From f3f0741469b0e30aa10709bc4dbca582976919f9 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Mon, 22 Sep 2008 13:40:25 -0400 Subject: [PATCH] Support for Linux 2.6.17 --- INSTALL | 8 ++------ extensions/.gitignore | 1 + extensions/compat_xtables.c | 8 ++++++++ extensions/compat_xtables.h | 9 +++++++-- extensions/compat_xtnu.h | 1 + extensions/xt_TARPIT.c | 4 +++- 6 files changed, 22 insertions(+), 9 deletions(-) diff --git a/INSTALL b/INSTALL index 1e2c057..1ef9e5c 100644 --- a/INSTALL +++ b/INSTALL @@ -12,13 +12,9 @@ in combination with the kernel's Kbuild system. Prerequirements =============== - * a recent iptables snapshot - - from the "xtables" git repository at dev.medozas.de - (minimum as per git-describe: v1.4.0-77) - - or the subversion repository at netfilter.org (minimum: r7502) - - or the xtables-combined tarball that is currently distributed + * iptables 1.4.1 - * kernel-source >= 2.6.18.5 with prepared build/output directory + * kernel-source >= 2.6.17 with prepared build/output directory - CONFIG_NF_CONNTRACK or CONFIG_IP_NF_CONNTRACK - CONFIG_NF_CONNTRACK_MARK or CONFIG_IP_NF_CONNTRACK_MARK enabled =y or as module (=m) diff --git a/extensions/.gitignore b/extensions/.gitignore index 91ce60c..8878c7a 100644 --- a/extensions/.gitignore +++ b/extensions/.gitignore @@ -4,6 +4,7 @@ *.ko *.mod.c Module.symvers +Modules.symvers modules.order /*.so diff --git a/extensions/compat_xtables.c b/extensions/compat_xtables.c index f7ff53a..491d9d9 100644 --- a/extensions/compat_xtables.c +++ b/extensions/compat_xtables.c @@ -408,4 +408,12 @@ void xtnu_csum_replace2(__sum16 *sum, __be16 from, __be16 to) EXPORT_SYMBOL_GPL(xtnu_csum_replace2); #endif +#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 17) +int xtnu_skb_linearize(struct sk_buff *skb) +{ + return skb_linearize(skb, GFP_ATOMIC); +} +EXPORT_SYMBOL_GPL(xtnu_skb_linearize); +#endif + MODULE_LICENSE("GPL"); diff --git a/extensions/compat_xtables.h b/extensions/compat_xtables.h index 86f573e..84d29da 100644 --- a/extensions/compat_xtables.h +++ b/extensions/compat_xtables.h @@ -5,8 +5,8 @@ #include "compat_skbuff.h" #include "compat_xtnu.h" -#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 18) -# warning Kernels below 2.6.18.5 not supported. +#if LINUX_VERSION_CODE < KERNEL_VERSION(2, 6, 17) +# warning Kernels below 2.6.17 not supported. #endif #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE) @@ -26,6 +26,11 @@ # warning You need either CONFIG_NF_CONNTRACK or CONFIG_IP_NF_CONNTRACK. #endif +#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 17) +# define skb_init_secmark(skb) +# define skb_linearize xtnu_skb_linearize +#endif + #if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 19) # define neigh_hh_output xtnu_neigh_hh_output # define IPPROTO_UDPLITE 136 diff --git a/extensions/compat_xtnu.h b/extensions/compat_xtnu.h index 00c94cf..9583db7 100644 --- a/extensions/compat_xtnu.h +++ b/extensions/compat_xtnu.h @@ -83,5 +83,6 @@ extern struct xt_match *xtnu_request_find_match(unsigned int, const char *, uint8_t); extern int xtnu_neigh_hh_output(struct hh_cache *, struct sk_buff *); extern void xtnu_csum_replace2(__u16 __bitwise *, __be16, __be16); +extern int xtnu_skb_linearize(struct sk_buff *); #endif /* _COMPAT_XTNU_H */ diff --git a/extensions/xt_TARPIT.c b/extensions/xt_TARPIT.c index 90e6574..60957aa 100644 --- a/extensions/xt_TARPIT.c +++ b/extensions/xt_TARPIT.c @@ -52,7 +52,7 @@ static void tarpit_tcp(struct sk_buff *oldskb, unsigned int hook) { struct tcphdr _otcph, *oth, *tcph; - unsigned int addr_type; + unsigned int addr_type = RTN_UNSPEC; struct sk_buff *nskb; struct iphdr *niph; u_int16_t tmp; @@ -96,9 +96,11 @@ static void tarpit_tcp(struct sk_buff *oldskb, unsigned int hook) skb_nfmark(nskb) = 0; skb_init_secmark(nskb); +#if LINUX_VERSION_CODE >= KERNEL_VERSION(2, 6, 18) skb_shinfo(nskb)->gso_size = 0; skb_shinfo(nskb)->gso_segs = 0; skb_shinfo(nskb)->gso_type = 0; +#endif tcph = (struct tcphdr *)(skb_network_header(nskb) + ip_hdrlen(nskb));