From 2a4a0a4f41f8baae77b9055c6355abee8b97a33f Mon Sep 17 00:00:00 2001 From: Florian Fainelli Date: Tue, 14 Feb 2006 22:02:31 +0000 Subject: [PATCH] Cleaning up patch SVN-Revision: 3240 --- .../generic/116-netfilter_nat_sip.patch | 18 +- .../generic/118-netfilter_nat_rtsp.patch | 301 ------------------ 2 files changed, 9 insertions(+), 310 deletions(-) diff --git a/openwrt/target/linux/linux-2.4/patches/generic/116-netfilter_nat_sip.patch b/openwrt/target/linux/linux-2.4/patches/generic/116-netfilter_nat_sip.patch index 083b15904c..6bb1af3691 100644 --- a/openwrt/target/linux/linux-2.4/patches/generic/116-netfilter_nat_sip.patch +++ b/openwrt/target/linux/linux-2.4/patches/generic/116-netfilter_nat_sip.patch @@ -1,6 +1,6 @@ diff -urN linux-2.4.30/net/ipv4/netfilter/Config.in linux-2.4.30.new/net/ipv4/netfilter/Config.in ---- linux-2.4.30/net/ipv4/netfilter/Config.in 2006-02-07 15:38:07.000000000 +0100 -+++ linux-2.4.30.new/net/ipv4/netfilter/Config.in 2006-02-07 15:39:18.000000000 +0100 +--- linux-2.4.30/net/ipv4/netfilter/Config.in 2006-02-14 01:14:42.758184584 +0100 ++++ linux-2.4.30.new/net/ipv4/netfilter/Config.in 2006-02-14 01:16:16.325960120 +0100 @@ -13,6 +13,7 @@ dep_tristate ' IRC protocol support' CONFIG_IP_NF_IRC $CONFIG_IP_NF_CONNTRACK dep_tristate ' GRE protocol support' CONFIG_IP_NF_CT_PROTO_GRE $CONFIG_IP_NF_CONNTRACK @@ -25,7 +25,7 @@ diff -urN linux-2.4.30/net/ipv4/netfilter/Config.in linux-2.4.30.new/net/ipv4/ne else diff -urN linux-2.4.30/net/ipv4/netfilter/ip_conntrack_sip.c linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_sip.c --- linux-2.4.30/net/ipv4/netfilter/ip_conntrack_sip.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_sip.c 2006-02-07 15:39:18.000000000 +0100 ++++ linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_sip.c 2006-02-14 01:16:16.327959816 +0100 @@ -0,0 +1,312 @@ +/* + * SIP extension for IP connection tracking. @@ -341,7 +341,7 @@ diff -urN linux-2.4.30/net/ipv4/netfilter/ip_conntrack_sip.c linux-2.4.30.new/ne +module_exit(fini); diff -urN linux-2.4.30/net/ipv4/netfilter/ip_nat_sip.c linux-2.4.30.new/net/ipv4/netfilter/ip_nat_sip.c --- linux-2.4.30/net/ipv4/netfilter/ip_nat_sip.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.30.new/net/ipv4/netfilter/ip_nat_sip.c 2006-02-07 15:39:18.000000000 +0100 ++++ linux-2.4.30.new/net/ipv4/netfilter/ip_nat_sip.c 2006-02-14 01:16:16.328959664 +0100 @@ -0,0 +1,800 @@ +/* + * SIP extension for TCP NAT alteration. @@ -1144,8 +1144,8 @@ diff -urN linux-2.4.30/net/ipv4/netfilter/ip_nat_sip.c linux-2.4.30.new/net/ipv4 +module_init(init); +module_exit(fini); diff -urN linux-2.4.30/net/ipv4/netfilter/Makefile linux-2.4.30.new/net/ipv4/netfilter/Makefile ---- linux-2.4.30/net/ipv4/netfilter/Makefile 2006-02-07 15:38:07.000000000 +0100 -+++ linux-2.4.30.new/net/ipv4/netfilter/Makefile 2006-02-07 15:39:18.000000000 +0100 +--- linux-2.4.30/net/ipv4/netfilter/Makefile 2006-02-14 01:14:42.760184280 +0100 ++++ linux-2.4.30.new/net/ipv4/netfilter/Makefile 2006-02-14 01:16:16.329959512 +0100 @@ -53,6 +53,10 @@ ifdef CONFIG_IP_NF_NAT_PPTP export-objs += ip_conntrack_pptp.o @@ -1166,8 +1166,8 @@ diff -urN linux-2.4.30/net/ipv4/netfilter/Makefile linux-2.4.30.new/net/ipv4/net # generic IP tables obj-$(CONFIG_IP_NF_IPTABLES) += ip_tables.o diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h ---- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h 2006-02-07 15:38:07.000000000 +0100 -+++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h 2006-02-07 15:39:18.000000000 +0100 +--- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h 2006-02-14 01:14:42.014297672 +0100 ++++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h 2006-02-14 01:16:16.330959360 +0100 @@ -71,6 +71,7 @@ #include #include @@ -1194,7 +1194,7 @@ diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.4.30. #ifdef CONFIG_IP_NF_NAT_NEEDED diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack_sip.h linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack_sip.h --- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack_sip.h 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack_sip.h 2006-02-07 15:39:18.000000000 +0100 ++++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack_sip.h 2006-02-14 01:16:16.331959208 +0100 @@ -0,0 +1,56 @@ +#ifndef _IP_CONNTRACK_SIP_H +#define _IP_CONNTRACK_SIP_H diff --git a/openwrt/target/linux/linux-2.4/patches/generic/118-netfilter_nat_rtsp.patch b/openwrt/target/linux/linux-2.4/patches/generic/118-netfilter_nat_rtsp.patch index dfc18740bf..4b7a5c7d81 100644 --- a/openwrt/target/linux/linux-2.4/patches/generic/118-netfilter_nat_rtsp.patch +++ b/openwrt/target/linux/linux-2.4/patches/generic/118-netfilter_nat_rtsp.patch @@ -1341,307 +1341,6 @@ diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.4.30. struct ip_ct_ftp_master ct_ftp_info; struct ip_ct_irc_master ct_irc_info; struct ip_ct_pptp_master ct_pptp_info; -diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h.orig linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h.orig ---- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h.orig 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h.orig 2006-02-14 13:49:55.000000000 +0100 -@@ -0,0 +1,297 @@ -+#ifndef _IP_CONNTRACK_H -+#define _IP_CONNTRACK_H -+/* Connection state tracking for netfilter. This is separated from, -+ but required by, the NAT layer; it can also be used by an iptables -+ extension. */ -+ -+#include -+#include -+#include -+#include -+ -+enum ip_conntrack_info -+{ -+ /* Part of an established connection (either direction). */ -+ IP_CT_ESTABLISHED, -+ -+ /* Like NEW, but related to an existing connection, or ICMP error -+ (in either direction). */ -+ IP_CT_RELATED, -+ -+ /* Started a new connection to track (only -+ IP_CT_DIR_ORIGINAL); may be a retransmission. */ -+ IP_CT_NEW, -+ -+ /* >= this indicates reply direction */ -+ IP_CT_IS_REPLY, -+ -+ /* Number of distinct IP_CT types (no NEW in reply dirn). */ -+ IP_CT_NUMBER = IP_CT_IS_REPLY * 2 - 1 -+}; -+ -+/* Bitset representing status of connection. */ -+enum ip_conntrack_status { -+ /* It's an expected connection: bit 0 set. This bit never changed */ -+ IPS_EXPECTED_BIT = 0, -+ IPS_EXPECTED = (1 << IPS_EXPECTED_BIT), -+ -+ /* We've seen packets both ways: bit 1 set. Can be set, not unset. */ -+ IPS_SEEN_REPLY_BIT = 1, -+ IPS_SEEN_REPLY = (1 << IPS_SEEN_REPLY_BIT), -+ -+ /* Conntrack should never be early-expired. */ -+ IPS_ASSURED_BIT = 2, -+ IPS_ASSURED = (1 << IPS_ASSURED_BIT), -+ -+ /* Connection is confirmed: originating packet has left box */ -+ IPS_CONFIRMED_BIT = 3, -+ IPS_CONFIRMED = (1 << IPS_CONFIRMED_BIT), -+}; -+ -+#include -+#include -+#include -+ -+/* per conntrack: protocol private data */ -+union ip_conntrack_proto { -+ /* insert conntrack proto private data here */ -+ struct ip_ct_tcp tcp; -+ struct ip_ct_icmp icmp; -+ struct ip_ct_gre gre; -+}; -+ -+union ip_conntrack_expect_proto { -+ /* insert expect proto private data here */ -+ struct ip_ct_gre_expect gre; -+}; -+ -+/* Add protocol helper include file here */ -+#include -+ -+#include -+#include -+#include -+#include -+#include -+ -+/* per expectation: application helper private data */ -+union ip_conntrack_expect_help { -+ /* insert conntrack helper private data (expect) here */ -+ struct ip_ct_amanda_expect exp_amanda_info; -+ struct ip_ct_ftp_expect exp_ftp_info; -+ struct ip_ct_irc_expect exp_irc_info; -+ struct ip_ct_pptp_expect exp_pptp_info; -+ struct ip_ct_sip_expect exp_sip_info; -+ struct ip_ct_h225_expect exp_h225_info; -+ -+#ifdef CONFIG_IP_NF_NAT_NEEDED -+ union { -+ /* insert nat helper private data (expect) here */ -+ } nat; -+#endif -+}; -+ -+/* per conntrack: application helper private data */ -+union ip_conntrack_help { -+ /* insert conntrack helper private data (master) here */ -+ struct ip_ct_ftp_master ct_ftp_info; -+ struct ip_ct_irc_master ct_irc_info; -+ struct ip_ct_pptp_master ct_pptp_info; -+ struct ip_ct_sip_master ct_sip_info; -+ struct ip_ct_h225_master ct_h225_info; -+}; -+ -+#ifdef CONFIG_IP_NF_NAT_NEEDED -+#include -+#include -+ -+/* per conntrack: nat application helper private data */ -+union ip_conntrack_nat_help { -+ /* insert nat helper private data here */ -+ struct ip_nat_pptp nat_pptp_info; -+}; -+#endif -+ -+#ifdef __KERNEL__ -+ -+#include -+#include -+ -+#ifdef CONFIG_NETFILTER_DEBUG -+#define IP_NF_ASSERT(x) \ -+do { \ -+ if (!(x)) \ -+ /* Wooah! I'm tripping my conntrack in a frenzy of \ -+ netplay... */ \ -+ printk("NF_IP_ASSERT: %s:%i(%s)\n", \ -+ __FILE__, __LINE__, __FUNCTION__); \ -+} while(0) -+#else -+#define IP_NF_ASSERT(x) -+#endif -+ -+struct ip_conntrack_expect -+{ -+ /* Internal linked list (global expectation list) */ -+ struct list_head list; -+ -+ /* reference count */ -+ atomic_t use; -+ -+ /* expectation list for this master */ -+ struct list_head expected_list; -+ -+ /* The conntrack of the master connection */ -+ struct ip_conntrack *expectant; -+ -+ /* The conntrack of the sibling connection, set after -+ * expectation arrived */ -+ struct ip_conntrack *sibling; -+ -+ /* Tuple saved for conntrack */ -+ struct ip_conntrack_tuple ct_tuple; -+ -+ /* Timer function; deletes the expectation. */ -+ struct timer_list timeout; -+ -+ /* Data filled out by the conntrack helpers follow: */ -+ -+ /* We expect this tuple, with the following mask */ -+ struct ip_conntrack_tuple tuple, mask; -+ -+ /* Function to call after setup and insertion */ -+ int (*expectfn)(struct ip_conntrack *new); -+ -+ /* At which sequence number did this expectation occur */ -+ u_int32_t seq; -+ -+ union ip_conntrack_expect_proto proto; -+ -+ union ip_conntrack_expect_help help; -+}; -+ -+struct ip_conntrack_helper; -+ -+struct ip_conntrack -+{ -+ /* Usage count in here is 1 for hash table/destruct timer, 1 per skb, -+ plus 1 for any connection(s) we are `master' for */ -+ struct nf_conntrack ct_general; -+ -+ /* These are my tuples; original and reply */ -+ struct ip_conntrack_tuple_hash tuplehash[IP_CT_DIR_MAX]; -+ -+ /* Have we seen traffic both ways yet? (bitset) */ -+ unsigned long status; -+ -+ /* Timer function; drops refcnt when it goes off. */ -+ struct timer_list timeout; -+ -+ /* If we're expecting another related connection, this will be -+ in expected linked list */ -+ struct list_head sibling_list; -+ -+ /* Current number of expected connections */ -+ unsigned int expecting; -+ -+ /* If we were expected by an expectation, this will be it */ -+ struct ip_conntrack_expect *master; -+ -+ /* Helper, if any. */ -+ struct ip_conntrack_helper *helper; -+ -+ /* Our various nf_ct_info structs specify *what* relation this -+ packet has to the conntrack */ -+ struct nf_ct_info infos[IP_CT_NUMBER]; -+ -+ /* Storage reserved for other modules: */ -+ -+ union ip_conntrack_proto proto; -+ -+ union ip_conntrack_help help; -+ -+#ifdef CONFIG_IP_NF_NAT_NEEDED -+ struct { -+ struct ip_nat_info info; -+ union ip_conntrack_nat_help help; -+#if defined(CONFIG_IP_NF_TARGET_MASQUERADE) || \ -+ defined(CONFIG_IP_NF_TARGET_MASQUERADE_MODULE) -+ int masq_index; -+#endif -+ } nat; -+#endif /* CONFIG_IP_NF_NAT_NEEDED */ -+ -+#if defined(CONFIG_IP_NF_MATCH_LAYER7) || defined(CONFIG_IP_NF_MATCH_LAYER7_MODULE) -+ struct { -+ unsigned int numpackets; /* surely this is kept track of somewhere else, right? I can't find it... */ -+ char * app_proto; /* "http", "ftp", etc. NULL if unclassifed */ -+ -+ /* the application layer data so far. NULL if ->numpackets > numpackets */ -+ char * app_data; -+ -+ unsigned int app_data_len; -+ } layer7; -+#endif -+#if defined(CONFIG_IP_NF_CONNTRACK_MARK) -+ unsigned long mark; -+#endif -+}; -+ -+/* get master conntrack via master expectation */ -+#define master_ct(conntr) (conntr->master ? conntr->master->expectant : NULL) -+ -+/* Alter reply tuple (maybe alter helper). If it's already taken, -+ return 0 and don't do alteration. */ -+extern int -+ip_conntrack_alter_reply(struct ip_conntrack *conntrack, -+ const struct ip_conntrack_tuple *newreply); -+ -+/* Is this tuple taken? (ignoring any belonging to the given -+ conntrack). */ -+extern int -+ip_conntrack_tuple_taken(const struct ip_conntrack_tuple *tuple, -+ const struct ip_conntrack *ignored_conntrack); -+ -+/* Return conntrack_info and tuple hash for given skb. */ -+extern struct ip_conntrack * -+ip_conntrack_get(struct sk_buff *skb, enum ip_conntrack_info *ctinfo); -+ -+/* decrement reference count on a conntrack */ -+extern inline void ip_conntrack_put(struct ip_conntrack *ct); -+ -+/* find unconfirmed expectation based on tuple */ -+struct ip_conntrack_expect * -+ip_conntrack_expect_find_get(const struct ip_conntrack_tuple *tuple); -+ -+/* decrement reference count on an expectation */ -+void ip_conntrack_expect_put(struct ip_conntrack_expect *exp); -+ -+extern int invert_tuplepr(struct ip_conntrack_tuple *inverse, -+ const struct ip_conntrack_tuple *orig); -+ -+/* Refresh conntrack for this many jiffies */ -+extern void ip_ct_refresh(struct ip_conntrack *ct, -+ unsigned long extra_jiffies); -+ -+/* These are for NAT. Icky. */ -+/* Call me when a conntrack is destroyed. */ -+extern void (*ip_conntrack_destroyed)(struct ip_conntrack *conntrack); -+ -+/* Returns new sk_buff, or NULL */ -+struct sk_buff * -+ip_ct_gather_frags(struct sk_buff *skb, u_int32_t user); -+ -+/* Iterate over all conntracks: if iter returns true, it's deleted. */ -+extern void -+ip_ct_iterate_cleanup(int (*iter)(struct ip_conntrack *i, void *data), -+ void *data); -+ -+/* It's confirmed if it is, or has been in the hash table. */ -+static inline int is_confirmed(struct ip_conntrack *ct) -+{ -+ return test_bit(IPS_CONFIRMED_BIT, &ct->status); -+} -+ -+extern unsigned int ip_conntrack_htable_size; -+#endif /* __KERNEL__ */ -+#endif /* _IP_CONNTRACK_H */ diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h --- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 1970-01-01 01:00:00.000000000 +0100 +++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 2006-02-14 13:49:55.000000000 +0100 -- 2.30.2