Author: cieciwa Date: Tue Sep 13 14:56:14 2005 GMT
Module: SOURCES Tag: LINUX_2_6
---- Log message:
- added "extra".
---- Files affected:
SOURCES:
linux-2.6-pom-ng-base.patch (1.1.2.1 -> 1.1.2.2)
---- Diffs:
================================================================
Index: SOURCES/linux-2.6-pom-ng-base.patch
diff -u SOURCES/linux-2.6-pom-ng-base.patch:1.1.2.1
SOURCES/linux-2.6-pom-ng-base.patch:1.1.2.2
--- SOURCES/linux-2.6-pom-ng-base.patch:1.1.2.1 Tue Sep 13 15:10:02 2005
+++ SOURCES/linux-2.6-pom-ng-base.patch Tue Sep 13 16:56:08 2005
@@ -1,72 +1,542 @@
- include/linux/netfilter_ipv4/ip_set.h | 489 ++++++
- include/linux/netfilter_ipv4/ip_set_iphash.h | 30
- include/linux/netfilter_ipv4/ip_set_ipmap.h | 56
- include/linux/netfilter_ipv4/ip_set_iptree.h | 39
- include/linux/netfilter_ipv4/ip_set_jhash.h | 148 +
- include/linux/netfilter_ipv4/ip_set_macipmap.h | 38
- include/linux/netfilter_ipv4/ip_set_malloc.h | 34
- include/linux/netfilter_ipv4/ip_set_nethash.h | 55
- include/linux/netfilter_ipv4/ip_set_portmap.h | 25
- include/linux/netfilter_ipv4/ip_set_prime.h | 34
- include/linux/netfilter_ipv4/ipt_TTL.h | 21
- include/linux/netfilter_ipv4/ipt_connlimit.h | 12
- include/linux/netfilter_ipv4/ipt_expire.h | 32
- include/linux/netfilter_ipv4/ipt_fuzzy.h | 21
- include/linux/netfilter_ipv4/ipt_ipv4options.h | 21
- include/linux/netfilter_ipv4/ipt_nth.h | 19
- include/linux/netfilter_ipv4/ipt_osf.h | 151 +
- include/linux/netfilter_ipv4/ipt_psd.h | 40
- include/linux/netfilter_ipv4/ipt_quota.h | 12
- include/linux/netfilter_ipv4/ipt_random.h | 11
- include/linux/netfilter_ipv4/ipt_set.h | 21
- include/linux/netfilter_ipv4/ipt_time.h | 18
- include/linux/netfilter_ipv4/ipt_u32.h | 40
- include/linux/netfilter_ipv6/ip6t_HL.h | 22
- include/linux/netfilter_ipv6/ip6t_REJECT.h | 18
- include/linux/netfilter_ipv6/ip6t_expire.h | 32
- include/linux/netfilter_ipv6/ip6t_fuzzy.h | 21
- include/linux/netfilter_ipv6/ip6t_nth.h | 19
- include/linux/netfilter_ipv6/ip6t_owner.h | 2
- include/linux/netfilter_ipv6/ip6t_random.h | 11
- net/ipv4/netfilter/Kconfig | 270 +++
- net/ipv4/netfilter/Makefile | 36
- net/ipv4/netfilter/ip_set.c | 1989
+++++++++++++++++++++++++
- net/ipv4/netfilter/ip_set_iphash.c | 379 ++++
- net/ipv4/netfilter/ip_set_ipmap.c | 313 +++
- net/ipv4/netfilter/ip_set_iptree.c | 510 ++++++
- net/ipv4/netfilter/ip_set_macipmap.c | 338 ++++
- net/ipv4/netfilter/ip_set_nethash.c | 449 +++++
- net/ipv4/netfilter/ip_set_portmap.c | 325 ++++
- net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c | 89 +
- net/ipv4/netfilter/ipt_SET.c | 128 +
- net/ipv4/netfilter/ipt_TTL.c | 122 +
- net/ipv4/netfilter/ipt_connlimit.c | 228 ++
- net/ipv4/netfilter/ipt_expire.c | 563 +++++++
- net/ipv4/netfilter/ipt_fuzzy.c | 185 ++
- net/ipv4/netfilter/ipt_ipv4options.c | 172 ++
- net/ipv4/netfilter/ipt_nth.c | 166 ++
- net/ipv4/netfilter/ipt_osf.c | 854 ++++++++++
- net/ipv4/netfilter/ipt_psd.c | 358 ++++
- net/ipv4/netfilter/ipt_quota.c | 96 +
- net/ipv4/netfilter/ipt_random.c | 92 +
- net/ipv4/netfilter/ipt_set.c | 112 +
- net/ipv4/netfilter/ipt_time.c | 179 ++
- net/ipv4/netfilter/ipt_u32.c | 233 ++
- net/ipv6/ipv6_syms.c | 1
- net/ipv6/netfilter/Kconfig | 77
- net/ipv6/netfilter/Makefile | 8
- net/ipv6/netfilter/ip6t_HL.c | 111 +
- net/ipv6/netfilter/ip6t_REJECT.c | 304 +++
- net/ipv6/netfilter/ip6t_expire.c | 566 +++++++
- net/ipv6/netfilter/ip6t_fuzzy.c | 188 ++
- net/ipv6/netfilter/ip6t_nth.c | 173 ++
- net/ipv6/netfilter/ip6t_owner.c | 44
- net/ipv6/netfilter/ip6t_random.c | 97 +
- 64 files changed, 11245 insertions(+), 2 deletions(-)
+ include/linux/netfilter.h | 12
+ include/linux/netfilter_ipv4.h | 54
+ include/linux/netfilter_ipv4/ip_conntrack.h | 146 +
+ include/linux/netfilter_ipv4/ip_conntrack_core.h | 17
+ include/linux/netfilter_ipv4/ip_conntrack_h323.h | 38
+ include/linux/netfilter_ipv4/ip_conntrack_mms.h | 36
+ include/linux/netfilter_ipv4/ip_conntrack_quake3.h | 22
+ include/linux/netfilter_ipv4/ip_queue.h | 13
+ include/linux/netfilter_ipv4/ip_set.h | 489 +++++
+ include/linux/netfilter_ipv4/ip_set_iphash.h | 30
+ include/linux/netfilter_ipv4/ip_set_ipmap.h | 56
+ include/linux/netfilter_ipv4/ip_set_iptree.h | 39
+ include/linux/netfilter_ipv4/ip_set_jhash.h | 148 +
+ include/linux/netfilter_ipv4/ip_set_macipmap.h | 38
+ include/linux/netfilter_ipv4/ip_set_malloc.h | 34
+ include/linux/netfilter_ipv4/ip_set_nethash.h | 55
+ include/linux/netfilter_ipv4/ip_set_portmap.h | 25
+ include/linux/netfilter_ipv4/ip_set_prime.h | 34
+ include/linux/netfilter_ipv4/ip_tables.h | 3
+ include/linux/netfilter_ipv4/ipt_IPMARK.h | 13
+ include/linux/netfilter_ipv4/ipt_ROUTE.h | 23
+ include/linux/netfilter_ipv4/ipt_TTL.h | 21
+ include/linux/netfilter_ipv4/ipt_XOR.h | 9
+ include/linux/netfilter_ipv4/ipt_account.h | 26
+ include/linux/netfilter_ipv4/ipt_connlimit.h | 12
+ include/linux/netfilter_ipv4/ipt_expire.h | 32
+ include/linux/netfilter_ipv4/ipt_fuzzy.h | 21
+ include/linux/netfilter_ipv4/ipt_geoip.h | 50
+ include/linux/netfilter_ipv4/ipt_ipp2p.h | 29
+ include/linux/netfilter_ipv4/ipt_ipv4options.h | 21
+ include/linux/netfilter_ipv4/ipt_nth.h | 19
+ include/linux/netfilter_ipv4/ipt_osf.h | 151 +
+ include/linux/netfilter_ipv4/ipt_policy.h | 52
+ include/linux/netfilter_ipv4/ipt_psd.h | 40
+ include/linux/netfilter_ipv4/ipt_quota.h | 12
+ include/linux/netfilter_ipv4/ipt_random.h | 11
+ include/linux/netfilter_ipv4/ipt_set.h | 21
+ include/linux/netfilter_ipv4/ipt_string.h | 21
+ include/linux/netfilter_ipv4/ipt_time.h | 18
+ include/linux/netfilter_ipv4/ipt_u32.h | 40
+ include/linux/netfilter_ipv6/ip6t_HL.h | 22
+ include/linux/netfilter_ipv6/ip6t_REJECT.h | 18
+ include/linux/netfilter_ipv6/ip6t_ROUTE.h | 23
+ include/linux/netfilter_ipv6/ip6t_expire.h | 32
+ include/linux/netfilter_ipv6/ip6t_fuzzy.h | 21
+ include/linux/netfilter_ipv6/ip6t_nth.h | 19
+ include/linux/netfilter_ipv6/ip6t_owner.h | 2
+ include/linux/netfilter_ipv6/ip6t_policy.h | 52
+ include/linux/netfilter_ipv6/ip6t_random.h | 11
+ include/net/ip.h | 13
+ include/net/protocol.h | 1
+ include/net/xfrm.h | 3
+ net/core/netfilter.c | 39
+ net/ipv4/ah4.c | 1
+ net/ipv4/esp4.c | 1
+ net/ipv4/igmp.c | 4
+ net/ipv4/ip_forward.c | 2
+ net/ipv4/ip_input.c | 19
+ net/ipv4/ip_output.c | 27
+ net/ipv4/ipcomp.c | 1
+ net/ipv4/ipip.c | 5
+ net/ipv4/ipmr.c | 2
+ net/ipv4/netfilter/Kconfig | 486 +++++
+ net/ipv4/netfilter/Makefile | 57
+ net/ipv4/netfilter/asn1_per.c | 353 +++
+ net/ipv4/netfilter/asn1_per.h | 83
+ net/ipv4/netfilter/ip_conntrack_core.c | 122 +
+ net/ipv4/netfilter/ip_conntrack_ftp.c | 12
+ net/ipv4/netfilter/ip_conntrack_h323.c | 447 ++++
+ net/ipv4/netfilter/ip_conntrack_h323_core.c | 37
+ net/ipv4/netfilter/ip_conntrack_h323_h225.c | 405 ++++
+ net/ipv4/netfilter/ip_conntrack_h323_h245.c | 959 ++++++++++
+ net/ipv4/netfilter/ip_conntrack_mms.c | 352 +++
+ net/ipv4/netfilter/ip_conntrack_proto_icmp.c | 1
+ net/ipv4/netfilter/ip_conntrack_proto_sctp.c | 2
+ net/ipv4/netfilter/ip_conntrack_proto_tcp.c | 4
+ net/ipv4/netfilter/ip_conntrack_proto_udp.c | 3
+ net/ipv4/netfilter/ip_conntrack_quake3.c | 201 ++
+ net/ipv4/netfilter/ip_conntrack_standalone.c | 11
+ net/ipv4/netfilter/ip_nat_h323.c | 196 ++
+ net/ipv4/netfilter/ip_nat_mms.c | 195 ++
+ net/ipv4/netfilter/ip_nat_quake3.c | 97 +
+ net/ipv4/netfilter/ip_nat_standalone.c | 82
+ net/ipv4/netfilter/ip_queue.c | 35
+ net/ipv4/netfilter/ip_set.c | 1989
+++++++++++++++++++++
+ net/ipv4/netfilter/ip_set_iphash.c | 379 ++++
+ net/ipv4/netfilter/ip_set_ipmap.c | 313 +++
+ net/ipv4/netfilter/ip_set_iptree.c | 510 +++++
+ net/ipv4/netfilter/ip_set_macipmap.c | 338 +++
+ net/ipv4/netfilter/ip_set_nethash.c | 449 ++++
+ net/ipv4/netfilter/ip_set_portmap.c | 325 +++
+ net/ipv4/netfilter/ip_tables.c | 2
+ net/ipv4/netfilter/ipt_IPMARK.c | 81
+ net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c | 89
+ net/ipv4/netfilter/ipt_ROUTE.c | 464 ++++
+ net/ipv4/netfilter/ipt_SET.c | 128 +
+ net/ipv4/netfilter/ipt_TARPIT.c | 295 +++
+ net/ipv4/netfilter/ipt_TTL.c | 122 +
+ net/ipv4/netfilter/ipt_ULOG.c | 4
+ net/ipv4/netfilter/ipt_XOR.c | 117 +
+ net/ipv4/netfilter/ipt_account.c | 937 +++++++++
+ net/ipv4/netfilter/ipt_connlimit.c | 228 ++
+ net/ipv4/netfilter/ipt_expire.c | 563 +++++
+ net/ipv4/netfilter/ipt_fuzzy.c | 185 +
+ net/ipv4/netfilter/ipt_geoip.c | 275 ++
+ net/ipv4/netfilter/ipt_ipp2p.c | 640 ++++++
+ net/ipv4/netfilter/ipt_ipv4options.c | 172 +
+ net/ipv4/netfilter/ipt_nth.c | 166 +
+ net/ipv4/netfilter/ipt_osf.c | 854 +++++++++
+ net/ipv4/netfilter/ipt_policy.c | 176 +
+ net/ipv4/netfilter/ipt_psd.c | 358 +++
+ net/ipv4/netfilter/ipt_quota.c | 96 +
+ net/ipv4/netfilter/ipt_random.c | 92
+ net/ipv4/netfilter/ipt_set.c | 112 +
+ net/ipv4/netfilter/ipt_string.c | 218 ++
+ net/ipv4/netfilter/ipt_time.c | 179 +
+ net/ipv4/netfilter/ipt_u32.c | 233 ++
+ net/ipv4/netfilter/ipt_unclean.c | 611 ++++++
+ net/ipv4/raw.c | 2
+ net/ipv4/xfrm4_output.c | 1
+ net/ipv4/xfrm4_tunnel.c | 1
+ net/ipv6/ipv6_syms.c | 2
+ net/ipv6/netfilter/Kconfig | 117 +
+ net/ipv6/netfilter/Makefile | 11
+ net/ipv6/netfilter/ip6t_HL.c | 111 +
+ net/ipv6/netfilter/ip6t_REJECT.c | 304 +++
+ net/ipv6/netfilter/ip6t_ROUTE.c | 308 +++
+ net/ipv6/netfilter/ip6t_ULOG.c | 142 +
+ net/ipv6/netfilter/ip6t_expire.c | 566 +++++
+ net/ipv6/netfilter/ip6t_fuzzy.c | 188 +
+ net/ipv6/netfilter/ip6t_nth.c | 173 +
+ net/ipv6/netfilter/ip6t_owner.c | 44
+ net/ipv6/netfilter/ip6t_policy.c | 200 ++
+ net/ipv6/netfilter/ip6t_random.c | 97 +
+ net/xfrm/xfrm_input.c | 3
+ 135 files changed, 20312 insertions(+), 47 deletions(-)
-diff -Nur --exclude '*.orig'
linux-2.6.13.1.org/include/linux/netfilter_ipv4/ip_set.h
linux-2.6.13.1/include/linux/netfilter_ipv4/ip_set.h
+diff -Nur --exclude '*.orig' include/linux/netfilter.h
include/linux/netfilter.h
+--- include/linux/netfilter.h 2005-09-10 04:42:58.000000000 +0200
++++ include/linux/netfilter.h 2005-09-13 16:32:40.000000000 +0200
+@@ -139,9 +139,10 @@
+ /* This is gross, but inline doesn't cut it for avoiding the function
+ call in fast path: gcc doesn't inline (needs value tracking?). --RR */
+ #ifdef CONFIG_NETFILTER_DEBUG
+-#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \
++#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond)
\
+ ({int __ret; \
+-if ((__ret=nf_hook_slow(pf, hook, &(skb), indev, outdev, okfn, INT_MIN)) ==
1) \
++if (!(cond) ||
\
++ (__ret=nf_hook_slow(pf, hook, &(skb), indev, outdev, okfn, INT_MIN)) ==
1) \
+ __ret = (okfn)(skb); \
+ __ret;})
+ #define NF_HOOK_THRESH(pf, hook, skb, indev, outdev, okfn, thresh) \
+@@ -150,9 +151,9 @@
+ __ret = (okfn)(skb); \
+ __ret;})
+ #else
+-#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \
++#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond)
\
+ ({int __ret; \
+-if (list_empty(&nf_hooks[pf][hook]) ||
\
++if (!(cond) || list_empty(&nf_hooks[pf][hook]) ||
\
+ (__ret=nf_hook_slow(pf, hook, &(skb), indev, outdev, okfn, INT_MIN)) ==
1) \
+ __ret = (okfn)(skb); \
+ __ret;})
+@@ -163,6 +164,8 @@
+ __ret = (okfn)(skb); \
+ __ret;})
+ #endif
++#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \
++ NF_HOOK_COND((pf), (hook), (skb), (indev), (outdev), (okfn), 1)
+
+ int nf_hook_slow(int pf, unsigned int hook, struct sk_buff **pskb,
+ struct net_device *indev, struct net_device *outdev,
+@@ -192,6 +195,7 @@
+
+ #else /* !CONFIG_NETFILTER */
+ #define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb)
++#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond) (okfn)(skb)
+ static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
+ #endif /*CONFIG_NETFILTER*/
+
+diff -Nur --exclude '*.orig' include/linux/netfilter_ipv4/ip_conntrack.h
include/linux/netfilter_ipv4/ip_conntrack.h
+--- include/linux/netfilter_ipv4/ip_conntrack.h 2005-09-10
04:42:58.000000000 +0200
++++ include/linux/netfilter_ipv4/ip_conntrack.h 2005-09-13
16:32:54.000000000 +0200
+@@ -65,6 +65,63 @@
+
+ /* Both together */
+ IPS_NAT_DONE_MASK = (IPS_DST_NAT_DONE | IPS_SRC_NAT_DONE),
++
++ /* Connection is dying (removed from lists), can not be unset. */
++ IPS_DYING_BIT = 9,
++ IPS_DYING = (1 << IPS_DYING_BIT),
++};
++
++/* Connection tracking event bits */
++enum ip_conntrack_events
++{
++ /* New conntrack */
++ IPCT_NEW_BIT = 0,
++ IPCT_NEW = (1 << IPCT_NEW_BIT),
++
++ /* Expected connection */
++ IPCT_RELATED_BIT = 1,
++ IPCT_RELATED = (1 << IPCT_RELATED_BIT),
++
++ /* Destroyed conntrack */
++ IPCT_DESTROY_BIT = 2,
++ IPCT_DESTROY = (1 << IPCT_DESTROY_BIT),
++
++ /* Timer has been refreshed */
++ IPCT_REFRESH_BIT = 3,
++ IPCT_REFRESH = (1 << IPCT_REFRESH_BIT),
++
++ /* Status has changed */
++ IPCT_STATUS_BIT = 4,
++ IPCT_STATUS = (1 << IPCT_STATUS_BIT),
++
++ /* Update of protocol info */
++ IPCT_PROTOINFO_BIT = 5,
++ IPCT_PROTOINFO = (1 << IPCT_PROTOINFO_BIT),
++
++ /* Volatile protocol info */
++ IPCT_PROTOINFO_VOLATILE_BIT = 6,
++ IPCT_PROTOINFO_VOLATILE = (1 << IPCT_PROTOINFO_VOLATILE_BIT),
++
++ /* New helper for conntrack */
++ IPCT_HELPER_BIT = 7,
++ IPCT_HELPER = (1 << IPCT_HELPER_BIT),
++
++ /* Update of helper info */
++ IPCT_HELPINFO_BIT = 8,
++ IPCT_HELPINFO = (1 << IPCT_HELPINFO_BIT),
++
++ /* Volatile helper info */
++ IPCT_HELPINFO_VOLATILE_BIT = 9,
++ IPCT_HELPINFO_VOLATILE = (1 << IPCT_HELPINFO_VOLATILE_BIT),
++
++ /* NAT info */
++ IPCT_NATINFO_BIT = 10,
++ IPCT_NATINFO = (1 << IPCT_NATINFO_BIT),
++};
++
++enum ip_conntrack_expect_events {
++ IPEXP_NEW_BIT = 0,
++ IPEXP_NEW = (1 << IPEXP_NEW_BIT),
+ };
+
+ #ifdef __KERNEL__
+@@ -91,6 +148,7 @@
+ };
+
+ /* Add protocol helper include file here */
++#include <linux/netfilter_ipv4/ip_conntrack_mms.h>
+ #include <linux/netfilter_ipv4/ip_conntrack_amanda.h>
+ #include <linux/netfilter_ipv4/ip_conntrack_ftp.h>
+ #include <linux/netfilter_ipv4/ip_conntrack_irc.h>
+@@ -98,6 +156,7 @@
+ /* per conntrack: application helper private data */
+ union ip_conntrack_help {
+ /* insert conntrack helper private data (master) here */
++ struct ip_ct_mms_master ct_mms_info;
+ struct ip_ct_ftp_master ct_ftp_info;
+ struct ip_ct_irc_master ct_irc_info;
+ };
+@@ -280,6 +339,11 @@
+ return test_bit(IPS_CONFIRMED_BIT, &ct->status);
+ }
+
++static inline int is_dying(struct ip_conntrack *ct)
++{
++ return test_bit(IPS_DYING_BIT, &ct->status);
++}
++
+ extern unsigned int ip_conntrack_htable_size;
+
+ struct ip_conntrack_stat
+@@ -303,6 +367,88 @@
+
+ #define CONNTRACK_STAT_INC(count) (__get_cpu_var(ip_conntrack_stat).count++)
+
++#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
++#include <linux/notifier.h>
++
++struct ip_conntrack_ecache {
++ struct ip_conntrack *ct;
++ unsigned int events;
++};
++DECLARE_PER_CPU(struct ip_conntrack_ecache, ip_conntrack_ecache);
++
++#define CONNTRACK_ECACHE(x) (__get_cpu_var(ip_conntrack_ecache).x)
++
++extern struct notifier_block *ip_conntrack_chain;
++extern struct notifier_block *ip_conntrack_expect_chain;
++
++static inline int ip_conntrack_register_notifier(struct notifier_block *nb)
++{
++ return notifier_chain_register(&ip_conntrack_chain, nb);
++}
++
++static inline int ip_conntrack_unregister_notifier(struct notifier_block *nb)
++{
++ return notifier_chain_unregister(&ip_conntrack_chain, nb);
++}
++
++static inline int
++ip_conntrack_expect_register_notifier(struct notifier_block *nb)
++{
++ return notifier_chain_register(&ip_conntrack_expect_chain, nb);
++}
++
++static inline int
++ip_conntrack_expect_unregister_notifier(struct notifier_block *nb)
++{
++ return notifier_chain_unregister(&ip_conntrack_expect_chain, nb);
++}
++
++static inline void
++ip_conntrack_event_cache(enum ip_conntrack_events event,
++ const struct sk_buff *skb)
++{
++ struct ip_conntrack_ecache *ecache =
++ &__get_cpu_var(ip_conntrack_ecache);
++
++ if (unlikely((struct ip_conntrack *) skb->nfct != ecache->ct)) {
++ if (net_ratelimit()) {
++ printk(KERN_ERR "ctevent: skb->ct != ecache->ct !!!\n");
++ dump_stack();
++ }
++ }
++ ecache->events |= event;
++}
++
++extern void
++ip_conntrack_deliver_cached_events_for(const struct ip_conntrack *ct);
++extern void ip_conntrack_event_cache_init(const struct sk_buff *skb);
++
++static inline void ip_conntrack_event(enum ip_conntrack_events event,
++ struct ip_conntrack *ct)
++{
++ if (is_confirmed(ct) && !is_dying(ct))
++ notifier_call_chain(&ip_conntrack_chain, event, ct);
++}
++
++static inline void
++ip_conntrack_expect_event(enum ip_conntrack_expect_events event,
++ struct ip_conntrack_expect *exp)
++{
++ notifier_call_chain(&ip_conntrack_expect_chain, event, exp);
++}
++#else /* CONFIG_IP_NF_CONNTRACK_EVENTS */
++static inline void ip_conntrack_event_cache(enum ip_conntrack_events event,
++ const struct sk_buff *skb) {}
++static inline void ip_conntrack_event(enum ip_conntrack_events event,
++ struct ip_conntrack *ct) {}
++static inline void ip_conntrack_deliver_cached_events_for(
++ struct ip_conntrack *ct) {}
++static inline void ip_conntrack_event_cache_init(const struct sk_buff *skb) {}
++static inline void
++ip_conntrack_expect_event(enum ip_conntrack_expect_events event,
++ struct ip_conntrack_expect *exp) {}
++#endif /* CONFIG_IP_NF_CONNTRACK_EVENTS */
++
+ #ifdef CONFIG_IP_NF_NAT_NEEDED
+ static inline int ip_nat_initialized(struct ip_conntrack *conntrack,
+ enum ip_nat_manip_type manip)
+diff -Nur --exclude '*.orig' include/linux/netfilter_ipv4/ip_conntrack_core.h
include/linux/netfilter_ipv4/ip_conntrack_core.h
+--- include/linux/netfilter_ipv4/ip_conntrack_core.h 2005-09-10
04:42:58.000000000 +0200
++++ include/linux/netfilter_ipv4/ip_conntrack_core.h 2005-09-13
16:31:49.000000000 +0200
+@@ -38,12 +38,21 @@
+ /* Confirm a connection: returns NF_DROP if packet must be dropped. */
+ static inline int ip_conntrack_confirm(struct sk_buff **pskb)
+ {
+- if ((*pskb)->nfct
+- && !is_confirmed((struct ip_conntrack *)(*pskb)->nfct))
+- return __ip_conntrack_confirm(pskb);
+- return NF_ACCEPT;
++ struct ip_conntrack *ct = (struct ip_conntrack *)(*pskb)->nfct;
++ int ret = NF_ACCEPT;
++
++ if (ct && !is_confirmed(ct))
++ ret = __ip_conntrack_confirm(pskb);
++ ip_conntrack_deliver_cached_events_for(ct);
++
++ return ret;
+ }
+
++#ifdef CONFIG_IP_NF_CONNTRACK_EVENTS
++struct ip_conntrack_ecache;
++extern void __ip_ct_deliver_cached_events(struct ip_conntrack_ecache *ec);
++#endif
++
+ extern struct list_head *ip_conntrack_hash;
+ extern struct list_head ip_conntrack_expect_list;
+ extern rwlock_t ip_conntrack_lock;
+diff -Nur --exclude '*.orig' include/linux/netfilter_ipv4/ip_conntrack_h323.h
include/linux/netfilter_ipv4/ip_conntrack_h323.h
+--- include/linux/netfilter_ipv4/ip_conntrack_h323.h 1970-01-01
01:00:00.000000000 +0100
++++ include/linux/netfilter_ipv4/ip_conntrack_h323.h 2005-09-13
16:32:12.000000000 +0200
+@@ -0,0 +1,38 @@
++#ifndef _IP_CONNTRACK_H323_H
++#define _IP_CONNTRACK_H323_H
++/* H.323 connection tracking. */
++
++#ifdef __KERNEL__
++
++/* Default H.225 port */
++#define H225_PORT 1720
++
++struct ip_conntrack_expect;
++struct ip_conntrack;
++struct ip_conntrack_helper;
++
++extern int (*ip_nat_h245_hook)(struct sk_buff **pskb,
++ enum ip_conntrack_info ctinfo,
++ unsigned int offset,
++ struct ip_conntrack_expect *exp);
++
++extern int (*ip_nat_h225_hook)(struct sk_buff **pskb,
++ enum ip_conntrack_info ctinfo,
++ unsigned int offset,
++ struct ip_conntrack_expect *exp);
++
++extern void (*ip_nat_h225_signal_hook)(struct sk_buff **pskb,
++ struct ip_conntrack *ct,
++ enum ip_conntrack_info ctinfo,
++ unsigned int offset,
++ int dir,
++ int orig_dir);
++
++extern struct ip_conntrack_helper ip_conntrack_helper_h225;
++
++void ip_conntrack_h245_expect(struct ip_conntrack *new,
++ struct ip_conntrack_expect *this);
++
++#endif /* __KERNEL__ */
++
++#endif /* _IP_CONNTRACK_H323_H */
+diff -Nur --exclude '*.orig' include/linux/netfilter_ipv4/ip_conntrack_mms.h
include/linux/netfilter_ipv4/ip_conntrack_mms.h
+--- include/linux/netfilter_ipv4/ip_conntrack_mms.h 1970-01-01
01:00:00.000000000 +0100
++++ include/linux/netfilter_ipv4/ip_conntrack_mms.h 2005-09-13
16:32:54.000000000 +0200
+@@ -0,0 +1,36 @@
++#ifndef _IP_CONNTRACK_MMS_H
++#define _IP_CONNTRACK_MMS_H
++/* MMS tracking. */
++
++#ifdef __KERNEL__
++
++extern spinlock_t ip_mms_lock;
++
++#define MMS_PORT 1755
++#define MMS_SRV_MSG_ID 196610
++
++#define MMS_SRV_MSG_OFFSET 36
++#define MMS_SRV_UNICODE_STRING_OFFSET 60
++#define MMS_SRV_CHUNKLENLV_OFFSET 16
++#define MMS_SRV_CHUNKLENLM_OFFSET 32
++#define MMS_SRV_MESSAGELENGTH_OFFSET 8
++
++/* This structure is per expected connection */
++struct ip_ct_mms_expect {
++ u_int32_t offset;
++ u_int32_t len;
++ u_int32_t padding;
++ u_int16_t port;
++};
++
++/* This structure exists only once per master */
++struct ip_ct_mms_master {
++};
++
++struct ip_conntrack_expect;
++extern unsigned int (*ip_nat_mms_hook)(struct sk_buff **pskb,
++ enum ip_conntrack_info ctinfo,
++ const struct ip_ct_mms_expect
*exp_mms_info,
++ struct ip_conntrack_expect *exp);
++#endif
++#endif /* _IP_CONNTRACK_MMS_H */
+diff -Nur --exclude '*.orig'
include/linux/netfilter_ipv4/ip_conntrack_quake3.h
include/linux/netfilter_ipv4/ip_conntrack_quake3.h
+--- include/linux/netfilter_ipv4/ip_conntrack_quake3.h 1970-01-01
01:00:00.000000000 +0100
++++ include/linux/netfilter_ipv4/ip_conntrack_quake3.h 2005-09-13
16:33:33.000000000 +0200
+@@ -0,0 +1,22 @@
++#ifndef _IP_CT_QUAKE3
++#define _IP_CT_QUAKE3
++
++/* Don't confuse with 27960, often used as the Server Port */
++#define QUAKE3_MASTER_PORT 27950
++
++struct quake3_search {
++ const char marker[4]; /* always 0xff 0xff 0xff 0xff ? */
++ const char *pattern;
++ size_t plen;
++};
++
++/* This structure is per expected connection */
++struct ip_ct_quake3_expect {
++};
++
++/* This structure exists only once per master */
++struct ip_ct_quake3_master {
++};
++
++extern unsigned int (*ip_nat_quake3_hook)(struct ip_conntrack_expect *exp);
++#endif /* _IP_CT_QUAKE3 */
+diff -Nur --exclude '*.orig' include/linux/netfilter_ipv4/ip_queue.h
include/linux/netfilter_ipv4/ip_queue.h
+--- include/linux/netfilter_ipv4/ip_queue.h 2005-09-10 04:42:58.000000000
+0200
++++ include/linux/netfilter_ipv4/ip_queue.h 2005-09-13 16:32:29.000000000
+0200
+@@ -47,10 +47,20 @@
+ unsigned char payload[0]; /* Optional replacement packet */
+ } ipq_verdict_msg_t;
+
++typedef struct ipq_vwmark_msg {
++ unsigned int value; /* Verdict to hand to netfilter */
++ unsigned long id; /* Packet ID for this verdict */
++ size_t data_len; /* Length of replacement data */
++ unsigned char payload[0]; /* Optional replacement packet */
++ unsigned long nfmark; /* Mark for the Packet */
++} ipq_vwmark_msg_t;
++
++
+ typedef struct ipq_peer_msg {
+ union {
+ ipq_verdict_msg_t verdict;
+ ipq_mode_msg_t mode;
++ ipq_vwmark_msg_t vwmark;
+ } msg;
<<Diff was trimmed, longer than 597 lines>>
---- CVS-web:
http://cvs.pld-linux.org/SOURCES/linux-2.6-pom-ng-base.patch?r1=1.1.2.1&r2=1.1.2.2&f=u
_______________________________________________
pld-cvs-commit mailing list
[email protected]
http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit
