]>
Commit | Line | Data |
---|---|---|
1cbd4257 | 1 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter.h linux-2.6.0-test11/include/linux/netfilter.h |
2 | --- linux-2.6.0-test11.org/include/linux/netfilter.h 2003-11-26 21:44:11.000000000 +0100 | |
3 | +++ linux-2.6.0-test11/include/linux/netfilter.h 2003-12-04 14:34:12.000000000 +0100 | |
4 | @@ -23,6 +23,7 @@ | |
5 | <= 0x2000 is used for protocol-flags. */ | |
6 | #define NFC_UNKNOWN 0x4000 | |
7 | #define NFC_ALTERED 0x8000 | |
8 | +#define NFC_TRACE 0x10000 | |
9 | ||
10 | #ifdef __KERNEL__ | |
11 | #include <linux/config.h> | |
12 | @@ -99,6 +100,24 @@ | |
13 | ||
14 | extern struct list_head nf_hooks[NPROTO][NF_MAX_HOOKS]; | |
15 | ||
16 | +typedef void nf_logfn(unsigned int hooknum, | |
17 | + const struct sk_buff *skb, | |
18 | + const struct net_device *in, | |
19 | + const struct net_device *out, | |
20 | + const char *prefix); | |
21 | + | |
22 | +/* Function to register/unregister log function. */ | |
23 | +int nf_log_register(int pf, nf_logfn *logfn); | |
24 | +void nf_log_unregister(int pf, nf_logfn *logfn); | |
25 | + | |
26 | +/* Calls the registered backend logging function */ | |
27 | +void nf_log_packet(int pf, | |
28 | + unsigned int hooknum, | |
29 | + const struct sk_buff *skb, | |
30 | + const struct net_device *in, | |
31 | + const struct net_device *out, | |
32 | + const char *fmt, ...); | |
33 | + | |
34 | /* Activate hook; either okfn or kfree_skb called, unless a hook | |
35 | returns NF_STOLEN (in which case, it's up to the hook to deal with | |
36 | the consequences). | |
37 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_helpers.h linux-2.6.0-test11/include/linux/netfilter_helpers.h | |
38 | --- linux-2.6.0-test11.org/include/linux/netfilter_helpers.h 1970-01-01 01:00:00.000000000 +0100 | |
39 | +++ linux-2.6.0-test11/include/linux/netfilter_helpers.h 2003-12-04 14:42:08.000000000 +0100 | |
40 | @@ -0,0 +1,133 @@ | |
41 | +/* | |
42 | + * Helpers for netfiler modules. This file provides implementations for basic | |
43 | + * functions such as strncasecmp(), etc. | |
44 | + * | |
45 | + * gcc will warn for defined but unused functions, so we only include the | |
46 | + * functions requested. The following macros are used: | |
47 | + * NF_NEED_STRNCASECMP nf_strncasecmp() | |
48 | + * NF_NEED_STRTOU16 nf_strtou16() | |
49 | + * NF_NEED_STRTOU32 nf_strtou32() | |
50 | + */ | |
51 | +#ifndef _NETFILTER_HELPERS_H | |
52 | +#define _NETFILTER_HELPERS_H | |
53 | + | |
54 | +/* Only include these functions for kernel code. */ | |
55 | +#ifdef __KERNEL__ | |
56 | + | |
57 | +#include <linux/ctype.h> | |
58 | +#define iseol(c) ( (c) == '\r' || (c) == '\n' ) | |
59 | + | |
60 | +/* | |
61 | + * The standard strncasecmp() | |
62 | + */ | |
63 | +#ifdef NF_NEED_STRNCASECMP | |
64 | +static int | |
65 | +nf_strncasecmp(const char* s1, const char* s2, u_int32_t len) | |
66 | +{ | |
67 | + if (s1 == NULL || s2 == NULL) | |
68 | + { | |
69 | + if (s1 == NULL && s2 == NULL) | |
70 | + { | |
71 | + return 0; | |
72 | + } | |
73 | + return (s1 == NULL) ? -1 : 1; | |
74 | + } | |
75 | + while (len > 0 && tolower(*s1) == tolower(*s2)) | |
76 | + { | |
77 | + len--; | |
78 | + s1++; | |
79 | + s2++; | |
80 | + } | |
81 | + return ( (len == 0) ? 0 : (tolower(*s1) - tolower(*s2)) ); | |
82 | +} | |
83 | +#endif /* NF_NEED_STRNCASECMP */ | |
84 | + | |
85 | +/* | |
86 | + * Parse a string containing a 16-bit unsigned integer. | |
87 | + * Returns the number of chars used, or zero if no number is found. | |
88 | + */ | |
89 | +#ifdef NF_NEED_STRTOU16 | |
90 | +static int | |
91 | +nf_strtou16(const char* pbuf, u_int16_t* pval) | |
92 | +{ | |
93 | + int n = 0; | |
94 | + | |
95 | + *pval = 0; | |
96 | + while (isdigit(pbuf[n])) | |
97 | + { | |
98 | + *pval = (*pval * 10) + (pbuf[n] - '0'); | |
99 | + n++; | |
100 | + } | |
101 | + | |
102 | + return n; | |
103 | +} | |
104 | +#endif /* NF_NEED_STRTOU16 */ | |
105 | + | |
106 | +/* | |
107 | + * Parse a string containing a 32-bit unsigned integer. | |
108 | + * Returns the number of chars used, or zero if no number is found. | |
109 | + */ | |
110 | +#ifdef NF_NEED_STRTOU32 | |
111 | +static int | |
112 | +nf_strtou32(const char* pbuf, u_int32_t* pval) | |
113 | +{ | |
114 | + int n = 0; | |
115 | + | |
116 | + *pval = 0; | |
117 | + while (pbuf[n] >= '0' && pbuf[n] <= '9') | |
118 | + { | |
119 | + *pval = (*pval * 10) + (pbuf[n] - '0'); | |
120 | + n++; | |
121 | + } | |
122 | + | |
123 | + return n; | |
124 | +} | |
125 | +#endif /* NF_NEED_STRTOU32 */ | |
126 | + | |
127 | +/* | |
128 | + * Given a buffer and length, advance to the next line and mark the current | |
129 | + * line. | |
130 | + */ | |
131 | +#ifdef NF_NEED_NEXTLINE | |
132 | +static int | |
133 | +nf_nextline(char* p, uint len, uint* poff, uint* plineoff, uint* plinelen) | |
134 | +{ | |
135 | + uint off = *poff; | |
136 | + uint physlen = 0; | |
137 | + | |
138 | + if (off >= len) | |
139 | + { | |
140 | + return 0; | |
141 | + } | |
142 | + | |
143 | + while (p[off] != '\n') | |
144 | + { | |
145 | + if (len-off <= 1) | |
146 | + { | |
147 | + return 0; | |
148 | + } | |
149 | + | |
150 | + physlen++; | |
151 | + off++; | |
152 | + } | |
153 | + | |
154 | + /* if we saw a crlf, physlen needs adjusted */ | |
155 | + if (physlen > 0 && p[off] == '\n' && p[off-1] == '\r') | |
156 | + { | |
157 | + physlen--; | |
158 | + } | |
159 | + | |
160 | + /* advance past the newline */ | |
161 | + off++; | |
162 | + | |
163 | + *plineoff = *poff; | |
164 | + *plinelen = physlen; | |
165 | + *poff = off; | |
166 | + | |
167 | + return 1; | |
168 | +} | |
169 | +#endif /* NF_NEED_NEXTLINE */ | |
170 | + | |
171 | +#endif /* __KERNEL__ */ | |
172 | + | |
173 | +#endif /* _NETFILTER_HELPERS_H */ | |
174 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack.h | |
175 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack.h 2003-11-26 21:45:37.000000000 +0100 | |
176 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack.h 2003-12-04 14:42:28.000000000 +0100 | |
177 | @@ -51,19 +51,29 @@ | |
178 | ||
179 | #include <linux/netfilter_ipv4/ip_conntrack_tcp.h> | |
180 | #include <linux/netfilter_ipv4/ip_conntrack_icmp.h> | |
181 | +#include <linux/netfilter_ipv4/ip_conntrack_proto_gre.h> | |
182 | ||
183 | /* per conntrack: protocol private data */ | |
184 | union ip_conntrack_proto { | |
185 | /* insert conntrack proto private data here */ | |
186 | + struct ip_ct_gre gre; | |
187 | struct ip_ct_tcp tcp; | |
188 | struct ip_ct_icmp icmp; | |
189 | }; | |
190 | ||
191 | union ip_conntrack_expect_proto { | |
192 | /* insert expect proto private data here */ | |
193 | + struct ip_ct_gre_expect gre; | |
194 | }; | |
195 | ||
196 | /* Add protocol helper include file here */ | |
197 | +#include <linux/netfilter_ipv4/ip_conntrack_talk.h> | |
198 | +#include <linux/netfilter_ipv4/ip_conntrack_rtsp.h> | |
199 | +#include <linux/netfilter_ipv4/ip_conntrack_rsh.h> | |
200 | +#include <linux/netfilter_ipv4/ip_conntrack_pptp.h> | |
201 | +#include <linux/netfilter_ipv4/ip_conntrack_mms.h> | |
202 | +#include <linux/netfilter_ipv4/ip_conntrack_h323.h> | |
203 | + | |
204 | #include <linux/netfilter_ipv4/ip_conntrack_amanda.h> | |
205 | #include <linux/netfilter_ipv4/ip_conntrack_ftp.h> | |
206 | #include <linux/netfilter_ipv4/ip_conntrack_irc.h> | |
207 | @@ -71,6 +81,13 @@ | |
208 | /* per expectation: application helper private data */ | |
209 | union ip_conntrack_expect_help { | |
210 | /* insert conntrack helper private data (expect) here */ | |
211 | + struct ip_ct_talk_expect exp_talk_info; | |
212 | + struct ip_ct_rtsp_master ct_rtsp_info; | |
213 | + struct ip_ct_rtsp_expect exp_rtsp_info; | |
214 | + struct ip_ct_rsh_expect exp_rsh_info; | |
215 | + struct ip_ct_pptp_expect exp_pptp_info; | |
216 | + struct ip_ct_mms_expect exp_mms_info; | |
217 | + struct ip_ct_h225_expect exp_h225_info; | |
218 | struct ip_ct_amanda_expect exp_amanda_info; | |
219 | struct ip_ct_ftp_expect exp_ftp_info; | |
220 | struct ip_ct_irc_expect exp_irc_info; | |
221 | @@ -85,16 +102,23 @@ | |
222 | /* per conntrack: application helper private data */ | |
223 | union ip_conntrack_help { | |
224 | /* insert conntrack helper private data (master) here */ | |
225 | + struct ip_ct_talk_master ct_talk_info; | |
226 | + struct ip_ct_rsh_master ct_rsh_info; | |
227 | + struct ip_ct_pptp_master ct_pptp_info; | |
228 | + struct ip_ct_mms_master ct_mms_info; | |
229 | + struct ip_ct_h225_master ct_h225_info; | |
230 | struct ip_ct_ftp_master ct_ftp_info; | |
231 | struct ip_ct_irc_master ct_irc_info; | |
232 | }; | |
233 | ||
234 | #ifdef CONFIG_IP_NF_NAT_NEEDED | |
235 | #include <linux/netfilter_ipv4/ip_nat.h> | |
236 | +#include <linux/netfilter_ipv4/ip_nat_pptp.h> | |
237 | ||
238 | /* per conntrack: nat application helper private data */ | |
239 | union ip_conntrack_nat_help { | |
240 | /* insert nat helper private data here */ | |
241 | + struct ip_nat_pptp nat_pptp_info; | |
242 | }; | |
243 | #endif | |
244 | ||
245 | @@ -206,6 +230,9 @@ | |
246 | } nat; | |
247 | #endif /* CONFIG_IP_NF_NAT_NEEDED */ | |
248 | ||
249 | +#if defined(CONFIG_IP_NF_CONNTRACK_MARK) | |
250 | + unsigned long mark; | |
251 | +#endif | |
252 | }; | |
253 | ||
254 | /* get master conntrack via master expectation */ | |
255 | @@ -268,6 +295,9 @@ | |
256 | ||
257 | extern unsigned int ip_conntrack_htable_size; | |
258 | ||
259 | +/* A fake conntrack entry which never vanishes. */ | |
260 | +extern struct ip_conntrack ip_conntrack_untracked; | |
261 | + | |
262 | /* eg. PROVIDES_CONNTRACK(ftp); */ | |
263 | #define PROVIDES_CONNTRACK(name) \ | |
264 | int needs_ip_conntrack_##name; \ | |
265 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h | |
266 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h 1970-01-01 01:00:00.000000000 +0100 | |
267 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h 2003-12-04 14:40:09.000000000 +0100 | |
268 | @@ -0,0 +1,70 @@ | |
269 | +#ifndef _IP_CT_CUSEEME | |
270 | +#define _IP_CT_CUSEEME | |
271 | + | |
272 | +#define CUSEEME_PORT 7648 | |
273 | + | |
274 | +/* These structs come from the 2.2 ip_masq_cuseeme code... */ | |
275 | + | |
276 | +#pragma pack(1) | |
277 | +/* CuSeeMe data header */ | |
278 | +struct cu_header { | |
279 | + u_int16_t dest_family; | |
280 | + u_int16_t dest_port; | |
281 | + u_int32_t dest_addr; | |
282 | + int16_t family; | |
283 | + u_int16_t port; | |
284 | + u_int32_t addr; | |
285 | + u_int32_t seq; | |
286 | + u_int16_t msg; | |
287 | + u_int16_t data_type; | |
288 | + /* possible values: | |
289 | + * 1 small video | |
290 | + * 2 big video | |
291 | + * 3 audio | |
292 | + * 100 acknowledge connectivity when there | |
293 | + * is nothing else to send | |
294 | + * 101 OpenContinue packet | |
295 | + * 104 display a text message and | |
296 | + * disconnect (used by reflector to | |
297 | + * kick clients off) | |
298 | + * 105 display a text message (welcome | |
299 | + * message from reflector) | |
300 | + * 106 exchanged among reflectors for | |
301 | + * reflector interoperation | |
302 | + * 107 carry aux stream data when there is | |
303 | + * no video to piggy-back on | |
304 | + * 108 obsolete (used in Mac alpha version) | |
305 | + * 109 obsolete (used in Mac alpha version) | |
306 | + * 110 used for data rate control | |
307 | + * 111 used for data rate control | |
308 | + * 256 aux data control messages | |
309 | + * 257 aux data packets | |
310 | + * */ | |
311 | + u_int16_t packet_len; | |
312 | +}; | |
313 | + | |
314 | +/* Open Continue Header */ | |
315 | +struct oc_header { | |
316 | + struct cu_header cu_head; | |
317 | + u_int16_t client_count; /* Number of client info structs */ | |
318 | + u_int32_t seq_no; | |
319 | + char user_name[20]; | |
320 | + char stuff[4]; /* Flags, version stuff, etc */ | |
321 | +}; | |
322 | + | |
323 | +/* Client info structures */ | |
324 | +struct client_info { | |
325 | + u_int32_t address; /* Client address */ | |
326 | + char stuff[8]; /* Flags, pruning bitfield, packet counts, etc */ | |
327 | +}; | |
328 | +#pragma pack() | |
329 | + | |
330 | +/* This structure is per expected connection */ | |
331 | +struct ip_ct_cuseeme_expect { | |
332 | +}; | |
333 | + | |
334 | +/* This structure exists only once per master */ | |
335 | +struct ip_ct_cuseeme_master { | |
336 | +}; | |
337 | + | |
338 | +#endif /* _IP_CT_CUSEEME */ | |
339 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_h323.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_h323.h | |
340 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_h323.h 1970-01-01 01:00:00.000000000 +0100 | |
341 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2003-12-04 14:40:28.000000000 +0100 | |
342 | @@ -0,0 +1,30 @@ | |
343 | +#ifndef _IP_CONNTRACK_H323_H | |
344 | +#define _IP_CONNTRACK_H323_H | |
345 | +/* H.323 connection tracking. */ | |
346 | + | |
347 | +#ifdef __KERNEL__ | |
348 | +/* Protects H.323 related data */ | |
349 | +DECLARE_LOCK_EXTERN(ip_h323_lock); | |
350 | +#endif | |
351 | + | |
352 | +/* Default H.225 port */ | |
353 | +#define H225_PORT 1720 | |
354 | + | |
355 | +/* This structure is per expected connection */ | |
356 | +struct ip_ct_h225_expect { | |
357 | + u_int16_t port; /* Port of the H.225 helper/RTCP/RTP channel */ | |
358 | + enum ip_conntrack_dir dir; /* Direction of the original connection */ | |
359 | + unsigned int offset; /* offset of the address in the payload */ | |
360 | +}; | |
361 | + | |
362 | +/* This structure exists only once per master */ | |
363 | +struct ip_ct_h225_master { | |
364 | + int is_h225; /* H.225 or H.245 connection */ | |
365 | +#ifdef CONFIG_IP_NF_NAT_NEEDED | |
366 | + enum ip_conntrack_dir dir; /* Direction of the original connection */ | |
367 | + u_int32_t seq[IP_CT_DIR_MAX]; /* Exceptional packet mangling for signal addressess... */ | |
368 | + unsigned int offset[IP_CT_DIR_MAX]; /* ...and the offset of the addresses in the payload */ | |
369 | +#endif | |
370 | +}; | |
371 | + | |
372 | +#endif /* _IP_CONNTRACK_H323_H */ | |
373 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_mms.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_mms.h | |
374 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_mms.h 1970-01-01 01:00:00.000000000 +0100 | |
375 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_mms.h 2003-12-04 14:40:57.000000000 +0100 | |
376 | @@ -0,0 +1,31 @@ | |
377 | +#ifndef _IP_CONNTRACK_MMS_H | |
378 | +#define _IP_CONNTRACK_MMS_H | |
379 | +/* MMS tracking. */ | |
380 | + | |
381 | +#ifdef __KERNEL__ | |
382 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
383 | + | |
384 | +DECLARE_LOCK_EXTERN(ip_mms_lock); | |
385 | + | |
386 | +#define MMS_PORT 1755 | |
387 | +#define MMS_SRV_MSG_ID 196610 | |
388 | + | |
389 | +#define MMS_SRV_MSG_OFFSET 36 | |
390 | +#define MMS_SRV_UNICODE_STRING_OFFSET 60 | |
391 | +#define MMS_SRV_CHUNKLENLV_OFFSET 16 | |
392 | +#define MMS_SRV_CHUNKLENLM_OFFSET 32 | |
393 | +#define MMS_SRV_MESSAGELENGTH_OFFSET 8 | |
394 | +#endif | |
395 | + | |
396 | +/* This structure is per expected connection */ | |
397 | +struct ip_ct_mms_expect { | |
398 | + u_int32_t len; | |
399 | + u_int32_t padding; | |
400 | + u_int16_t port; | |
401 | +}; | |
402 | + | |
403 | +/* This structure exists only once per master */ | |
404 | +struct ip_ct_mms_master { | |
405 | +}; | |
406 | + | |
407 | +#endif /* _IP_CONNTRACK_MMS_H */ | |
408 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_pptp.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_pptp.h | |
409 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_pptp.h 1970-01-01 01:00:00.000000000 +0100 | |
410 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_pptp.h 2003-12-04 14:41:27.000000000 +0100 | |
411 | @@ -0,0 +1,313 @@ | |
412 | +/* PPTP constants and structs */ | |
413 | +#ifndef _CONNTRACK_PPTP_H | |
414 | +#define _CONNTRACK_PPTP_H | |
415 | + | |
416 | +/* state of the control session */ | |
417 | +enum pptp_ctrlsess_state { | |
418 | + PPTP_SESSION_NONE, /* no session present */ | |
419 | + PPTP_SESSION_ERROR, /* some session error */ | |
420 | + PPTP_SESSION_STOPREQ, /* stop_sess request seen */ | |
421 | + PPTP_SESSION_REQUESTED, /* start_sess request seen */ | |
422 | + PPTP_SESSION_CONFIRMED, /* session established */ | |
423 | +}; | |
424 | + | |
425 | +/* state of the call inside the control session */ | |
426 | +enum pptp_ctrlcall_state { | |
427 | + PPTP_CALL_NONE, | |
428 | + PPTP_CALL_ERROR, | |
429 | + PPTP_CALL_OUT_REQ, | |
430 | + PPTP_CALL_OUT_CONF, | |
431 | + PPTP_CALL_IN_REQ, | |
432 | + PPTP_CALL_IN_REP, | |
433 | + PPTP_CALL_IN_CONF, | |
434 | + PPTP_CALL_CLEAR_REQ, | |
435 | +}; | |
436 | + | |
437 | + | |
438 | +/* conntrack private data */ | |
439 | +struct ip_ct_pptp_master { | |
440 | + enum pptp_ctrlsess_state sstate; /* session state */ | |
441 | + | |
442 | + /* everything below is going to be per-expectation in newnat, | |
443 | + * since there could be more than one call within one session */ | |
444 | + enum pptp_ctrlcall_state cstate; /* call state */ | |
445 | + u_int16_t pac_call_id; /* call id of PAC, host byte order */ | |
446 | + u_int16_t pns_call_id; /* call id of PNS, host byte order */ | |
447 | +}; | |
448 | + | |
449 | +/* conntrack_expect private member */ | |
450 | +struct ip_ct_pptp_expect { | |
451 | + enum pptp_ctrlcall_state cstate; /* call state */ | |
452 | + u_int16_t pac_call_id; /* call id of PAC */ | |
453 | + u_int16_t pns_call_id; /* call id of PNS */ | |
454 | +}; | |
455 | + | |
456 | + | |
457 | +#ifdef __KERNEL__ | |
458 | + | |
459 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
460 | +DECLARE_LOCK_EXTERN(ip_pptp_lock); | |
461 | + | |
462 | +#define IP_CONNTR_PPTP PPTP_CONTROL_PORT | |
463 | + | |
464 | +union pptp_ctrl_union { | |
465 | + void *rawreq; | |
466 | + struct PptpStartSessionRequest *sreq; | |
467 | + struct PptpStartSessionReply *srep; | |
468 | + struct PptpStopSessionReqest *streq; | |
469 | + struct PptpStopSessionReply *strep; | |
470 | + struct PptpOutCallRequest *ocreq; | |
471 | + struct PptpOutCallReply *ocack; | |
472 | + struct PptpInCallRequest *icreq; | |
473 | + struct PptpInCallReply *icack; | |
474 | + struct PptpInCallConnected *iccon; | |
475 | + struct PptpClearCallRequest *clrreq; | |
476 | + struct PptpCallDisconnectNotify *disc; | |
477 | + struct PptpWanErrorNotify *wanerr; | |
478 | + struct PptpSetLinkInfo *setlink; | |
479 | +}; | |
480 | + | |
481 | + | |
482 | + | |
483 | +#define PPTP_CONTROL_PORT 1723 | |
484 | + | |
485 | +#define PPTP_PACKET_CONTROL 1 | |
486 | +#define PPTP_PACKET_MGMT 2 | |
487 | + | |
488 | +#define PPTP_MAGIC_COOKIE 0x1a2b3c4d | |
489 | + | |
490 | +struct pptp_pkt_hdr { | |
491 | + __u16 packetLength; | |
492 | + __u16 packetType; | |
493 | + __u32 magicCookie; | |
494 | +}; | |
495 | + | |
496 | +/* PptpControlMessageType values */ | |
497 | +#define PPTP_START_SESSION_REQUEST 1 | |
498 | +#define PPTP_START_SESSION_REPLY 2 | |
499 | +#define PPTP_STOP_SESSION_REQUEST 3 | |
500 | +#define PPTP_STOP_SESSION_REPLY 4 | |
501 | +#define PPTP_ECHO_REQUEST 5 | |
502 | +#define PPTP_ECHO_REPLY 6 | |
503 | +#define PPTP_OUT_CALL_REQUEST 7 | |
504 | +#define PPTP_OUT_CALL_REPLY 8 | |
505 | +#define PPTP_IN_CALL_REQUEST 9 | |
506 | +#define PPTP_IN_CALL_REPLY 10 | |
507 | +#define PPTP_IN_CALL_CONNECT 11 | |
508 | +#define PPTP_CALL_CLEAR_REQUEST 12 | |
509 | +#define PPTP_CALL_DISCONNECT_NOTIFY 13 | |
510 | +#define PPTP_WAN_ERROR_NOTIFY 14 | |
511 | +#define PPTP_SET_LINK_INFO 15 | |
512 | + | |
513 | +#define PPTP_MSG_MAX 15 | |
514 | + | |
515 | +/* PptpGeneralError values */ | |
516 | +#define PPTP_ERROR_CODE_NONE 0 | |
517 | +#define PPTP_NOT_CONNECTED 1 | |
518 | +#define PPTP_BAD_FORMAT 2 | |
519 | +#define PPTP_BAD_VALUE 3 | |
520 | +#define PPTP_NO_RESOURCE 4 | |
521 | +#define PPTP_BAD_CALLID 5 | |
522 | +#define PPTP_REMOVE_DEVICE_ERROR 6 | |
523 | + | |
524 | +struct PptpControlHeader { | |
525 | + __u16 messageType; | |
526 | + __u16 reserved; | |
527 | +}; | |
528 | + | |
529 | +/* FramingCapability Bitmap Values */ | |
530 | +#define PPTP_FRAME_CAP_ASYNC 0x1 | |
531 | +#define PPTP_FRAME_CAP_SYNC 0x2 | |
532 | + | |
533 | +/* BearerCapability Bitmap Values */ | |
534 | +#define PPTP_BEARER_CAP_ANALOG 0x1 | |
535 | +#define PPTP_BEARER_CAP_DIGITAL 0x2 | |
536 | + | |
537 | +struct PptpStartSessionRequest { | |
538 | + __u16 protocolVersion; | |
539 | + __u8 reserved1; | |
540 | + __u8 reserved2; | |
541 | + __u32 framingCapability; | |
542 | + __u32 bearerCapability; | |
543 | + __u16 maxChannels; | |
544 | + __u16 firmwareRevision; | |
545 | + __u8 hostName[64]; | |
546 | + __u8 vendorString[64]; | |
547 | +}; | |
548 | + | |
549 | +/* PptpStartSessionResultCode Values */ | |
550 | +#define PPTP_START_OK 1 | |
551 | +#define PPTP_START_GENERAL_ERROR 2 | |
552 | +#define PPTP_START_ALREADY_CONNECTED 3 | |
553 | +#define PPTP_START_NOT_AUTHORIZED 4 | |
554 | +#define PPTP_START_UNKNOWN_PROTOCOL 5 | |
555 | + | |
556 | +struct PptpStartSessionReply { | |
557 | + __u16 protocolVersion; | |
558 | + __u8 resultCode; | |
559 | + __u8 generalErrorCode; | |
560 | + __u32 framingCapability; | |
561 | + __u32 bearerCapability; | |
562 | + __u16 maxChannels; | |
563 | + __u16 firmwareRevision; | |
564 | + __u8 hostName[64]; | |
565 | + __u8 vendorString[64]; | |
566 | +}; | |
567 | + | |
568 | +/* PptpStopReasons */ | |
569 | +#define PPTP_STOP_NONE 1 | |
570 | +#define PPTP_STOP_PROTOCOL 2 | |
571 | +#define PPTP_STOP_LOCAL_SHUTDOWN 3 | |
572 | + | |
573 | +struct PptpStopSessionRequest { | |
574 | + __u8 reason; | |
575 | +}; | |
576 | + | |
577 | +/* PptpStopSessionResultCode */ | |
578 | +#define PPTP_STOP_OK 1 | |
579 | +#define PPTP_STOP_GENERAL_ERROR 2 | |
580 | + | |
581 | +struct PptpStopSessionReply { | |
582 | + __u8 resultCode; | |
583 | + __u8 generalErrorCode; | |
584 | +}; | |
585 | + | |
586 | +struct PptpEchoRequest { | |
587 | + __u32 identNumber; | |
588 | +}; | |
589 | + | |
590 | +/* PptpEchoReplyResultCode */ | |
591 | +#define PPTP_ECHO_OK 1 | |
592 | +#define PPTP_ECHO_GENERAL_ERROR 2 | |
593 | + | |
594 | +struct PptpEchoReply { | |
595 | + __u32 identNumber; | |
596 | + __u8 resultCode; | |
597 | + __u8 generalErrorCode; | |
598 | + __u16 reserved; | |
599 | +}; | |
600 | + | |
601 | +/* PptpFramingType */ | |
602 | +#define PPTP_ASYNC_FRAMING 1 | |
603 | +#define PPTP_SYNC_FRAMING 2 | |
604 | +#define PPTP_DONT_CARE_FRAMING 3 | |
605 | + | |
606 | +/* PptpCallBearerType */ | |
607 | +#define PPTP_ANALOG_TYPE 1 | |
608 | +#define PPTP_DIGITAL_TYPE 2 | |
609 | +#define PPTP_DONT_CARE_BEARER_TYPE 3 | |
610 | + | |
611 | +struct PptpOutCallRequest { | |
612 | + __u16 callID; | |
613 | + __u16 callSerialNumber; | |
614 | + __u32 minBPS; | |
615 | + __u32 maxBPS; | |
616 | + __u32 bearerType; | |
617 | + __u32 framingType; | |
618 | + __u16 packetWindow; | |
619 | + __u16 packetProcDelay; | |
620 | + __u16 reserved1; | |
621 | + __u16 phoneNumberLength; | |
622 | + __u16 reserved2; | |
623 | + __u8 phoneNumber[64]; | |
624 | + __u8 subAddress[64]; | |
625 | +}; | |
626 | + | |
627 | +/* PptpCallResultCode */ | |
628 | +#define PPTP_OUTCALL_CONNECT 1 | |
629 | +#define PPTP_OUTCALL_GENERAL_ERROR 2 | |
630 | +#define PPTP_OUTCALL_NO_CARRIER 3 | |
631 | +#define PPTP_OUTCALL_BUSY 4 | |
632 | +#define PPTP_OUTCALL_NO_DIAL_TONE 5 | |
633 | +#define PPTP_OUTCALL_TIMEOUT 6 | |
634 | +#define PPTP_OUTCALL_DONT_ACCEPT 7 | |
635 | + | |
636 | +struct PptpOutCallReply { | |
637 | + __u16 callID; | |
638 | + __u16 peersCallID; | |
639 | + __u8 resultCode; | |
640 | + __u8 generalErrorCode; | |
641 | + __u16 causeCode; | |
642 | + __u32 connectSpeed; | |
643 | + __u16 packetWindow; | |
644 | + __u16 packetProcDelay; | |
645 | + __u32 physChannelID; | |
646 | +}; | |
647 | + | |
648 | +struct PptpInCallRequest { | |
649 | + __u16 callID; | |
650 | + __u16 callSerialNumber; | |
651 | + __u32 callBearerType; | |
652 | + __u32 physChannelID; | |
653 | + __u16 dialedNumberLength; | |
654 | + __u16 dialingNumberLength; | |
655 | + __u8 dialedNumber[64]; | |
656 | + __u8 dialingNumber[64]; | |
657 | + __u8 subAddress[64]; | |
658 | +}; | |
659 | + | |
660 | +/* PptpInCallResultCode */ | |
661 | +#define PPTP_INCALL_ACCEPT 1 | |
662 | +#define PPTP_INCALL_GENERAL_ERROR 2 | |
663 | +#define PPTP_INCALL_DONT_ACCEPT 3 | |
664 | + | |
665 | +struct PptpInCallReply { | |
666 | + __u16 callID; | |
667 | + __u16 peersCallID; | |
668 | + __u8 resultCode; | |
669 | + __u8 generalErrorCode; | |
670 | + __u16 packetWindow; | |
671 | + __u16 packetProcDelay; | |
672 | + __u16 reserved; | |
673 | +}; | |
674 | + | |
675 | +struct PptpInCallConnected { | |
676 | + __u16 peersCallID; | |
677 | + __u16 reserved; | |
678 | + __u32 connectSpeed; | |
679 | + __u16 packetWindow; | |
680 | + __u16 packetProcDelay; | |
681 | + __u32 callFramingType; | |
682 | +}; | |
683 | + | |
684 | +struct PptpClearCallRequest { | |
685 | + __u16 callID; | |
686 | + __u16 reserved; | |
687 | +}; | |
688 | + | |
689 | +struct PptpCallDisconnectNotify { | |
690 | + __u16 callID; | |
691 | + __u8 resultCode; | |
692 | + __u8 generalErrorCode; | |
693 | + __u16 causeCode; | |
694 | + __u16 reserved; | |
695 | + __u8 callStatistics[128]; | |
696 | +}; | |
697 | + | |
698 | +struct PptpWanErrorNotify { | |
699 | + __u16 peersCallID; | |
700 | + __u16 reserved; | |
701 | + __u32 crcErrors; | |
702 | + __u32 framingErrors; | |
703 | + __u32 hardwareOverRuns; | |
704 | + __u32 bufferOverRuns; | |
705 | + __u32 timeoutErrors; | |
706 | + __u32 alignmentErrors; | |
707 | +}; | |
708 | + | |
709 | +struct PptpSetLinkInfo { | |
710 | + __u16 peersCallID; | |
711 | + __u16 reserved; | |
712 | + __u32 sendAccm; | |
713 | + __u32 recvAccm; | |
714 | +}; | |
715 | + | |
716 | + | |
717 | +struct pptp_priv_data { | |
718 | + __u16 call_id; | |
719 | + __u16 mcall_id; | |
720 | + __u16 pcall_id; | |
721 | +}; | |
722 | + | |
723 | +#endif /* __KERNEL__ */ | |
724 | +#endif /* _CONNTRACK_PPTP_H */ | |
725 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h | |
726 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h 1970-01-01 01:00:00.000000000 +0100 | |
727 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h 2003-12-04 14:41:27.000000000 +0100 | |
728 | @@ -0,0 +1,123 @@ | |
729 | +#ifndef _CONNTRACK_PROTO_GRE_H | |
730 | +#define _CONNTRACK_PROTO_GRE_H | |
731 | +#include <asm/byteorder.h> | |
732 | + | |
733 | +/* GRE PROTOCOL HEADER */ | |
734 | + | |
735 | +/* GRE Version field */ | |
736 | +#define GRE_VERSION_1701 0x0 | |
737 | +#define GRE_VERSION_PPTP 0x1 | |
738 | + | |
739 | +/* GRE Protocol field */ | |
740 | +#define GRE_PROTOCOL_PPTP 0x880B | |
741 | + | |
742 | +/* GRE Flags */ | |
743 | +#define GRE_FLAG_C 0x80 | |
744 | +#define GRE_FLAG_R 0x40 | |
745 | +#define GRE_FLAG_K 0x20 | |
746 | +#define GRE_FLAG_S 0x10 | |
747 | +#define GRE_FLAG_A 0x80 | |
748 | + | |
749 | +#define GRE_IS_C(f) ((f)&GRE_FLAG_C) | |
750 | +#define GRE_IS_R(f) ((f)&GRE_FLAG_R) | |
751 | +#define GRE_IS_K(f) ((f)&GRE_FLAG_K) | |
752 | +#define GRE_IS_S(f) ((f)&GRE_FLAG_S) | |
753 | +#define GRE_IS_A(f) ((f)&GRE_FLAG_A) | |
754 | + | |
755 | +/* GRE is a mess: Four different standards */ | |
756 | +struct gre_hdr { | |
757 | +#if defined(__LITTLE_ENDIAN_BITFIELD) | |
758 | + __u16 rec:3, | |
759 | + srr:1, | |
760 | + seq:1, | |
761 | + key:1, | |
762 | + routing:1, | |
763 | + csum:1, | |
764 | + version:3, | |
765 | + reserved:4, | |
766 | + ack:1; | |
767 | +#elif defined(__BIG_ENDIAN_BITFIELD) | |
768 | + __u16 csum:1, | |
769 | + routing:1, | |
770 | + key:1, | |
771 | + seq:1, | |
772 | + srr:1, | |
773 | + rec:3, | |
774 | + ack:1, | |
775 | + reserved:4, | |
776 | + version:3; | |
777 | +#else | |
778 | +#error "Adjust your <asm/byteorder.h> defines" | |
779 | +#endif | |
780 | + __u16 protocol; | |
781 | +}; | |
782 | + | |
783 | +/* modified GRE header for PPTP */ | |
784 | +struct gre_hdr_pptp { | |
785 | + __u8 flags; /* bitfield */ | |
786 | + __u8 version; /* should be GRE_VERSION_PPTP */ | |
787 | + __u16 protocol; /* should be GRE_PROTOCOL_PPTP */ | |
788 | + __u16 payload_len; /* size of ppp payload, not inc. gre header */ | |
789 | + __u16 call_id; /* peer's call_id for this session */ | |
790 | + __u32 seq; /* sequence number. Present if S==1 */ | |
791 | + __u32 ack; /* seq number of highest packet recieved by */ | |
792 | + /* sender in this session */ | |
793 | +}; | |
794 | + | |
795 | + | |
796 | +/* this is part of ip_conntrack */ | |
797 | +struct ip_ct_gre { | |
798 | + unsigned int stream_timeout; | |
799 | + unsigned int timeout; | |
800 | +}; | |
801 | + | |
802 | +/* this is part of ip_conntrack_expect */ | |
803 | +struct ip_ct_gre_expect { | |
804 | + struct ip_ct_gre_keymap *keymap_orig, *keymap_reply; | |
805 | +}; | |
806 | + | |
807 | +#ifdef __KERNEL__ | |
808 | +struct ip_conntrack_expect; | |
809 | + | |
810 | +/* structure for original <-> reply keymap */ | |
811 | +struct ip_ct_gre_keymap { | |
812 | + struct list_head list; | |
813 | + | |
814 | + struct ip_conntrack_tuple tuple; | |
815 | +}; | |
816 | + | |
817 | + | |
818 | +/* add new tuple->key_reply pair to keymap */ | |
819 | +int ip_ct_gre_keymap_add(struct ip_conntrack_expect *exp, | |
820 | + struct ip_conntrack_tuple *t, | |
821 | + int reply); | |
822 | + | |
823 | +/* change an existing keymap entry */ | |
824 | +void ip_ct_gre_keymap_change(struct ip_ct_gre_keymap *km, | |
825 | + struct ip_conntrack_tuple *t); | |
826 | + | |
827 | +/* delete keymap entries */ | |
828 | +void ip_ct_gre_keymap_destroy(struct ip_conntrack_expect *exp); | |
829 | + | |
830 | + | |
831 | +/* get pointer to gre key, if present */ | |
832 | +static inline u_int32_t *gre_key(struct gre_hdr *greh) | |
833 | +{ | |
834 | + if (!greh->key) | |
835 | + return NULL; | |
836 | + if (greh->csum || greh->routing) | |
837 | + return (u_int32_t *) (greh+sizeof(*greh)+4); | |
838 | + return (u_int32_t *) (greh+sizeof(*greh)); | |
839 | +} | |
840 | + | |
841 | +/* get pointer ot gre csum, if present */ | |
842 | +static inline u_int16_t *gre_csum(struct gre_hdr *greh) | |
843 | +{ | |
844 | + if (!greh->csum) | |
845 | + return NULL; | |
846 | + return (u_int16_t *) (greh+sizeof(*greh)); | |
847 | +} | |
848 | + | |
849 | +#endif /* __KERNEL__ */ | |
850 | + | |
851 | +#endif /* _CONNTRACK_PROTO_GRE_H */ | |
852 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_quake3.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_quake3.h | |
853 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_quake3.h 1970-01-01 01:00:00.000000000 +0100 | |
854 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_quake3.h 2003-12-04 14:41:38.000000000 +0100 | |
855 | @@ -0,0 +1,21 @@ | |
856 | +#ifndef _IP_CT_QUAKE3 | |
857 | +#define _IP_CT_QUAKE3 | |
858 | + | |
859 | +/* Don't confuse with 27960, often used as the Server Port */ | |
860 | +#define QUAKE3_MASTER_PORT 27950 | |
861 | + | |
862 | +struct quake3_search { | |
863 | + const char marker[4]; /* always 0xff 0xff 0xff 0xff ? */ | |
864 | + const char *pattern; | |
865 | + size_t plen; | |
866 | +}; | |
867 | + | |
868 | +/* This structure is per expected connection */ | |
869 | +struct ip_ct_quake3_expect { | |
870 | +}; | |
871 | + | |
872 | +/* This structure exists only once per master */ | |
873 | +struct ip_ct_quake3_master { | |
874 | +}; | |
875 | + | |
876 | +#endif /* _IP_CT_QUAKE3 */ | |
877 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_rpc.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_rpc.h | |
878 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_rpc.h 1970-01-01 01:00:00.000000000 +0100 | |
879 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_rpc.h 2003-12-04 14:41:47.000000000 +0100 | |
880 | @@ -0,0 +1,68 @@ | |
881 | +/* RPC extension for IP connection tracking, Version 2.2 | |
882 | + * (C) 2000 by Marcelo Barbosa Lima <marcelo.lima@dcc.unicamp.br> | |
883 | + * - original rpc tracking module | |
884 | + * - "recent" connection handling for kernel 2.3+ netfilter | |
885 | + * | |
886 | + * (C) 2001 by Rusty Russell <rusty@rustcorp.com.au> | |
887 | + * - upgraded conntrack modules to oldnat api - kernel 2.4.0+ | |
888 | + * | |
889 | + * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au> | |
890 | + * - upgraded conntrack modules to newnat api - kernel 2.4.20+ | |
891 | + * - extended matching to support filtering on procedures | |
892 | + * | |
893 | + * ip_conntrack_rpc.h,v 2.2 2003/01/12 18:30:00 | |
894 | + * | |
895 | + * This program is free software; you can redistribute it and/or | |
896 | + * modify it under the terms of the GNU General Public License | |
897 | + * as published by the Free Software Foundation; either version | |
898 | + * 2 of the License, or (at your option) any later version. | |
899 | + ** | |
900 | + */ | |
901 | + | |
902 | +#include <asm/param.h> | |
903 | +#include <linux/sched.h> | |
904 | +#include <linux/timer.h> | |
905 | +#include <linux/stddef.h> | |
906 | +#include <linux/list.h> | |
907 | + | |
908 | +#include <linux/netfilter_ipv4/ip_conntrack_helper.h> | |
909 | + | |
910 | +#ifndef _IP_CONNTRACK_RPC_H | |
911 | +#define _IP_CONNTRACK_RPC_H | |
912 | + | |
913 | +#define RPC_PORT 111 | |
914 | + | |
915 | + | |
916 | +/* Datum in RPC packets are encoded in XDR */ | |
917 | +#define IXDR_GET_INT32(buf) ((u_int32_t) ntohl((uint32_t)*buf)) | |
918 | + | |
919 | +/* Fast timeout, to deny DoS atacks */ | |
920 | +#define EXP (60 * HZ) | |
921 | + | |
922 | +/* Normal timeouts */ | |
923 | +#define EXPIRES (180 * HZ) | |
924 | + | |
925 | +/* For future conections RPC, using client's cache bindings | |
926 | + * I'll use ip_conntrack_lock to lock these lists */ | |
927 | + | |
928 | +/* This identifies each request and stores protocol */ | |
929 | +struct request_p { | |
930 | + struct list_head list; | |
931 | + | |
932 | + u_int32_t xid; | |
933 | + u_int32_t ip; | |
934 | + u_int16_t port; | |
935 | + | |
936 | + /* Protocol */ | |
937 | + u_int16_t proto; | |
938 | + | |
939 | + struct timer_list timeout; | |
940 | +}; | |
941 | + | |
942 | +static inline int request_p_cmp(const struct request_p *p, u_int32_t xid, | |
943 | + u_int32_t ip, u_int32_t port) { | |
944 | + return (p->xid == xid && p->ip == ip && p->port); | |
945 | + | |
946 | +} | |
947 | + | |
948 | +#endif /* _IP_CONNTRACK_RPC_H */ | |
949 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_rsh.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_rsh.h | |
950 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 1970-01-01 01:00:00.000000000 +0100 | |
951 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 2003-12-04 14:41:57.000000000 +0100 | |
952 | @@ -0,0 +1,35 @@ | |
953 | +/* RSH extension for IP connection tracking, Version 1.0 | |
954 | + * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au> | |
955 | + * based on HW's ip_conntrack_irc.c | |
956 | + * | |
957 | + * ip_conntrack_rsh.c,v 1.0 2002/07/17 14:49:26 | |
958 | + * | |
959 | + * This program is free software; you can redistribute it and/or | |
960 | + * modify it under the terms of the GNU General Public License | |
961 | + * as published by the Free Software Foundation; either version | |
962 | + * 2 of the License, or (at your option) any later version. | |
963 | + */ | |
964 | +#ifndef _IP_CONNTRACK_RSH_H | |
965 | +#define _IP_CONNTRACK_RSH_H | |
966 | + | |
967 | +#ifdef __KERNEL__ | |
968 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
969 | + | |
970 | +DECLARE_LOCK_EXTERN(ip_rsh_lock); | |
971 | +#endif | |
972 | + | |
973 | + | |
974 | +#define RSH_PORT 514 | |
975 | + | |
976 | +/* This structure is per expected connection */ | |
977 | +struct ip_ct_rsh_expect | |
978 | +{ | |
979 | + u_int16_t port; | |
980 | +}; | |
981 | + | |
982 | +/* This structure exists only once per master */ | |
983 | +struct ip_ct_rsh_master { | |
984 | +}; | |
985 | + | |
986 | +#endif /* _IP_CONNTRACK_RSH_H */ | |
987 | + | |
988 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h | |
989 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 1970-01-01 01:00:00.000000000 +0100 | |
990 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 2003-12-04 14:42:08.000000000 +0100 | |
991 | @@ -0,0 +1,68 @@ | |
992 | +/* | |
993 | + * RTSP extension for IP connection tracking. | |
994 | + * (C) 2003 by Tom Marshall <tmarshall@real.com> | |
995 | + * based on ip_conntrack_irc.h | |
996 | + * | |
997 | + * This program is free software; you can redistribute it and/or | |
998 | + * modify it under the terms of the GNU General Public License | |
999 | + * as published by the Free Software Foundation; either version | |
1000 | + * 2 of the License, or (at your option) any later version. | |
1001 | + */ | |
1002 | +#ifndef _IP_CONNTRACK_RTSP_H | |
1003 | +#define _IP_CONNTRACK_RTSP_H | |
1004 | + | |
1005 | +/* #define IP_NF_RTSP_DEBUG */ | |
1006 | +#define IP_NF_RTSP_VERSION "0.01" | |
1007 | + | |
1008 | +/* port block types */ | |
1009 | +typedef enum { | |
1010 | + pb_single, /* client_port=x */ | |
1011 | + pb_range, /* client_port=x-y */ | |
1012 | + pb_discon /* client_port=x/y (rtspbis) */ | |
1013 | +} portblock_t; | |
1014 | + | |
1015 | +/* We record seq number and length of rtsp headers here, all in host order. */ | |
1016 | + | |
1017 | +/* | |
1018 | + * This structure is per expected connection. It is a member of struct | |
1019 | + * ip_conntrack_expect. The TCP SEQ for the conntrack expect is stored | |
1020 | + * there and we are expected to only store the length of the data which | |
1021 | + * needs replaced. If a packet contains multiple RTSP messages, we create | |
1022 | + * one expected connection per message. | |
1023 | + * | |
1024 | + * We use these variables to mark the entire header block. This may seem | |
1025 | + * like overkill, but the nature of RTSP requires it. A header may appear | |
1026 | + * multiple times in a message. We must treat two Transport headers the | |
1027 | + * same as one Transport header with two entries. | |
1028 | + */ | |
1029 | +struct ip_ct_rtsp_expect | |
1030 | +{ | |
1031 | + u_int32_t len; /* length of header block */ | |
1032 | + portblock_t pbtype; /* Type of port block that was requested */ | |
1033 | + u_int16_t loport; /* Port that was requested, low or first */ | |
1034 | + u_int16_t hiport; /* Port that was requested, high or second */ | |
1035 | +#if 0 | |
1036 | + uint method; /* RTSP method */ | |
1037 | + uint cseq; /* CSeq from request */ | |
1038 | +#endif | |
1039 | +}; | |
1040 | + | |
1041 | +/* This structure exists only once per master */ | |
1042 | +struct ip_ct_rtsp_master | |
1043 | +{ | |
1044 | + /* Empty (?) */ | |
1045 | +}; | |
1046 | + | |
1047 | + | |
1048 | +#ifdef __KERNEL__ | |
1049 | + | |
1050 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
1051 | + | |
1052 | +#define RTSP_PORT 554 | |
1053 | + | |
1054 | +/* Protects rtsp part of conntracks */ | |
1055 | +DECLARE_LOCK_EXTERN(ip_rtsp_lock); | |
1056 | + | |
1057 | +#endif /* __KERNEL__ */ | |
1058 | + | |
1059 | +#endif /* _IP_CONNTRACK_RTSP_H */ | |
1060 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_talk.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_talk.h | |
1061 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_conntrack_talk.h 1970-01-01 01:00:00.000000000 +0100 | |
1062 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_conntrack_talk.h 2003-12-04 14:42:27.000000000 +0100 | |
1063 | @@ -0,0 +1,152 @@ | |
1064 | +#ifndef _IP_CONNTRACK_TALK_H | |
1065 | +#define _IP_CONNTRACK_TALK_H | |
1066 | +/* TALK tracking. */ | |
1067 | + | |
1068 | +#ifdef __KERNEL__ | |
1069 | +#include <linux/in.h> | |
1070 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
1071 | + | |
1072 | +/* Protects talk part of conntracks */ | |
1073 | +DECLARE_LOCK_EXTERN(ip_talk_lock); | |
1074 | +#endif | |
1075 | + | |
1076 | + | |
1077 | +#define TALK_PORT 517 | |
1078 | +#define NTALK_PORT 518 | |
1079 | + | |
1080 | +/* talk structures and constants from <protocols/talkd.h> */ | |
1081 | + | |
1082 | +/* | |
1083 | + * 4.3BSD struct sockaddr | |
1084 | + */ | |
1085 | +struct talk_addr { | |
1086 | + u_int16_t ta_family; | |
1087 | + u_int16_t ta_port; | |
1088 | + u_int32_t ta_addr; | |
1089 | + u_int32_t ta_junk1; | |
1090 | + u_int32_t ta_junk2; | |
1091 | +}; | |
1092 | + | |
1093 | +#define TALK_OLD_NSIZE 9 | |
1094 | +#define TALK_NSIZE 12 | |
1095 | +#define TALK_TTY_NSIZE 16 | |
1096 | + | |
1097 | +/* | |
1098 | + * Client->server request message formats. | |
1099 | + */ | |
1100 | +struct talk_msg { | |
1101 | + u_char type; /* request type, see below */ | |
1102 | + char l_name[TALK_OLD_NSIZE];/* caller's name */ | |
1103 | + char r_name[TALK_OLD_NSIZE];/* callee's name */ | |
1104 | + u_char pad; | |
1105 | + u_int32_t id_num; /* message id */ | |
1106 | + int32_t pid; /* caller's process id */ | |
1107 | + char r_tty[TALK_TTY_NSIZE];/* callee's tty name */ | |
1108 | + struct talk_addr addr; /* old (4.3) style */ | |
1109 | + struct talk_addr ctl_addr; /* old (4.3) style */ | |
1110 | +}; | |
1111 | + | |
1112 | +struct ntalk_msg { | |
1113 | + u_char vers; /* protocol version */ | |
1114 | + u_char type; /* request type, see below */ | |
1115 | + u_char answer; /* not used */ | |
1116 | + u_char pad; | |
1117 | + u_int32_t id_num; /* message id */ | |
1118 | + struct talk_addr addr; /* old (4.3) style */ | |
1119 | + struct talk_addr ctl_addr; /* old (4.3) style */ | |
1120 | + int32_t pid; /* caller's process id */ | |
1121 | + char l_name[TALK_NSIZE];/* caller's name */ | |
1122 | + char r_name[TALK_NSIZE];/* callee's name */ | |
1123 | + char r_tty[TALK_TTY_NSIZE];/* callee's tty name */ | |
1124 | +}; | |
1125 | + | |
1126 | +struct ntalk2_msg { | |
1127 | + u_char vers; /* talk protocol version */ | |
1128 | + u_char type; /* request type */ | |
1129 | + u_char answer; /* */ | |
1130 | + u_char extended; /* !0 if additional parts */ | |
1131 | + u_int32_t id_num; /* message id number (dels) */ | |
1132 | + struct talk_addr addr; /* target address */ | |
1133 | + struct talk_addr ctl_addr; /* reply to address */ | |
1134 | + int32_t pid; /* caller's process id */ | |
1135 | + char l_name[TALK_NSIZE]; /* caller's name */ | |
1136 | + char r_name[TALK_NSIZE]; /* callee's name */ | |
1137 | + char r_tty[TALK_TTY_NSIZE]; /* callee's tty */ | |
1138 | +}; | |
1139 | + | |
1140 | +/* | |
1141 | + * Server->client response message formats. | |
1142 | + */ | |
1143 | +struct talk_response { | |
1144 | + u_char type; /* type of request message, see below */ | |
1145 | + u_char answer; /* response to request message, see below */ | |
1146 | + u_char pad[2]; | |
1147 | + u_int32_t id_num; /* message id */ | |
1148 | + struct talk_addr addr; /* address for establishing conversation */ | |
1149 | +}; | |
1150 | + | |
1151 | +struct ntalk_response { | |
1152 | + u_char vers; /* protocol version */ | |
1153 | + u_char type; /* type of request message, see below */ | |
1154 | + u_char answer; /* response to request message, see below */ | |
1155 | + u_char pad; | |
1156 | + u_int32_t id_num; /* message id */ | |
1157 | + struct talk_addr addr; /* address for establishing conversation */ | |
1158 | +}; | |
1159 | + | |
1160 | +struct ntalk2_response { | |
1161 | + u_char vers; /* protocol version */ | |
1162 | + u_char type; /* type of request message */ | |
1163 | + u_char answer; /* response to request */ | |
1164 | + u_char rvers; /* Version of answering vers*/ | |
1165 | + u_int32_t id_num; /* message id number */ | |
1166 | + struct talk_addr addr; /* address for connection */ | |
1167 | + /* This is at the end to compatiblize this with NTALK version. */ | |
1168 | + char r_name[TALK_NSIZE]; /* callee's name */ | |
1169 | +}; | |
1170 | + | |
1171 | +#define TALK_STR(data, talk_str, member) ((struct talk_str *)data)->member) | |
1172 | +#define TALK_RESP(data, ver, member) (ver ? ((struct ntalk_response *)data)->member : ((struct talk_response *)data)->member) | |
1173 | +#define TALK_MSG(data, ver, member) (ver ? ((struct ntalk_msg *)data)->member : ((struct talk_msg *)data)->member) | |
1174 | + | |
1175 | +#define TALK_VERSION 0 /* protocol versions */ | |
1176 | +#define NTALK_VERSION 1 | |
1177 | +#define NTALK2_VERSION 2 | |
1178 | + | |
1179 | +/* message type values */ | |
1180 | +#define LEAVE_INVITE 0 /* leave invitation with server */ | |
1181 | +#define LOOK_UP 1 /* check for invitation by callee */ | |
1182 | +#define DELETE 2 /* delete invitation by caller */ | |
1183 | +#define ANNOUNCE 3 /* announce invitation by caller */ | |
1184 | +/* NTALK2 */ | |
1185 | +#define REPLY_QUERY 4 /* request reply data from local daemon */ | |
1186 | + | |
1187 | +/* answer values */ | |
1188 | +#define SUCCESS 0 /* operation completed properly */ | |
1189 | +#define NOT_HERE 1 /* callee not logged in */ | |
1190 | +#define FAILED 2 /* operation failed for unexplained reason */ | |
1191 | +#define MACHINE_UNKNOWN 3 /* caller's machine name unknown */ | |
1192 | +#define PERMISSION_DENIED 4 /* callee's tty doesn't permit announce */ | |
1193 | +#define UNKNOWN_REQUEST 5 /* request has invalid type value */ | |
1194 | +#define BADVERSION 6 /* request has invalid protocol version */ | |
1195 | +#define BADADDR 7 /* request has invalid addr value */ | |
1196 | +#define BADCTLADDR 8 /* request has invalid ctl_addr value */ | |
1197 | +/* NTALK2 */ | |
1198 | +#define NO_CALLER 9 /* no-one calling answer from REPLY */ | |
1199 | +#define TRY_HERE 10 /* Not on this machine, try this */ | |
1200 | +#define SELECTIVE_REFUSAL 11 /* User Filter refusal. */ | |
1201 | +#define MAX_RESPONSE_TYPE 11 /* Make sure this is updated */ | |
1202 | + | |
1203 | +/* We don't really need much for talk */ | |
1204 | +struct ip_ct_talk_expect | |
1205 | +{ | |
1206 | + /* Port that was to be used */ | |
1207 | + u_int16_t port; | |
1208 | +}; | |
1209 | + | |
1210 | +/* This structure exists only once per master */ | |
1211 | +struct ip_ct_talk_master | |
1212 | +{ | |
1213 | +}; | |
1214 | + | |
1215 | +#endif /* _IP_CONNTRACK_TALK_H */ | |
1216 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_nat_pptp.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_nat_pptp.h | |
1217 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_nat_pptp.h 1970-01-01 01:00:00.000000000 +0100 | |
1218 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_nat_pptp.h 2003-12-04 14:41:27.000000000 +0100 | |
1219 | @@ -0,0 +1,11 @@ | |
1220 | +/* PPTP constants and structs */ | |
1221 | +#ifndef _NAT_PPTP_H | |
1222 | +#define _NAT_PPTP_H | |
1223 | + | |
1224 | +/* conntrack private data */ | |
1225 | +struct ip_nat_pptp { | |
1226 | + u_int16_t pns_call_id; /* NAT'ed PNS call id */ | |
1227 | + u_int16_t pac_call_id; /* NAT'ed PAC call id */ | |
1228 | +}; | |
1229 | + | |
1230 | +#endif /* _NAT_PPTP_H */ | |
1231 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_pool.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_pool.h | |
1232 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_pool.h 1970-01-01 01:00:00.000000000 +0100 | |
1233 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_pool.h 2003-12-04 14:37:25.000000000 +0100 | |
1234 | @@ -0,0 +1,64 @@ | |
1235 | +#ifndef _IP_POOL_H | |
1236 | +#define _IP_POOL_H | |
1237 | + | |
1238 | +/***************************************************************************/ | |
1239 | +/* This program is free software; you can redistribute it and/or modify */ | |
1240 | +/* it under the terms of the GNU General Public License as published by */ | |
1241 | +/* the Free Software Foundation; either version 2 of the License, or */ | |
1242 | +/* (at your option) any later version. */ | |
1243 | +/* */ | |
1244 | +/* This program is distributed in the hope that it will be useful, */ | |
1245 | +/* but WITHOUT ANY WARRANTY; without even the implied warranty of */ | |
1246 | +/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */ | |
1247 | +/* GNU General Public License for more details. */ | |
1248 | +/* */ | |
1249 | +/* You should have received a copy of the GNU General Public License */ | |
1250 | +/* along with this program; if not, write to the Free Software */ | |
1251 | +/* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/ | |
1252 | +/***************************************************************************/ | |
1253 | + | |
1254 | +/* A sockopt of such quality has hardly ever been seen before on the open | |
1255 | + * market! This little beauty, hardly ever used: above 64, so it's | |
1256 | + * traditionally used for firewalling, not touched (even once!) by the | |
1257 | + * 2.0, 2.2 and 2.4 kernels! | |
1258 | + * | |
1259 | + * Comes with its own certificate of authenticity, valid anywhere in the | |
1260 | + * Free world! | |
1261 | + * | |
1262 | + * Rusty, 19.4.2000 | |
1263 | + */ | |
1264 | +#define SO_IP_POOL 81 | |
1265 | + | |
1266 | +typedef int ip_pool_t; /* pool index */ | |
1267 | +#define IP_POOL_NONE ((ip_pool_t)-1) | |
1268 | + | |
1269 | +struct ip_pool_request { | |
1270 | + int op; | |
1271 | + ip_pool_t index; | |
1272 | + u_int32_t addr; | |
1273 | + u_int32_t addr2; | |
1274 | +}; | |
1275 | + | |
1276 | +/* NOTE: I deliberately break the first cut ippool utility. Nobody uses it. */ | |
1277 | + | |
1278 | +#define IP_POOL_BAD001 0x00000010 | |
1279 | + | |
1280 | +#define IP_POOL_FLUSH 0x00000011 /* req.index, no arguments */ | |
1281 | +#define IP_POOL_INIT 0x00000012 /* from addr to addr2 incl. */ | |
1282 | +#define IP_POOL_DESTROY 0x00000013 /* req.index, no arguments */ | |
1283 | +#define IP_POOL_ADD_ADDR 0x00000014 /* add addr to pool */ | |
1284 | +#define IP_POOL_DEL_ADDR 0x00000015 /* del addr from pool */ | |
1285 | +#define IP_POOL_HIGH_NR 0x00000016 /* result in req.index */ | |
1286 | +#define IP_POOL_LOOKUP 0x00000017 /* result in addr and addr2 */ | |
1287 | +#define IP_POOL_USAGE 0x00000018 /* result in addr */ | |
1288 | +#define IP_POOL_TEST_ADDR 0x00000019 /* result (0/1) returned */ | |
1289 | + | |
1290 | +#ifdef __KERNEL__ | |
1291 | + | |
1292 | +/* NOTE: ip_pool_match() and ip_pool_mod() expect ADDR to be host byte order */ | |
1293 | +extern int ip_pool_match(ip_pool_t pool, u_int32_t addr); | |
1294 | +extern int ip_pool_mod(ip_pool_t pool, u_int32_t addr, int isdel); | |
1295 | + | |
1296 | +#endif | |
1297 | + | |
1298 | +#endif /*_IP_POOL_H*/ | |
1299 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_queue.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_queue.h | |
1300 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_queue.h 2003-11-26 21:45:32.000000000 +0100 | |
1301 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_queue.h 2003-12-04 14:42:37.000000000 +0100 | |
1302 | @@ -47,10 +47,20 @@ | |
1303 | unsigned char payload[0]; /* Optional replacement packet */ | |
1304 | } ipq_verdict_msg_t; | |
1305 | ||
1306 | +typedef struct ipq_vwmark_msg { | |
1307 | + unsigned int value; /* Verdict to hand to netfilter */ | |
1308 | + unsigned long id; /* Packet ID for this verdict */ | |
1309 | + size_t data_len; /* Length of replacement data */ | |
1310 | + unsigned char payload[0]; /* Optional replacement packet */ | |
1311 | + unsigned long nfmark; /* Mark for the Packet */ | |
1312 | +} ipq_vwmark_msg_t; | |
1313 | + | |
1314 | + | |
1315 | typedef struct ipq_peer_msg { | |
1316 | union { | |
1317 | ipq_verdict_msg_t verdict; | |
1318 | ipq_mode_msg_t mode; | |
1319 | + ipq_vwmark_msg_t vwmark; | |
1320 | } msg; | |
1321 | } ipq_peer_msg_t; | |
1322 | ||
1323 | @@ -67,6 +77,7 @@ | |
1324 | #define IPQM_MODE (IPQM_BASE + 1) /* Mode request from peer */ | |
1325 | #define IPQM_VERDICT (IPQM_BASE + 2) /* Verdict from peer */ | |
1326 | #define IPQM_PACKET (IPQM_BASE + 3) /* Packet from kernel */ | |
1327 | -#define IPQM_MAX (IPQM_BASE + 4) | |
1328 | +#define IPQM_VWMARK (IPQM_BASE + 4) /* Verdict and mark from peer */ | |
1329 | +#define IPQM_MAX (IPQM_BASE + 5) | |
1330 | ||
1331 | #endif /*_IP_QUEUE_H*/ | |
1332 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_tables.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_tables.h | |
1333 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ip_tables.h 2003-11-26 21:44:17.000000000 +0100 | |
1334 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ip_tables.h 2003-12-04 14:34:12.000000000 +0100 | |
1335 | @@ -134,6 +134,12 @@ | |
1336 | /* Back pointer */ | |
1337 | unsigned int comefrom; | |
1338 | ||
1339 | + /* Name of the chain */ | |
1340 | + char *chainname; | |
1341 | + | |
1342 | + /* Rule number in the chain. */ | |
1343 | + u_int32_t rulenum; | |
1344 | + | |
1345 | /* Packet and byte counters. */ | |
1346 | struct ipt_counters counters; | |
1347 | ||
1348 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_CONNMARK.h | |
1349 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h 1970-01-01 01:00:00.000000000 +0100 | |
1350 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_CONNMARK.h 2003-12-04 14:38:44.000000000 +0100 | |
1351 | @@ -0,0 +1,15 @@ | |
1352 | +#ifndef _IPT_CONNMARK_H_target | |
1353 | +#define _IPT_CONNMARK_H_target | |
1354 | + | |
1355 | +enum { | |
1356 | + IPT_CONNMARK_SET = 0, | |
1357 | + IPT_CONNMARK_SAVE, | |
1358 | + IPT_CONNMARK_RESTORE | |
1359 | +}; | |
1360 | + | |
1361 | +struct ipt_connmark_target_info { | |
1362 | + unsigned long mark; | |
1363 | + u_int8_t mode; | |
1364 | +}; | |
1365 | + | |
1366 | +#endif /*_IPT_CONNMARK_H_target*/ | |
1367 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_IPMARK.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_IPMARK.h | |
1368 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_IPMARK.h 1970-01-01 01:00:00.000000000 +0100 | |
1369 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_IPMARK.h 2003-12-04 14:38:54.000000000 +0100 | |
1370 | @@ -0,0 +1,13 @@ | |
1371 | +#ifndef _IPT_IPMARK_H_target | |
1372 | +#define _IPT_IPMARK_H_target | |
1373 | + | |
1374 | +struct ipt_ipmark_target_info { | |
1375 | + unsigned long andmask; | |
1376 | + unsigned long ormask; | |
1377 | + unsigned int addr; | |
1378 | +}; | |
1379 | + | |
1380 | +#define IPT_IPMARK_SRC 0 | |
1381 | +#define IPT_IPMARK_DST 1 | |
1382 | + | |
1383 | +#endif /*_IPT_IPMARK_H_target*/ | |
1384 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_NETLINK.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_NETLINK.h | |
1385 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_NETLINK.h 1970-01-01 01:00:00.000000000 +0100 | |
1386 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_NETLINK.h 2003-12-04 14:35:29.000000000 +0100 | |
1387 | @@ -0,0 +1,27 @@ | |
1388 | +#ifndef _IPT_FWMON_H | |
1389 | +#define _IPT_FWMON_H | |
1390 | + | |
1391 | +/* Bitmask macros */ | |
1392 | +#define MASK(x,y) (x & y) | |
1393 | +#define MASK_SET(x,y) x |= y | |
1394 | +#define MASK_UNSET(x,y) x &= ~y | |
1395 | + | |
1396 | +#define USE_MARK 0x00000001 | |
1397 | +#define USE_DROP 0x00000002 | |
1398 | +#define USE_SIZE 0x00000004 | |
1399 | + | |
1400 | +struct ipt_nldata | |
1401 | +{ | |
1402 | + unsigned int flags; | |
1403 | + unsigned int mark; | |
1404 | + unsigned int size; | |
1405 | +}; | |
1406 | + | |
1407 | +/* Old header */ | |
1408 | +struct netlink_t { | |
1409 | + unsigned int len; | |
1410 | + unsigned int mark; | |
1411 | + char iface[IFNAMSIZ]; | |
1412 | +}; | |
1413 | + | |
1414 | +#endif /*_IPT_FWMON_H*/ | |
1415 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_REJECT.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_REJECT.h | |
1416 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_REJECT.h 2003-11-26 21:45:21.000000000 +0100 | |
1417 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_REJECT.h 2003-12-04 14:42:46.000000000 +0100 | |
1418 | @@ -15,6 +15,7 @@ | |
1419 | ||
1420 | struct ipt_reject_info { | |
1421 | enum ipt_reject_with with; /* reject type */ | |
1422 | + u_int8_t fake_source_address; /* 1: fake src addr with original packet dest, 0: no fake */ | |
1423 | }; | |
1424 | ||
1425 | -#endif /*_IPT_REJECT_H*/ | |
1426 | +#endif /* _IPT_REJECT_H */ | |
1427 | diff -Nur linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_ROUTE.h linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_ROUTE.h | |
1428 | --- linux-2.6.0-test11.org/include/linux/netfilter_ipv4/ipt_ROUTE.h 1970-01-01 01:00:00.000000000 +0100 | |
1429 | +++ linux-2.6.0-test11/include/linux/netfilter_ipv4/ipt_ROUTE.h 2003-12-04 14:39:03.000000000 +0100 | |
1430 | @@ -0,0 +1,22 @@ | |
1431 | +/* Header file for iptables ipt_ROUTE target | |
1432 | + * | |
1433 |