X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=kernel-pom-ng-IPV4OPTSSTRIP.patch;h=f5c608fb580e0336706e49b549cb816ba8158926;hb=e714280d79944c201013b12f475b9a698311edc0;hp=de73b89a4636a375c01fe46b16948781c56c036b;hpb=92d182d2b26c23b41bdb4f7188b91013d80babb3;p=packages%2Fkernel.git

diff --git a/kernel-pom-ng-IPV4OPTSSTRIP.patch b/kernel-pom-ng-IPV4OPTSSTRIP.patch
index de73b89a..f5c608fb 100644
--- a/kernel-pom-ng-IPV4OPTSSTRIP.patch
+++ b/kernel-pom-ng-IPV4OPTSSTRIP.patch
@@ -30,7 +30,7 @@ diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/Kconfig linux-2.6.21.a/n
 diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c linux-2.6.21.a/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c
 --- linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c	1970-01-01 01:00:00.000000000 +0100
 +++ linux-2.6.21.a/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c	2007-05-30 11:18:08.000000000 +0200
-@@ -0,0 +1,84 @@
+@@ -0,0 +1,75 @@
 +/**
 + * Strip all IP options in the IP packet header.
 + *
@@ -50,30 +50,25 @@ diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c linu
 +MODULE_LICENSE("GPL");
 +
 +static unsigned int
-+target(struct sk_buff *skb,
-+       const struct net_device *in,
-+       const struct net_device *out,
-+       unsigned int hooknum,
-+       const struct xt_target *target,
-+       const void *targinfo)
++target(struct sk_buff *skb, const struct xt_action_param *par)
 +{
 +	struct iphdr *iph;
 +	struct ip_options *opt;
-+	sk_buff_data_t optiph;
++	unsigned char *optiph;
 +	int l;
 +	
 +	if (!skb_make_writable(skb, skb->len))
 +		return NF_DROP;
 + 
 +	iph = ip_hdr(skb);
-+	optiph = skb->network_header;
-+	l = ((struct ip_options *)(&(IPCB(skb)->opt)))->optlen;
 +
 +	/* if no options in packet then nothing to clear. */
 +	if (iph->ihl * 4 == sizeof(struct iphdr))
 +		return XT_CONTINUE;
 +
 +	/* else clear all options */
++	optiph = skb_network_header(skb);
++	l = ((struct ip_options *)(&(IPCB(skb)->opt)))->optlen;
 +	memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
 +	memset(optiph+sizeof(struct iphdr), IPOPT_NOOP, l);
 +	opt = &(IPCB(skb)->opt);
@@ -82,15 +77,11 @@ diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c linu
 +        return XT_CONTINUE;
 +}
 +
-+static bool
-+checkentry(const char *tablename,
-+	    const void *e,
-+           const struct xt_target *target,
-+           void *targinfo,
-+           unsigned int hook_mask)
++static int
++checkentry(const struct xt_tgchk_param *par)
 +{
-+	if (strcmp(tablename, "mangle")) {
-+		printk(KERN_WARNING "IPV4OPTSSTRIP: can only be called from \"mangle\" table, not \"%s\"\n", tablename);
++	if (strcmp(par->table, "mangle")) {
++		printk(KERN_WARNING "IPV4OPTSSTRIP: can only be called from \"mangle\" table, not \"%s\"\n", par->table);
 +		return 0;
 +	}
 +	/* nothing else to check because no parameters */