- 4.9.197

[packages/kernel.git] / kernel-pom-ng-IPV4OPTSSTRIP.patch

diff --git a/kernel-pom-ng-IPV4OPTSSTRIP.patch b/kernel-pom-ng-IPV4OPTSSTRIP.patch
index 1c72f3d038984337f818b015ca46fc28083f0254..9fe3fb32f2509d9a3be9d67dd149b25d75ca057e 100644 (file)
--- a/kernel-pom-ng-IPV4OPTSSTRIP.patch
+++ b/kernel-pom-ng-IPV4OPTSSTRIP.patch
@@ -17,13 +17,12 @@ diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/Kconfig linux-2.6.21.a/n
 +
  endmenu
  
-diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/Makefile linux-2.6.21.a/net/ipv4/netfilter/Makefile
---- linux-2.6.21.b/net/ipv4/netfilter/Makefile 2007-05-30 11:11:52.000000000 +0200
-+++ linux-2.6.21.a/net/ipv4/netfilter/Makefile 2007-05-30 11:18:08.000000000 +0200
+--- linux-3.4/net/ipv4/netfilter/Makefile~     2012-05-21 08:42:02.000000000 +0200
++++ linux-3.4/net/ipv4/netfilter/Makefile      2012-05-21 08:45:09.247956356 +0200
 @@ -54,6 +54,7 @@
+ # targets
  obj-$(CONFIG_IP_NF_TARGET_CLUSTERIP) += ipt_CLUSTERIP.o
  obj-$(CONFIG_IP_NF_TARGET_ECN) += ipt_ECN.o
- obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o
 +obj-$(CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP) += ipt_IPV4OPTSSTRIP.o
  obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o
  obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o
@@ -31,7 +30,7 @@ diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/Makefile linux-2.6.21.a/
 diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c linux-2.6.21.a/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c
 --- linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c      1970-01-01 01:00:00.000000000 +0100
 +++ linux-2.6.21.a/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c      2007-05-30 11:18:08.000000000 +0200
-@@ -0,0 +1,84 @@
+@@ -0,0 +1,75 @@
 +/**
 + * Strip all IP options in the IP packet header.
 + *
@@ -51,54 +50,45 @@ diff -NurpP --minimal linux-2.6.21.b/net/ipv4/netfilter/ipt_IPV4OPTSSTRIP.c linu
 +MODULE_LICENSE("GPL");
 +
 +static unsigned int
-+target(struct sk_buff *skb,
-+       const struct net_device *in,
-+       const struct net_device *out,
-+       unsigned int hooknum,
-+       const struct xt_target *target,
-+       const void *targinfo)
++target(struct sk_buff *skb, const struct xt_action_param *par)
 +{
 +      struct iphdr *iph;
 +      struct ip_options *opt;
-+      sk_buff_data_t optiph;
++      unsigned char *optiph;
 +      int l;
 +      
 +      if (!skb_make_writable(skb, skb->len))
 +              return NF_DROP;
 + 
 +      iph = ip_hdr(skb);
-+      optiph = skb->network_header;
-+      l = ((struct ip_options *)(&(IPCB(skb)->opt)))->optlen;
 +
 +      /* if no options in packet then nothing to clear. */
 +      if (iph->ihl * 4 == sizeof(struct iphdr))
-+              return IPT_CONTINUE;
++              return XT_CONTINUE;
 +
 +      /* else clear all options */
++      optiph = skb_network_header(skb);
++      l = ((struct ip_options *)(&(IPCB(skb)->opt)))->optlen;
 +      memset(&(IPCB(skb)->opt), 0, sizeof(struct ip_options));
 +      memset(optiph+sizeof(struct iphdr), IPOPT_NOOP, l);
 +      opt = &(IPCB(skb)->opt);
 +      opt->optlen = l;
 +
-+        return IPT_CONTINUE;
++      return XT_CONTINUE;
 +}
 +
-+static bool
-+checkentry(const char *tablename,
-+          const void *e,
-+           const struct xt_target *target,
-+           void *targinfo,
-+           unsigned int hook_mask)
++static int
++checkentry(const struct xt_tgchk_param *par)
 +{
-+      if (strcmp(tablename, "mangle")) {
-+              printk(KERN_WARNING "IPV4OPTSSTRIP: can only be called from \"mangle\" table, not \"%s\"\n", tablename);
++      if (strcmp(par->table, "mangle")) {
++              printk(KERN_WARNING "IPV4OPTSSTRIP: can only be called from \"mangle\" table, not \"%s\"\n", par->table);
 +              return 0;
 +      }
 +      /* nothing else to check because no parameters */
 +      return 1;
 +}
 +
-+static struct ipt_target ipt_ipv4optsstrip_reg = { 
++static struct xt_target ipt_ipv4optsstrip_reg = { 
 +      .name = "IPV4OPTSSTRIP",
 +      .target = target,
 +      .checkentry = checkentry,