An addendum to the change involving UDP-listing/RAW sockets. Not including this fix...

author Sapan Bhatia <sapanb@cs.princeton.edu>

Mon, 4 Aug 2008 20:45:58 +0000 (20:45 +0000)

committer Sapan Bhatia <sapanb@cs.princeton.edu>

Mon, 4 Aug 2008 20:45:58 +0000 (20:45 +0000)
author Sapan Bhatia <sapanb@cs.princeton.edu>
Mon, 4 Aug 2008 20:45:58 +0000 (20:45 +0000)
committer Sapan Bhatia <sapanb@cs.princeton.edu>
Mon, 4 Aug 2008 20:45:58 +0000 (20:45 +0000)
diff --git a/linux-2.6-522-iptables-connection-tagging.patch b/linux-2.6-522-iptables-connection-tagging.patch

index 80b105a..1513379 100644 (file)
--- a/linux-2.6-522-iptables-connection-tagging.patch
+++ b/linux-2.6-522-iptables-connection-tagging.patch
@@ -110,7 +110,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/nf_conntrack_core.c linux-2.6.22-522/n
   
  diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilter/xt_MARK.c
  --- linux-2.6.22-521/net/netfilter/xt_MARK.c   2007-07-08 19:32:17.000000000 -0400
-+++ linux-2.6.22-522/net/netfilter/xt_MARK.c   2008-08-04 04:59:30.000000000 -0400
++++ linux-2.6.22-522/net/netfilter/xt_MARK.c   2008-08-04 16:44:16.000000000 -0400
  @@ -5,13 +5,19 @@
    * This program is free software; you can redistribute it and/or modify
    * it under the terms of the GNU General Public License version 2 as
@@ -270,7 +270,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt
   
         switch (markinfo->mode) {
         case XT_MARK_SET:
-@@ -58,13 +180,117 @@
+@@ -58,13 +180,121 @@
         case XT_MARK_OR:
                 mark = (*pskb)->mark | markinfo->mark;
                 break;
@@ -310,6 +310,10 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt
  +                          if (sk && hooknum==NF_IP_LOCAL_IN) {
  +                                  mark=sk->sk_nid;
  +                          }
++
++                                                if (sk) {
++                                                                sock_put(sk);
++                                                }
  +                  }
  +                  else
  +                  if ((*pskb)->mark>0) /* The packet is marked, it's going out */
@@ -389,7 +393,7 @@ diff -Nurb linux-2.6.22-521/net/netfilter/xt_MARK.c linux-2.6.22-522/net/netfilt
   static int
   checkentry_v0(const char *tablename,
               const void *entry,
-@@ -92,7 +318,8 @@
+@@ -92,7 +322,8 @@
   
         if (markinfo->mode != XT_MARK_SET
             && markinfo->mode != XT_MARK_AND
author	Sapan Bhatia <sapanb@cs.princeton.edu>
	Mon, 4 Aug 2008 20:45:58 +0000 (20:45 +0000)
committer	Sapan Bhatia <sapanb@cs.princeton.edu>
	Mon, 4 Aug 2008 20:45:58 +0000 (20:45 +0000)