diff options
| -rw-r--r-- | target/linux/generic/patches-3.7/604-netfilter_cisco_794x_iphone.patch | 22 |
1 files changed, 14 insertions, 8 deletions
diff --git a/target/linux/generic/patches-3.7/604-netfilter_cisco_794x_iphone.patch b/target/linux/generic/patches-3.7/604-netfilter_cisco_794x_iphone.patch index d9505e0aa..676d78ec2 100644 --- a/target/linux/generic/patches-3.7/604-netfilter_cisco_794x_iphone.patch +++ b/target/linux/generic/patches-3.7/604-netfilter_cisco_794x_iphone.patch @@ -1,3 +1,5 @@ +diff --git a/include/linux/netfilter/nf_conntrack_sip.h b/include/linux/netfilter/nf_conntrack_sip.h +index 387bdd0..ba7f571 100644 --- a/include/linux/netfilter/nf_conntrack_sip.h +++ b/include/linux/netfilter/nf_conntrack_sip.h @@ -4,12 +4,15 @@ @@ -16,9 +18,11 @@ }; enum sip_expectation_classes { +diff --git a/net/netfilter/nf_nat_sip.c b/net/netfilter/nf_nat_sip.c +index 16303c7..552e270 100644 --- a/net/netfilter/nf_nat_sip.c +++ b/net/netfilter/nf_nat_sip.c -@@ -95,6 +95,7 @@ static int map_addr(struct sk_buff *skb, +@@ -95,6 +95,7 @@ static int map_addr(struct sk_buff *skb, unsigned int protoff, enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); @@ -26,7 +30,7 @@ char buffer[INET6_ADDRSTRLEN + sizeof("[]:nnnnn")]; unsigned int buflen; union nf_inet_addr newaddr; -@@ -107,7 +108,8 @@ static int map_addr(struct sk_buff *skb, +@@ -107,7 +108,8 @@ static int map_addr(struct sk_buff *skb, unsigned int protoff, } else if (nf_inet_addr_cmp(&ct->tuplehash[dir].tuple.dst.u3, addr) && ct->tuplehash[dir].tuple.dst.u.udp.port == port) { newaddr = ct->tuplehash[!dir].tuple.src.u3; @@ -36,7 +40,7 @@ } else return 1; -@@ -144,6 +146,7 @@ static unsigned int nf_nat_sip(struct sk +@@ -144,6 +146,7 @@ static unsigned int nf_nat_sip(struct sk_buff *skb, unsigned int protoff, enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); @@ -55,17 +59,17 @@ + if (!skb_make_writable(skb, skb->len)) + return NF_DROP; + -+ uh = (struct udphdr *)(skb->data + ip_hdrlen(skb)); ++ uh = (void *)skb->data + protoff; + uh->dest = ct_sip_info->forced_dport; + -+ if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo, 0, 0, NULL, 0)) ++ if (!nf_nat_mangle_udp_packet(skb, ct, ctinfo, protoff, 0, 0, NULL, 0)) + return NF_DROP; + } + return NF_ACCEPT; } -@@ -311,8 +328,10 @@ static unsigned int nf_nat_sip_expect(st +@@ -311,8 +328,10 @@ static unsigned int nf_nat_sip_expect(struct sk_buff *skb, unsigned int protoff, enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); enum ip_conntrack_dir dir = CTINFO2DIR(ctinfo); @@ -76,7 +80,7 @@ char buffer[INET6_ADDRSTRLEN + sizeof("[]:nnnnn")]; unsigned int buflen; -@@ -326,8 +345,9 @@ static unsigned int nf_nat_sip_expect(st +@@ -326,8 +345,9 @@ static unsigned int nf_nat_sip_expect(struct sk_buff *skb, unsigned int protoff, /* If the signalling port matches the connection's source port in the * original direction, try to use the destination port in the opposite * direction. */ @@ -88,9 +92,11 @@ port = ntohs(ct->tuplehash[!dir].tuple.dst.u.udp.port); else port = ntohs(exp->tuple.dst.u.udp.port); +diff --git a/net/netfilter/nf_conntrack_sip.c b/net/netfilter/nf_conntrack_sip.c +index df8f4f2..72a67bb 100644 --- a/net/netfilter/nf_conntrack_sip.c +++ b/net/netfilter/nf_conntrack_sip.c -@@ -1440,8 +1440,25 @@ static int process_sip_request(struct sk +@@ -1440,8 +1440,25 @@ static int process_sip_request(struct sk_buff *skb, unsigned int protoff, { enum ip_conntrack_info ctinfo; struct nf_conn *ct = nf_ct_get(skb, &ctinfo); |