From 48e0cd540dfa16eb2d01f61ff088446eb61626c6 Mon Sep 17 00:00:00 2001 From: Andy Boyett Date: Thu, 10 Sep 2009 10:06:35 +0000 Subject: [PATCH] [generic-2.4] refresh patches SVN-Revision: 17553 --- .../generic-2.4/patches/000-linux_mips.patch | 4 +- .../generic-2.4/patches/050-build_flags.patch | 6 +- .../051-remove_pcmcia_modinst_compat.patch | 2 +- .../generic-2.4/patches/209-build_fixes.patch | 4 +- .../225-string_lib_useful_exports.patch | 8 +- .../generic-2.4/patches/226-atm_br2684.patch | 6 +- .../patches/229-usb_storage_16_byte_cdb.patch | 6 +- .../patches/604-netfilter_maxconn.patch | 4 +- .../patches/605-netfilter_TTL.patch | 4 +- .../patches/606-netfilter_NETMAP.patch | 30 ++---- .../patches/607-netfilter_connmark.patch | 15 ++- .../patches/608-netfilter_ipset.patch | 4 +- .../patches/609-netfilter_string.patch | 4 +- .../patches/610-netfilter_connbytes.patch | 100 +++++++----------- .../patches/611-netfilter_condition.patch | 4 +- .../patches/612-netfilter_quota.patch | 4 +- .../patches/613-netfilter_nat_h323.patch | 48 ++++----- .../patches/614-netfilter_nat_rtsp.patch | 30 +++--- .../patches/615-netfilter_nat_mms.patch | 26 ++--- .../patches/616-netfilter_imq.patch | 4 +- .../patches/620-netfilter_iprange.patch | 4 +- .../patches/621-netfilter_random.patch | 4 +- .../patches/626-netfilter_conntrack_fix.patch | 2 +- 23 files changed, 139 insertions(+), 184 deletions(-) diff --git a/target/linux/generic-2.4/patches/000-linux_mips.patch b/target/linux/generic-2.4/patches/000-linux_mips.patch index eea2d77e4f..5eeb65f8b8 100644 --- a/target/linux/generic-2.4/patches/000-linux_mips.patch +++ b/target/linux/generic-2.4/patches/000-linux_mips.patch @@ -27677,7 +27677,7 @@ include $(TOPDIR)/drivers/bluetooth/Makefile.lib --- a/Makefile +++ b/Makefile -@@ -469,10 +469,11 @@ mrproper: clean archmrproper +@@ -472,10 +472,11 @@ mrproper: clean archmrproper $(MAKE) -C Documentation/DocBook mrproper distclean: mrproper @@ -27693,7 +27693,7 @@ backup: mrproper cd .. && tar cf - linux/ | gzip -9 > backup.gz -@@ -499,7 +500,7 @@ mandocs: +@@ -502,7 +503,7 @@ mandocs: $(MAKE) -C Documentation/DocBook man sums: diff --git a/target/linux/generic-2.4/patches/050-build_flags.patch b/target/linux/generic-2.4/patches/050-build_flags.patch index 7bd1a5a074..dd4b62ced9 100644 --- a/target/linux/generic-2.4/patches/050-build_flags.patch +++ b/target/linux/generic-2.4/patches/050-build_flags.patch @@ -70,9 +70,9 @@ -fno-strict-aliasing -fno-common CFLAGS += -fno-builtin-strpbrk -fno-builtin-sprintf ifndef CONFIG_FRAME_POINTER -@@ -105,6 +104,8 @@ if_gcc4 = $(shell if echo __GNUC__ | $(C - # disable pointer signedness warnings in gcc 4.0 - CFLAGS += $(call check_gcc,-Wno-pointer-sign,) +@@ -108,6 +107,8 @@ CFLAGS += $(call check_gcc,-Wno-pointer- + # disable stupid and dangerous "optimization" in gcc 3.2+ + CFLAGS += $(call check_gcc,-fno-delete-null-pointer-checks,) +CFLAGS += $(call check_gcc, -funit-at-a-time,) + diff --git a/target/linux/generic-2.4/patches/051-remove_pcmcia_modinst_compat.patch b/target/linux/generic-2.4/patches/051-remove_pcmcia_modinst_compat.patch index 62b54dceef..1b57736776 100644 --- a/target/linux/generic-2.4/patches/051-remove_pcmcia_modinst_compat.patch +++ b/target/linux/generic-2.4/patches/051-remove_pcmcia_modinst_compat.patch @@ -1,6 +1,6 @@ --- a/Makefile +++ b/Makefile -@@ -428,18 +428,9 @@ else +@@ -431,18 +431,9 @@ else depmod_opts := -b $(INSTALL_MOD_PATH) -r endif .PHONY: _modinst_post diff --git a/target/linux/generic-2.4/patches/209-build_fixes.patch b/target/linux/generic-2.4/patches/209-build_fixes.patch index 70f62e5038..5e76fd92b6 100644 --- a/target/linux/generic-2.4/patches/209-build_fixes.patch +++ b/target/linux/generic-2.4/patches/209-build_fixes.patch @@ -1,6 +1,6 @@ --- a/Makefile +++ b/Makefile -@@ -362,7 +362,7 @@ include/linux/compile.h: $(CONFIGURATION +@@ -365,7 +365,7 @@ include/linux/compile.h: $(CONFIGURATION @rm -f .ver1 include/linux/version.h: ./Makefile @@ -9,7 +9,7 @@ (echo KERNELRELEASE \"$(KERNELRELEASE)\" exceeds $(uts_len) characters >&2; false) @echo \#define UTS_RELEASE \"$(KERNELRELEASE)\" > .ver @echo \#define LINUX_VERSION_CODE `expr $(VERSION) \\* 65536 + $(PATCHLEVEL) \\* 256 + $(SUBLEVEL)` >> .ver -@@ -500,7 +500,7 @@ dep-files: scripts/mkdep archdep include +@@ -503,7 +503,7 @@ dep-files: scripts/mkdep archdep include ifdef CONFIG_MODVERSIONS $(MAKE) update-modverfile endif diff --git a/target/linux/generic-2.4/patches/225-string_lib_useful_exports.patch b/target/linux/generic-2.4/patches/225-string_lib_useful_exports.patch index 8ba194b6fe..51ec27fbac 100644 --- a/target/linux/generic-2.4/patches/225-string_lib_useful_exports.patch +++ b/target/linux/generic-2.4/patches/225-string_lib_useful_exports.patch @@ -136,7 +136,7 @@ #endif #ifndef __HAVE_ARCH_MEMCMP -@@ -458,6 +475,7 @@ int memcmp(const void * cs,const void * +@@ -459,6 +476,7 @@ int memcmp(const void * cs,const void * break; return res; } @@ -144,7 +144,7 @@ #endif #ifndef __HAVE_ARCH_MEMSCAN -@@ -482,6 +500,7 @@ void * memscan(void * addr, int c, size_ +@@ -483,6 +501,7 @@ void * memscan(void * addr, int c, size_ } return (void *) p; } @@ -152,7 +152,7 @@ #endif #ifndef __HAVE_ARCH_STRSTR -@@ -506,6 +525,7 @@ char * strstr(const char * s1,const char +@@ -507,6 +526,7 @@ char * strstr(const char * s1,const char } return NULL; } @@ -160,7 +160,7 @@ #endif #ifndef __HAVE_ARCH_MEMCHR -@@ -528,5 +548,5 @@ void *memchr(const void *s, int c, size_ +@@ -529,5 +549,5 @@ void *memchr(const void *s, int c, size_ } return NULL; } diff --git a/target/linux/generic-2.4/patches/226-atm_br2684.patch b/target/linux/generic-2.4/patches/226-atm_br2684.patch index bfff13afa6..0ae1cce2ea 100644 --- a/target/linux/generic-2.4/patches/226-atm_br2684.patch +++ b/target/linux/generic-2.4/patches/226-atm_br2684.patch @@ -257,7 +257,7 @@ netif_rx(skb); } -@@ -525,10 +625,10 @@ Note: we do not have explicit unassign, +@@ -529,10 +629,10 @@ Note: we do not have explicit unassign, err = -EEXIST; goto error; } @@ -272,7 +272,7 @@ err = -EINVAL; goto error; } -@@ -554,18 +654,21 @@ Note: we do not have explicit unassign, +@@ -553,18 +653,21 @@ Note: we do not have explicit unassign, brvcc->atmvcc = atmvcc; atmvcc->user_back = brvcc; brvcc->encaps = (enum br2684_encaps) be.encaps; @@ -293,8 +293,8 @@ - error: + error: write_unlock_irq(&devs_lock); + kfree(brvcc); MOD_DEC_USE_COUNT; - return err; @@ -608,12 +711,25 @@ static int br2684_create(unsigned long a if (ni.ifname[0] != '\0') { diff --git a/target/linux/generic-2.4/patches/229-usb_storage_16_byte_cdb.patch b/target/linux/generic-2.4/patches/229-usb_storage_16_byte_cdb.patch index d04e10291a..f14abbb489 100644 --- a/target/linux/generic-2.4/patches/229-usb_storage_16_byte_cdb.patch +++ b/target/linux/generic-2.4/patches/229-usb_storage_16_byte_cdb.patch @@ -1,6 +1,6 @@ ---- a/drivers/usb/storage/scsiglue.c.old 2009-03-30 09:08:02.000000000 +0200 -+++ b/drivers/usb/storage/scsiglue.c 2009-03-30 09:02:53.000000000 +0200 -@@ -95,6 +95,11 @@ +--- a/drivers/usb/storage/scsiglue.c ++++ b/drivers/usb/storage/scsiglue.c +@@ -95,6 +95,11 @@ static int detect(struct SHT *sht) if (us->host) { us->host->hostdata[0] = (unsigned long)us; us->host_no = us->host->host_no; diff --git a/target/linux/generic-2.4/patches/604-netfilter_maxconn.patch b/target/linux/generic-2.4/patches/604-netfilter_maxconn.patch index 38e75f7aa6..5414bef385 100644 --- a/target/linux/generic-2.4/patches/604-netfilter_maxconn.patch +++ b/target/linux/generic-2.4/patches/604-netfilter_maxconn.patch @@ -1,6 +1,6 @@ --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c -@@ -1410,7 +1410,7 @@ void ip_conntrack_cleanup(void) +@@ -1407,7 +1407,7 @@ void ip_conntrack_cleanup(void) nf_unregister_sockopt(&so_getorigdst); } @@ -9,7 +9,7 @@ MODULE_PARM(hashsize, "i"); int __init ip_conntrack_init(void) -@@ -1431,7 +1431,7 @@ int __init ip_conntrack_init(void) +@@ -1428,7 +1428,7 @@ int __init ip_conntrack_init(void) if (ip_conntrack_htable_size < 16) ip_conntrack_htable_size = 16; } diff --git a/target/linux/generic-2.4/patches/605-netfilter_TTL.patch b/target/linux/generic-2.4/patches/605-netfilter_TTL.patch index fe2b7ff724..3abff50f95 100644 --- a/target/linux/generic-2.4/patches/605-netfilter_TTL.patch +++ b/target/linux/generic-2.4/patches/605-netfilter_TTL.patch @@ -42,7 +42,7 @@ +#endif --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -126,6 +126,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -110,6 +110,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; dep_tristate ' CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE fi dep_tristate ' LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES @@ -165,7 +165,7 @@ +module_exit(fini); --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -110,6 +110,7 @@ obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += +@@ -101,6 +101,7 @@ obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o obj-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic.o obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o diff --git a/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch b/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch index 064f74f928..adc0a81af7 100644 --- a/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch +++ b/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch @@ -1,8 +1,6 @@ -Index: linux-2.4.37.5/Documentation/Configure.help -=================================================================== ---- linux-2.4.37.5.orig/Documentation/Configure.help 2009-09-03 00:09:38.000000000 -0700 -+++ linux-2.4.37.5/Documentation/Configure.help 2009-09-03 00:12:30.000000000 -0700 -@@ -3086,6 +3086,17 @@ +--- a/Documentation/Configure.help ++++ b/Documentation/Configure.help +@@ -3086,6 +3086,17 @@ CONFIG_IP_NF_TARGET_REDIRECT If you want to compile it as a module, say M here and read . If unsure, say `N'. @@ -20,11 +18,9 @@ Index: linux-2.4.37.5/Documentation/Configure.help Packet mangling CONFIG_IP_NF_MANGLE This option adds a `mangle' table to iptables: see the man page for -Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/Config.in 2009-09-03 00:09:38.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/Config.in 2009-09-03 00:14:38.000000000 -0700 -@@ -63,6 +63,7 @@ +--- a/net/ipv4/netfilter/Config.in ++++ b/net/ipv4/netfilter/Config.in +@@ -63,6 +63,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; define_bool CONFIG_IP_NF_NAT_NEEDED y dep_tristate ' MASQUERADE target support' CONFIG_IP_NF_TARGET_MASQUERADE $CONFIG_IP_NF_NAT dep_tristate ' REDIRECT target support' CONFIG_IP_NF_TARGET_REDIRECT $CONFIG_IP_NF_NAT @@ -32,10 +28,8 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in if [ "$CONFIG_IP_NF_AMANDA" = "m" ]; then define_tristate CONFIG_IP_NF_NAT_AMANDA m else -Index: linux-2.4.37.5/net/ipv4/netfilter/ipt_NETMAP.c -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ linux-2.4.37.5/net/ipv4/netfilter/ipt_NETMAP.c 2009-09-03 00:12:30.000000000 -0700 +--- /dev/null ++++ b/net/ipv4/netfilter/ipt_NETMAP.c @@ -0,0 +1,112 @@ +/* NETMAP - static NAT mapping of IP network addresses (1:1). + The mapping can be applied to source (POSTROUTING), @@ -149,11 +143,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ipt_NETMAP.c + +module_init(init); +module_exit(fini); -Index: linux-2.4.37.5/net/ipv4/netfilter/Makefile -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/Makefile 2009-09-03 00:09:38.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/Makefile 2009-09-03 00:12:30.000000000 -0700 -@@ -99,6 +99,7 @@ +--- a/net/ipv4/netfilter/Makefile ++++ b/net/ipv4/netfilter/Makefile +@@ -99,6 +99,7 @@ obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_D obj-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK.o obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o diff --git a/target/linux/generic-2.4/patches/607-netfilter_connmark.patch b/target/linux/generic-2.4/patches/607-netfilter_connmark.patch index 411c6e9366..3d3c947da6 100644 --- a/target/linux/generic-2.4/patches/607-netfilter_connmark.patch +++ b/target/linux/generic-2.4/patches/607-netfilter_connmark.patch @@ -1,6 +1,6 @@ --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h -@@ -226,6 +226,9 @@ struct ip_conntrack +@@ -218,6 +218,9 @@ struct ip_conntrack unsigned int app_data_len; } layer7; #endif @@ -61,7 +61,7 @@ +#endif /*_IPT_CONNMARK_H*/ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -6,7 +6,8 @@ comment ' IP: Netfilter Configuration' +@@ -6,6 +6,7 @@ comment ' IP: Netfilter Configuration' tristate 'Connection tracking (required for masq/NAT)' CONFIG_IP_NF_CONNTRACK if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; then @@ -69,8 +69,7 @@ dep_tristate ' FTP protocol support' CONFIG_IP_NF_FTP $CONFIG_IP_NF_CONNTRACK dep_tristate ' Amanda protocol support' CONFIG_IP_NF_AMANDA $CONFIG_IP_NF_CONNTRACK dep_tristate ' TFTP protocol support' CONFIG_IP_NF_TFTP $CONFIG_IP_NF_CONNTRACK - dep_tristate ' IRC protocol support' CONFIG_IP_NF_IRC $CONFIG_IP_NF_CONNTRACK -@@ -42,6 +43,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -40,6 +41,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; then dep_tristate ' Connection state match support' CONFIG_IP_NF_MATCH_STATE $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES dep_tristate ' Connection tracking match support' CONFIG_IP_NF_MATCH_CONNTRACK $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES @@ -80,7 +79,7 @@ fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then dep_tristate ' Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES -@@ -126,6 +130,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -110,6 +114,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE dep_tristate ' CLASSIFY target support (EXPERIMENTAL)' CONFIG_IP_NF_TARGET_CLASSIFY $CONFIG_IP_NF_MANGLE fi @@ -92,7 +91,7 @@ dep_tristate ' ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -93,6 +93,7 @@ obj-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_ +@@ -84,6 +84,7 @@ obj-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_ obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state.o @@ -100,7 +99,7 @@ obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o obj-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss.o -@@ -111,6 +112,7 @@ obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += i +@@ -102,6 +103,7 @@ obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += i obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o obj-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic.o obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o @@ -110,7 +109,7 @@ obj-$(CONFIG_IP_NF_TARGET_TCPMSS) += ipt_TCPMSS.o --- a/net/ipv4/netfilter/ip_conntrack_core.c +++ b/net/ipv4/netfilter/ip_conntrack_core.c -@@ -754,6 +754,9 @@ init_conntrack(const struct ip_conntrack +@@ -750,6 +750,9 @@ init_conntrack(const struct ip_conntrack __set_bit(IPS_EXPECTED_BIT, &conntrack->status); conntrack->master = expected; expected->sibling = conntrack; diff --git a/target/linux/generic-2.4/patches/608-netfilter_ipset.patch b/target/linux/generic-2.4/patches/608-netfilter_ipset.patch index 0a4466daa3..7020866005 100644 --- a/target/linux/generic-2.4/patches/608-netfilter_ipset.patch +++ b/target/linux/generic-2.4/patches/608-netfilter_ipset.patch @@ -1073,7 +1073,7 @@ +#endif /*_IPT_SET_H*/ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -22,6 +22,20 @@ tristate 'IP tables support (required fo +@@ -20,6 +20,20 @@ tristate 'IP tables support (required fo if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; then # The simple matches. dep_tristate ' limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES @@ -5681,7 +5681,7 @@ +module_exit(fini); --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -75,6 +75,18 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o +@@ -66,6 +66,18 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper.o obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o diff --git a/target/linux/generic-2.4/patches/609-netfilter_string.patch b/target/linux/generic-2.4/patches/609-netfilter_string.patch index 04637f7141..baec7b2371 100644 --- a/target/linux/generic-2.4/patches/609-netfilter_string.patch +++ b/target/linux/generic-2.4/patches/609-netfilter_string.patch @@ -21,7 +21,7 @@ +#endif /*_IPT_STRING_H*/ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -63,6 +63,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -61,6 +61,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then dep_tristate ' Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES @@ -133,7 +133,7 @@ +module_exit(fini); --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -108,6 +108,7 @@ obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_s +@@ -99,6 +99,7 @@ obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_s obj-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark.o obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o diff --git a/target/linux/generic-2.4/patches/610-netfilter_connbytes.patch b/target/linux/generic-2.4/patches/610-netfilter_connbytes.patch index c6ddb51e21..ec1c14ac26 100644 --- a/target/linux/generic-2.4/patches/610-netfilter_connbytes.patch +++ b/target/linux/generic-2.4/patches/610-netfilter_connbytes.patch @@ -1,8 +1,6 @@ -Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/Config.in 2009-09-03 00:17:38.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/Config.in 2009-09-03 00:25:34.000000000 -0700 -@@ -11,6 +11,8 @@ +--- a/net/ipv4/netfilter/Config.in ++++ b/net/ipv4/netfilter/Config.in +@@ -11,6 +11,8 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; dep_tristate ' Amanda protocol support' CONFIG_IP_NF_AMANDA $CONFIG_IP_NF_CONNTRACK dep_tristate ' TFTP protocol support' CONFIG_IP_NF_TFTP $CONFIG_IP_NF_CONNTRACK dep_tristate ' IRC protocol support' CONFIG_IP_NF_IRC $CONFIG_IP_NF_CONNTRACK @@ -11,11 +9,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -Index: linux-2.4.37.5/net/ipv4/netfilter/Makefile -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/Makefile 2009-09-03 00:17:38.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/Makefile 2009-09-03 00:17:57.000000000 -0700 -@@ -97,6 +97,7 @@ +--- a/net/ipv4/netfilter/Makefile ++++ b/net/ipv4/netfilter/Makefile +@@ -97,6 +97,7 @@ obj-$(CONFIG_IP_NF_MATCH_LENGTH) += ipt_ obj-$(CONFIG_IP_NF_MATCH_TTL) += ipt_ttl.o obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state.o obj-$(CONFIG_IP_NF_MATCH_CONNMARK) += ipt_connmark.o @@ -23,11 +19,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/Makefile obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o obj-$(CONFIG_IP_NF_MATCH_STRING) += ipt_string.o -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_amanda.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_amanda.c 2009-08-13 15:04:00.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_amanda.c 2009-09-03 00:17:57.000000000 -0700 -@@ -75,7 +75,7 @@ +--- a/net/ipv4/netfilter/ip_conntrack_amanda.c ++++ b/net/ipv4/netfilter/ip_conntrack_amanda.c +@@ -75,7 +75,7 @@ static int help(const struct iphdr *iph, /* increase the UDP timeout of the master connection as replies from * Amanda clients to the server can be quite delayed */ @@ -36,11 +30,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_amanda.c /* Search for "CONNECT " string */ do { -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_tcp.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_proto_tcp.c 2009-08-13 15:04:00.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_tcp.c 2009-09-03 00:17:57.000000000 -0700 -@@ -211,7 +211,7 @@ +--- a/net/ipv4/netfilter/ip_conntrack_proto_tcp.c ++++ b/net/ipv4/netfilter/ip_conntrack_proto_tcp.c +@@ -211,7 +211,7 @@ static int tcp_packet(struct ip_conntrac set_bit(IPS_ASSURED_BIT, &conntrack->status); WRITE_UNLOCK(&tcp_lock); @@ -49,11 +41,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_tcp.c } return NF_ACCEPT; -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_udp.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_proto_udp.c 2009-08-13 15:04:00.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_udp.c 2009-09-03 00:17:57.000000000 -0700 -@@ -47,16 +47,16 @@ +--- a/net/ipv4/netfilter/ip_conntrack_proto_udp.c ++++ b/net/ipv4/netfilter/ip_conntrack_proto_udp.c +@@ -47,16 +47,16 @@ static unsigned int udp_print_conntrack( /* Returns verdict for packet, and may modify conntracktype */ static int udp_packet(struct ip_conntrack *conntrack, struct iphdr *iph, size_t len, @@ -73,11 +63,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_udp.c return NF_ACCEPT; } -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_standalone.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_standalone.c 2009-09-03 00:17:18.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_standalone.c 2009-09-03 00:17:57.000000000 -0700 -@@ -79,6 +79,18 @@ +--- a/net/ipv4/netfilter/ip_conntrack_standalone.c ++++ b/net/ipv4/netfilter/ip_conntrack_standalone.c +@@ -79,6 +79,18 @@ print_expect(char *buffer, const struct return len; } @@ -96,7 +84,7 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_standalone.c static unsigned int print_conntrack(char *buffer, struct ip_conntrack *conntrack) { -@@ -98,11 +110,15 @@ +@@ -98,11 +110,15 @@ print_conntrack(char *buffer, struct ip_ len += print_tuple(buffer + len, &conntrack->tuplehash[IP_CT_DIR_ORIGINAL].tuple, proto); @@ -112,7 +100,7 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_standalone.c if (test_bit(IPS_ASSURED_BIT, &conntrack->status)) len += sprintf(buffer + len, "[ASSURED] "); len += sprintf(buffer + len, "use=%u ", -@@ -481,7 +497,7 @@ +@@ -481,7 +497,7 @@ EXPORT_SYMBOL(ip_conntrack_get); EXPORT_SYMBOL(ip_conntrack_helper_register); EXPORT_SYMBOL(ip_conntrack_helper_unregister); EXPORT_SYMBOL(ip_ct_iterate_cleanup); @@ -121,11 +109,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_standalone.c EXPORT_SYMBOL(ip_ct_find_proto); EXPORT_SYMBOL(__ip_ct_find_proto); EXPORT_SYMBOL(ip_ct_find_helper); -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_generic.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_proto_generic.c 2009-08-13 15:04:00.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_generic.c 2009-09-03 00:17:57.000000000 -0700 -@@ -41,9 +41,9 @@ +--- a/net/ipv4/netfilter/ip_conntrack_proto_generic.c ++++ b/net/ipv4/netfilter/ip_conntrack_proto_generic.c +@@ -41,9 +41,9 @@ static unsigned int generic_print_conntr /* Returns verdict for packet, or -1 for invalid. */ static int established(struct ip_conntrack *conntrack, struct iphdr *iph, size_t len, @@ -137,11 +123,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_generic.c return NF_ACCEPT; } -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_icmp.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_proto_icmp.c 2009-08-13 15:04:00.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_icmp.c 2009-09-03 00:17:57.000000000 -0700 -@@ -82,7 +82,7 @@ +--- a/net/ipv4/netfilter/ip_conntrack_proto_icmp.c ++++ b/net/ipv4/netfilter/ip_conntrack_proto_icmp.c +@@ -82,7 +82,7 @@ static int icmp_packet(struct ip_conntra ct->timeout.function((unsigned long)ct); } else { atomic_inc(&ct->proto.icmp.count); @@ -150,11 +134,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_proto_icmp.c } return NF_ACCEPT; -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_core.c -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/ip_conntrack_core.c 2009-09-03 00:17:18.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_core.c 2009-09-03 00:17:57.000000000 -0700 -@@ -1193,22 +1193,40 @@ +--- a/net/ipv4/netfilter/ip_conntrack_core.c ++++ b/net/ipv4/netfilter/ip_conntrack_core.c +@@ -1193,22 +1193,40 @@ void ip_conntrack_helper_unregister(stru MOD_DEC_USE_COUNT; } @@ -198,11 +180,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_core.c } WRITE_UNLOCK(&ip_conntrack_lock); } -Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h -=================================================================== ---- linux-2.4.37.5.orig/include/linux/netfilter_ipv4/ip_conntrack.h 2009-09-03 00:17:18.000000000 -0700 -+++ linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h 2009-09-03 00:17:57.000000000 -0700 -@@ -156,6 +156,12 @@ +--- a/include/linux/netfilter_ipv4/ip_conntrack.h ++++ b/include/linux/netfilter_ipv4/ip_conntrack.h +@@ -156,6 +156,12 @@ struct ip_conntrack_expect union ip_conntrack_expect_help help; }; @@ -215,7 +195,7 @@ Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h struct ip_conntrack_helper; struct ip_conntrack -@@ -173,6 +179,12 @@ +@@ -173,6 +179,12 @@ struct ip_conntrack /* Timer function; drops refcnt when it goes off. */ struct timer_list timeout; @@ -228,7 +208,7 @@ Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h /* If we're expecting another related connection, this will be in expected linked list */ struct list_head sibling_list; -@@ -256,8 +268,10 @@ +@@ -256,8 +268,10 @@ extern int invert_tuplepr(struct ip_conn const struct ip_conntrack_tuple *orig); /* Refresh conntrack for this many jiffies */ @@ -241,10 +221,8 @@ Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h /* These are for NAT. Icky. */ /* Call me when a conntrack is destroyed. */ -Index: linux-2.4.37.5/net/ipv4/netfilter/ipt_connbytes.c -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ linux-2.4.37.5/net/ipv4/netfilter/ipt_connbytes.c 2009-09-03 00:17:57.000000000 -0700 +--- /dev/null ++++ b/net/ipv4/netfilter/ipt_connbytes.c @@ -0,0 +1,163 @@ +/* Kernel module to match connection tracking byte counter. + * GPL (C) 2002 Martin Devera (devik@cdi.cz). @@ -409,10 +387,8 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ipt_connbytes.c +module_init(init); +module_exit(fini); +MODULE_LICENSE("GPL"); -Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ipt_connbytes.h -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ linux-2.4.37.5/include/linux/netfilter_ipv4/ipt_connbytes.h 2009-09-03 00:17:57.000000000 -0700 +--- /dev/null ++++ b/include/linux/netfilter_ipv4/ipt_connbytes.h @@ -0,0 +1,25 @@ +#ifndef _IPT_CONNBYTES_H +#define _IPT_CONNBYTES_H diff --git a/target/linux/generic-2.4/patches/611-netfilter_condition.patch b/target/linux/generic-2.4/patches/611-netfilter_condition.patch index 6fe2b3c115..873e60e372 100644 --- a/target/linux/generic-2.4/patches/611-netfilter_condition.patch +++ b/target/linux/generic-2.4/patches/611-netfilter_condition.patch @@ -60,7 +60,7 @@ +#endif --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -43,6 +43,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -41,6 +41,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; dep_tristate ' netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES dep_tristate ' Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES dep_tristate ' TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES @@ -70,7 +70,7 @@ dep_tristate ' peer to peer traffic match support' CONFIG_IP_NF_MATCH_IPP2P $CONFIG_IP_NF_IPTABLES --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -94,6 +94,7 @@ obj-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt +@@ -85,6 +85,7 @@ obj-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt obj-$(CONFIG_IP_NF_MATCH_MULTIPORT) += ipt_multiport.o obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_owner.o obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o diff --git a/target/linux/generic-2.4/patches/612-netfilter_quota.patch b/target/linux/generic-2.4/patches/612-netfilter_quota.patch index e38e12e8a7..5336aadcc5 100644 --- a/target/linux/generic-2.4/patches/612-netfilter_quota.patch +++ b/target/linux/generic-2.4/patches/612-netfilter_quota.patch @@ -31,7 +31,7 @@ +#endif /*_IPT_QUOTA_H*/ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -24,6 +24,7 @@ tristate 'IP tables support (required fo +@@ -22,6 +22,7 @@ tristate 'IP tables support (required fo if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; then # The simple matches. dep_tristate ' limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES @@ -41,7 +41,7 @@ if [ "$CONFIG_IP_NF_SET" != "n" ]; then --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -74,6 +74,7 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o +@@ -65,6 +65,7 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o # matches obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper.o obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o diff --git a/target/linux/generic-2.4/patches/613-netfilter_nat_h323.patch b/target/linux/generic-2.4/patches/613-netfilter_nat_h323.patch index ee7a91abcc..14f9262f89 100644 --- a/target/linux/generic-2.4/patches/613-netfilter_nat_h323.patch +++ b/target/linux/generic-2.4/patches/613-netfilter_nat_h323.patch @@ -1,8 +1,6 @@ -Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/Config.in 2009-09-03 01:07:45.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/Config.in 2009-09-03 01:30:37.000000000 -0700 -@@ -13,6 +13,7 @@ +--- a/net/ipv4/netfilter/Config.in ++++ b/net/ipv4/netfilter/Config.in +@@ -13,6 +13,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; dep_tristate ' IRC protocol support' CONFIG_IP_NF_IRC $CONFIG_IP_NF_CONNTRACK dep_tristate ' Connection tracking flow accounting' CONFIG_IP_NF_CT_ACCT $CONFIG_IP_NF_CONNTRACK dep_tristate ' Connection byte counter support' CONFIG_IP_NF_MATCH_CONNBYTES $CONFIG_IP_NF_CT_ACCT $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES @@ -10,7 +8,7 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -@@ -94,6 +95,13 @@ +@@ -94,6 +95,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; define_tristate CONFIG_IP_NF_NAT_AMANDA $CONFIG_IP_NF_NAT fi fi @@ -24,11 +22,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then dep_tristate ' Basic SNMP-ALG support (EXPERIMENTAL)' CONFIG_IP_NF_NAT_SNMP_BASIC $CONFIG_IP_NF_NAT fi -Index: linux-2.4.37.5/net/ipv4/netfilter/Makefile -=================================================================== ---- linux-2.4.37.5.orig/net/ipv4/netfilter/Makefile 2009-09-03 01:07:45.000000000 -0700 -+++ linux-2.4.37.5/net/ipv4/netfilter/Makefile 2009-09-03 01:31:13.000000000 -0700 -@@ -47,12 +47,17 @@ +--- a/net/ipv4/netfilter/Makefile ++++ b/net/ipv4/netfilter/Makefile +@@ -47,12 +47,17 @@ obj-$(CONFIG_IP_NF_IRC) += ip_conntrack_ ifdef CONFIG_IP_NF_IRC export-objs += ip_conntrack_irc.o endif @@ -46,10 +42,8 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/Makefile # generic IP tables obj-$(CONFIG_IP_NF_IPTABLES) += ip_tables.o -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_h323.c -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_h323.c 2009-09-03 01:16:29.000000000 -0700 +--- /dev/null ++++ b/net/ipv4/netfilter/ip_conntrack_h323.c @@ -0,0 +1,302 @@ +/* + * H.323 'brute force' extension for H.323 connection tracking. @@ -353,10 +347,8 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_conntrack_h323.c + +module_init(init); +module_exit(fini); -Index: linux-2.4.37.5/net/ipv4/netfilter/ip_nat_h323.c -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ linux-2.4.37.5/net/ipv4/netfilter/ip_nat_h323.c 2009-09-03 01:16:29.000000000 -0700 +--- /dev/null ++++ b/net/ipv4/netfilter/ip_nat_h323.c @@ -0,0 +1,403 @@ +/* + * H.323 'brute force' extension for NAT alteration. @@ -761,11 +753,9 @@ Index: linux-2.4.37.5/net/ipv4/netfilter/ip_nat_h323.c + +module_init(init); +module_exit(fini); -Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h -=================================================================== ---- linux-2.4.37.5.orig/include/linux/netfilter_ipv4/ip_conntrack.h 2009-09-03 00:17:57.000000000 -0700 -+++ linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h 2009-09-03 01:28:53.000000000 -0700 -@@ -67,6 +67,7 @@ +--- a/include/linux/netfilter_ipv4/ip_conntrack.h ++++ b/include/linux/netfilter_ipv4/ip_conntrack.h +@@ -67,6 +67,7 @@ union ip_conntrack_expect_proto { #include #include @@ -773,7 +763,7 @@ Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h /* per expectation: application helper private data */ union ip_conntrack_expect_help { -@@ -74,6 +75,7 @@ +@@ -74,6 +75,7 @@ union ip_conntrack_expect_help { struct ip_ct_amanda_expect exp_amanda_info; struct ip_ct_ftp_expect exp_ftp_info; struct ip_ct_irc_expect exp_irc_info; @@ -781,7 +771,7 @@ Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h #ifdef CONFIG_IP_NF_NAT_NEEDED union { -@@ -87,6 +89,7 @@ +@@ -87,6 +89,7 @@ union ip_conntrack_help { /* insert conntrack helper private data (master) here */ struct ip_ct_ftp_master ct_ftp_info; struct ip_ct_irc_master ct_irc_info; @@ -789,10 +779,8 @@ Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack.h }; #ifdef CONFIG_IP_NF_NAT_NEEDED -Index: linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack_h323.h -=================================================================== ---- /dev/null 1970-01-01 00:00:00.000000000 +0000 -+++ linux-2.4.37.5/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2009-09-03 01:16:29.000000000 -0700 +--- /dev/null ++++ b/include/linux/netfilter_ipv4/ip_conntrack_h323.h @@ -0,0 +1,30 @@ +#ifndef _IP_CONNTRACK_H323_H +#define _IP_CONNTRACK_H323_H diff --git a/target/linux/generic-2.4/patches/614-netfilter_nat_rtsp.patch b/target/linux/generic-2.4/patches/614-netfilter_nat_rtsp.patch index 289682dee7..e90ac9d859 100644 --- a/target/linux/generic-2.4/patches/614-netfilter_nat_rtsp.patch +++ b/target/linux/generic-2.4/patches/614-netfilter_nat_rtsp.patch @@ -1,14 +1,14 @@ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -16,6 +16,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; - dep_tristate ' GRE protocol support' CONFIG_IP_NF_CT_PROTO_GRE $CONFIG_IP_NF_CONNTRACK - dep_tristate ' PPTP protocol support' CONFIG_IP_NF_PPTP $CONFIG_IP_NF_CT_PROTO_GRE +@@ -14,6 +14,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; + dep_tristate ' Connection tracking flow accounting' CONFIG_IP_NF_CT_ACCT $CONFIG_IP_NF_CONNTRACK + dep_tristate ' Connection byte counter support' CONFIG_IP_NF_MATCH_CONNBYTES $CONFIG_IP_NF_CT_ACCT $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES dep_tristate ' H.323 (netmeeting) support' CONFIG_IP_NF_H323 $CONFIG_IP_NF_CONNTRACK + dep_tristate ' RTSP protocol support' CONFIG_IP_NF_RTSP $CONFIG_IP_NF_CONNTRACK fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -@@ -118,6 +119,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -102,6 +103,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; define_tristate CONFIG_IP_NF_NAT_H323 $CONFIG_IP_NF_NAT fi fi @@ -24,7 +24,7 @@ fi --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -57,6 +57,11 @@ obj-$(CONFIG_IP_NF_H323) += ip_conntrack +@@ -51,6 +51,11 @@ obj-$(CONFIG_IP_NF_H323) += ip_conntrack ifdef CONFIG_IP_NF_NAT_H323 export-objs += ip_conntrack_h323.o endif @@ -34,11 +34,11 @@ +endif + - # NAT helpers -@@ -67,6 +72,7 @@ obj-$(CONFIG_IP_NF_NAT_IRC) += ip_nat_ir - obj-$(CONFIG_IP_NF_NAT_PROTO_GRE) += ip_nat_proto_gre.o - obj-$(CONFIG_IP_NF_NAT_PPTP) += ip_nat_pptp.o + obj-$(CONFIG_IP_NF_NAT_AMANDA) += ip_nat_amanda.o +@@ -58,6 +63,7 @@ obj-$(CONFIG_IP_NF_NAT_TFTP) += ip_nat_t + obj-$(CONFIG_IP_NF_NAT_FTP) += ip_nat_ftp.o + obj-$(CONFIG_IP_NF_NAT_IRC) += ip_nat_irc.o obj-$(CONFIG_IP_NF_NAT_H323) += ip_nat_h323.o +obj-$(CONFIG_IP_NF_NAT_RTSP) += ip_nat_rtsp.o @@ -1490,25 +1490,25 @@ +#endif /* _NETFILTER_MIME_H */ --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h -@@ -72,6 +72,7 @@ union ip_conntrack_expect_proto { +@@ -68,6 +68,7 @@ union ip_conntrack_expect_proto { + #include #include - #include #include +#include /* per expectation: application helper private data */ union ip_conntrack_expect_help { -@@ -81,6 +82,7 @@ union ip_conntrack_expect_help { +@@ -76,6 +77,7 @@ union ip_conntrack_expect_help { + struct ip_ct_ftp_expect exp_ftp_info; struct ip_ct_irc_expect exp_irc_info; - struct ip_ct_pptp_expect exp_pptp_info; struct ip_ct_h225_expect exp_h225_info; + struct ip_ct_rtsp_expect exp_rtsp_info; #ifdef CONFIG_IP_NF_NAT_NEEDED union { -@@ -96,6 +98,7 @@ union ip_conntrack_help { +@@ -90,6 +92,7 @@ union ip_conntrack_help { + struct ip_ct_ftp_master ct_ftp_info; struct ip_ct_irc_master ct_irc_info; - struct ip_ct_pptp_master ct_pptp_info; struct ip_ct_h225_master ct_h225_info; + struct ip_ct_rtsp_master ct_rtsp_info; }; diff --git a/target/linux/generic-2.4/patches/615-netfilter_nat_mms.patch b/target/linux/generic-2.4/patches/615-netfilter_nat_mms.patch index a95b652ef3..cb07804b1f 100644 --- a/target/linux/generic-2.4/patches/615-netfilter_nat_mms.patch +++ b/target/linux/generic-2.4/patches/615-netfilter_nat_mms.patch @@ -1,14 +1,14 @@ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -17,6 +17,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; - dep_tristate ' PPTP protocol support' CONFIG_IP_NF_PPTP $CONFIG_IP_NF_CT_PROTO_GRE +@@ -15,6 +15,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; + dep_tristate ' Connection byte counter support' CONFIG_IP_NF_MATCH_CONNBYTES $CONFIG_IP_NF_CT_ACCT $CONFIG_IP_NF_CONNTRACK $CONFIG_IP_NF_IPTABLES dep_tristate ' H.323 (netmeeting) support' CONFIG_IP_NF_H323 $CONFIG_IP_NF_CONNTRACK dep_tristate ' RTSP protocol support' CONFIG_IP_NF_RTSP $CONFIG_IP_NF_CONNTRACK + dep_tristate ' MMS protocol support' CONFIG_IP_NF_MMS $CONFIG_IP_NF_CONNTRACK fi if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -@@ -126,6 +127,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -110,6 +111,13 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; define_tristate CONFIG_IP_NF_NAT_RTSP $CONFIG_IP_NF_NAT fi fi @@ -24,7 +24,7 @@ fi --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -61,6 +61,10 @@ obj-$(CONFIG_IP_NF_RTSP) += ip_conntrack +@@ -55,6 +55,10 @@ obj-$(CONFIG_IP_NF_RTSP) += ip_conntrack ifdef CONFIG_IP_NF_NAT_RTSP export-objs += ip_conntrack_rtsp.o endif @@ -34,9 +34,9 @@ +endif - -@@ -73,6 +77,7 @@ obj-$(CONFIG_IP_NF_NAT_PROTO_GRE) += ip_ - obj-$(CONFIG_IP_NF_NAT_PPTP) += ip_nat_pptp.o + # NAT helpers +@@ -64,6 +68,7 @@ obj-$(CONFIG_IP_NF_NAT_FTP) += ip_nat_ft + obj-$(CONFIG_IP_NF_NAT_IRC) += ip_nat_irc.o obj-$(CONFIG_IP_NF_NAT_H323) += ip_nat_h323.o obj-$(CONFIG_IP_NF_NAT_RTSP) += ip_nat_rtsp.o +obj-$(CONFIG_IP_NF_NAT_MMS) += ip_nat_mms.o @@ -673,24 +673,24 @@ +module_exit(fini); --- a/include/linux/netfilter_ipv4/ip_conntrack.h +++ b/include/linux/netfilter_ipv4/ip_conntrack.h -@@ -73,6 +73,7 @@ union ip_conntrack_expect_proto { - #include +@@ -69,6 +69,7 @@ union ip_conntrack_expect_proto { + #include #include #include +#include /* per expectation: application helper private data */ union ip_conntrack_expect_help { -@@ -83,6 +84,7 @@ union ip_conntrack_expect_help { - struct ip_ct_pptp_expect exp_pptp_info; +@@ -78,6 +79,7 @@ union ip_conntrack_expect_help { + struct ip_ct_irc_expect exp_irc_info; struct ip_ct_h225_expect exp_h225_info; struct ip_ct_rtsp_expect exp_rtsp_info; + struct ip_ct_mms_expect exp_mms_info; #ifdef CONFIG_IP_NF_NAT_NEEDED union { -@@ -99,6 +101,7 @@ union ip_conntrack_help { - struct ip_ct_pptp_master ct_pptp_info; +@@ -93,6 +95,7 @@ union ip_conntrack_help { + struct ip_ct_irc_master ct_irc_info; struct ip_ct_h225_master ct_h225_info; struct ip_ct_rtsp_master ct_rtsp_info; + struct ip_ct_mms_master ct_mms_info; diff --git a/target/linux/generic-2.4/patches/616-netfilter_imq.patch b/target/linux/generic-2.4/patches/616-netfilter_imq.patch index 45f4d9d24c..97e1f22e3b 100644 --- a/target/linux/generic-2.4/patches/616-netfilter_imq.patch +++ b/target/linux/generic-2.4/patches/616-netfilter_imq.patch @@ -505,7 +505,7 @@ /** --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -171,6 +171,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -155,6 +155,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; dep_tristate ' DSCP target support' CONFIG_IP_NF_TARGET_DSCP $CONFIG_IP_NF_MANGLE dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE @@ -515,7 +515,7 @@ if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -139,6 +139,7 @@ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TO +@@ -130,6 +130,7 @@ obj-$(CONFIG_IP_NF_TARGET_TOS) += ipt_TO obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_DSCP.o obj-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK.o diff --git a/target/linux/generic-2.4/patches/620-netfilter_iprange.patch b/target/linux/generic-2.4/patches/620-netfilter_iprange.patch index 505d22ee1a..f6a15ce23b 100644 --- a/target/linux/generic-2.4/patches/620-netfilter_iprange.patch +++ b/target/linux/generic-2.4/patches/620-netfilter_iprange.patch @@ -43,7 +43,7 @@ +#endif /* _IPT_IPRANGE_H */ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -27,6 +27,7 @@ tristate 'IP tables support (required fo +@@ -25,6 +25,7 @@ tristate 'IP tables support (required fo if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; then # The simple matches. dep_tristate ' limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES @@ -157,7 +157,7 @@ +module_exit(fini); --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -90,6 +90,7 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o +@@ -81,6 +81,7 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o # matches obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper.o obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o diff --git a/target/linux/generic-2.4/patches/621-netfilter_random.patch b/target/linux/generic-2.4/patches/621-netfilter_random.patch index 2dcd728721..2f47db36ca 100644 --- a/target/linux/generic-2.4/patches/621-netfilter_random.patch +++ b/target/linux/generic-2.4/patches/621-netfilter_random.patch @@ -69,7 +69,7 @@ +#endif /*_IP6T_RAND_H*/ --- a/net/ipv4/netfilter/Config.in +++ b/net/ipv4/netfilter/Config.in -@@ -48,6 +48,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +@@ -46,6 +46,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; dep_tristate ' netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES dep_tristate ' Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES dep_tristate ' TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES @@ -178,7 +178,7 @@ +module_exit(fini); --- a/net/ipv4/netfilter/Makefile +++ b/net/ipv4/netfilter/Makefile -@@ -114,6 +114,8 @@ obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_o +@@ -105,6 +105,8 @@ obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_o obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o obj-$(CONFIG_IP_NF_MATCH_CONDITION) += ipt_condition.o diff --git a/target/linux/generic-2.4/patches/626-netfilter_conntrack_fix.patch b/target/linux/generic-2.4/patches/626-netfilter_conntrack_fix.patch index 865df8d9ee..363df1492f 100644 --- a/target/linux/generic-2.4/patches/626-netfilter_conntrack_fix.patch +++ b/target/linux/generic-2.4/patches/626-netfilter_conntrack_fix.patch @@ -1,6 +1,6 @@ --- a/include/linux/netfilter_ipv4/ip_conntrack_tuple.h +++ b/include/linux/netfilter_ipv4/ip_conntrack_tuple.h -@@ -68,6 +68,35 @@ struct ip_conntrack_tuple +@@ -62,6 +62,35 @@ struct ip_conntrack_tuple } dst; }; -- 2.30.2