From cf07b7f22387c42de0885f681a3a3868029544c3 Mon Sep 17 00:00:00 2001 From: Sapan Bhatia Date: Fri, 9 May 2008 20:34:43 +0000 Subject: [PATCH] Ping bug fix. Probably tcpdump bug fix. --- linux-2.6-520-vnet+.patch | 291 -------------------------------------- 1 file changed, 291 deletions(-) diff --git a/linux-2.6-520-vnet+.patch b/linux-2.6-520-vnet+.patch index 77fa39825..3cbf01317 100644 --- a/linux-2.6-520-vnet+.patch +++ b/linux-2.6-520-vnet+.patch @@ -638,294 +638,3 @@ diff -Nurb linux-2.6.22-510/net/packet/af_packet.c linux-2.6.22-520/net/packet/a return -EPERM; if (sock->type != SOCK_DGRAM && sock->type != SOCK_RAW && sock->type != SOCK_PACKET) -diff -Nurb linux-2.6.22-510/xt_MARK.c linux-2.6.22-520/xt_MARK.c ---- linux-2.6.22-510/xt_MARK.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux-2.6.22-520/xt_MARK.c 2008-05-05 00:06:39.000000000 -0400 -@@ -0,0 +1,287 @@ -+/* This is a module which is used for setting the NFMARK field of an skb. */ -+ -+/* (C) 1999-2001 Marc Boucher -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License version 2 as -+ * published by the Free Software Foundation. -+ * -+ */ -+ -+#include -+#include -+#include -+#include -+#include -+#include -+#include -+ -+#include -+#include -+#include -+ -+MODULE_LICENSE("GPL"); -+MODULE_AUTHOR("Marc Boucher "); -+MODULE_DESCRIPTION("ip[6]tables MARK modification module"); -+MODULE_ALIAS("ipt_MARK"); -+MODULE_ALIAS("ip6t_MARK"); -+ -+static inline u_int16_t -+get_dst_port(struct nf_conntrack_tuple *tuple) -+{ -+ switch (tuple->dst.protonum) { -+ case IPPROTO_GRE: -+ /* XXX Truncate 32-bit GRE key to 16 bits */ -+#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,11) -+ return tuple->dst.u.gre.key; -+#else -+ return htons(ntohl(tuple->dst.u.gre.key)); -+#endif -+ case IPPROTO_ICMP: -+ /* Bind on ICMP echo ID */ -+ return tuple->src.u.icmp.id; -+ case IPPROTO_TCP: -+ return tuple->dst.u.tcp.port; -+ case IPPROTO_UDP: -+ return tuple->dst.u.udp.port; -+ default: -+ return tuple->dst.u.all; -+ } -+} -+ -+static inline u_int16_t -+get_src_port(struct nf_conntrack_tuple *tuple) -+{ -+ switch (tuple->dst.protonum) { -+ case IPPROTO_GRE: -+ /* XXX Truncate 32-bit GRE key to 16 bits */ -+ return htons(ntohl(tuple->src.u.gre.key)); -+ case IPPROTO_ICMP: -+ /* Bind on ICMP echo ID */ -+ return tuple->src.u.icmp.id; -+ case IPPROTO_TCP: -+ return tuple->src.u.tcp.port; -+ case IPPROTO_UDP: -+ return tuple->src.u.udp.port; -+ default: -+ return tuple->src.u.all; -+ } -+} -+ -+static unsigned int -+target_v0(struct sk_buff **pskb, -+ const struct net_device *in, -+ const struct net_device *out, -+ unsigned int hooknum, -+ const struct xt_target *target, -+ const void *targinfo) -+{ -+ const struct xt_mark_target_info *markinfo = targinfo; -+ -+ (*pskb)->mark = markinfo->mark; -+ return XT_CONTINUE; -+} -+ -+static unsigned int -+target_v1(struct sk_buff **pskb, -+ const struct net_device *in, -+ const struct net_device *out, -+ unsigned int hooknum, -+ const struct xt_target *target, -+ const void *targinfo) -+{ -+ const struct xt_mark_target_info_v1 *markinfo = targinfo; -+ int mark = -1; -+ -+ switch (markinfo->mode) { -+ case XT_MARK_SET: -+ mark = markinfo->mark; -+ break; -+ -+ case XT_MARK_AND: -+ mark = (*pskb)->mark & markinfo->mark; -+ break; -+ -+ case XT_MARK_OR: -+ mark = (*pskb)->mark | markinfo->mark; -+ break; -+ -+ case XT_MARK_COPYXID: { -+ enum ip_conntrack_info ctinfo; -+ struct sock *connection_sk; -+ int dif; -+ -+ struct nf_conn *ct = nf_ct_get((*pskb), &ctinfo); -+ extern struct inet_hashinfo tcp_hashinfo; -+ enum ip_conntrack_dir dir; -+ if (!ct) -+ break; -+ -+ dir = CTINFO2DIR(ctinfo); -+ u_int32_t src_ip = ct->tuplehash[dir].tuple.src.u3.ip; -+ u_int16_t src_port = get_src_port(&ct->tuplehash[dir].tuple); -+ u_int16_t proto = ct->tuplehash[dir].tuple.dst.protonum; -+ -+ u_int32_t ip; -+ u_int16_t port; -+ -+ dif = ((struct rtable *)(*pskb)->dst)->rt_iif; -+ ip = ct->tuplehash[dir].tuple.dst.u3.ip; -+ port = get_dst_port(&ct->tuplehash[dir].tuple); -+ -+ if (proto == 1 || proto == 17) { -+ if (((*pskb)->mark!=-1) && (*pskb)->mark) -+ ct->xid[0]=(*pskb)->mark; -+ if (ct->xid[0]) -+ mark = ct->xid[0]; -+ -+ } -+ else if (proto == 6) { -+ if ((*pskb)->sk) { -+ connection_sk = (*pskb)->sk; -+ sock_hold(connection_sk); -+ } -+ else { -+ connection_sk = inet_lookup(&tcp_hashinfo, src_ip, src_port, ip, port, dif); -+ } -+ -+ if (connection_sk) { -+ connection_sk->sk_peercred.gid = connection_sk->sk_peercred.uid = ct->xid[dir]; -+ ct->xid[!dir]=connection_sk->sk_xid; -+ if (connection_sk->sk_xid != 0) -+ mark = connection_sk->sk_xid; -+ if (connection_sk->sk_state == TCP_TIME_WAIT) -+ inet_twsk_put(inet_twsk(connection_sk)); -+ else -+ sock_put(connection_sk); -+ } -+ } -+ break; -+ } -+ } -+ -+ if (mark != -1) -+ (*pskb)->mark = mark; -+ return XT_CONTINUE; -+} -+ -+ -+static int -+checkentry_v0(const char *tablename, -+ const void *entry, -+ const struct xt_target *target, -+ void *targinfo, -+ unsigned int hook_mask) -+{ -+ struct xt_mark_target_info *markinfo = targinfo; -+ -+ if (markinfo->mark > 0xffffffff) { -+ printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); -+ return 0; -+ } -+ return 1; -+} -+ -+static int -+checkentry_v1(const char *tablename, -+ const void *entry, -+ const struct xt_target *target, -+ void *targinfo, -+ unsigned int hook_mask) -+{ -+ struct xt_mark_target_info_v1 *markinfo = targinfo; -+ -+ if (markinfo->mode != XT_MARK_SET -+ && markinfo->mode != XT_MARK_AND -+ && markinfo->mode != XT_MARK_OR -+ && markinfo->mode != XT_MARK_COPYXID) { -+ printk(KERN_WARNING "MARK: unknown mode %u\n", -+ markinfo->mode); -+ return 0; -+ } -+ if (markinfo->mark > 0xffffffff) { -+ printk(KERN_WARNING "MARK: Only supports 32bit wide mark\n"); -+ return 0; -+ } -+ return 1; -+} -+ -+#ifdef CONFIG_COMPAT -+struct compat_xt_mark_target_info_v1 { -+ compat_ulong_t mark; -+ u_int8_t mode; -+ u_int8_t __pad1; -+ u_int16_t __pad2; -+}; -+ -+static void compat_from_user_v1(void *dst, void *src) -+{ -+ struct compat_xt_mark_target_info_v1 *cm = src; -+ struct xt_mark_target_info_v1 m = { -+ .mark = cm->mark, -+ .mode = cm->mode, -+ }; -+ memcpy(dst, &m, sizeof(m)); -+} -+ -+static int compat_to_user_v1(void __user *dst, void *src) -+{ -+ struct xt_mark_target_info_v1 *m = src; -+ struct compat_xt_mark_target_info_v1 cm = { -+ .mark = m->mark, -+ .mode = m->mode, -+ }; -+ return copy_to_user(dst, &cm, sizeof(cm)) ? -EFAULT : 0; -+} -+#endif /* CONFIG_COMPAT */ -+ -+static struct xt_target xt_mark_target[] = { -+ { -+ .name = "MARK", -+ .family = AF_INET, -+ .revision = 0, -+ .checkentry = checkentry_v0, -+ .target = target_v0, -+ .targetsize = sizeof(struct xt_mark_target_info), -+ .table = "mangle", -+ .me = THIS_MODULE, -+ }, -+ { -+ .name = "MARK", -+ .family = AF_INET, -+ .revision = 1, -+ .checkentry = checkentry_v1, -+ .target = target_v1, -+ .targetsize = sizeof(struct xt_mark_target_info_v1), -+#ifdef CONFIG_COMPAT -+ .compatsize = sizeof(struct compat_xt_mark_target_info_v1), -+ .compat_from_user = compat_from_user_v1, -+ .compat_to_user = compat_to_user_v1, -+#endif -+ .table = "mangle", -+ .me = THIS_MODULE, -+ }, -+ { -+ .name = "MARK", -+ .family = AF_INET6, -+ .revision = 0, -+ .checkentry = checkentry_v0, -+ .target = target_v0, -+ .targetsize = sizeof(struct xt_mark_target_info), -+ .table = "mangle", -+ .me = THIS_MODULE, -+ }, -+}; -+ -+static int __init xt_mark_init(void) -+{ -+ return xt_register_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); -+} -+ -+static void __exit xt_mark_fini(void) -+{ -+ xt_unregister_targets(xt_mark_target, ARRAY_SIZE(xt_mark_target)); -+} -+ -+module_init(xt_mark_init); -+module_exit(xt_mark_fini); -- 2.47.0