[packages/kernel.git] / linux-2.4.20-netfilter-nat-endian.patch

This patch fixes bugs related to machine endianess (harmless on
little-endians, but causing that some of conntrack modules don't
work on big-endian machines) in netfilter/ip_nat code.
Bugs are similar to those fixed in
linux-2.4.20-netfilter-conntrack-endian.patch (which fixed
netfilter/ip_conntrack code).

The way that ip_conntrack_manip_proto unions (separately and in
ip_conntrack_tuple struct) were initialized was wrong - in compound
literals and initializers port number was "catched" by the first
union element, which is int32_t (so port was stored in 2 least
significant bytes, i.e. 2 bytes after beginning of tcp or udp
element on big-endian machines).
This fix uses C99 field specifiers.

Aternative way to fix can be zeroing whole structure and then
setting wanted fields in separate statements (like in some
other ip_nat_* or ip_conntrack_* modules).


	Jakub Bogusz <qboosh@pld.org.pl>

--- linux-2.4.20/net/ipv4/netfilter/ip_nat_amanda.c.orig	Tue May 20 11:18:23 2003
+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_amanda.c	Thu May 22 09:53:49 2003
@@ -84,7 +84,7 @@
 		mr.range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 		mr.range[0].min = mr.range[0].max
 			= ((union ip_conntrack_manip_proto)
-				{ htons(port) });
+				{ .udp = { htons(port) } });
 	}
 
 	return ip_nat_setup_info(ct, &mr, hooknum);
--- linux-2.4.20/net/ipv4/netfilter/ip_nat_ftp.c.orig	Fri Nov 29 00:53:15 2002
+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_ftp.c	Thu May 22 09:30:36 2003
@@ -84,7 +84,7 @@
 		mr.range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 		mr.range[0].min = mr.range[0].max
 			= ((union ip_conntrack_manip_proto)
-				{ htons(exp_ftp_info->port) });
+				{ .tcp = { htons(exp_ftp_info->port) } });
 	}
 	return ip_nat_setup_info(ct, &mr, hooknum);
 }
--- linux-2.4.20/net/ipv4/netfilter/ip_nat_h323.c.orig	Thu May 22 10:46:47 2003
+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_h323.c	Thu May 22 10:01:11 2003
@@ -129,7 +129,7 @@
 		mr.range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 		mr.range[0].min = mr.range[0].max
 			= ((union ip_conntrack_manip_proto)
-				{ port });
+				{ .tcp = { port } });
 	}
 
 	ret = ip_nat_setup_info(ct, &mr, hooknum);
@@ -390,9 +390,9 @@
 	  "H.225",					/* name */
 	  IP_NAT_HELPER_F_ALWAYS, 			/* flags */
 	  THIS_MODULE,					/* module */
-	  { { 0, { __constant_htons(H225_PORT) } },	/* tuple */
+	  { { 0, { .tcp = { __constant_htons(H225_PORT) } } },	/* tuple */
 	    { 0, { 0 }, IPPROTO_TCP } },
-	  { { 0, { 0xFFFF } },				/* mask */
+	  { { 0, { .tcp = { 0xFFFF } } },				/* mask */
 	    { 0, { 0 }, 0xFFFF } },
 	  h225_nat_help,				/* helper */
 	  h225_nat_expected				/* expectfn */
--- linux-2.4.20/net/ipv4/netfilter/ip_nat_snmp_basic.c.orig	Fri Nov 29 00:53:15 2002
+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_snmp_basic.c	Thu May 22 10:27:06 2003
@@ -1309,9 +1309,9 @@
 	"snmp",
 	IP_NAT_HELPER_F_STANDALONE,
 	THIS_MODULE,
-	{ { 0, { __constant_htons(SNMP_PORT) } },
+	{ { 0, { .udp = { __constant_htons(SNMP_PORT) } } },
 	  { 0, { 0 }, IPPROTO_UDP } },
-	{ { 0, { 0xFFFF } },
+	{ { 0, { .udp = { 0xFFFF } } },
 	  { 0, { 0 }, 0xFFFF } },
 	nat_help, NULL };
  
@@ -1320,9 +1320,9 @@
 	"snmp_trap",
 	IP_NAT_HELPER_F_STANDALONE,
 	THIS_MODULE,
-	{ { 0, { __constant_htons(SNMP_TRAP_PORT) } },
+	{ { 0, { .udp = { __constant_htons(SNMP_TRAP_PORT) } } },
 	  { 0, { 0 }, IPPROTO_UDP } },
-	{ { 0, { 0xFFFF } },
+	{ { 0, { .udp = { 0xFFFF } } },
 	  { 0, { 0 }, 0xFFFF } },
 	nat_help, NULL };
 
--- linux-2.4.20/net/ipv4/netfilter/ip_nat_talk.c.orig	Tue May 20 11:18:24 2003
+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_talk.c	Thu May 22 10:36:17 2003
@@ -335,9 +335,9 @@
             "talk",					/* name */
             IP_NAT_HELPER_F_ALWAYS, 			/* flags */
             THIS_MODULE,				/* module */
-            { { 0, { __constant_htons(TALK_PORT) } },	/* tuple */
+            { { 0, { .udp = { __constant_htons(TALK_PORT) } } },	/* tuple */
               { 0, { 0 }, IPPROTO_UDP } },
-            { { 0, { 0xFFFF } },			/* mask */
+            { { 0, { .udp = { 0xFFFF } } },		/* mask */
               { 0, { 0 }, 0xFFFF } },
             help, 					/* helper */
             talk_nat_expected },			/* expectfn */
@@ -345,9 +345,9 @@
             "ntalk", 					/* name */
             IP_NAT_HELPER_F_ALWAYS, 			/* flags */
             THIS_MODULE,					/* module */
-            { { 0, { __constant_htons(NTALK_PORT) } },	/* tuple */
+            { { 0, { .udp = { __constant_htons(NTALK_PORT) } } },	/* tuple */
               { 0, { 0 }, IPPROTO_UDP } },
-            { { 0, { 0xFFFF } },				/* mask */
+            { { 0, { .udp = { 0xFFFF } } },		/* mask */
               { 0, { 0 }, 0xFFFF } },
             nhelp, 					/* helper */
             talk_nat_expected }				/* expectfn */
@@ -431,7 +431,7 @@
 		mr.range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED;
 		mr.range[0].min = mr.range[0].max
 			= ((union ip_conntrack_manip_proto)
-				{ port });
+				{ .udp = { port } });
 	}
 	ret = ip_nat_setup_info(ct, &mr, hooknum);
Commit	Line	Data
76ea4f2d JB	1	This patch fixes bugs related to machine endianess (harmless on
	2	little-endians, but causing that some of conntrack modules don't
	3	work on big-endian machines) in netfilter/ip_nat code.
	4	Bugs are similar to those fixed in
	5	linux-2.4.20-netfilter-conntrack-endian.patch (which fixed
	6	netfilter/ip_conntrack code).
	7
	8	The way that ip_conntrack_manip_proto unions (separately and in
	9	ip_conntrack_tuple struct) were initialized was wrong - in compound
	10	literals and initializers port number was "catched" by the first
	11	union element, which is int32_t (so port was stored in 2 least
	12	significant bytes, i.e. 2 bytes after beginning of tcp or udp
	13	element on big-endian machines).
	14	This fix uses C99 field specifiers.
	15
	16	Aternative way to fix can be zeroing whole structure and then
	17	setting wanted fields in separate statements (like in some
	18	other ip_nat_* or ip_conntrack_* modules).
	19
	20
	21	Jakub Bogusz <qboosh@pld.org.pl>
	22
	23	--- linux-2.4.20/net/ipv4/netfilter/ip_nat_amanda.c.orig Tue May 20 11:18:23 2003
	24	+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_amanda.c Thu May 22 09:53:49 2003
	25	@@ -84,7 +84,7 @@
	26	mr.range[0].flags \|= IP_NAT_RANGE_PROTO_SPECIFIED;
	27	mr.range[0].min = mr.range[0].max
	28	= ((union ip_conntrack_manip_proto)
	29	- { htons(port) });
	30	+ { .udp = { htons(port) } });
	31	}
	32
	33	return ip_nat_setup_info(ct, &mr, hooknum);
	34	--- linux-2.4.20/net/ipv4/netfilter/ip_nat_ftp.c.orig Fri Nov 29 00:53:15 2002
	35	+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_ftp.c Thu May 22 09:30:36 2003
	36	@@ -84,7 +84,7 @@
	37	mr.range[0].flags \|= IP_NAT_RANGE_PROTO_SPECIFIED;
	38	mr.range[0].min = mr.range[0].max
	39	= ((union ip_conntrack_manip_proto)
	40	- { htons(exp_ftp_info->port) });
	41	+ { .tcp = { htons(exp_ftp_info->port) } });
	42	}
	43	return ip_nat_setup_info(ct, &mr, hooknum);
	44	}
	45	--- linux-2.4.20/net/ipv4/netfilter/ip_nat_h323.c.orig Thu May 22 10:46:47 2003
	46	+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_h323.c Thu May 22 10:01:11 2003
	47	@@ -129,7 +129,7 @@
	48	mr.range[0].flags \|= IP_NAT_RANGE_PROTO_SPECIFIED;
	49	mr.range[0].min = mr.range[0].max
	50	= ((union ip_conntrack_manip_proto)
	51	- { port });
	52	+ { .tcp = { port } });
	53	}
	54
	55	ret = ip_nat_setup_info(ct, &mr, hooknum);
	56	@@ -390,9 +390,9 @@
	57	"H.225", /* name */
	58	IP_NAT_HELPER_F_ALWAYS, /* flags */
	59	THIS_MODULE, /* module */
	60	- { { 0, { __constant_htons(H225_PORT) } }, /* tuple */
	61	+ { { 0, { .tcp = { __constant_htons(H225_PORT) } } }, /* tuple */
	62	{ 0, { 0 }, IPPROTO_TCP } },
	63	- { { 0, { 0xFFFF } }, /* mask */
	64	+ { { 0, { .tcp = { 0xFFFF } } }, /* mask */
65	{ 0, { 0 }, 0xFFFF } },
66	h225_nat_help, /* helper */
67	h225_nat_expected /* expectfn */
68	--- linux-2.4.20/net/ipv4/netfilter/ip_nat_snmp_basic.c.orig Fri Nov 29 00:53:15 2002
69	+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_snmp_basic.c Thu May 22 10:27:06 2003
70	@@ -1309,9 +1309,9 @@
71	"snmp",
72	IP_NAT_HELPER_F_STANDALONE,
73	THIS_MODULE,
74	- { { 0, { __constant_htons(SNMP_PORT) } },
75	+ { { 0, { .udp = { __constant_htons(SNMP_PORT) } } },
76	{ 0, { 0 }, IPPROTO_UDP } },
77	- { { 0, { 0xFFFF } },
78	+ { { 0, { .udp = { 0xFFFF } } },
79	{ 0, { 0 }, 0xFFFF } },
80	nat_help, NULL };
81
82	@@ -1320,9 +1320,9 @@
83	"snmp_trap",
84	IP_NAT_HELPER_F_STANDALONE,
85	THIS_MODULE,
86	- { { 0, { __constant_htons(SNMP_TRAP_PORT) } },
87	+ { { 0, { .udp = { __constant_htons(SNMP_TRAP_PORT) } } },
88	{ 0, { 0 }, IPPROTO_UDP } },
89	- { { 0, { 0xFFFF } },
90	+ { { 0, { .udp = { 0xFFFF } } },
91	{ 0, { 0 }, 0xFFFF } },
92	nat_help, NULL };
93
94	--- linux-2.4.20/net/ipv4/netfilter/ip_nat_talk.c.orig Tue May 20 11:18:24 2003
95	+++ linux-2.4.20/net/ipv4/netfilter/ip_nat_talk.c Thu May 22 10:36:17 2003
96	@@ -335,9 +335,9 @@
97	"talk", /* name */
98	IP_NAT_HELPER_F_ALWAYS, /* flags */
99	THIS_MODULE, /* module */
100	- { { 0, { __constant_htons(TALK_PORT) } }, /* tuple */
101	+ { { 0, { .udp = { __constant_htons(TALK_PORT) } } }, /* tuple */
102	{ 0, { 0 }, IPPROTO_UDP } },
103	- { { 0, { 0xFFFF } }, /* mask */
104	+ { { 0, { .udp = { 0xFFFF } } }, /* mask */
105	{ 0, { 0 }, 0xFFFF } },
106	help, /* helper */
107	talk_nat_expected }, /* expectfn */
108	@@ -345,9 +345,9 @@
109	"ntalk", /* name */
110	IP_NAT_HELPER_F_ALWAYS, /* flags */
111	THIS_MODULE, /* module */
112	- { { 0, { __constant_htons(NTALK_PORT) } }, /* tuple */
113	+ { { 0, { .udp = { __constant_htons(NTALK_PORT) } } }, /* tuple */
114	{ 0, { 0 }, IPPROTO_UDP } },
115	- { { 0, { 0xFFFF } }, /* mask */
116	+ { { 0, { .udp = { 0xFFFF } } }, /* mask */
117	{ 0, { 0 }, 0xFFFF } },
118	nhelp, /* helper */
119	talk_nat_expected } /* expectfn */
120	@@ -431,7 +431,7 @@
121	mr.range[0].flags \|= IP_NAT_RANGE_PROTO_SPECIFIED;
122	mr.range[0].min = mr.range[0].max
123	= ((union ip_conntrack_manip_proto)
124	- { port });
125	+ { .udp = { port } });
126	}
127	ret = ip_nat_setup_info(ct, &mr, hooknum);
128