git://git.onelab.eu / iptables.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
update to iptables-1.3.8
[iptables.git] / extensions / libipt_esp.c
diff --git a/extensions/libipt_esp.c b/extensions/libipt_esp.c
index 531fdd1..21e912b 100644 (file)
--- a/extensions/libipt_esp.c
+++ b/extensions/libipt_esp.c
@@ -62,6 +62,9 @@ parse_esp_spis(const char *spistring, u_int32_t *spis)
 
                spis[0] = buffer[0] ? parse_esp_spi(buffer) : 0;
                spis[1] = cp[0] ? parse_esp_spi(cp) : 0xFFFFFFFF;
+               if (spis[0] > spis[1])
+                       exit_error(PARAMETER_PROBLEM,
+                                  "Invalid ESP spi range: %s", spistring);
        }
        free(buffer);
 }
@@ -168,20 +171,19 @@ static void save(const struct ipt_ip *ip, const struct ipt_entry_match *match)
 
 }
 
-static
-struct iptables_match esp
-= { NULL,
-    "esp",
-    IPTABLES_VERSION,
-    IPT_ALIGN(sizeof(struct ipt_esp)),
-    IPT_ALIGN(sizeof(struct ipt_esp)),
-    &help,
-    &init,
-    &parse,
-    &final_check,
-    &print,
-    &save,
-    opts
+static struct iptables_match esp = { 
+       .next           = NULL,
+       .name           = "esp",
+       .version        = IPTABLES_VERSION,
+       .size           = IPT_ALIGN(sizeof(struct ipt_esp)),
+       .userspacesize  = IPT_ALIGN(sizeof(struct ipt_esp)),
+       .help           = &help,
+       .init           = &init,
+       .parse          = &parse,
+       .final_check    = &final_check,
+       .print          = &print,
+       .save           = &save,
+       .extra_opts     = opts
 };
 
 void
iptables