This will not fix any bugs - it just to make tcp-window-tracking applicable
after {submitted,pending,newnat,base}/*
This is patch on patch - against cvs version of tcp-window-tracking.patch
Index: tcp-window-tracking.patch
===================================================================
RCS file: /cvsroot/netfilter/userspace/patch-o-matic/extra/tcp-window-tracking.patch,v
retrieving revision 1.7
diff -u -r1.7 tcp-window-tracking.patch
--- tcp-window-tracking.patch 4 Mar 2002 11:48:16 -0000 1.7
+++ tcp-window-tracking.patch 21 Mar 2002 14:53:23 -0000
@@ -1,6 +1,6 @@
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/include/linux/netfilter_ipv4/ip_conntrack_tcp.h
linux-2.4.17-tcp-window/include/linux/netfilter_ipv4/ip_conntrack_tcp.h
---- linux-2.4.17-orig/include/linux/netfilter_ipv4/ip_conntrack_tcp.h Fri Aug 4
22:07:24 2000
-+++ linux-2.4.17-tcp-window/include/linux/netfilter_ipv4/ip_conntrack_tcp.h Wed
Feb 20 23:29:47 2002
+diff -Nru a/include/linux/netfilter_ipv4/ip_conntrack_tcp.h
+b/include/linux/netfilter_ipv4/ip_conntrack_tcp.h
+--- a/include/linux/netfilter_ipv4/ip_conntrack_tcp.h Thu Mar 21 17:34:06 2002
++++ b/include/linux/netfilter_ipv4/ip_conntrack_tcp.h Thu Mar 21 17:34:06 2002
@@ -8,25 +8,35 @@
enum tcp_conntrack {
@@ -45,10 +45,10 @@
+
#endif /* _IP_CONNTRACK_TCP_H */
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/include/linux/sysctl.h linux-2.4.17-tcp-window/include/linux/sysctl.h
---- linux-2.4.17-orig/include/linux/sysctl.h Wed Feb 20 23:33:51 2002
-+++ linux-2.4.17-tcp-window/include/linux/sysctl.h Wed Feb 20 23:41:46 2002
-@@ -231,6 +231,7 @@
+diff -Nru a/include/linux/sysctl.h b/include/linux/sysctl.h
+--- a/include/linux/sysctl.h Thu Mar 21 17:34:06 2002
++++ b/include/linux/sysctl.h Thu Mar 21 17:34:06 2002
+@@ -232,6 +232,7 @@
NET_IPV4_NEIGH=17,
NET_IPV4_ROUTE=18,
NET_IPV4_FIB_HASH=19,
@@ -56,7 +56,7 @@
NET_IPV4_TCP_TIMESTAMPS=33,
NET_IPV4_TCP_WINDOW_SCALING=34,
-@@ -337,6 +338,28 @@
+@@ -338,6 +339,28 @@
NET_IPV4_CONF_ARPFILTER=13
};
@@ -85,10 +85,10 @@
/* /proc/sys/net/ipv6 */
enum {
NET_IPV6_CONF=16,
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_core.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_core.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_core.c Tue Aug 7 17:30:50
2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_core.c Wed Feb 20
23:50:07 2002
-@@ -50,7 +50,7 @@
+diff -Nru a/net/ipv4/netfilter/ip_conntrack_core.c
+b/net/ipv4/netfilter/ip_conntrack_core.c
+--- a/net/ipv4/netfilter/ip_conntrack_core.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_conntrack_core.c Thu Mar 21 17:34:06 2002
+@@ -58,7 +58,7 @@
LIST_HEAD(protocol_list);
static LIST_HEAD(helpers);
unsigned int ip_conntrack_htable_size = 0;
@@ -97,7 +97,7 @@
static atomic_t ip_conntrack_count = ATOMIC_INIT(0);
struct list_head *ip_conntrack_hash;
static kmem_cache_t *ip_conntrack_cachep;
-@@ -1015,29 +1015,6 @@
+@@ -1257,29 +1257,6 @@
SO_ORIGINAL_DST, SO_ORIGINAL_DST+1, &getorigdst,
0, NULL };
@@ -127,7 +127,7 @@
static int kill_all(const struct ip_conntrack *i, void *data)
{
return 1;
-@@ -1047,9 +1024,6 @@
+@@ -1289,9 +1266,6 @@
supposed to kill the mall. */
void ip_conntrack_cleanup(void)
{
@@ -137,7 +137,7 @@
ip_ct_attach = NULL;
/* This makes sure all current packets have passed through
netfilter framework. Roll on, two-stage module
-@@ -1126,20 +1100,6 @@
+@@ -1370,20 +1344,6 @@
for (i = 0; i < ip_conntrack_htable_size; i++)
INIT_LIST_HEAD(&ip_conntrack_hash[i]);
@@ -158,9 +158,9 @@
/* For use by ipt_REJECT */
ip_ct_attach = ip_conntrack_attach;
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_generic.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_generic.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_generic.c Fri Apr 27
23:15:01 2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_generic.c Wed
Feb 20 23:29:48 2002
+diff -Nru a/net/ipv4/netfilter/ip_conntrack_proto_generic.c
+b/net/ipv4/netfilter/ip_conntrack_proto_generic.c
+--- a/net/ipv4/netfilter/ip_conntrack_proto_generic.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_conntrack_proto_generic.c Thu Mar 21 17:34:06 2002
@@ -4,7 +4,7 @@
#include <linux/netfilter.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
@@ -179,9 +179,9 @@
return NF_ACCEPT;
}
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_icmp.c Fri Apr 27
23:15:01 2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_icmp.c Wed
Feb 20 23:29:48 2002
+diff -Nru a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
+b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c
+--- a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c Thu Mar 21 17:34:06 2002
@@ -6,7 +6,7 @@
#include <linux/icmp.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
@@ -200,9 +200,9 @@
}
return NF_ACCEPT;
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Fri Apr 27
23:15:01 2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Thu
Feb 28 14:43:31 2002
+diff -Nru a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c
+--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c Thu Mar 21 17:34:06 2002
@@ -1,3 +1,14 @@
+/*
+ * TCP connection tracking
@@ -218,15 +218,15 @@
#define __NO_VERSION__
#include <linux/types.h>
#include <linux/sched.h>
-@@ -7,12 +18,15 @@
- #include <linux/in.h>
+@@ -8,6 +19,7 @@
#include <linux/ip.h>
#include <linux/tcp.h>
+
+#include <linux/spinlock.h>
-+#include <net/tcp.h>
+ #include <net/tcp.h>
+
#include <linux/netfilter_ipv4/ip_conntrack.h>
- #include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
- #include <linux/netfilter_ipv4/lockhelp.h>
+@@ -16,6 +28,7 @@
#if 0
#define DEBUGP printk
@@ -234,7 +234,7 @@
#else
#define DEBUGP(format, args...)
#endif
-@@ -20,6 +34,14 @@
+@@ -23,6 +36,14 @@
/* Protects conntrack->proto.tcp */
static DECLARE_RWLOCK(tcp_lock);
@@ -249,7 +249,7 @@
/* FIXME: Examine ipfilter's timeouts and conntrack transitions more
closely. They're more complex. --RR */
-@@ -30,66 +52,202 @@
+@@ -33,66 +54,202 @@
static const char *tcp_conntrack_names[] = {
"NONE",
@@ -486,7 +486,7 @@
}
};
-@@ -136,19 +294,337 @@
+@@ -139,19 +296,337 @@
static unsigned int get_conntrack_index(const struct tcphdr *tcph)
{
@@ -830,7 +830,7 @@
struct tcphdr *tcph = (struct tcphdr *)((u_int32_t *)iph + iph->ihl);
/* We're guaranteed to have the base header, but maybe not the
-@@ -159,48 +635,65 @@
+@@ -162,48 +637,65 @@
}
WRITE_LOCK(&tcp_lock);
@@ -927,7 +927,7 @@
return NF_ACCEPT;
}
-@@ -209,23 +702,57 @@
+@@ -212,23 +704,57 @@
static int tcp_new(struct ip_conntrack *conntrack,
struct iphdr *iph, size_t len)
{
@@ -987,11 +987,11 @@
+
+EXPORT_SYMBOL(ip_conntrack_tcp_update);
- struct ip_conntrack_protocol ip_conntrack_protocol_tcp
- = { { NULL, NULL }, IPPROTO_TCP, "tcp",
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_udp.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_udp.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_proto_udp.c Fri Apr 27
23:15:01 2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_proto_udp.c Wed
Feb 20 23:29:48 2002
+ static int tcp_exp_matches_pkt(struct ip_conntrack_expect *exp,
+ struct sk_buff **pskb)
+diff -Nru a/net/ipv4/netfilter/ip_conntrack_proto_udp.c
+b/net/ipv4/netfilter/ip_conntrack_proto_udp.c
+--- a/net/ipv4/netfilter/ip_conntrack_proto_udp.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_conntrack_proto_udp.c Thu Mar 21 17:34:06 2002
@@ -6,8 +6,8 @@
#include <linux/udp.h>
#include <linux/netfilter_ipv4/ip_conntrack_protocol.h>
@@ -1017,9 +1017,9 @@
return NF_ACCEPT;
}
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_standalone.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_standalone.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_conntrack_standalone.c Sun Sep 30
21:26:08 2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_conntrack_standalone.c Thu
Feb 21 23:50:05 2002
+diff -Nru a/net/ipv4/netfilter/ip_conntrack_standalone.c
+b/net/ipv4/netfilter/ip_conntrack_standalone.c
+--- a/net/ipv4/netfilter/ip_conntrack_standalone.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_conntrack_standalone.c Thu Mar 21 17:34:06 2002
@@ -7,6 +7,7 @@
/* (c) 1999 Paul `Rusty' Russell. Licenced under the GNU General
Public Licence. */
@@ -1035,10 +1035,10 @@
+#ifdef CONFIG_SYSCTL
+#include <linux/sysctl.h>
+#endif
+ #include <linux/brlock.h>
#include <net/checksum.h>
- #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_conntrack_lock)
-@@ -226,6 +230,114 @@
+@@ -238,6 +242,114 @@
static struct nf_hook_ops ip_conntrack_local_in_ops
= { { NULL, NULL }, ip_confirm, PF_INET, NF_IP_LOCAL_IN, NF_IP_PRI_LAST-1 };
@@ -1153,7 +1153,7 @@
static int init_or_cleanup(int init)
{
struct proc_dir_entry *proc;
-@@ -261,10 +373,20 @@
+@@ -273,10 +385,20 @@
printk("ip_conntrack: can't register local in hook.\n");
goto cleanup_inoutandlocalops;
}
@@ -1174,12 +1174,12 @@
nf_unregister_hook(&ip_conntrack_local_in_ops);
cleanup_inoutandlocalops:
nf_unregister_hook(&ip_conntrack_out_ops);
-diff -urN --exclude-from=diff.exclude-tcp-window
linux-2.4.17-orig/net/ipv4/netfilter/ip_nat_helper.c
linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_nat_helper.c
---- linux-2.4.17-orig/net/ipv4/netfilter/ip_nat_helper.c Fri Dec 21 18:42:05
2001
-+++ linux-2.4.17-tcp-window/net/ipv4/netfilter/ip_nat_helper.c Wed Feb 27 15:53:10
2002
-@@ -243,6 +243,8 @@
- tcph->seq = newseq;
- tcph->ack_seq = newack;
+diff -Nru a/net/ipv4/netfilter/ip_nat_helper.c b/net/ipv4/netfilter/ip_nat_helper.c
+--- a/net/ipv4/netfilter/ip_nat_helper.c Thu Mar 21 17:34:06 2002
++++ b/net/ipv4/netfilter/ip_nat_helper.c Thu Mar 21 17:34:06 2002
+@@ -351,6 +351,8 @@
+
+ ip_nat_sack_adjust(skb, ct, ctinfo);
+ ip_conntrack_tcp_update(ct, dir, iph, skb->len, tcph);
+
--
Paul P 'Stingray' Komkoff 'Greatest' Jr // (icq)23200764 // (irc)Spacebar
PPKJ1-RIPE // (smtp)[EMAIL PROTECTED] // (http)stingr.net // (pgp)0xA4B4ECA4
