SOURCES (LINUX_2_6): kernel-pom-ng-ROUTE.patch - now really updated for 2.6...
zbyniu
zbyniu at pld-linux.org
Fri Feb 27 13:14:13 CET 2009
Author: zbyniu Date: Fri Feb 27 12:14:13 2009 GMT
Module: SOURCES Tag: LINUX_2_6
---- Log message:
- now really updated for 2.6.24+
---- Files affected:
SOURCES:
kernel-pom-ng-ROUTE.patch (1.1.2.12 -> 1.1.2.13)
---- Diffs:
================================================================
Index: SOURCES/kernel-pom-ng-ROUTE.patch
diff -u SOURCES/kernel-pom-ng-ROUTE.patch:1.1.2.12 SOURCES/kernel-pom-ng-ROUTE.patch:1.1.2.13
--- SOURCES/kernel-pom-ng-ROUTE.patch:1.1.2.12 Wed Sep 24 23:59:45 2008
+++ SOURCES/kernel-pom-ng-ROUTE.patch Fri Feb 27 13:14:07 2009
@@ -92,7 +92,7 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ipt_ROUTE.c linux-2.6.21.b/net/ipv4/netfilter/ipt_ROUTE.c
--- linux-2.6.21.a/net/ipv4/netfilter/ipt_ROUTE.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv4/netfilter/ipt_ROUTE.c 2007-05-30 11:40:37.000000000 +0200
-@@ -0,0 +1,458 @@
+@@ -0,0 +1,450 @@
+/*
+ * This implements the ROUTE target, which enables you to setup unusual
+ * routes not supported by the standard kernel routing table.
@@ -365,16 +365,10 @@
+
+static struct nf_conn route_tee_track;
+
-+static unsigned int ipt_route_target(struct sk_buff **pskb,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ unsigned int hooknum,
-+ const struct xt_target *target,
-+ const void *targinfo
-+ )
++static unsigned int ipt_route_target(struct sk_buff *skb, const struct xt_target_param *par)
+{
-+ const struct ipt_route_target_info *route_info = targinfo;
-+ struct sk_buff *skb = *pskb;
++ const struct ipt_route_target_info *route_info = par->targinfo;
++ //struct sk_buff *skb = *pskb;
+ unsigned int res;
+
+ if (skb->nfct == &route_tee_track.ct_general) {
@@ -389,8 +383,8 @@
+ /* If we are at PREROUTING or INPUT hook
+ * the TTL isn't decreased by the IP stack
+ */
-+ if (hooknum == NF_INET_PRE_ROUTING ||
-+ hooknum == NF_INET_LOCAL_IN) {
++ if (par->hooknum == NF_INET_PRE_ROUTING ||
++ par->hooknum == NF_INET_LOCAL_IN) {
+
+ struct iphdr *iph = ip_hdr(skb);
+
@@ -432,7 +426,7 @@
+ * If we are at INPUT the checksum must be recalculated since
+ * the length could change as the result of a defragmentation.
+ */
-+ if(hooknum == NF_INET_LOCAL_IN) {
++ if(par->hooknum == NF_INET_LOCAL_IN) {
+ iph->ttl = iph->ttl - 1;
+ iph->check = 0;
+ iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
@@ -448,10 +442,14 @@
+ * on its way as if nothing happened. The copy should be
+ * independantly delivered to the ROUTE --gw.
+ */
-+ skb = skb_copy(*pskb, GFP_ATOMIC);
++ skb = skb_copy(skb, GFP_ATOMIC);
+ if (!skb) {
+ if (net_ratelimit())
+ DEBUGP(KERN_DEBUG "ipt_ROUTE: copy failed!\n");
++ nf_conntrack_put(skb->nfct);
++ skb->nfct = &route_tee_track.ct_general;
++ skb->nfctinfo = IP_CT_NEW;
++ nf_conntrack_get(skb->nfct);
+ return IPT_CONTINUE;
+ }
+ }
@@ -488,21 +486,21 @@
+ return res;
+}
+
-+
-+static bool ipt_route_checkentry(const char *tablename,
++static bool ipt_route_checkentry(const struct xt_tgchk_param *par)
++/*static bool ipt_route_checkentry(const char *tablename,
+ const void *e,
+ const struct xt_target *target,
+ void *targinfo,
+
-+ unsigned int hook_mask)
++ unsigned int hook_mask) */
+{
-+ if (strcmp(tablename, "mangle") != 0) {
++/* if (strcmp(par->tablename, "mangle") != 0) {
+ printk("ipt_ROUTE: bad table `%s', use the `mangle' table.\n",
-+ tablename);
++ par->tablename);
+ return 0;
+ }
-+
-+ if (hook_mask & ~( (1 << NF_INET_PRE_ROUTING)
++*/
++ if (par->hook_mask & ~( (1 << NF_INET_PRE_ROUTING)
+ | (1 << NF_INET_LOCAL_IN)
+ | (1 << NF_INET_FORWARD)
+ | (1 << NF_INET_LOCAL_OUT)
@@ -511,21 +509,15 @@
+ return 0;
+ }
+
-+
-+
-+
-+
-+
-+
-+
+ return 1;
+}
+
-+
-+static struct ipt_target ipt_route_reg = {
++static struct xt_target ipt_route_reg __read_mostly = {
+ .name = "ROUTE",
++ .family = AF_INET,
+ .target = ipt_route_target,
+ .targetsize = sizeof(struct ipt_route_target_info),
++ .table = "mangle",
+ .checkentry = ipt_route_checkentry,
+ .me = THIS_MODULE,
+};
@@ -584,7 +576,7 @@
diff -NurpP --minimal linux-2.6.21.a/net/ipv6/netfilter/ip6t_ROUTE.c linux-2.6.21.b/net/ipv6/netfilter/ip6t_ROUTE.c
--- linux-2.6.21.a/net/ipv6/netfilter/ip6t_ROUTE.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.b/net/ipv6/netfilter/ip6t_ROUTE.c 2007-05-30 11:40:37.000000000 +0200
-@@ -0,0 +1,308 @@
+@@ -0,0 +1,293 @@
+/*
+ * This implements the ROUTE v6 target, which enables you to setup unusual
+ * routes not supported by the standard kernel routing table.
@@ -772,16 +764,9 @@
+
+
+static unsigned int
-+ip6t_route_target(struct sk_buff **pskb,
-+ const struct net_device *in,
-+ const struct net_device *out,
-+ unsigned int hooknum,
-+ const struct xt_target *target,
-+ const void *targinfo
-+ )
++ip6t_route_target(struct sk_buff *skb, const struct xt_target_param *par)
+{
-+ const struct ip6t_route_target_info *route_info = targinfo;
-+ struct sk_buff *skb = *pskb;
++ const struct ip6t_route_target_info *route_info = par->targinfo;
+ struct in6_addr *gw = (struct in6_addr*)&route_info->gw;
+ unsigned int res;
+
@@ -791,8 +776,8 @@
+ /* If we are at PREROUTING or INPUT hook
+ * the TTL isn't decreased by the IP stack
+ */
-+ if (hooknum == NF_INET_PRE_ROUTING ||
-+ hooknum == NF_INET_LOCAL_IN) {
++ if (par->hooknum == NF_INET_PRE_ROUTING ||
++ par->hooknum == NF_INET_LOCAL_IN) {
+
+ struct ipv6hdr *ipv6h = ipv6_hdr(skb);
+
@@ -816,7 +801,7 @@
+ * on its way as if nothing happened. The copy should be
+ * independantly delivered to the ROUTE --gw.
+ */
-+ skb = skb_copy(*pskb, GFP_ATOMIC);
++ skb = skb_copy(skb, GFP_ATOMIC);
+ if (!skb) {
+ if (net_ratelimit())
+ DEBUGP(KERN_DEBUG "ip6t_ROUTE: copy failed!\n");
@@ -843,18 +828,8 @@
+
+
+static bool
-+ip6t_route_checkentry(const char *tablename,
-+ const void *entry,
-+ const struct xt_target *target,
-+ void *targinfo,
-+
-+ unsigned int hook_mask)
++ip6t_route_checkentry(const struct xt_tgchk_param *par)
+{
-+ if (strcmp(tablename, "mangle") != 0) {
-+ printk("ip6t_ROUTE: can only be called from \"mangle\" table.\n");
-+ return 0;
-+ }
-+
+ /* if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_route_target_info))) {
+ printk(KERN_WARNING "ip6t_ROUTE: targinfosize %u != %Zu\n",
+ targinfosize,
@@ -866,10 +841,12 @@
+}
+
+
-+static struct ip6t_target ip6t_route_reg = {
++static struct xt_target ip6t_route_reg __read_mostly = {
+ .name = "ROUTE",
++ .family = NFPROTO_IPV6,
+ .target = ip6t_route_target,
+ .targetsize = sizeof(struct ip6t_route_target_info),
++ .table = "mangle",
+ .checkentry = ip6t_route_checkentry,
+ .me = THIS_MODULE
+};
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-pom-ng-ROUTE.patch?r1=1.1.2.12&r2=1.1.2.13&f=u
More information about the pld-cvs-commit
mailing list