Merge pull request #48 from singchia/fix/match_tcp_port_range

Fix/match tcp port range
singchia · Dec 19, 2024 · 930548d · 930548d
2 parents 183216a + c34034f
commit 930548d
Showing 1 changed file with 41 additions and 32 deletions.
diff --git a/iptables/match.go b/iptables/match.go
@@ -9531,23 +9531,22 @@ func (mTCP *MatchTCP) Short() string {
 func (mTCP *MatchTCP) ShortArgs() []string {
 	args := make([]string, 0, 17)
 	args = append(args, "-m", mTCP.matchType.String())
-	if mTCP.SrcPortMin > -1 {
+	if mTCP.SrcPortMin > -1 && mTCP.SrcPortMax > -1 {
+		args = append(args, "--sport", strconv.Itoa(mTCP.SrcPortMin)+":"+strconv.Itoa(mTCP.SrcPortMax))
+	} else if mTCP.SrcPortMin > -1 {
 		if mTCP.SrcPortInvert {
 			args = append(args, "!")
 		}
 		args = append(args, "--sport", strconv.Itoa(mTCP.SrcPortMin))
-		if mTCP.SrcPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mTCP.SrcPortMax))
-		}
 	}
-	if mTCP.DstPortMin > -1 {
+
+	if mTCP.DstPortMin > -1 && mTCP.DstPortMax > -1 {
+		args = append(args, "--dport", strconv.Itoa(mTCP.DstPortMin)+":"+strconv.Itoa(mTCP.DstPortMax))
+	} else if mTCP.DstPortMin > -1 {
 		if mTCP.DstPortInvert {
 			args = append(args, "!")
 		}
 		args = append(args, "--dport", strconv.Itoa(mTCP.DstPortMin))
-		if mTCP.DstPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mTCP.DstPortMax))
-		}
 	}
 	if mTCP.FlagsMask != 0 && mTCP.FlagsSet != 0 {
 		if mTCP.FlagsInvert {
@@ -9571,24 +9570,24 @@ func (mTCP *MatchTCP) Long() string {
 func (mTCP *MatchTCP) LongArgs() []string {
 	args := make([]string, 0, 17)
 	args = append(args, "-m", mTCP.matchType.String())
-	if mTCP.SrcPortMin > -1 {
+	if mTCP.SrcPortMin > -1 && mTCP.SrcPortMax > -1 {
+		args = append(args, "--source-port", strconv.Itoa(mTCP.SrcPortMin)+":"+strconv.Itoa(mTCP.SrcPortMax))
+	} else if mTCP.SrcPortMin > -1 {
 		if mTCP.SrcPortInvert {
 			args = append(args, "!")
 		}
 		args = append(args, "--source-port", strconv.Itoa(mTCP.SrcPortMin))
-		if mTCP.SrcPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mTCP.SrcPortMax))
-		}
 	}
-	if mTCP.DstPortMin > -1 {
+
+	if mTCP.DstPortMin > -1 && mTCP.DstPortMax > -1 {
+		args = append(args, "--destination-port", strconv.Itoa(mTCP.DstPortMin)+":"+strconv.Itoa(mTCP.DstPortMax))
+	} else if mTCP.DstPortMin > -1 {
 		if mTCP.DstPortInvert {
 			args = append(args, "!")
 		}
 		args = append(args, "--destination-port", strconv.Itoa(mTCP.DstPortMin))
-		if mTCP.DstPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mTCP.DstPortMax))
-		}
 	}
+
 	if mTCP.FlagsMask != 0 && mTCP.FlagsSet != 0 {
 		if mTCP.FlagsInvert {
 			args = append(args, "!")
@@ -10315,23 +10314,28 @@ func (mUDP *MatchUDP) Short() string {
 func (mUDP *MatchUDP) ShortArgs() []string {
 	args := make([]string, 0, 17)
 	args = append(args, "-m", mUDP.matchType.String())
-	if mUDP.SrcPortMin > -1 {
+	if mUDP.SrcPortMin > -1 && mUDP.SrcPortMax > -1 {
 		if mUDP.SrcPortInvert {
 			args = append(args, "!")
 		}
-		args = append(args, "--sport", strconv.Itoa(mUDP.SrcPortMin))
-		if mUDP.SrcPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mUDP.SrcPortMax))
+		args = append(args, "--sport", strconv.Itoa(mUDP.SrcPortMin)+":"+strconv.Itoa(mUDP.SrcPortMax))
+	} else if mUDP.SrcPortMin > -1 {
+		if mUDP.SrcPortInvert {
+			args = append(args, "!")
 		}
+		args = append(args, "--sport", strconv.Itoa(mUDP.SrcPortMin))
 	}
-	if mUDP.DstPortMin > -1 {
+
+	if mUDP.DstPortMin > -1 && mUDP.DstPortMax > -1 {
 		if mUDP.DstPortInvert {
 			args = append(args, "!")
 		}
-		args = append(args, "--dport", strconv.Itoa(mUDP.DstPortMin))
-		if mUDP.DstPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mUDP.DstPortMax))
+		args = append(args, "--dport", strconv.Itoa(mUDP.DstPortMin)+":"+strconv.Itoa(mUDP.DstPortMax))
+	} else if mUDP.DstPortMin > -1 {
+		if mUDP.DstPortInvert {
+			args = append(args, "!")
 		}
+		args = append(args, "--dport", strconv.Itoa(mUDP.DstPortMin))
 	}
 	return args
 }
@@ -10343,23 +10347,28 @@ func (mUDP *MatchUDP) Long() string {
 func (mUDP *MatchUDP) LongArgs() []string {
 	args := make([]string, 0, 17)
 	args = append(args, "-m", mUDP.matchType.String())
-	if mUDP.SrcPortMin > -1 {
+	if mUDP.SrcPortMin > -1 && mUDP.SrcPortMax > -1 {
 		if mUDP.SrcPortInvert {
 			args = append(args, "!")
 		}
-		args = append(args, "--source-port", strconv.Itoa(mUDP.SrcPortMin))
-		if mUDP.SrcPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mUDP.SrcPortMax))
+		args = append(args, "--source-port", strconv.Itoa(mUDP.SrcPortMin)+":"+strconv.Itoa(mUDP.SrcPortMax))
+	} else if mUDP.SrcPortMin > -1 {
+		if mUDP.SrcPortInvert {
+			args = append(args, "!")
 		}
+		args = append(args, "--source-port", strconv.Itoa(mUDP.SrcPortMin))
 	}
-	if mUDP.DstPortMin > -1 {
+
+	if mUDP.DstPortMin > -1 && mUDP.DstPortMax > -1 {
 		if mUDP.DstPortInvert {
 			args = append(args, "!")
 		}
-		args = append(args, "--destination-port", strconv.Itoa(mUDP.DstPortMin))
-		if mUDP.DstPortMax > -1 {
-			args = append(args, ":"+strconv.Itoa(mUDP.DstPortMax))
+		args = append(args, "--destination-port", strconv.Itoa(mUDP.DstPortMin)+":"+strconv.Itoa(mUDP.DstPortMax))
+	} else if mUDP.DstPortMin > -1 {
+		if mUDP.DstPortInvert {
+			args = append(args, "!")
 		}
+		args = append(args, "--destination-port", strconv.Itoa(mUDP.DstPortMin))
 	}
 	return args
 }