And here is a version of the patch that actually seems to work... (the
previous slotted in the changes slightly wrong.. didn't notice the subtle
error before sending the patch)
Regards
Henrik
Henrik Nordstrom wrote:
> And here is the actual patch...
>
> Henrik Nordstrom wrote:
> > [runme patch proposal for patch-o-matic dealing with the man page
> > attached]
> >
> > Hervé Eychenne wrote:
> > > - TTL target had nothing to do here, as it is in patch-o-matic.
> > > Deleted for coherence. Maybe we could have a special manpage for
> > > extra extensions, but as they are already documented in the
> > > Netfilter Extensions HOWTO, it would seem to appear as a
> > > duplicated effort.
> > > I just added a note on the existence of this HOWTO.
> >
> > May I propose we add manpage information to patch-o-matic. It should be
> > possible to use the same kind of magics as for Configure.help..
> >
> > patchname.man[-X]
> >
> > Where the first line is the existing line where the new documentation
> > should be inserted.
> >
> > Having the patch-o-matic extension you have applied documented in the
> > iptables manpage you have installed as part of the same build process has
> > great value I think.
> >
> > The icky part, shared with .userspace, is that once you have applied
> > pathes from your iptables source you will need to clean it up before
> > patching another kernel source tree..
> >
> > Regards
> > Henrik
Index: patch-o-matic/NEWPATCHES
===================================================================
RCS file: /cvsroot/netfilter/userspace/patch-o-matic/NEWPATCHES,v
retrieving revision 1.6
diff -u -r1.6 NEWPATCHES
--- patch-o-matic/NEWPATCHES 12 Nov 2001 08:19:28 -0000 1.6
+++ patch-o-matic/NEWPATCHES 27 May 2002 13:41:00 -0000
@@ -23,10 +23,10 @@
once again, eliminate this from your patch file, and create a file
called `foo.patch.configure.help' like so:
- EXACT CONFIG OPTION TO FOLLOW
+ EXACT EXISTING CONFIG OPTION
<text to paste in>
- Your text will be placed after the config option you indicated
+ Your text will be placed before the config option you indicated
(with a blank line before and after). You can have more than one
of these files, to make multiple entries in different places, by
calling successive ones foo.patch.configure.help*.
@@ -54,6 +54,23 @@
in different places, by calling successive ones
foo.patch.ip{6}_conntrack.h*.
+6) If you have patches to existing iptables userspace files, put these in
+ foo.patch.userspace
+
+7) You should also document the userspace components of your patch in the
+ iptables(8) man page. Write the needed manpage section, and create a file
+ called `foo.patch.man' like so:
+
+ EXACT EXISTING SECTION HEADER
+ <text to paste in>
+
+ Your text will be placed before the section header you indicated
+ (with a blank line before and after). You can have more than one
+ of these files, to make multiple entries in different places, by
+ calling successive ones foo.patch.man*.
+
+
+
Finally, if you want to have a libipt_foo built, add it to the
Makefile. If you only want it built when the patch is applied, add a
test for your extension in the iptables userspace distribution, called
Index: patch-o-matic/runme
===================================================================
RCS file: /cvsroot/netfilter/userspace/patch-o-matic/runme,v
retrieving revision 1.25
diff -u -r1.25 runme
--- patch-o-matic/runme 10 Apr 2002 13:06:28 -0000 1.25
+++ patch-o-matic/runme 27 May 2002 13:41:01 -0000
@@ -119,6 +119,70 @@
return 0
}
+# Args: "patch" file, directory, file to patch
+apply_change_before()
+{
+ PRIOR="`head -1 $1`"
+ LINE=`fgrep -x -n "$PRIOR" $2/$3 | cut -d: -f1 | head -1`
+ if [ -z "$LINE" ]
+ then
+ echo Could not find place to slot in $3 line >&2
+ return 1
+ fi
+ rm -f $2/${3}.tmp
+
+ if [ $MODE ]; then
+ # Reverse "patch"
+
+ # Need to search for previously inserted lines
+ # Might not be immediately under $LINE
+ BEGIN=2
+ TESTLINE=$BEGIN
+ NUMLINES1=`sed -n \$= $1`
+ NUMLINES2=`sed -n \$= $2/$3`
+
+ while [ $TESTLINE -le $NUMLINES1 ]; do
+ NOMATCH=`awk "NR==$LINE + $TESTLINE - 1" $2/$3|\
+ fgrep -vcx "\`sed -n -e ${TESTLINE}p $1\`"`;
+ if [ $NOMATCH -ne 0 ]; then
+ LINE=`expr $LINE + $TESTLINE - 1`
+ TESTLINE=$BEGIN
+ continue
+ fi;
+
+ TESTLINE=`expr $TESTLINE + 1`;
+
+ done;
+
+ if [ $LINE -lt $NUMLINES2 ] && \
+ (awk "NR==1,NR==$LINE" $2/$3 && awk "NR==$LINE + $NUMLINES1,NR=0" $2/$3) > $2/${3}.tmp
+ then
+ mv $2/${3}.tmp $2/$3
+ echo " $3 updated"
+ return 0
+ else
+ echo Could not update $3 >&2
+ rm -f $2/${3}.tmp
+ return 1
+ fi
+ fi
+ # Apply "patch"
+ # Use awk to properly add newline if last line of code has only spaces
+ # Necessary to properly remove inserted code if patch is reversed
+ if (awk "NR==1,NR==$LINE-1" $2/$3 && awk "NR==2,NR==0" $1 && \
+ awk "NR==$LINE,NR==0" $2/$3) > $2/${3}.tmp
+ then
+ mv $2/${3}.tmp $2/$3
+ else
+ echo Could not slot in $3 line >&2
+ rm -f $2/${3}.tmp
+ return 1
+ fi
+ echo " Placed new $3 line"
+ return 0
+}
+
+
# Args: configure.help file, Documentation dir.
apply_config_help_change()
{
@@ -277,58 +341,57 @@
return $ret
}
+apply_man_changes()
+{
+ ret=0
+
+ for x in `expand_no_backups "$1.man*"`
+ do
+ apply_change_before $x $2 iptables.8 || ret=1
+ done
+
+ return $ret
+}
+
# I'm paranoid. Test patch first.
# Args: patch filename, protocol.
test_patch()
{
+ UTMPDIR=""
KTMPDIR=`tmpdirname`
- if [ -e $1.userspace ];
- then
- UTMPDIR=`tmpdirname`
- fi
# I'm really paranoid. What if there's no /dev/urandom?
if [ -z "$KTMPDIR" ]; then
echo Failed to generate kernel tmpdirname: perhaps your /dev/urandom is broken >&2
exit 1
fi
- if [ -e $1.userspace ];
+ if [ -e $1.userspace ] || [ -n "`expand_no_backups "$1.man*"`" ];
then
+ UTMPDIR=`tmpdirname`
if [ -z "$UTMPDIR" ]; then
echo Failed to generate userspace tmpdirname: perhaps your /dev/urandom is broken >&2
exit 1
fi
fi
KTMPDIR=$KERNEL_DIR/../$KTMPDIR
- if [ -e $1.userspace ];
+ if [ -n "$UTMPDIR" ];
then
UTMPDIR=$NETFILTERDIR/../$UTMPDIR
fi
# On exit, clean up
- if [ -e $1.userspace ];
- then
- trap "rm -rf $KTMPDIR $UTMPDIR" 0
- else
- trap "rm -rf $KTMPDIR" 0
- fi
+ trap "rm -rf $KTMPDIR $UTMPDIR" 0
if cp -al $KERNEL_DIR/. $KTMPDIR
then :
else
echo Failed to make copy of $KERNEL_DIR >&2
- rm -rf $KTMPDIR
- if [ -e $1.userspace ];
- then
- rm -rf $UTMPDIR
- fi
exit 1
fi
- if [ -e $1.userspace ];
+ if [ -n "$UTMPDIR" ];
then
if cp -al $NETFILTERDIR/. $UTMPDIR
then :
else
echo Failed to make copy of $NETFILTERDIR >&2
- rm -rf $KTMPDIR $UTMPDIR
exit 1
fi
fi
@@ -338,14 +401,11 @@
if apply_config_in_changes $1 $KTMPDIR/net/$2/netfilter &&
apply_config_help_changes $1 $KTMPDIR/Documentation &&
apply_makefile_changes $1 $KTMPDIR/net/$2/netfilter &&
- apply_conntrack_h_changes $1 $KTMPDIR/include/linux/netfilter_$2
+ apply_conntrack_h_changes $1 $KTMPDIR/include/linux/netfilter_$2 &&
+ apply_man_changes $1 $UTMPDIR
then :
else
- rm -rf $KTMPDIR
- if [ -e $1.userspace ];
- then
- rm -rf $UTMPDIR
- fi
+ rm -rf $KTMPDIR $UTMPDIR
return 1
fi
@@ -358,11 +418,7 @@
then :
else
echo Failed to patch copy of $KERNEL_DIR >&2
- rm -rf $KTMPDIR
- if [ -e $1.userspace ];
- then
- rm -rf $UTMPDIR
- fi
+ rm -rf $KTMPDIR $UTMPDIR
return 1
fi
if [ -e $1.userspace ];
@@ -464,6 +520,7 @@
apply_config_help_changes $1 $KERNEL_DIR/Documentation/
apply_makefile_changes $1 $KERNEL_DIR/net/$2/netfilter/
apply_conntrack_h_changes $1 $KERNEL_DIR/include/linux/netfilter_$2
+ apply_man_changes $1 $NETFILTERDIR
}
# Reverse order of arguments.
