]>
Commit | Line | Data |
---|---|---|
c88b0326 | 1 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_helpers.h linux-2.6.5-rc3/include/linux/netfilter_helpers.h |
2 | --- linux-2.6.5-rc3.org/include/linux/netfilter_helpers.h 1970-01-01 01:00:00.000000000 +0100 | |
3 | +++ linux-2.6.5-rc3/include/linux/netfilter_helpers.h 2004-03-30 11:52:01.000000000 +0200 | |
4 | @@ -0,0 +1,133 @@ | |
5 | +/* | |
6 | + * Helpers for netfiler modules. This file provides implementations for basic | |
7 | + * functions such as strncasecmp(), etc. | |
8 | + * | |
9 | + * gcc will warn for defined but unused functions, so we only include the | |
10 | + * functions requested. The following macros are used: | |
11 | + * NF_NEED_STRNCASECMP nf_strncasecmp() | |
12 | + * NF_NEED_STRTOU16 nf_strtou16() | |
13 | + * NF_NEED_STRTOU32 nf_strtou32() | |
14 | + */ | |
15 | +#ifndef _NETFILTER_HELPERS_H | |
16 | +#define _NETFILTER_HELPERS_H | |
17 | + | |
18 | +/* Only include these functions for kernel code. */ | |
19 | +#ifdef __KERNEL__ | |
20 | + | |
21 | +#include <linux/ctype.h> | |
22 | +#define iseol(c) ( (c) == '\r' || (c) == '\n' ) | |
23 | + | |
24 | +/* | |
25 | + * The standard strncasecmp() | |
26 | + */ | |
27 | +#ifdef NF_NEED_STRNCASECMP | |
28 | +static int | |
29 | +nf_strncasecmp(const char* s1, const char* s2, u_int32_t len) | |
30 | +{ | |
31 | + if (s1 == NULL || s2 == NULL) | |
32 | + { | |
33 | + if (s1 == NULL && s2 == NULL) | |
34 | + { | |
35 | + return 0; | |
36 | + } | |
37 | + return (s1 == NULL) ? -1 : 1; | |
38 | + } | |
39 | + while (len > 0 && tolower(*s1) == tolower(*s2)) | |
40 | + { | |
41 | + len--; | |
42 | + s1++; | |
43 | + s2++; | |
44 | + } | |
45 | + return ( (len == 0) ? 0 : (tolower(*s1) - tolower(*s2)) ); | |
46 | +} | |
47 | +#endif /* NF_NEED_STRNCASECMP */ | |
48 | + | |
49 | +/* | |
50 | + * Parse a string containing a 16-bit unsigned integer. | |
51 | + * Returns the number of chars used, or zero if no number is found. | |
52 | + */ | |
53 | +#ifdef NF_NEED_STRTOU16 | |
54 | +static int | |
55 | +nf_strtou16(const char* pbuf, u_int16_t* pval) | |
56 | +{ | |
57 | + int n = 0; | |
58 | + | |
59 | + *pval = 0; | |
60 | + while (isdigit(pbuf[n])) | |
61 | + { | |
62 | + *pval = (*pval * 10) + (pbuf[n] - '0'); | |
63 | + n++; | |
64 | + } | |
65 | + | |
66 | + return n; | |
67 | +} | |
68 | +#endif /* NF_NEED_STRTOU16 */ | |
69 | + | |
70 | +/* | |
71 | + * Parse a string containing a 32-bit unsigned integer. | |
72 | + * Returns the number of chars used, or zero if no number is found. | |
73 | + */ | |
74 | +#ifdef NF_NEED_STRTOU32 | |
75 | +static int | |
76 | +nf_strtou32(const char* pbuf, u_int32_t* pval) | |
77 | +{ | |
78 | + int n = 0; | |
79 | + | |
80 | + *pval = 0; | |
81 | + while (pbuf[n] >= '0' && pbuf[n] <= '9') | |
82 | + { | |
83 | + *pval = (*pval * 10) + (pbuf[n] - '0'); | |
84 | + n++; | |
85 | + } | |
86 | + | |
87 | + return n; | |
88 | +} | |
89 | +#endif /* NF_NEED_STRTOU32 */ | |
90 | + | |
91 | +/* | |
92 | + * Given a buffer and length, advance to the next line and mark the current | |
93 | + * line. | |
94 | + */ | |
95 | +#ifdef NF_NEED_NEXTLINE | |
96 | +static int | |
97 | +nf_nextline(char* p, uint len, uint* poff, uint* plineoff, uint* plinelen) | |
98 | +{ | |
99 | + uint off = *poff; | |
100 | + uint physlen = 0; | |
101 | + | |
102 | + if (off >= len) | |
103 | + { | |
104 | + return 0; | |
105 | + } | |
106 | + | |
107 | + while (p[off] != '\n') | |
108 | + { | |
109 | + if (len-off <= 1) | |
110 | + { | |
111 | + return 0; | |
112 | + } | |
113 | + | |
114 | + physlen++; | |
115 | + off++; | |
116 | + } | |
117 | + | |
118 | + /* if we saw a crlf, physlen needs adjusted */ | |
119 | + if (physlen > 0 && p[off] == '\n' && p[off-1] == '\r') | |
120 | + { | |
121 | + physlen--; | |
122 | + } | |
123 | + | |
124 | + /* advance past the newline */ | |
125 | + off++; | |
126 | + | |
127 | + *plineoff = *poff; | |
128 | + *plinelen = physlen; | |
129 | + *poff = off; | |
130 | + | |
131 | + return 1; | |
132 | +} | |
133 | +#endif /* NF_NEED_NEXTLINE */ | |
134 | + | |
135 | +#endif /* __KERNEL__ */ | |
136 | + | |
137 | +#endif /* _NETFILTER_HELPERS_H */ | |
138 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack.h | |
139 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack.h 2004-03-30 11:31:19.000000000 +0200 | |
140 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack.h 2004-03-30 11:53:01.000000000 +0200 | |
141 | @@ -64,6 +64,11 @@ | |
142 | }; | |
143 | ||
144 | /* Add protocol helper include file here */ | |
145 | +#include <linux/netfilter_ipv4/ip_conntrack_talk.h> | |
146 | +#include <linux/netfilter_ipv4/ip_conntrack_rtsp.h> | |
147 | +#include <linux/netfilter_ipv4/ip_conntrack_rsh.h> | |
148 | +#include <linux/netfilter_ipv4/ip_conntrack_mms.h> | |
149 | +#include <linux/netfilter_ipv4/ip_conntrack_h323.h> | |
150 | #include <linux/netfilter_ipv4/ip_conntrack_amanda.h> | |
151 | #include <linux/netfilter_ipv4/ip_conntrack_ftp.h> | |
152 | #include <linux/netfilter_ipv4/ip_conntrack_irc.h> | |
153 | @@ -71,6 +76,12 @@ | |
154 | /* per expectation: application helper private data */ | |
155 | union ip_conntrack_expect_help { | |
156 | /* insert conntrack helper private data (expect) here */ | |
157 | + struct ip_ct_talk_expect exp_talk_info; | |
158 | + struct ip_ct_rtsp_expect exp_rtsp_info; | |
159 | + struct ip_ct_rtsp_master ct_rtsp_info; | |
160 | + struct ip_ct_rsh_expect exp_rsh_info; | |
161 | + struct ip_ct_mms_expect exp_mms_info; | |
162 | + struct ip_ct_h225_expect exp_h225_info; | |
163 | struct ip_ct_amanda_expect exp_amanda_info; | |
164 | struct ip_ct_ftp_expect exp_ftp_info; | |
165 | struct ip_ct_irc_expect exp_irc_info; | |
166 | @@ -85,6 +96,10 @@ | |
167 | /* per conntrack: application helper private data */ | |
168 | union ip_conntrack_help { | |
169 | /* insert conntrack helper private data (master) here */ | |
170 | + struct ip_ct_talk_master ct_talk_info; | |
171 | + struct ip_ct_rsh_master ct_rsh_info; | |
172 | + struct ip_ct_mms_master ct_mms_info; | |
173 | + struct ip_ct_h225_master ct_h225_info; | |
174 | struct ip_ct_ftp_master ct_ftp_info; | |
175 | struct ip_ct_irc_master ct_irc_info; | |
176 | }; | |
177 | @@ -206,6 +221,10 @@ | |
178 | } nat; | |
179 | #endif /* CONFIG_IP_NF_NAT_NEEDED */ | |
180 | ||
181 | +#if defined(CONFIG_IP_NF_CONNTRACK_MARK) | |
182 | + unsigned long mark; | |
183 | +#endif | |
184 | + | |
185 | }; | |
186 | ||
187 | /* get master conntrack via master expectation */ | |
188 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h | |
189 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h 1970-01-01 01:00:00.000000000 +0100 | |
190 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_cuseeme.h 2004-03-30 11:50:58.000000000 +0200 | |
191 | @@ -0,0 +1,70 @@ | |
192 | +#ifndef _IP_CT_CUSEEME | |
193 | +#define _IP_CT_CUSEEME | |
194 | + | |
195 | +#define CUSEEME_PORT 7648 | |
196 | + | |
197 | +/* These structs come from the 2.2 ip_masq_cuseeme code... */ | |
198 | + | |
199 | +#pragma pack(1) | |
200 | +/* CuSeeMe data header */ | |
201 | +struct cu_header { | |
202 | + u_int16_t dest_family; | |
203 | + u_int16_t dest_port; | |
204 | + u_int32_t dest_addr; | |
205 | + int16_t family; | |
206 | + u_int16_t port; | |
207 | + u_int32_t addr; | |
208 | + u_int32_t seq; | |
209 | + u_int16_t msg; | |
210 | + u_int16_t data_type; | |
211 | + /* possible values: | |
212 | + * 1 small video | |
213 | + * 2 big video | |
214 | + * 3 audio | |
215 | + * 100 acknowledge connectivity when there | |
216 | + * is nothing else to send | |
217 | + * 101 OpenContinue packet | |
218 | + * 104 display a text message and | |
219 | + * disconnect (used by reflector to | |
220 | + * kick clients off) | |
221 | + * 105 display a text message (welcome | |
222 | + * message from reflector) | |
223 | + * 106 exchanged among reflectors for | |
224 | + * reflector interoperation | |
225 | + * 107 carry aux stream data when there is | |
226 | + * no video to piggy-back on | |
227 | + * 108 obsolete (used in Mac alpha version) | |
228 | + * 109 obsolete (used in Mac alpha version) | |
229 | + * 110 used for data rate control | |
230 | + * 111 used for data rate control | |
231 | + * 256 aux data control messages | |
232 | + * 257 aux data packets | |
233 | + * */ | |
234 | + u_int16_t packet_len; | |
235 | +}; | |
236 | + | |
237 | +/* Open Continue Header */ | |
238 | +struct oc_header { | |
239 | + struct cu_header cu_head; | |
240 | + u_int16_t client_count; /* Number of client info structs */ | |
241 | + u_int32_t seq_no; | |
242 | + char user_name[20]; | |
243 | + char stuff[4]; /* Flags, version stuff, etc */ | |
244 | +}; | |
245 | + | |
246 | +/* Client info structures */ | |
247 | +struct client_info { | |
248 | + u_int32_t address; /* Client address */ | |
249 | + char stuff[8]; /* Flags, pruning bitfield, packet counts, etc */ | |
250 | +}; | |
251 | +#pragma pack() | |
252 | + | |
253 | +/* This structure is per expected connection */ | |
254 | +struct ip_ct_cuseeme_expect { | |
255 | +}; | |
256 | + | |
257 | +/* This structure exists only once per master */ | |
258 | +struct ip_ct_cuseeme_master { | |
259 | +}; | |
260 | + | |
261 | +#endif /* _IP_CT_CUSEEME */ | |
262 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_h323.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_h323.h | |
263 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_h323.h 1970-01-01 01:00:00.000000000 +0100 | |
264 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2004-03-30 11:51:04.000000000 +0200 | |
265 | @@ -0,0 +1,31 @@ | |
266 | +#ifndef _IP_CONNTRACK_H323_H | |
267 | +#define _IP_CONNTRACK_H323_H | |
268 | +/* H.323 connection tracking. */ | |
269 | + | |
270 | +#ifdef __KERNEL__ | |
271 | +/* Protects H.323 related data */ | |
272 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
273 | +DECLARE_LOCK_EXTERN(ip_h323_lock); | |
274 | +#endif | |
275 | + | |
276 | +/* Default H.225 port */ | |
277 | +#define H225_PORT 1720 | |
278 | + | |
279 | +/* This structure is per expected connection */ | |
280 | +struct ip_ct_h225_expect { | |
281 | + u_int16_t port; /* Port of the H.225 helper/RTCP/RTP channel */ | |
282 | + enum ip_conntrack_dir dir; /* Direction of the original connection */ | |
283 | + unsigned int offset; /* offset of the address in the payload */ | |
284 | +}; | |
285 | + | |
286 | +/* This structure exists only once per master */ | |
287 | +struct ip_ct_h225_master { | |
288 | + int is_h225; /* H.225 or H.245 connection */ | |
289 | +#ifdef CONFIG_IP_NF_NAT_NEEDED | |
290 | + enum ip_conntrack_dir dir; /* Direction of the original connection */ | |
291 | + u_int32_t seq[IP_CT_DIR_MAX]; /* Exceptional packet mangling for signal addressess... */ | |
292 | + unsigned int offset[IP_CT_DIR_MAX]; /* ...and the offset of the addresses in the payload */ | |
293 | +#endif | |
294 | +}; | |
295 | + | |
296 | +#endif /* _IP_CONNTRACK_H323_H */ | |
297 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_mms.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_mms.h | |
298 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_mms.h 1970-01-01 01:00:00.000000000 +0100 | |
299 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_mms.h 2004-03-30 11:51:24.000000000 +0200 | |
300 | @@ -0,0 +1,31 @@ | |
301 | +#ifndef _IP_CONNTRACK_MMS_H | |
302 | +#define _IP_CONNTRACK_MMS_H | |
303 | +/* MMS tracking. */ | |
304 | + | |
305 | +#ifdef __KERNEL__ | |
306 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
307 | + | |
308 | +DECLARE_LOCK_EXTERN(ip_mms_lock); | |
309 | + | |
310 | +#define MMS_PORT 1755 | |
311 | +#define MMS_SRV_MSG_ID 196610 | |
312 | + | |
313 | +#define MMS_SRV_MSG_OFFSET 36 | |
314 | +#define MMS_SRV_UNICODE_STRING_OFFSET 60 | |
315 | +#define MMS_SRV_CHUNKLENLV_OFFSET 16 | |
316 | +#define MMS_SRV_CHUNKLENLM_OFFSET 32 | |
317 | +#define MMS_SRV_MESSAGELENGTH_OFFSET 8 | |
318 | +#endif | |
319 | + | |
320 | +/* This structure is per expected connection */ | |
321 | +struct ip_ct_mms_expect { | |
322 | + u_int32_t len; | |
323 | + u_int32_t padding; | |
324 | + u_int16_t port; | |
325 | +}; | |
326 | + | |
327 | +/* This structure exists only once per master */ | |
328 | +struct ip_ct_mms_master { | |
329 | +}; | |
330 | + | |
331 | +#endif /* _IP_CONNTRACK_MMS_H */ | |
332 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_quake3.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_quake3.h | |
333 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_quake3.h 1970-01-01 01:00:00.000000000 +0100 | |
334 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_quake3.h 2004-03-30 11:51:52.000000000 +0200 | |
335 | @@ -0,0 +1,21 @@ | |
336 | +#ifndef _IP_CT_QUAKE3 | |
337 | +#define _IP_CT_QUAKE3 | |
338 | + | |
339 | +/* Don't confuse with 27960, often used as the Server Port */ | |
340 | +#define QUAKE3_MASTER_PORT 27950 | |
341 | + | |
342 | +struct quake3_search { | |
343 | + const char marker[4]; /* always 0xff 0xff 0xff 0xff ? */ | |
344 | + const char *pattern; | |
345 | + size_t plen; | |
346 | +}; | |
347 | + | |
348 | +/* This structure is per expected connection */ | |
349 | +struct ip_ct_quake3_expect { | |
350 | +}; | |
351 | + | |
352 | +/* This structure exists only once per master */ | |
353 | +struct ip_ct_quake3_master { | |
354 | +}; | |
355 | + | |
356 | +#endif /* _IP_CT_QUAKE3 */ | |
357 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_rpc.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_rpc.h | |
358 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_rpc.h 1970-01-01 01:00:00.000000000 +0100 | |
359 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_rpc.h 2004-03-30 11:51:55.000000000 +0200 | |
360 | @@ -0,0 +1,68 @@ | |
361 | +/* RPC extension for IP connection tracking, Version 2.2 | |
362 | + * (C) 2000 by Marcelo Barbosa Lima <marcelo.lima@dcc.unicamp.br> | |
363 | + * - original rpc tracking module | |
364 | + * - "recent" connection handling for kernel 2.3+ netfilter | |
365 | + * | |
366 | + * (C) 2001 by Rusty Russell <rusty@rustcorp.com.au> | |
367 | + * - upgraded conntrack modules to oldnat api - kernel 2.4.0+ | |
368 | + * | |
369 | + * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au> | |
370 | + * - upgraded conntrack modules to newnat api - kernel 2.4.20+ | |
371 | + * - extended matching to support filtering on procedures | |
372 | + * | |
373 | + * ip_conntrack_rpc.h,v 2.2 2003/01/12 18:30:00 | |
374 | + * | |
375 | + * This program is free software; you can redistribute it and/or | |
376 | + * modify it under the terms of the GNU General Public License | |
377 | + * as published by the Free Software Foundation; either version | |
378 | + * 2 of the License, or (at your option) any later version. | |
379 | + ** | |
380 | + */ | |
381 | + | |
382 | +#include <asm/param.h> | |
383 | +#include <linux/sched.h> | |
384 | +#include <linux/timer.h> | |
385 | +#include <linux/stddef.h> | |
386 | +#include <linux/list.h> | |
387 | + | |
388 | +#include <linux/netfilter_ipv4/ip_conntrack_helper.h> | |
389 | + | |
390 | +#ifndef _IP_CONNTRACK_RPC_H | |
391 | +#define _IP_CONNTRACK_RPC_H | |
392 | + | |
393 | +#define RPC_PORT 111 | |
394 | + | |
395 | + | |
396 | +/* Datum in RPC packets are encoded in XDR */ | |
397 | +#define IXDR_GET_INT32(buf) ((u_int32_t) ntohl((uint32_t)*buf)) | |
398 | + | |
399 | +/* Fast timeout, to deny DoS atacks */ | |
400 | +#define EXP (60 * HZ) | |
401 | + | |
402 | +/* Normal timeouts */ | |
403 | +#define EXPIRES (180 * HZ) | |
404 | + | |
405 | +/* For future conections RPC, using client's cache bindings | |
406 | + * I'll use ip_conntrack_lock to lock these lists */ | |
407 | + | |
408 | +/* This identifies each request and stores protocol */ | |
409 | +struct request_p { | |
410 | + struct list_head list; | |
411 | + | |
412 | + u_int32_t xid; | |
413 | + u_int32_t ip; | |
414 | + u_int16_t port; | |
415 | + | |
416 | + /* Protocol */ | |
417 | + u_int16_t proto; | |
418 | + | |
419 | + struct timer_list timeout; | |
420 | +}; | |
421 | + | |
422 | +static inline int request_p_cmp(const struct request_p *p, u_int32_t xid, | |
423 | + u_int32_t ip, u_int32_t port) { | |
424 | + return (p->xid == xid && p->ip == ip && p->port); | |
425 | + | |
426 | +} | |
427 | + | |
428 | +#endif /* _IP_CONNTRACK_RPC_H */ | |
429 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_rsh.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_rsh.h | |
430 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 1970-01-01 01:00:00.000000000 +0100 | |
431 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 2004-03-30 11:51:56.000000000 +0200 | |
432 | @@ -0,0 +1,35 @@ | |
433 | +/* RSH extension for IP connection tracking, Version 1.0 | |
434 | + * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au> | |
435 | + * based on HW's ip_conntrack_irc.c | |
436 | + * | |
437 | + * ip_conntrack_rsh.c,v 1.0 2002/07/17 14:49:26 | |
438 | + * | |
439 | + * This program is free software; you can redistribute it and/or | |
440 | + * modify it under the terms of the GNU General Public License | |
441 | + * as published by the Free Software Foundation; either version | |
442 | + * 2 of the License, or (at your option) any later version. | |
443 | + */ | |
444 | +#ifndef _IP_CONNTRACK_RSH_H | |
445 | +#define _IP_CONNTRACK_RSH_H | |
446 | + | |
447 | +#ifdef __KERNEL__ | |
448 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
449 | + | |
450 | +DECLARE_LOCK_EXTERN(ip_rsh_lock); | |
451 | +#endif | |
452 | + | |
453 | + | |
454 | +#define RSH_PORT 514 | |
455 | + | |
456 | +/* This structure is per expected connection */ | |
457 | +struct ip_ct_rsh_expect | |
458 | +{ | |
459 | + u_int16_t port; | |
460 | +}; | |
461 | + | |
462 | +/* This structure exists only once per master */ | |
463 | +struct ip_ct_rsh_master { | |
464 | +}; | |
465 | + | |
466 | +#endif /* _IP_CONNTRACK_RSH_H */ | |
467 | + | |
468 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h | |
469 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 1970-01-01 01:00:00.000000000 +0100 | |
470 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_rtsp.h 2004-03-30 11:52:01.000000000 +0200 | |
471 | @@ -0,0 +1,68 @@ | |
472 | +/* | |
473 | + * RTSP extension for IP connection tracking. | |
474 | + * (C) 2003 by Tom Marshall <tmarshall@real.com> | |
475 | + * based on ip_conntrack_irc.h | |
476 | + * | |
477 | + * This program is free software; you can redistribute it and/or | |
478 | + * modify it under the terms of the GNU General Public License | |
479 | + * as published by the Free Software Foundation; either version | |
480 | + * 2 of the License, or (at your option) any later version. | |
481 | + */ | |
482 | +#ifndef _IP_CONNTRACK_RTSP_H | |
483 | +#define _IP_CONNTRACK_RTSP_H | |
484 | + | |
485 | +/* #define IP_NF_RTSP_DEBUG */ | |
486 | +#define IP_NF_RTSP_VERSION "0.01" | |
487 | + | |
488 | +/* port block types */ | |
489 | +typedef enum { | |
490 | + pb_single, /* client_port=x */ | |
491 | + pb_range, /* client_port=x-y */ | |
492 | + pb_discon /* client_port=x/y (rtspbis) */ | |
493 | +} portblock_t; | |
494 | + | |
495 | +/* We record seq number and length of rtsp headers here, all in host order. */ | |
496 | + | |
497 | +/* | |
498 | + * This structure is per expected connection. It is a member of struct | |
499 | + * ip_conntrack_expect. The TCP SEQ for the conntrack expect is stored | |
500 | + * there and we are expected to only store the length of the data which | |
501 | + * needs replaced. If a packet contains multiple RTSP messages, we create | |
502 | + * one expected connection per message. | |
503 | + * | |
504 | + * We use these variables to mark the entire header block. This may seem | |
505 | + * like overkill, but the nature of RTSP requires it. A header may appear | |
506 | + * multiple times in a message. We must treat two Transport headers the | |
507 | + * same as one Transport header with two entries. | |
508 | + */ | |
509 | +struct ip_ct_rtsp_expect | |
510 | +{ | |
511 | + u_int32_t len; /* length of header block */ | |
512 | + portblock_t pbtype; /* Type of port block that was requested */ | |
513 | + u_int16_t loport; /* Port that was requested, low or first */ | |
514 | + u_int16_t hiport; /* Port that was requested, high or second */ | |
515 | +#if 0 | |
516 | + uint method; /* RTSP method */ | |
517 | + uint cseq; /* CSeq from request */ | |
518 | +#endif | |
519 | +}; | |
520 | + | |
521 | +/* This structure exists only once per master */ | |
522 | +struct ip_ct_rtsp_master | |
523 | +{ | |
524 | + /* Empty (?) */ | |
525 | +}; | |
526 | + | |
527 | + | |
528 | +#ifdef __KERNEL__ | |
529 | + | |
530 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
531 | + | |
532 | +#define RTSP_PORT 554 | |
533 | + | |
534 | +/* Protects rtsp part of conntracks */ | |
535 | +DECLARE_LOCK_EXTERN(ip_rtsp_lock); | |
536 | + | |
537 | +#endif /* __KERNEL__ */ | |
538 | + | |
539 | +#endif /* _IP_CONNTRACK_RTSP_H */ | |
540 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_talk.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_talk.h | |
541 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ip_conntrack_talk.h 1970-01-01 01:00:00.000000000 +0100 | |
542 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ip_conntrack_talk.h 2004-03-30 11:53:01.000000000 +0200 | |
543 | @@ -0,0 +1,152 @@ | |
544 | +#ifndef _IP_CONNTRACK_TALK_H | |
545 | +#define _IP_CONNTRACK_TALK_H | |
546 | +/* TALK tracking. */ | |
547 | + | |
548 | +#ifdef __KERNEL__ | |
549 | +#include <linux/in.h> | |
550 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
551 | + | |
552 | +/* Protects talk part of conntracks */ | |
553 | +DECLARE_LOCK_EXTERN(ip_talk_lock); | |
554 | +#endif | |
555 | + | |
556 | + | |
557 | +#define TALK_PORT 517 | |
558 | +#define NTALK_PORT 518 | |
559 | + | |
560 | +/* talk structures and constants from <protocols/talkd.h> */ | |
561 | + | |
562 | +/* | |
563 | + * 4.3BSD struct sockaddr | |
564 | + */ | |
565 | +struct talk_addr { | |
566 | + u_int16_t ta_family; | |
567 | + u_int16_t ta_port; | |
568 | + u_int32_t ta_addr; | |
569 | + u_int32_t ta_junk1; | |
570 | + u_int32_t ta_junk2; | |
571 | +}; | |
572 | + | |
573 | +#define TALK_OLD_NSIZE 9 | |
574 | +#define TALK_NSIZE 12 | |
575 | +#define TALK_TTY_NSIZE 16 | |
576 | + | |
577 | +/* | |
578 | + * Client->server request message formats. | |
579 | + */ | |
580 | +struct talk_msg { | |
581 | + u_char type; /* request type, see below */ | |
582 | + char l_name[TALK_OLD_NSIZE];/* caller's name */ | |
583 | + char r_name[TALK_OLD_NSIZE];/* callee's name */ | |
584 | + u_char pad; | |
585 | + u_int32_t id_num; /* message id */ | |
586 | + int32_t pid; /* caller's process id */ | |
587 | + char r_tty[TALK_TTY_NSIZE];/* callee's tty name */ | |
588 | + struct talk_addr addr; /* old (4.3) style */ | |
589 | + struct talk_addr ctl_addr; /* old (4.3) style */ | |
590 | +}; | |
591 | + | |
592 | +struct ntalk_msg { | |
593 | + u_char vers; /* protocol version */ | |
594 | + u_char type; /* request type, see below */ | |
595 | + u_char answer; /* not used */ | |
596 | + u_char pad; | |
597 | + u_int32_t id_num; /* message id */ | |
598 | + struct talk_addr addr; /* old (4.3) style */ | |
599 | + struct talk_addr ctl_addr; /* old (4.3) style */ | |
600 | + int32_t pid; /* caller's process id */ | |
601 | + char l_name[TALK_NSIZE];/* caller's name */ | |
602 | + char r_name[TALK_NSIZE];/* callee's name */ | |
603 | + char r_tty[TALK_TTY_NSIZE];/* callee's tty name */ | |
604 | +}; | |
605 | + | |
606 | +struct ntalk2_msg { | |
607 | + u_char vers; /* talk protocol version */ | |
608 | + u_char type; /* request type */ | |
609 | + u_char answer; /* */ | |
610 | + u_char extended; /* !0 if additional parts */ | |
611 | + u_int32_t id_num; /* message id number (dels) */ | |
612 | + struct talk_addr addr; /* target address */ | |
613 | + struct talk_addr ctl_addr; /* reply to address */ | |
614 | + int32_t pid; /* caller's process id */ | |
615 | + char l_name[TALK_NSIZE]; /* caller's name */ | |
616 | + char r_name[TALK_NSIZE]; /* callee's name */ | |
617 | + char r_tty[TALK_TTY_NSIZE]; /* callee's tty */ | |
618 | +}; | |
619 | + | |
620 | +/* | |
621 | + * Server->client response message formats. | |
622 | + */ | |
623 | +struct talk_response { | |
624 | + u_char type; /* type of request message, see below */ | |
625 | + u_char answer; /* response to request message, see below */ | |
626 | + u_char pad[2]; | |
627 | + u_int32_t id_num; /* message id */ | |
628 | + struct talk_addr addr; /* address for establishing conversation */ | |
629 | +}; | |
630 | + | |
631 | +struct ntalk_response { | |
632 | + u_char vers; /* protocol version */ | |
633 | + u_char type; /* type of request message, see below */ | |
634 | + u_char answer; /* response to request message, see below */ | |
635 | + u_char pad; | |
636 | + u_int32_t id_num; /* message id */ | |
637 | + struct talk_addr addr; /* address for establishing conversation */ | |
638 | +}; | |
639 | + | |
640 | +struct ntalk2_response { | |
641 | + u_char vers; /* protocol version */ | |
642 | + u_char type; /* type of request message */ | |
643 | + u_char answer; /* response to request */ | |
644 | + u_char rvers; /* Version of answering vers*/ | |
645 | + u_int32_t id_num; /* message id number */ | |
646 | + struct talk_addr addr; /* address for connection */ | |
647 | + /* This is at the end to compatiblize this with NTALK version. */ | |
648 | + char r_name[TALK_NSIZE]; /* callee's name */ | |
649 | +}; | |
650 | + | |
651 | +#define TALK_STR(data, talk_str, member) ((struct talk_str *)data)->member) | |
652 | +#define TALK_RESP(data, ver, member) (ver ? ((struct ntalk_response *)data)->member : ((struct talk_response *)data)->member) | |
653 | +#define TALK_MSG(data, ver, member) (ver ? ((struct ntalk_msg *)data)->member : ((struct talk_msg *)data)->member) | |
654 | + | |
655 | +#define TALK_VERSION 0 /* protocol versions */ | |
656 | +#define NTALK_VERSION 1 | |
657 | +#define NTALK2_VERSION 2 | |
658 | + | |
659 | +/* message type values */ | |
660 | +#define LEAVE_INVITE 0 /* leave invitation with server */ | |
661 | +#define LOOK_UP 1 /* check for invitation by callee */ | |
662 | +#define DELETE 2 /* delete invitation by caller */ | |
663 | +#define ANNOUNCE 3 /* announce invitation by caller */ | |
664 | +/* NTALK2 */ | |
665 | +#define REPLY_QUERY 4 /* request reply data from local daemon */ | |
666 | + | |
667 | +/* answer values */ | |
668 | +#define SUCCESS 0 /* operation completed properly */ | |
669 | +#define NOT_HERE 1 /* callee not logged in */ | |
670 | +#define FAILED 2 /* operation failed for unexplained reason */ | |
671 | +#define MACHINE_UNKNOWN 3 /* caller's machine name unknown */ | |
672 | +#define PERMISSION_DENIED 4 /* callee's tty doesn't permit announce */ | |
673 | +#define UNKNOWN_REQUEST 5 /* request has invalid type value */ | |
674 | +#define BADVERSION 6 /* request has invalid protocol version */ | |
675 | +#define BADADDR 7 /* request has invalid addr value */ | |
676 | +#define BADCTLADDR 8 /* request has invalid ctl_addr value */ | |
677 | +/* NTALK2 */ | |
678 | +#define NO_CALLER 9 /* no-one calling answer from REPLY */ | |
679 | +#define TRY_HERE 10 /* Not on this machine, try this */ | |
680 | +#define SELECTIVE_REFUSAL 11 /* User Filter refusal. */ | |
681 | +#define MAX_RESPONSE_TYPE 11 /* Make sure this is updated */ | |
682 | + | |
683 | +/* We don't really need much for talk */ | |
684 | +struct ip_ct_talk_expect | |
685 | +{ | |
686 | + /* Port that was to be used */ | |
687 | + u_int16_t port; | |
688 | +}; | |
689 | + | |
690 | +/* This structure exists only once per master */ | |
691 | +struct ip_ct_talk_master | |
692 | +{ | |
693 | +}; | |
694 | + | |
695 | +#endif /* _IP_CONNTRACK_TALK_H */ | |
696 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ipt_CONNMARK.h | |
697 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h 1970-01-01 01:00:00.000000000 +0100 | |
698 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ipt_CONNMARK.h 2004-03-30 11:48:14.000000000 +0200 | |
699 | @@ -0,0 +1,25 @@ | |
700 | +#ifndef _IPT_CONNMARK_H_target | |
701 | +#define _IPT_CONNMARK_H_target | |
702 | + | |
703 | +/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> | |
704 | + * by Henrik Nordstrom <hno@marasystems.com> | |
705 | + * | |
706 | + * This program is free software; you can redistribute it and/or modify | |
707 | + * it under the terms of the GNU General Public License as published by | |
708 | + * the Free Software Foundation; either version 2 of the License, or | |
709 | + * (at your option) any later version. | |
710 | + */ | |
711 | + | |
712 | +enum { | |
713 | + IPT_CONNMARK_SET = 0, | |
714 | + IPT_CONNMARK_SAVE, | |
715 | + IPT_CONNMARK_RESTORE | |
716 | +}; | |
717 | + | |
718 | +struct ipt_connmark_target_info { | |
719 | + unsigned long mark; | |
720 | + unsigned long mask; | |
721 | + u_int8_t mode; | |
722 | +}; | |
723 | + | |
724 | +#endif /*_IPT_CONNMARK_H_target*/ | |
725 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ipt_IPMARK.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ipt_IPMARK.h | |
726 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ipt_IPMARK.h 1970-01-01 01:00:00.000000000 +0100 | |
727 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ipt_IPMARK.h 2004-03-30 11:48:25.000000000 +0200 | |
728 | @@ -0,0 +1,13 @@ | |
729 | +#ifndef _IPT_IPMARK_H_target | |
730 | +#define _IPT_IPMARK_H_target | |
731 | + | |
732 | +struct ipt_ipmark_target_info { | |
733 | + unsigned long andmask; | |
734 | + unsigned long ormask; | |
735 | + unsigned int addr; | |
736 | +}; | |
737 | + | |
738 | +#define IPT_IPMARK_SRC 0 | |
739 | +#define IPT_IPMARK_DST 1 | |
740 | + | |
741 | +#endif /*_IPT_IPMARK_H_target*/ | |
742 | diff -Nur --exclude '*.orig' linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ipt_ROUTE.h linux-2.6.5-rc3/include/linux/netfilter_ipv4/ipt_ROUTE.h | |
743 | --- linux-2.6.5-rc3.org/include/linux/netfilter_ipv4/ipt_ROUTE.h 1970-01-01 01:00:00.000000000 +0100 | |
744 | +++ linux-2.6.5-rc3/include/linux/netfilter_ipv4/ipt_ROUTE.h 2004-03-30 11:48:31.000000000 +0200 | |
745 | @@ -0,0 +1,22 @@ | |
746 | +/* Header file for iptables ipt_ROUTE target | |
747 | + * | |
748 |