[netfilter-cvslog] r4334 - in trunk/nfsim: . core core/ipv4
kernelenv kernelenv/include netfilter
rusty at netfilter.org
rusty at netfilter.org
Sat Oct 8 21:08:11 CEST 2005
Author: rusty at netfilter.org
Date: 2005-10-08 21:08:06 +0200 (Sat, 08 Oct 2005)
New Revision: 4334
Modified:
trunk/nfsim/.links
trunk/nfsim/configure
trunk/nfsim/core/core.c
trunk/nfsim/core/core.h
trunk/nfsim/core/ipv4/ipv4.h
trunk/nfsim/kernelenv/include/kernelenv.h
trunk/nfsim/kernelenv/kernelenv.c
trunk/nfsim/netfilter.c.sed
trunk/nfsim/netfilter/Makefile
Log:
2.6.14-rc3-git3 support (much thanks to Max kellerman).
Handle new netfilter layout (net/core/netfilter.c now net/netfilter/* and net/ipv4/netfilter.c)
Logging prototypes in core.h belong in kernelenv.h
Modified: trunk/nfsim/.links
===================================================================
--- trunk/nfsim/.links 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/.links 2005-10-08 19:08:06 UTC (rev 4334)
@@ -53,6 +53,8 @@
./asm/softirq.h
./asm/statfs.h
./asm/page.h
+./asm/types.h
+./asm/byteorder.h
./net/tcp.h
./net/checksum.h
./net/route.h
Modified: trunk/nfsim/configure
===================================================================
--- trunk/nfsim/configure 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/configure 2005-10-08 19:08:06 UTC (rev 4334)
@@ -77,9 +77,23 @@
rm -rf netfilter/$TYPE
mkdir -p netfilter/$TYPE
-echo "netfilter/core/netfilter.c: $KERNELDIR/net/core/netfilter.c" >> Makefile.import
-echo ' @sed -f netfilter.c.sed $< > $@ && chmod a-w $@' >> Makefile.import
-echo "import: netfilter/core/netfilter.c" >> Makefile.import
+if [ -f $KERNELDIR/net/core/netfilter.c ]; then
+ # < Linux 2.6.14
+ echo "netfilter/core/netfilter.c: $KERNELDIR/net/core/netfilter.c" >> Makefile.import
+ echo ' @sed -f netfilter.c.sed $< > $@ && chmod a-w $@' >> Makefile.import
+ echo "import: netfilter/core/netfilter.c" >> Makefile.import
+else
+ # >= Linux 2.6.14
+ for i in core.c nf_log.c nf_queue.c nf_sockopt.c nf_internals.h; do
+ echo "netfilter/core/$i: $KERNELDIR/net/netfilter/$i" >> Makefile.import
+ echo ' @sed -f netfilter.c.sed $< > $@ && chmod a-w $@' >> Makefile.import
+ echo "import: netfilter/core/$i" >> Makefile.import
+ done
+ # Import type-specific netfilter.c to netfilter/core/<type>.c
+ echo "netfilter/core/$TYPE.c: $KERNELDIR/net/$TYPE/netfilter.c" >> Makefile.import
+ echo ' @sed -f netfilter.c.sed $< > $@ && chmod a-w $@' >> Makefile.import
+ echo "import: netfilter/core/$TYPE.c" >> Makefile.import
+fi
files=$(cd $KERNELDIR/net/$TYPE/netfilter/; \
find . -name '*.[ch]' ! -name '*.mod.c' | grep -vE '/(SCCS|RCS)/')
@@ -107,6 +121,17 @@
echo ' @cp $^ $@ && chmod a-w $@' >> Makefile.import
echo "import: netfilter/include/linux/netfilter_$TYPE/$f" >> Makefile.import
done
+if [ -d $KERNELDIR/include/linux/netfilter ]; then
+ # present in Linux 2.6.14+
+ files=$(cd $KERNELDIR/include/linux/netfilter; \
+ find . -name '*.[ch]' | grep -vE '/(SCCS|RCS)/')
+ for f in $files; do
+ mkdir -p $(dirname netfilter/include/linux/netfilter/$f)
+ echo "netfilter/include/linux/netfilter/$f":"$KERNELDIR/include/linux/netfilter/$f" >> Makefile.import
+ echo ' @cp $^ $@ && chmod a-w $@' >> Makefile.import
+ echo "import: netfilter/include/linux/netfilter/$f" >> Makefile.import
+ done
+fi
echo "netfilter/include/linux/netfilter_$TYPE.h":"$KERNELDIR/include/linux/netfilter_$TYPE.h" >> Makefile.import
echo ' @cp $^ $@ && chmod a-w $@' >> Makefile.import
echo "import: netfilter/include/linux/netfilter_$TYPE.h" >> Makefile.import
Modified: trunk/nfsim/core/core.c
===================================================================
--- trunk/nfsim/core/core.c 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/core/core.c 2005-10-08 19:08:06 UTC (rev 4334)
@@ -112,8 +112,11 @@
init_call(core_init);
-static int enqueue_packet(struct sk_buff *skb,
- struct nf_info *info, void *data)
+/* FIXME: Use queue number. */
+static int enqueue_packet_to_queuenum(struct sk_buff *skb,
+ struct nf_info *info,
+ unsigned int queuenum,
+ void *data)
{
struct nfsim_queueitem *pq;
@@ -128,6 +131,19 @@
return 0;
}
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
+static struct nf_queue_handler enqueue_packet_h = {
+ .outfn = enqueue_packet_to_queuenum,
+ .data = NULL,
+ .name = "core.c:enqueue_packet",
+};
+#else
+static int enqueue_packet(struct sk_buff *skb, struct nf_info *info,void *data)
+{
+ return enqueue_packet_to_queuenum(skb, info, 0, data);
+}
+#endif
+
/* We want logging for every hook */
unsigned int call_elem_hook(struct nf_hook_ops *ops,
unsigned int hooknum,
@@ -488,7 +504,11 @@
if (load_modules && !load_all_modules())
barf("Module loading failed\n");
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
+ nf_register_queue_handler(PF_INET, &enqueue_packet_h);
+#else
nf_register_queue_handler(PF_INET, enqueue_packet, NULL);
+#endif
nfsim_log(LOG_UI, "initialisation done");
Modified: trunk/nfsim/core/core.h
===================================================================
--- trunk/nfsim/core/core.h 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/core/core.h 2005-10-08 19:08:06 UTC (rev 4334)
@@ -184,24 +184,6 @@
int nf_setsockopt(struct sock *sk, int pf, int val, char *opt, int len);
int nf_getsockopt(struct sock *sk, int pf, int val, char *opt, int *len);
-typedef void nf_logfn(unsigned int hooknum,
- const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const char *prefix);
-
-/* Function to register/unregister log function. */
-int nf_log_register(int pf, nf_logfn *logfn);
-void nf_log_unregister(int pf, nf_logfn *logfn);
-
-/* Calls the registered backend logging function */
-void nf_log_packet(int pf,
- unsigned int hooknum,
- const struct sk_buff *skb,
- const struct net_device *in,
- const struct net_device *out,
- const char *fmt, ...);
-
#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,12)
int nf_hook_slow(int pf, unsigned int hook, struct sk_buff **pskb,
struct net_device *indev,
@@ -230,16 +212,6 @@
nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn))
#endif
-/* Packet queuing */
-typedef int (*nf_queue_outfn_t)(struct sk_buff *skb,
- struct nf_info *info, void *data);
-extern int nf_register_queue_handler(int pf,
- nf_queue_outfn_t outfn, void *data);
-extern int nf_unregister_queue_handler(int pf);
-extern void nf_reinject(struct sk_buff *skb,
- struct nf_info *info,
- unsigned int verdict);
-
/* Like alloc_skb, but never fails even when failtest on. */
struct sk_buff *alloc_skb_internal(unsigned int size, int gfp_mask, const char *loc);
Modified: trunk/nfsim/core/ipv4/ipv4.h
===================================================================
--- trunk/nfsim/core/ipv4/ipv4.h 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/core/ipv4/ipv4.h 2005-10-08 19:08:06 UTC (rev 4334)
@@ -519,6 +519,11 @@
*/
};
+static __inline__ struct in_device *
+__in_dev_get(const struct net_device *dev)
+{
+ return (struct in_device*)dev->ip_ptr;
+}
static inline unsigned int netmask_bits(uint32_t netmask)
{
Modified: trunk/nfsim/kernelenv/include/kernelenv.h
===================================================================
--- trunk/nfsim/kernelenv/include/kernelenv.h 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/kernelenv/include/kernelenv.h 2005-10-08 19:08:06 UTC (rev 4334)
@@ -57,6 +57,8 @@
#define __s32 s32
#define __u64 u64
#define __s64 u64
+#define __be16 __u16
+#define __be32 __u32
/* Hacky, but works for now */
#define BITS_PER_LONG (ULONG_MAX == 0xFFFFFFFFUL ? 32 : 64)
@@ -149,6 +151,7 @@
#define u_int64_t uint64_t
#define __init
+#define __read_mostly
#define __inline
#define ____cacheline_aligned __attribute__((aligned(8)))
@@ -725,6 +728,73 @@
unsigned int f_uid;
};
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
+/* those NF_LOG_* defines and struct nf_loginfo are legacy definitios that will
+ * disappear once iptables is replaced with pkttables. Please DO NOT use them
+ * for any new code! */
+#define NF_LOG_TCPSEQ 0x01 /* Log TCP sequence numbers */
+#define NF_LOG_TCPOPT 0x02 /* Log TCP options */
+#define NF_LOG_IPOPT 0x04 /* Log IP options */
+#define NF_LOG_UID 0x08 /* Log UID owning local socket */
+#define NF_LOG_MASK 0x0f
+
+#define NF_LOG_TYPE_LOG 0x01
+#define NF_LOG_TYPE_ULOG 0x02
+
+struct nf_loginfo {
+ u_int8_t type;
+ union {
+ struct {
+ u_int32_t copy_len;
+ u_int16_t group;
+ u_int16_t qthreshold;
+ } ulog;
+ struct {
+ u_int8_t level;
+ u_int8_t logflags;
+ } log;
+ } u;
+};
+
+typedef void nf_logfn(unsigned int pf,
+ unsigned int hooknum,
+ const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const struct nf_loginfo *li,
+ const char *prefix);
+
+struct nf_logger {
+ struct module *me;
+ nf_logfn *logfn;
+ char *name;
+};
+
+int nf_log_register(int pf, struct nf_logger *logger);
+int nf_log_unregister_pf(int pf);
+void nf_log_unregister_logger(struct nf_logger *logger);
+#else
+typedef void nf_logfn(unsigned int hooknum,
+ const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+ const char *prefix);
+
+int nf_log_register(int pf, nf_logfn *logfn);
+void nf_log_unregister(int pf, nf_logfn *logfn);
+#endif
+
+/* Calls the registered backend logging function */
+void nf_log_packet(int pf,
+ unsigned int hooknum,
+ const struct sk_buff *skb,
+ const struct net_device *in,
+ const struct net_device *out,
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
+ struct nf_loginfo *li,
+#endif
+ const char *fmt, ...);
+
struct socket
{
struct socket_file_dummy *file;
@@ -757,17 +827,74 @@
void (*sk_data_ready)(struct sock *sk, int bytes);
};
+/* Packet queuing */
+struct nf_info;
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
+struct nf_queue_handler {
+ int (*outfn)(struct sk_buff *skb, struct nf_info *info,
+ unsigned int queuenum, void *data);
+ void *data;
+ char *name;
+};
+extern int nf_register_queue_handler(int pf,
+ struct nf_queue_handler *qh);
+extern void nf_unregister_queue_handlers(struct nf_queue_handler *qh);
+
+struct nf_queue_rerouter {
+ void (*save)(const struct sk_buff *skb, struct nf_info *info);
+ int (*reroute)(struct sk_buff **skb, const struct nf_info *info);
+ int rer_size;
+};
+
+#define nf_info_reroute(x) ((void *)x + sizeof(struct nf_info))
+extern int nf_register_queue_rerouter(int pf, struct nf_queue_rerouter *rer);
+extern int nf_unregister_queue_rerouter(int pf);
+
+/* we overload the higher bits for encoding auxiliary data such as the queue
+ * number. Not nice, but better than additional function arguments. */
+#define NF_VERDICT_MASK 0x0000ffff
+#define NF_VERDICT_BITS 16
+
+#define NF_VERDICT_QMASK 0xffff0000
+#define NF_VERDICT_QBITS 16
+
+#define NF_QUEUE_NR(x) (((x << NF_VERDICT_QBITS) & NF_VERDICT_QMASK) | NF_QUEUE)
+#ifdef CONFIG_PROC_FS
+#include <linux/proc_fs.h>
+extern struct proc_dir_entry *proc_net_netfilter;
+#endif
+
+#else /* ... <2.6.14 */
+typedef int (*nf_queue_outfn_t)(struct sk_buff *skb,
+ struct nf_info *info, void *data);
+extern int nf_register_queue_handler(int pf,
+ nf_queue_outfn_t outfn, void *data);
+#endif /* KERNEL_VERSION(2,6,14) */
+
+extern int nf_unregister_queue_handler(int pf);
+
+extern void nf_reinject(struct sk_buff *skb,
+ struct nf_info *info,
+ unsigned int verdict);
+
void sock_hold(struct sock *sk);
void sock_put(struct sock *sk);
void skb_set_owner_w(struct sk_buff *skb, struct sock *sk);
struct sk_buff *skb_realloc_headroom(struct sk_buff *skb, unsigned int headroom);
+#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,14)
int skb_ip_make_writable(struct sk_buff **pskb, unsigned int writable_len);
/* netfilter.c's version: unused. */
int __unused_skb_ip_make_writable(struct sk_buff **, unsigned int);
+#else
+int skb_make_writable(struct sk_buff **pskb, unsigned int writable_len);
+/* netfilter.c's version: unused. */
+int __unused_skb_make_writable(struct sk_buff **, unsigned int);
+#endif
+
/* net.h */
#define net_ratelimit() 1
Modified: trunk/nfsim/kernelenv/kernelenv.c
===================================================================
--- trunk/nfsim/kernelenv/kernelenv.c 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/kernelenv/kernelenv.c 2005-10-08 19:08:06 UTC (rev 4334)
@@ -450,6 +450,10 @@
return skb->data + skb->len > skb->end;
}
+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,14)
+#define skb_ip_make_writable skb_make_writable
+#endif
+
int skb_ip_make_writable(struct sk_buff **pskb, unsigned int writable_len)
{
struct sk_buff *new;
Modified: trunk/nfsim/netfilter/Makefile
===================================================================
--- trunk/nfsim/netfilter/Makefile 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/netfilter/Makefile 2005-10-08 19:08:06 UTC (rev 4334)
@@ -1,7 +1,8 @@
+NETFILTER_C_FILES=$(wildcard core/*.c)
all: dummy.o modules netfilter.o
-netfilter.o: $(TYPE)/$(TYPE).o core/netfilter.o
+netfilter.o: $(TYPE)/$(TYPE).o $(NETFILTER_C_FILES:.c=.o)
ld -r -o $@ $^
$(TYPE)/$(TYPE).o: $(TYPE)/
Modified: trunk/nfsim/netfilter.c.sed
===================================================================
--- trunk/nfsim/netfilter.c.sed 2005-10-08 18:57:54 UTC (rev 4333)
+++ trunk/nfsim/netfilter.c.sed 2005-10-08 19:08:06 UTC (rev 4334)
@@ -5,5 +5,4 @@
s/^void nf_unregister_sockopt(/void __nf_unregister_sockopt(/
s/^void nf_unregister_hook(/void __nf_unregister_hook(/
s/^int skb_ip_make_writable(/int __unused_skb_ip_make_writable(/
-
-
+s/^int skb_make_writable/int __unused_skb_make_writable/
More information about the netfilter-cvslog
mailing list