Changeset 15502


Ignore:
Timestamp:
2009-04-30T03:31:37+02:00 (9 years ago)
Author:
jow
Message:

[kernel] refreshed layer7 patches for 2.6.26.8, 2.6.27.21, 2.6.28.9 and 2.6.29.1

Location:
trunk/target/linux/generic-2.6
Files:
4 added
4 deleted
4 edited

Legend:

Unmodified
Added
Removed
  • trunk/target/linux/generic-2.6/patches-2.6.26/101-netfilter_layer7_pktmatch.patch

    r13135 r15502  
    11--- a/include/linux/netfilter/xt_layer7.h 
    22+++ b/include/linux/netfilter/xt_layer7.h 
    3 @@ -8,6 +8,7 @@ struct xt_layer7_info { 
     3@@ -8,6 +8,7 @@ 
    44     char protocol[MAX_PROTOCOL_LEN]; 
    55     char pattern[MAX_PATTERN_LEN]; 
     
    1111--- a/net/netfilter/xt_layer7.c 
    1212+++ b/net/netfilter/xt_layer7.c 
    13 @@ -297,34 +297,36 @@ static int match_no_append(struct nf_con 
     13@@ -314,34 +314,36 @@ 
    1414 } 
    1515  
     
    2222-       int oldlength = master_conntrack->layer7.app_data_len; 
    2323  
    24 -       /* This is a fix for a race condition by Deti Fliegl. However, I'm not 
    25 -          clear on whether the race condition exists or whether this really 
    26 -          fixes it.  I might just be being dense... Anyway, if it's not really 
     24-       /* This is a fix for a race condition by Deti Fliegl. However, I'm not  
     25-          clear on whether the race condition exists or whether this really  
     26-          fixes it.  I might just be being dense... Anyway, if it's not really  
    2727-          a fix, all it does is waste a very small amount of time. */ 
    2828-       if(!master_conntrack->layer7.app_data) return 0; 
    29 +       if (!target) return 0; 
     29+       if(!target) return 0; 
    3030  
    3131        /* Strip nulls. Make everything lower case (our regex lib doesn't 
     
    3838-                       master_conntrack->layer7.app_data[length+oldlength] = 
    3939+                       target[length+offset] = 
    40                                 isascii(app_data[i])? 
     40                                isascii(app_data[i])?  
    4141                                        tolower(app_data[i]) : app_data[i]; 
    4242                        length++; 
     
    4444        } 
    4545+       target[length+offset] = '\0'; 
    46 + 
     46  
     47-       master_conntrack->layer7.app_data[length+oldlength] = '\0'; 
     48-       master_conntrack->layer7.app_data_len = length + oldlength; 
    4749+       return length; 
    4850+} 
    4951  
    50 -       master_conntrack->layer7.app_data[length+oldlength] = '\0'; 
    51 -       master_conntrack->layer7.app_data_len = length + oldlength; 
    5252+/* add the new app data to the conntrack.  Return number of bytes added. */ 
    5353+static int add_data(struct nf_conn * master_conntrack, 
     
    5555+{ 
    5656+       int length; 
    57   
     57+  
    5858+       length = add_datastr(master_conntrack->layer7.app_data, master_conntrack->layer7.app_data_len, app_data, appdatalen); 
    5959+       master_conntrack->layer7.app_data_len += length; 
     
    6161 } 
    6262  
    63 @@ -411,7 +413,7 @@ match(const struct sk_buff *skbin, 
    64         const struct xt_layer7_info * info = matchinfo; 
     63@@ -438,7 +440,7 @@ 
     64  
    6565        enum ip_conntrack_info master_ctinfo, ctinfo; 
    6666        struct nf_conn *master_conntrack, *conntrack; 
     
    7070        regexp * comppattern; 
    7171  
    72 @@ -439,8 +441,8 @@ match(const struct sk_buff *skbin, 
     72@@ -466,8 +468,8 @@ 
    7373                master_conntrack = master_ct(master_conntrack); 
    7474  
    7575        /* if we've classified it or seen too many packets */ 
    76 -       if(TOTAL_PACKETS > num_packets || 
     76-       if(total_acct_packets(master_conntrack) > num_packets || 
    7777-          master_conntrack->layer7.app_proto) { 
    7878+       if(!info->pkt && (TOTAL_PACKETS > num_packets || 
    7979+          master_conntrack->layer7.app_proto)) { 
    8080  
    81                 pattern_result = match_no_append(conntrack, master_conntrack, 
     81                pattern_result = match_no_append(conntrack, master_conntrack,  
    8282                                                 ctinfo, master_ctinfo, info); 
    83 @@ -473,6 +475,25 @@ match(const struct sk_buff *skbin, 
     83@@ -500,6 +502,25 @@ 
    8484        /* the return value gets checked later, when we're ready to use it */ 
    8585        comppattern = compile_and_cache(info->pattern, info->protocol); 
     
    105105+ 
    106106        /* On the first packet of a connection, allocate space for app data */ 
    107         if(TOTAL_PACKETS == 1 && !skb->cb[0] && 
     107        if(total_acct_packets(master_conntrack) == 1 && !skb->cb[0] &&  
    108108           !master_conntrack->layer7.app_data){ 
  • trunk/target/linux/generic-2.6/patches-2.6.27/101-netfilter_layer7_pktmatch.patch

    r13449 r15502  
    11--- a/include/linux/netfilter/xt_layer7.h 
    22+++ b/include/linux/netfilter/xt_layer7.h 
    3 @@ -8,6 +8,7 @@ struct xt_layer7_info { 
     3@@ -8,6 +8,7 @@ 
    44     char protocol[MAX_PROTOCOL_LEN]; 
    55     char pattern[MAX_PATTERN_LEN]; 
     
    1111--- a/net/netfilter/xt_layer7.c 
    1212+++ b/net/netfilter/xt_layer7.c 
    13 @@ -314,33 +314,35 @@ static int match_no_append(struct nf_con 
     13@@ -314,33 +314,35 @@ 
    1414 } 
    1515  
     
    6161        return length; 
    6262 } 
    63 @@ -428,7 +430,7 @@ match(const struct sk_buff *skbin, 
    64         const struct xt_layer7_info * info = matchinfo; 
     63@@ -438,7 +440,7 @@ 
     64  
    6565        enum ip_conntrack_info master_ctinfo, ctinfo; 
    6666        struct nf_conn *master_conntrack, *conntrack; 
     
    7070        regexp * comppattern; 
    7171  
    72 @@ -456,8 +458,8 @@ match(const struct sk_buff *skbin, 
     72@@ -466,8 +468,8 @@ 
    7373                master_conntrack = master_ct(master_conntrack); 
    7474  
     
    8181                pattern_result = match_no_append(conntrack, master_conntrack,  
    8282                                                 ctinfo, master_ctinfo, info); 
    83 @@ -490,6 +492,25 @@ match(const struct sk_buff *skbin, 
     83@@ -500,6 +502,25 @@ 
    8484        /* the return value gets checked later, when we're ready to use it */ 
    8585        comppattern = compile_and_cache(info->pattern, info->protocol); 
  • trunk/target/linux/generic-2.6/patches-2.6.28/101-netfilter_layer7_pktmatch.patch

    r13449 r15502  
    11--- a/include/linux/netfilter/xt_layer7.h 
    22+++ b/include/linux/netfilter/xt_layer7.h 
    3 @@ -8,6 +8,7 @@ struct xt_layer7_info { 
     3@@ -8,6 +8,7 @@ 
    44     char protocol[MAX_PROTOCOL_LEN]; 
    55     char pattern[MAX_PATTERN_LEN]; 
     
    1111--- a/net/netfilter/xt_layer7.c 
    1212+++ b/net/netfilter/xt_layer7.c 
    13 @@ -314,33 +314,35 @@ static int match_no_append(struct nf_con 
     13@@ -314,33 +314,35 @@ 
    1414 } 
    1515  
     
    6161        return length; 
    6262 } 
    63 @@ -428,7 +430,7 @@ match(const struct sk_buff *skbin, 
    64         const struct xt_layer7_info * info = matchinfo; 
     63@@ -438,7 +440,7 @@ 
     64  
    6565        enum ip_conntrack_info master_ctinfo, ctinfo; 
    6666        struct nf_conn *master_conntrack, *conntrack; 
     
    7070        regexp * comppattern; 
    7171  
    72 @@ -456,8 +458,8 @@ match(const struct sk_buff *skbin, 
     72@@ -466,8 +468,8 @@ 
    7373                master_conntrack = master_ct(master_conntrack); 
    7474  
     
    8181                pattern_result = match_no_append(conntrack, master_conntrack,  
    8282                                                 ctinfo, master_ctinfo, info); 
    83 @@ -490,6 +492,25 @@ match(const struct sk_buff *skbin, 
     83@@ -500,6 +502,25 @@ 
    8484        /* the return value gets checked later, when we're ready to use it */ 
    8585        comppattern = compile_and_cache(info->pattern, info->protocol); 
  • trunk/target/linux/generic-2.6/patches-2.6.29/101-netfilter_layer7_pktmatch.patch

    r15251 r15502  
    11--- a/include/linux/netfilter/xt_layer7.h 
    22+++ b/include/linux/netfilter/xt_layer7.h 
    3 @@ -8,6 +8,7 @@ struct xt_layer7_info { 
     3@@ -8,6 +8,7 @@ 
    44     char protocol[MAX_PROTOCOL_LEN]; 
    55     char pattern[MAX_PATTERN_LEN]; 
     
    1111--- a/net/netfilter/xt_layer7.c 
    1212+++ b/net/netfilter/xt_layer7.c 
    13 @@ -314,33 +314,35 @@ static int match_no_append(struct nf_con 
     13@@ -314,33 +314,35 @@ 
    1414 } 
    1515  
     
    6161        return length; 
    6262 } 
    63 @@ -428,7 +430,7 @@ match(const struct sk_buff *skbin, 
    64         const struct xt_layer7_info * info = matchinfo; 
     63@@ -438,7 +440,7 @@ 
     64  
    6565        enum ip_conntrack_info master_ctinfo, ctinfo; 
    6666        struct nf_conn *master_conntrack, *conntrack; 
     
    7070        regexp * comppattern; 
    7171  
    72 @@ -456,8 +458,8 @@ match(const struct sk_buff *skbin, 
     72@@ -466,8 +468,8 @@ 
    7373                master_conntrack = master_ct(master_conntrack); 
    7474  
     
    8181                pattern_result = match_no_append(conntrack, master_conntrack,  
    8282                                                 ctinfo, master_ctinfo, info); 
    83 @@ -490,6 +492,25 @@ match(const struct sk_buff *skbin, 
     83@@ -500,6 +502,25 @@ 
    8484        /* the return value gets checked later, when we're ready to use it */ 
    8585        comppattern = compile_and_cache(info->pattern, info->protocol); 
Note: See TracChangeset for help on using the changeset viewer.