Changeset 15517


Ignore:
Timestamp:
2009-04-30T17:29:07+02:00 (9 years ago)
Author:
jow
Message:

[kernel] refreshed layer7 patches for 2.6.21.7, 2.6.23.17 and 2.6.25.20

Location:
trunk/target/linux/generic-2.6
Files:
3 added
2 edited

Legend:

Unmodified
Added
Removed
  • trunk/target/linux/generic-2.6/patches-2.6.21/101-netfilter_layer7_pktmatch.patch

    r14453 r15517  
    11--- a/include/linux/netfilter/xt_layer7.h 
    22+++ b/include/linux/netfilter/xt_layer7.h 
    3 @@ -8,6 +8,7 @@ struct xt_layer7_info { 
     3@@ -8,6 +8,7 @@ 
    44     char protocol[MAX_PROTOCOL_LEN]; 
     5     char invert:1; 
    56     char pattern[MAX_PATTERN_LEN]; 
    6      u_int8_t invert; 
    77+    u_int8_t pkt; 
    88 }; 
     
    1111--- a/net/netfilter/xt_layer7.c 
    1212+++ b/net/netfilter/xt_layer7.c 
    13 @@ -297,34 +297,36 @@ static int match_no_append(struct nf_con 
     13@@ -296,34 +296,36 @@ 
    1414 } 
    1515  
     
    6262 } 
    6363  
    64 @@ -411,7 +413,7 @@ match(const struct sk_buff *skbin, 
    65         const struct xt_layer7_info * info = matchinfo; 
     64@@ -410,7 +412,7 @@ 
     65        struct xt_layer7_info * info = (struct xt_layer7_info *)matchinfo; 
    6666        enum ip_conntrack_info master_ctinfo, ctinfo; 
    6767        struct nf_conn *master_conntrack, *conntrack; 
     
    7171        regexp * comppattern; 
    7272  
    73 @@ -439,8 +441,8 @@ match(const struct sk_buff *skbin, 
     73@@ -438,8 +440,8 @@ 
    7474                master_conntrack = master_ct(master_conntrack); 
    7575  
     
    8282                pattern_result = match_no_append(conntrack, master_conntrack,  
    8383                                                 ctinfo, master_ctinfo, info); 
    84 @@ -473,6 +475,25 @@ match(const struct sk_buff *skbin, 
     84@@ -472,6 +474,25 @@ 
    8585        /* the return value gets checked later, when we're ready to use it */ 
    8686        comppattern = compile_and_cache(info->pattern, info->protocol); 
  • trunk/target/linux/generic-2.6/patches-2.6.25/101-netfilter_layer7_pktmatch.patch

    r13137 r15517  
    11--- a/include/linux/netfilter/xt_layer7.h 
    22+++ b/include/linux/netfilter/xt_layer7.h 
    3 @@ -8,6 +8,7 @@ struct xt_layer7_info { 
     3@@ -8,6 +8,7 @@ 
    44     char protocol[MAX_PROTOCOL_LEN]; 
    55     char pattern[MAX_PATTERN_LEN]; 
     
    1111--- a/net/netfilter/xt_layer7.c 
    1212+++ b/net/netfilter/xt_layer7.c 
    13 @@ -297,34 +297,36 @@ static int match_no_append(struct nf_con 
     13@@ -314,34 +314,36 @@ 
    1414 } 
    1515  
     
    6262 } 
    6363  
    64 @@ -411,7 +413,7 @@ match(const struct sk_buff *skbin, 
    65         const struct xt_layer7_info * info = matchinfo; 
     64@@ -438,7 +440,7 @@ 
     65  
    6666        enum ip_conntrack_info master_ctinfo, ctinfo; 
    6767        struct nf_conn *master_conntrack, *conntrack; 
     
    7171        regexp * comppattern; 
    7272  
    73 @@ -439,8 +441,8 @@ match(const struct sk_buff *skbin, 
     73@@ -466,9 +468,8 @@ 
    7474                master_conntrack = master_ct(master_conntrack); 
    7575  
    7676        /* if we've classified it or seen too many packets */ 
    77 -       if(TOTAL_PACKETS > num_packets || 
     77-       if(total_acct_packets(master_conntrack) > num_packets || 
    7878-          master_conntrack->layer7.app_proto) { 
    79 +       if(!info->pkt && (TOTAL_PACKETS > num_packets || 
     79- 
     80+       if(!info->pkt && (total_acct_packets(master_conntrack) > num_packets || 
    8081+          master_conntrack->layer7.app_proto)) { 
    81   
    8282                pattern_result = match_no_append(conntrack, master_conntrack,  
    8383                                                 ctinfo, master_ctinfo, info); 
    84 @@ -473,6 +475,25 @@ match(const struct sk_buff *skbin, 
     84  
     85@@ -500,6 +501,25 @@ 
    8586        /* the return value gets checked later, when we're ready to use it */ 
    8687        comppattern = compile_and_cache(info->pattern, info->protocol); 
     
    106107+ 
    107108        /* On the first packet of a connection, allocate space for app data */ 
    108         if(TOTAL_PACKETS == 1 && !skb->cb[0] &&  
     109        if(total_acct_packets(master_conntrack) == 1 && !skb->cb[0] &&  
    109110           !master_conntrack->layer7.app_data){ 
Note: See TracChangeset for help on using the changeset viewer.