SOURCES (LINUX_2_6): kernel-pom-ng-ROUTE.patch - now really updated for 2.6...

Fri Feb 27 13:14:13 CET 2009

Author: zbyniu                       Date: Fri Feb 27 12:14:13 2009 GMT
Module: SOURCES                       Tag: LINUX_2_6
---- Log message:
- now really updated for 2.6.24+

---- Files affected:
SOURCES:
   kernel-pom-ng-ROUTE.patch (1.1.2.12 -> 1.1.2.13) 

---- Diffs:

================================================================
Index: SOURCES/kernel-pom-ng-ROUTE.patch
diff -u SOURCES/kernel-pom-ng-ROUTE.patch:1.1.2.12 SOURCES/kernel-pom-ng-ROUTE.patch:1.1.2.13

--- SOURCES/kernel-pom-ng-ROUTE.patch:1.1.2.12	Wed Sep 24 23:59:45 2008
+++ SOURCES/kernel-pom-ng-ROUTE.patch	Fri Feb 27 13:14:07 2009
@@ -92,7 +92,7 @@
 diff -NurpP --minimal linux-2.6.21.a/net/ipv4/netfilter/ipt_ROUTE.c linux-2.6.21.b/net/ipv4/netfilter/ipt_ROUTE.c
 --- linux-2.6.21.a/net/ipv4/netfilter/ipt_ROUTE.c	1970-01-01 01:00:00.000000000 +0100
 +++ linux-2.6.21.b/net/ipv4/netfilter/ipt_ROUTE.c	2007-05-30 11:40:37.000000000 +0200
-@@ -0,0 +1,458 @@
+@@ -0,0 +1,450 @@
 +/*
 + * This implements the ROUTE target, which enables you to setup unusual
 + * routes not supported by the standard kernel routing table.
@@ -365,16 +365,10 @@
 +
 +static struct nf_conn route_tee_track;
 +
-+static unsigned int ipt_route_target(struct sk_buff **pskb,
-+				     const struct net_device *in,
-+				     const struct net_device *out,
-+				     unsigned int hooknum,
-+				     const struct xt_target *target,
-+				     const void *targinfo
-+				     )
++static unsigned int ipt_route_target(struct sk_buff *skb, const struct xt_target_param *par)
 +{
-+	const struct ipt_route_target_info *route_info = targinfo;
-+	struct sk_buff *skb = *pskb;
++	const struct ipt_route_target_info *route_info = par->targinfo;
++	//struct sk_buff *skb = *pskb;
 +	unsigned int res;
 +
 +	if (skb->nfct == &route_tee_track.ct_general) {
@@ -389,8 +383,8 @@
 +	/* If we are at PREROUTING or INPUT hook
 +	 * the TTL isn't decreased by the IP stack
 +	 */
-+	if (hooknum == NF_INET_PRE_ROUTING ||
-+	    hooknum == NF_INET_LOCAL_IN) {
++	if (par->hooknum == NF_INET_PRE_ROUTING ||
++	    par->hooknum == NF_INET_LOCAL_IN) {
 +
 +		struct iphdr *iph = ip_hdr(skb);
 +
@@ -432,7 +426,7 @@
 +		 * If we are at INPUT the checksum must be recalculated since
 +		 * the length could change as the result of a defragmentation.
 +		 */
-+		if(hooknum == NF_INET_LOCAL_IN) {
++		if(par->hooknum == NF_INET_LOCAL_IN) {
 +			iph->ttl = iph->ttl - 1;
 +			iph->check = 0;
 +			iph->check = ip_fast_csum((unsigned char *)iph, iph->ihl);
@@ -448,10 +442,14 @@
 +		 * on its way as if nothing happened. The copy should be
 +		 * independantly delivered to the ROUTE --gw.
 +		 */
-+		skb = skb_copy(*pskb, GFP_ATOMIC);
++		skb = skb_copy(skb, GFP_ATOMIC);
 +		if (!skb) {
 +			if (net_ratelimit()) 
 +				DEBUGP(KERN_DEBUG "ipt_ROUTE: copy failed!\n");
++			nf_conntrack_put(skb->nfct);
++			skb->nfct = &route_tee_track.ct_general;
++			skb->nfctinfo = IP_CT_NEW;
++			nf_conntrack_get(skb->nfct);
 +			return IPT_CONTINUE;
 +		}
 +	}
@@ -488,21 +486,21 @@
 +	return res;
 +}
 +
-+
-+static bool ipt_route_checkentry(const char *tablename,
++static bool ipt_route_checkentry(const struct xt_tgchk_param *par)
++/*static bool ipt_route_checkentry(const char *tablename,
 +				const void *e,
 +				const struct xt_target *target,
 +				void *targinfo,
 +				
-+				unsigned int hook_mask)
++				unsigned int hook_mask) */
 +{
-+	if (strcmp(tablename, "mangle") != 0) {
++/*	if (strcmp(par->tablename, "mangle") != 0) {
 +		printk("ipt_ROUTE: bad table `%s', use the `mangle' table.\n",
-+		       tablename);
++		       par->tablename);
 +		return 0;
 +	}
-+
-+	if (hook_mask & ~(  (1 << NF_INET_PRE_ROUTING)
++*/
++	if (par->hook_mask & ~(  (1 << NF_INET_PRE_ROUTING)
 +			    | (1 << NF_INET_LOCAL_IN)
 +			    | (1 << NF_INET_FORWARD)
 +			    | (1 << NF_INET_LOCAL_OUT)
@@ -511,21 +509,15 @@
 +		return 0;
 +	}
 +
-+	
-+
-+
-+
-+	
-+	
-+
 +	return 1;
 +}
 +
-+
-+static struct ipt_target ipt_route_reg = { 
++static struct xt_target ipt_route_reg __read_mostly = {
 +	.name = "ROUTE",
++	.family         = AF_INET,
 +	.target = ipt_route_target,
 +	.targetsize = sizeof(struct ipt_route_target_info),
++	.table          = "mangle",
 +	.checkentry = ipt_route_checkentry,
 +	.me = THIS_MODULE,
 +};
@@ -584,7 +576,7 @@
 diff -NurpP --minimal linux-2.6.21.a/net/ipv6/netfilter/ip6t_ROUTE.c linux-2.6.21.b/net/ipv6/netfilter/ip6t_ROUTE.c
 --- linux-2.6.21.a/net/ipv6/netfilter/ip6t_ROUTE.c	1970-01-01 01:00:00.000000000 +0100
 +++ linux-2.6.21.b/net/ipv6/netfilter/ip6t_ROUTE.c	2007-05-30 11:40:37.000000000 +0200
-@@ -0,0 +1,308 @@
+@@ -0,0 +1,293 @@
 +/*
 + * This implements the ROUTE v6 target, which enables you to setup unusual
 + * routes not supported by the standard kernel routing table.
@@ -772,16 +764,9 @@
 +
 +
 +static unsigned int 
-+ip6t_route_target(struct sk_buff **pskb,
-+		  const struct net_device *in,
-+		  const struct net_device *out,
-+		  unsigned int hooknum,
-+		  const struct xt_target *target,
-+		  const void *targinfo
-+		  )
++ip6t_route_target(struct sk_buff *skb, const struct xt_target_param *par)
 +{
-+	const struct ip6t_route_target_info *route_info = targinfo;
-+	struct sk_buff *skb = *pskb;
++	const struct ip6t_route_target_info *route_info = par->targinfo;
 +	struct in6_addr *gw = (struct in6_addr*)&route_info->gw;
 +	unsigned int res;
 +
@@ -791,8 +776,8 @@
 +	/* If we are at PREROUTING or INPUT hook
 +	 * the TTL isn't decreased by the IP stack
 +	 */
-+	if (hooknum == NF_INET_PRE_ROUTING ||
-+	    hooknum == NF_INET_LOCAL_IN) {
++	if (par->hooknum == NF_INET_PRE_ROUTING ||
++	    par->hooknum == NF_INET_LOCAL_IN) {
 +
 +		struct ipv6hdr *ipv6h = ipv6_hdr(skb);
 +
@@ -816,7 +801,7 @@
 +		 * on its way as if nothing happened. The copy should be
 +		 * independantly delivered to the ROUTE --gw.
 +		 */
-+		skb = skb_copy(*pskb, GFP_ATOMIC);
++		skb = skb_copy(skb, GFP_ATOMIC);
 +		if (!skb) {
 +			if (net_ratelimit()) 
 +				DEBUGP(KERN_DEBUG "ip6t_ROUTE: copy failed!\n");
@@ -843,18 +828,8 @@
 +
 +
 +static bool
-+ip6t_route_checkentry(const char *tablename,
-+		      const void *entry,
-+		      const struct xt_target *target,
-+		      void *targinfo,
-+		      
-+		      unsigned int hook_mask)
++ip6t_route_checkentry(const struct xt_tgchk_param *par)
 +{
-+	if (strcmp(tablename, "mangle") != 0) {
-+		printk("ip6t_ROUTE: can only be called from \"mangle\" table.\n");
-+		return 0;
-+	}
-+
 +	/* if (targinfosize != IP6T_ALIGN(sizeof(struct ip6t_route_target_info))) {
 +		printk(KERN_WARNING "ip6t_ROUTE: targinfosize %u != %Zu\n",
 +		       targinfosize,
@@ -866,10 +841,12 @@
 +}
 +
 +
-+static struct ip6t_target ip6t_route_reg = {
++static struct xt_target ip6t_route_reg __read_mostly = {
 +	.name       = "ROUTE",
++	.family     = NFPROTO_IPV6,
 +	.target     = ip6t_route_target,
 +	.targetsize = sizeof(struct ip6t_route_target_info),
++	.table      = "mangle",
 +	.checkentry = ip6t_route_checkentry,
 +	.me         = THIS_MODULE
 +};
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/SOURCES/kernel-pom-ng-ROUTE.patch?r1=1.1.2.12&r2=1.1.2.13&f=u

