-07-08 11:18 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-07-08 11:18 [PATCH conntrack-tools 1/3] conntrack: update manpage with new -A command Pablo Neira Ayuso
2022-07-08 11:18 ` [PATCH conntrack-tools 2/3] conntrack: use IPPROTO_RAW Pablo Neira Ayuso
2022-07-08 11:18 ` [PATCH conntrack-tools 3/3] conntrack: slightly simplify parse_proto_num() by using strtoul() Pablo Neira Ayuso

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.