Commit in netfilter-fullconenat/trunk (4 files)

Jan Steffens Sun, 11 Dec 2022 16:58:36 -0800

    Date: Monday, December 12, 2022 @ 00:58:25
  Author: heftig
Revision: 1358776


r73.0cf3b48-256: linux 6.1.arch1-1

Added:
  netfilter-fullconenat/trunk/0001-Linux-5.15.patch
    (from rev 1358775, netfilter-fullconenat/trunk/linux-5.15.patch)
  netfilter-fullconenat/trunk/0002-Linux-6.1.patch
Modified:
  netfilter-fullconenat/trunk/PKGBUILD
Deleted:
  netfilter-fullconenat/trunk/linux-5.15.patch

-----------------------+
 0001-Linux-5.15.patch |   87 ++++++++++++++++++++++++++++++++++++++++++++++++
 0002-Linux-6.1.patch  |   25 +++++++++++++
 PKGBUILD              |   11 +++---
 linux-5.15.patch      |   68 -------------------------------------
 4 files changed, 119 insertions(+), 72 deletions(-)

Copied: netfilter-fullconenat/trunk/0001-Linux-5.15.patch (from rev 1358775, 
netfilter-fullconenat/trunk/linux-5.15.patch)
===================================================================
--- 0001-Linux-5.15.patch                               (rev 0)
+++ 0001-Linux-5.15.patch       2022-12-12 00:58:25 UTC (rev 1358776)
@@ -0,0 +1,87 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <hef...@archlinux.org>
+Date: Mon, 12 Dec 2022 00:50:50 +0000
+Subject: [PATCH] Linux 5.15
+
+---
+ xt_FULLCONENAT.c | 19 ++++++++++++++++---
+ 1 file changed, 16 insertions(+), 3 deletions(-)
+
+diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
+index 8555b54e2dc6..5f4cc5390629 100644
+--- a/xt_FULLCONENAT.c
++++ b/xt_FULLCONENAT.c
+@@ -91,7 +91,9 @@ struct notifier_block ct_event_notifier;
+ struct nf_ct_event_notifier ct_event_notifier;
+ #endif
+ int tg_refer_count = 0;
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ int ct_event_notifier_registered = 0;
++#endif
+ 
+ static DEFINE_MUTEX(nf_ct_net_event_lock);
+ 
+@@ -335,8 +337,10 @@ static void gc_worker(struct work_struct *work) {
+ #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
+ static int ct_event_cb(struct notifier_block *this, unsigned long events, 
void *ptr) {
+   struct nf_ct_event *item = ptr;
+-#else
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ static int ct_event_cb(unsigned int events, struct nf_ct_event *item) {
++#else
++static int ct_event_cb(unsigned int events, const struct nf_ct_event *item) {
+ #endif
+   struct nf_conn *ct;
+   struct nf_conntrack_tuple *ct_tuple_reply, *ct_tuple_original;
+@@ -644,40 +648,49 @@ static int fullconenat_tg_check(const struct 
xt_tgchk_param *par)
+     nf_ct_netns_get(par->net, par->family);
+ #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
+     ct_event_notifier.notifier_call = ct_event_cb;
+-#else
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+     ct_event_notifier.fcn = ct_event_cb;
+-#endif
+ 
+     if (nf_conntrack_register_notifier(par->net, &ct_event_notifier) == 0) {
+       ct_event_notifier_registered = 1;
+       pr_debug("xt_FULLCONENAT: fullconenat_tg_check(): ct_event_notifier 
registered\n");
+     } else {
+       printk("xt_FULLCONENAT: warning: failed to register a conntrack 
notifier. Disable active GC for mappings.\n");
+     }
++#else
++    ct_event_notifier.ct_event = ct_event_cb;
++    nf_conntrack_register_notifier(par->net, &ct_event_notifier);
++    pr_debug("xt_FULLCONENAT: fullconenat_tg_check(): ct_event_notifier 
registered\n");
++#endif
+ 
+   }
+ 
+   mutex_unlock(&nf_ct_net_event_lock);
+ 
+   return 0;
+ }
+ 
+ static void fullconenat_tg_destroy(const struct xt_tgdtor_param *par)
+ {
+   mutex_lock(&nf_ct_net_event_lock);
+ 
+   tg_refer_count--;
+ 
+   pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): tg_refer_count is now 
%d\n", tg_refer_count);
+ 
+   if (tg_refer_count == 0) {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+     if (ct_event_notifier_registered) {
+       nf_conntrack_unregister_notifier(par->net, &ct_event_notifier);
+       ct_event_notifier_registered = 0;
+ 
+       pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier 
unregistered\n");
+ 
+     }
++#else
++    nf_conntrack_unregister_notifier(par->net);
++    pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier 
unregistered\n");
++#endif
+     nf_ct_netns_put(par->net, par->family);
+   }
+ 

Added: 0002-Linux-6.1.patch
===================================================================
--- 0002-Linux-6.1.patch                                (rev 0)
+++ 0002-Linux-6.1.patch        2022-12-12 00:58:25 UTC (rev 1358776)
@@ -0,0 +1,25 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: "Jan Alexander Steffens (heftig)" <hef...@archlinux.org>
+Date: Mon, 12 Dec 2022 00:53:27 +0000
+Subject: [PATCH] Linux 6.1
+
+---
+ xt_FULLCONENAT.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
+index 5f4cc5390629..48598d697048 100644
+--- a/xt_FULLCONENAT.c
++++ b/xt_FULLCONENAT.c
+@@ -428,7 +428,11 @@ static uint16_t find_appropriate_port(struct net *net, 
const struct nf_conntrack
+     /* for now we do the same thing for both --random and --random-fully */
+ 
+     /* select a random starting point */
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(6,1,0)
++    start = (uint16_t)(get_random_u32() % (u32)range_size);
++#else
+     start = (uint16_t)(prandom_u32() % (u32)range_size);
++#endif
+   } else {
+ 
+     if ((original_port >= min && original_port <= min + range_size - 1)

Modified: PKGBUILD
===================================================================
--- PKGBUILD    2022-12-12 00:40:05 UTC (rev 1358775)
+++ PKGBUILD    2022-12-12 00:58:25 UTC (rev 1358776)
@@ -3,7 +3,7 @@
 
 pkgname=netfilter-fullconenat
 pkgver=r73.0cf3b48
-pkgrel=255
+pkgrel=256
 pkgdesc="A kernel module that turns MASQUERADE into full cone SNAT"
 arch=('x86_64')
 url="https://github.com/Chion82/netfilter-full-cone-nat";
@@ -12,9 +12,11 @@
 makedepends=('linux-headers' 'git')
 _commit=0cf3b48fd7d2fa81d0297d1fff12bbd0580fc435  # master
 
source=("${pkgname}::git+https://github.com/Chion82/netfilter-full-cone-nat#commit=${_commit}";
-        linux-5.15.patch)
+        0001-Linux-5.15.patch
+        0002-Linux-6.1.patch)
 sha256sums=('SKIP'
-            'd785622e80ed3348be133270ac974dd372e0d6d770f0da554edbcbf20e94d6a6')
+            'a67c52bb58fac8113b4bc9640b626baa1d9e533c9bb8a2019153490d223b918a'
+            'b164406e56c84b4659f6b17be47dc5314fff74a92d1a3028c629dc91576abf94')
 
 pkgver() {
   cd ${pkgname}
@@ -27,7 +29,8 @@
 prepare() {
   cd ${pkgname}
   echo "obj-m = xt_FULLCONENAT.o" > Kbuild
-  patch -p1 -i ../linux-5.15.patch
+  git apply -3 ../0001-Linux-5.15.patch
+  git apply -3 ../0002-Linux-6.1.patch
 }
 
 build() {

Deleted: linux-5.15.patch
===================================================================
--- linux-5.15.patch    2022-12-12 00:40:05 UTC (rev 1358775)
+++ linux-5.15.patch    2022-12-12 00:58:25 UTC (rev 1358776)
@@ -1,68 +0,0 @@
-diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
-index 9bb8660..c061b98 100644
---- a/xt_FULLCONENAT.c
-+++ b/xt_FULLCONENAT.c
-@@ -123,7 +123,9 @@ struct notifier_block ct_event_notifier;
- struct nf_ct_event_notifier ct_event_notifier;
- #endif
- int tg_refer_count = 0;
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
- int ct_event_notifier_registered = 0;
-+#endif
- 
- static DEFINE_MUTEX(nf_ct_net_event_lock);
- 
-@@ -894,8 +896,10 @@ static void gc_worker(struct work_struct *work) {
- #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
- static int ct_event_cb(struct notifier_block *this, unsigned long events, 
void *ptr) {
-   struct nf_ct_event *item = ptr;
--#else
-+#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
- static int ct_event_cb(unsigned int events, struct nf_ct_event *item) {
-+#else
-+static int ct_event_cb(unsigned int events, const struct nf_ct_event *item) {
- #endif
-   struct nf_conn *ct;
-   struct nf_conntrack_tuple *ct_tuple_reply, *ct_tuple_original;
-@@ -1242,9 +1246,8 @@ static int fullconenat_tg_check(const struct 
xt_tgchk_param *par)
-   if (tg_refer_count == 1) {
- #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
-     ct_event_notifier.notifier_call = ct_event_cb;
--#else
-+#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
-     ct_event_notifier.fcn = ct_event_cb;
--#endif
- 
-     if (nf_conntrack_register_notifier(par->net, &ct_event_notifier) == 0) {
-       ct_event_notifier_registered = 1;
-@@ -1252,6 +1255,11 @@ static int fullconenat_tg_check(const struct 
xt_tgchk_param *par)
-     } else {
-       printk("xt_FULLCONENAT: warning: failed to register a conntrack 
notifier. Disable active GC for mappings.\n");
-     }
-+#else
-+    ct_event_notifier.ct_event = ct_event_cb;
-+    nf_conntrack_register_notifier(par->net, &ct_event_notifier);
-+    pr_debug("xt_FULLCONENAT: fullconenat_tg_check(): ct_event_notifier 
registered\n");
-+#endif
- 
-   }
- 
-@@ -1269,6 +1277,7 @@ static void fullconenat_tg_destroy(const struct 
xt_tgdtor_param *par)
-   pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): tg_refer_count is now 
%d\n", tg_refer_count);
- 
-   if (tg_refer_count == 0) {
-+#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
-     if (ct_event_notifier_registered) {
-       nf_conntrack_unregister_notifier(par->net, &ct_event_notifier);
-       ct_event_notifier_registered = 0;
-@@ -1276,6 +1285,10 @@ static void fullconenat_tg_destroy(const struct 
xt_tgdtor_param *par)
-       pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier 
unregistered\n");
- 
-     }
-+#else
-+    nf_conntrack_unregister_notifier(par->net);
-+    pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier 
unregistered\n");
-+#endif
-     nf_ct_netns_put(par->net, par->family);
-   }
-

Commit in netfilter-fullconenat/trunk (4 files)

Reply via email to