Hello community,

here is the log from the commit of package xtables-addons for openSUSE:Factory 
checked in at 2018-02-13 10:31:32
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/xtables-addons (Old)
 and      /work/SRC/openSUSE:Factory/.xtables-addons.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "xtables-addons"

Tue Feb 13 10:31:32 2018 rev:56 rq:575806 version:3.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/xtables-addons/xtables-addons.changes    
2018-02-06 16:49:39.750641160 +0100
+++ /work/SRC/openSUSE:Factory/.xtables-addons.new/xtables-addons.changes       
2018-02-13 10:31:33.764425313 +0100
@@ -1,0 +2,8 @@
+Mon Feb 12 14:18:55 UTC 2018 - jeng...@inai.de
+
+- Update to new upstream release 3.0
+  * Support for Linux 4.16
+  * Dropped support for Linux kernels older than 4.15
+- Remove init_timer.patch
+
+-------------------------------------------------------------------

Old:
----
  init_timer.patch
  xtables-addons-2.14.tar.asc
  xtables-addons-2.14.tar.xz

New:
----
  xtables-addons-3.0.tar.asc
  xtables-addons-3.0.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ xtables-addons.spec ++++++
--- /var/tmp/diff_new_pack.iEIJzZ/_old  2018-02-13 10:31:34.432401244 +0100
+++ /var/tmp/diff_new_pack.iEIJzZ/_new  2018-02-13 10:31:34.436401100 +0100
@@ -17,7 +17,7 @@
 
 
 Name:           xtables-addons
-Version:        2.14
+Version:        3.0
 Release:        0
 Summary:        IP Packet Filter Administration Extensions
 License:        GPL-2.0 and GPL-2.0+
@@ -30,14 +30,12 @@
 Source2:        http://downloads.sf.net/%name/%name-%version.tar.asc
 Source3:        %name-preamble
 Source4:        %name.keyring
-Patch:          init_timer.patch
-
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  %kernel_module_package_buildreqs
-BuildRequires:  kernel-syms >= 3.7
+BuildRequires:  kernel-syms >= 4.15
 BuildRequires:  pkg-config >= 0.21
 BuildRequires:  xz
-BuildRequires:  pkgconfig(xtables) >= 1.4.5
+BuildRequires:  pkgconfig(xtables) >= 1.6.0
 Recommends:     %name-kmp
 Recommends:     xtables-geoip
 
@@ -67,7 +65,6 @@
 
 %prep
 %setup -q
-%patch -p1
 
 %build
 pushd ../

++++++ xtables-addons-2.14.tar.xz -> xtables-addons-3.0.tar.xz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/INSTALL 
new/xtables-addons-3.0/INSTALL
--- old/xtables-addons-2.14/INSTALL     2017-11-22 18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/INSTALL      2018-02-12 15:17:10.000000000 +0100
@@ -12,16 +12,17 @@
 Supported configurations for this release
 =========================================
 
-       * iptables >= 1.4.5
+       * iptables >= 1.6.0
 
-       * kernel-devel >= 3.7
+       * kernel-devel >= 4.15
          with prepared build/output directory
          - CONFIG_NF_CONNTRACK
          - CONFIG_NF_CONNTRACK_MARK enabled =y or as module (=m)
          - CONFIG_CONNECTOR y/m if you wish to receive userspace
            notifications from pknock through netlink/connector
 
-(Use xtables-addons-1.x if you need support for Linux < 3.7.)
+(Use xtables-addons-1.x if you need support for Linux < 3.7.
+Use xtables-addons-2.x if you need support for Linux < 4.15.)
 
 
 Selecting extensions
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/configure 
new/xtables-addons-3.0/configure
--- old/xtables-addons-2.14/configure   2017-11-22 18:30:05.394677252 +0100
+++ new/xtables-addons-3.0/configure    2018-02-12 15:17:19.084319822 +0100
@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for xtables-addons 2.14.
+# Generated by GNU Autoconf 2.69 for xtables-addons 3.0.
 #
 #
 # Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc.
@@ -587,8 +587,8 @@
 # Identity of this package.
 PACKAGE_NAME='xtables-addons'
 PACKAGE_TARNAME='xtables-addons'
-PACKAGE_VERSION='2.14'
-PACKAGE_STRING='xtables-addons 2.14'
+PACKAGE_VERSION='3.0'
+PACKAGE_STRING='xtables-addons 3.0'
 PACKAGE_BUGREPORT=''
 PACKAGE_URL=''
 
@@ -1325,7 +1325,7 @@
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures xtables-addons 2.14 to adapt to many kinds of systems.
+\`configure' configures xtables-addons 3.0 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1395,7 +1395,7 @@
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of xtables-addons 2.14:";;
+     short | recursive ) echo "Configuration of xtables-addons 3.0:";;
    esac
   cat <<\_ACEOF
 
@@ -1519,7 +1519,7 @@
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-xtables-addons configure 2.14
+xtables-addons configure 3.0
 generated by GNU Autoconf 2.69
 
 Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1884,7 +1884,7 @@
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by xtables-addons $as_me 2.14, which was
+It was created by xtables-addons $as_me 3.0, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   $ $0 $@
@@ -2750,7 +2750,7 @@
 
 # Define the identity of the package.
  PACKAGE='xtables-addons'
- VERSION='2.14'
+ VERSION='3.0'
 
 
 cat >>confdefs.h <<_ACEOF
@@ -12439,12 +12439,10 @@
                echo "WARNING: Version detection did not succeed. Continue at 
own luck.";
        else
                echo "$kmajor.$kminor.$kmicro.$kstable in $kbuilddir";
-               if test "$kmajor" -gt 4 -o "$kmajor" -eq 4 -a "$kminor" -gt 12; 
then
+               if test "$kmajor" -gt 4 -o "$kmajor" -eq 4 -a "$kminor" -gt 16; 
then
                        echo "WARNING: That kernel version is not officially 
supported yet. Continue at own luck.";
-               elif test "$kmajor" -eq 4 -a "$kminor" -le 10; then
-                       :;
-               elif test "$kmajor" -eq 3 -a "$kminor" -ge 7; then
-                       :;
+               elif test "$kmajor" -eq 4 -a "$kminor" -ge 15; then
+                       :
                else
                        echo "WARNING: That kernel version is not officially 
supported.";
                fi;
@@ -12987,7 +12985,7 @@
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by xtables-addons $as_me 2.14, which was
+This file was extended by xtables-addons $as_me 3.0, which was
 generated by GNU Autoconf 2.69.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -13053,7 +13051,7 @@
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; 
s/[\\""\`\$]/\\\\&/g'`"
 ac_cs_version="\\
-xtables-addons config.status 2.14
+xtables-addons config.status 3.0
 configured by $0, generated by GNU Autoconf 2.69,
   with options \\"\$ac_cs_config\\"
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/configure.ac 
new/xtables-addons-3.0/configure.ac
--- old/xtables-addons-2.14/configure.ac        2017-11-22 18:29:25.000000000 
+0100
+++ new/xtables-addons-3.0/configure.ac 2018-02-12 15:17:10.000000000 +0100
@@ -1,4 +1,4 @@
-AC_INIT([xtables-addons], [2.14])
+AC_INIT([xtables-addons], [3.0])
 AC_CONFIG_AUX_DIR([build-aux])
 AC_CONFIG_HEADERS([config.h])
 AC_CONFIG_MACRO_DIR([m4])
@@ -57,12 +57,10 @@
                echo "WARNING: Version detection did not succeed. Continue at 
own luck.";
        else
                echo "$kmajor.$kminor.$kmicro.$kstable in $kbuilddir";
-               if test "$kmajor" -gt 4 -o "$kmajor" -eq 4 -a "$kminor" -gt 12; 
then
+               if test "$kmajor" -gt 4 -o "$kmajor" -eq 4 -a "$kminor" -gt 16; 
then
                        echo "WARNING: That kernel version is not officially 
supported yet. Continue at own luck.";
-               elif test "$kmajor" -eq 4 -a "$kminor" -le 10; then
-                       :;
-               elif test "$kmajor" -eq 3 -a "$kminor" -ge 7; then
-                       :;
+               elif test "$kmajor" -eq 4 -a "$kminor" -ge 15; then
+                       :
                else
                        echo "WARNING: That kernel version is not officially 
supported.";
                fi;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/doc/changelog.txt 
new/xtables-addons-3.0/doc/changelog.txt
--- old/xtables-addons-2.14/doc/changelog.txt   2017-11-22 18:29:25.000000000 
+0100
+++ new/xtables-addons-3.0/doc/changelog.txt    2018-02-12 15:17:10.000000000 
+0100
@@ -1,6 +1,10 @@
 
 HEAD
 ====
+Enhancements:
+- support for Linux 4.15, 4.16
+Changes:
+- remove support for Linux 3.7--4.14
 
 
 v2.14 (2017-11-22)
@@ -127,5 +131,5 @@
 Enhancements:
 - Support for Linux 3.7
 
-If you want to use Xtables-addons with kernels older than 3.7,
-use the addons 1.x series (maintained but without new features).
+If you want to use Xtables-addons with kernels older than 4.15,
+use the addons 2.x series.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/ACCOUNT/xt_ACCOUNT.c 
new/xtables-addons-3.0/extensions/ACCOUNT/xt_ACCOUNT.c
--- old/xtables-addons-2.14/extensions/ACCOUNT/xt_ACCOUNT.c     2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/ACCOUNT/xt_ACCOUNT.c      2018-02-12 
15:17:10.000000000 +0100
@@ -482,16 +482,7 @@
 static unsigned int
 ipt_acc_target(struct sk_buff *skb, const struct xt_action_param *par)
 {
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        struct ipt_acc_net *ian = net_generic(par->state->net, ipt_acc_net_id);
-#else
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,4,0)
-       struct ipt_acc_net *ian = net_generic(par->net, ipt_acc_net_id);
-#else
-       struct net *net = dev_net(par->in ? par->in : par->out);
-       struct ipt_acc_net *ian = net_generic(net, ipt_acc_net_id);
-#endif
-#endif
        struct ipt_acc_table *ipt_acc_tables = ian->ipt_acc_tables;
        const struct ipt_acc_info *info =
                par->targinfo;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/compat_xtables.h 
new/xtables-addons-3.0/extensions/compat_xtables.h
--- old/xtables-addons-2.14/extensions/compat_xtables.h 2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/compat_xtables.h  2018-02-12 
15:17:10.000000000 +0100
@@ -8,12 +8,8 @@
 
 #define DEBUGP Use__pr_debug__instead
 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 7, 0)
-#      warning Kernels below 3.7 not supported.
-#endif
-
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 8, 0)
-#      define prandom_u32() random32()
+#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 15, 0)
+#      warning Kernels below 4.15 not supported.
 #endif
 
 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
@@ -46,51 +42,13 @@
 #      define NIPQUAD_FMT "%hhu.%hhu.%hhu.%hhu"
 #endif
 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 9, 0)
-static inline struct inode *file_inode(struct file *f)
-{
-       return f->f_path.dentry->d_inode;
-}
-#endif
-
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 10, 0)
-static inline void proc_set_user(struct proc_dir_entry *de,
-    typeof(de->uid) uid, typeof(de->gid) gid)
-{
-       de->uid = uid;
-       de->gid = gid;
-}
-
-static inline void *PDE_DATA(struct inode *inode)
-{
-       return PDE(inode)->data;
-}
-
-static inline void proc_remove(struct proc_dir_entry *de)
-{
-       if (de != NULL)
-               remove_proc_entry(de->name, de->parent);
-}
-#endif
-
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 4, 0)
-#      define ip6_local_out(xnet, xsk, xskb) ip6_local_out(xskb)
-#      define ip6_route_me_harder(xnet, xskb) ip6_route_me_harder(xskb)
-#      define ip_local_out(xnet, xsk, xskb) ip_local_out(xskb)
-#      define ip_route_me_harder(xnet, xskb, xaddrtype) 
ip_route_me_harder((xskb), (xaddrtype))
-#endif
-
 static inline struct net *par_net(const struct xt_action_param *par)
 {
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 10, 0)
        return par->state->net;
-#else
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
-       return par->net;
-#else
-       return dev_net((par->in != NULL) ? par->in : par->out);
-#endif
-#endif
 }
 
+#ifndef NF_CT_ASSERT
+#      define NF_CT_ASSERT(x)  WARN_ON(!(x))
+#endif
+
 #endif /* _XTABLES_COMPAT_H */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/pknock/xt_pknock.c 
new/xtables-addons-3.0/extensions/pknock/xt_pknock.c
--- old/xtables-addons-2.14/extensions/pknock/xt_pknock.c       2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/pknock/xt_pknock.c        2018-02-12 
15:17:10.000000000 +0100
@@ -357,11 +357,10 @@
  *
  * @r: rule
  */
-static void
-peer_gc(unsigned long r)
+static void peer_gc(struct timer_list *tl)
 {
        unsigned int i;
-       struct xt_pknock_rule *rule = (struct xt_pknock_rule *)r;
+       struct xt_pknock_rule *rule = from_timer(rule, tl, timer);
        struct peer *peer;
        struct list_head *pos, *n;
 
@@ -468,11 +467,7 @@
        rule->peer_head      = alloc_hashtable(peer_hashsize);
        if (rule->peer_head == NULL)
                goto out;
-
-       init_timer(&rule->timer);
-       rule->timer.function    = peer_gc;
-       rule->timer.data        = (unsigned long)rule;
-
+       timer_setup(&rule->timer, peer_gc, 0);
        rule->status_proc = proc_create_data(info->rule_name, 0, pde,
                            &pknock_proc_ops, rule);
        if (rule->status_proc == NULL)
@@ -699,13 +694,7 @@
        scnprintf(msg.rule_name, info->rule_name_len + 1, info->rule_name);
 
        memcpy(m + 1, &msg, m->len);
-
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(3, 15, 0)
        cn_netlink_send(m, 0, multicast_group, GFP_ATOMIC);
-#else
-       cn_netlink_send(m, multicast_group, GFP_ATOMIC);
-#endif
-
        kfree(m);
 #endif
        return true;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_CHAOS.c 
new/xtables-addons-3.0/extensions/xt_CHAOS.c
--- old/xtables-addons-2.14/extensions/xt_CHAOS.c       2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_CHAOS.c        2018-02-12 
15:17:10.000000000 +0100
@@ -58,12 +58,7 @@
 
        {
                struct xt_action_param local_par;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
                local_par.state    = par->state;
-#else
-               local_par.in        = par->in,
-               local_par.out       = par->out,
-#endif
                local_par.match     = xm_tcp;
                local_par.matchinfo = &tcp_params;
                local_par.fragoff   = fragoff;
@@ -78,14 +73,7 @@
        destiny = (info->variant == XTCHAOS_TARPIT) ? xt_tarpit : xt_delude;
        {
                struct xt_action_param local_par;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
                local_par.state    = par->state;
-#else
-               local_par.in       = par->in;
-               local_par.out      = par->out;
-               local_par.hooknum  = par->hooknum;
-               local_par.family   = par->family;
-#endif
                local_par.target   = destiny;
                local_par.targinfo = par->targinfo;
                destiny->target(skb, &local_par);
@@ -108,27 +96,15 @@
 
        if ((unsigned int)prandom_u32() <= reject_percentage) {
                struct xt_action_param local_par;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
                local_par.state    = par->state;
-#else
-               local_par.in       = par->in;
-               local_par.out      = par->out;
-               local_par.hooknum  = par->hooknum;
-#endif
                local_par.target   = xt_reject;
                local_par.targinfo = &reject_params;
                return xt_reject->target(skb, &local_par);
        }
 
        /* TARPIT/DELUDE may not be called from the OUTPUT chain */
-       if (iph->protocol == IPPROTO_TCP &&
-           info->variant != XTCHAOS_NORMAL &&
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
-           par->state->hook
-#else
-           par->hooknum
-#endif
-           != NF_INET_LOCAL_OUT)
+       if (iph->protocol == IPPROTO_TCP && info->variant != XTCHAOS_NORMAL &&
+           par->state->hook != NF_INET_LOCAL_OUT)
                xt_chaos_total(skb, par);
 
        return NF_DROP;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_DELUDE.c 
new/xtables-addons-3.0/extensions/xt_DELUDE.c
--- old/xtables-addons-2.14/extensions/xt_DELUDE.c      2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_DELUDE.c       2018-02-12 
15:17:10.000000000 +0100
@@ -107,14 +107,9 @@
 
        addr_type = RTN_UNSPEC;
 #ifdef CONFIG_BRIDGE_NETFILTER
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
        if (hook != NF_INET_FORWARD || (nskb->nf_bridge != NULL &&
            nskb->nf_bridge->physoutdev))
 #else
-       if (hook != NF_INET_FORWARD || (nskb->nf_bridge != NULL &&
-           nskb->nf_bridge->mask & BRNF_BRIDGED))
-#endif
-#else
        if (hook != NF_INET_FORWARD)
 #endif
                addr_type = RTN_LOCAL;
@@ -151,13 +146,7 @@
         * a problem, as that is supported since Linux 2.6.35. But since we do 
not
         * actually want to have a connection open, we are still going to drop 
it.
         */
-       delude_send_reset(par_net(par), skb,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
-                         par->state->hook
-#else
-                         par->hooknum
-#endif
-                         );
+       delude_send_reset(par_net(par), skb, par->state->hook);
        return NF_DROP;
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_DNETMAP.c 
new/xtables-addons-3.0/extensions/xt_DNETMAP.c
--- old/xtables-addons-2.14/extensions/xt_DNETMAP.c     2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_DNETMAP.c      2018-02-12 
15:17:10.000000000 +0100
@@ -356,11 +356,7 @@
 static unsigned int
 dnetmap_tg(struct sk_buff *skb, const struct xt_action_param *par)
 {
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        struct net *net = dev_net(par->state->in ? par->state->in : 
par->state->out);
-#else
-       struct net *net = dev_net(par->in ? par->in : par->out);
-#endif
        struct dnetmap_net *dnetmap_net = dnetmap_pernet(net);
        struct nf_conn *ct;
        enum ip_conntrack_info ctinfo;
@@ -371,11 +367,7 @@
        struct dnetmap_entry *e;
        struct dnetmap_prefix *p;
        __s32 jttl;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        unsigned int hooknum = par->state->hook;
-#else
-       unsigned int hooknum = par->hooknum;
-#endif
        ct = nf_ct_get(skb, &ctinfo);
 
        jttl = tginfo->flags & XT_DNETMAP_TTL ? tginfo->ttl * HZ : jtimeout;
@@ -500,12 +492,7 @@
        newrange.max_addr.ip = postnat_ip;
        newrange.min_proto = mr->min_proto;
        newrange.max_proto = mr->max_proto;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->state->hook));
-#else
-       return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
-#endif
-
 no_rev_map:
 no_free_ip:
        spin_unlock_bh(&dnetmap_lock);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_ECHO.c 
new/xtables-addons-3.0/extensions/xt_ECHO.c
--- old/xtables-addons-2.14/extensions/xt_ECHO.c        2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_ECHO.c 2018-02-12 15:17:10.000000000 
+0100
@@ -35,11 +35,7 @@
        void *payload;
        struct flowi6 fl;
        struct dst_entry *dst = NULL;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        struct net *net = dev_net((par->state->in != NULL) ? par->state->in : 
par->state->out);
-#else
-       struct net *net = dev_net((par->in != NULL) ? par->in : par->out);
-#endif
 
        /* This allows us to do the copy operation in fewer lines of code. */
        if (skb_linearize(oldskb) < 0)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_LOGMARK.c 
new/xtables-addons-3.0/extensions/xt_LOGMARK.c
--- old/xtables-addons-2.14/extensions/xt_LOGMARK.c     2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_LOGMARK.c      2018-02-12 
15:17:10.000000000 +0100
@@ -64,12 +64,7 @@
                printk("%s""CONFIRMED", prev ? "," : "");
                prev = true;
        }
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,9,0)
        printk(" lifetime=%lus", nf_ct_expires(ct) / HZ);
-#else
-       printk(" lifetime=%lus",
-              (jiffies - ct->timeout.expires) / HZ);
-#endif
 }
 
 static unsigned int
@@ -82,21 +77,13 @@
        printk("<%u>%.*s""iif=%d hook=%s nfmark=0x%x "
               "secmark=0x%x classify=0x%x",
               info->level, (unsigned int)sizeof(info->prefix), info->prefix,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
               skb_ifindex(skb), hook_names[par->state->hook],
-#else
-              skb_ifindex(skb), hook_names[par->hooknum],
-#endif
               skb_nfmark(skb), skb_secmark(skb), skb->priority);
 
        ct = nf_ct_get(skb, &ctinfo);
        printk(" ctdir=%s", dir_names[ctinfo >= IP_CT_IS_REPLY]);
        if (ct == NULL)
                printk(" ct=NULL ctmark=NULL ctstate=INVALID ctstatus=NONE");
-#if LINUX_VERSION_CODE < KERNEL_VERSION(4, 12, 0)
-       else if (nf_ct_is_untracked(ct))
-               printk(" ct=UNTRACKED ctmark=NULL ctstate=UNTRACKED 
ctstatus=NONE");
-#endif
        else
                logmark_ct(ct, ctinfo);
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_TARPIT.c 
new/xtables-addons-3.0/extensions/xt_TARPIT.c
--- old/xtables-addons-2.14/extensions/xt_TARPIT.c      2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_TARPIT.c       2018-02-12 
15:17:10.000000000 +0100
@@ -249,14 +249,9 @@
                niph->id = ~oldhdr->id + 1;
 
 #ifdef CONFIG_BRIDGE_NETFILTER
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
        if (hook != NF_INET_FORWARD || (nskb->nf_bridge != NULL &&
            nskb->nf_bridge->physoutdev != NULL))
 #else
-       if (hook != NF_INET_FORWARD || (nskb->nf_bridge != NULL &&
-           nskb->nf_bridge->mask & BRNF_BRIDGED))
-#endif
-#else
        if (hook != NF_INET_FORWARD)
 #endif
                addr_type = RTN_LOCAL;
@@ -283,17 +278,8 @@
                goto free_nskb;
 
        nf_ct_attach(nskb, oldskb);
-
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
        NF_HOOK(NFPROTO_IPV4, NF_INET_LOCAL_OUT, net, nskb->sk, nskb, NULL,
                skb_dst(nskb)->dev, dst_output);
-#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
-       NF_HOOK(NFPROTO_IPV4, NF_INET_LOCAL_OUT, nskb->sk, nskb, NULL,
-               skb_dst(nskb)->dev, dst_output_sk);
-#else
-       NF_HOOK(NFPROTO_IPV4, NF_INET_LOCAL_OUT, nskb, NULL,
-               skb_dst(nskb)->dev, dst_output);
-#endif
        return;
 
  free_nskb:
@@ -406,17 +392,8 @@
        nskb->ip_summed = CHECKSUM_NONE;
 
        nf_ct_attach(nskb, oldskb);
-
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4, 4, 0)
        NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, net, nskb->sk, nskb, NULL,
                skb_dst(nskb)->dev, dst_output);
-#elif LINUX_VERSION_CODE >= KERNEL_VERSION(4, 1, 0)
-       NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, nskb->sk, nskb, NULL,
-               skb_dst(nskb)->dev, dst_output_sk);
-#else
-       NF_HOOK(NFPROTO_IPV6, NF_INET_LOCAL_OUT, nskb, NULL,
-               skb_dst(nskb)->dev, dst_output);
-#endif
        return;
 
  free_nskb:
@@ -454,12 +431,7 @@
        /* We are not interested in fragments */
        if (iph->frag_off & htons(IP_OFFSET))
                return NF_DROP;
-
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        tarpit_tcp4(par_net(par), skb, par->state->hook, info->variant);
-#else
-       tarpit_tcp4(par_net(par), skb, par->hooknum, info->variant);
-#endif
        return NF_DROP;
 }
 
@@ -500,12 +472,7 @@
                pr_debug("addr is not unicast.\n");
                return NF_DROP;
        }
-
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
        tarpit_tcp6(par_net(par), skb, par->state->hook, info->variant);
-#else
-       tarpit_tcp6(par_net(par), skb, par->hooknum, info->variant);
-#endif
        return NF_DROP;
 }
 #endif
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_iface.c 
new/xtables-addons-3.0/extensions/xt_iface.c
--- old/xtables-addons-2.14/extensions/xt_iface.c       2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_iface.c        2018-02-12 
15:17:10.000000000 +0100
@@ -45,17 +45,9 @@
     const struct xt_action_param *par, struct net_device **put)
 {
        if (info->flags & XT_IFACE_DEV_IN)
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
                return par->state->in;
-#else
-               return par->in;
-#endif
        else if (info->flags & XT_IFACE_DEV_OUT)
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
                return par->state->out;
-#else
-               return par->out;
-#endif
        return *put = dev_get_by_name(&init_net, info->ifname);
 }
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/extensions/xt_lscan.c 
new/xtables-addons-3.0/extensions/xt_lscan.c
--- old/xtables-addons-2.14/extensions/xt_lscan.c       2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/extensions/xt_lscan.c        2018-02-12 
15:17:10.000000000 +0100
@@ -204,11 +204,7 @@
                unsigned int n;
 
                n = lscan_mt_full(ctdata->mark & connmark_mask, ctstate,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(4,10,0)
                    par->state->in == init_net.loopback_dev, tcph,
-#else
-                   par->in == init_net.loopback_dev, tcph,
-#endif
                    skb->len - par->thoff - 4 * tcph->doff);
 
                ctdata->mark = (ctdata->mark & ~connmark_mask) | n;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/geoip/xt_geoip_build 
new/xtables-addons-3.0/geoip/xt_geoip_build
--- old/xtables-addons-2.14/geoip/xt_geoip_build        2017-11-22 
18:29:25.000000000 +0100
+++ new/xtables-addons-3.0/geoip/xt_geoip_build 2018-02-12 15:17:10.000000000 
+0100
@@ -8,23 +8,45 @@
 use Text::CSV_XS; # or trade for Text::CSV
 use strict;
 
+my $le32 = pack("V", 0x10000000);
+my $be32 = pack("N", 0x10000000);
+my $u32 = undef;
+
+sub wantBE { return !$u32 || $u32 eq $be32; }
+sub wantLE { return !$u32 || $u32 eq $le32; }
+
 my $csv = Text::CSV_XS->new({
        allow_whitespace => 1,
        binary => 1,
        eol => $/,
 }); # or Text::CSV
 my $target_dir = ".";
+my $native_only = 0;
 
 &Getopt::Long::Configure(qw(bundling));
 &GetOptions(
        "D=s" => \$target_dir,
+       "n"   => \$native_only,
 );
 
 if (!-d $target_dir) {
        print STDERR "Target directory $target_dir does not exist.\n";
        exit 1;
 }
-foreach (qw(LE BE)) {
+my @dbs = qw(LE BE);
+if ($native_only) {
+       $u32 = pack("L", 0x10000000);
+       if ($u32 eq $le32) {
+               @dbs = qw(LE);
+       } elsif ($u32 eq $be32) {
+               @dbs = qw(BE);
+       } else {
+               print STDERRR "Cannot determine endianness.\n";
+               exit 1;
+       }
+}
+
+foreach (@dbs) {
        my $dir = "$target_dir/$_";
        if (!-e $dir && !mkdir($dir)) {
                print STDERR "Could not mkdir $dir: $!\n";
@@ -80,43 +102,55 @@
                scalar(@{$country->{pool_v6}}),
                $iso_code, $country->{name};
 
-       $file = "$target_dir/LE/".uc($iso_code).".iv6";
-       if (!open($fh_le, "> $file")) {
-               print STDERR "Error opening $file: $!\n";
-               exit 1;
-       }
-       $file = "$target_dir/BE/".uc($iso_code).".iv6";
-       if (!open($fh_be, "> $file")) {
-               print STDERR "Error opening $file: $!\n";
-               exit 1;
+       if (wantLE) {
+               $file = "$target_dir/LE/".uc($iso_code).".iv6";
+               if (!open($fh_le, "> $file")) {
+                       print STDERR "Error opening $file: $!\n";
+                       exit 1;
+               }
+               foreach my $range (@{$country->{pool_v6}}) {
+                       print $fh_le &ip6_swap($range->[0]), 
&ip6_swap($range->[1]);
+               }
+               close $fh_le;
        }
-       foreach my $range (@{$country->{pool_v6}}) {
-               print $fh_be $range->[0], $range->[1];
-               print $fh_le &ip6_swap($range->[0]), &ip6_swap($range->[1]);
+       if (wantBE) {
+               $file = "$target_dir/BE/".uc($iso_code).".iv6";
+               if (!open($fh_be, "> $file")) {
+                       print STDERR "Error opening $file: $!\n";
+                       exit 1;
+               }
+               foreach my $range (@{$country->{pool_v6}}) {
+                       print $fh_be $range->[0], $range->[1];
+               }
+               close $fh_be;
        }
-       close $fh_le;
-       close $fh_be;
 
        printf "%5u IPv4 ranges for %s %s\n",
                scalar(@{$country->{pool_v4}}),
                $iso_code, $country->{name};
 
-       $file = "$target_dir/LE/".uc($iso_code).".iv4";
-       if (!open($fh_le, "> $file")) {
-               print STDERR "Error opening $file: $!\n";
-               exit 1;
-       }
-       $file = "$target_dir/BE/".uc($iso_code).".iv4";
-       if (!open($fh_be, "> $file")) {
-               print STDERR "Error opening $file: $!\n";
-               exit 1;
+       if (wantLE) {
+               $file = "$target_dir/LE/".uc($iso_code).".iv4";
+               if (!open($fh_le, "> $file")) {
+                       print STDERR "Error opening $file: $!\n";
+                       exit 1;
+               }
+               foreach my $range (@{$country->{pool_v4}}) {
+                       print $fh_le pack("VV", $range->[0], $range->[1]);
+               }
+               close $fh_le;
        }
-       foreach my $range (@{$country->{pool_v4}}) {
-               print $fh_le pack("VV", $range->[0], $range->[1]);
-               print $fh_be pack("NN", $range->[0], $range->[1]);
+       if (wantBE) {
+               $file = "$target_dir/BE/".uc($iso_code).".iv4";
+               if (!open($fh_be, "> $file")) {
+                       print STDERR "Error opening $file: $!\n";
+                       exit 1;
+               }
+               foreach my $range (@{$country->{pool_v4}}) {
+                       print $fh_be pack("NN", $range->[0], $range->[1]);
+               }
+               close $fh_be;
        }
-       close $fh_le;
-       close $fh_be;
 }
 
 sub ip6_pack
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/xtables-addons-2.14/xtables-addons.8.in 
new/xtables-addons-3.0/xtables-addons.8.in
--- old/xtables-addons-2.14/xtables-addons.8.in 2017-11-22 18:29:25.000000000 
+0100
+++ new/xtables-addons-3.0/xtables-addons.8.in  2018-02-12 15:17:10.000000000 
+0100
@@ -1,4 +1,4 @@
-.TH xtables-addons 8 "" "" "v2.14 (2017-11-22)"
+.TH xtables-addons 8 "Lilac" "" "v3.0 (2018-02-12)"
 .SH Name
 Xtables-addons \(em additional extensions for iptables, ip6tables, etc.
 .SH Targets


Reply via email to