SOURCES: grsecurity-1.2.11-iptables.patch (NEW) - stealth module f...
zbyniu
zbyniu at pld-linux.org
Fri May 12 21:59:05 CEST 2006
Author: zbyniu Date: Fri May 12 19:59:05 2006 GMT
Module: SOURCES Tag: HEAD
---- Log message:
- stealth module from grsec revival
---- Files affected:
SOURCES:
grsecurity-1.2.11-iptables.patch (1.7 -> 1.8) (NEW)
---- Diffs:
================================================================
Index: SOURCES/grsecurity-1.2.11-iptables.patch
diff -u /dev/null SOURCES/grsecurity-1.2.11-iptables.patch:1.8
--- /dev/null Fri May 12 21:59:05 2006
+++ SOURCES/grsecurity-1.2.11-iptables.patch Fri May 12 21:59:00 2006
@@ -0,0 +1,74 @@
+diff -urN iptables-1.2.11/extensions/libipt_stealth.c iptables-1.2.11/extensions/libipt_stealth.c
+--- iptables-1.2.11/extensions/libipt_stealth.c 1969-12-31 19:00:00 -0500
++++ iptables-1.2.11/extensions/libipt_stealth.c 2004-07-13 21:14:15 -0400
+@@ -0,0 +1,64 @@
++/* Shared library add-on to iptables to add stealth support.
++ * Copyright (C) 2002 Brad Spengler <spender at grsecurity.net>
++ * This netfilter module is licensed under the GNU GPL.
++ */
++
++#include <stdio.h>
++#include <netdb.h>
++#include <stdlib.h>
++#include <getopt.h>
++#include <iptables.h>
++
++/* Function which prints out usage message. */
++static void
++help(void)
++{
++ printf("stealth v%s takes no options\n\n", IPTABLES_VERSION);
++}
++
++static struct option opts[] = {
++ {0}
++};
++
++/* Initialize the match. */
++static void
++init(struct ipt_entry_match *m, unsigned int *nfcache)
++{
++ *nfcache |= NFC_UNKNOWN;
++}
++
++static int
++parse(int c, char **argv, int invert, unsigned int *flags,
++ const struct ipt_entry *entry,
++ unsigned int *nfcache,
++ struct ipt_entry_match **match)
++{
++ return 0;
++}
++
++static void
++final_check(unsigned int flags)
++{
++ return;
++}
++
++static
++struct iptables_match stealth = {
++ .next = NULL,
++ .name = "stealth",
++ .version = IPTABLES_VERSION,
++ .size = IPT_ALIGN(0),
++ .userspacesize = IPT_ALIGN(0),
++ .help = &help,
++ .init = &init,
++ .parse = &parse,
++ .final_check = &final_check,
++ .print = NULL,
++ .save = NULL,
++ .extra_opts = opts
++};
++
++void _init(void)
++{
++ register_match(&stealth);
++}
+diff -urN iptables-1.3.5.org/extensions/.stealth-test iptables-1.3.5/extensions/.stealth-test
+--- iptables-1.3.5.org/extensions/.stealth-test 1970-01-01 01:00:00.000000000 +0100
++++ iptables-1.3.5/extensions/.stealth-test 2006-05-12 20:39:08.730709250 +0200
+@@ -0,0 +1,2 @@
++#!/bin/sh
++[ -f $KERNEL_DIR/net/ipv4/netfilter/ipt_stealth.c ] && echo stealth
================================================================
More information about the pld-cvs-commit
mailing list