[netfilter-cvslog] r3800 -
branches/netfilter-ha/linux-2.6-actact/patches
laforge at netfilter.org
laforge at netfilter.org
Thu Mar 17 12:27:07 CET 2005
Author: laforge at netfilter.org
Date: 2005-03-17 12:27:07 +0100 (Thu, 17 Mar 2005)
New Revision: 3800
Added:
branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch
branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch
Modified:
branches/netfilter-ha/linux-2.6-actact/patches/series
Log:
add generic netfilter sysfs patch; add inet_pton6.patch
Added: branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch 2005-03-17 11:25:40 UTC (rev 3799)
+++ branches/netfilter-ha/linux-2.6-actact/patches/inet_pton6.patch 2005-03-17 11:27:07 UTC (rev 3800)
@@ -0,0 +1,202 @@
+Add functions for parsing ipv6 addresses from ASCII/hex representation into
+network byte order. Copied from uClubc-0.9.27, original copyright apparently
+by Paul Vixie (BSD licensed).
+
+This is required by ct_sync when compiled with ipv6 support.
+
+Index: linux-2.6.10-wrap-nfsroot/net/ipv6/Makefile
+===================================================================
+--- linux-2.6.10-wrap-nfsroot.orig/net/ipv6/Makefile 2004-12-24 22:35:24.000000000 +0100
++++ linux-2.6.10-wrap-nfsroot/net/ipv6/Makefile 2005-03-17 11:47:21.000000000 +0100
+@@ -8,7 +8,7 @@
+ route.o ip6_fib.o ipv6_sockglue.o ndisc.o udp.o raw.o \
+ protocol.o icmp.o mcast.o reassembly.o tcp_ipv6.o \
+ exthdrs.o sysctl_net_ipv6.o datagram.o proc.o \
+- ip6_flowlabel.o ipv6_syms.o
++ ip6_flowlabel.o ipv6_syms.o utils.o
+
+ ipv6-$(CONFIG_XFRM) += xfrm6_policy.o xfrm6_state.o xfrm6_input.o \
+ xfrm6_output.o
+Index: linux-2.6.10-wrap-nfsroot/net/ipv6/utils.c
+===================================================================
+--- /dev/null 1970-01-01 00:00:00.000000000 +0000
++++ linux-2.6.10-wrap-nfsroot/net/ipv6/utils.c 2005-03-17 11:54:31.000000000 +0100
+@@ -0,0 +1,108 @@
++
++
++/* int
++ * inet_pton6(src, dst)
++ * convert presentation level address to network order binary form.
++ * return:
++ * 1 if `src' is a valid [RFC1884 2.2] address, else 0.
++ * notice:
++ * (1) does not touch `dst' unless it's returning 1.
++ * (2) :: in a full address is silently ignored.
++ * credit:
++ * inspired by Mark Andrews.
++ * author:
++ * Paul Vixie, 1996.
++ */
++
++#include <linux/module.h>
++#include <linux/types.h>
++#include <linux/ctype.h>
++#include <linux/string.h>
++#include <linux/inet.h>
++
++int
++inet_pton6(const char *src, u_char *dst)
++{
++ static const char xdigits[] = "0123456789abcdef";
++ u_char tmp[16], *tp, *endp, *colonp;
++ const char *curtok;
++ int ch, saw_xdigit;
++ u_int val;
++
++
++ tp = memset(tmp, '\0', 16);
++ endp = tp + 16;
++ colonp = NULL;
++ /* Leading :: requires some special handling. */
++ if (*src == ':')
++ if (*++src != ':')
++ return (0);
++ curtok = src;
++ saw_xdigit = 0;
++ val = 0;
++ while ((ch = tolower (*src++)) != '\0') {
++ const char *pch;
++
++ pch = strchr(xdigits, ch);
++ if (pch != NULL) {
++ val <<= 4;
++ val |= (pch - xdigits);
++ if (val > 0xffff)
++ return (0);
++ saw_xdigit = 1;
++ continue;
++ }
++ if (ch == ':') {
++ curtok = src;
++ if (!saw_xdigit) {
++ if (colonp)
++ return (0);
++ colonp = tp;
++ continue;
++ } else if (*src == '\0') {
++ return (0);
++ }
++ if (tp + 2 > endp)
++ return (0);
++ *tp++ = (u_char) (val >> 8) & 0xff;
++ *tp++ = (u_char) val & 0xff;
++ saw_xdigit = 0;
++ val = 0;
++ continue;
++ }
++ if (ch == '.' && ((tp + 4) <= endp) &&
++ inet_pton4(curtok, tp) > 0) {
++ tp += 4;
++ saw_xdigit = 0;
++ break; /* '\0' was seen by inet_pton4(). */
++ }
++ return (0);
++ }
++ if (saw_xdigit) {
++ if (tp + 2 > endp)
++ return (0);
++ *tp++ = (u_char) (val >> 8) & 0xff;
++ *tp++ = (u_char) val & 0xff;
++ }
++ if (colonp != NULL) {
++ /*
++ * Since some memmove()'s erroneously fail to handle
++ * overlapping regions, we'll do the shift by hand.
++ */
++ const int n = tp - colonp;
++ int i;
++
++ if (tp == endp)
++ return (0);
++ for (i = 1; i <= n; i++) {
++ endp[- i] = colonp[n - i];
++ colonp[n - i] = 0;
++ }
++ tp = endp;
++ }
++ if (tp != endp)
++ return (0);
++ memcpy(dst, tmp, 16);
++ return (1);
++}
++EXPORT_SYMBOL(inet_pton6);
+Index: linux-2.6.10-wrap-nfsroot/net/ipv4/utils.c
+===================================================================
+--- linux-2.6.10-wrap-nfsroot.orig/net/ipv4/utils.c 2004-12-24 22:34:44.000000000 +0100
++++ linux-2.6.10-wrap-nfsroot/net/ipv4/utils.c 2005-03-17 11:53:57.000000000 +0100
+@@ -55,5 +55,52 @@
+ }
+ return(htonl(l));
+ }
+-
+ EXPORT_SYMBOL(in_aton);
++
++/* int
++ * inet_pton4(src, dst)
++ * like inet_aton() but without all the hexadecimal and shorthand.
++ * return:
++ * 1 if `src' is a valid dotted quad, else 0.
++ * notice:
++ * does not touch `dst' unless it's returning 1.
++ * author:
++ * Paul Vixie, 1996.
++ */
++int
++inet_pton4(const char *src, u_char *dst)
++{
++ int saw_digit, octets, ch;
++ u_char tmp[4], *tp;
++
++ saw_digit = 0;
++ octets = 0;
++ *(tp = tmp) = 0;
++ while ((ch = *src++) != '\0') {
++
++ if (ch >= '0' && ch <= '9') {
++ u_int new = *tp * 10 + (ch - '0');
++
++ if (new > 255)
++ return (0);
++ *tp = new;
++ if (! saw_digit) {
++ if (++octets > 4)
++ return (0);
++ saw_digit = 1;
++ }
++ } else if (ch == '.' && saw_digit) {
++ if (octets == 4)
++ return (0);
++ *++tp = 0;
++ saw_digit = 0;
++ } else
++ return (0);
++ }
++ if (octets < 4)
++ return (0);
++ memcpy(dst, tmp, 4);
++ return (1);
++}
++EXPORT_SYMBOL(inet_pton4);
++
+Index: linux-2.6.10-wrap-nfsroot/include/linux/inet.h
+===================================================================
+--- linux-2.6.10-wrap-nfsroot.orig/include/linux/inet.h 2004-12-24 22:34:26.000000000 +0100
++++ linux-2.6.10-wrap-nfsroot/include/linux/inet.h 2005-03-17 11:53:33.000000000 +0100
+@@ -46,5 +46,7 @@
+ #include <linux/types.h>
+
+ extern __u32 in_aton(const char *str);
++extern int inet_pton4(const char *src, unsigned char *dst);
++extern int inet_pton6(const char *src, unsigned char *dst);
+ #endif
+ #endif /* _LINUX_INET_H */
Added: branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch 2005-03-17 11:25:40 UTC (rev 3799)
+++ branches/netfilter-ha/linux-2.6-actact/patches/netfilter_sysfs.patch 2005-03-17 11:27:07 UTC (rev 3800)
@@ -0,0 +1,337 @@
+Index: linux-2.6.10-ctsync/include/linux/netfilter.h
+===================================================================
+--- linux-2.6.10-ctsync.orig/include/linux/netfilter.h 2005-03-06 17:01:42.000000000 +0100
++++ linux-2.6.10-ctsync/include/linux/netfilter.h 2005-03-07 22:08:13.000000000 +0100
+@@ -187,5 +187,20 @@
+ static inline void nf_ct_attach(struct sk_buff *new, struct sk_buff *skb) {}
+ #endif /*CONFIG_NETFILTER*/
+
++struct nf_kset {
++ struct list_head list;
++ struct kset kset;
++};
++
++struct nf_subsys {
++ char name[32];
++ struct subsystem subsys;
++};
++
++extern int nf_subsys_register(struct nf_subsys *);
++extern void nf_subsys_unregister(struct nf_subsys *);
++extern int nf_kset_register(struct nf_subsys *, struct kset *);
++extern void nf_kset_unregister(struct kset *);
++
+ #endif /*__KERNEL__*/
+ #endif /*__LINUX_NETFILTER_H*/
+Index: linux-2.6.10-ctsync/net/core/netfilter.c
+===================================================================
+--- linux-2.6.10-ctsync.orig/net/core/netfilter.c 2005-03-06 17:01:46.000000000 +0100
++++ linux-2.6.10-ctsync/net/core/netfilter.c 2005-03-07 22:09:53.000000000 +0100
+@@ -9,6 +9,7 @@
+ * February 2000: Modified by James Morris to have 1 queue per protocol.
+ * 15-Mar-2000: Added NF_REPEAT --RR.
+ * 08-May-2003: Internal logging interface added by Jozsef Kadlecsik.
++ * 07-Mar-2005: Add sysfs interface (Harald Welte)
+ */
+ #include <linux/config.h>
+ #include <linux/kernel.h>
+@@ -819,6 +820,49 @@
+ }
+ }
+
++static struct kobj_type netfilter_ktype = {
++};
++
++decl_subsys(netfilter, &netfilter_ktype, NULL);
++
++int nf_subsys_register(struct nf_subsys *cls)
++{
++ int ret = 0;
++
++ ret = kobject_set_name(&cls->subsys.kset.kobj, "%s", cls->name);
++ if (ret)
++ goto out;
++
++ subsys_set_kset(cls, netfilter_subsys);
++ ret = subsystem_register(&cls->subsys);
++ if (ret)
++ goto out;
++
++out:
++ return ret;
++}
++EXPORT_SYMBOL_GPL(nf_subsys_register);
++
++void nf_subsys_unregister(struct nf_subsys *cls)
++{
++ subsystem_unregister(&cls->subsys);
++}
++EXPORT_SYMBOL_GPL(nf_subsys_unregister);
++
++int nf_kset_register(struct nf_subsys *subsys, struct kset *kset)
++{
++ kset->subsys = &subsys->subsys;
++ return kset_register(kset);
++}
++EXPORT_SYMBOL_GPL(nf_kset_register);
++
++void nf_kset_unregister(struct kset *kset)
++{
++ kset_unregister(kset);
++}
++EXPORT_SYMBOL_GPL(nf_kset_unregister);
++
++
+ void __init netfilter_init(void)
+ {
+ int i, h;
+@@ -827,6 +871,8 @@
+ for (h = 0; h < NF_MAX_HOOKS; h++)
+ INIT_LIST_HEAD(&nf_hooks[i][h]);
+ }
++
++ subsystem_register(&netfilter_subsys);
+ }
+
+ EXPORT_SYMBOL(ip_ct_attach);
+Index: linux-2.6.10-ctsync/include/linux/netfilter_ipv4/ip_tables.h
+===================================================================
+--- linux-2.6.10-ctsync.orig/include/linux/netfilter_ipv4/ip_tables.h 2004-12-24 22:34:57.000000000 +0100
++++ linux-2.6.10-ctsync/include/linux/netfilter_ipv4/ip_tables.h 2005-03-08 10:29:48.703408432 +0100
+@@ -346,6 +346,8 @@
+
+ const char name[IPT_FUNCTION_MAXNAMELEN];
+
++ struct kobject kobj;
++
+ /* Return true or false: return FALSE and set *hotdrop = 1 to
+ force immediate packet drop. */
+ /* Arguments changed since 2.4, as this must now handle
+@@ -380,6 +382,8 @@
+
+ const char name[IPT_FUNCTION_MAXNAMELEN];
+
++ struct kobject kobj;
++
+ /* Called when user tries to insert an entry of this type:
+ hook_mask is a bitmask of hooks from which it can be
+ called. */
+@@ -425,6 +429,8 @@
+ /* A unique name... */
+ char name[IPT_TABLE_MAXNAMELEN];
+
++ struct kobject kobj;
++
+ /* Seed table: copied in register_table */
+ struct ipt_replace *table;
+
+Index: linux-2.6.10-ctsync/net/ipv4/netfilter/ip_tables.c
+===================================================================
+--- linux-2.6.10-ctsync.orig/net/ipv4/netfilter/ip_tables.c 2004-12-24 22:34:26.000000000 +0100
++++ linux-2.6.10-ctsync/net/ipv4/netfilter/ip_tables.c 2005-03-08 10:36:02.688554048 +0100
+@@ -11,12 +11,16 @@
+ * 19 Jan 2002 Harald Welte <laforge at gnumonks.org>
+ * - increase module usage count as soon as we have rules inside
+ * a table
++ * 07 Mar 2005 Harald Welte <laforge at netfilter.org>
++ * - add sysfs interface
+ */
+ #include <linux/config.h>
+ #include <linux/cache.h>
+ #include <linux/skbuff.h>
+ #include <linux/kmod.h>
+ #include <linux/vmalloc.h>
++#include <linux/kobject.h>
++#include <linux/sysfs.h>
+ #include <linux/netdevice.h>
+ #include <linux/module.h>
+ #include <linux/tcp.h>
+@@ -124,6 +128,64 @@
+ #define up(x) do { printk("UP:%u:" #x "\n", __LINE__); up(x); } while(0)
+ #endif
+
++static ssize_t
++table_attr_show(struct kobject *kobj, struct attribute *attr, char *buf)
++{
++ return 0;
++}
++static ssize_t
++target_attr_show(struct kobject *kobj, struct attribute *attr, char *buf)
++{
++ return 0;
++}
++static ssize_t
++match_attr_show(struct kobject *kobj, struct attribute *attr, char *buf)
++{
++ return 0;
++}
++
++static struct sysfs_ops table_sysfs_ops = {
++ .show = table_attr_show,
++};
++struct kobj_type ktype_table = {
++ .sysfs_ops = &table_sysfs_ops,
++};
++struct kset ipt_table_kset = {
++ .kobj = {
++ .name = "tables",
++ },
++ .ktype = &ktype_table,
++};
++static struct sysfs_ops target_sysfs_ops = {
++ .show = target_attr_show,
++};
++struct kobj_type ktype_target = {
++ .sysfs_ops = &target_sysfs_ops,
++};
++struct kset ipt_target_kset = {
++ .kobj = {
++ .name = "targets",
++ },
++ .ktype = &ktype_target,
++};
++static struct sysfs_ops match_sysfs_ops = {
++ .show = match_attr_show,
++};
++struct kobj_type ktype_match = {
++ .sysfs_ops = &match_sysfs_ops,
++};
++struct kset ipt_match_kset = {
++ .kobj = {
++ .name = "matches",
++ },
++ .ktype = &ktype_match,
++};
++
++struct nf_subsys nfss_iptables = {
++ .name = "ip_tables",
++};
++
++
+ /* Returns whether matches rule or not. */
+ static inline int
+ ip_packet_match(const struct iphdr *ip,
+@@ -1343,7 +1405,23 @@
+ duprintf("ipt_register_target: `%s' already in list!\n",
+ target->name);
+ ret = -EINVAL;
++ goto unlock_out;
+ }
++ memset(&target->kobj, 0, sizeof(target->kobj));
++ ret = kobject_set_name(&target->kobj, "%s", target->name);
++ if (ret < 0)
++ goto listdel_out;
++
++ target->kobj.parent = &ipt_target_kset.kobj;
++ target->kobj.kset = &ipt_target_kset;
++ target->kobj.ktype = &ktype_target;
++ ret = kobject_register(&target->kobj);
++ if (ret == 0)
++ goto unlock_out;
++
++listdel_out:
++ LIST_DELETE(&ipt_target, target);
++unlock_out:
+ up(&ipt_mutex);
+ return ret;
+ }
+@@ -1352,6 +1430,7 @@
+ ipt_unregister_target(struct ipt_target *target)
+ {
+ down(&ipt_mutex);
++ kobject_unregister(&target->kobj);
+ LIST_DELETE(&ipt_target, target);
+ up(&ipt_mutex);
+ }
+@@ -1369,9 +1448,24 @@
+ duprintf("ipt_register_match: `%s' already in list!\n",
+ match->name);
+ ret = -EINVAL;
++ goto unlock_out;
+ }
+- up(&ipt_mutex);
++ memset(&match->kobj, 0, sizeof(match->kobj));
++ ret = kobject_set_name(&match->kobj, "%s", match->name);
++ if (ret < 0)
++ goto listdel_out;
++ match->kobj.parent = &ipt_match_kset.kobj;
++ match->kobj.kset = &ipt_match_kset;
++ match->kobj.ktype = &ktype_match;
++ ret = kobject_register(&match->kobj);
++ if (ret == 0)
++ goto unlock_out;
+
++listdel_out:
++ LIST_DELETE(&ipt_match, match);
++unlock_out:
++ up(&ipt_mutex);
++ printk(KERN_DEBUG "returning %d\n", ret);
+ return ret;
+ }
+
+@@ -1379,6 +1473,7 @@
+ ipt_unregister_match(struct ipt_match *match)
+ {
+ down(&ipt_mutex);
++ kobject_unregister(&match->kobj);
+ LIST_DELETE(&ipt_match, match);
+ up(&ipt_mutex);
+ }
+@@ -1433,10 +1528,23 @@
+ rwlock_init(&table->lock);
+ list_prepend(&ipt_tables, table);
+
++ ret = kobject_set_name(&table->kobj, "%s", table->name);
++ if (ret < 0)
++ goto list_unlock;
++
++ table->kobj.parent = &ipt_table_kset.kobj;
++ table->kobj.kset = &ipt_table_kset;
++ table->kobj.ktype = &ktype_table;
++ ret = kobject_register(&table->kobj);
++ if (ret < 0)
++ goto list_unlock;
++
+ unlock:
+ up(&ipt_mutex);
+ return ret;
+
++ list_unlock:
++ LIST_DELETE(&ipt_tables, table);
+ free_unlock:
+ vfree(newinfo);
+ goto unlock;
+@@ -1445,6 +1553,7 @@
+ void ipt_unregister_table(struct ipt_table *table)
+ {
+ down(&ipt_mutex);
++ kobject_unregister(&table->kobj);
+ LIST_DELETE(&ipt_tables, table);
+ up(&ipt_mutex);
+
+@@ -1866,12 +1975,24 @@
+ }
+ #endif
+
+- printk("ip_tables: (C) 2000-2002 Netfilter core team\n");
++ /* sysfs interface */
++ nf_subsys_register(&nfss_iptables);
++ nf_kset_register(&nfss_iptables, &ipt_table_kset);
++ nf_kset_register(&nfss_iptables, &ipt_target_kset);
++ nf_kset_register(&nfss_iptables, &ipt_match_kset);
++
++ printk("ip_tables: (C) 2000-2005 Netfilter core team\n");
+ return 0;
+ }
+
+ static void __exit fini(void)
+ {
++ /* sysfs interface */
++ nf_kset_unregister(&ipt_match_kset);
++ nf_kset_unregister(&ipt_target_kset);
++ nf_kset_unregister(&ipt_table_kset);
++ nf_subsys_unregister(&nfss_iptables);
++
+ nf_unregister_sockopt(&ipt_sockopts);
+ #ifdef CONFIG_PROC_FS
+ {
Modified: branches/netfilter-ha/linux-2.6-actact/patches/series
===================================================================
--- branches/netfilter-ha/linux-2.6-actact/patches/series 2005-03-17 11:25:40 UTC (rev 3799)
+++ branches/netfilter-ha/linux-2.6-actact/patches/series 2005-03-17 11:27:07 UTC (rev 3800)
@@ -9,3 +9,5 @@
conntrack_hash_manip.patch
conntrack_alloc.patch
ct_sync_config_and_makefile.patch
+netfilter_sysfs.patch
+inet_pton6.patch
More information about the netfilter-cvslog
mailing list