@@ -105,8 +105,8 @@ parse_to(const char *orig_arg, int portok, struct nf_nat_range *range)
range->min_proto.tcp.port = htons(port);
range->max_proto.tcp.port = htons(maxport);
}
- /* Starts with a colon? No IP info...*/
- if (colon == arg) {
+ /* Starts with [] colon? No IP info...*/
+ if (colon == arg+2) {
free(arg);
return;
}
@@ -183,18 +183,16 @@ static void DNAT_fcheck(struct xt_fcheck_call *cb)
static void print_range(const struct nf_nat_range *range)
{
+ if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)
+ printf("[");
if (range->flags & NF_NAT_RANGE_MAP_IPS) {
- if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)
- printf("[");
printf("%s", xtables_ip6addr_to_numeric(&range->min_addr.in6));
if (memcmp(&range->min_addr, &range->max_addr,
sizeof(range->min_addr)))
printf("-%s", xtables_ip6addr_to_numeric(&range->max_addr.in6));
- if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)
- printf("]");
}
if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- printf(":");
+ printf("]:");
printf("%hu", ntohs(range->min_proto.tcp.port));
if (range->max_proto.tcp.port != range->min_proto.tcp.port)
printf("-%hu", ntohs(range->max_proto.tcp.port));
@@ -105,8 +105,8 @@ parse_to(const char *orig_arg, int portok, struct nf_nat_range *range)
range->min_proto.tcp.port = htons(port);
range->max_proto.tcp.port = htons(maxport);
}
- /* Starts with a colon? No IP info...*/
- if (colon == arg) {
+ /* Starts with [] colon? No IP info...*/
+ if (colon == arg+2) {
free(arg);
return;
}
@@ -183,18 +183,16 @@ static void SNAT_fcheck(struct xt_fcheck_call *cb)
static void print_range(const struct nf_nat_range *range)
{
+ if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)
+ printf("[");
if (range->flags & NF_NAT_RANGE_MAP_IPS) {
- if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)
- printf("[");
printf("%s", xtables_ip6addr_to_numeric(&range->min_addr.in6));
if (memcmp(&range->min_addr, &range->max_addr,
sizeof(range->min_addr)))
printf("-%s", xtables_ip6addr_to_numeric(&range->max_addr.in6));
- if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED)
- printf("]");
}
if (range->flags & NF_NAT_RANGE_PROTO_SPECIFIED) {
- printf(":");
+ printf("]:");
printf("%hu", ntohs(range->min_proto.tcp.port));
if (range->max_proto.tcp.port != range->min_proto.tcp.port)
printf("-%hu", ntohs(range->max_proto.tcp.port));
correct parsing of IPv6 port NAT without address NAT and also print brackets for port only IPv6 NAT. Signed-off-by: Ulrich Weber <ulrich.weber@sophos.com> --- extensions/libip6t_DNAT.c | 12 +++++------- extensions/libip6t_SNAT.c | 12 +++++------- 2 files changed, 10 insertions(+), 14 deletions(-)