X-Git-Url: https://git.rohieb.name/openwrt.git/blobdiff_plain/f52d66ff00b24111f87c274d3d7085ef2e1d27b1..9a74b7c37f23cca5f3ad3fa1ce7a716ba1b93cfd:/target/linux/generic-2.4/patches/607-netfilter_connmark.patch

diff --git a/target/linux/generic-2.4/patches/607-netfilter_connmark.patch b/target/linux/generic-2.4/patches/607-netfilter_connmark.patch
index 154314dc4..3d3c947da 100644
--- a/target/linux/generic-2.4/patches/607-netfilter_connmark.patch
+++ b/target/linux/generic-2.4/patches/607-netfilter_connmark.patch
@@ -1,7 +1,6 @@
-diff -urN linux.old/include/linux/netfilter_ipv4/ip_conntrack.h linux.dev/include/linux/netfilter_ipv4/ip_conntrack.h
---- linux.old/include/linux/netfilter_ipv4/ip_conntrack.h	2005-08-20 20:02:06.619827000 +0200
-+++ linux.dev/include/linux/netfilter_ipv4/ip_conntrack.h	2005-08-20 20:19:23.302029232 +0200
-@@ -226,6 +226,9 @@
+--- a/include/linux/netfilter_ipv4/ip_conntrack.h
++++ b/include/linux/netfilter_ipv4/ip_conntrack.h
+@@ -218,6 +218,9 @@ struct ip_conntrack
  		unsigned int app_data_len;
  	} layer7;
  #endif
@@ -11,9 +10,8 @@ diff -urN linux.old/include/linux/netfilter_ipv4/ip_conntrack.h linux.dev/includ
  };
  
  /* get master conntrack via master expectation */
-diff -urN linux.old/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux.dev/include/linux/netfilter_ipv4/ipt_CONNMARK.h
---- linux.old/include/linux/netfilter_ipv4/ipt_CONNMARK.h	1970-01-01 01:00:00.000000000 +0100
-+++ linux.dev/include/linux/netfilter_ipv4/ipt_CONNMARK.h	2005-08-20 20:19:41.058329864 +0200
+--- /dev/null
++++ b/include/linux/netfilter_ipv4/ipt_CONNMARK.h
 @@ -0,0 +1,25 @@
 +#ifndef _IPT_CONNMARK_H_target
 +#define _IPT_CONNMARK_H_target
@@ -40,9 +38,8 @@ diff -urN linux.old/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux.dev/includ
 +};
 +
 +#endif /*_IPT_CONNMARK_H_target*/
-diff -urN linux.old/include/linux/netfilter_ipv4/ipt_connmark.h linux.dev/include/linux/netfilter_ipv4/ipt_connmark.h
---- linux.old/include/linux/netfilter_ipv4/ipt_connmark.h	1970-01-01 01:00:00.000000000 +0100
-+++ linux.dev/include/linux/netfilter_ipv4/ipt_connmark.h	2005-08-20 20:19:41.058329864 +0200
+--- /dev/null
++++ b/include/linux/netfilter_ipv4/ipt_connmark.h
 @@ -0,0 +1,18 @@
 +#ifndef _IPT_CONNMARK_H
 +#define _IPT_CONNMARK_H
@@ -62,20 +59,17 @@ diff -urN linux.old/include/linux/netfilter_ipv4/ipt_connmark.h linux.dev/includ
 +};
 +
 +#endif /*_IPT_CONNMARK_H*/
-diff -urN linux.old/net/ipv4/netfilter/Config.in linux.dev/net/ipv4/netfilter/Config.in
---- linux.old/net/ipv4/netfilter/Config.in	2005-08-20 20:02:09.325416000 +0200
-+++ linux.dev/net/ipv4/netfilter/Config.in	2005-08-20 20:29:11.546602464 +0200
-@@ -6,7 +6,8 @@
+--- a/net/ipv4/netfilter/Config.in
++++ b/net/ipv4/netfilter/Config.in
+@@ -6,6 +6,7 @@ comment '  IP: Netfilter Configuration'
  
  tristate 'Connection tracking (required for masq/NAT)' CONFIG_IP_NF_CONNTRACK
  if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; then
--  dep_tristate '  FTP protocol support' CONFIG_IP_NF_FTP $CONFIG_IP_NF_CONNTRACK
 +  bool '  Connection mark tracking support' CONFIG_IP_NF_CONNTRACK_MARK
-+  dep_tristate '  FTP protocol support' CONFIG_IP_NF_FTP $CONFIG_IP_NF_CONNTRACKa
+   dep_tristate '  FTP protocol support' CONFIG_IP_NF_FTP $CONFIG_IP_NF_CONNTRACK
    dep_tristate '  Amanda protocol support' CONFIG_IP_NF_AMANDA $CONFIG_IP_NF_CONNTRACK
    dep_tristate '  TFTP protocol support' CONFIG_IP_NF_TFTP $CONFIG_IP_NF_CONNTRACK
-   dep_tristate '  IRC protocol support' CONFIG_IP_NF_IRC $CONFIG_IP_NF_CONNTRACK
-@@ -42,6 +43,9 @@
+@@ -40,6 +41,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
    if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; then
      dep_tristate '  Connection state match support' CONFIG_IP_NF_MATCH_STATE $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES 
      dep_tristate '  Connection tracking match support' CONFIG_IP_NF_MATCH_CONNTRACK $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES 
@@ -85,9 +79,9 @@ diff -urN linux.old/net/ipv4/netfilter/Config.in linux.dev/net/ipv4/netfilter/Co
    fi
    if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
      dep_tristate '  Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES
-@@ -125,6 +129,9 @@
-  
+@@ -110,6 +114,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
      dep_tristate '    MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE
+     dep_tristate '    CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE
    fi
 +  if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then
 +    dep_tristate '  CONNMARK target support' CONFIG_IP_NF_TARGET_CONNMARK $CONFIG_IP_NF_IPTABLES
@@ -95,10 +89,9 @@ diff -urN linux.old/net/ipv4/netfilter/Config.in linux.dev/net/ipv4/netfilter/Co
    dep_tristate '  LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES
    dep_tristate '  TTL target support' CONFIG_IP_NF_TARGET_TTL $CONFIG_IP_NF_IPTABLES
    dep_tristate '  ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES
-diff -urN linux.old/net/ipv4/netfilter/Makefile linux.dev/net/ipv4/netfilter/Makefile
---- linux.old/net/ipv4/netfilter/Makefile	2005-08-20 20:02:09.326416000 +0200
-+++ linux.dev/net/ipv4/netfilter/Makefile	2005-08-20 20:29:54.081136232 +0200
-@@ -93,6 +93,7 @@
+--- a/net/ipv4/netfilter/Makefile
++++ b/net/ipv4/netfilter/Makefile
+@@ -84,6 +84,7 @@ obj-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_
  
  obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o
  obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state.o
@@ -106,18 +99,17 @@ diff -urN linux.old/net/ipv4/netfilter/Makefile linux.dev/net/ipv4/netfilter/Mak
  obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o
  obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o
  obj-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss.o
-@@ -110,6 +111,7 @@
- obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o
+@@ -102,6 +103,7 @@ obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += i
+ obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
  obj-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic.o
  obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o
 +obj-$(CONFIG_IP_NF_TARGET_CONNMARK) += ipt_CONNMARK.o
  obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o
  obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o
  obj-$(CONFIG_IP_NF_TARGET_TCPMSS) += ipt_TCPMSS.o
-diff -urN linux.old/net/ipv4/netfilter/ip_conntrack_core.c linux.dev/net/ipv4/netfilter/ip_conntrack_core.c
---- linux.old/net/ipv4/netfilter/ip_conntrack_core.c	2005-08-20 20:02:06.828795000 +0200
-+++ linux.dev/net/ipv4/netfilter/ip_conntrack_core.c	2005-08-20 20:33:23.308328864 +0200
-@@ -755,6 +755,9 @@
+--- a/net/ipv4/netfilter/ip_conntrack_core.c
++++ b/net/ipv4/netfilter/ip_conntrack_core.c
+@@ -750,6 +750,9 @@ init_conntrack(const struct ip_conntrack
  		__set_bit(IPS_EXPECTED_BIT, &conntrack->status);
  		conntrack->master = expected;
  		expected->sibling = conntrack;
@@ -127,10 +119,9 @@ diff -urN linux.old/net/ipv4/netfilter/ip_conntrack_core.c linux.dev/net/ipv4/ne
  		LIST_DELETE(&ip_conntrack_expect_list, expected);
  		expected->expectant->expecting--;
  		nf_conntrack_get(&master_ct(conntrack)->infos[0]);
-diff -urN linux.old/net/ipv4/netfilter/ip_conntrack_standalone.c linux.dev/net/ipv4/netfilter/ip_conntrack_standalone.c
---- linux.old/net/ipv4/netfilter/ip_conntrack_standalone.c	2005-08-20 20:02:06.583833000 +0200
-+++ linux.dev/net/ipv4/netfilter/ip_conntrack_standalone.c	2005-08-20 20:32:15.364657872 +0200
-@@ -107,6 +107,9 @@
+--- a/net/ipv4/netfilter/ip_conntrack_standalone.c
++++ b/net/ipv4/netfilter/ip_conntrack_standalone.c
+@@ -107,6 +107,9 @@ print_conntrack(char *buffer, struct ip_
  		len += sprintf(buffer + len, "[ASSURED] ");
  	len += sprintf(buffer + len, "use=%u ",
  		       atomic_read(&conntrack->ct_general.use));
@@ -140,9 +131,8 @@ diff -urN linux.old/net/ipv4/netfilter/ip_conntrack_standalone.c linux.dev/net/i
  
  	#if defined(CONFIG_IP_NF_MATCH_LAYER7) || defined(CONFIG_IP_NF_MATCH_LAYER7_MODULE)
  	if(conntrack->layer7.app_proto)
-diff -urN linux.old/net/ipv4/netfilter/ipt_CONNMARK.c linux.dev/net/ipv4/netfilter/ipt_CONNMARK.c
---- linux.old/net/ipv4/netfilter/ipt_CONNMARK.c	1970-01-01 01:00:00.000000000 +0100
-+++ linux.dev/net/ipv4/netfilter/ipt_CONNMARK.c	2005-08-20 20:21:28.666970864 +0200
+--- /dev/null
++++ b/net/ipv4/netfilter/ipt_CONNMARK.c
 @@ -0,0 +1,118 @@
 +/* This kernel module is used to modify the connection mark values, or
 + * to optionally restore the skb nfmark from the connection mark
@@ -262,9 +252,8 @@ diff -urN linux.old/net/ipv4/netfilter/ipt_CONNMARK.c linux.dev/net/ipv4/netfilt
 +
 +module_init(init);
 +module_exit(fini);
-diff -urN linux.old/net/ipv4/netfilter/ipt_connmark.c linux.dev/net/ipv4/netfilter/ipt_connmark.c
---- linux.old/net/ipv4/netfilter/ipt_connmark.c	1970-01-01 01:00:00.000000000 +0100
-+++ linux.dev/net/ipv4/netfilter/ipt_connmark.c	2005-08-20 20:21:28.666970864 +0200
+--- /dev/null
++++ b/net/ipv4/netfilter/ipt_connmark.c
 @@ -0,0 +1,83 @@
 +/* This kernel module matches connection mark values set by the
 + * CONNMARK target