Message ID | 20190319195655.14200-1-bhaley@redhat.com |
---|---|
State | Accepted |
Delegated to: | Pablo Neira |
Headers | show |
Series | [conntrack-tools] Allow protocol number zero | expand |
On Tue, Mar 19, 2019 at 03:56:55PM -0400, Brian Haley wrote: > /etc/protocols defines protocol zero as 'ip' for IPv4, and > 'hopopt' for IPv6, which can be used with conntrack as '-p ip' > or '-p hopopt'. However it's equivalent, '-p 0' is considered > unsupported. Change the range check in findproto() to allow > zero as well. Applied, thanks.
diff --git a/src/conntrack.c b/src/conntrack.c index daa93db..97132a9 100644 --- a/src/conntrack.c +++ b/src/conntrack.c @@ -628,7 +628,7 @@ static struct ctproto_handler *findproto(char *name, int *pnum) } /* using a protocol number? */ protonum = atoi(name); - if (protonum > 0 && protonum <= IPPROTO_MAX) { + if (protonum >= 0 && protonum <= IPPROTO_MAX) { /* try lookup by number, perhaps this protocol is supported */ list_for_each_entry(cur, &proto_list, head) { if (cur->protonum == protonum) {
/etc/protocols defines protocol zero as 'ip' for IPv4, and 'hopopt' for IPv6, which can be used with conntrack as '-p ip' or '-p hopopt'. However it's equivalent, '-p 0' is considered unsupported. Change the range check in findproto() to allow zero as well. Signed-off-by: Brian Haley <bhaley@redhat.com> --- src/conntrack.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)