]>
Commit | Line | Data |
---|---|---|
6db61ec8 | 1 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter.h linux-2.6.6-rc1/include/linux/netfilter.h |
2 | --- linux-2.6.6-rc1.org/include/linux/netfilter.h 2004-04-16 08:59:08.000000000 +0200 | |
3 | +++ linux-2.6.6-rc1/include/linux/netfilter.h 2004-04-16 09:17:13.000000000 +0200 | |
4 | @@ -137,12 +137,14 @@ | |
5 | /* This is gross, but inline doesn't cut it for avoiding the function | |
6 | call in fast path: gcc doesn't inline (needs value tracking?). --RR */ | |
7 | #ifdef CONFIG_NETFILTER_DEBUG | |
8 | -#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \ | |
9 | - nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN) | |
10 | +#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond) \ | |
11 | +(!(cond) \ | |
12 | + ? (okfn)(skb) \ | |
13 | + : nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN)) | |
14 | #define NF_HOOK_THRESH nf_hook_slow | |
15 | #else | |
16 | -#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \ | |
17 | -(list_empty(&nf_hooks[(pf)][(hook)]) \ | |
18 | +#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond) \ | |
19 | +(!(cond) || list_empty(&nf_hooks[(pf)][(hook)]) \ | |
20 | ? (okfn)(skb) \ | |
21 | : nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN)) | |
22 | #define NF_HOOK_THRESH(pf, hook, skb, indev, outdev, okfn, thresh) \ | |
23 | @@ -150,6 +152,8 @@ | |
24 | ? (okfn)(skb) \ | |
25 | : nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), (thresh))) | |
26 | #endif | |
27 | +#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \ | |
28 | + NF_HOOK_COND((pf), (hook), (skb), (indev), (outdev), (okfn), 1) | |
29 | ||
30 | int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb, | |
31 | struct net_device *indev, struct net_device *outdev, | |
32 | @@ -182,7 +186,24 @@ | |
33 | ||
34 | #else /* !CONFIG_NETFILTER */ | |
35 | #define NF_HOOK(pf, hook, skb, indev, outdev, okfn) (okfn)(skb) | |
36 | +#define NF_HOOK_COND(pf, hook, skb, indev, outdev, okfn, cond) (okfn)(skb) | |
37 | #endif /*CONFIG_NETFILTER*/ | |
38 | ||
39 | +#ifdef CONFIG_XFRM | |
40 | +#ifdef CONFIG_IP_NF_NAT_NEEDED | |
41 | +struct flowi; | |
42 | +extern void nf_nat_decode_session4(struct sk_buff *skb, struct flowi *fl); | |
43 | + | |
44 | +static inline void | |
45 | +nf_nat_decode_session(struct sk_buff *skb, struct flowi *fl, int family) | |
46 | +{ | |
47 | + if (family == AF_INET) | |
48 | + nf_nat_decode_session4(skb, fl); | |
49 | +} | |
50 | +#else /* CONFIG_IP_NF_NAT_NEEDED */ | |
51 | +#define nf_nat_decode_session(skb,fl,family) | |
52 | +#endif /* CONFIG_IP_NF_NAT_NEEDED */ | |
53 | +#endif /* CONFIG_XFRM */ | |
54 | + | |
55 | #endif /*__KERNEL__*/ | |
56 | #endif /*__LINUX_NETFILTER_H*/ | |
57 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack.h | |
58 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack.h 2004-04-16 08:59:08.000000000 +0200 | |
59 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack.h 2004-04-16 09:18:58.000000000 +0200 | |
60 | @@ -64,6 +64,10 @@ | |
61 | }; | |
62 | ||
63 | /* Add protocol helper include file here */ | |
64 | +#include <linux/netfilter_ipv4/ip_conntrack_talk.h> | |
65 | +#include <linux/netfilter_ipv4/ip_conntrack_rsh.h> | |
66 | +#include <linux/netfilter_ipv4/ip_conntrack_mms.h> | |
67 | +#include <linux/netfilter_ipv4/ip_conntrack_h323.h> | |
68 | #include <linux/netfilter_ipv4/ip_conntrack_amanda.h> | |
69 | #include <linux/netfilter_ipv4/ip_conntrack_ftp.h> | |
70 | #include <linux/netfilter_ipv4/ip_conntrack_irc.h> | |
71 | @@ -71,6 +75,10 @@ | |
72 | /* per expectation: application helper private data */ | |
73 | union ip_conntrack_expect_help { | |
74 | /* insert conntrack helper private data (expect) here */ | |
75 | + struct ip_ct_talk_expect exp_talk_info; | |
76 | + struct ip_ct_rsh_expect exp_rsh_info; | |
77 | + struct ip_ct_mms_expect exp_mms_info; | |
78 | + struct ip_ct_h225_expect exp_h225_info; | |
79 | struct ip_ct_amanda_expect exp_amanda_info; | |
80 | struct ip_ct_ftp_expect exp_ftp_info; | |
81 | struct ip_ct_irc_expect exp_irc_info; | |
82 | @@ -85,6 +93,10 @@ | |
83 | /* per conntrack: application helper private data */ | |
84 | union ip_conntrack_help { | |
85 | /* insert conntrack helper private data (master) here */ | |
86 | + struct ip_ct_talk_master ct_talk_info; | |
87 | + struct ip_ct_rsh_master ct_rsh_info; | |
88 | + struct ip_ct_mms_master ct_mms_info; | |
89 | + struct ip_ct_h225_master ct_h225_info; | |
90 | struct ip_ct_ftp_master ct_ftp_info; | |
91 | struct ip_ct_irc_master ct_irc_info; | |
92 | }; | |
93 | @@ -207,6 +219,10 @@ | |
94 | } nat; | |
95 | #endif /* CONFIG_IP_NF_NAT_NEEDED */ | |
96 | ||
97 | +#if defined(CONFIG_IP_NF_CONNTRACK_MARK) | |
98 | + unsigned long mark; | |
99 | +#endif | |
100 | + | |
101 | }; | |
102 | ||
103 | /* get master conntrack via master expectation */ | |
104 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_h323.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_h323.h | |
105 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_h323.h 1970-01-01 01:00:00.000000000 +0100 | |
106 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2004-04-16 09:17:05.000000000 +0200 | |
107 | @@ -0,0 +1,31 @@ | |
108 | +#ifndef _IP_CONNTRACK_H323_H | |
109 | +#define _IP_CONNTRACK_H323_H | |
110 | +/* H.323 connection tracking. */ | |
111 | + | |
112 | +#ifdef __KERNEL__ | |
113 | +/* Protects H.323 related data */ | |
114 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
115 | +DECLARE_LOCK_EXTERN(ip_h323_lock); | |
116 | +#endif | |
117 | + | |
118 | +/* Default H.225 port */ | |
119 | +#define H225_PORT 1720 | |
120 | + | |
121 | +/* This structure is per expected connection */ | |
122 | +struct ip_ct_h225_expect { | |
123 | + u_int16_t port; /* Port of the H.225 helper/RTCP/RTP channel */ | |
124 | + enum ip_conntrack_dir dir; /* Direction of the original connection */ | |
125 | + unsigned int offset; /* offset of the address in the payload */ | |
126 | +}; | |
127 | + | |
128 | +/* This structure exists only once per master */ | |
129 | +struct ip_ct_h225_master { | |
130 | + int is_h225; /* H.225 or H.245 connection */ | |
131 | +#ifdef CONFIG_IP_NF_NAT_NEEDED | |
132 | + enum ip_conntrack_dir dir; /* Direction of the original connection */ | |
133 | + u_int32_t seq[IP_CT_DIR_MAX]; /* Exceptional packet mangling for signal addressess... */ | |
134 | + unsigned int offset[IP_CT_DIR_MAX]; /* ...and the offset of the addresses in the payload */ | |
135 | +#endif | |
136 | +}; | |
137 | + | |
138 | +#endif /* _IP_CONNTRACK_H323_H */ | |
139 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_mms.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_mms.h | |
140 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_mms.h 1970-01-01 01:00:00.000000000 +0100 | |
141 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_mms.h 2004-04-16 09:17:32.000000000 +0200 | |
142 | @@ -0,0 +1,31 @@ | |
143 | +#ifndef _IP_CONNTRACK_MMS_H | |
144 | +#define _IP_CONNTRACK_MMS_H | |
145 | +/* MMS tracking. */ | |
146 | + | |
147 | +#ifdef __KERNEL__ | |
148 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
149 | + | |
150 | +DECLARE_LOCK_EXTERN(ip_mms_lock); | |
151 | + | |
152 | +#define MMS_PORT 1755 | |
153 | +#define MMS_SRV_MSG_ID 196610 | |
154 | + | |
155 | +#define MMS_SRV_MSG_OFFSET 36 | |
156 | +#define MMS_SRV_UNICODE_STRING_OFFSET 60 | |
157 | +#define MMS_SRV_CHUNKLENLV_OFFSET 16 | |
158 | +#define MMS_SRV_CHUNKLENLM_OFFSET 32 | |
159 | +#define MMS_SRV_MESSAGELENGTH_OFFSET 8 | |
160 | +#endif | |
161 | + | |
162 | +/* This structure is per expected connection */ | |
163 | +struct ip_ct_mms_expect { | |
164 | + u_int32_t len; | |
165 | + u_int32_t padding; | |
166 | + u_int16_t port; | |
167 | +}; | |
168 | + | |
169 | +/* This structure exists only once per master */ | |
170 | +struct ip_ct_mms_master { | |
171 | +}; | |
172 | + | |
173 | +#endif /* _IP_CONNTRACK_MMS_H */ | |
174 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_quake3.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_quake3.h | |
175 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_quake3.h 1970-01-01 01:00:00.000000000 +0100 | |
176 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_quake3.h 2004-04-16 09:18:43.000000000 +0200 | |
177 | @@ -0,0 +1,21 @@ | |
178 | +#ifndef _IP_CT_QUAKE3 | |
179 | +#define _IP_CT_QUAKE3 | |
180 | + | |
181 | +/* Don't confuse with 27960, often used as the Server Port */ | |
182 | +#define QUAKE3_MASTER_PORT 27950 | |
183 | + | |
184 | +struct quake3_search { | |
185 | + const char marker[4]; /* always 0xff 0xff 0xff 0xff ? */ | |
186 | + const char *pattern; | |
187 | + size_t plen; | |
188 | +}; | |
189 | + | |
190 | +/* This structure is per expected connection */ | |
191 | +struct ip_ct_quake3_expect { | |
192 | +}; | |
193 | + | |
194 | +/* This structure exists only once per master */ | |
195 | +struct ip_ct_quake3_master { | |
196 | +}; | |
197 | + | |
198 | +#endif /* _IP_CT_QUAKE3 */ | |
199 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_rpc.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_rpc.h | |
200 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_rpc.h 1970-01-01 01:00:00.000000000 +0100 | |
201 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_rpc.h 2004-04-16 09:18:44.000000000 +0200 | |
202 | @@ -0,0 +1,68 @@ | |
203 | +/* RPC extension for IP connection tracking, Version 2.2 | |
204 | + * (C) 2000 by Marcelo Barbosa Lima <marcelo.lima@dcc.unicamp.br> | |
205 | + * - original rpc tracking module | |
206 | + * - "recent" connection handling for kernel 2.3+ netfilter | |
207 | + * | |
208 | + * (C) 2001 by Rusty Russell <rusty@rustcorp.com.au> | |
209 | + * - upgraded conntrack modules to oldnat api - kernel 2.4.0+ | |
210 | + * | |
211 | + * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au> | |
212 | + * - upgraded conntrack modules to newnat api - kernel 2.4.20+ | |
213 | + * - extended matching to support filtering on procedures | |
214 | + * | |
215 | + * ip_conntrack_rpc.h,v 2.2 2003/01/12 18:30:00 | |
216 | + * | |
217 | + * This program is free software; you can redistribute it and/or | |
218 | + * modify it under the terms of the GNU General Public License | |
219 | + * as published by the Free Software Foundation; either version | |
220 | + * 2 of the License, or (at your option) any later version. | |
221 | + ** | |
222 | + */ | |
223 | + | |
224 | +#include <asm/param.h> | |
225 | +#include <linux/sched.h> | |
226 | +#include <linux/timer.h> | |
227 | +#include <linux/stddef.h> | |
228 | +#include <linux/list.h> | |
229 | + | |
230 | +#include <linux/netfilter_ipv4/ip_conntrack_helper.h> | |
231 | + | |
232 | +#ifndef _IP_CONNTRACK_RPC_H | |
233 | +#define _IP_CONNTRACK_RPC_H | |
234 | + | |
235 | +#define RPC_PORT 111 | |
236 | + | |
237 | + | |
238 | +/* Datum in RPC packets are encoded in XDR */ | |
239 | +#define IXDR_GET_INT32(buf) ((u_int32_t) ntohl((uint32_t)*buf)) | |
240 | + | |
241 | +/* Fast timeout, to deny DoS atacks */ | |
242 | +#define EXP (60 * HZ) | |
243 | + | |
244 | +/* Normal timeouts */ | |
245 | +#define EXPIRES (180 * HZ) | |
246 | + | |
247 | +/* For future conections RPC, using client's cache bindings | |
248 | + * I'll use ip_conntrack_lock to lock these lists */ | |
249 | + | |
250 | +/* This identifies each request and stores protocol */ | |
251 | +struct request_p { | |
252 | + struct list_head list; | |
253 | + | |
254 | + u_int32_t xid; | |
255 | + u_int32_t ip; | |
256 | + u_int16_t port; | |
257 | + | |
258 | + /* Protocol */ | |
259 | + u_int16_t proto; | |
260 | + | |
261 | + struct timer_list timeout; | |
262 | +}; | |
263 | + | |
264 | +static inline int request_p_cmp(const struct request_p *p, u_int32_t xid, | |
265 | + u_int32_t ip, u_int32_t port) { | |
266 | + return (p->xid == xid && p->ip == ip && p->port); | |
267 | + | |
268 | +} | |
269 | + | |
270 | +#endif /* _IP_CONNTRACK_RPC_H */ | |
271 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_rsh.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_rsh.h | |
272 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 1970-01-01 01:00:00.000000000 +0100 | |
273 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_rsh.h 2004-04-16 09:18:45.000000000 +0200 | |
274 | @@ -0,0 +1,35 @@ | |
275 | +/* RSH extension for IP connection tracking, Version 1.0 | |
276 | + * (C) 2002 by Ian (Larry) Latter <Ian.Latter@mq.edu.au> | |
277 | + * based on HW's ip_conntrack_irc.c | |
278 | + * | |
279 | + * ip_conntrack_rsh.c,v 1.0 2002/07/17 14:49:26 | |
280 | + * | |
281 | + * This program is free software; you can redistribute it and/or | |
282 | + * modify it under the terms of the GNU General Public License | |
283 | + * as published by the Free Software Foundation; either version | |
284 | + * 2 of the License, or (at your option) any later version. | |
285 | + */ | |
286 | +#ifndef _IP_CONNTRACK_RSH_H | |
287 | +#define _IP_CONNTRACK_RSH_H | |
288 | + | |
289 | +#ifdef __KERNEL__ | |
290 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
291 | + | |
292 | +DECLARE_LOCK_EXTERN(ip_rsh_lock); | |
293 | +#endif | |
294 | + | |
295 | + | |
296 | +#define RSH_PORT 514 | |
297 | + | |
298 | +/* This structure is per expected connection */ | |
299 | +struct ip_ct_rsh_expect | |
300 | +{ | |
301 | + u_int16_t port; | |
302 | +}; | |
303 | + | |
304 | +/* This structure exists only once per master */ | |
305 | +struct ip_ct_rsh_master { | |
306 | +}; | |
307 | + | |
308 | +#endif /* _IP_CONNTRACK_RSH_H */ | |
309 | + | |
310 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_talk.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_talk.h | |
311 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_talk.h 1970-01-01 01:00:00.000000000 +0100 | |
312 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_talk.h 2004-04-16 09:18:58.000000000 +0200 | |
313 | @@ -0,0 +1,152 @@ | |
314 | +#ifndef _IP_CONNTRACK_TALK_H | |
315 | +#define _IP_CONNTRACK_TALK_H | |
316 | +/* TALK tracking. */ | |
317 | + | |
318 | +#ifdef __KERNEL__ | |
319 | +#include <linux/in.h> | |
320 | +#include <linux/netfilter_ipv4/lockhelp.h> | |
321 | + | |
322 | +/* Protects talk part of conntracks */ | |
323 | +DECLARE_LOCK_EXTERN(ip_talk_lock); | |
324 | +#endif | |
325 | + | |
326 | + | |
327 | +#define TALK_PORT 517 | |
328 | +#define NTALK_PORT 518 | |
329 | + | |
330 | +/* talk structures and constants from <protocols/talkd.h> */ | |
331 | + | |
332 | +/* | |
333 | + * 4.3BSD struct sockaddr | |
334 | + */ | |
335 | +struct talk_addr { | |
336 | + u_int16_t ta_family; | |
337 | + u_int16_t ta_port; | |
338 | + u_int32_t ta_addr; | |
339 | + u_int32_t ta_junk1; | |
340 | + u_int32_t ta_junk2; | |
341 | +}; | |
342 | + | |
343 | +#define TALK_OLD_NSIZE 9 | |
344 | +#define TALK_NSIZE 12 | |
345 | +#define TALK_TTY_NSIZE 16 | |
346 | + | |
347 | +/* | |
348 | + * Client->server request message formats. | |
349 | + */ | |
350 | +struct talk_msg { | |
351 | + u_char type; /* request type, see below */ | |
352 | + char l_name[TALK_OLD_NSIZE];/* caller's name */ | |
353 | + char r_name[TALK_OLD_NSIZE];/* callee's name */ | |
354 | + u_char pad; | |
355 | + u_int32_t id_num; /* message id */ | |
356 | + int32_t pid; /* caller's process id */ | |
357 | + char r_tty[TALK_TTY_NSIZE];/* callee's tty name */ | |
358 | + struct talk_addr addr; /* old (4.3) style */ | |
359 | + struct talk_addr ctl_addr; /* old (4.3) style */ | |
360 | +}; | |
361 | + | |
362 | +struct ntalk_msg { | |
363 | + u_char vers; /* protocol version */ | |
364 | + u_char type; /* request type, see below */ | |
365 | + u_char answer; /* not used */ | |
366 | + u_char pad; | |
367 | + u_int32_t id_num; /* message id */ | |
368 | + struct talk_addr addr; /* old (4.3) style */ | |
369 | + struct talk_addr ctl_addr; /* old (4.3) style */ | |
370 | + int32_t pid; /* caller's process id */ | |
371 | + char l_name[TALK_NSIZE];/* caller's name */ | |
372 | + char r_name[TALK_NSIZE];/* callee's name */ | |
373 | + char r_tty[TALK_TTY_NSIZE];/* callee's tty name */ | |
374 | +}; | |
375 | + | |
376 | +struct ntalk2_msg { | |
377 | + u_char vers; /* talk protocol version */ | |
378 | + u_char type; /* request type */ | |
379 | + u_char answer; /* */ | |
380 | + u_char extended; /* !0 if additional parts */ | |
381 | + u_int32_t id_num; /* message id number (dels) */ | |
382 | + struct talk_addr addr; /* target address */ | |
383 | + struct talk_addr ctl_addr; /* reply to address */ | |
384 | + int32_t pid; /* caller's process id */ | |
385 | + char l_name[TALK_NSIZE]; /* caller's name */ | |
386 | + char r_name[TALK_NSIZE]; /* callee's name */ | |
387 | + char r_tty[TALK_TTY_NSIZE]; /* callee's tty */ | |
388 | +}; | |
389 | + | |
390 | +/* | |
391 | + * Server->client response message formats. | |
392 | + */ | |
393 | +struct talk_response { | |
394 | + u_char type; /* type of request message, see below */ | |
395 | + u_char answer; /* response to request message, see below */ | |
396 | + u_char pad[2]; | |
397 | + u_int32_t id_num; /* message id */ | |
398 | + struct talk_addr addr; /* address for establishing conversation */ | |
399 | +}; | |
400 | + | |
401 | +struct ntalk_response { | |
402 | + u_char vers; /* protocol version */ | |
403 | + u_char type; /* type of request message, see below */ | |
404 | + u_char answer; /* response to request message, see below */ | |
405 | + u_char pad; | |
406 | + u_int32_t id_num; /* message id */ | |
407 | + struct talk_addr addr; /* address for establishing conversation */ | |
408 | +}; | |
409 | + | |
410 | +struct ntalk2_response { | |
411 | + u_char vers; /* protocol version */ | |
412 | + u_char type; /* type of request message */ | |
413 | + u_char answer; /* response to request */ | |
414 | + u_char rvers; /* Version of answering vers*/ | |
415 | + u_int32_t id_num; /* message id number */ | |
416 | + struct talk_addr addr; /* address for connection */ | |
417 | + /* This is at the end to compatiblize this with NTALK version. */ | |
418 | + char r_name[TALK_NSIZE]; /* callee's name */ | |
419 | +}; | |
420 | + | |
421 | +#define TALK_STR(data, talk_str, member) ((struct talk_str *)data)->member) | |
422 | +#define TALK_RESP(data, ver, member) (ver ? ((struct ntalk_response *)data)->member : ((struct talk_response *)data)->member) | |
423 | +#define TALK_MSG(data, ver, member) (ver ? ((struct ntalk_msg *)data)->member : ((struct talk_msg *)data)->member) | |
424 | + | |
425 | +#define TALK_VERSION 0 /* protocol versions */ | |
426 | +#define NTALK_VERSION 1 | |
427 | +#define NTALK2_VERSION 2 | |
428 | + | |
429 | +/* message type values */ | |
430 | +#define LEAVE_INVITE 0 /* leave invitation with server */ | |
431 | +#define LOOK_UP 1 /* check for invitation by callee */ | |
432 | +#define DELETE 2 /* delete invitation by caller */ | |
433 | +#define ANNOUNCE 3 /* announce invitation by caller */ | |
434 | +/* NTALK2 */ | |
435 | +#define REPLY_QUERY 4 /* request reply data from local daemon */ | |
436 | + | |
437 | +/* answer values */ | |
438 | +#define SUCCESS 0 /* operation completed properly */ | |
439 | +#define NOT_HERE 1 /* callee not logged in */ | |
440 | +#define FAILED 2 /* operation failed for unexplained reason */ | |
441 | +#define MACHINE_UNKNOWN 3 /* caller's machine name unknown */ | |
442 | +#define PERMISSION_DENIED 4 /* callee's tty doesn't permit announce */ | |
443 | +#define UNKNOWN_REQUEST 5 /* request has invalid type value */ | |
444 | +#define BADVERSION 6 /* request has invalid protocol version */ | |
445 | +#define BADADDR 7 /* request has invalid addr value */ | |
446 | +#define BADCTLADDR 8 /* request has invalid ctl_addr value */ | |
447 | +/* NTALK2 */ | |
448 | +#define NO_CALLER 9 /* no-one calling answer from REPLY */ | |
449 | +#define TRY_HERE 10 /* Not on this machine, try this */ | |
450 | +#define SELECTIVE_REFUSAL 11 /* User Filter refusal. */ | |
451 | +#define MAX_RESPONSE_TYPE 11 /* Make sure this is updated */ | |
452 | + | |
453 | +/* We don't really need much for talk */ | |
454 | +struct ip_ct_talk_expect | |
455 | +{ | |
456 | + /* Port that was to be used */ | |
457 | + u_int16_t port; | |
458 | +}; | |
459 | + | |
460 | +/* This structure exists only once per master */ | |
461 | +struct ip_ct_talk_master | |
462 | +{ | |
463 | +}; | |
464 | + | |
465 | +#endif /* _IP_CONNTRACK_TALK_H */ | |
466 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_tuple.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_tuple.h | |
467 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ip_conntrack_tuple.h 2004-04-15 03:35:20.000000000 +0200 | |
468 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ip_conntrack_tuple.h 2004-04-16 09:18:47.000000000 +0200 | |
469 | @@ -25,6 +25,9 @@ | |
470 | struct { | |
471 | u_int16_t id; | |
472 | } icmp; | |
473 | + struct { | |
474 | + u_int16_t port; | |
475 | + } sctp; | |
476 | }; | |
477 | ||
478 | /* The manipulable part of the tuple. */ | |
479 | @@ -55,6 +58,9 @@ | |
480 | struct { | |
481 | u_int8_t type, code; | |
482 | } icmp; | |
483 | + struct { | |
484 | + u_int16_t port; | |
485 | + } sctp; | |
486 | } u; | |
487 | ||
488 | /* The protocol. */ | |
489 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ipt_CONNMARK.h | |
490 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ipt_CONNMARK.h 1970-01-01 01:00:00.000000000 +0100 | |
491 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ipt_CONNMARK.h 2004-04-16 09:15:41.000000000 +0200 | |
492 | @@ -0,0 +1,25 @@ | |
493 | +#ifndef _IPT_CONNMARK_H_target | |
494 | +#define _IPT_CONNMARK_H_target | |
495 | + | |
496 | +/* Copyright (C) 2002,2004 MARA Systems AB <http://www.marasystems.com> | |
497 | + * by Henrik Nordstrom <hno@marasystems.com> | |
498 | + * | |
499 | + * This program is free software; you can redistribute it and/or modify | |
500 | + * it under the terms of the GNU General Public License as published by | |
501 | + * the Free Software Foundation; either version 2 of the License, or | |
502 | + * (at your option) any later version. | |
503 | + */ | |
504 | + | |
505 | +enum { | |
506 | + IPT_CONNMARK_SET = 0, | |
507 | + IPT_CONNMARK_SAVE, | |
508 | + IPT_CONNMARK_RESTORE | |
509 | +}; | |
510 | + | |
511 | +struct ipt_connmark_target_info { | |
512 | + unsigned long mark; | |
513 | + unsigned long mask; | |
514 | + u_int8_t mode; | |
515 | +}; | |
516 | + | |
517 | +#endif /*_IPT_CONNMARK_H_target*/ | |
518 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ipt_IPMARK.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ipt_IPMARK.h | |
519 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ipt_IPMARK.h 1970-01-01 01:00:00.000000000 +0100 | |
520 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ipt_IPMARK.h 2004-04-16 09:15:43.000000000 +0200 | |
521 | @@ -0,0 +1,13 @@ | |
522 | +#ifndef _IPT_IPMARK_H_target | |
523 | +#define _IPT_IPMARK_H_target | |
524 | + | |
525 | +struct ipt_ipmark_target_info { | |
526 | + unsigned long andmask; | |
527 | + unsigned long ormask; | |
528 | + unsigned int addr; | |
529 | +}; | |
530 | + | |
531 | +#define IPT_IPMARK_SRC 0 | |
532 | +#define IPT_IPMARK_DST 1 | |
533 | + | |
534 | +#endif /*_IPT_IPMARK_H_target*/ | |
535 | diff -Nur --exclude '*.orig' linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ipt_ROUTE.h linux-2.6.6-rc1/include/linux/netfilter_ipv4/ipt_ROUTE.h | |
536 | --- linux-2.6.6-rc1.org/include/linux/netfilter_ipv4/ipt_ROUTE.h 1970-01-01 01:00:00.000000000 +0100 | |
537 | +++ linux-2.6.6-rc1/include/linux/netfilter_ipv4/ipt_ROUTE.h 2004-04-16 09:15:44.000000000 +0200 | |
538 | @@ -0,0 +1,22 @@ | |
539 | +/* Header file for iptables ipt_ROUTE target | |
540 | + * | |
541 |