fixed ipset patch to make it work right from userland

SVN-Revision: 7565
lede-17.01
Tim Yardley 2007-06-11 14:52:31 +00:00
parent 74e26fe612
commit f78de29500
1 changed files with 102 additions and 80 deletions

View File

@ -1,6 +1,6 @@
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set.h 2007-05-26 20:27:51.931539648 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set.h 2007-06-08 16:29:31.825808000 -0500
@@ -0,0 +1,498 @@
+#ifndef _IP_SET_H
+#define _IP_SET_H
@ -500,9 +500,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set.h linux-2.6.21.
+#endif /* __KERNEL__ */
+
+#endif /*_IP_SET_H*/
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_iphash.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_iphash.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_iphash.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_iphash.h 2007-05-26 20:27:51.932539496 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_iphash.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_iphash.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_iphash.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_iphash.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,30 @@
+#ifndef __IP_SET_IPHASH_H
+#define __IP_SET_IPHASH_H
@ -534,9 +534,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_iphash.h linux-
+};
+
+#endif /* __IP_SET_IPHASH_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_ipmap.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_ipmap.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_ipmap.h 2007-05-26 20:27:51.932539496 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_ipmap.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_ipmap.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_ipmap.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,56 @@
+#ifndef __IP_SET_IPMAP_H
+#define __IP_SET_IPMAP_H
@ -594,9 +594,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_ipmap.h linux-2
+}
+
+#endif /* __IP_SET_IPMAP_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_ipporthash.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_ipporthash.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_ipporthash.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_ipporthash.h 2007-05-26 20:27:51.932539496 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_ipporthash.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_ipporthash.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_ipporthash.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_ipporthash.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,34 @@
+#ifndef __IP_SET_IPPORTHASH_H
+#define __IP_SET_IPPORTHASH_H
@ -632,9 +632,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_ipporthash.h li
+};
+
+#endif /* __IP_SET_IPPORTHASH_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_iptree.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_iptree.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_iptree.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_iptree.h 2007-05-26 20:27:51.932539496 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_iptree.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_iptree.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_iptree.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_iptree.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,40 @@
+#ifndef __IP_SET_IPTREE_H
+#define __IP_SET_IPTREE_H
@ -676,9 +676,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_iptree.h linux-
+};
+
+#endif /* __IP_SET_IPTREE_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_jhash.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_jhash.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_jhash.h 2007-05-26 20:27:51.932539496 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_jhash.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_jhash.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_jhash.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,148 @@
+#ifndef _LINUX_IPSET_JHASH_H
+#define _LINUX_IPSET_JHASH_H
@ -828,9 +828,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_jhash.h linux-2
+}
+
+#endif /* _LINUX_IPSET_JHASH_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_macipmap.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_macipmap.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_macipmap.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_macipmap.h 2007-05-26 20:27:51.933539344 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_macipmap.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_macipmap.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_macipmap.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_macipmap.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,38 @@
+#ifndef __IP_SET_MACIPMAP_H
+#define __IP_SET_MACIPMAP_H
@ -870,9 +870,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_macipmap.h linu
+};
+
+#endif /* __IP_SET_MACIPMAP_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_malloc.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_malloc.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_malloc.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_malloc.h 2007-05-26 20:27:51.933539344 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_malloc.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_malloc.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_malloc.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_malloc.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,116 @@
+#ifndef _IP_SET_MALLOC_H
+#define _IP_SET_MALLOC_H
@ -990,9 +990,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_malloc.h linux-
+#endif /* __KERNEL__ */
+
+#endif /*_IP_SET_MALLOC_H*/
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_nethash.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_nethash.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_nethash.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_nethash.h 2007-05-26 20:27:51.933539344 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_nethash.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_nethash.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_nethash.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_nethash.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,55 @@
+#ifndef __IP_SET_NETHASH_H
+#define __IP_SET_NETHASH_H
@ -1049,9 +1049,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_nethash.h linux
+}
+
+#endif /* __IP_SET_NETHASH_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_portmap.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_portmap.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_portmap.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ip_set_portmap.h 2007-05-26 20:27:51.933539344 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_portmap.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_portmap.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ip_set_portmap.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ip_set_portmap.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,25 @@
+#ifndef __IP_SET_PORTMAP_H
+#define __IP_SET_PORTMAP_H
@ -1078,9 +1078,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ip_set_portmap.h linux
+};
+
+#endif /* __IP_SET_PORTMAP_H */
diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ipt_set.h
--- linux-2.6.21.1.old/include/linux/netfilter_ipv4/ipt_set.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/include/linux/netfilter_ipv4/ipt_set.h 2007-05-26 20:27:51.934539192 +0200
diff -ruN linux-2.6.21.1/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.21.1.new/include/linux/netfilter_ipv4/ipt_set.h
--- linux-2.6.21.1/include/linux/netfilter_ipv4/ipt_set.h 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/include/linux/netfilter_ipv4/ipt_set.h 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,21 @@
+#ifndef _IPT_SET_H
+#define _IPT_SET_H
@ -1103,9 +1103,9 @@ diff -urN linux-2.6.21.1.old/include/linux/netfilter_ipv4/ipt_set.h linux-2.6.21
+};
+
+#endif /*_IPT_SET_H*/
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set.c 2007-05-26 20:27:51.947537216 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set.c 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,2001 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
@ -3108,9 +3108,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set.c linux-2.6.21.1.dev/net/
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_iphash.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iphash.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_iphash.c 2007-05-26 20:27:51.947537216 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_iphash.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_iphash.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_iphash.c 2007-06-08 16:29:31.829808250 -0500
@@ -0,0 +1,413 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
@ -3525,9 +3525,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iphash.c linux-2.6.21.1.d
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_ipmap.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_ipmap.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_ipmap.c 2007-05-26 20:27:51.948537064 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_ipmap.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_ipmap.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_ipmap.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,327 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
@ -3856,9 +3856,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_ipmap.c linux-2.6.21.1.de
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_ipporthash.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_ipporthash.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_ipporthash.c 2007-05-26 20:27:51.949536912 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_ipporthash.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_ipporthash.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_ipporthash.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,535 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
@ -4395,10 +4395,10 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_ipporthash.c linux-2.6.21
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_iptree.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iptree.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_iptree.c 2007-05-26 20:27:51.949536912 +0200
@@ -0,0 +1,565 @@
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_iptree.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_iptree.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_iptree.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,571 @@
+/* Copyright (C) 2005 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
+ * This program is free software; you can redistribute it and/or modify
@ -4408,6 +4408,7 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.21.1.d
+
+/* Kernel module implementing an IP set type: the iptree type */
+
+#include <linux/version.h>
+#include <linux/module.h>
+#include <linux/ip.h>
+#include <linux/skbuff.h>
@ -4435,8 +4436,13 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.21.1.d
+ * to delete the gc timer at destroying/flushing a set */
+#define IPTREE_DESTROY_SLEEP 100
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+static struct kmem_cache *branch_cachep;
+static struct kmem_cache *leaf_cachep;
+#else
+static kmem_cache_t *branch_cachep;
+static kmem_cache_t *leaf_cachep;
+#endif
+
+#define ABCD(a,b,c,d,addrp) do { \
+ a = ((unsigned char *)addrp)[3]; \
@ -4964,9 +4970,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_iptree.c linux-2.6.21.1.d
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_macipmap.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_macipmap.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_macipmap.c 2007-05-26 20:27:51.950536760 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_macipmap.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_macipmap.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_macipmap.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,353 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
@ -5321,9 +5327,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_macipmap.c linux-2.6.21.1
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_nethash.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_nethash.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_nethash.c 2007-05-26 20:27:51.950536760 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_nethash.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_nethash.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_nethash.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,481 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
@ -5806,9 +5812,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_nethash.c linux-2.6.21.1.
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_portmap.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_portmap.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ip_set_portmap.c 2007-05-26 20:27:51.951536608 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_portmap.c
--- linux-2.6.21.1/net/ipv4/netfilter/ip_set_portmap.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ip_set_portmap.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,334 @@
+/* Copyright (C) 2003-2004 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
+ *
@ -6144,10 +6150,10 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ip_set_portmap.c linux-2.6.21.1.
+
+module_init(init);
+module_exit(fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_set.c linux-2.6.21.1.dev/net/ipv4/netfilter/ipt_set.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ipt_set.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ipt_set.c 2007-05-26 20:27:51.951536608 +0200
@@ -0,0 +1,142 @@
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ipt_set.c linux-2.6.21.1.new/net/ipv4/netfilter/ipt_set.c
--- linux-2.6.21.1/net/ipv4/netfilter/ipt_set.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ipt_set.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,150 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+ * Martin Josefsson <gandalf@wlug.westbo.se>
@ -6265,6 +6271,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_set.c linux-2.6.21.1.dev/net
+
+static struct ipt_match set_match = {
+ .name = "set",
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+ .family = AF_INET,
+#endif
+ .match = &match,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ .matchsize = sizeof(struct ipt_set_info_match),
@ -6278,22 +6287,27 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_set.c linux-2.6.21.1.dev/net
+MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
+MODULE_DESCRIPTION("iptables IP set match module");
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+#define ipt_register_match xt_register_match
+#define ipt_unregister_match xt_unregister_match
+#endif
+
+static int __init ipt_ipset_init(void)
+{
+ return xt_register_match(&set_match);
+ return ipt_register_match(&set_match);
+}
+
+static void __exit ipt_ipset_fini(void)
+{
+ xt_unregister_match(&set_match);
+ ipt_unregister_match(&set_match);
+}
+
+module_init(ipt_ipset_init);
+module_exit(ipt_ipset_fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_SET.c linux-2.6.21.1.dev/net/ipv4/netfilter/ipt_SET.c
--- linux-2.6.21.1.old/net/ipv4/netfilter/ipt_SET.c 1970-01-01 01:00:00.000000000 +0100
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/ipt_SET.c 2007-05-26 20:27:51.952536456 +0200
@@ -0,0 +1,160 @@
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/ipt_SET.c linux-2.6.21.1.new/net/ipv4/netfilter/ipt_SET.c
--- linux-2.6.21.1/net/ipv4/netfilter/ipt_SET.c 1969-12-31 18:00:00.000000000 -0600
+++ linux-2.6.21.1.new/net/ipv4/netfilter/ipt_SET.c 2007-06-08 16:29:31.833808500 -0500
@@ -0,0 +1,168 @@
+/* Copyright (C) 2000-2002 Joakim Axelsson <gozem@linux.nu>
+ * Patrick Schaaf <bof@bof.de>
+ * Martin Josefsson <gandalf@wlug.westbo.se>
@ -6429,6 +6443,9 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_SET.c linux-2.6.21.1.dev/net
+
+static struct ipt_target SET_target = {
+ .name = "SET",
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+ .family = AF_INET,
+#endif
+ .target = target,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+ .targetsize = sizeof(struct ipt_set_info_target),
@ -6442,22 +6459,27 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/ipt_SET.c linux-2.6.21.1.dev/net
+MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
+MODULE_DESCRIPTION("iptables IP set target module");
+
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
+#define ipt_register_target xt_register_target
+#define ipt_unregister_target xt_unregister_target
+#endif
+
+static int __init ipt_SET_init(void)
+{
+ return xt_register_target(&SET_target);
+ return ipt_register_target(&SET_target);
+}
+
+static void __exit ipt_SET_fini(void)
+{
+ xt_unregister_target(&SET_target);
+ ipt_unregister_target(&SET_target);
+}
+
+module_init(ipt_SET_init);
+module_exit(ipt_SET_fini);
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/Kconfig linux-2.6.21.1.dev/net/ipv4/netfilter/Kconfig
--- linux-2.6.21.1.old/net/ipv4/netfilter/Kconfig 2007-05-26 20:24:53.749627416 +0200
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/Kconfig 2007-05-26 20:27:51.952536456 +0200
@@ -681,5 +681,114 @@
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/Kconfig linux-2.6.21.1.new/net/ipv4/netfilter/Kconfig
--- linux-2.6.21.1/net/ipv4/netfilter/Kconfig 2007-04-27 16:49:26.000000000 -0500
+++ linux-2.6.21.1.new/net/ipv4/netfilter/Kconfig 2007-06-08 16:29:31.833808500 -0500
@@ -657,5 +657,114 @@
Allows altering the ARP packet payload: source and destination
hardware and network addresses.
@ -6572,18 +6594,18 @@ diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/Kconfig linux-2.6.21.1.dev/net/i
+
endmenu
diff -urN linux-2.6.21.1.old/net/ipv4/netfilter/Makefile linux-2.6.21.1.dev/net/ipv4/netfilter/Makefile
--- linux-2.6.21.1.old/net/ipv4/netfilter/Makefile 2007-05-26 20:24:53.750627264 +0200
+++ linux-2.6.21.1.dev/net/ipv4/netfilter/Makefile 2007-05-26 20:27:51.953536304 +0200
diff -ruN linux-2.6.21.1/net/ipv4/netfilter/Makefile linux-2.6.21.1.new/net/ipv4/netfilter/Makefile
--- linux-2.6.21.1/net/ipv4/netfilter/Makefile 2007-04-27 16:49:26.000000000 -0500
+++ linux-2.6.21.1.new/net/ipv4/netfilter/Makefile 2007-06-08 16:29:31.837808750 -0500
@@ -90,6 +90,7 @@
obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o
obj-$(CONFIG_IP_NF_MATCH_AH) += ipt_ah.o
obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o
+obj-$(CONFIG_IP_NF_MATCH_SET) += ipt_set.o
obj-$(CONFIG_IP_NF_MATCH_ADDRTYPE) += ipt_addrtype.o
obj-$(CONFIG_IP_NF_MATCH_IPP2P) += ipt_ipp2p.o
obj-$(CONFIG_IP_NF_MATCH_LAYER7) += ipt_layer7.o
@@ -107,6 +108,17 @@
# targets
@@ -105,6 +106,17 @@
obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o