1 --- ipset-6.32/kernel/net/netfilter/xt_set.c.orig 2017-03-12 18:41:03.000000000 +0100
2 +++ ipset-6.32/kernel/net/netfilter/xt_set.c 2017-03-25 20:09:19.407499549 +0100
5 const struct xt_set_info_match_v0 *info = par->matchinfo;
7 - ADT_OPT(opt, par->family, info->match_set.u.compat.dim,
8 + ADT_OPT(opt, xt_family(par), info->match_set.u.compat.dim,
9 info->match_set.u.compat.flags, 0, UINT_MAX);
11 return match_set(info->match_set.index, skb, par, &opt,
14 const struct xt_set_info_match_v1 *info = par->matchinfo;
16 - ADT_OPT(opt, par->family, info->match_set.dim,
17 + ADT_OPT(opt, xt_family(par), info->match_set.dim,
18 info->match_set.flags, 0, UINT_MAX);
20 if (opt.flags & IPSET_RETURN_NOMATCH)
22 const struct xt_set_info_match_v3 *info = par->matchinfo;
25 - ADT_OPT(opt, par->family, info->match_set.dim,
26 + ADT_OPT(opt, xt_family(par), info->match_set.dim,
27 info->match_set.flags, info->flags, UINT_MAX);
29 if (info->packets.op != IPSET_COUNTER_NONE ||
31 const struct xt_set_info_match_v4 *info = par->matchinfo;
34 - ADT_OPT(opt, par->family, info->match_set.dim,
35 + ADT_OPT(opt, xt_family(par), info->match_set.dim,
36 info->match_set.flags, info->flags, UINT_MAX);
38 if (info->packets.op != IPSET_COUNTER_NONE ||
41 const struct xt_set_info_target_v0 *info = par->targinfo;
43 - ADT_OPT(add_opt, par->family, info->add_set.u.compat.dim,
44 + ADT_OPT(add_opt, xt_family(par), info->add_set.u.compat.dim,
45 info->add_set.u.compat.flags, 0, UINT_MAX);
46 - ADT_OPT(del_opt, par->family, info->del_set.u.compat.dim,
47 + ADT_OPT(del_opt, xt_family(par), info->del_set.u.compat.dim,
48 info->del_set.u.compat.flags, 0, UINT_MAX);
50 if (info->add_set.index != IPSET_INVALID_ID)
53 const struct xt_set_info_target_v1 *info = par->targinfo;
55 - ADT_OPT(add_opt, par->family, info->add_set.dim,
56 + ADT_OPT(add_opt, xt_family(par), info->add_set.dim,
57 info->add_set.flags, 0, UINT_MAX);
58 - ADT_OPT(del_opt, par->family, info->del_set.dim,
59 + ADT_OPT(del_opt, xt_family(par), info->del_set.dim,
60 info->del_set.flags, 0, UINT_MAX);
62 if (info->add_set.index != IPSET_INVALID_ID)
65 const struct xt_set_info_target_v2 *info = par->targinfo;
67 - ADT_OPT(add_opt, par->family, info->add_set.dim,
68 + ADT_OPT(add_opt, xt_family(par), info->add_set.dim,
69 info->add_set.flags, info->flags, info->timeout);
70 - ADT_OPT(del_opt, par->family, info->del_set.dim,
71 + ADT_OPT(del_opt, xt_family(par), info->del_set.dim,
72 info->del_set.flags, 0, UINT_MAX);
74 /* Normalize to fit into jiffies */
76 const struct xt_set_info_target_v3 *info = par->targinfo;
79 - ADT_OPT(add_opt, par->family, info->add_set.dim,
80 + ADT_OPT(add_opt, xt_family(par), info->add_set.dim,
81 info->add_set.flags, info->flags, info->timeout);
82 - ADT_OPT(del_opt, par->family, info->del_set.dim,
83 + ADT_OPT(del_opt, xt_family(par), info->del_set.dim,
84 info->del_set.flags, 0, UINT_MAX);
85 - ADT_OPT(map_opt, par->family, info->map_set.dim,
86 + ADT_OPT(map_opt, xt_family(par), info->map_set.dim,
87 info->map_set.flags, 0, UINT_MAX);
89 /* Normalize to fit into jiffies */
90 --- ipset-6.32/kernel/net/netfilter/ipset/ip_set_hash_netiface.c.orig 2017-03-12 18:41:03.000000000 +0100
91 +++ ipset-6.32/kernel/net/netfilter/ipset/ip_set_hash_netiface.c 2017-03-25 20:21:11.890900536 +0100
93 ip4addrptr(skb, opt->flags & IPSET_DIM_ONE_SRC, &e.ip);
94 e.ip &= ip_set_netmask(e.cidr);
96 -#define IFACE(dir) (par->dir ? par->dir->name : "")
97 +#define IFACEIN (xt_in(par) ? xt_in(par)->name : "")
98 +#define IFACEOUT (xt_out(par) ? xt_out(par)->name : "")
99 #define SRCDIR (opt->flags & IPSET_DIM_TWO_SRC)
101 if (opt->cmdflags & IPSET_FLAG_PHYSDEV) {
106 - STRLCPY(e.iface, SRCDIR ? IFACE(in) : IFACE(out));
107 + STRLCPY(e.iface, SRCDIR ? IFACEIN : IFACEOUT);
110 if (strlen(e.iface) == 0)
115 - STRLCPY(e.iface, SRCDIR ? IFACE(in) : IFACE(out));
116 + STRLCPY(e.iface, SRCDIR ? IFACEIN : IFACEOUT);
119 if (strlen(e.iface) == 0)
120 --- ipset-6.32/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in.orig 2017-03-25 20:11:14.791803460 +0100
121 +++ ipset-6.32/kernel/include/linux/netfilter/ipset/ip_set_compat.h.in 2017-03-25 20:27:17.970438585 +0100
122 @@ -285,10 +285,16 @@
126 +#if LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0)
127 +#define xt_in(par) par->in
128 +#define xt_out(par) par->out
129 +#define xt_family(par) par->family
132 #ifdef HAVE_NET_IN_XT_ACTION_PARAM
133 #define IPSET_DEV_NET(par) (par)->net
135 -#define IPSET_DEV_NET(par) dev_net((par)->in ? (par)->in : (par)->out)
136 +#define IPSET_DEV_NET(par) dev_net(xt_in(par) ? xt_in(par) : xt_out(par))
139 #ifndef smp_mb__before_atomic