1 This patch fixes bugs related to machine endianess (harmless on
2 little-endians, but causing that some of conntrack modules don't
3 work on big-endian machines).
6 * (debugging, not endianess related) compilation failure in
7 destroy_expect() in ip_conntrack_core.c when debugging was enabled
9 * (minor problem for now) fixed warning about format string used
10 for conntrack->mark (which is unsigned long) - would be harmful on
13 * the real problem: the way that ip_conntrack_tuple structures were
14 initialized was wrong - in compound literals port number was catched
15 by the first dst.u union element, which is int64_t (so port was
16 stored in 2 least significant bytes, i.e. 6 bytes after beginning of
17 dst.u.tcp or dst.u.udp element).
18 This fix uses C99 field specifiers.
20 Aternative way to fix can be zeroing whole structure and then
21 setting wanted fields in separate statements (like in
22 ip_conntrack_pptp for example).
25 Jakub Bogusz <qboosh@pld.org.pl>
27 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_standalone.c.orig Fri May 16 10:17:39 2003
28 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_standalone.c Mon May 19 15:58:25 2003
30 len += sprintf(buffer + len, "use=%u ",
31 atomic_read(&conntrack->ct_general.use));
32 #if defined(CONFIG_IP_NF_CONNTRACK_MARK)
33 - len += sprintf(buffer + len, "mark=%d ", conntrack->mark);
34 + len += sprintf(buffer + len, "mark=%ld ", conntrack->mark);
36 len += sprintf(buffer + len, "\n");
38 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_core.c.orig Fri May 16 10:17:39 2003
39 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_core.c Mon May 19 15:49:36 2003
42 destroy_expect(struct ip_conntrack_expect *exp)
44 - DEBUGP("destroy_expect(%p) use=%d\n", exp, atomic_read(exp->use));
45 - IP_NF_ASSERT(atomic_read(exp->use));
46 + DEBUGP("destroy_expect(%p) use=%d\n", exp, atomic_read(&exp->use));
47 + IP_NF_ASSERT(atomic_read(&exp->use));
48 IP_NF_ASSERT(!timer_pending(&exp->timeout));
52 getorigdst(struct sock *sk, int optval, void *user, int *len)
54 struct ip_conntrack_tuple_hash *h;
55 - struct ip_conntrack_tuple tuple = { { sk->rcv_saddr, { sk->sport } },
56 - { sk->daddr, { sk->dport },
57 + struct ip_conntrack_tuple tuple = { { sk->rcv_saddr, { .tcp = { sk->sport } } },
58 + { sk->daddr, { .tcp = { sk->dport } },
61 /* We only do TCP at the moment: is there a better way? */
62 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_ftp.c.orig Fri May 16 10:17:39 2003
63 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_ftp.c Mon May 19 15:50:54 2003
66 { htonl((array[0] << 24) | (array[1] << 16)
67 | (array[2] << 8) | array[3]),
68 - { htons(array[4] << 8 | array[5]) },
69 + { .tcp = { htons(array[4] << 8 | array[5]) } },
71 exp->mask = ((struct ip_conntrack_tuple)
72 { { 0xFFFFFFFF, { 0 } },
73 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
74 + { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFFFF }});
78 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_h323.c.orig Fri May 16 10:17:39 2003
79 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_h323.c Mon May 19 15:52:03 2003
81 { { ct->tuplehash[!dir].tuple.src.ip,
85 + { .tcp = { data_port } },
87 exp->mask = ((struct ip_conntrack_tuple)
88 { { 0xFFFFFFFF, { 0 } },
89 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
90 + { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFFFF }});
95 { { ct->tuplehash[!dir].tuple.src.ip,
99 + { .tcp = { data_port } },
101 exp->mask = ((struct ip_conntrack_tuple)
102 { { 0xFFFFFFFF, { 0 } },
103 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
104 + { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFFFF }});
106 exp->expectfn = h225_expect;
108 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_irc.c.orig Fri Nov 29 00:53:15 2002
109 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_irc.c Mon May 19 15:54:24 2003
110 @@ -209,11 +209,11 @@
112 exp->tuple = ((struct ip_conntrack_tuple)
114 - { htonl(dcc_ip), { htons(dcc_port) },
115 + { htonl(dcc_ip), { .tcp = { htons(dcc_port) } },
117 exp->mask = ((struct ip_conntrack_tuple)
119 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
120 + { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFFFF }});
122 exp->expectfn = NULL;
124 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_mms.c.orig Fri May 16 10:17:39 2003
125 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_mms.c Mon May 19 15:55:06 2003
126 @@ -238,12 +238,12 @@
127 exp->tuple = ((struct ip_conntrack_tuple)
128 { { ct->tuplehash[!dir].tuple.src.ip, { 0 } },
130 - { (__u16) ntohs(mms_port) },
131 + { .tcp = { (__u16) ntohs(mms_port) } },
134 exp->mask = ((struct ip_conntrack_tuple)
135 { { 0xFFFFFFFF, { 0 } },
136 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
137 + { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFFFF }});
138 exp->expectfn = NULL;
139 ip_conntrack_expect_related(ct, &expect);
140 UNLOCK_BH(&ip_mms_lock);
141 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_quake3.c.orig Fri May 16 10:17:39 2003
142 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_quake3.c Mon May 19 15:57:27 2003
144 exp.tuple = ((struct ip_conntrack_tuple)
145 { { ct->tuplehash[!dir].tuple.src.ip, { 0 } },
146 { (u_int32_t) *((u_int32_t *)((int)udph + i)),
147 - { (__u16) *((__u16 *)((int)udph+i+4)) },
148 + { .udp = { (__u16) *((__u16 *)((int)udph+i+4)) } },
151 exp.mask = ((struct ip_conntrack_tuple)
152 { { 0xFFFFFFFF, { 0 } },
153 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
154 + { 0xFFFFFFFF, { .udp = { 0xFFFF } }, 0xFFFF }});
157 ip_conntrack_expect_related(ct, &exp);
158 --- linux-2.4.20/net/ipv4/netfilter/ip_conntrack_talk.c.orig Fri May 16 10:17:39 2003
159 +++ linux-2.4.20/net/ipv4/netfilter/ip_conntrack_talk.c Mon May 19 16:00:41 2003
160 @@ -119,11 +119,11 @@
161 { { ct->tuplehash[dir].tuple.src.ip,
163 { ct->tuplehash[dir].tuple.dst.ip,
164 - { htons(talk_port) },
165 + { .udp = { htons(talk_port) } },
167 exp->mask = ((struct ip_conntrack_tuple)
168 { { 0xFFFFFFFF, { 0 } },
169 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
170 + { 0xFFFFFFFF, { .udp = { 0xFFFF } }, 0xFFFF }});
172 exp->expectfn = talk_expectfn[talk_port - TALK_PORT];
174 @@ -148,11 +148,11 @@
175 { { ct->tuplehash[!dir].tuple.src.ip,
179 + { .tcp = { addr->ta_port } },
181 exp->mask = ((struct ip_conntrack_tuple)
182 { { 0xFFFFFFFF, { 0 } },
183 - { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }});
184 + { 0xFFFFFFFF, { .tcp = { 0xFFFF } }, 0xFFFF }});
186 exp->expectfn = NULL;