SOURCES: kernel-desktop-pom-ng-connlimit.patch, kernel-desktop-pom...
glen
glen at pld-linux.org
Wed Apr 9 01:00:02 CEST 2008
Author: glen Date: Tue Apr 8 23:00:02 2008 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- updated from kernel-pom-ng-*patch
---- Files affected:
SOURCES:
kernel-desktop-pom-ng-connlimit.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-IPMARK.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-ipp2p.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-ipv4options.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-mms-conntrack-nat.patch (1.1 -> 1.2) , kernel-desktop-pom-ng-ROUTE.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-rpc.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-rsh.patch (1.1 -> 1.2) , kernel-desktop-pom-ng-set.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-TARPIT.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-time.patch (1.2 -> 1.3) , kernel-desktop-pom-ng-u32.patch (1.2 -> 1.3)
---- Diffs:
================================================================
Index: SOURCES/kernel-desktop-pom-ng-connlimit.patch
diff -u SOURCES/kernel-desktop-pom-ng-connlimit.patch:1.2 SOURCES/kernel-desktop-pom-ng-connlimit.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-connlimit.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-connlimit.patch Wed Apr 9 00:59:56 2008
@@ -115,7 +115,7 @@
+#else
+ struct nf_conn *found_ct = NULL;
+ conn = list_entry(lh, struct ipt_connlimit_conn, list);
-+ found = nf_conntrack_find_get(&conn->tuple, ct);
++ found = nf_conntrack_find_get(&conn->tuple);
+#endif
+
+ if (found != NULL
================================================================
Index: SOURCES/kernel-desktop-pom-ng-IPMARK.patch
diff -u SOURCES/kernel-desktop-pom-ng-IPMARK.patch:1.2 SOURCES/kernel-desktop-pom-ng-IPMARK.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-IPMARK.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-IPMARK.patch Wed Apr 9 00:59:56 2008
@@ -45,24 +45,24 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/Makefile linux-2.6.21.b/net/ipv4/netfilter/Makefile
--- linux-2.6.21.a/net/ipv4/netfilter/Makefile 2007-05-30 12:01:03.000000000 +0200
+++ linux-2.6.21.b/net/ipv4/netfilter/Makefile 2007-05-30 12:01:21.000000000 +0200
-@@ -118,6 +118,7 @@ obj-$(CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP)
- obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
- obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
+@@ -82,6 +82,7 @@
+ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o
+ obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
+obj-$(CONFIG_IP_NF_TARGET_IPMARK) += ipt_IPMARK.o
- # generic ARP tables
- obj-$(CONFIG_IP_NF_ARPTABLES) += arp_tables.o
+ obj-$(CONFIG_IP_NF_MATCH_IPV4OPTIONS) += ipt_ipv4options.o
+
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ipt_IPMARK.c linux-2.6.21.b/net/ipv4/netfilter/ipt_IPMARK.c
--- linux-2.6.21.a/net/ipv4/netfilter/ipt_IPMARK.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv4/netfilter/ipt_IPMARK.c 2007-05-30 12:01:21.000000000 +0200
-@@ -0,0 +1,96 @@
+@@ -0,0 +1,125 @@
+#include <linux/module.h>
+#include <linux/skbuff.h>
+#include <linux/version.h>
+#include <linux/ip.h>
+#include <net/checksum.h>
-+#include <linux/netfilter/x_tables.h>
++
+#include <linux/netfilter_ipv4/ip_tables.h>
+#include <linux/netfilter_ipv4/ipt_IPMARK.h>
+
@@ -78,11 +78,19 @@
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ const struct xt_target *target,
+#endif
-+ const void *targinfo
-+ )
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
++ const void *targinfo,
++ void *userinfo)
++#else
++ const void *targinfo)
++#endif
+{
+ const struct ipt_ipmark_target_info *ipmarkinfo = targinfo;
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
+ struct iphdr *iph = ip_hdr(*pskb);
++#else
++ struct iphdr *iph = (*pskb)->nh.iph;
++#endif
+ unsigned long mark;
+
+ if (ipmarkinfo->addr == IPT_IPMARK_SRC)
@@ -92,10 +100,14 @@
+
+ mark &= ipmarkinfo->andmask;
+ mark |= ipmarkinfo->ormask;
-+
++
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,20)
++ if ((*pskb)->nfmark != mark)
++ (*pskb)->nfmark = mark;
++#else
+ if ((*pskb)->mark != mark)
+ (*pskb)->mark = mark;
-+
++#endif
+ return IPT_CONTINUE;
+}
+
@@ -110,7 +122,9 @@
+ const struct xt_target *target,
+#endif
+ void *targinfo,
-+
++#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
++ unsigned int targinfosize,
++#endif
+ unsigned int hook_mask)
+{
+
@@ -131,8 +145,15 @@
+ return 1;
+}
+
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
++static struct xt_target ipt_ipmark_reg = {
++#else
+static struct ipt_target ipt_ipmark_reg = {
++#endif
+ .name = "IPMARK",
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
++ .family = AF_INET,
++#endif
+ .target = target,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ .targetsize = sizeof(struct ipt_ipmark_target_info),
@@ -143,12 +164,20 @@
+
+static int __init init(void)
+{
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+ return xt_register_target(&ipt_ipmark_reg);
++#else
++ return ipt_register_target(&ipt_ipmark_reg);
++#endif
+}
+
+static void __exit fini(void)
+{
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+ xt_unregister_target(&ipt_ipmark_reg);
++#else
++ ipt_unregister_target(&ipt_ipmark_reg);
++#endif
+}
+
+module_init(init);
================================================================
Index: SOURCES/kernel-desktop-pom-ng-ipp2p.patch
diff -u SOURCES/kernel-desktop-pom-ng-ipp2p.patch:1.2 SOURCES/kernel-desktop-pom-ng-ipp2p.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-ipp2p.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-ipp2p.patch Wed Apr 9 00:59:56 2008
@@ -963,11 +963,5 @@
diff -Nru linux-2.6.22/net/ipv4/netfilter/Makefile linux-2.6.22-pom2patch/net/ipv4/netfilter/Makefile
--- linux-2.6.22/net/ipv4/netfilter/Makefile 2007-07-09 01:32:17.000000000 +0200
+++ linux-2.6.22-pom2patch/net/ipv4/netfilter/Makefile 2007-08-07 18:38:54.000000000 +0200
-@@ -45,6 +45,7 @@
-
- obj-$(CONFIG_IP_NF_MATCH_IPV4OPTIONS) += ipt_ipv4options.o
- obj-$(CONFIG_IP_NF_MATCH_CONNLIMIT) += ipt_connlimit.o
+@@ -0,0 +0,1 @@
+obj-$(CONFIG_IP_NF_MATCH_IPP2P) += ipt_ipp2p.o
-
- obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent.o
- obj-$(CONFIG_IP_NF_MATCH_GEOIP) += ipt_geoip.o
================================================================
Index: SOURCES/kernel-desktop-pom-ng-ipv4options.patch
diff -u SOURCES/kernel-desktop-pom-ng-ipv4options.patch:1.2 SOURCES/kernel-desktop-pom-ng-ipv4options.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-ipv4options.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-ipv4options.patch Wed Apr 9 00:59:56 2008
@@ -48,16 +48,15 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/Makefile linux-2.6.21.b/net/ipv4/netfilter/Makefile
--- linux-2.6.21.a/net/ipv4/netfilter/Makefile 2007-05-30 11:18:08.000000000 +0200
+++ linux-2.6.21.b/net/ipv4/netfilter/Makefile 2007-05-30 11:22:30.000000000 +0200
-@@ -86,6 +86,9 @@ obj-$(CONFIG_IP_NF_RAW) += iptable_raw.o
- obj-$(CONFIG_IP_NF_MATCH_IPRANGE) += ipt_iprange.o
- obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_owner.o
- obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o
-+
+@@ -64,6 +64,8 @@
+ obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o
+ obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
+
+obj-$(CONFIG_IP_NF_MATCH_IPV4OPTIONS) += ipt_ipv4options.o
+
- obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent.o
- obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o
- obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o
+ # generic ARP tables
+ obj-$(CONFIG_IP_NF_ARPTABLES) += arp_tables.o
+ obj-$(CONFIG_IP_NF_ARP_MANGLE) += arpt_mangle.o
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ipt_ipv4options.c linux-2.6.21.b/net/ipv4/netfilter/ipt_ipv4options.c
--- linux-2.6.21.a/net/ipv4/netfilter/ipt_ipv4options.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv4/netfilter/ipt_ipv4options.c 2007-05-30 11:22:30.000000000 +0200
================================================================
Index: SOURCES/kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch
diff -u SOURCES/kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch:1.2 SOURCES/kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch Wed Apr 9 00:59:56 2008
@@ -20,14 +20,14 @@
diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/Makefile linux-2.6.21.a/net/ipv4/netfilter/Makefile
--- linux-2.6.21.b/net/ipv4/netfilter/Makefile 2007-05-30 11:11:52.000000000 +0200
+++ linux-2.6.21.a/net/ipv4/netfilter/Makefile 2007-05-30 11:18:08.000000000 +0200
-@@ -103,6 +103,7 @@ obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt
- obj-$(CONFIG_IP_NF_TARGET_SAME) += ipt_SAME.o
- obj-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic.o
+@@ -54,6 +54,7 @@
+ obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
+ obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o
+obj-$(CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP) += ipt_IPV4OPTSSTRIP.o
- obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
- obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
- obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o
+ obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
+ obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
+ obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c linux-2.6.21.a/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c
--- linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.a/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c 2007-05-30 11:18:08.000000000 +0200
================================================================
Index: SOURCES/kernel-desktop-pom-ng-mms-conntrack-nat.patch
diff -u SOURCES/kernel-desktop-pom-ng-mms-conntrack-nat.patch:1.1 SOURCES/kernel-desktop-pom-ng-mms-conntrack-nat.patch:1.2
--- SOURCES/kernel-desktop-pom-ng-mms-conntrack-nat.patch:1.1 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-mms-conntrack-nat.patch Wed Apr 9 00:59:56 2008
@@ -135,14 +135,8 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/Makefile linux-2.6.21.b/net/ipv4/netfilter/Makefile
--- linux-2.6.21.a/net/ipv4/netfilter/Makefile 2007-05-30 11:44:12.000000000 +0200
+++ linux-2.6.21.b/net/ipv4/netfilter/Makefile 2007-05-30 11:50:55.000000000 +0200
-@@ -62,6 +64,7 @@ obj-$(CONFIG_IP_NF_NAT_SIP) += ip_nat_si
- # NAT helpers (nf_conntrack)
- obj-$(CONFIG_NF_NAT_AMANDA) += nf_nat_amanda.o
- obj-$(CONFIG_NF_NAT_FTP) += nf_nat_ftp.o
+@@ -0,0 +0,1 @@
+obj-$(CONFIG_NF_NAT_MMS) += nf_nat_mms.o
- obj-$(CONFIG_NF_NAT_H323) += nf_nat_h323.o
- obj-$(CONFIG_NF_NAT_IRC) += nf_nat_irc.o
- obj-$(CONFIG_NF_NAT_PPTP) += nf_nat_pptp.o
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/nf_nat_mms.c linux-2.6.21.b/net/ipv4/netfilter/nf_nat_mms.c
--- linux-2.6.21.a/net/ipv4/netfilter/nf_nat_mms.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv4/netfilter/nf_nat_mms.c 2007-05-30 11:50:55.000000000 +0200
@@ -259,7 +253,7 @@
+ /* Alter conntrack's expectations. */
+ for (port = ct_mms_info->port; port != 0; port++) {
+ expect->tuple.dst.u.tcp.port = htons(port);
-+ if (nf_conntrack_expect_related(expect) == 0) {
++ if (nf_ct_expect_related(expect) == 0) {
+ DEBUGP("nf_nat_mms: mms_data_fixup: using port %d\n",
+ port);
+ break;
@@ -317,7 +311,7 @@
+ " messageLength=%u\n", *mms_chunkLenLV, *mms_chunkLenLM,
+ *mms_messageLength);
+
-+ nf_nat_mangle_tcp_packet(pskb, ct, ctinfo,
++ nf_nat_mangle_tcp_packet(*pskb, ct, ctinfo,
+ ct_mms_info->offset,
+ ct_mms_info->len + ct_mms_info->padding,
+ unicode_buffer, strlen(buffer)*2 +
@@ -379,7 +373,7 @@
diff -NurpP --minimal linux-2.6.21.a/net/netfilter/nf_conntrack_mms.c linux-2.6.21.b/net/netfilter/nf_conntrack_mms.c
--- linux-2.6.21.a/net/netfilter/nf_conntrack_mms.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/netfilter/nf_conntrack_mms.c 2007-05-30 11:50:55.000000000 +0200
-@@ -0,0 +1,374 @@
+@@ -0,0 +1,371 @@
+/* MMS extension for IP connection tracking
+ * (C) 2002 by Filip Sneppe <filip.sneppe at cronos.be>
+ * based on ip_conntrack_ftp.c and ip_conntrack_irc.c
@@ -647,7 +641,7 @@
+
+ DEBUGP("nf_conntrack_mms: tcph->seq = %u\n", tcph->seq);
+
-+ exp = nf_conntrack_expect_alloc(ct);
++ exp = nf_ct_expect_alloc(ct);
+ if (exp == NULL) {
+ ret = NF_DROP;
+ goto out;
@@ -664,16 +658,16 @@
+
+ tuple = &ct->tuplehash[!dir].tuple;
+ port = htons(mms_port);
-+ nf_conntrack_expect_init(exp, tuple->src.l3num,
++ nf_ct_expect_init(exp, tuple->src.l3num,
+ NULL, &tuple->dst.u3,
+ IPPROTO_TCP, NULL, &port);
+
+ nf_nat_mms = rcu_dereference(nf_nat_mms_hook);
+ if (nf_nat_mms && ct->status & IPS_NAT_MASK)
+ ret = nf_nat_mms(pskb, ctinfo, exp_mms_info, exp);
-+ else if (nf_conntrack_expect_related(exp) != 0)
++ else if (nf_ct_expect_related(exp) != 0)
+ ret = NF_DROP;
-+ nf_conntrack_expect_put(exp);
++ nf_ct_expect_put(exp);
+/*
+ exp->tuple = ((struct nf_conntrack_tuple)
+ { { ct->tuplehash[!dir].tuple.src.u3.ip, { 0 } },
@@ -725,8 +719,6 @@
+ memset(&mms[i], 0, sizeof(struct nf_conntrack_helper));
+ mms[i].tuple.src.u.tcp.port = htons(ports[i]);
+ mms[i].tuple.dst.protonum = IPPROTO_TCP;
-+ mms[i].mask.src.u.tcp.port = 0xFFFF;
-+ mms[i].mask.dst.protonum = 0xFF;
+ mms[i].max_expected = 1;
+ mms[i].timeout = 120;
+ mms[i].me = THIS_MODULE;
================================================================
Index: SOURCES/kernel-desktop-pom-ng-ROUTE.patch
diff -u SOURCES/kernel-desktop-pom-ng-ROUTE.patch:1.2 SOURCES/kernel-desktop-pom-ng-ROUTE.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-ROUTE.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-ROUTE.patch Wed Apr 9 00:59:56 2008
@@ -81,14 +81,14 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/Makefile linux-2.6.21.b/net/ipv4/netfilter/Makefile
--- linux-2.6.21.a/net/ipv4/netfilter/Makefile 2007-05-30 11:39:28.000000000 +0200
+++ linux-2.6.21.b/net/ipv4/netfilter/Makefile 2007-05-30 11:40:37.000000000 +0200
-@@ -104,6 +104,7 @@ obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_EC
- obj-$(CONFIG_IP_NF_TARGET_IMQ) += ipt_IMQ.o
+@@ -74,6 +74,7 @@
obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
+ obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
+obj-$(CONFIG_IP_NF_TARGET_ROUTE) += ipt_ROUTE.o
- obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
+ obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
obj-$(CONFIG_IP_NF_TARGET_SAME) += ipt_SAME.o
- obj-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic.o
+ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TOS.o
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ipt_ROUTE.c linux-2.6.21.b/net/ipv4/netfilter/ipt_ROUTE.c
--- linux-2.6.21.a/net/ipv4/netfilter/ipt_ROUTE.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv4/netfilter/ipt_ROUTE.c 2007-05-30 11:40:37.000000000 +0200
@@ -215,7 +215,7 @@
+ int hh_len = LL_RESERVED_SPACE(dev);
+
+ /* Be paranoid, rather than too clever. */
-+ if (unlikely(skb_headroom(skb) < hh_len && dev->hard_header)) {
++ if (unlikely(skb_headroom(skb) < hh_len && dev->header_ops)) {
+ struct sk_buff *skb2;
+
+ skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev));
@@ -261,7 +261,7 @@
+ /* The user set the interface name to use.
+ * Getting the current interface index.
+ */
-+ if ((dev_out = dev_get_by_name(route_info->oif))) {
++ if ((dev_out = dev_get_by_name(&init_net, route_info->oif))) {
+ ifindex = dev_out->ifindex;
+ } else {
+ /* Unknown interface name : packet dropped */
@@ -327,7 +327,7 @@
+ struct net_device *dev_in = NULL;
+
+ /* Getting the current interface index. */
-+ if (!(dev_in = dev_get_by_name(route_info->iif))) {
++ if (!(dev_in = dev_get_by_name(&init_net, route_info->iif))) {
+ if (net_ratelimit())
+ DEBUGP("ipt_ROUTE: iif interface %s not found\n", route_info->iif);
+ return NF_DROP;
@@ -576,14 +576,11 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv6/netfilter/Makefile linux-2.6.21.b/net/ipv6/netfilter/Makefile
--- linux-2.6.21.a/net/ipv6/netfilter/Makefile 2007-05-30 11:13:04.000000000 +0200
+++ linux-2.6.21.b/net/ipv6/netfilter/Makefile 2007-05-30 11:40:37.000000000 +0200
-@@ -21,6 +21,7 @@ obj-$(CONFIG_IP6_NF_RAW) += ip6table_raw
- obj-$(CONFIG_IP6_NF_MATCH_HL) += ip6t_hl.o
+@@ -30,3 +30,4 @@
+ obj-$(CONFIG_IP6_NF_TARGET_HL) += ip6t_HL.o
+ obj-$(CONFIG_IP6_NF_TARGET_LOG) += ip6t_LOG.o
obj-$(CONFIG_IP6_NF_TARGET_REJECT) += ip6t_REJECT.o
- obj-$(CONFIG_IP6_NF_MATCH_MH) += ip6t_mh.o
+obj-$(CONFIG_IP6_NF_TARGET_ROUTE) += ip6t_ROUTE.o
-
- # objects for l3 independent conntrack
- nf_conntrack_ipv6-objs := nf_conntrack_l3proto_ipv6.o nf_conntrack_proto_icmpv6.o nf_conntrack_reasm.o
diff -NurpP --minimal linux-2.6.21.a/net/ipv6/netfilter/ip6t_ROUTE.c linux-2.6.21.b/net/ipv6/netfilter/ip6t_ROUTE.c
--- linux-2.6.21.a/net/ipv6/netfilter/ip6t_ROUTE.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv6/netfilter/ip6t_ROUTE.c 2007-05-30 11:40:37.000000000 +0200
@@ -733,7 +730,7 @@
+ /* The user set the interface name to use.
+ * Getting the current interface index.
+ */
-+ if ((dev_out = dev_get_by_name(route_info->oif))) {
++ if ((dev_out = dev_get_by_name(&init_net, route_info->oif))) {
+ ifindex = dev_out->ifindex;
+ } else {
+ /* Unknown interface name : packet dropped */
================================================================
Index: SOURCES/kernel-desktop-pom-ng-rpc.patch
diff -u SOURCES/kernel-desktop-pom-ng-rpc.patch:1.2 SOURCES/kernel-desktop-pom-ng-rpc.patch:1.3
--- SOURCES/kernel-desktop-pom-ng-rpc.patch:1.2 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-rpc.patch Wed Apr 9 00:59:56 2008
@@ -161,7 +161,7 @@
diff -Nur --exclude '*.orig' linux/net/ipv4/netfilter/ip_conntrack_rpc_tcp.c linux/net/ipv4/netfilter/ip_conntrack_rpc_tcp.c
--- linux/net/ipv4/netfilter/ip_conntrack_rpc_tcp.c 1970-01-01 01:00:00.000000000 +0100
+++ linux/net/ipv4/netfilter/ip_conntrack_rpc_tcp.c 2007-08-15 03:04:53.000000000 +0200
-@@ -0,0 +1,567 @@
+@@ -0,0 +1,554 @@
+/* RPC extension for IP (TCP) connection tracking, Version 2.2
+ * (C) 2000 by Marcelo Barbosa Lima <marcelo.lima at dcc.unicamp.br>
+ * - original rpc tracking module
@@ -489,7 +489,7 @@
+ if (port_buf && port_buf != nsrexec) {
+ DEBUGP("port found: %u\n", port_buf);
+
-+ exp = nf_conntrack_expect_alloc(ct);
++ exp = nf_ct_expect_alloc(ct);
+ if (!exp) {
+ ret = NF_DROP;
+ goto out;
@@ -499,7 +499,6 @@
+ exp->tuple.src.u3.ip = ct->tuplehash[!dir].tuple.src.u3.ip;
+ exp->tuple.dst.u3.ip = ct->tuplehash[!dir].tuple.dst.u3.ip;
+ exp->mask.src.u3.ip = 0xffffffff;
-+ exp->mask.dst.u3.ip = 0xffffffff;
+
+ switch (req_p->proto) {
+ case IPPROTO_UDP:
@@ -507,8 +506,6 @@
+ exp->tuple.dst.u.udp.port = htons(port_buf);
+ exp->tuple.dst.protonum = IPPROTO_UDP;
+ exp->mask.src.u.udp.port = 0;
-+ exp->mask.dst.u.udp.port = htons(0xffff);
-+ exp->mask.dst.protonum = 0xff;
+ break;
+
+ case IPPROTO_TCP:
@@ -516,8 +513,6 @@
+ exp->tuple.dst.u.tcp.port = htons(port_buf);
+ exp->tuple.dst.protonum = IPPROTO_TCP;
+ exp->mask.src.u.tcp.port = 0;
-+ exp->mask.dst.u.tcp.port = htons(0xffff);
-+ exp->mask.dst.protonum = 0xff;
+ break;
+ }
+ exp->expectfn = NULL;
@@ -539,7 +534,7 @@
+ NIPQUAD(exp->mask.dst.u3.ip),
+ exp->mask.dst.protonum);
+
-+ if (nf_conntrack_expect_related(exp) != 0) {
++ if (nf_ct_expect_related(exp) != 0) {
+ ret = NF_DROP;
+ }
+
@@ -667,12 +662,9 @@
+ rpc_helpers[port].timeout = 5 * 60; /* stes */
+
+ rpc_helpers[port].tuple.dst.protonum = IPPROTO_TCP;
-+ rpc_helpers[port].mask.dst.protonum = 0xff;
+
+ /* RPC can come from ports 0:65535 to ports[port] (111) */
+ rpc_helpers[port].tuple.src.u.tcp.port = htons(ports[port]);
-+ rpc_helpers[port].mask.src.u.tcp.port = htons(0xffff);
-+ rpc_helpers[port].mask.dst.u.tcp.port = htons(0x0);
+
+ rpc_helpers[port].help = help;
+
@@ -682,11 +674,6 @@
+ ntohs(rpc_helpers[port].tuple.dst.u.tcp.port),
+ NIPQUAD(rpc_helpers[port].tuple.src.u3.ip),
+ ntohs(rpc_helpers[port].tuple.src.u.tcp.port));
-+ PRINTK("helper match mask %u.%u.%u.%u:%u->%u.%u.%u.%u:%u\n",
-+ NIPQUAD(rpc_helpers[port].mask.dst.u3.ip),
-+ ntohs(rpc_helpers[port].mask.dst.u.tcp.port),
-+ NIPQUAD(rpc_helpers[port].mask.src.u3.ip),
-+ ntohs(rpc_helpers[port].mask.src.u.tcp.port));
+
+ ret = nf_conntrack_helper_register(&rpc_helpers[port]);
+
@@ -732,7 +719,7 @@
diff -Nur --exclude '*.orig' linux/net/ipv4/netfilter/ip_conntrack_rpc_udp.c linux/net/ipv4/netfilter/ip_conntrack_rpc_udp.c
--- linux/net/ipv4/netfilter/ip_conntrack_rpc_udp.c 1970-01-01 01:00:00.000000000 +0100
+++ linux/net/ipv4/netfilter/ip_conntrack_rpc_udp.c 2007-08-15 01:44:02.000000000 +0200
-@@ -0,0 +1,540 @@
+@@ -0,0 +1,527 @@
+/* RPC extension for IP (UDP) connection tracking, Version 2.2
+ * (C) 2000 by Marcelo Barbosa Lima <marcelo.lima at dcc.unicamp.br>
+ * - original rpc tracking module
@@ -1046,7 +1033,7 @@
+ if (port_buf) {
+ DEBUGP("port found: %u\n", port_buf);
+
-+ exp = nf_conntrack_expect_alloc(ct);
++ exp = nf_ct_expect_alloc(ct);
+ if (!exp) {
+ ret = NF_DROP;
+ goto out;
@@ -1056,7 +1043,6 @@
+ exp->tuple.src.u3.ip = ct->tuplehash[!dir].tuple.src.u3.ip;
+ exp->tuple.dst.u3.ip = ct->tuplehash[!dir].tuple.dst.u3.ip;
+ exp->mask.src.u3.ip = 0xffffffff;
-+ exp->mask.dst.u3.ip = 0xffffffff;
+
+ switch (req_p->proto) {
+ case IPPROTO_UDP:
@@ -1064,8 +1050,6 @@
+ exp->tuple.dst.u.udp.port = htons(port_buf);
+ exp->tuple.dst.protonum = IPPROTO_UDP;
+ exp->mask.src.u.udp.port = 0;
-+ exp->mask.dst.u.udp.port = htons(0xffff);
-+ exp->mask.dst.protonum = 0xff;
+ break;
+
+ case IPPROTO_TCP:
@@ -1073,8 +1057,6 @@
+ exp->tuple.dst.u.tcp.port = htons(port_buf);
+ exp->tuple.dst.protonum = IPPROTO_TCP;
+ exp->mask.src.u.tcp.port = 0;
-+ exp->mask.dst.u.tcp.port = htons(0xffff);
-+ exp->mask.dst.protonum = 0xff;
+ break;
+ }
+ exp->expectfn = NULL;
@@ -1090,7 +1072,7 @@
+ NIPQUAD(exp->mask.dst.u3.ip),
+ exp->mask.dst.protonum);
+
-+ if (nf_conntrack_expect_related(exp) != 0) {
++ if (nf_ct_expect_related(exp) != 0) {
+ ret = NF_DROP;
+ }
+ }
@@ -1214,12 +1196,9 @@
+ rpc_helpers[port].timeout = 5 * 60; /* stes */
+
+ rpc_helpers[port].tuple.dst.protonum = IPPROTO_UDP;
-+ rpc_helpers[port].mask.dst.protonum = 0xff;
+
+ /* RPC can come from ports 0:65535 to ports[port] (111) */
+ rpc_helpers[port].tuple.src.u.udp.port = htons(ports[port]);
-+ rpc_helpers[port].mask.src.u.udp.port = htons(0xffff);
-+ rpc_helpers[port].mask.dst.u.udp.port = htons(0x0);
+
+ rpc_helpers[port].help = help;
+
@@ -1229,11 +1208,6 @@
+ ntohs(rpc_helpers[port].tuple.dst.u.udp.port),
+ NIPQUAD(rpc_helpers[port].tuple.src.u3.ip),
+ ntohs(rpc_helpers[port].tuple.src.u.udp.port));
-+ PRINTK("helper match mask %u.%u.%u.%u:%u->%u.%u.%u.%u:%u\n",
-+ NIPQUAD(rpc_helpers[port].mask.dst.u3.ip),
-+ ntohs(rpc_helpers[port].mask.dst.u.udp.port),
-+ NIPQUAD(rpc_helpers[port].mask.src.u3.ip),
-+ ntohs(rpc_helpers[port].mask.src.u.udp.port));
+
+ ret = nf_conntrack_helper_register(&rpc_helpers[port]);
+
================================================================
Index: SOURCES/kernel-desktop-pom-ng-rsh.patch
diff -u SOURCES/kernel-desktop-pom-ng-rsh.patch:1.1 SOURCES/kernel-desktop-pom-ng-rsh.patch:1.2
--- SOURCES/kernel-desktop-pom-ng-rsh.patch:1.1 Sat Aug 18 19:43:48 2007
+++ SOURCES/kernel-desktop-pom-ng-rsh.patch Wed Apr 9 00:59:57 2008
@@ -84,18 +84,12 @@
diff -NurpP --minimal linux/net/netfilter/Makefile linux/net/netfilter/Makefile
--- linux/net/netfilter/Makefile 2007-05-30 11:57:07.000000000 +0200
+++ linux/net/netfilter/Makefile 2007-05-30 11:58:41.000000000 +0200
-@@ -23,6 +23,7 @@
- # connection tracking helpers
- nf_conntrack_h323-objs := nf_conntrack_h323_main.o nf_conntrack_h323_asn1.o
-
+@@ -0,0 +0,1 @@
+obj-$(CONFIG_NF_CONNTRACK_RSH) += nf_conntrack_rsh.o
- obj-$(CONFIG_NF_CONNTRACK_AMANDA) += nf_conntrack_amanda.o
- obj-$(CONFIG_NF_CONNTRACK_FTP) += nf_conntrack_ftp.o
- obj-$(CONFIG_NF_CONNTRACK_H323) += nf_conntrack_h323.o
diff -NurpP --minimal linux/net/netfilter/nf_conntrack_rsh.c linux/net/netfilter/nf_conntrack_rsh.c
--- linux/net/netfilter/nf_conntrack_rsh.c 1970-01-01 01:00:00.000000000 +0100
+++ linux/net/netfilter/nf_conntrack_rsh.c 2007-05-30 11:58:41.000000000 +0200
-@@ -0,0 +1,370 @@
+@@ -0,0 +1,353 @@
+/* RSH extension for IP connection tracking, Version 1.0
+ * (C) 2002 by Ian (Larry) Latter <Ian.Latter at mq.edu.au>
+ * based on HW's ip_conntrack_irc.c
@@ -328,7 +322,7 @@
+ return NF_ACCEPT;
+ }
+
-+ exp = nf_conntrack_expect_alloc(ct);
++ exp = nf_ct_expect_alloc(ct);
+ if (!exp) {
+ ret = NF_DROP;
+ goto out;
@@ -346,11 +340,8 @@
+ exp->tuple.dst.protonum = IPPROTO_TCP;
+
+ exp->mask.src.u3.ip = 0xffffffff;
-+ exp->mask.dst.u3.ip = 0xffffffff;
+
+ exp->mask.src.u.tcp.port = htons(rangemask);
-+ exp->mask.dst.u.tcp.port = htons(0xffff);
-+ exp->mask.dst.protonum = 0xff;
+
+ exp->expectfn = NULL;
+ exp->master = ct;
@@ -361,19 +352,13 @@
+ NIPQUAD(exp->tuple.dst.ip),
+ ntohs(exp->tuple.dst.u.tcp.port));
+
-+ DEBUGP("expect related mask %u.%u.%u.%u:%u-%u.%u.%u.%u:%u\n",
-+ NIPQUAD(exp->mask.src.ip),
-+ ntohs(exp->mask.src.u.tcp.port),
-+ NIPQUAD(exp->mask.dst.ip),
-+ ntohs(exp->mask.dst.u.tcp.port));
-+
+ if (ip_nat_rsh_hook)
+ ret = ip_nat_rsh_hook(pskb, ctinfo, rb_ptr - data, exp);
-+ else if (nf_conntrack_expect_related(exp) != 0) {
++ else if (nf_ct_expect_related(exp) != 0) {
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-connlimit.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-IPMARK.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-ipp2p.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-ipv4options.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-IPV4OPTSSTRIP.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-mms-conntrack-nat.patch?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-ROUTE.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-rpc.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-rsh.patch?r1=1.1&r2=1.2&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-set.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-TARPIT.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-time.patch?r1=1.2&r2=1.3&f=u
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-desktop-pom-ng-u32.patch?r1=1.2&r2=1.3&f=u
More information about the pld-cvs-commit
mailing list