X-Git-Url: http://git.rohieb.name/openwrt.git/blobdiff_plain/f0c66715de5f063152d8bca967bee53ae8a0e4a3..9c0ae271fee1a6f7c9af9690bf228ebc90ad327e:/target/linux/generic-2.6/patches-2.6.23/100-netfilter_layer7_2.17.patch diff --git a/target/linux/generic-2.6/patches-2.6.23/100-netfilter_layer7_2.17.patch b/target/linux/generic-2.6/patches-2.6.23/100-netfilter_layer7_2.17.patch index 118e7e14e..d94fd3c0c 100644 --- a/target/linux/generic-2.6/patches-2.6.23/100-netfilter_layer7_2.17.patch +++ b/target/linux/generic-2.6/patches-2.6.23/100-netfilter_layer7_2.17.patch @@ -1,8 +1,6 @@ -Index: linux-2.6.23.17/net/netfilter/Kconfig -=================================================================== ---- linux-2.6.23.17.orig/net/netfilter/Kconfig -+++ linux-2.6.23.17/net/netfilter/Kconfig -@@ -633,6 +633,27 @@ config NETFILTER_XT_MATCH_STATE +--- a/net/netfilter/Kconfig ++++ b/net/netfilter/Kconfig +@@ -633,6 +633,27 @@ To compile it as a module, choose M here. If unsure, say N. @@ -30,11 +28,9 @@ Index: linux-2.6.23.17/net/netfilter/Kconfig config NETFILTER_XT_MATCH_STATISTIC tristate '"statistic" match support' depends on NETFILTER_XTABLES -Index: linux-2.6.23.17/net/netfilter/Makefile -=================================================================== ---- linux-2.6.23.17.orig/net/netfilter/Makefile -+++ linux-2.6.23.17/net/netfilter/Makefile -@@ -71,6 +71,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_QUOTA) + +--- a/net/netfilter/Makefile ++++ b/net/netfilter/Makefile +@@ -71,6 +71,7 @@ obj-$(CONFIG_NETFILTER_XT_MATCH_REALM) += xt_realm.o obj-$(CONFIG_NETFILTER_XT_MATCH_SCTP) += xt_sctp.o obj-$(CONFIG_NETFILTER_XT_MATCH_STATE) += xt_state.o @@ -42,10 +38,8 @@ Index: linux-2.6.23.17/net/netfilter/Makefile obj-$(CONFIG_NETFILTER_XT_MATCH_STATISTIC) += xt_statistic.o obj-$(CONFIG_NETFILTER_XT_MATCH_STRING) += xt_string.o obj-$(CONFIG_NETFILTER_XT_MATCH_TCPMSS) += xt_tcpmss.o -Index: linux-2.6.23.17/net/netfilter/xt_layer7.c -=================================================================== --- /dev/null -+++ linux-2.6.23.17/net/netfilter/xt_layer7.c ++++ b/net/netfilter/xt_layer7.c @@ -0,0 +1,634 @@ +/* + Kernel module to match application layer (OSI layer 7) data in connections. @@ -681,10 +675,8 @@ Index: linux-2.6.23.17/net/netfilter/xt_layer7.c + +module_init(xt_layer7_init); +module_exit(xt_layer7_fini); -Index: linux-2.6.23.17/net/netfilter/regexp/regexp.c -=================================================================== --- /dev/null -+++ linux-2.6.23.17/net/netfilter/regexp/regexp.c ++++ b/net/netfilter/regexp/regexp.c @@ -0,0 +1,1197 @@ +/* + * regcomp and regexec -- regsub and regerror are elsewhere @@ -1883,10 +1875,8 @@ Index: linux-2.6.23.17/net/netfilter/regexp/regexp.c +#endif + + -Index: linux-2.6.23.17/net/netfilter/regexp/regexp.h -=================================================================== --- /dev/null -+++ linux-2.6.23.17/net/netfilter/regexp/regexp.h ++++ b/net/netfilter/regexp/regexp.h @@ -0,0 +1,41 @@ +/* + * Definitions etc. for regexp(3) routines. @@ -1929,20 +1919,16 @@ Index: linux-2.6.23.17/net/netfilter/regexp/regexp.h +void regerror(char *s); + +#endif -Index: linux-2.6.23.17/net/netfilter/regexp/regmagic.h -=================================================================== --- /dev/null -+++ linux-2.6.23.17/net/netfilter/regexp/regmagic.h ++++ b/net/netfilter/regexp/regmagic.h @@ -0,0 +1,5 @@ +/* + * The first byte of the regexp internal "program" is actually this magic + * number; the start node begins in the second byte. + */ +#define MAGIC 0234 -Index: linux-2.6.23.17/net/netfilter/regexp/regsub.c -=================================================================== --- /dev/null -+++ linux-2.6.23.17/net/netfilter/regexp/regsub.c ++++ b/net/netfilter/regexp/regsub.c @@ -0,0 +1,95 @@ +/* + * regsub @@ -2039,11 +2025,9 @@ Index: linux-2.6.23.17/net/netfilter/regexp/regsub.c + } + *dst++ = '\0'; +} -Index: linux-2.6.23.17/net/netfilter/nf_conntrack_core.c -=================================================================== ---- linux-2.6.23.17.orig/net/netfilter/nf_conntrack_core.c -+++ linux-2.6.23.17/net/netfilter/nf_conntrack_core.c -@@ -207,6 +207,14 @@ destroy_conntrack(struct nf_conntrack *n +--- a/net/netfilter/nf_conntrack_core.c ++++ b/net/netfilter/nf_conntrack_core.c +@@ -207,6 +207,14 @@ * too. */ nf_ct_remove_expectations(ct); @@ -2058,11 +2042,9 @@ Index: linux-2.6.23.17/net/netfilter/nf_conntrack_core.c /* We overload first tuple to link into unconfirmed list. */ if (!nf_ct_is_confirmed(ct)) { BUG_ON(hlist_unhashed(&ct->tuplehash[IP_CT_DIR_ORIGINAL].hnode)); -Index: linux-2.6.23.17/net/netfilter/nf_conntrack_standalone.c -=================================================================== ---- linux-2.6.23.17.orig/net/netfilter/nf_conntrack_standalone.c -+++ linux-2.6.23.17/net/netfilter/nf_conntrack_standalone.c -@@ -179,7 +179,12 @@ static int ct_seq_show(struct seq_file * +--- a/net/netfilter/nf_conntrack_standalone.c ++++ b/net/netfilter/nf_conntrack_standalone.c +@@ -179,7 +179,12 @@ return -ENOSPC; #endif @@ -2076,11 +2058,9 @@ Index: linux-2.6.23.17/net/netfilter/nf_conntrack_standalone.c return -ENOSPC; return 0; -Index: linux-2.6.23.17/include/net/netfilter/nf_conntrack.h -=================================================================== ---- linux-2.6.23.17.orig/include/net/netfilter/nf_conntrack.h -+++ linux-2.6.23.17/include/net/netfilter/nf_conntrack.h -@@ -127,6 +127,22 @@ struct nf_conn +--- a/include/net/netfilter/nf_conntrack.h ++++ b/include/net/netfilter/nf_conntrack.h +@@ -127,6 +127,22 @@ u_int32_t secmark; #endif @@ -2103,10 +2083,8 @@ Index: linux-2.6.23.17/include/net/netfilter/nf_conntrack.h /* Storage reserved for other modules: */ union nf_conntrack_proto proto; -Index: linux-2.6.23.17/include/linux/netfilter/xt_layer7.h -=================================================================== --- /dev/null -+++ linux-2.6.23.17/include/linux/netfilter/xt_layer7.h ++++ b/include/linux/netfilter/xt_layer7.h @@ -0,0 +1,13 @@ +#ifndef _XT_LAYER7_H +#define _XT_LAYER7_H