-Index: linux-2.6.23-rc9/include/linux/netfilter/nf_conntrack_rtsp.h
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.23-rc9/include/linux/netfilter/nf_conntrack_rtsp.h 2007-10-05 21:26:39.000000000 +0800
+--- /dev/null
++++ b/include/linux/netfilter/nf_conntrack_rtsp.h
@@ -0,0 +1,63 @@
+/*
+ * RTSP extension for IP connection tracking.
+#endif /* __KERNEL__ */
+
+#endif /* _IP_CONNTRACK_RTSP_H */
-Index: linux-2.6.23-rc9/include/linux/netfilter_helpers.h
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.23-rc9/include/linux/netfilter_helpers.h 2007-10-05 21:26:39.000000000 +0800
+--- /dev/null
++++ b/include/linux/netfilter_helpers.h
@@ -0,0 +1,133 @@
+/*
+ * Helpers for netfiler modules. This file provides implementations for basic
+#endif /* __KERNEL__ */
+
+#endif /* _NETFILTER_HELPERS_H */
-Index: linux-2.6.23-rc9/include/linux/netfilter_mime.h
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.23-rc9/include/linux/netfilter_mime.h 2007-10-05 21:26:39.000000000 +0800
+--- /dev/null
++++ b/include/linux/netfilter_mime.h
@@ -0,0 +1,89 @@
+/*
+ * MIME functions for netfilter modules. This file provides implementations
+#endif /* __KERNEL__ */
+
+#endif /* _NETFILTER_MIME_H */
-Index: linux-2.6.23-rc9/net/ipv4/netfilter/Makefile
-===================================================================
---- linux-2.6.23-rc9.orig/net/ipv4/netfilter/Makefile 2007-10-05 21:26:39.000000000 +0800
-+++ linux-2.6.23-rc9/net/ipv4/netfilter/Makefile 2007-10-05 21:26:39.000000000 +0800
-@@ -23,6 +23,7 @@
+--- a/net/ipv4/netfilter/Makefile
++++ b/net/ipv4/netfilter/Makefile
+@@ -23,6 +23,7 @@ obj-$(CONFIG_NF_NAT_AMANDA) += nf_nat_am
obj-$(CONFIG_NF_NAT_FTP) += nf_nat_ftp.o
obj-$(CONFIG_NF_NAT_H323) += nf_nat_h323.o
obj-$(CONFIG_NF_NAT_IRC) += nf_nat_irc.o
obj-$(CONFIG_NF_NAT_PPTP) += nf_nat_pptp.o
obj-$(CONFIG_NF_NAT_SIP) += nf_nat_sip.o
obj-$(CONFIG_NF_NAT_SNMP_BASIC) += nf_nat_snmp_basic.o
-Index: linux-2.6.23-rc9/net/netfilter/Kconfig
-===================================================================
---- linux-2.6.23-rc9.orig/net/netfilter/Kconfig 2007-10-05 21:26:39.000000000 +0800
-+++ linux-2.6.23-rc9/net/netfilter/Kconfig 2007-10-05 21:26:39.000000000 +0800
-@@ -249,6 +249,16 @@
+--- a/net/netfilter/Kconfig
++++ b/net/netfilter/Kconfig
+@@ -258,6 +258,16 @@ config NF_CONNTRACK_TFTP
To compile it as a module, choose M here. If unsure, say N.
+ Documentation/modules.txt. If unsure, say 'Y'.
+
config NF_CT_NETLINK
- tristate 'Connection tracking netlink interface (EXPERIMENTAL)'
- depends on EXPERIMENTAL && NF_CONNTRACK && NETFILTER_NETLINK
-Index: linux-2.6.23-rc9/net/netfilter/Makefile
-===================================================================
---- linux-2.6.23-rc9.orig/net/netfilter/Makefile 2007-10-05 21:26:39.000000000 +0800
-+++ linux-2.6.23-rc9/net/netfilter/Makefile 2007-10-05 21:26:39.000000000 +0800
-@@ -33,6 +33,7 @@
+ tristate 'Connection tracking netlink interface'
+ depends on NF_CONNTRACK
+--- a/net/netfilter/Makefile
++++ b/net/netfilter/Makefile
+@@ -32,6 +32,7 @@ obj-$(CONFIG_NF_CONNTRACK_PPTP) += nf_co
obj-$(CONFIG_NF_CONNTRACK_SANE) += nf_conntrack_sane.o
obj-$(CONFIG_NF_CONNTRACK_SIP) += nf_conntrack_sip.o
obj-$(CONFIG_NF_CONNTRACK_TFTP) += nf_conntrack_tftp.o
# generic X tables
obj-$(CONFIG_NETFILTER_XTABLES) += x_tables.o xt_tcpudp.o
-Index: linux-2.6.23-rc9/net/ipv4/netfilter/Kconfig
-===================================================================
---- linux-2.6.23-rc9.orig/net/ipv4/netfilter/Kconfig 2007-10-05 21:26:39.000000000 +0800
-+++ linux-2.6.23-rc9/net/ipv4/netfilter/Kconfig 2007-10-05 21:26:39.000000000 +0800
-@@ -314,6 +314,11 @@
+--- a/net/ipv4/netfilter/Kconfig
++++ b/net/ipv4/netfilter/Kconfig
+@@ -266,6 +266,11 @@ config NF_NAT_IRC
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
default NF_NAT && NF_CONNTRACK_IRC
config NF_NAT_TFTP
tristate
depends on IP_NF_IPTABLES && NF_CONNTRACK && NF_NAT
-Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c 2007-10-05 21:46:43.000000000 +0800
+--- /dev/null
++++ b/net/netfilter/nf_conntrack_rtsp.c
@@ -0,0 +1,513 @@
+/*
+ * RTSP extension for IP connection tracking
+ uint entitylen = 0;
+ uint lineoff;
+ uint linelen;
-+
++
+ if (!nf_nextline(ptcp, tcplen, ptcpoff, &lineoff, &linelen))
+ return 0;
-+
++
+ *phdrsoff = *ptcpoff;
+ while (nf_mime_nextline(ptcp, tcplen, ptcpoff, &lineoff, &linelen)) {
+ if (linelen == 0) {
+ INFOP("!! overrun !!\n");
+ break;
+ }
-+
++
+ if (nf_strncasecmp(ptcp+lineoff, "CSeq:", 5) == 0) {
+ *pcseqoff = lineoff;
+ *pcseqlen = linelen;
-+ }
++ }
+
+ if (nf_strncasecmp(ptcp+lineoff, "Transport:", 10) == 0) {
+ *transoff = lineoff;
+ *translen = linelen;
+ }
-+
++
+ if (nf_strncasecmp(ptcp+lineoff, "Content-Length:", 15) == 0) {
+ uint off = lineoff+15;
+ SKIP_WSPACE(ptcp+lineoff, linelen, off);
+ }
+ }
+ *phdrslen = (*ptcpoff) - (*phdrsoff);
-+
++
+ return 1;
+}
+
+{
+ int rc = 0;
+ uint off = 0;
-+
++
+ if (tranlen < 10 || !iseol(ptran[tranlen-1]) ||
+ nf_strncasecmp(ptran, "Transport:", 10) != 0) {
+ INFOP("sanity check failed\n");
+ return 0;
+ }
-+
++
+ DEBUGP("tran='%.*s'\n", (int)tranlen, ptran);
+ off += 10;
+ SKIP_WSPACE(ptran, tranlen, off);
-+
++
+ /* Transport: tran;field;field=val,tran;field;field=val,... */
+ while (off < tranlen) {
+ const char* pparamend;
+ uint nextparamoff;
-+
++
+ pparamend = memchr(ptran+off, ',', tranlen-off);
+ pparamend = (pparamend == NULL) ? ptran+tranlen : pparamend+1;
+ nextparamoff = pparamend-ptran;
-+
++
+ while (off < nextparamoff) {
+ const char* pfieldend;
+ uint nextfieldoff;
-+
++
+ pfieldend = memchr(ptran+off, ';', nextparamoff-off);
+ nextfieldoff = (pfieldend == NULL) ? nextparamoff : pfieldend-ptran+1;
-+
++
+ if (strncmp(ptran+off, "client_port=", 12) == 0) {
+ u_int16_t port;
+ uint numlen;
-+
++
+ off += 12;
+ numlen = nf_strtou16(ptran+off, &port);
+ off += numlen;
+ off += numlen;
+ prtspexp->pbtype = pb_range;
+ prtspexp->hiport = port;
-+
++
+ // If we have a range, assume rtp:
+ // loport must be even, hiport must be loport+1
+ if ((prtspexp->loport & 0x0001) != 0 ||
+ rc = 1;
+ }
+ }
-+
++
+ /*
+ * Note we don't look for the destination parameter here.
+ * If we are using NAT, the NAT module will handle it. If not,
+ * and the client is sending packets elsewhere, the expectation
+ * will quietly time out.
+ */
-+
++
+ off = nextfieldoff;
+ }
-+
++
+ off = nextparamoff;
+ }
-+
++
+ return rc;
+}
+
+ struct nf_conn *ct, enum ip_conntrack_info ctinfo)
+{
+ struct ip_ct_rtsp_expect expinfo;
-+
++
+ int dir = CTINFO2DIR(ctinfo); /* = IP_CT_DIR_ORIGINAL */
+ //struct tcphdr* tcph = (void*)iph + iph->ihl * 4;
+ //uint tcplen = pktlen - iph->ihl * 4;
+ //uint datalen = tcplen - tcph->doff * 4;
+ uint dataoff = 0;
+ int ret = NF_ACCEPT;
-+
++
+ struct nf_conntrack_expect *exp;
-+
++
+ __be16 be_loport;
-+
++
+ memset(&expinfo, 0, sizeof(expinfo));
-+
++
+ while (dataoff < datalen) {
+ uint cmdoff = dataoff;
+ uint hdrsoff = 0;
+ uint transoff = 0;
+ uint translen = 0;
+ uint off;
-+
++
+ if (!rtsp_parse_message(pdata, datalen, &dataoff,
+ &hdrsoff, &hdrslen,
+ &cseqoff, &cseqlen,
+ &transoff, &translen))
+ break; /* not a valid message */
-+
++
+ if (strncmp(pdata+cmdoff, "SETUP ", 6) != 0)
+ continue; /* not a SETUP message */
+ DEBUGP("found a setup message\n");
+
+ nf_ct_expect_init(exp, ct->tuplehash[!dir].tuple.src.l3num,
+ &ct->tuplehash[!dir].tuple.src.u3, &ct->tuplehash[!dir].tuple.dst.u3,
-+ IPPROTO_UDP, NULL, &be_loport);
++ IPPROTO_UDP, NULL, &be_loport);
+
+ exp->master = ct;
+
+}
+
+static int help(struct sk_buff *skb, unsigned int protoff,
-+ struct nf_conn *ct, enum ip_conntrack_info ctinfo)
++ struct nf_conn *ct, enum ip_conntrack_info ctinfo)
+{
+ struct tcphdr _tcph, *th;
+ unsigned int dataoff, datalen;
+ int ret = NF_DROP;
+
+ /* Until there's been traffic both ways, don't look in packets. */
-+ if (ctinfo != IP_CT_ESTABLISHED &&
++ if (ctinfo != IP_CT_ESTABLISHED &&
+ ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY) {
+ DEBUGP("conntrackinfo = %u\n", ctinfo);
+ return NF_ACCEPT;
+
+ if (!th)
+ return NF_ACCEPT;
-+
++
+ /* No data ? */
+ dataoff = protoff + th->doff*4;
+ datalen = skb->len - dataoff;
+ }
+
+ rtsp_buffer = kmalloc(65536, GFP_KERNEL);
-+ if (!rtsp_buffer)
++ if (!rtsp_buffer)
+ return -ENOMEM;
+
+ /* If no port given, default to standard rtsp port */
+
+EXPORT_SYMBOL(nf_nat_rtsp_hook_expectfn);
+
-Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
-===================================================================
---- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c 2007-10-05 21:41:16.000000000 +0800
+--- /dev/null
++++ b/net/ipv4/netfilter/nf_nat_rtsp.c
@@ -0,0 +1,496 @@
+/*
+ * RTSP extension for TCP NAT alteration
+#include <linux/netfilter_mime.h>
+
+#define INFOP(fmt, args...) printk(KERN_INFO "%s: %s: " fmt, __FILE__, __FUNCTION__ , ## args)
-+#if 0
++#if 0
+#define DEBUGP(fmt, args...) printk(KERN_DEBUG "%s: %s: " fmt, __FILE__, __FUNCTION__ , ## args)
+#else
+#define DEBUGP(fmt, args...)
+
+static uint
+help_out(struct sk_buff *skb, enum ip_conntrack_info ctinfo,
-+ unsigned int matchoff, unsigned int matchlen, struct ip_ct_rtsp_expect* prtspexp,
++ unsigned int matchoff, unsigned int matchlen, struct ip_ct_rtsp_expect* prtspexp,
+ struct nf_conntrack_expect* exp)
+{
+ char* ptcp;
+}
+
+static unsigned int
-+help(struct sk_buff *skb, enum ip_conntrack_info ctinfo,
++help(struct sk_buff *skb, enum ip_conntrack_info ctinfo,
+ unsigned int matchoff, unsigned int matchlen, struct ip_ct_rtsp_expect* prtspexp,
+ struct nf_conntrack_expect* exp)
+{
+ NIPQUAD(newsrcip), NIPQUAD(newdstip), NIPQUAD(newip));
+
+ mr.rangesize = 1;
-+ // We don't want to manip the per-protocol, just the IPs.
++ // We don't want to manip the per-protocol, just the IPs.
+ mr.range[0].flags = IP_NAT_RANGE_MAP_IPS;
+ mr.range[0].min_ip = mr.range[0].max_ip = newip;
+
-+ nf_nat_setup_info(ct, &mr.range[0], NF_INET_PRE_ROUTING);
++ nf_nat_setup_info(ct, &mr.range[0], IP_NAT_MANIP_DST);
+}
+
+