[netfilter-cvslog] r4273 - in
trunk/patch-o-matic-ng/patchlets/rsh/linux: Documentation
net/ipv4/netfilter
laforge at netfilter.org
laforge at netfilter.org
Thu Sep 22 12:18:13 CEST 2005
Author: laforge at netfilter.org
Date: 2005-09-22 12:18:12 +0200 (Thu, 22 Sep 2005)
New Revision: 4273
Modified:
trunk/patch-o-matic-ng/patchlets/rsh/linux/Documentation/Configure.help.ladd
trunk/patch-o-matic-ng/patchlets/rsh/linux/net/ipv4/netfilter/ip_conntrack_rsh.c
Log:
add legato networker support (David Stes)
Modified: trunk/patch-o-matic-ng/patchlets/rsh/linux/Documentation/Configure.help.ladd
===================================================================
--- trunk/patch-o-matic-ng/patchlets/rsh/linux/Documentation/Configure.help.ladd 2005-09-22 10:13:54 UTC (rev 4272)
+++ trunk/patch-o-matic-ng/patchlets/rsh/linux/Documentation/Configure.help.ladd 2005-09-22 10:18:12 UTC (rev 4273)
@@ -16,6 +16,8 @@
practice" to use RSH, use SSH in all instances.
(see rfc1244, rfc1948, rfc2179, etc ad-nauseum)
+ The RSH connection module supports Legato NetWorker's nsrexec.
+ For support of Legato NetWorker, you will need the RPC and the RSH modules.
If you want to compile it as a module, say M here and read
<file:Documentation/modules.txt>. If unsure, say `N'.
Modified: trunk/patch-o-matic-ng/patchlets/rsh/linux/net/ipv4/netfilter/ip_conntrack_rsh.c
===================================================================
--- trunk/patch-o-matic-ng/patchlets/rsh/linux/net/ipv4/netfilter/ip_conntrack_rsh.c 2005-09-22 10:13:54 UTC (rev 4272)
+++ trunk/patch-o-matic-ng/patchlets/rsh/linux/net/ipv4/netfilter/ip_conntrack_rsh.c 2005-09-22 10:18:12 UTC (rev 4273)
@@ -2,6 +2,9 @@
* (C) 2002 by Ian (Larry) Latter <Ian.Latter at mq.edu.au>
* based on HW's ip_conntrack_irc.c
*
+ * (C) 2004,2005 by David Stes <stes at pandora.be>
+ * Modification for Legato NetWorker range [7937-9936] instead of [0:1023]
+ *
* ip_conntrack_rsh.c,v 1.0 2002/07/17 14:49:26
*
* This program is free software; you can redistribute it and/or
@@ -10,10 +13,11 @@
* 2 of the License, or (at your option) any later version.
**
* Module load syntax:
- * insmod ip_conntrack_rsh.o ports=port1,port2,...port<MAX_PORTS>
+ * insmod ip_conntrack_rsh.o range=1023,ports=port1,port2,...port<MAX_PORTS>
*
* please give the ports of all RSH servers You wish to connect to.
* If You don't specify ports, the default will be port 514
+ * If you don't specify any range, the default will be 1023
**
* Note to all:
* RSH blows ... you should use SSH (openssh.org) to replace it,
@@ -109,6 +113,8 @@
#include <linux/netfilter_ipv4/ip_conntrack_rsh.h>
#define MAX_PORTS 8
+static int range; /* defaults to = 1023 */
+static unsigned short rangemask; /* defaults to = 0xfc00 */
static int ports[MAX_PORTS];
static int ports_n_c = 0;
@@ -116,6 +122,8 @@
MODULE_DESCRIPTION("RSH connection tracking module");
MODULE_LICENSE("GPL");
#ifdef MODULE_PARM
+MODULE_PARM(range, "i");
+MODULE_PARM_DESC(range, "max port of reserved range (default is 1023)");
MODULE_PARM(ports, "1-" __MODULE_STRING(MAX_PORTS) "i");
MODULE_PARM_DESC(ports, "port numbers of RSH servers");
#endif
@@ -198,8 +206,8 @@
/* dont relate sessions that try to expose the client */
DEBUGP("found port %u\n", port);
- if (port > 1023) {
- DEBUGP("skipping, expected port size is greater than 1023!\n");
+ if (port > range) {
+ DEBUGP("skipping, expected port size is greater than range!\n");
return NF_ACCEPT;
}
@@ -229,7 +237,7 @@
exp->mask.src.ip = 0xffffffff;
exp->mask.dst.ip = 0xffffffff;
- exp->mask.src.u.tcp.port = htons(0xfc00);
+ exp->mask.src.u.tcp.port = htons(rangemask);
exp->mask.dst.u.tcp.port = htons(0xffff);
exp->mask.dst.protonum = 0xffff;
@@ -267,6 +275,16 @@
if (ports[0] == 0)
ports[0] = RSH_PORT;
+ /* the check on reserved port <1023 doesn't work with Legato */
+ /* for Legato NetWorker, the check should be that port <= 9936 */
+
+ if (range == 0)
+ range = 1023;
+
+ /* Legato uses range [ 7937 : 9936 ] -> 7937 by default */
+
+ rangemask = 0xffff ^ range; /* defaults to = 0xfc00 */
+
for (port = 0; (port < MAX_PORTS) && ports[port]; port++) {
memset(&rsh_helpers[port], 0, sizeof(struct ip_conntrack_helper));
@@ -287,8 +305,8 @@
/* RSH must come from ports 0:1023 to ports[port] (514) */
rsh_helpers[port].tuple.src.u.tcp.port = htons(ports[port]);
- rsh_helpers[port].mask.src.u.tcp.port = htons(0xfc00);
- rsh_helpers[port].mask.dst.u.tcp.port = htons(0xfc00);
+ rsh_helpers[port].mask.src.u.tcp.port = htons(rangemask);
+ rsh_helpers[port].mask.dst.u.tcp.port = htons(rangemask);
rsh_helpers[port].help = help;
More information about the netfilter-cvslog
mailing list