-diff -upr linux-2.6.25/include/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid/include/linux/netfilter/xt_owner.h
---- linux-2.6.25/include/linux/netfilter/xt_owner.h 2008-04-17 02:49:44.000000000 +0000
-+++ linux-2.6.25-owner-xid/include/linux/netfilter/xt_owner.h 2008-05-20 18:36:38.074950561 +0000
+diff -upr linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h
+--- linux-2.6.25/include/uapi/linux/netfilter/xt_owner.h 2008-04-17 02:49:44.000000000 +0000
++++ linux-2.6.25-owner-xid/include/uapi/linux/netfilter/xt_owner.h 2008-05-20 18:36:38.074950561 +0000
@@ -5,12 +5,16 @@ enum {
XT_OWNER_UID = 1 << 0,
XT_OWNER_GID = 1 << 1,
};
#endif /* _XT_OWNER_MATCH_H */
-Only in linux-2.6.25-owner-xid/include/linux/netfilter: xt_owner.h~
-diff -upr linux-2.6.25/include/linux/netfilter_ipv4/ipt_owner.h linux-2.6.25-owner-xid/include/linux/netfilter_ipv4/ipt_owner.h
---- linux-2.6.25/include/linux/netfilter_ipv4/ipt_owner.h 2008-05-20 17:15:02.411418369 +0000
-+++ linux-2.6.25-owner-xid/include/linux/netfilter_ipv4/ipt_owner.h 2008-05-20 17:16:22.905886167 +0000
-@@ -1,12 +1,16 @@
- #ifndef _IPT_OWNER_H
- #define _IPT_OWNER_H
-
-+#include <linux/types.h>
-+
- /* match and invert flags */
- #define IPT_OWNER_UID 0x01
- #define IPT_OWNER_GID 0x02
- #define IPT_OWNER_PID 0x04
- #define IPT_OWNER_SID 0x08
- #define IPT_OWNER_COMM 0x10
-+#define IPT_OWNER_NID 0x20
-+#define IPT_OWNER_XID 0x40
-
- struct ipt_owner_info {
- uid_t uid;
-@@ -15,6 +19,8 @@ struct ipt_owner_info {
- pid_t sid;
- char comm[16];
- u_int8_t match, invert; /* flags */
-+ u_int32_t nid;
-+ u_int32_t xid;
- };
-
- #endif /*_IPT_OWNER_H*/
-diff -upr linux-2.6.25/include/linux/netfilter_ipv6/ip6t_owner.h linux-2.6.25-owner-xid/include/linux/netfilter_ipv6/ip6t_owner.h
---- linux-2.6.25/include/linux/netfilter_ipv6/ip6t_owner.h 2008-05-20 17:15:02.411418369 +0000
-+++ linux-2.6.25-owner-xid/include/linux/netfilter_ipv6/ip6t_owner.h 2008-05-20 17:16:22.905886167 +0000
-@@ -1,11 +1,15 @@
- #ifndef _IP6T_OWNER_H
- #define _IP6T_OWNER_H
-
-+#include <linux/types.h>
-+
- /* match and invert flags */
- #define IP6T_OWNER_UID 0x01
- #define IP6T_OWNER_GID 0x02
- #define IP6T_OWNER_PID 0x04
- #define IP6T_OWNER_SID 0x08
-+#define IP6T_OWNER_NID 0x20
-+#define IP6T_OWNER_XID 0x40
-
- struct ip6t_owner_info {
- uid_t uid;
-@@ -13,6 +17,8 @@ struct ip6t_owner_info {
- pid_t pid;
- pid_t sid;
- u_int8_t match, invert; /* flags */
-+ u_int32_t nid;
-+ u_int32_t xid;
- };
-
- #endif /*_IPT_OWNER_H*/
diff -upr linux-2.6.25/net/netfilter/xt_owner.c linux-2.6.25-owner-xid/net/netfilter/xt_owner.c
--- linux-2.6.25/net/netfilter/xt_owner.c 2008-05-20 17:15:02.411418369 +0000
+++ linux-2.6.25-owner-xid/net/netfilter/xt_owner.c 2008-05-20 17:48:15.774419069 +0000
-@@ -46,6 +46,16 @@ owner_mt_v0(const struct sk_buff *skb, c
- !!(info->invert & IPT_OWNER_GID))
- return false;
-
-+ if (info->match & IPT_OWNER_NID)
-+ if ((skb->sk->sk_nid != info->nid) ^
-+ !!(info->invert & IPT_OWNER_NID))
-+ return 0;
-+
-+ if (info->match & IPT_OWNER_XID)
-+ if ((skb->sk->sk_xid != info->xid) ^
-+ !!(info->invert & IPT_OWNER_XID))
-+ return 0;
-+
- return true;
- }
-
-@@ -75,6 +85,16 @@ owner_mt6_v0(const struct sk_buff *skb,
- !!(info->invert & IP6T_OWNER_GID))
- return false;
-
-+ if (info->match & IP6T_OWNER_NID)
-+ if ((skb->sk->sk_nid != info->nid) ^
-+ !!(info->invert & IP6T_OWNER_NID))
-+ return 0;
-+
-+ if (info->match & IP6T_OWNER_XID)
-+ if ((skb->sk->sk_xid != info->xid) ^
-+ !!(info->invert & IP6T_OWNER_XID))
-+ return 0;
-+
- return true;
- }
-
@@ -113,6 +133,16 @@ owner_mt(const struct sk_buff *skb, cons
!(info->invert & XT_OWNER_GID))
return false;
return true;
}
-Only in linux-2.6.25-owner-xid/net/netfilter: xt_owner.c~