[ptxdist] [PATCH 38/48] [iptables] Added clear DF flag modul for 1.4.5

Thu, 07 Jan 2010 09:46:20 -0800 

From: Carsten Schlote <c.schl...@konzeptpark.de>

Signed-off-by: Carsten Schlote <c.schl...@konzeptpark.de>
---
 .../iptables-1.4.5/iptables-1.4.3.DF-patch.diff    |  141 ++++++++++++++++++++
 patches/iptables-1.4.5/series                      |    1 +
 2 files changed, 142 insertions(+), 0 deletions(-)
 create mode 100644 patches/iptables-1.4.5/iptables-1.4.3.DF-patch.diff
 create mode 100644 patches/iptables-1.4.5/series

diff --git a/patches/iptables-1.4.5/iptables-1.4.3.DF-patch.diff 
b/patches/iptables-1.4.5/iptables-1.4.3.DF-patch.diff
new file mode 100644
index 0000000..b4feb53
--- /dev/null
+++ b/patches/iptables-1.4.5/iptables-1.4.3.DF-patch.diff
@@ -0,0 +1,141 @@
+[iptables-1.4.3] Add ipt_DF module userland module
+
+This patch adds support for libipt_DF module to iptables 1.4.3.
+
+Requires matching kernel patch and module as well!
+
+FIXME: Create kernel-module ptxdist paket for the ipt_DF module instead
+       of patching kernel
+
+Signed-off-by: Carsten Schlote (schl...@vahanus.net)
+---
+ extensions/Makefile                   |    2
+ extensions/libipt_DF.c                |  101 
++++++++++++++++++++++++++++++++++
+ include/linux/netfilter_ipv4/ipt_DF.h |   14 ++++
+ 2 files changed, 115 insertions(+)
+
+Index: iptables-1.4.2/extensions/libipt_DF.c
+===================================================================
+--- /dev/null  1970-01-01 00:00:00.000000000 +0000
++++ iptables-1.4.2/extensions/libipt_DF.c      2009-01-15 21:12:19.000000000 
+0100
+@@ -0,0 +1,101 @@
++/* Shared library add-on to iptables for the DF target
++ * (C) 2002 by Dmitry Labutcky <a...@strace.net>
++ *
++ * $Id: libipt_DF.c,v 1.6 2002/05/29 13:08:16 laforge Exp $
++ *
++ * This program is distributed under the terms of GNU GPL
++ */
++#include <stdio.h>
++#include <string.h>
++#include <stdlib.h>
++#include <getopt.h>
++#include <iptables.h>
++
++#include <linux/netfilter_ipv4/ip_tables.h>
++#include <linux/netfilter_ipv4/ipt_DF.h>
++
++static void help(void)
++{
++
++       printf(
++"DF target options\n"
++"  --clear Clear DF flag\n");
++}
++
++
++static struct option opts[] = {
++        { "clear", 0, 0, '%' },
++      { .name = NULL }
++};
++
++static int parse(int c, char **argv, int invert, unsigned int *flags,
++               const void *e, struct xt_entry_target **target)
++{
++      /*const struct ipt_entry *entry = e;*/
++      struct ipt_DF_info *info = (void*)(*target)->data;
++
++      switch (c) {
++              case '%':
++                      if (invert)
++                              exit_error(PARAMETER_PROBLEM, "DF: unexpected 
`!' with --clear");
++                      if (*flags & IPT_DF_CLEAR)
++                              exit_error(PARAMETER_PROBLEM, "DF: Can't 
specify --clear twice");
++                      info->mode = IPT_DF_CLEAR;
++                      *flags |= IPT_DF_CLEAR;
++                       break;
++              default:
++                       return 0;
++
++       }
++       return 1;
++}
++
++static void final_check(unsigned int flags)
++{
++      if (!flags)
++              exit_error(PARAMETER_PROBLEM,
++                      "DF target: Parameter --clear is required");
++}
++
++static void print(const void *ip,
++               const struct xt_entry_target *target, int numeric)
++{
++       const struct ipt_DF_info *info = (void *)target->data;
++
++       printf("DF ");
++       switch (info->mode) {
++               case IPT_DF_CLEAR:
++                       printf("clear df ");
++                       break;
++       }
++}
++
++static void save(const void *ip, const struct xt_entry_target *target)
++{
++       const struct ipt_DF_info *info = (void *)target->data;
++
++       switch (info->mode) {
++               case IPT_DF_CLEAR:
++                       printf("--clear ");
++                       break;
++       }
++}
++
++static struct xtables_target DF = {
++      .name           =       "DF",
++      .version        =       XTABLES_VERSION,
++      .family         =       PF_INET,
++      .size           =       XT_ALIGN(sizeof(struct ipt_DF_info)),
++      .userspacesize  =       XT_ALIGN(sizeof(struct ipt_DF_info)),
++      .help           =       &help,
++      .parse          =       &parse,
++      .final_check    =       &final_check,
++      .print          =       &print,
++      .save           =       &save,
++      .extra_opts     =       opts,
++};
++
++void _init(void)
++{
++       xtables_register_target(&DF);
++}
+Index: iptables-1.4.2/include/linux/netfilter_ipv4/ipt_DF.h
+===================================================================
+--- /dev/null  1970-01-01 00:00:00.000000000 +0000
++++ iptables-1.4.2/include/linux/netfilter_ipv4/ipt_DF.h       2009-01-15 
21:06:00.000000000 +0100
+@@ -0,0 +1,14 @@
++#ifndef _IPT_DF_H
++#define _IPT_DF_H
++
++enum {
++       IPT_DF_CLEAR = 1
++};
++
++struct ipt_DF_info {
++       u_int8_t        mode;
++};
++
++
++#endif
++
diff --git a/patches/iptables-1.4.5/series b/patches/iptables-1.4.5/series
new file mode 100644
index 0000000..21eaaca
--- /dev/null
+++ b/patches/iptables-1.4.5/series
@@ -0,0 +1 @@
+iptables-1.4.3.DF-patch.diff
-- 
1.6.5.6.gb3118


--
ptxdist mailing list
ptxdist@pengutronix.de

Reply via email to