Hi Blazej,
I did something similiar to what you describe, just rewriting
libipt_ACCOUNT.c according to changnges in API but for me it's working
with iptables 1.4.4. Try attached patch maybe it will help you.
Regards,
Vlado
Thomas Jarosch wrote / napísal(a):
> Hello Blazej,
>
> On Tuesday, 4. August 2009 15:11:43 you wrote:
>> I have tried to compile the ipt_ACCOUNT 1.15 with the iptables 1.4.4.
>> The kernel part went well (2.6.30.3) and it works with the older
>> iptables (1.4.0). But it seems like in iptables 1.4.4 there are some
>> significant changes. I found out that some of the functions were
>> renemed. After applying the ipt_ACCOUNT with pom there are some
>> errors. When I have tried to chenge the functions names in
>> libipt_ACCOUNT.c it has compiled successfully but using it with
>> iptables -j ACCOUNT... returns an error: Couldn't load target
>> 'ACCOUNT': null
>> Do you have some experience with iptables 1.4.4. Does the ipt_ACCOUNT
>> work or it needs some fixes?
>
> We're using ipt_ACCOUNT with iptables 1.4.2, I haven't tried 1.4.4 yet.
> So yes, it could be that it needs some changes.
>
> Right now I'm busy at $dayjob, guess it will take about two weeks
> until I can take a look at it. Feel free to fix it yourself,
> I'll happily accept patches.
>
> btw: We have created a mailinglist for ipt_ACCOUNT:
> http://www.intra2net.com/en/developer/ipt_ACCOUNT/mailinglist.php
>
> Cheers,
> Thomas
>
>
> --
> ipt_ACCOUNT - see http://www.intra2net.com/en/developer/ipt_ACCOUNT for
> details.
> To unsubscribe send a mail to ipt_ACCOUNT+unsubscribe@xxxxxxxxxxxxxxxxxxxxxxx
>
>
>
--
ipt_ACCOUNT - see http://www.intra2net.com/en/developer/ipt_ACCOUNT for details.
To unsubscribe send a mail to ipt_ACCOUNT+unsubscribe@xxxxxxxxxxxxxxxxxxxxxxx diff -ruN ACCOUNT.old/iptables/extensions/libipt_ACCOUNT.c
ACCOUNT/iptables/extensions/libipt_ACCOUNT.c
--- ACCOUNT.old/iptables/extensions/libipt_ACCOUNT.c 2008-06-13
18:14:45.000000000 +0200
+++ ACCOUNT/iptables/extensions/libipt_ACCOUNT.c 2009-09-03
16:35:08.000000000 +0200
@@ -59,21 +59,21 @@
switch (c) {
case 'a':
if (*flags & IPT_ACCOUNT_OPT_ADDR)
- exit_error(PARAMETER_PROBLEM, "Can't specify --%s twice",
+ xtables_error(PARAMETER_PROBLEM, "Can't specify --%s twice",
opts[0].name);
- if (check_inverse(optarg, &invert, NULL, 0))
- exit_error(PARAMETER_PROBLEM, "Unexpected `!' after --%s",
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
+ xtables_error(PARAMETER_PROBLEM, "Unexpected `!' after --%s",
opts[0].name);
#ifdef XTABLES_VERSION_CODE
- ipparse_hostnetworkmask(optarg, &addrs, &mask, &naddrs);
+ xtables_ipparse_any(optarg, &addrs, &mask, &naddrs);
#else
parse_hostnetworkmask(optarg, &addrs, &mask, &naddrs);
#endif
if (naddrs > 1)
- exit_error(PARAMETER_PROBLEM, "multiple IP addresses not
allowed");
+ xtables_error(PARAMETER_PROBLEM, "multiple IP addresses not
allowed");
accountinfo->net_ip = addrs[0].s_addr;
accountinfo->net_mask = mask.s_addr;
@@ -83,15 +83,15 @@
case 't':
if (*flags & IPT_ACCOUNT_OPT_TABLE)
- exit_error(PARAMETER_PROBLEM,
+ xtables_error(PARAMETER_PROBLEM,
"Can't specify --%s twice", opts[1].name);
- if (check_inverse(optarg, &invert, NULL, 0))
- exit_error(PARAMETER_PROBLEM,
+ if (xtables_check_inverse(optarg, &invert, NULL, 0))
+ xtables_error(PARAMETER_PROBLEM,
"Unexpected `!' after --%s", opts[1].name);
if (strlen(optarg) > ACCOUNT_TABLE_NAME_LEN - 1)
- exit_error(PARAMETER_PROBLEM,
+ xtables_error(PARAMETER_PROBLEM,
"Maximum table name length %u for --%s",
ACCOUNT_TABLE_NAME_LEN - 1, opts[1].name);
@@ -109,14 +109,14 @@
static void final_check(unsigned int flags)
{
if (!(flags&IPT_ACCOUNT_OPT_ADDR) || !(flags&IPT_ACCOUNT_OPT_TABLE))
- exit_error(PARAMETER_PROBLEM, "ACCOUNT: needs --%s and --%s",
+ xtables_error(PARAMETER_PROBLEM, "ACCOUNT: needs --%s and --%s",
opts[0].name, opts[1].name);
}
static const char *print_helper_ip(struct in_addr a)
{
#ifdef XTABLES_VERSION_CODE
- return ipaddr_to_numeric(&a);
+ return xtables_ipaddr_to_numeric(&a);
#else
return addr_to_dotted(&a);
#endif
@@ -125,7 +125,7 @@
static const char *print_helper_mask(struct in_addr a)
{
#ifdef XTABLES_VERSION_CODE
- return ipmask_to_numeric(&a);
+ return xtables_ipmask_to_numeric(&a);
#else
return mask_to_dotted(&a);
#endif
|