SOURCES (LINUX_2_6): kernel-layer7.patch, linux-2.6.19-imq1.diff, ...

mguevara mguevara at pld-linux.org
Tue Aug 7 16:18:28 CEST 2007


Author: mguevara                     Date: Tue Aug  7 14:18:28 2007 GMT
Module: SOURCES                       Tag: LINUX_2_6
---- Log message:
- initial 2.6.22 fixes

---- Files affected:
SOURCES:
   kernel-layer7.patch (1.1.2.1 -> 1.1.2.2) , linux-2.6.19-imq1.diff (1.1.2.7 -> 1.1.2.8) , linux-2.6-atmdd.patch (1.1.2.4 -> 1.1.2.5) 

---- Diffs:

================================================================
Index: SOURCES/kernel-layer7.patch
diff -u SOURCES/kernel-layer7.patch:1.1.2.1 SOURCES/kernel-layer7.patch:1.1.2.2
--- SOURCES/kernel-layer7.patch:1.1.2.1	Wed May 30 13:53:30 2007
+++ SOURCES/kernel-layer7.patch	Tue Aug  7 16:18:22 2007
@@ -1,22 +1,3 @@
-diff -NurpP --minimal linux-2.6.21.a/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.6.21.b/include/linux/netfilter_ipv4/ip_conntrack.h
---- linux-2.6.21.a/include/linux/netfilter_ipv4/ip_conntrack.h	2007-05-30 12:01:03.000000000 +0200
-+++ linux-2.6.21.b/include/linux/netfilter_ipv4/ip_conntrack.h	2007-05-30 12:19:20.000000000 +0200
-@@ -132,6 +132,15 @@ struct ip_conntrack
- 	/* Traversed often, so hopefully in different cacheline to top */
- 	/* These are my tuples; original and reply */
- 	struct ip_conntrack_tuple_hash tuplehash[IP_CT_DIR_MAX];
-+
-+#if defined(CONFIG_IP_NF_MATCH_LAYER7) || defined(CONFIG_IP_NF_MATCH_LAYER7_MODULE)
-+        struct {
-+                char * app_proto; /* e.g. "http". NULL before decision. "unknown" after decision if no match */
-+                char * app_data;  /* application layer data so far.  NULL after match decision */
-+                unsigned int app_data_len;
-+        } layer7;
-+#endif
-+
- };
- 
- struct ip_conntrack_expect
 diff -NurpP --minimal linux-2.6.21.a/include/linux/netfilter_ipv4/ipt_layer7.h linux-2.6.21.b/include/linux/netfilter_ipv4/ipt_layer7.h
 --- linux-2.6.21.a/include/linux/netfilter_ipv4/ipt_layer7.h	1970-01-01 01:00:00.000000000 +0100
 +++ linux-2.6.21.b/include/linux/netfilter_ipv4/ipt_layer7.h	2007-05-30 12:19:20.000000000 +0200
@@ -105,39 +86,6 @@
  # targets
  obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o
  obj-$(CONFIG_IP_NF_TARGET_TARPIT) += ipt_TARPIT.o
-diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ip_conntrack_core.c linux-2.6.21.b/net/ipv4/netfilter/ip_conntrack_core.c
---- linux-2.6.21.a/net/ipv4/netfilter/ip_conntrack_core.c	2007-05-30 11:13:04.000000000 +0200
-+++ linux-2.6.21.b/net/ipv4/netfilter/ip_conntrack_core.c	2007-05-30 12:19:20.000000000 +0200
-@@ -332,6 +332,13 @@ destroy_conntrack(struct nf_conntrack *n
- 	 * too. */
- 	ip_ct_remove_expectations(ct);
- 
-+	#if defined(CONFIG_IP_NF_MATCH_LAYER7) || defined(CONFIG_IP_NF_MATCH_LAYER7_MODULE)
-+	if(ct->layer7.app_proto)
-+		kfree(ct->layer7.app_proto);
-+	if(ct->layer7.app_data)
-+		kfree(ct->layer7.app_data);
-+	#endif
-+
- 	/* We overload first tuple to link into unconfirmed list. */
- 	if (!is_confirmed(ct)) {
- 		BUG_ON(list_empty(&ct->tuplehash[IP_CT_DIR_ORIGINAL].list));
-diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ip_conntrack_standalone.c linux-2.6.21.b/net/ipv4/netfilter/ip_conntrack_standalone.c
---- linux-2.6.21.a/net/ipv4/netfilter/ip_conntrack_standalone.c	2007-05-30 11:13:04.000000000 +0200
-+++ linux-2.6.21.b/net/ipv4/netfilter/ip_conntrack_standalone.c	2007-05-30 12:19:20.000000000 +0200
-@@ -188,6 +188,12 @@ static int ct_seq_show(struct seq_file *
- 		return -ENOSPC;
- #endif
- 
-+#if defined(CONFIG_IP_NF_MATCH_LAYER7) || defined(CONFIG_IP_NF_MATCH_LAYER7_MODULE)
-+	if(conntrack->layer7.app_proto)
-+		if (seq_printf(s, "l7proto=%s ",conntrack->layer7.app_proto))
-+			return 1;
-+#endif
-+
- 	if (seq_printf(s, "use=%u\n", atomic_read(&conntrack->ct_general.use)))
- 		return -ENOSPC;
- 
 diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ipt_layer7.c linux-2.6.21.b/net/ipv4/netfilter/ipt_layer7.c
 --- linux-2.6.21.a/net/ipv4/netfilter/ipt_layer7.c	1970-01-01 01:00:00.000000000 +0100
 +++ linux-2.6.21.b/net/ipv4/netfilter/ipt_layer7.c	2007-05-30 12:20:02.000000000 +0200

================================================================
Index: SOURCES/linux-2.6.19-imq1.diff
diff -u SOURCES/linux-2.6.19-imq1.diff:1.1.2.7 SOURCES/linux-2.6.19-imq1.diff:1.1.2.8
--- SOURCES/linux-2.6.19-imq1.diff:1.1.2.7	Thu May  3 17:32:35 2007
+++ SOURCES/linux-2.6.19-imq1.diff	Tue Aug  7 16:18:23 2007
@@ -602,31 +602,6 @@
  #ifdef CONFIG_BRIDGE_NETFILTER
  	struct nf_bridge_info	*nf_bridge;
  #endif
-diff -Nru linux-2.6.17.orig/net/core/skbuff.c linux-2.6.17/net/core/skbuff.c
---- linux-2.6.17.orig/net/core/skbuff.c	2006-06-18 01:49:35.000000000 +0000
-+++ linux-2.6.17/net/core/skbuff.c	2006-09-06 20:58:51.000000000 +0000
-@@ -451,6 +451,10 @@
- 	C(nfct_reasm);
- 	nf_conntrack_get_reasm(skb->nfct_reasm);
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+	C(imq_flags);
-+	C(nf_info);
-+#endif /*CONFIG_IMQ*/
- #ifdef CONFIG_BRIDGE_NETFILTER
- 	C(nf_bridge);
- 	nf_bridge_get(skb->nf_bridge);
-@@ -515,6 +519,10 @@
- #if defined(CONFIG_IP_VS) || defined(CONFIG_IP_VS_MODULE)
- 	new->ipvs_property = old->ipvs_property;
- #endif
-+#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
-+	new->imq_flags	= old->imq_flags;
-+	new->nf_info	= old->nf_info;
-+#endif /*CONFIG_IMQ*/
- #ifdef CONFIG_BRIDGE_NETFILTER
- 	new->nf_bridge	= old->nf_bridge;
- 	nf_bridge_get(old->nf_bridge);
 diff -Nru linux-2.6.17.orig/net/ipv4/netfilter/Kconfig linux-2.6.17/net/ipv4/netfilter/Kconfig
 --- linux-2.6.17.orig/net/ipv4/netfilter/Kconfig	2006-06-18 01:49:35.000000000 +0000
 +++ linux-2.6.17/net/ipv4/netfilter/Kconfig	2006-09-06 20:58:51.000000000 +0000
@@ -879,8 +854,8 @@
  int dev_hard_start_xmit(struct sk_buff *skb, struct net_device *dev)
  {
  	if (likely(!skb->next)) {
--		if (netdev_nit)
-+		if (netdev_nit
+-		if (!list_empty(&ptype_all))
++		if (!list_empty(&ptype_all)
 +#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
 +			&& !(skb->imq_flags & IMQ_F_ENQUEUE)
 +#endif
@@ -919,3 +894,16 @@
  extern void __qdisc_run(struct net_device *dev);
  
  static inline void qdisc_run(struct net_device *dev)
+--- a/include/linux/skbuff.h	2007-08-07 13:43:34.000000000 +0200
++++ b/include/linux/skbuff.h	2007-08-07 15:22:14.000000000 +0200
+@@ -1677,6 +1677,10 @@
+ 	dst->nfct_reasm = src->nfct_reasm;
+ 	nf_conntrack_get_reasm(src->nfct_reasm);
+ #endif
++#if defined(CONFIG_IMQ) || defined(CONFIG_IMQ_MODULE)
++	dst->imq_flags = src->imq_flags;
++	dst->nf_info = src->nf_info;
++#endif /*CONFIG_IMQ*/
+ #ifdef CONFIG_BRIDGE_NETFILTER
+ 	dst->nf_bridge  = src->nf_bridge;
+ 	nf_bridge_get(src->nf_bridge);

================================================================
Index: SOURCES/linux-2.6-atmdd.patch
diff -u SOURCES/linux-2.6-atmdd.patch:1.1.2.4 SOURCES/linux-2.6-atmdd.patch:1.1.2.5
--- SOURCES/linux-2.6-atmdd.patch:1.1.2.4	Wed Dec 13 21:23:20 2006
+++ SOURCES/linux-2.6-atmdd.patch	Tue Aug  7 16:18:23 2007
@@ -13,9 +13,9 @@
 --- linux-2.4.25/drivers/atm/Kcnfig	2003-08-25 13:44:41.000000000 +0200
 +++ linux-2.4.25-atmdd/drivers/atm/Kconfig	2004-02-29 22:52:59.000000000 +0100
 @@ -4,6 +4,14 @@
+ 	default y
  
- menu "ATM drivers"
- 	depends on NETDEVICES && ATM
+ if ATM_DRIVERS && NETDEVICES && ATM
 +
 +config ATM_DD
 +	tristate "ATM loopback"
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/SOURCES/kernel-layer7.patch?r1=1.1.2.1&r2=1.1.2.2&f=u
    http://cvs.pld-linux.org/SOURCES/linux-2.6.19-imq1.diff?r1=1.1.2.7&r2=1.1.2.8&f=u
    http://cvs.pld-linux.org/SOURCES/linux-2.6-atmdd.patch?r1=1.1.2.4&r2=1.1.2.5&f=u



More information about the pld-cvs-commit mailing list