summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjuhosg <juhosg@3c298f89-4303-0410-b956-a3cf2f4a3e73>2008-04-30 15:09:56 +0000
committerjuhosg <juhosg@3c298f89-4303-0410-b956-a3cf2f4a3e73>2008-04-30 15:09:56 +0000
commita23828e5e3bff211228dbd122c90e72a56465ecd (patch)
treefcf0f19a91e0c2aade6dade1c7c869efdcc7734b
parent31d896b730fca5c0b053b825b01c0e0af8118315 (diff)
[kernel] fix some netfilter extensions on 2.6.25
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@10991 3c298f89-4303-0410-b956-a3cf2f4a3e73
-rw-r--r--target/linux/generic-2.6/patches-2.6.25/140-netfilter_time.patch2
-rw-r--r--target/linux/generic-2.6/patches-2.6.25/170-netfilter_chaostables_0.8.patch14
-rw-r--r--target/linux/generic-2.6/patches-2.6.25/171-netfilter_tarpit.patch8
-rw-r--r--target/linux/generic-2.6/patches-2.6.25/190-netfilter_rtsp.patch2
4 files changed, 13 insertions, 13 deletions
diff --git a/target/linux/generic-2.6/patches-2.6.25/140-netfilter_time.patch b/target/linux/generic-2.6/patches-2.6.25/140-netfilter_time.patch
index a77f04c24..e933bc601 100644
--- a/target/linux/generic-2.6/patches-2.6.25/140-netfilter_time.patch
+++ b/target/linux/generic-2.6/patches-2.6.25/140-netfilter_time.patch
@@ -122,7 +122,7 @@ Index: linux-2.6.23-rc6/net/ipv4/netfilter/ipt_time.c
+
+ /* First, check that we are in the correct hooks */
+ if (hook_mask
-+ & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD) | (1 << NF_IP_LOCAL_OUT)))
++ & ~((1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) | (1 << NF_INET_LOCAL_OUT)))
+ {
+ printk("ipt_time: error, only valid for PRE_ROUTING, LOCAL_IN, FORWARD and OUTPUT)\n");
+ return 0;
diff --git a/target/linux/generic-2.6/patches-2.6.25/170-netfilter_chaostables_0.8.patch b/target/linux/generic-2.6/patches-2.6.25/170-netfilter_chaostables_0.8.patch
index 38b50004e..a5c42fc64 100644
--- a/target/linux/generic-2.6/patches-2.6.25/170-netfilter_chaostables_0.8.patch
+++ b/target/linux/generic-2.6/patches-2.6.25/170-netfilter_chaostables_0.8.patch
@@ -271,7 +271,7 @@ Index: linux-2.6.24/net/netfilter/xt_CHAOS.c
+
+ /* TARPIT/DELUDE may not be called from the OUTPUT chain */
+ if (iph->protocol == IPPROTO_TCP &&
-+ info->variant != XTCHAOS_NORMAL && hooknum != NF_IP_LOCAL_OUT)
++ info->variant != XTCHAOS_NORMAL && hooknum != NF_INET_LOCAL_OUT)
+ xt_chaos_total(info, skb, in, out, hooknum);
+
+ return NF_DROP;
@@ -300,8 +300,8 @@ Index: linux-2.6.24/net/netfilter/xt_CHAOS.c
+ .name = "CHAOS",
+ .family = AF_INET,
+ .table = "filter",
-+ .hooks = (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD) |
-+ (1 << NF_IP_LOCAL_OUT),
++ .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
++ (1 << NF_INET_LOCAL_OUT),
+ .checkentry = chaos_tg_check,
+ .target = chaos_tg,
+ .targetsize = sizeof(struct xt_chaos_target_info),
@@ -507,10 +507,10 @@ Index: linux-2.6.24/net/netfilter/xt_DELUDE.c
+
+ addr_type = RTN_UNSPEC;
+#ifdef CONFIG_BRIDGE_NETFILTER
-+ if (hook != NF_IP_FORWARD || (nskb->nf_bridge != NULL &&
++ if (hook != NF_INET_FORWARD || (nskb->nf_bridge != NULL &&
+ nskb->nf_bridge->mask & BRNF_BRIDGED))
+#else
-+ if (hook != NF_IP_FORWARD)
++ if (hook != NF_INET_FORWARD)
+#endif
+ addr_type = RTN_LOCAL;
+
@@ -532,7 +532,7 @@ Index: linux-2.6.24/net/netfilter/xt_DELUDE.c
+
+ nf_ct_attach(nskb, oldskb);
+
-+ NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
++ NF_HOOK(PF_INET, NF_INET_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
+ dst_output);
+ return;
+
@@ -555,7 +555,7 @@ Index: linux-2.6.24/net/netfilter/xt_DELUDE.c
+ .name = "DELUDE",
+ .family = AF_INET,
+ .table = "filter",
-+ .hooks = (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD),
++ .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD),
+ .target = delude_tg,
+ .proto = IPPROTO_TCP,
+ .me = THIS_MODULE,
diff --git a/target/linux/generic-2.6/patches-2.6.25/171-netfilter_tarpit.patch b/target/linux/generic-2.6/patches-2.6.25/171-netfilter_tarpit.patch
index f5f5589ff..e08900a46 100644
--- a/target/linux/generic-2.6/patches-2.6.25/171-netfilter_tarpit.patch
+++ b/target/linux/generic-2.6/patches-2.6.25/171-netfilter_tarpit.patch
@@ -218,7 +218,7 @@ Index: linux-2.6.23/net/netfilter/xt_TARPIT.c
+ fl.nl_u.ip4_u.tos = RT_TOS(niph->tos) | RTO_CONN;
+ fl.oif = 0;
+
-+ if (ip_route_output_key(&nrt, &fl))
++ if (ip_route_output_key(&init_net, &nrt, &fl))
+ goto free_nskb;
+
+ dst_release(nskb->dst);
@@ -279,7 +279,7 @@ Index: linux-2.6.23/net/netfilter/xt_TARPIT.c
+ if (iph->frag_off & htons(IP_OFFSET))
+ return NF_DROP;
+
-+ tarpit_tcp(skb, rt, hooknum == NF_IP_LOCAL_IN);
++ tarpit_tcp(skb, rt, hooknum == NF_INET_LOCAL_IN);
+ return NF_DROP;
+}
+
@@ -289,11 +289,11 @@ Index: linux-2.6.23/net/netfilter/xt_TARPIT.c
+{
+ bool invalid;
+
-+ if (strcmp(tablename, "raw") == 0 && hook_mask == NF_IP_PRE_ROUTING)
++ if (strcmp(tablename, "raw") == 0 && hook_mask == NF_INET_PRE_ROUTING)
+ return true;
+ if (strcmp(tablename, "filter") != 0)
+ return false;
-+ invalid = hook_mask & ~((1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD));
++ invalid = hook_mask & ~((1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD));
+ return !invalid;
+}
+
diff --git a/target/linux/generic-2.6/patches-2.6.25/190-netfilter_rtsp.patch b/target/linux/generic-2.6/patches-2.6.25/190-netfilter_rtsp.patch
index 56d0b7df2..c5a3f6752 100644
--- a/target/linux/generic-2.6/patches-2.6.25/190-netfilter_rtsp.patch
+++ b/target/linux/generic-2.6/patches-2.6.25/190-netfilter_rtsp.patch
@@ -1340,7 +1340,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ mr.range[0].flags = IP_NAT_RANGE_MAP_IPS;
+ mr.range[0].min_ip = mr.range[0].max_ip = newip;
+
-+ nf_nat_setup_info(ct, &mr.range[0], NF_IP_PRE_ROUTING);
++ nf_nat_setup_info(ct, &mr.range[0], NF_INET_PRE_ROUTING);
+}
+
+