diff --git a/INSTALL b/INSTALL index 37a5018..541cbb9 100644 --- a/INSTALL +++ b/INSTALL @@ -14,7 +14,7 @@ Supported configurations for this release * iptables >= 1.4.5 - * kernel-devel >= 2.6.34 + * kernel-devel >= 2.6.35 with prepared build/output directory - CONFIG_NF_CONNTRACK or CONFIG_IP_NF_CONNTRACK - CONFIG_NF_CONNTRACK_MARK or CONFIG_IP_NF_CONNTRACK_MARK diff --git a/configure.ac b/configure.ac index 864e5ad..0414a8d 100644 --- a/configure.ac +++ b/configure.ac @@ -67,7 +67,7 @@ if test -n "$kbuilddir"; then echo "WARNING: That kernel version is not officially supported."; elif test "$kmajor" -eq 3; then :; - elif test "$kmajor" -eq 2 -a "$kminor" -eq 6 -a "$kmicro" -ge 34; then + elif test "$kmajor" -eq 2 -a "$kminor" -eq 6 -a "$kmicro" -ge 35; then :; else echo "WARNING: That kernel version is not officially supported."; diff --git a/doc/changelog.txt b/doc/changelog.txt index 38fc8a6..2a39fea 100644 --- a/doc/changelog.txt +++ b/doc/changelog.txt @@ -2,7 +2,7 @@ HEAD ==== Changes: -- remove support for Linux 2.6.17--2.6.33 +- remove support for Linux 2.6.17--2.6.34 v1.47.1 (2010-10-15) diff --git a/extensions/compat_xtables.c b/extensions/compat_xtables.c index f8a422c..0ac3526 100644 --- a/extensions/compat_xtables.c +++ b/extensions/compat_xtables.c @@ -30,138 +30,6 @@ # define WITH_IPV6 1 #endif -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -static bool xtnu_match_run(const struct sk_buff *skb, - const struct xt_match_param *par) -{ - struct xtnu_match *nm = xtcompat_numatch(par->match); - struct xt_action_param local_par; - bool ret; - - local_par.in = par->in; - local_par.out = par->out; - local_par.match = par->match; - local_par.matchinfo = par->matchinfo; - local_par.fragoff = par->fragoff; - local_par.thoff = par->thoff; - local_par.hotdrop = false; - local_par.family = par->family; - - if (nm == NULL || nm->match == NULL) - return false; - ret = nm->match(skb, &local_par); - *par->hotdrop = local_par.hotdrop; - return ret; -} -#endif - -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -static bool xtnu_match_check(const struct xt_mtchk_param *par) -{ - struct xtnu_match *nm = xtcompat_numatch(par->match); - - if (nm == NULL) - return false; - if (nm->checkentry == NULL) - return true; - return nm->checkentry(par) == 0; -} -#endif - -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -int xtnu_register_match(struct xtnu_match *nt) -{ - struct xt_match *ct; - char *tmp; - int ret; - - ct = kzalloc(sizeof(struct xt_match), GFP_KERNEL); - if (ct == NULL) - return -ENOMEM; - - tmp = (char *)ct->name; - memcpy(tmp, nt->name, sizeof(nt->name)); - tmp = (char *)(ct->name + sizeof(ct->name) - sizeof(void *)); - *(tmp-1) = '\0'; - memcpy(tmp, &nt, sizeof(void *)); - - ct->revision = nt->revision; - ct->family = nt->family; - ct->table = (char *)nt->table; - ct->hooks = nt->hooks; - ct->proto = nt->proto; -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) - ct->match = xtnu_match_run; - ct->checkentry = xtnu_match_check; - ct->destroy = nt->destroy; -#else - ct->match = nt->match; - ct->checkentry = xtnu_match_check; - ct->destroy = nt->destroy; -#endif - ct->matchsize = nt->matchsize; - ct->me = nt->me; - - nt->__compat_match = ct; - ret = xt_register_match(ct); - if (ret != 0) - kfree(ct); - return ret; -} -EXPORT_SYMBOL_GPL(xtnu_register_match); - -int xtnu_register_matches(struct xtnu_match *nt, unsigned int num) -{ - unsigned int i; - int ret; - - for (i = 0; i < num; ++i) { - ret = xtnu_register_match(&nt[i]); - if (ret < 0) { - if (i > 0) - xtnu_unregister_matches(nt, i); - return ret; - } - } - return 0; -} -EXPORT_SYMBOL_GPL(xtnu_register_matches); - -void xtnu_unregister_match(struct xtnu_match *nt) -{ - xt_unregister_match(nt->__compat_match); - kfree(nt->__compat_match); -} -EXPORT_SYMBOL_GPL(xtnu_unregister_match); - -void xtnu_unregister_matches(struct xtnu_match *nt, unsigned int num) -{ - unsigned int i; - - for (i = 0; i < num; ++i) - xtnu_unregister_match(&nt[i]); -} -EXPORT_SYMBOL_GPL(xtnu_unregister_matches); -#endif - -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -static unsigned int -xtnu_target_run(struct sk_buff *skb, const struct xt_target_param *par) -{ - struct xtnu_target *nt = xtcompat_nutarget(par->target); - struct xt_action_param local_par; - - local_par.in = par->in; - local_par.out = par->out; - local_par.hooknum = par->hooknum; - local_par.target = par->target; - local_par.targinfo = par->targinfo; - local_par.family = par->family; - - return nt->target(&skb, &local_par); -} -#endif -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 35) static unsigned int xtnu_target_run(struct sk_buff *skb, const struct xt_action_param *par) { @@ -169,20 +37,6 @@ xtnu_target_run(struct sk_buff *skb, const struct xt_action_param *par) return nt->target(&skb, par); } -#endif - -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -static bool xtnu_target_check(const struct xt_tgchk_param *par) -{ - struct xtnu_target *nt = xtcompat_nutarget(par->target); - - if (nt == NULL) - return false; - if (nt->checkentry == NULL) - return true; - return nt->checkentry(par) == 0; -} -#endif int xtnu_register_target(struct xtnu_target *nt) { @@ -206,13 +60,8 @@ int xtnu_register_target(struct xtnu_target *nt) ct->hooks = nt->hooks; ct->proto = nt->proto; ct->target = xtnu_target_run; -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) - ct->checkentry = xtnu_target_check; - ct->destroy = nt->destroy; -#else ct->checkentry = nt->checkentry; ct->destroy = nt->destroy; -#endif ct->targetsize = nt->targetsize; ct->me = nt->me; diff --git a/extensions/compat_xtables.h b/extensions/compat_xtables.h index c3f3432..bac7e23 100644 --- a/extensions/compat_xtables.h +++ b/extensions/compat_xtables.h @@ -8,8 +8,8 @@ #define DEBUGP Use__pr_debug__instead -#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 34) -# warning Kernels below 2.6.34 not supported. +#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 35) +# warning Kernels below 2.6.35 not supported. #endif #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) @@ -21,14 +21,6 @@ # warning You need CONFIG_NF_CONNTRACK. #endif -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -# define xt_match xtnu_match -# define xt_register_match xtnu_register_match -# define xt_unregister_match xtnu_unregister_match -# define xt_register_matches xtnu_register_matches -# define xt_unregister_matches xtnu_unregister_matches -#endif - #define ipt_unregister_table(tbl) ipt_unregister_table(&init_net, (tbl)) #define ip6t_unregister_table(tbl) ip6t_unregister_table(&init_net, (tbl)) diff --git a/extensions/compat_xtnu.h b/extensions/compat_xtnu.h index 776fa3b..106ca4c 100644 --- a/extensions/compat_xtnu.h +++ b/extensions/compat_xtnu.h @@ -11,23 +11,6 @@ struct net_device; struct rtable; struct sk_buff; -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) -struct xt_action_param { - union { - const struct xt_match *match; - const struct xt_target *target; - }; - union { - const void *matchinfo, *targinfo; - }; - const struct net_device *in, *out; - int fragoff; - unsigned int thoff, hooknum; - u_int8_t family; - bool hotdrop; -}; -#endif - struct xtnu_match { /* * Making it smaller by sizeof(void *) on purpose to catch diff --git a/extensions/xt_CHAOS.c b/extensions/xt_CHAOS.c index e1cb7b0..f968466 100644 --- a/extensions/xt_CHAOS.c +++ b/extensions/xt_CHAOS.c @@ -56,20 +56,6 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par) bool ret; bool hotdrop = false; -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) - { - struct xt_match_param local_par = { - .in = par->in, - .out = par->out, - .match = xm_tcp, - .matchinfo = &tcp_params, - .fragoff = fragoff, - .thoff = thoff, - .hotdrop = &hotdrop, - }; - ret = xm_tcp->match(skb, &local_par); - } -#else { struct xt_action_param local_par; local_par.in = par->in, @@ -82,24 +68,10 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par) ret = xm_tcp->match(skb, &local_par); hotdrop = local_par.hotdrop; } -#endif if (!ret || hotdrop || (unsigned int)net_random() > delude_percentage) return; destiny = (info->variant == XTCHAOS_TARPIT) ? xt_tarpit : xt_delude; -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) - { - struct xt_target_param local_par = { - .in = par->in, - .out = par->out, - .hooknum = par->hooknum, - .target = destiny, - .targinfo = par->targinfo, - .family = par->family, - }; - destiny->target(skb, &local_par); - } -#else { struct xt_action_param local_par; local_par.in = par->in; @@ -110,7 +82,6 @@ xt_chaos_total(struct sk_buff *skb, const struct xt_action_param *par) local_par.family = par->family; destiny->target(skb, &local_par); } -#endif } static unsigned int @@ -129,16 +100,6 @@ chaos_tg(struct sk_buff **pskb, const struct xt_action_param *par) const struct iphdr *iph = ip_hdr(skb); if ((unsigned int)net_random() <= reject_percentage) { -#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 34) - struct xt_target_param local_par = { - .in = par->in, - .out = par->out, - .hooknum = par->hooknum, - .target = xt_reject, - .targinfo = &reject_params, - }; - return xt_reject->target(skb, &local_par); -#else struct xt_action_param local_par; local_par.in = par->in; local_par.out = par->out; @@ -146,7 +107,6 @@ chaos_tg(struct sk_buff **pskb, const struct xt_action_param *par) local_par.target = xt_reject; local_par.targinfo = &reject_params; return xt_reject->target(skb, &local_par); -#endif } /* TARPIT/DELUDE may not be called from the OUTPUT chain */ diff --git a/extensions/xt_TEE.c b/extensions/xt_TEE.c index 1b62589..2a869a7 100644 --- a/extensions/xt_TEE.c +++ b/extensions/xt_TEE.c @@ -22,13 +22,6 @@ #include #include -#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 35) -# error ---------------------------------------------------------- -# error This module has been merged into, and is available in the -# error mainline since Linux kernel v2.6.35. Please use that. -# error ---------------------------------------------------------- -#endif - #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) # define WITH_CONNTRACK 1 # include