packages: iptables/iptables-layer7.patch, iptables/iptables-old-1.3.7.patch...

qboosh qboosh at pld-linux.org
Sun Feb 6 12:53:54 CET 2011 

Author: qboosh                       Date: Sun Feb  6 11:53:54 2011 GMT
Module: packages                      Tag: HEAD
---- Log message:
- include needed headers (ipt_rpc.h, xt_layer7.h) in related patches, like upstream does

---- Files affected:
packages/iptables:
   iptables-layer7.patch (1.7 -> 1.8) , iptables-old-1.3.7.patch (1.6 -> 1.7) , iptables.spec (1.295 -> 1.296) 

---- Diffs:

================================================================
Index: packages/iptables/iptables-layer7.patch
diff -u packages/iptables/iptables-layer7.patch:1.7 packages/iptables/iptables-layer7.patch:1.8
--- packages/iptables/iptables-layer7.patch:1.7	Fri Oct 15 19:33:22 2010
+++ packages/iptables/iptables-layer7.patch	Sun Feb  6 12:53:49 2011
@@ -388,3 +388,19 @@
 +Use \fIdirectory\fP instead of /etc/l7-protocols/.  This option must be 
 +specified before --l7proto.
 +
+--- iptables.orig/include/linux/netfilter/xt_layer7.h	1969-12-31 18:00:00.000000000 -0600
++++ iptables/include/linux/netfilter/xt_layer7.h	2009-01-07 16:07:31.000000000 -0600
+@@ -0,0 +1,13 @@
++#ifndef _XT_LAYER7_H
++#define _XT_LAYER7_H
++
++#define MAX_PATTERN_LEN 8192
++#define MAX_PROTOCOL_LEN 256
++
++struct xt_layer7_info {
++    char protocol[MAX_PROTOCOL_LEN];
++    char pattern[MAX_PATTERN_LEN];
++    u_int8_t invert;
++};
++
++#endif /* _XT_LAYER7_H */

================================================================
Index: packages/iptables/iptables-old-1.3.7.patch
diff -u packages/iptables/iptables-old-1.3.7.patch:1.6 packages/iptables/iptables-old-1.3.7.patch:1.7
--- packages/iptables/iptables-old-1.3.7.patch:1.6	Mon Aug 30 22:55:03 2010
+++ packages/iptables/iptables-old-1.3.7.patch	Sun Feb  6 12:53:49 2011
@@ -373,3 +373,41 @@
 +	xtables_register_match(&rpcstruct);
 +}
 +
+--- iptables.orig/include/linux/netfilter_ipv4/ipt_rpc.h	1970-01-01 01:00:00.000000000 +0100
++++ iptables/include/linux/netfilter_ipv4/ipt_rpc.h	2006-05-04 11:26:08.000000000 +0200
+@@ -0,0 +1,35 @@
++/* RPC extension for IP netfilter matching, Version 2.2
++ * (C) 2000 by Marcelo Barbosa Lima <marcelo.lima at dcc.unicamp.br>
++ *	- original rpc tracking module
++ *	- "recent" connection handling for kernel 2.3+ netfilter
++ *
++ * (C) 2001 by Rusty Russell <rusty at rustcorp.com.au>
++ *	- upgraded conntrack modules to oldnat api - kernel 2.4.0+
++ *
++ * (C) 2002 by Ian (Larry) Latter <Ian.Latter at mq.edu.au>
++ *	- upgraded conntrack modules to newnat api - kernel 2.4.20+
++ *	- extended matching to support filtering on procedures
++ *
++ * ipt_rpc.h.c,v 2.2 2003/01/12 18:30:00
++ *
++ *	This program is free software; you can redistribute it and/or
++ *	modify it under the terms of the GNU General Public License
++ *	as published by the Free Software Foundation; either version
++ *	2 of the License, or (at your option) any later version.
++ **
++ */
++
++#ifndef _IPT_RPC_H
++#define _IPT_RPC_H
++
++struct ipt_rpc_data;
++
++struct ipt_rpc_info {
++	int inverse;
++	int strict;
++	const char c_procs[1408];
++	int i_procs;
++	struct ipt_rpc_data *data;
++};
++
++#endif /* _IPT_RPC_H */

================================================================
Index: packages/iptables/iptables.spec
diff -u packages/iptables/iptables.spec:1.295 packages/iptables/iptables.spec:1.296
--- packages/iptables/iptables.spec:1.295	Sun Feb  6 12:43:01 2011
+++ packages/iptables/iptables.spec	Sun Feb  6 12:53:49 2011
@@ -2,6 +2,7 @@
 #
 # TODO:
 # - update BR to real required llh version
+# - check if kernel-headers are still required to properly build iptabels for dist kernel
 # - fix makefile (-D_UNKNOWN_KERNEL_POINTER_SIZE issue)
 # - owner needs rewrite to xt
 #
@@ -12,8 +13,8 @@
 %bcond_with	batch		# build iptables-batch
 %bcond_with	static		# build static libraries, no dynamic modules (all linked into binaries)
 %bcond_with	ipt_IPV4OPTSSTRIP # enable ipt_IPV4OPTSSTRIP for non-dist kernel
-%bcond_with	ipt_rpc		# enable ipt_rpc for non-dist kernel (needs ipt_rpc.h header)
-%bcond_with	xt_layer7	# enable xt_layer7 for non-dist kernel (needs xt_layer7.h header)
+%bcond_with	ipt_rpc		# enable ipt_rpc for non-dist kernel
+%bcond_with	xt_layer7	# enable xt_layer7 for non-dist kernel
 %bcond_with	usekernelsrc	# include kernel headers from %{_kernelsrcdir}
 
 %if %{with dist_kernel}
@@ -79,7 +80,6 @@
 BuildRequires:	tetex-tex-babel
 %endif
 %if %{with dist_kernel}
-# needed for xt_layer7, ipt_rpc
 BuildRequires:	kernel%{_alt_kernel}-headers(netfilter)
 %endif
 BuildRequires:	linux-libc-headers >= 7:2.6.22.1
@@ -428,6 +428,9 @@
 All persons listed below can be reached at <cvs_login>@pld-linux.org
 
 $Log$
+Revision 1.296  2011/02/06 11:53:49  qboosh
+- include needed headers (ipt_rpc.h, xt_layer7.h) in related patches, like upstream does
+
 Revision 1.295  2011/02/06 11:43:01  qboosh
 - allow to build ipt_IPV4OPTSSTRIP,ipt_rpc,xt_layer7 on non-dist kernel (using individual bconds)
 - vserver enabled by default only when building with dist_kernel
================================================================

---- CVS-web:
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/iptables/iptables-layer7.patch?r1=1.7&r2=1.8&f=u
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/iptables/iptables-old-1.3.7.patch?r1=1.6&r2=1.7&f=u
    http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/iptables/iptables.spec?r1=1.295&r2=1.296&f=u

More information about the pld-cvs-commit mailing list