diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack.h 2004-01-18 00:04:34.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack.h 2004-04-29 19:21:21.507430024 +0200
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack.h 2004-04-29 20:01:55.504406240 +0200
@@ -49,10 +49,12 @@
#include <linux/netfilter_ipv4/ip_conntrack_tcp.h>
};
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_h323.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_h323.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_h323.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2004-04-29 19:21:35.050371184 +0200
-@@ -0,0 +1,26 @@
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2004-04-29 20:02:04.409052528 +0200
+@@ -0,0 +1,25 @@
+#ifndef _IP_CONNTRACK_H323_H
+#define _IP_CONNTRACK_H323_H
+/* H.323 connection tracking. */
+
-+
+/* Default H.225 port */
+#define H225_PORT 1720
+
+#endif /* _IP_CONNTRACK_H323_H */
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_mms.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_mms.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_mms.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_mms.h 2004-04-29 19:21:55.202307624 +0200
-@@ -0,0 +1,17 @@
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_mms.h 2004-04-29 20:02:25.021918896 +0200
+@@ -0,0 +1,16 @@
+#ifndef _IP_CONNTRACK_MMS_H
+#define _IP_CONNTRACK_MMS_H
+/* MMS tracking. */
+
-+
+/* This structure is per expected connection */
+struct ip_ct_mms_expect {
+ u_int32_t len;
+#endif /* _IP_CT_QUAKE3 */
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_rsh.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_rsh.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 2004-04-29 19:22:01.918286640 +0200
-@@ -0,0 +1,30 @@
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 2004-04-29 20:02:32.340806256 +0200
+@@ -0,0 +1,28 @@
+/* RSH extension for IP connection tracking, Version 1.0
+ * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au>
+ * based on HW's ip_conntrack_irc.c
+#ifndef _IP_CONNTRACK_RSH_H
+#define _IP_CONNTRACK_RSH_H
+
-+
-+
+#define RSH_PORT 514
+
+/* This structure is per expected connection */
+
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 2004-04-29 19:22:10.136037352 +0200
-@@ -0,0 +1,58 @@
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 2004-04-29 20:02:40.895505744 +0200
+@@ -0,0 +1,56 @@
+/*
+ * RTSP extension for IP connection tracking.
+ * (C) 2003 by Tom Marshall <tmarshall@real.com>
+ /* Empty (?) */
+};
+
-+
-+
+#endif /* _IP_CONNTRACK_RTSP_H */
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_sctp.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_sctp.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_sctp.h 1970-01-01 01:00:00.000000000 +0100
+#endif /* _IP_CONNTRACK_SCTP_H */
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_talk.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_talk.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_talk.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_talk.h 2004-04-29 19:22:32.967566432 +0200
-@@ -0,0 +1,145 @@
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_talk.h 2004-04-29 20:02:47.783458616 +0200
+@@ -0,0 +1,143 @@
+#ifndef _IP_CONNTRACK_TALK_H
+#define _IP_CONNTRACK_TALK_H
+/* TALK tracking. */
+
-+
-+
+#define TALK_PORT 517
+#define NTALK_PORT 518
+
+};
+
+#endif /* _IP_CONNTRACK_TALK_H */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_tuple.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_tuple.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_conntrack_tuple.h 2004-01-05 19:42:34.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_conntrack_tuple.h 2004-04-29 20:03:00.938458752 +0200
+@@ -25,6 +25,9 @@
+ struct {
+ u_int16_t id;
+ } icmp;
++ struct {
++ u_int16_t port;
++ } sctp;
+ };
+
+ /* The manipulable part of the tuple. */
+@@ -55,6 +58,9 @@
+ struct {
+ u_int8_t type, code;
+ } icmp;
++ struct {
++ u_int16_t port;
++ } sctp;
+ } u;
+
+ /* The protocol. */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_pool.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_pool.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_pool.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_pool.h 2004-04-29 20:04:26.536445880 +0200
+@@ -0,0 +1,56 @@
++#ifndef _IP_POOL_H
++#define _IP_POOL_H
++
++/***************************************************************************/
++/* This program is free software; you can redistribute it and/or modify */
++/* it under the terms of the GNU General Public License as published by */
++/* the Free Software Foundation; either version 2 of the License, or */
++/* (at your option) any later version. */
++/* */
++/* This program is distributed in the hope that it will be useful, */
++/* but WITHOUT ANY WARRANTY; without even the implied warranty of */
++/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */
++/* GNU General Public License for more details. */
++/* */
++/* You should have received a copy of the GNU General Public License */
++/* along with this program; if not, write to the Free Software */
++/* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/
++/***************************************************************************/
++
++/* A sockopt of such quality has hardly ever been seen before on the open
++ * market! This little beauty, hardly ever used: above 64, so it's
++ * traditionally used for firewalling, not touched (even once!) by the
++ * 2.0, 2.2 and 2.4 kernels!
++ *
++ * Comes with its own certificate of authenticity, valid anywhere in the
++ * Free world!
++ *
++ * Rusty, 19.4.2000
++ */
++#define SO_IP_POOL 81
++
++typedef int ip_pool_t; /* pool index */
++#define IP_POOL_NONE ((ip_pool_t)-1)
++
++struct ip_pool_request {
++ int op;
++ ip_pool_t index;
++ u_int32_t addr;
++ u_int32_t addr2;
++};
++
++/* NOTE: I deliberately break the first cut ippool utility. Nobody uses it. */
++
++#define IP_POOL_BAD001 0x00000010
++
++#define IP_POOL_FLUSH 0x00000011 /* req.index, no arguments */
++#define IP_POOL_INIT 0x00000012 /* from addr to addr2 incl. */
++#define IP_POOL_DESTROY 0x00000013 /* req.index, no arguments */
++#define IP_POOL_ADD_ADDR 0x00000014 /* add addr to pool */
++#define IP_POOL_DEL_ADDR 0x00000015 /* del addr from pool */
++#define IP_POOL_HIGH_NR 0x00000016 /* result in req.index */
++#define IP_POOL_LOOKUP 0x00000017 /* result in addr and addr2 */
++#define IP_POOL_USAGE 0x00000018 /* result in addr */
++#define IP_POOL_TEST_ADDR 0x00000019 /* result (0/1) returned */
++
++#endif /*_IP_POOL_H*/
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_tables.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_tables.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ip_tables.h 2004-01-05 19:42:34.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_tables.h 2004-04-29 19:32:25.907425872 +0200
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ip_tables.h 2004-04-29 20:04:48.861052024 +0200
@@ -127,6 +127,12 @@
/* Back pointer */
unsigned int comefrom;
/* Packet and byte counters. */
struct ipt_counters counters;
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_addrtype.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_addrtype.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_addrtype.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_addrtype.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,11 @@
++#ifndef _IPT_ADDRTYPE_H
++#define _IPT_ADDRTYPE_H
++
++struct ipt_addrtype_info {
++ u_int16_t source; /* source-type mask */
++ u_int16_t dest; /* dest-type mask */
++ int invert_source;
++ int invert_dest;
++};
++
++#endif
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_connlimit.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_connlimit.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_connlimit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_connlimit.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,12 @@
++#ifndef _IPT_CONNLIMIT_H
++#define _IPT_CONNLIMIT_H
++
++struct ipt_connlimit_data;
++
++struct ipt_connlimit_info {
++ int limit;
++ int inverse;
++ u_int32_t mask;
++ struct ipt_connlimit_data *data;
++};
++#endif /* _IPT_CONNLIMIT_H */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_connmark.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_connmark.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_connmark.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_connmark.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,18 @@
++#ifndef _IPT_CONNMARK_H
++#define _IPT_CONNMARK_H
++
++/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
++ * by Henrik Nordstrom <hno@marasystems.com>
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 2 of the License, or
++ * (at your option) any later version.
++ */
++
++struct ipt_connmark_info {
++ unsigned long mark, mask;
++ u_int8_t invert;
++};
++
++#endif /*_IPT_CONNMARK_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_CONNMARK.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_CONNMARK.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_CONNMARK.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,25 @@
++#ifndef _IPT_CONNMARK_H_target
++#define _IPT_CONNMARK_H_target
++
++/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com>
++ * by Henrik Nordstrom <hno@marasystems.com>
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 2 of the License, or
++ * (at your option) any later version.
++ */
++
++enum {
++ IPT_CONNMARK_SET = 0,
++ IPT_CONNMARK_SAVE,
++ IPT_CONNMARK_RESTORE
++};
++
++struct ipt_connmark_target_info {
++ unsigned long mark;
++ unsigned long mask;
++ u_int8_t mode;
++};
++
++#endif /*_IPT_CONNMARK_H_target*/
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_conntrack.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_conntrack.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_conntrack.h 2004-03-05 16:36:39.000000000 +0100
+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_conntrack.h 2004-04-29 17:18:07.000000000 +0200
/* flags, invflags: */
#define IPT_CONNTRACK_STATE 0x01
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_dstlimit.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_dstlimit.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_dstlimit.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_dstlimit.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,39 @@
++#ifndef _IPT_DSTLIMIT_H
++#define _IPT_DSTLIMIT_H
++
++/* timings are in milliseconds. */
++#define IPT_DSTLIMIT_SCALE 10000
++/* 1/10,000 sec period => max of 10,000/sec. Min rate is then 429490
++ seconds, or one every 59 hours. */
++
++/* details of this structure hidden by the implementation */
++struct ipt_dstlimit_htable;
++
++#define IPT_DSTLIMIT_HASH_DIP 0x0001
++#define IPT_DSTLIMIT_HASH_DPT 0x0002
++#define IPT_DSTLIMIT_HASH_SIP 0x0004
++
++struct dstlimit_cfg {
++ u_int32_t mode; /* bitmask of IPT_DSTLIMIT_HASH_* */
++ u_int32_t avg; /* Average secs between packets * scale */
++ u_int32_t burst; /* Period multiplier for upper limit. */
++
++ /* user specified */
++ u_int32_t size; /* how many buckets */
++ u_int32_t max; /* max number of entries */
++ u_int32_t gc_interval; /* gc interval */
++ u_int32_t expire; /* when do entries expire? */
++};
++
++struct ipt_dstlimit_info {
++ char name [IFNAMSIZ]; /* name */
++ struct dstlimit_cfg cfg;
++ struct ipt_dstlimit_htable *hinfo;
++
++ /* Used internally by the kernel */
++ union {
++ void *ptr;
++ struct ipt_dstlimit_info *master;
++ } u;
++};
++#endif /*_IPT_DSTLIMIT_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_fuzzy.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_fuzzy.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_fuzzy.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_fuzzy.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,21 @@
++#ifndef _IPT_FUZZY_H
++#define _IPT_FUZZY_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++#define MAXFUZZYRATE 10000000
++#define MINFUZZYRATE 3
++
++struct ipt_fuzzy_info {
++ u_int32_t minimum_rate;
++ u_int32_t maximum_rate;
++ u_int32_t packets_total;
++ u_int32_t bytes_total;
++ u_int32_t previous_time;
++ u_int32_t present_time;
++ u_int32_t mean_rate;
++ u_int8_t acceptance_rate;
++};
++
++#endif /*_IPT_FUZZY_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_IMQ.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_IMQ.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_IMQ.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_IMQ.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,8 @@
++#ifndef _IPT_IMQ_H
++#define _IPT_IMQ_H
++
++struct ipt_imq_info {
++ unsigned int todev; /* target imq device */
++};
++
++#endif /* _IPT_IMQ_H */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_IPMARK.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_IPMARK.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_IPMARK.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_IPMARK.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,13 @@
++#ifndef _IPT_IPMARK_H_target
++#define _IPT_IPMARK_H_target
++
++struct ipt_ipmark_target_info {
++ unsigned long andmask;
++ unsigned long ormask;
++ unsigned int addr;
++};
++
++#define IPT_IPMARK_SRC 0
++#define IPT_IPMARK_DST 1
++
++#endif /*_IPT_IPMARK_H_target*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_ipv4options.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_ipv4options.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_ipv4options.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_ipv4options.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,21 @@
++#ifndef __ipt_ipv4options_h_included__
++#define __ipt_ipv4options_h_included__
++
++#define IPT_IPV4OPTION_MATCH_SSRR 0x01 /* For strict source routing */
++#define IPT_IPV4OPTION_MATCH_LSRR 0x02 /* For loose source routing */
++#define IPT_IPV4OPTION_DONT_MATCH_SRR 0x04 /* any source routing */
++#define IPT_IPV4OPTION_MATCH_RR 0x08 /* For Record route */
++#define IPT_IPV4OPTION_DONT_MATCH_RR 0x10
++#define IPT_IPV4OPTION_MATCH_TIMESTAMP 0x20 /* For timestamp request */
++#define IPT_IPV4OPTION_DONT_MATCH_TIMESTAMP 0x40
++#define IPT_IPV4OPTION_MATCH_ROUTER_ALERT 0x80 /* For router-alert */
++#define IPT_IPV4OPTION_DONT_MATCH_ROUTER_ALERT 0x100
++#define IPT_IPV4OPTION_MATCH_ANY_OPT 0x200 /* match packet with any option */
++#define IPT_IPV4OPTION_DONT_MATCH_ANY_OPT 0x400 /* match packet with no option */
++
++struct ipt_ipv4options_info {
++ u_int16_t options;
++};
++
++
++#endif /* __ipt_ipv4options_h_included__ */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_mport.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_mport.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_mport.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_mport.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,24 @@
++#ifndef _IPT_MPORT_H
++#define _IPT_MPORT_H
++#include <linux/netfilter_ipv4/ip_tables.h>
++
++#define IPT_MPORT_SOURCE (1<<0)
++#define IPT_MPORT_DESTINATION (1<<1)
++#define IPT_MPORT_EITHER (IPT_MPORT_SOURCE|IPT_MPORT_DESTINATION)
++
++#define IPT_MULTI_PORTS 15
++
++/* Must fit inside union ipt_matchinfo: 32 bytes */
++/* every entry in ports[] except for the last one has one bit in pflags
++ * associated with it. If this bit is set, the port is the first port of
++ * a portrange, with the next entry being the last.
++ * End of list is marked with pflags bit set and port=65535.
++ * If 14 ports are used (last one does not have a pflag), the last port
++ * is repeated to fill the last entry in ports[] */
++struct ipt_mport
++{
++ u_int8_t flags:2; /* Type of comparison */
++ u_int16_t pflags:14; /* Port flags */
++ u_int16_t ports[IPT_MULTI_PORTS]; /* Ports */
++};
++#endif /*_IPT_MPORT_H*/
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_NETLINK.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_NETLINK.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_NETLINK.h 1970-01-01 01:00:00.000000000 +0100
+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_NETLINK.h 2004-04-29 17:18:07.000000000 +0200
+};
+
+#endif /*_IPT_FWMON_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_nth.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_nth.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_nth.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_nth.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,19 @@
++#ifndef _IPT_NTH_H
++#define _IPT_NTH_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++#ifndef IPT_NTH_NUM_COUNTERS
++#define IPT_NTH_NUM_COUNTERS 16
++#endif
++
++struct ipt_nth_info {
++ u_int8_t every;
++ u_int8_t not;
++ u_int8_t startat;
++ u_int8_t counter;
++ u_int8_t packet;
++};
++
++#endif /*_IPT_NTH_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_osf.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_osf.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_osf.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_osf.h 2004-04-29 20:07:32.248213400 +0200
+@@ -0,0 +1,94 @@
++/*
++ * ipt_osf.h
++ *
++ * Copyright (c) 2003 Evgeniy Polyakov <johnpol@2ka.mipt.ru>
++ *
++ *
++ * This program is free software; you can redistribute it and/or modify
++ * it under the terms of the GNU General Public License as published by
++ * the Free Software Foundation; either version 2 of the License, or
++ * (at your option) any later version.
++ *
++ * This program is distributed in the hope that it will be useful,
++ * but WITHOUT ANY WARRANTY; without even the implied warranty of
++ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
++ * GNU General Public License for more details.
++ *
++ * You should have received a copy of the GNU General Public License
++ * along with this program; if not, write to the Free Software
++ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
++ */
++
++#ifndef _IPT_OSF_H
++#define _IPT_OSF_H
++
++#define MAXGENRELEN 32
++#define MAXDETLEN 64
++
++#define IPT_OSF_GENRE 1
++#define IPT_OSF_SMART 2
++#define IPT_OSF_LOG 4
++#define IPT_OSF_NETLINK 8
++
++#define IPT_OSF_LOGLEVEL_ALL 0
++#define IPT_OSF_LOGLEVEL_FIRST 1
++
++#include <netinet/ip.h>
++#include <netinet/tcp.h>
++
++struct list_head
++{
++ struct list_head *prev, *next;
++};
++
++struct ipt_osf_info
++{
++ char genre[MAXGENRELEN];
++ int len;
++ unsigned long flags;
++ int loglevel;
++ int invert; /* UNSUPPORTED */
++};
++
++struct osf_wc
++{
++ char wc;
++ unsigned long val;
++};
++
++/* This struct represents IANA options
++ * http://www.iana.org/assignments/tcp-parameters
++ */
++struct osf_opt
++{
++ unsigned char kind;
++ unsigned char length;
++ struct osf_wc wc;
++};
++
++struct osf_finger
++{
++ struct list_head flist;
++ struct osf_wc wss;
++ unsigned char ttl;
++ unsigned char df;
++ unsigned long ss;
++ unsigned char genre[MAXGENRELEN];
++ unsigned char version[MAXGENRELEN], subtype[MAXGENRELEN];
++
++ /* Not needed, but for consistency with original table from Michal Zalewski */
++ unsigned char details[MAXDETLEN];
++
++ int opt_num;
++ struct osf_opt opt[MAX_IPOPTLEN]; /* In case it is all NOP or EOL */
++
++};
++
++struct ipt_osf_nlmsg
++{
++ struct osf_finger f;
++ struct iphdr ip;
++ struct tcphdr tcp;
++};
++
++#endif /* _IPT_OSF_H */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_policy.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_policy.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_policy.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_policy.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,52 @@
++#ifndef _IPT_POLICY_H
++#define _IPT_POLICY_H
++
++#define POLICY_MAX_ELEM 4
++
++enum ipt_policy_flags
++{
++ POLICY_MATCH_IN = 0x1,
++ POLICY_MATCH_OUT = 0x2,
++ POLICY_MATCH_NONE = 0x4,
++ POLICY_MATCH_STRICT = 0x8,
++};
++
++enum ipt_policy_modes
++{
++ POLICY_MODE_TRANSPORT,
++ POLICY_MODE_TUNNEL
++};
++
++struct ipt_policy_spec
++{
++ u_int8_t saddr:1,
++ daddr:1,
++ proto:1,
++ mode:1,
++ spi:1,
++ reqid:1;
++};
++
++struct ipt_policy_elem
++{
++ u_int32_t saddr;
++ u_int32_t smask;
++ u_int32_t daddr;
++ u_int32_t dmask;
++ u_int32_t spi;
++ u_int32_t reqid;
++ u_int8_t proto;
++ u_int8_t mode;
++
++ struct ipt_policy_spec match;
++ struct ipt_policy_spec invert;
++};
++
++struct ipt_policy_info
++{
++ struct ipt_policy_elem pol[POLICY_MAX_ELEM];
++ u_int16_t flags;
++ u_int16_t len;
++};
++
++#endif /* _IPT_POLICY_H */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_pool.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_pool.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_pool.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_pool.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,25 @@
++#ifndef _IPT_POOL_H
++#define _IPT_POOL_H
++
++#include <linux/netfilter_ipv4/ip_pool.h>
++
++#define IPT_POOL_INV_SRC 0x00000001
++#define IPT_POOL_INV_DST 0x00000002
++#define IPT_POOL_DEL_SRC 0x00000004
++#define IPT_POOL_DEL_DST 0x00000008
++#define IPT_POOL_INV_MOD_SRC 0x00000010
++#define IPT_POOL_INV_MOD_DST 0x00000020
++#define IPT_POOL_MOD_SRC_ACCEPT 0x00000040
++#define IPT_POOL_MOD_DST_ACCEPT 0x00000080
++#define IPT_POOL_MOD_SRC_DROP 0x00000100
++#define IPT_POOL_MOD_DST_DROP 0x00000200
++
++/* match info */
++struct ipt_pool_info
++{
++ ip_pool_t src;
++ ip_pool_t dst;
++ unsigned flags;
++};
++
++#endif /*_IPT_POOL_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_psd.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_psd.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_psd.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_psd.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,40 @@
++#ifndef _IPT_PSD_H
++#define _IPT_PSD_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++/*
++ * High port numbers have a lower weight to reduce the frequency of false
++ * positives, such as from passive mode FTP transfers.
++ */
++#define PORT_WEIGHT_PRIV 3
++#define PORT_WEIGHT_HIGH 1
++
++/*
++ * Port scan detection thresholds: at least COUNT ports need to be scanned
++ * from the same source, with no longer than DELAY ticks between ports.
++ */
++#define SCAN_MIN_COUNT 7
++#define SCAN_MAX_COUNT (SCAN_MIN_COUNT * PORT_WEIGHT_PRIV)
++#define SCAN_WEIGHT_THRESHOLD SCAN_MAX_COUNT
++#define SCAN_DELAY_THRESHOLD (HZ * 3)
++
++/*
++ * Keep track of up to LIST_SIZE source addresses, using a hash table of
++ * HASH_SIZE entries for faster lookups, but limiting hash collisions to
++ * HASH_MAX source addresses per the same hash value.
++ */
++#define LIST_SIZE 0x100
++#define HASH_LOG 9
++#define HASH_SIZE (1 << HASH_LOG)
++#define HASH_MAX 0x10
++
++struct ipt_psd_info {
++ unsigned int weight_threshold;
++ unsigned int delay_threshold;
++ unsigned short lo_ports_weight;
++ unsigned short hi_ports_weight;
++};
++
++#endif /*_IPT_PSD_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_quota.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_quota.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_quota.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_quota.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,11 @@
++#ifndef _IPT_QUOTA_H
++#define _IPT_QUOTA_H
++
++/* print debug info in both kernel/netfilter module & iptable library */
++//#define DEBUG_IPT_QUOTA
++
++struct ipt_quota_info {
++ u_int64_t quota;
++};
++
++#endif /*_IPT_QUOTA_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_random.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_random.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_random.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_random.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,11 @@
++#ifndef _IPT_RAND_H
++#define _IPT_RAND_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++struct ipt_rand_info {
++ u_int8_t average;
++};
++
++#endif /*_IPT_RAND_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_realm.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_realm.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_realm.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_realm.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,9 @@
++#ifndef _IPT_REALM_H
++#define _IPT_REALM_H
++
++struct ipt_realm_info {
++ u_int32_t id;
++ u_int32_t mask;
++ u_int8_t invert;
++};
++#endif /*_IPT_REALM_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_sctp.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_sctp.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_sctp.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_sctp.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,107 @@
++#ifndef _IPT_SCTP_H_
++#define _IPT_SCTP_H_
++
++#define IPT_SCTP_SRC_PORTS 0x01
++#define IPT_SCTP_DEST_PORTS 0x02
++#define IPT_SCTP_CHUNK_TYPES 0x04
++
++#define IPT_SCTP_VALID_FLAGS 0x07
++
++#define ELEMCOUNT(x) (sizeof(x)/sizeof(x[0]))
++
++
++struct ipt_sctp_flag_info {
++ u_int8_t chunktype;
++ u_int8_t flag;
++ u_int8_t flag_mask;
++};
++
++#define IPT_NUM_SCTP_FLAGS 4
++
++struct ipt_sctp_info {
++ u_int16_t dpts[2]; /* Min, Max */
++ u_int16_t spts[2]; /* Min, Max */
++
++ u_int32_t chunkmap[256 / sizeof (u_int32_t)]; /* Bit mask of chunks to be matched according to RFC 2960 */
++
++#define SCTP_CHUNK_MATCH_ANY 0x01 /* Match if any of the chunk types are present */
++#define SCTP_CHUNK_MATCH_ALL 0x02 /* Match if all of the chunk types are present */
++#define SCTP_CHUNK_MATCH_ONLY 0x04 /* Match if these are the only chunk types present */
++
++ u_int32_t chunk_match_type;
++ struct ipt_sctp_flag_info flag_info[IPT_NUM_SCTP_FLAGS];
++ int flag_count;
++
++ u_int32_t flags;
++ u_int32_t invflags;
++};
++
++#define bytes(type) (sizeof(type) * 8)
++
++#define SCTP_CHUNKMAP_SET(chunkmap, type) \
++ do { \
++ chunkmap[type / bytes(u_int32_t)] |= \
++ 1 << (type % bytes(u_int32_t)); \
++ } while (0)
++
++#define SCTP_CHUNKMAP_CLEAR(chunkmap, type) \
++ do { \
++ chunkmap[type / bytes(u_int32_t)] &= \
++ ~(1 << (type % bytes(u_int32_t))); \
++ } while (0)
++
++#define SCTP_CHUNKMAP_IS_SET(chunkmap, type) \
++({ \
++ (chunkmap[type / bytes (u_int32_t)] & \
++ (1 << (type % bytes (u_int32_t)))) ? 1: 0; \
++})
++
++#define SCTP_CHUNKMAP_RESET(chunkmap) \
++ do { \
++ int i; \
++ for (i = 0; i < ELEMCOUNT(chunkmap); i++) \
++ chunkmap[i] = 0; \
++ } while (0)
++
++#define SCTP_CHUNKMAP_SET_ALL(chunkmap) \
++ do { \
++ int i; \
++ for (i = 0; i < ELEMCOUNT(chunkmap); i++) \
++ chunkmap[i] = ~0; \
++ } while (0)
++
++#define SCTP_CHUNKMAP_COPY(destmap, srcmap) \
++ do { \
++ int i; \
++ for (i = 0; i < ELEMCOUNT(chunkmap); i++) \
++ destmap[i] = srcmap[i]; \
++ } while (0)
++
++#define SCTP_CHUNKMAP_IS_CLEAR(chunkmap) \
++({ \
++ int i; \
++ int flag = 1; \
++ for (i = 0; i < ELEMCOUNT(chunkmap); i++) { \
++ if (chunkmap[i]) { \
++ flag = 0; \
++ break; \
++ } \
++ } \
++ flag; \
++})
++
++#define SCTP_CHUNKMAP_IS_ALL_SET(chunkmap) \
++({ \
++ int i; \
++ int flag = 1; \
++ for (i = 0; i < ELEMCOUNT(chunkmap); i++) { \
++ if (chunkmap[i] != ~0) { \
++ flag = 0; \
++ break; \
++ } \
++ } \
++ flag; \
++})
++
++#endif /* _IPT_SCTP_H_ */
++
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_state.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_state.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_state.h 2004-03-05 16:36:39.000000000 +0100
+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_state.h 2004-04-29 17:18:07.000000000 +0200
struct ipt_state_info
{
unsigned int statemask;
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_string.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_string.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_string.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_string.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,21 @@
++#ifndef _IPT_STRING_H
++#define _IPT_STRING_H
++
++/* *** PERFORMANCE TWEAK ***
++ * Packet size and search string threshold,
++ * above which sublinear searches is used. */
++#define IPT_STRING_HAYSTACK_THRESH 100
++#define IPT_STRING_NEEDLE_THRESH 20
++
++#define BM_MAX_NLEN 256
++#define BM_MAX_HLEN 1024
++
++typedef char *(*proc_ipt_search) (char *, char *, int, int);
++
++struct ipt_string_info {
++ char string[BM_MAX_NLEN];
++ u_int16_t invert;
++ u_int16_t len;
++};
++
++#endif /* _IPT_STRING_H */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_time.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_time.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_time.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_time.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,13 @@
++#ifndef __ipt_time_h_included__
++#define __ipt_time_h_included__
++
++
++struct ipt_time_info {
++ u_int8_t days_match; /* 1 bit per day. -SMTWTFS */
++ u_int16_t time_start; /* 0 < time_start < 23*60+59 = 1439 */
++ u_int16_t time_stop; /* 0:0 < time_stat < 23:59 */
++ u_int8_t kerneltime; /* ignore skb time (and use kerneltime) or not. */
++};
++
++
++#endif /* __ipt_time_h_included__ */
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_TTL.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_TTL.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_TTL.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_TTL.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,21 @@
++/* TTL modification module for IP tables
++ * (C) 2000 by Harald Welte <laforge@gnumonks.org> */
++
++#ifndef _IPT_TTL_H
++#define _IPT_TTL_H
++
++enum {
++ IPT_TTL_SET = 0,
++ IPT_TTL_INC,
++ IPT_TTL_DEC
++};
++
++#define IPT_TTL_MAXMODE IPT_TTL_DEC
++
++struct ipt_TTL_info {
++ u_int8_t mode;
++ u_int8_t ttl;
++};
++
++
++#endif
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_u32.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_u32.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_u32.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_u32.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,40 @@
++#ifndef _IPT_U32_H
++#define _IPT_U32_H
++#include <linux/netfilter_ipv4/ip_tables.h>
++
++enum ipt_u32_ops
++{
++ IPT_U32_AND,
++ IPT_U32_LEFTSH,
++ IPT_U32_RIGHTSH,
++ IPT_U32_AT
++};
++
++struct ipt_u32_location_element
++{
++ u_int32_t number;
++ u_int8_t nextop;
++};
++struct ipt_u32_value_element
++{
++ u_int32_t min;
++ u_int32_t max;
++};
++/* *** any way to allow for an arbitrary number of elements?
++ for now I settle for a limit of 10 of each */
++#define U32MAXSIZE 10
++struct ipt_u32_test
++{
++ u_int8_t nnums;
++ struct ipt_u32_location_element location[U32MAXSIZE+1];
++ u_int8_t nvalues;
++ struct ipt_u32_value_element value[U32MAXSIZE+1];
++};
++
++struct ipt_u32
++{
++ u_int8_t ntests;
++ struct ipt_u32_test tests[U32MAXSIZE+1];
++};
++
++#endif /*_IPT_U32_H*/
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_ULOG.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_ULOG.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_ULOG.h 2004-03-05 16:36:39.000000000 +0100
+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_ULOG.h 2004-04-29 17:18:07.000000000 +0200
#define ULOG_MAC_LEN 80
#define ULOG_PREFIX_LEN 32
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_XOR.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_XOR.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv4/ipt_XOR.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv4/ipt_XOR.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,9 @@
++#ifndef _IPT_XOR_H
++#define _IPT_XOR_H
++
++struct ipt_XOR_info {
++ char key[30];
++ u_int8_t block_size;
++};
++
++#endif /* _IPT_XOR_H */
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6_tables.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6_tables.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6_tables.h 2004-01-05 19:42:34.000000000 +0100
-+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6_tables.h 2004-04-29 19:36:19.221956672 +0200
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6_tables.h 2004-04-29 20:05:36.883751464 +0200
@@ -133,6 +133,12 @@
/* Back pointer */
unsigned int comefrom;
/* Packet and byte counters. */
struct ip6t_counters counters;
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_fuzzy.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_fuzzy.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_fuzzy.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_fuzzy.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,21 @@
++#ifndef _IP6T_FUZZY_H
++#define _IP6T_FUZZY_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++#define MAXFUZZYRATE 10000000
++#define MINFUZZYRATE 3
++
++struct ip6t_fuzzy_info {
++ u_int32_t minimum_rate;
++ u_int32_t maximum_rate;
++ u_int32_t packets_total;
++ u_int32_t bytes_total;
++ u_int32_t previous_time;
++ u_int32_t present_time;
++ u_int32_t mean_rate;
++ u_int8_t acceptance_rate;
++};
++
++#endif /*_IP6T_FUZZY_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_HL.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_HL.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_HL.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_HL.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,22 @@
++/* Hop Limit modification module for ip6tables
++ * Maciej Soltysiak <solt@dns.toxicfilms.tv>
++ * Based on HW's TTL module */
++
++#ifndef _IP6T_HL_H
++#define _IP6T_HL_H
++
++enum {
++ IP6T_HL_SET = 0,
++ IP6T_HL_INC,
++ IP6T_HL_DEC
++};
++
++#define IP6T_HL_MAXMODE IP6T_HL_DEC
++
++struct ip6t_HL_info {
++ u_int8_t mode;
++ u_int8_t hop_limit;
++};
++
++
++#endif
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_nth.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_nth.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_nth.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_nth.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,19 @@
++#ifndef _IP6T_NTH_H
++#define _IP6T_NTH_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++#ifndef IP6T_NTH_NUM_COUNTERS
++#define IP6T_NTH_NUM_COUNTERS 16
++#endif
++
++struct ip6t_nth_info {
++ u_int8_t every;
++ u_int8_t not;
++ u_int8_t startat;
++ u_int8_t counter;
++ u_int8_t packet;
++};
++
++#endif /*_IP6T_NTH_H*/
diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_owner.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_owner.h
--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_owner.h 2003-12-15 19:46:58.000000000 +0100
+++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_owner.h 2004-04-29 17:18:07.000000000 +0200
+};\r
+\r
+#endif /* _IP6T_POLICY_H */\r
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_random.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_random.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_random.h 1970-01-01 01:00:00.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_random.h 2004-04-29 17:18:07.000000000 +0200
+@@ -0,0 +1,11 @@
++#ifndef _IP6T_RAND_H
++#define _IP6T_RAND_H
++
++#include <linux/param.h>
++#include <linux/types.h>
++
++struct ip6t_rand_info {
++ u_int8_t average;
++};
++
++#endif /*_IP6T_RAND_H*/
+diff -uNr linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_REJECT.h linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_REJECT.h
+--- linux-libc-headers-2.6.5.0.orig/include/linux/netfilter_ipv6/ip6t_REJECT.h 2004-03-05 16:36:39.000000000 +0100
++++ linux-libc-headers-2.6.5.0/include/linux/netfilter_ipv6/ip6t_REJECT.h 2004-04-29 17:18:07.000000000 +0200
+@@ -2,15 +2,17 @@
+ #define _IP6T_REJECT_H
+
+ enum ip6t_reject_with {
+- IP6T_ICMP_NET_UNREACHABLE,
+- IP6T_ICMP_HOST_UNREACHABLE,
+- IP6T_ICMP_PROT_UNREACHABLE,
+- IP6T_ICMP_PORT_UNREACHABLE,
+- IP6T_ICMP_ECHOREPLY
++ IP6T_ICMP6_NO_ROUTE,
++ IP6T_ICMP6_ADM_PROHIBITED,
++ IP6T_ICMP6_NOT_NEIGHBOUR,
++ IP6T_ICMP6_ADDR_UNREACH,
++ IP6T_ICMP6_PORT_UNREACH,
++ IP6T_ICMP6_ECHOREPLY,
++ IP6T_TCP_RESET
+ };
+
+ struct ip6t_reject_info {
+ enum ip6t_reject_with with; /* reject type */
+ };
+
+-#endif /*_IPT_REJECT_H*/
++#endif /*_IP6T_REJECT_H*/