mirror of
git://git.code.sf.net/p/xtables-addons/xtables-addons
synced 2025-09-06 20:55:13 +02:00
Remove dependency on CONFIG_NETWORK_SECMARK
This commit is contained in:
Jan Engelhardt
3
INSTALL
3
INSTALL
@@ -19,6 +19,9 @@ Prerequirements
|
|||||||
- or the xtables-combined tarball that is currently distributed
|
- or the xtables-combined tarball that is currently distributed
|
||||||
|
|
||||||
* kernel-source >= 2.6.18.5 with prepared build/output directory
|
* kernel-source >= 2.6.18.5 with prepared build/output directory
|
||||||
|
- CONFIG_NF_CONNTRACK or CONFIG_IP_NF_CONNTRACK
|
||||||
|
- CONFIG_NF_CONNTRACK_MARK or CONFIG_IP_NF_CONNTRACK_MARK
|
||||||
|
enabled =y or as module (=m)
|
||||||
|
|
||||||
|
|
||||||
Selecting extensions
|
Selecting extensions
|
||||||
|
|||||||
@@ -10,6 +10,12 @@ struct udphdr;
|
|||||||
# define skb_nfmark(skb) (((struct sk_buff *)(skb))->mark)
|
# define skb_nfmark(skb) (((struct sk_buff *)(skb))->mark)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
#ifdef CONFIG_NETWORK_SECMARK
|
||||||
|
# define skb_secmark(skb) ((skb)->secmark)
|
||||||
|
#else
|
||||||
|
# define skb_secmark(skb) 0
|
||||||
|
#endif
|
||||||
|
|
||||||
#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 21)
|
#if LINUX_VERSION_CODE <= KERNEL_VERSION(2, 6, 21)
|
||||||
# define ip_hdr(skb) ((skb)->nh.iph)
|
# define ip_hdr(skb) ((skb)->nh.iph)
|
||||||
# define ip_hdrlen(skb) (ip_hdr(skb)->ihl * 4)
|
# define ip_hdrlen(skb) (ip_hdr(skb)->ihl * 4)
|
||||||
|
|||||||
@@ -10,13 +10,13 @@
|
|||||||
#endif
|
#endif
|
||||||
|
|
||||||
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
#if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)
|
||||||
# if !defined(CONFIG_NF_CONNTRACK_MARK) || !defined(CONFIG_NF_CONNTRACK_SECMARK)
|
# if !defined(CONFIG_NF_CONNTRACK_MARK)
|
||||||
# warning You have CONFIG_NF_CONNTRACK enabled, but CONFIG_NF_CONNTRACK_MARK or CONFIG_NF_CONNTRACK_SECMARK are not (please enable).
|
# warning You have CONFIG_NF_CONNTRACK enabled, but CONFIG_NF_CONNTRACK_MARK is not (please enable).
|
||||||
# endif
|
# endif
|
||||||
# include <net/netfilter/nf_conntrack.h>
|
# include <net/netfilter/nf_conntrack.h>
|
||||||
#elif defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE)
|
#elif defined(CONFIG_IP_NF_CONNTRACK) || defined(CONFIG_IP_NF_CONNTRACK_MODULE)
|
||||||
# if !defined(CONFIG_IP_NF_CONNTRACK_MARK) || !defined(CONFIG_IP_NF_CONNTRACK_SECMARK)
|
# if !defined(CONFIG_IP_NF_CONNTRACK_MARK)
|
||||||
# warning You have CONFIG_IP_NF_CONNTRACK enabled, but CONFIG_IP_NF_CONNTRACK_MARK or CONFIG_IP_NF_CONNTRACK_SECMARK are not (please enable).
|
# warning You have CONFIG_IP_NF_CONNTRACK enabled, but CONFIG_IP_NF_CONNTRACK_MARK is not (please enable).
|
||||||
# endif
|
# endif
|
||||||
# include <linux/netfilter_ipv4/ip_conntrack.h>
|
# include <linux/netfilter_ipv4/ip_conntrack.h>
|
||||||
# define nf_conn ip_conntrack
|
# define nf_conn ip_conntrack
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ logmark_tg(struct sk_buff *skb, const struct net_device *in,
|
|||||||
printk("<%u>%.*s""hook=%s nfmark=0x%x secmark=0x%x classify=0x%x",
|
printk("<%u>%.*s""hook=%s nfmark=0x%x secmark=0x%x classify=0x%x",
|
||||||
info->level, (unsigned int)sizeof(info->prefix), info->prefix,
|
info->level, (unsigned int)sizeof(info->prefix), info->prefix,
|
||||||
hook_names[hooknum],
|
hook_names[hooknum],
|
||||||
skb_nfmark(skb), skb->secmark, skb->priority);
|
skb_nfmark(skb), skb_secmark(skb), skb->priority);
|
||||||
|
|
||||||
ct = nf_ct_get(skb, &ctinfo);
|
ct = nf_ct_get(skb, &ctinfo);
|
||||||
printk(" ctdir=%s", dir_names[ctinfo >= IP_CT_IS_REPLY]);
|
printk(" ctdir=%s", dir_names[ctinfo >= IP_CT_IS_REPLY]);
|
||||||
|
|||||||
Reference in New Issue
Block a user