[netfilter-cvslog] r3800 - branches/netfilter-ha/linux-2.6-actact/patches

laforge at netfilter.org laforge at netfilter.org
Thu Mar 17 12:27:07 CET 2005


Author: laforge at netfilter.org
Date: 2005-03-17 12:27:07 +0100 (Thu, 17 Mar 2005)
New Revision: 3800

Added:
   branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch
   branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch
Modified:
   branches/netfilter-ha/linux-2.6-actact/patches/series
Log:
add generic netfilter sysfs patch; add inet_pton6.patch


Added: branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch	2005-03-17 11:25:40 UTC (rev 3799)
+++ branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch	2005-03-17 11:27:07 UTC (rev 3800)
@@ -0,0 +1,202 @@
+Add functions for parsing ipv6 addresses from ASCII/hex representation into 
+network byte order.  Copied from uClubc-0.9.27, original copyright apparently 
+by Paul Vixie (BSD licensed).
+
+This is required by ct_sync when compiled with ipv6 support.
+
+Index: linux-2.6.10-wrap-nfsroot/net/ipv6/Makefile
+===================================================================
+--- linux-2.6.10-wrap-nfsroot.orig/net/ipv6/Makefile	2004-12-24 22:35:24.000000000 +0100
++++ linux-2.6.10-wrap-nfsroot/net/ipv6/Makefile	2005-03-17 11:47:21.000000000 +0100
+@@ -8,7 +8,7 @@
+ 		route.o ip6_fib.o ipv6_sockglue.o ndisc.o udp.o raw.o \
+ 		protocol.o icmp.o mcast.o reassembly.o tcp_ipv6.o \
+ 		exthdrs.o sysctl_net_ipv6.o datagram.o proc.o \
+-		ip6_flowlabel.o ipv6_syms.o
++		ip6_flowlabel.o ipv6_syms.o utils.o
+ 
+ ipv6-$(CONFIG_XFRM) += xfrm6_policy.o xfrm6_state.o xfrm6_input.o \
+ 	xfrm6_output.o
+Index: linux-2.6.10-wrap-nfsroot/net/ipv6/utils.c
+===================================================================
+--- /dev/null	1970-01-01 00:00:00.000000000 +0000
++++ linux-2.6.10-wrap-nfsroot/net/ipv6/utils.c	2005-03-17 11:54:31.000000000 +0100
+@@ -0,0 +1,108 @@
++
++
++/* int
++ * inet_pton6(src, dst)
++ *	convert presentation level address to network order binary form.
++ * return:
++ *	1 if `src' is a valid [RFC1884 2.2] address, else 0.
++ * notice:
++ *	(1) does not touch `dst' unless it's returning 1.
++ *	(2) :: in a full address is silently ignored.
++ * credit:
++ *	inspired by Mark Andrews.
++ * author:
++ *	Paul Vixie, 1996.
++ */
++
++#include <linux/module.h>
++#include <linux/types.h>
++#include <linux/ctype.h>
++#include <linux/string.h>
++#include <linux/inet.h>
++
++int
++inet_pton6(const char *src, u_char *dst)
++{
++	static const char xdigits[] = "0123456789abcdef";
++	u_char tmp[16], *tp, *endp, *colonp;
++	const char *curtok;
++	int ch, saw_xdigit;
++	u_int val;
++
++
++	tp = memset(tmp, '\0', 16);
++	endp = tp + 16;
++	colonp = NULL;
++	/* Leading :: requires some special handling. */
++	if (*src == ':')
++		if (*++src != ':')
++			return (0);
++	curtok = src;
++	saw_xdigit = 0;
++	val = 0;
++	while ((ch = tolower (*src++)) != '\0') {
++		const char *pch;
++
++		pch = strchr(xdigits, ch);
++		if (pch != NULL) {
++			val <<= 4;
++			val |= (pch - xdigits);
++			if (val > 0xffff)
++				return (0);
++			saw_xdigit = 1;
++			continue;
++		}
++		if (ch == ':') {
++			curtok = src;
++			if (!saw_xdigit) {
++				if (colonp)
++					return (0);
++				colonp = tp;
++				continue;
++			} else if (*src == '\0') {
++				return (0);
++			}
++			if (tp + 2 > endp)
++				return (0);
++			*tp++ = (u_char) (val >> 8) & 0xff;
++			*tp++ = (u_char) val & 0xff;
++			saw_xdigit = 0;
++			val = 0;
++			continue;
++		}
++		if (ch == '.' && ((tp + 4) <= endp) &&
++		    inet_pton4(curtok, tp) > 0) {
++			tp += 4;
++			saw_xdigit = 0;
++			break;	/* '\0' was seen by inet_pton4(). */
++		}
++		return (0);
++	}
++	if (saw_xdigit) {
++		if (tp + 2 > endp)
++			return (0);
++		*tp++ = (u_char) (val >> 8) & 0xff;
++		*tp++ = (u_char) val & 0xff;
++	}
++	if (colonp != NULL) {
++		/*
++		 * Since some memmove()'s erroneously fail to handle
++		 * overlapping regions, we'll do the shift by hand.
++		 */
++		const int n = tp - colonp;
++		int i;
++
++		if (tp == endp)
++			return (0);
++		for (i = 1; i <= n; i++) {
++			endp[- i] = colonp[n - i];
++			colonp[n - i] = 0;
++		}
++		tp = endp;
++	}
++	if (tp != endp)
++		return (0);
++	memcpy(dst, tmp, 16);
++	return (1);
++}
++EXPORT_SYMBOL(inet_pton6);
+Index: linux-2.6.10-wrap-nfsroot/net/ipv4/utils.c
+===================================================================
+--- linux-2.6.10-wrap-nfsroot.orig/net/ipv4/utils.c	2004-12-24 22:34:44.000000000 +0100
++++ linux-2.6.10-wrap-nfsroot/net/ipv4/utils.c	2005-03-17 11:53:57.000000000 +0100
+@@ -55,5 +55,52 @@
+ 	}
+ 	return(htonl(l));
+ }
+-
+ EXPORT_SYMBOL(in_aton);
++
++/* int
++ * inet_pton4(src, dst)
++ *	like inet_aton() but without all the hexadecimal and shorthand.
++ * return:
++ *	1 if `src' is a valid dotted quad, else 0.
++ * notice:
++ *	does not touch `dst' unless it's returning 1.
++ * author:
++ *	Paul Vixie, 1996.
++ */
++int
++inet_pton4(const char *src, u_char *dst)
++{
++	int saw_digit, octets, ch;
++	u_char tmp[4], *tp;
++
++	saw_digit = 0;
++	octets = 0;
++	*(tp = tmp) = 0;
++	while ((ch = *src++) != '\0') {
++
++		if (ch >= '0' && ch <= '9') {
++			u_int new = *tp * 10 + (ch - '0');
++
++			if (new > 255)
++				return (0);
++			*tp = new;
++			if (! saw_digit) {
++				if (++octets > 4)
++					return (0);
++				saw_digit = 1;
++			}
++		} else if (ch == '.' && saw_digit) {
++			if (octets == 4)
++				return (0);
++			*++tp = 0;
++			saw_digit = 0;
++		} else
++			return (0);
++	}
++	if (octets < 4)
++		return (0);
++	memcpy(dst, tmp, 4);
++	return (1);
++}
++EXPORT_SYMBOL(inet_pton4);
++
+Index: linux-2.6.10-wrap-nfsroot/include/linux/inet.h
+===================================================================
+--- linux-2.6.10-wrap-nfsroot.orig/include/linux/inet.h	2004-12-24 22:34:26.000000000 +0100
++++ linux-2.6.10-wrap-nfsroot/include/linux/inet.h	2005-03-17 11:53:33.000000000 +0100
+@@ -46,5 +46,7 @@
+ #include <linux/types.h>
+ 
+ extern __u32 in_aton(const char *str);
++extern int inet_pton4(const char *src, unsigned char *dst);
++extern int inet_pton6(const char *src, unsigned char *dst);
+ #endif
+ #endif	/* _LINUX_INET_H */

Added: branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch	2005-03-17 11:25:40 UTC (rev 3799)
+++ branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch	2005-03-17 11:27:07 UTC (rev 3800)
@@ -0,0 +1,337 @@
+Index: linux-2.6.10-ctsync/include/linux/netfilter.h
+===================================================================
+--- linux-2.6.10-ctsync.orig/include/linux/netfilter.h	2005-03-06 17:01:42.000000000 +0100
++++ linux-2.6.10-ctsync/include/linux/netfilter.h	2005-03-07 22:08:13.000000000 +0100
+@@ -187,5 +187,20 @@
+ static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
+ #endif /*CONFIG_NETFILTER*/
+ 
++struct nf_kset {
++	struct list_head	list;
++	struct kset		kset;
++};
++
++struct nf_subsys {
++	char 			name[32];
++	struct subsystem	subsys;
++};
++
++extern int nf_subsys_register(struct nf_subsys *);
++extern void nf_subsys_unregister(struct nf_subsys *);
++extern int nf_kset_register(struct nf_subsys *, struct kset *);
++extern void nf_kset_unregister(struct kset *);
++
+ #endif /*__KERNEL__*/
+ #endif /*__LINUX_NETFILTER_H*/
+Index: linux-2.6.10-ctsync/net/core/netfilter.c
+===================================================================
+--- linux-2.6.10-ctsync.orig/net/core/netfilter.c	2005-03-06 17:01:46.000000000 +0100
++++ linux-2.6.10-ctsync/net/core/netfilter.c	2005-03-07 22:09:53.000000000 +0100
+@@ -9,6 +9,7 @@
+  * February 2000: Modified by James Morris to have 1 queue per protocol.
+  * 15-Mar-2000:   Added NF_REPEAT --RR.
+  * 08-May-2003:	  Internal logging interface added by Jozsef Kadlecsik.
++ * 07-Mar-2005:   Add sysfs interface (Harald Welte)
+  */
+ #include <linux/config.h>
+ #include <linux/kernel.h>
+@@ -819,6 +820,49 @@
+ 	}
+ }
+ 
++static struct kobj_type netfilter_ktype = {
++};
++
++decl_subsys(netfilter, &netfilter_ktype, NULL);
++
++int nf_subsys_register(struct nf_subsys *cls)
++{
++	int ret = 0;
++
++	ret = kobject_set_name(&cls->subsys.kset.kobj, "%s", cls->name);
++	if (ret)
++		goto out;
++
++	subsys_set_kset(cls, netfilter_subsys);
++	ret = subsystem_register(&cls->subsys);
++	if (ret)
++		goto out;
++
++out:
++	return ret;
++}
++EXPORT_SYMBOL_GPL(nf_subsys_register);
++
++void nf_subsys_unregister(struct nf_subsys *cls)
++{
++	subsystem_unregister(&cls->subsys);
++}
++EXPORT_SYMBOL_GPL(nf_subsys_unregister);
++
++int nf_kset_register(struct nf_subsys *subsys, struct kset *kset)
++{
++	kset->subsys = &subsys->subsys;
++	return kset_register(kset);
++}
++EXPORT_SYMBOL_GPL(nf_kset_register);
++
++void nf_kset_unregister(struct kset *kset)
++{
++	kset_unregister(kset);
++}
++EXPORT_SYMBOL_GPL(nf_kset_unregister);
++
++
+ void __init netfilter_init(void)
+ {
+ 	int i, h;
+@@ -827,6 +871,8 @@
+ 		for (h = 0; h < NF_MAX_HOOKS; h++)
+ 			INIT_LIST_HEAD(&nf_hooks[i][h]);
+ 	}
++
++	subsystem_register(&netfilter_subsys);
+ }
+ 
+ EXPORT_SYMBOL(ip_ct_attach);
+Index: linux-2.6.10-ctsync/include/linux/netfilter_ipv4/ip_tables.h
+===================================================================
+--- linux-2.6.10-ctsync.orig/include/linux/netfilter_ipv4/ip_tables.h	2004-12-24 22:34:57.000000000 +0100
++++ linux-2.6.10-ctsync/include/linux/netfilter_ipv4/ip_tables.h	2005-03-08 10:29:48.703408432 +0100
+@@ -346,6 +346,8 @@
+ 
+ 	const char name[IPT_FUNCTION_MAXNAMELEN];
+ 
++	struct kobject kobj;
++
+ 	/* Return true or false: return FALSE and set *hotdrop = 1 to
+            force immediate packet drop. */
+ 	/* Arguments changed since 2.4, as this must now handle
+@@ -380,6 +382,8 @@
+ 
+ 	const char name[IPT_FUNCTION_MAXNAMELEN];
+ 
++	struct kobject kobj;
++
+ 	/* Called when user tries to insert an entry of this type:
+            hook_mask is a bitmask of hooks from which it can be
+            called. */
+@@ -425,6 +429,8 @@
+ 	/* A unique name... */
+ 	char name[IPT_TABLE_MAXNAMELEN];
+ 
++	struct kobject kobj;
++
+ 	/* Seed table: copied in register_table */
+ 	struct ipt_replace *table;
+ 
+Index: linux-2.6.10-ctsync/net/ipv4/netfilter/ip_tables.c
+===================================================================
+--- linux-2.6.10-ctsync.orig/net/ipv4/netfilter/ip_tables.c	2004-12-24 22:34:26.000000000 +0100
++++ linux-2.6.10-ctsync/net/ipv4/netfilter/ip_tables.c	2005-03-08 10:36:02.688554048 +0100
+@@ -11,12 +11,16 @@
+  * 19 Jan 2002 Harald Welte <laforge at gnumonks.org>
+  * 	- increase module usage count as soon as we have rules inside
+  * 	  a table
++ * 07 Mar 2005 Harald Welte <laforge at netfilter.org>
++ * 	- add sysfs interface
+  */
+ #include <linux/config.h>
+ #include <linux/cache.h>
+ #include <linux/skbuff.h>
+ #include <linux/kmod.h>
+ #include <linux/vmalloc.h>
++#include <linux/kobject.h>
++#include <linux/sysfs.h>
+ #include <linux/netdevice.h>
+ #include <linux/module.h>
+ #include <linux/tcp.h>
+@@ -124,6 +128,64 @@
+ #define up(x) do { printk("UP:%u:" #x "\n", __LINE__); up(x); } while(0)
+ #endif
+ 
++static ssize_t
++table_attr_show(struct kobject *kobj, struct attribute *attr, char *buf)
++{
++	return 0;
++}
++static ssize_t
++target_attr_show(struct kobject *kobj, struct attribute *attr, char *buf)
++{
++	return 0;
++}
++static ssize_t
++match_attr_show(struct kobject *kobj, struct attribute *attr, char *buf)
++{
++	return 0;
++}
++
++static struct sysfs_ops table_sysfs_ops = {
++	.show	= table_attr_show,
++};
++struct kobj_type ktype_table = {
++	.sysfs_ops 	= &table_sysfs_ops,
++};
++struct kset ipt_table_kset = {
++	.kobj 	= {
++		.name = "tables",
++	},
++	.ktype	= &ktype_table,
++};
++static struct sysfs_ops target_sysfs_ops = {
++	.show	= target_attr_show,
++};
++struct kobj_type ktype_target = {
++	.sysfs_ops	= &target_sysfs_ops,
++};
++struct kset ipt_target_kset = {
++	.kobj	= {
++		.name = "targets",
++	},
++	.ktype	= &ktype_target,
++};
++static struct sysfs_ops match_sysfs_ops = {
++	.show	= match_attr_show,
++};
++struct kobj_type ktype_match = {
++	.sysfs_ops	= &match_sysfs_ops,
++};
++struct kset ipt_match_kset = {
++	.kobj	= {
++		.name = "matches",
++	},
++	.ktype	= &ktype_match,
++};
++
++struct nf_subsys nfss_iptables = {
++	.name = "ip_tables",
++};
++
++
+ /* Returns whether matches rule or not. */
+ static inline int
+ ip_packet_match(const struct iphdr *ip,
+@@ -1343,7 +1405,23 @@
+ 		duprintf("ipt_register_target: `%s' already in list!\n",
+ 			 target->name);
+ 		ret = -EINVAL;
++		goto unlock_out;
+ 	}
++	memset(&target->kobj, 0, sizeof(target->kobj));
++	ret = kobject_set_name(&target->kobj, "%s", target->name);
++	if (ret < 0)
++		goto listdel_out;
++
++	target->kobj.parent = &ipt_target_kset.kobj;
++	target->kobj.kset = &ipt_target_kset;
++	target->kobj.ktype = &ktype_target;
++	ret = kobject_register(&target->kobj);
++	if (ret == 0)
++		goto unlock_out;
++
++listdel_out:
++	LIST_DELETE(&ipt_target, target);
++unlock_out:
+ 	up(&ipt_mutex);
+ 	return ret;
+ }
+@@ -1352,6 +1430,7 @@
+ ipt_unregister_target(struct ipt_target *target)
+ {
+ 	down(&ipt_mutex);
++	kobject_unregister(&target->kobj);
+ 	LIST_DELETE(&ipt_target, target);
+ 	up(&ipt_mutex);
+ }
+@@ -1369,9 +1448,24 @@
+ 		duprintf("ipt_register_match: `%s' already in list!\n",
+ 			 match->name);
+ 		ret = -EINVAL;
++		goto unlock_out;
+ 	}
+-	up(&ipt_mutex);
++	memset(&match->kobj, 0, sizeof(match->kobj));
++	ret = kobject_set_name(&match->kobj, "%s", match->name);
++	if (ret < 0)
++		goto listdel_out;
++	match->kobj.parent = &ipt_match_kset.kobj;
++	match->kobj.kset = &ipt_match_kset;
++	match->kobj.ktype = &ktype_match;
++	ret = kobject_register(&match->kobj);
++	if (ret == 0)
++		goto unlock_out;
+ 
++listdel_out:
++	LIST_DELETE(&ipt_match, match);
++unlock_out:
++	up(&ipt_mutex);
++	printk(KERN_DEBUG "returning %d\n", ret);
+ 	return ret;
+ }
+ 
+@@ -1379,6 +1473,7 @@
+ ipt_unregister_match(struct ipt_match *match)
+ {
+ 	down(&ipt_mutex);
++	kobject_unregister(&match->kobj);
+ 	LIST_DELETE(&ipt_match, match);
+ 	up(&ipt_mutex);
+ }
+@@ -1433,10 +1528,23 @@
+ 	rwlock_init(&table->lock);
+ 	list_prepend(&ipt_tables, table);
+ 
++	ret = kobject_set_name(&table->kobj, "%s", table->name);
++	if (ret < 0)
++		goto list_unlock;
++
++	table->kobj.parent = &ipt_table_kset.kobj;
++	table->kobj.kset = &ipt_table_kset;
++	table->kobj.ktype = &ktype_table;
++	ret = kobject_register(&table->kobj);
++	if (ret < 0)
++		goto list_unlock;
++
+  unlock:
+ 	up(&ipt_mutex);
+ 	return ret;
+ 
++ list_unlock:
++	LIST_DELETE(&ipt_tables, table);
+  free_unlock:
+ 	vfree(newinfo);
+ 	goto unlock;
+@@ -1445,6 +1553,7 @@
+ void ipt_unregister_table(struct ipt_table *table)
+ {
+ 	down(&ipt_mutex);
++	kobject_unregister(&table->kobj);
+ 	LIST_DELETE(&ipt_tables, table);
+ 	up(&ipt_mutex);
+ 
+@@ -1866,12 +1975,24 @@
+ 	}
+ #endif
+ 
+-	printk("ip_tables: (C) 2000-2002 Netfilter core team\n");
++	/* sysfs interface */
++	nf_subsys_register(&nfss_iptables);
++	nf_kset_register(&nfss_iptables, &ipt_table_kset);
++	nf_kset_register(&nfss_iptables, &ipt_target_kset);
++	nf_kset_register(&nfss_iptables, &ipt_match_kset);
++
++	printk("ip_tables: (C) 2000-2005 Netfilter core team\n");
+ 	return 0;
+ }
+ 
+ static void __exit fini(void)
+ {
++	/* sysfs interface */
++	nf_kset_unregister(&ipt_match_kset);
++	nf_kset_unregister(&ipt_target_kset);
++	nf_kset_unregister(&ipt_table_kset);
++	nf_subsys_unregister(&nfss_iptables);
++
+ 	nf_unregister_sockopt(&ipt_sockopts);
+ #ifdef CONFIG_PROC_FS
+ 	{

Modified: branches/netfilter-ha/linux-2.6-actact/patches/series
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/series	2005-03-17 11:25:40 UTC (rev 3799)
+++ branches/netfilter-ha/linux-2.6-actact/patches/series	2005-03-17 11:27:07 UTC (rev 3800)
@@ -9,3 +9,5 @@
 conntrack_hash_manip.patch 
 conntrack_alloc.patch 
 ct_sync_config_and_makefile.patch
+netfilter_sysfs.patch
+inet_pton6.patch




More information about the netfilter-cvslog mailing list