fix some netfilter extensions on 2.6.25

SVN-Revision: 10991
owl
Gabor Juhos 2008-04-30 15:09:56 +00:00
parent 19233de9d3
commit e26227a404
4 changed files with 13 additions and 13 deletions

View File

@ -122,7 +122,7 @@ Index: linux-2.6.23-rc6/net/ipv4/netfilter/ipt_time.c
+ +
+ /* First, check that we are in the correct hooks */ + /* First, check that we are in the correct hooks */
+ if (hook_mask + if (hook_mask
+ & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD) | (1 << NF_IP_LOCAL_OUT))) + & ~((1 << NF_INET_PRE_ROUTING) | (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) | (1 << NF_INET_LOCAL_OUT)))
+ { + {
+ printk("ipt_time: error, only valid for PRE_ROUTING, LOCAL_IN, FORWARD and OUTPUT)\n"); + printk("ipt_time: error, only valid for PRE_ROUTING, LOCAL_IN, FORWARD and OUTPUT)\n");
+ return 0; + return 0;

View File

@ -271,7 +271,7 @@ Index: linux-2.6.24/net/netfilter/xt_CHAOS.c
+ +
+ /* TARPIT/DELUDE may not be called from the OUTPUT chain */ + /* TARPIT/DELUDE may not be called from the OUTPUT chain */
+ if (iph->protocol == IPPROTO_TCP && + if (iph->protocol == IPPROTO_TCP &&
+ info->variant != XTCHAOS_NORMAL && hooknum != NF_IP_LOCAL_OUT) + info->variant != XTCHAOS_NORMAL && hooknum != NF_INET_LOCAL_OUT)
+ xt_chaos_total(info, skb, in, out, hooknum); + xt_chaos_total(info, skb, in, out, hooknum);
+ +
+ return NF_DROP; + return NF_DROP;
@ -300,8 +300,8 @@ Index: linux-2.6.24/net/netfilter/xt_CHAOS.c
+ .name = "CHAOS", + .name = "CHAOS",
+ .family = AF_INET, + .family = AF_INET,
+ .table = "filter", + .table = "filter",
+ .hooks = (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD) | + .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD) |
+ (1 << NF_IP_LOCAL_OUT), + (1 << NF_INET_LOCAL_OUT),
+ .checkentry = chaos_tg_check, + .checkentry = chaos_tg_check,
+ .target = chaos_tg, + .target = chaos_tg,
+ .targetsize = sizeof(struct xt_chaos_target_info), + .targetsize = sizeof(struct xt_chaos_target_info),
@ -507,10 +507,10 @@ Index: linux-2.6.24/net/netfilter/xt_DELUDE.c
+ +
+ addr_type = RTN_UNSPEC; + addr_type = RTN_UNSPEC;
+#ifdef CONFIG_BRIDGE_NETFILTER +#ifdef CONFIG_BRIDGE_NETFILTER
+ if (hook != NF_IP_FORWARD || (nskb->nf_bridge != NULL && + if (hook != NF_INET_FORWARD || (nskb->nf_bridge != NULL &&
+ nskb->nf_bridge->mask & BRNF_BRIDGED)) + nskb->nf_bridge->mask & BRNF_BRIDGED))
+#else +#else
+ if (hook != NF_IP_FORWARD) + if (hook != NF_INET_FORWARD)
+#endif +#endif
+ addr_type = RTN_LOCAL; + addr_type = RTN_LOCAL;
+ +
@ -532,7 +532,7 @@ Index: linux-2.6.24/net/netfilter/xt_DELUDE.c
+ +
+ nf_ct_attach(nskb, oldskb); + nf_ct_attach(nskb, oldskb);
+ +
+ NF_HOOK(PF_INET, NF_IP_LOCAL_OUT, nskb, NULL, nskb->dst->dev, + NF_HOOK(PF_INET, NF_INET_LOCAL_OUT, nskb, NULL, nskb->dst->dev,
+ dst_output); + dst_output);
+ return; + return;
+ +
@ -555,7 +555,7 @@ Index: linux-2.6.24/net/netfilter/xt_DELUDE.c
+ .name = "DELUDE", + .name = "DELUDE",
+ .family = AF_INET, + .family = AF_INET,
+ .table = "filter", + .table = "filter",
+ .hooks = (1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD), + .hooks = (1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD),
+ .target = delude_tg, + .target = delude_tg,
+ .proto = IPPROTO_TCP, + .proto = IPPROTO_TCP,
+ .me = THIS_MODULE, + .me = THIS_MODULE,

View File

@ -218,7 +218,7 @@ Index: linux-2.6.23/net/netfilter/xt_TARPIT.c
+ fl.nl_u.ip4_u.tos = RT_TOS(niph->tos) | RTO_CONN; + fl.nl_u.ip4_u.tos = RT_TOS(niph->tos) | RTO_CONN;
+ fl.oif = 0; + fl.oif = 0;
+ +
+ if (ip_route_output_key(&nrt, &fl)) + if (ip_route_output_key(&init_net, &nrt, &fl))
+ goto free_nskb; + goto free_nskb;
+ +
+ dst_release(nskb->dst); + dst_release(nskb->dst);
@ -279,7 +279,7 @@ Index: linux-2.6.23/net/netfilter/xt_TARPIT.c
+ if (iph->frag_off & htons(IP_OFFSET)) + if (iph->frag_off & htons(IP_OFFSET))
+ return NF_DROP; + return NF_DROP;
+ +
+ tarpit_tcp(skb, rt, hooknum == NF_IP_LOCAL_IN); + tarpit_tcp(skb, rt, hooknum == NF_INET_LOCAL_IN);
+ return NF_DROP; + return NF_DROP;
+} +}
+ +
@ -289,11 +289,11 @@ Index: linux-2.6.23/net/netfilter/xt_TARPIT.c
+{ +{
+ bool invalid; + bool invalid;
+ +
+ if (strcmp(tablename, "raw") == 0 && hook_mask == NF_IP_PRE_ROUTING) + if (strcmp(tablename, "raw") == 0 && hook_mask == NF_INET_PRE_ROUTING)
+ return true; + return true;
+ if (strcmp(tablename, "filter") != 0) + if (strcmp(tablename, "filter") != 0)
+ return false; + return false;
+ invalid = hook_mask & ~((1 << NF_IP_LOCAL_IN) | (1 << NF_IP_FORWARD)); + invalid = hook_mask & ~((1 << NF_INET_LOCAL_IN) | (1 << NF_INET_FORWARD));
+ return !invalid; + return !invalid;
+} +}
+ +

View File

@ -1340,7 +1340,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ mr.range[0].flags = IP_NAT_RANGE_MAP_IPS; + mr.range[0].flags = IP_NAT_RANGE_MAP_IPS;
+ mr.range[0].min_ip = mr.range[0].max_ip = newip; + mr.range[0].min_ip = mr.range[0].max_ip = newip;
+ +
+ nf_nat_setup_info(ct, &mr.range[0], NF_IP_PRE_ROUTING); + nf_nat_setup_info(ct, &mr.range[0], NF_INET_PRE_ROUTING);
+} +}
+ +
+ +