diff options
Diffstat (limited to 'obsolete-buildroot/sources/openwrt')
167 files changed, 0 insertions, 33497 deletions
diff --git a/obsolete-buildroot/sources/openwrt/busybox/busybox.config b/obsolete-buildroot/sources/openwrt/busybox/busybox.config deleted file mode 100644 index 1b78d20..0000000 --- a/obsolete-buildroot/sources/openwrt/busybox/busybox.config +++ /dev/null @@ -1,467 +0,0 @@ -# -# Automatically generated make config: don't edit -# -HAVE_DOT_CONFIG=y - -# -# General Configuration -# -# CONFIG_FEATURE_BUFFERS_USE_MALLOC is not set -CONFIG_FEATURE_BUFFERS_GO_ON_STACK=y -# CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set -CONFIG_FEATURE_VERBOSE_USAGE=y -# CONFIG_FEATURE_INSTALLER is not set -# CONFIG_LOCALE_SUPPORT is not set -CONFIG_FEATURE_DEVFS=y -CONFIG_FEATURE_DEVPTS=y -# CONFIG_FEATURE_CLEAN_UP is not set -CONFIG_FEATURE_SUID=y -# CONFIG_FEATURE_SUID_CONFIG is not set -# CONFIG_SELINUX is not set - -# -# Build Options -# -# CONFIG_STATIC is not set -CONFIG_LFS=y -USING_CROSS_COMPILER=y -CROSS_COMPILER_PREFIX="mipsel-uclibc-" -EXTRA_CFLAGS_OPTIONS="-Os " - -# -# Installation Options -# -# CONFIG_INSTALL_NO_USR is not set -PREFIX="./_install" - -# -# Archival Utilities -# -# CONFIG_AR is not set -CONFIG_BUNZIP2=y -# CONFIG_CPIO is not set -# CONFIG_DPKG is not set -# CONFIG_DPKG_DEB is not set -CONFIG_GUNZIP=y -CONFIG_FEATURE_GUNZIP_UNCOMPRESS=y -CONFIG_GZIP=y -# CONFIG_RPM2CPIO is not set -# CONFIG_RPM is not set -CONFIG_TAR=y -CONFIG_FEATURE_TAR_CREATE=y -CONFIG_FEATURE_TAR_BZIP2=y -# CONFIG_FEATURE_TAR_FROM is not set -CONFIG_FEATURE_TAR_GZIP=y -# CONFIG_FEATURE_TAR_COMPRESS is not set -# CONFIG_FEATURE_TAR_OLDGNU_COMPATABILITY is not set -CONFIG_FEATURE_TAR_GNU_EXTENSIONS=y -# CONFIG_FEATURE_TAR_LONG_OPTIONS is not set -# CONFIG_UNCOMPRESS is not set -# CONFIG_UNZIP is not set - -# -# Common options for cpio and tar -# -# CONFIG_FEATURE_UNARCHIVE_TAPE is not set - -# -# Coreutils -# -CONFIG_BASENAME=y -# CONFIG_CAL is not set -CONFIG_CAT=y -CONFIG_CHGRP=y -CONFIG_CHMOD=y -CONFIG_CHOWN=y -CONFIG_CHROOT=y -# CONFIG_CMP is not set -CONFIG_CP=y -CONFIG_CUT=y -CONFIG_DATE=y -CONFIG_FEATURE_DATE_ISOFMT=y -CONFIG_DD=y -CONFIG_DF=y -# CONFIG_DIRNAME is not set -# CONFIG_DOS2UNIX is not set -# CONFIG_DU is not set -CONFIG_ECHO=y -CONFIG_FEATURE_FANCY_ECHO=y -CONFIG_ENV=y -CONFIG_EXPR=y -CONFIG_FALSE=y -# CONFIG_FOLD is not set -CONFIG_HEAD=y -# CONFIG_FEATURE_FANCY_HEAD is not set -CONFIG_HOSTID=y -# CONFIG_ID is not set -CONFIG_INSTALL=y -CONFIG_LENGTH=y -CONFIG_LN=y -# CONFIG_LOGNAME is not set -CONFIG_LS=y -CONFIG_FEATURE_LS_FILETYPES=y -CONFIG_FEATURE_LS_FOLLOWLINKS=y -CONFIG_FEATURE_LS_RECURSIVE=y -CONFIG_FEATURE_LS_SORTFILES=y -CONFIG_FEATURE_LS_TIMESTAMPS=y -CONFIG_FEATURE_LS_USERNAME=y -CONFIG_FEATURE_LS_COLOR=y -CONFIG_MD5SUM=y -CONFIG_MKDIR=y -CONFIG_MKFIFO=y -# CONFIG_MKNOD is not set -CONFIG_MV=y -# CONFIG_OD is not set -# CONFIG_PRINTF is not set -CONFIG_PWD=y -# CONFIG_REALPATH is not set -CONFIG_RM=y -CONFIG_RMDIR=y -# CONFIG_SEQ is not set -# CONFIG_SHA1SUM is not set -CONFIG_SLEEP=y -CONFIG_FEATURE_FANCY_SLEEP=y -CONFIG_SORT=y -# CONFIG_STTY is not set -CONFIG_SYNC=y -CONFIG_TAIL=y -CONFIG_FEATURE_FANCY_TAIL=y -CONFIG_TEE=y -CONFIG_FEATURE_TEE_USE_BLOCK_IO=y -CONFIG_TEST=y - -# -# test (forced enabled for use with shell) -# -# CONFIG_FEATURE_TEST_64 is not set -CONFIG_TOUCH=y -# CONFIG_TR is not set -CONFIG_TRUE=y -# CONFIG_TTY is not set -CONFIG_UNAME=y -CONFIG_UNIQ=y -# CONFIG_USLEEP is not set -# CONFIG_UUDECODE is not set -# CONFIG_UUENCODE is not set -# CONFIG_WATCH is not set -CONFIG_WC=y -# CONFIG_WHO is not set -# CONFIG_WHOAMI is not set -CONFIG_YES=y - -# -# Common options for cp and mv -# -CONFIG_FEATURE_PRESERVE_HARDLINKS=y - -# -# Common options for ls and more -# -CONFIG_FEATURE_AUTOWIDTH=y - -# -# Common options for df, du, ls -# -CONFIG_FEATURE_HUMAN_READABLE=y - -# -# Common options for md5sum, sha1sum -# -CONFIG_FEATURE_MD5_SHA1_SUM_CHECK=y - -# -# Console Utilities -# -# CONFIG_CHVT is not set -CONFIG_CLEAR=y -# CONFIG_DEALLOCVT is not set -# CONFIG_DUMPKMAP is not set -# CONFIG_LOADFONT is not set -# CONFIG_LOADKMAP is not set -# CONFIG_OPENVT is not set -CONFIG_RESET=y -# CONFIG_SETKEYCODES is not set - -# -# Debian Utilities -# -CONFIG_MKTEMP=y -# CONFIG_PIPE_PROGRESS is not set -# CONFIG_READLINK is not set -CONFIG_RUN_PARTS=y -# CONFIG_START_STOP_DAEMON is not set -CONFIG_WHICH=y - -# -# Editors -# -CONFIG_AWK=y -CONFIG_FEATURE_AWK_MATH=y -# CONFIG_PATCH is not set -CONFIG_SED=y -CONFIG_VI=y -CONFIG_FEATURE_VI_COLON=y -CONFIG_FEATURE_VI_YANKMARK=y -CONFIG_FEATURE_VI_SEARCH=y -CONFIG_FEATURE_VI_USE_SIGNALS=y -CONFIG_FEATURE_VI_DOT_CMD=y -CONFIG_FEATURE_VI_READONLY=y -CONFIG_FEATURE_VI_SETOPTS=y -CONFIG_FEATURE_VI_SET=y -CONFIG_FEATURE_VI_WIN_RESIZE=y -CONFIG_FEATURE_VI_OPTIMIZE_CURSOR=y - -# -# Finding Utilities -# -CONFIG_FIND=y -# CONFIG_FEATURE_FIND_MTIME is not set -CONFIG_FEATURE_FIND_PERM=y -CONFIG_FEATURE_FIND_TYPE=y -CONFIG_FEATURE_FIND_XDEV=y -# CONFIG_FEATURE_FIND_NEWER is not set -# CONFIG_FEATURE_FIND_INUM is not set -CONFIG_GREP=y -CONFIG_FEATURE_GREP_EGREP_ALIAS=y -CONFIG_FEATURE_GREP_FGREP_ALIAS=y -CONFIG_FEATURE_GREP_CONTEXT=y -CONFIG_XARGS=y -CONFIG_FEATURE_XARGS_SUPPORT_CONFIRMATION=y -CONFIG_FEATURE_XARGS_SUPPORT_QUOTES=y -CONFIG_FEATURE_XARGS_SUPPORT_TERMOPT=y -CONFIG_FEATURE_XARGS_SUPPORT_ZERO_TERM=y - -# -# Init Utilities -# -CONFIG_INIT=y -CONFIG_FEATURE_USE_INITTAB=y -# CONFIG_FEATURE_INITRD is not set -# CONFIG_FEATURE_INIT_COREDUMPS is not set -# CONFIG_FEATURE_EXTRA_QUIET is not set -# CONFIG_HALT is not set -# CONFIG_POWEROFF is not set -CONFIG_REBOOT=y -CONFIG_MESG=y - -# -# Login/Password Management Utilities -# -# CONFIG_USE_BB_PWD_GRP is not set -# CONFIG_ADDGROUP is not set -# CONFIG_DELGROUP is not set -# CONFIG_ADDUSER is not set -# CONFIG_DELUSER is not set -# CONFIG_GETTY is not set -# CONFIG_FEATURE_U_W_TMP is not set -# CONFIG_LOGIN is not set -# CONFIG_FEATURE_SECURETTY is not set -CONFIG_PASSWD=y -# CONFIG_SU is not set -# CONFIG_SULOGIN is not set -# CONFIG_VLOCK is not set - -# -# Common options for adduser, deluser, login, su -# -# CONFIG_FEATURE_SHADOWPASSWDS is not set - -# -# Miscellaneous Utilities -# -# CONFIG_ADJTIMEX is not set -CONFIG_CROND=y -# CONFIG_FEATURE_CROND_CALL_SENDMAIL is not set -CONFIG_CRONTAB=y -# CONFIG_DC is not set -# CONFIG_DEVFSD is not set -# CONFIG_LAST is not set -# CONFIG_HDPARM is not set -# CONFIG_MAKEDEVS is not set -# CONFIG_MT is not set -# CONFIG_RX is not set -CONFIG_STRINGS=y -CONFIG_TIME=y -# CONFIG_WATCHDOG is not set - -# -# Linux Module Utilities -# -CONFIG_INSMOD=y -CONFIG_FEATURE_2_4_MODULES=y -# CONFIG_FEATURE_2_6_MODULES is not set -# CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set -# CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set -# CONFIG_FEATURE_INSMOD_LOADINKMEM is not set -# CONFIG_FEATURE_INSMOD_LOAD_MAP is not set -CONFIG_LSMOD=y -CONFIG_FEATURE_QUERY_MODULE_INTERFACE=y -# CONFIG_MODPROBE is not set -CONFIG_RMMOD=y -# CONFIG_FEATURE_CHECK_TAINTED_MODULE is not set - -# -# Networking Utilities -# -CONFIG_FEATURE_IPV6=y -CONFIG_ARPING=y -# CONFIG_FTPGET is not set -# CONFIG_FTPPUT is not set -# CONFIG_HOSTNAME is not set -CONFIG_HTTPD=y -# CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY is not set -CONFIG_FEATURE_HTTPD_BASIC_AUTH=y -CONFIG_FEATURE_HTTPD_AUTH_MD5=y -CONFIG_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP=y -# CONFIG_FEATURE_HTTPD_SETUID is not set -CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES=y -CONFIG_FEATURE_HTTPD_CGI=y -CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV=y -CONFIG_FEATURE_HTTPD_ENCODE_URL_STR=y -CONFIG_IFCONFIG=y -CONFIG_FEATURE_IFCONFIG_STATUS=y -# CONFIG_FEATURE_IFCONFIG_SLIP is not set -# CONFIG_FEATURE_IFCONFIG_MEMSTART_IOADDR_IRQ is not set -CONFIG_FEATURE_IFCONFIG_HW=y -CONFIG_FEATURE_IFCONFIG_BROADCAST_PLUS=y -# CONFIG_IFUPDOWN is not set -# CONFIG_INETD is not set -# CONFIG_IP is not set -CONFIG_IPCALC=y -CONFIG_FEATURE_IPCALC_FANCY=y -# CONFIG_IPADDR is not set -# CONFIG_IPLINK is not set -# CONFIG_IPROUTE is not set -# CONFIG_IPTUNNEL is not set -# CONFIG_NAMEIF is not set -CONFIG_NC=y -CONFIG_NETSTAT=y -CONFIG_NSLOOKUP=y -CONFIG_PING=y -CONFIG_FEATURE_FANCY_PING=y -CONFIG_PING6=y -CONFIG_FEATURE_FANCY_PING6=y -CONFIG_ROUTE=y -# CONFIG_TELNET is not set -CONFIG_TELNETD=y -# CONFIG_FEATURE_TELNETD_INETD is not set -# CONFIG_TFTP is not set -CONFIG_TRACEROUTE=y -CONFIG_FEATURE_TRACEROUTE_VERBOSE=y -CONFIG_VCONFIG=y -CONFIG_WGET=y -CONFIG_FEATURE_WGET_STATUSBAR=y -CONFIG_FEATURE_WGET_AUTHENTICATION=y -CONFIG_FEATURE_WGET_IP6_LITERAL=y - -# -# udhcp Server/Client -# -# CONFIG_UDHCPD is not set -CONFIG_UDHCPC=y -# CONFIG_FEATURE_UDHCP_SYSLOG is not set -# CONFIG_FEATURE_UDHCP_DEBUG is not set - -# -# Process Utilities -# -CONFIG_FREE=y -CONFIG_KILL=y -CONFIG_KILLALL=y -CONFIG_KILLALL5=y -CONFIG_PIDOF=y -CONFIG_PS=y -# CONFIG_RENICE is not set -CONFIG_TOP=y -FEATURE_CPU_USAGE_PERCENTAGE=y -CONFIG_UPTIME=y -CONFIG_SYSCTL=y - -# -# Another Bourne-like Shell -# -CONFIG_FEATURE_SH_IS_ASH=y -# CONFIG_FEATURE_SH_IS_HUSH is not set -# CONFIG_FEATURE_SH_IS_LASH is not set -# CONFIG_FEATURE_SH_IS_MSH is not set -# CONFIG_FEATURE_SH_IS_NONE is not set -CONFIG_ASH=y - -# -# Ash Shell Options -# -CONFIG_ASH_JOB_CONTROL=y -CONFIG_ASH_ALIAS=y -CONFIG_ASH_MATH_SUPPORT=y -# CONFIG_ASH_MATH_SUPPORT_64 is not set -CONFIG_ASH_GETOPTS=y -CONFIG_ASH_CMDCMD=y -# CONFIG_ASH_MAIL is not set -CONFIG_ASH_OPTIMIZE_FOR_SIZE=y -# CONFIG_ASH_RANDOM_SUPPORT is not set -# CONFIG_HUSH is not set -# CONFIG_LASH is not set -# CONFIG_MSH is not set - -# -# Bourne Shell Options -# -# CONFIG_FEATURE_SH_EXTRA_QUIET is not set -# CONFIG_FEATURE_SH_STANDALONE_SHELL is not set -CONFIG_FEATURE_COMMAND_EDITING=y -CONFIG_FEATURE_COMMAND_HISTORY=15 -# CONFIG_FEATURE_COMMAND_SAVEHISTORY is not set -CONFIG_FEATURE_COMMAND_TAB_COMPLETION=y -# CONFIG_FEATURE_COMMAND_USERNAME_COMPLETION is not set -CONFIG_FEATURE_SH_FANCY_PROMPT=y - -# -# System Logging Utilities -# -CONFIG_SYSLOGD=y -CONFIG_FEATURE_ROTATE_LOGFILE=y -CONFIG_FEATURE_REMOTE_LOG=y -CONFIG_FEATURE_IPC_SYSLOG=y -CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE=16 -CONFIG_LOGREAD=y -# CONFIG_FEATURE_LOGREAD_REDUCED_LOCKING is not set -CONFIG_KLOGD=y -CONFIG_LOGGER=y - -# -# Linux System Utilities -# -CONFIG_DMESG=y -# CONFIG_FBSET is not set -# CONFIG_FDFLUSH is not set -# CONFIG_FDFORMAT is not set -# CONFIG_FDISK is not set -FDISK_SUPPORT_LARGE_DISKS=y -# CONFIG_FREERAMDISK is not set -# CONFIG_FSCK_MINIX is not set -# CONFIG_MKFS_MINIX is not set -# CONFIG_GETOPT is not set -CONFIG_HEXDUMP=y -# CONFIG_HWCLOCK is not set -# CONFIG_LOSETUP is not set -# CONFIG_MKSWAP is not set -CONFIG_MORE=y -CONFIG_FEATURE_USE_TERMIOS=y -CONFIG_PIVOT_ROOT=y -CONFIG_RDATE=y -# CONFIG_SWAPONOFF is not set -CONFIG_MOUNT=y -CONFIG_NFSMOUNT=y -CONFIG_UMOUNT=y -CONFIG_FEATURE_MOUNT_FORCE=y - -# -# Common options for mount/umount -# -CONFIG_FEATURE_MOUNT_LOOP=y -# CONFIG_FEATURE_MTAB_SUPPORT is not set - -# -# Debugging Options -# -# CONFIG_DEBUG is not set diff --git a/obsolete-buildroot/sources/openwrt/busybox/patches/100-killall5.patch b/obsolete-buildroot/sources/openwrt/busybox/patches/100-killall5.patch deleted file mode 100644 index 161b7e6..0000000 --- a/obsolete-buildroot/sources/openwrt/busybox/patches/100-killall5.patch +++ /dev/null @@ -1,87 +0,0 @@ -diff -urN busybox-dist/include/applets.h busybox/include/applets.h ---- busybox-dist/include/applets.h 2004-03-13 02:33:09.000000000 -0600 -+++ busybox/include/applets.h 2004-03-16 09:45:29.000000000 -0600 -@@ -313,6 +313,9 @@ - #ifdef CONFIG_KILLALL - APPLET(killall, kill_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER) - #endif -+#ifdef CONFIG_KILLALL5 -+ APPLET(killall5, kill_main, _BB_DIR_USR_BIN, _BB_SUID_NEVER) -+#endif - #ifdef CONFIG_KLOGD - APPLET(klogd, klogd_main, _BB_DIR_SBIN, _BB_SUID_NEVER) - #endif -diff -urN busybox-dist/include/usage.h busybox/include/usage.h ---- busybox-dist/include/usage.h 2004-03-13 02:33:09.000000000 -0600 -+++ busybox/include/usage.h 2004-03-16 09:45:29.000000000 -0600 -@@ -1389,6 +1389,13 @@ - #define killall_example_usage \ - "$ killall apache\n" - -+#define killall5_trivial_usage \ -+ "" -+#define killall5_full_usage \ -+ "" -+#define killall5_example_usage \ -+ "" -+ - #define klogd_trivial_usage \ - "[-c n] [-n]" - #define klogd_full_usage \ -diff -urN busybox-dist/procps/Config.in busybox/procps/Config.in ---- busybox-dist/procps/Config.in 2003-12-24 00:02:11.000000000 -0600 -+++ busybox/procps/Config.in 2004-03-16 09:45:29.000000000 -0600 -@@ -30,6 +30,11 @@ - specified commands. If no signal name is specified, SIGTERM is - sent. - -+config CONFIG_KILLALL5 -+ bool "killall5" -+ default n -+ depends on CONFIG_KILL -+ - config CONFIG_PIDOF - bool "pidof" - default n -diff -urN busybox-dist/procps/kill.c busybox/procps/kill.c ---- busybox-dist/procps/kill.c 2004-03-15 02:29:03.000000000 -0600 -+++ busybox/procps/kill.c 2004-03-16 09:45:29.000000000 -0600 -@@ -34,6 +34,7 @@ - - #define KILL 0 - #define KILLALL 1 -+#define KILLALL5 2 - - extern int kill_main(int argc, char **argv) - { -@@ -47,6 +48,9 @@ - #else - whichApp = KILL; - #endif -+#ifdef CONFIG_KILLALL5 -+ whichApp = (strcmp(bb_applet_name, "killall5") == 0)? KILLALL5 : whichApp; -+#endif - - /* Parse any options */ - if (argc < 2) -@@ -119,6 +123,20 @@ - } - - } -+#ifdef CONFIG_KILLALL5 -+ else if (whichApp == KILLALL5) { -+ procps_status_t * p; -+ pid_t myPid=getpid(); -+ while ((p = procps_scan(0)) != 0) { -+ if (p->pid != 1 && p->pid != myPid && p->pid != p->ppid) { -+ if (kill(p->pid, signo) != 0) { -+ bb_perror_msg( "Could not kill pid '%d'", p->pid); -+ errors++; -+ } -+ } -+ } -+ } -+#endif - #ifdef CONFIG_KILLALL - else { - pid_t myPid=getpid(); diff --git a/obsolete-buildroot/sources/openwrt/busybox/patches/110-telnetd.patch b/obsolete-buildroot/sources/openwrt/busybox/patches/110-telnetd.patch deleted file mode 100644 index e95757e..0000000 --- a/obsolete-buildroot/sources/openwrt/busybox/patches/110-telnetd.patch +++ /dev/null @@ -1,53 +0,0 @@ -diff -urN busybox-1.00-pre8/networking/telnetd.c busybox-1.00-pre8-openwrt/networking/telnetd.c ---- busybox-1.00-pre8/networking/telnetd.c 2004-02-22 03:45:57.000000000 -0600 -+++ busybox-1.00-pre8-openwrt/networking/telnetd.c 2004-03-05 01:32:57.000000000 -0600 -@@ -44,6 +44,8 @@ - #include <arpa/telnet.h> - #include <ctype.h> - #include <sys/syslog.h> -+#include <net/if.h> -+ - - #include "busybox.h" - -@@ -384,11 +386,13 @@ - int portnbr = 23; - #endif /* CONFIG_FEATURE_TELNETD_INETD */ - int c; -+ char *interface_name = NULL; -+ struct ifreq interface; - static const char options[] = - #ifdef CONFIG_FEATURE_TELNETD_INETD -- "f:l:"; --#else /* CONFIG_EATURE_TELNETD_INETD */ -- "f:l:p:"; -+ "i:f:l:"; -+#else /* CONFIG_FEATURE_TELNETD_INETD */ -+ "i:f:l:p:"; - #endif /* CONFIG_FEATURE_TELNETD_INETD */ - int maxlen, w, r; - -@@ -403,6 +407,9 @@ - case 'f': - issuefile = strdup (optarg); - break; -+ case 'i': -+ interface_name = strdup(optarg); -+ break; - case 'l': - loginpath = strdup (optarg); - break; -@@ -442,6 +449,13 @@ - sa.sin_family = AF_INET; - sa.sin_port = htons(portnbr); - -+ /* Set it to listen on the specified interface */ -+ if (interface_name) { -+ strncpy(interface.ifr_ifrn.ifrn_name, interface_name, IFNAMSIZ); -+ (void)setsockopt(master_fd, SOL_SOCKET, -+ SO_BINDTODEVICE, &interface, sizeof(interface)); -+ } -+ - if (bind(master_fd, (struct sockaddr *) &sa, sizeof(sa)) < 0) { - bb_perror_msg_and_die("bind"); - } diff --git a/obsolete-buildroot/sources/openwrt/busybox/patches/120-no_login_for_telnetd.patch b/obsolete-buildroot/sources/openwrt/busybox/patches/120-no_login_for_telnetd.patch deleted file mode 100644 index 3c31f1a..0000000 --- a/obsolete-buildroot/sources/openwrt/busybox/patches/120-no_login_for_telnetd.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ur busybox.orig/networking/Config.in busybox/networking/Config.in ---- busybox.orig/networking/Config.in 2004-09-23 22:08:46.000000000 +0200 -+++ busybox/networking/Config.in 2004-10-31 20:09:54.622922408 +0100 -@@ -492,7 +492,7 @@ - config CONFIG_TELNETD - bool "telnetd" - default n -- select CONFIG_LOGIN -+ #select CONFIG_LOGIN - help - A daemon for the TELNET protocol, allowing you to log onto the host - running the daemon. Please keep in mind that the TELNET protocol diff --git a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/conffiles deleted file mode 100644 index 0848516..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/chilli.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/control deleted file mode 100644 index bfd434f..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: chillispot -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a wireless access point controller -Depends: kmod-tun diff --git a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/root/etc/init.d/chilli b/obsolete-buildroot/sources/openwrt/ipkg/chillispot/root/etc/init.d/chilli deleted file mode 100644 index 785784c..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/chillispot/root/etc/init.d/chilli +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -case $1 in - start) - insmod tun >/dev/null 2>&1 - [ -d /var/run ] || mkdir -p /var/run - /usr/sbin/chilli - ;; - stop) - [ -f /var/run/chilli.pid ] && kill $(cat /var/run/chilli.pid) >/dev/null 2>&1 - ;; - *) - echo "usage: $0 (start|stop)" - exit 1 -esac - -exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/conffiles deleted file mode 100644 index 70be85a..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/dhcp-fwd.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/control deleted file mode 100644 index 0de5353..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: dhcp-fwd -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a DHCP relay agent diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/dhcp-fwd.conf b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/dhcp-fwd.conf deleted file mode 100644 index 15514e3..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/dhcp-fwd.conf +++ /dev/null @@ -1,114 +0,0 @@ -## $Id$ - -## This file contains a sample configuration for the network shown -## below: -## -## -------------- ---------- ------------- -## | DHCP Server | | | | | -## | 192.168.8.66 |------<eth1>| dhcp-fwd |<eth2>------| Clients | -## | | | | | | -## -------------- ---------- ------------- -## -## By default, the dhcp-fwd agent looks at /etc/dhcp-fwd.conf -## for this file. By using the '-c' option when calling dhcp-fwd, this -## path can be changed. - - -######### ENVIRONMENT SETTINGS ######### -#### -### -## The server will drop its privileges and goes into a chroot-jail -## after doing its initialization. The following parameters are -## defining the needed parameters: - -## User and group names/ids. It can be a numeric id or a resolvable -## alphanumeric-name. -## -## WARNING: when compiled with dietlibc the user-/group-names must be -## resolvable by files-NSS. LDAP or NIS NSS will not work so -## the numeric ids must be used -user daemon -group daemon - -## chroot() path -chroot /var/run/dhcp-fwd - -## Logfile and loglevel. The logfile-location is relatively to the -## directory where dhcp-fwd was started and not to the chroot-directory. -## -## The loglevel option is not supported yet. -logfile /var/log/dhcp-fwd.log -loglevel 1 - -## SysV pidfile; contains the PID of the daemon-process and will be -## written with root-privileges -pidfile /var/run/dhcp-fwd.pid - - -## Set limit for resources. When using much interfaces or servers -## below you will need to increase some values. Same holds when not -## using dietlibc. Use '-1' as the value to disable the upper limit -## for the given resource. -## -## Look into /proc/<pid>/status to find out the real usage of the -## resources. -ulimit core 0 -ulimit stack 64K -ulimit data 32K -ulimit rss 200K -ulimit nproc 0 -ulimit nofile 0 -ulimit as 0 - - -######### INTERFACE SETTINGS ######### -#### -### -## The interface where the forwarder listens for messages. There must -## be specified BOTH the server-side and client-side interfaces! -## -## Each interface will be identified by its system-wide name -## (e.g. eth0). After this it must be told whether there are -## clients and servers, and if it is allowed to send broadcast -## messages to clients. The bcast flags will be IGNORED when -## forwarding messages to servers. - -# IFNAME clients servers bcast -if eth2 true false true -if eth1 false true true - - -## Each interface can be given an RFC 3046 agent ID. The 'name' config -## option sets this value; if an interface is not specified here, the -## IFNAME will be assumed. - -# IFNAME agent-id -name eth2 ws-c - - -## Each interface can be given an specific IP to be filled into the -## 'giaddr' field. -## -## BEWARE: because the outgoing DHCP message will contain the "normal" IP -## address of the outgoing-interface in its IP-header, some additional -## work in the system must be done. You can e.g. add an iptables rule to -## the 'nat' table similarly to this: -## -## | Chain POSTROUTING (policy ACCEPT) -## | target prot opt source destination -## | SNAT udp -- 192.168.0.6 192.168.8.66 udp spt:68 dpt:67 to:192.168.2.255 - -# ip eth0 192.168.2.255 - - -######### SERVER SETTINGS ######### -#### -### -## Definitions of the servers. There must be told the type ('ip' or -## 'bcast') and the address. When using 'ip', the address is a non-bcast -## IPv4 address (dotted, DNS-names are NOT supported); and when using -## 'bcast' servers, the address is an IFNAME. - -# TYPE address -server ip 192.168.8.66 -#server bcast eth1 diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/init.d/dhcp-fwd b/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/init.d/dhcp-fwd deleted file mode 100644 index 597e1fc..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dhcp-fwd/root/etc/init.d/dhcp-fwd +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/sh - -case $1 in - start) - [ -d /var/log ] || mkdir -p /var/log - [ -d /var/run/dhcp-wfd ] || mkdir -p /var/run/dhcp-fwd - dhcp-fwd - ;; - stop) - [ -f /var/run/dhcpd-fwd.pid ] && kill $(cat /var/run/dhcpd-fwd.pid) 2>/dev/null - ;; - *) - echo "usage: $0 (start|stop)" - exit 1 -esac - -exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/conffiles deleted file mode 100644 index 917cdba..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/init.d/S51dropbear diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/control deleted file mode 100644 index 5af874e..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: dropbear -Version: 0.44-1 -Architecture: mipsel -Maintainer: Leigh Dyer <lsd@linuxgamers.net> -Source: http://matt.ucc.asn.au/dropbear/dropbear-0.44.tar.bz2 -Section: net -Priority: optional -Depends: -Description: Lightweight SSH client and server system diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/postinst b/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/postinst deleted file mode 100755 index bfe8b47..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/CONTROL/postinst +++ /dev/null @@ -1,29 +0,0 @@ -#!/bin/sh -echo -mkdir -p /etc/dropbear -[ ! -f /etc/dropbear/dropbear_dss_host_key ] && { -/tmp/dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key -} -rm /tmp/dropbearkey -[ ! -f /etc/passwd ] && { -cat > /etc/passwd << EOF -root::0:0:root:/tmp:/bin/ash -EOF -cat > /etc/shells << EOF -/bin/ash -EOF -cat > /etc/group << EOF -root:*:0: -EOF -passwd -} - -cat << EOF -========================================== -dropbear is now configured to run on boot. -========================================== -To start it now, run the following command: - -/usr/bin/dropbear - -EOF diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/S51dropbear b/obsolete-buildroot/sources/openwrt/ipkg/dropbear/S51dropbear deleted file mode 100755 index e9c237b..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/S51dropbear +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -/usr/bin/dropbear diff --git a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/dropbear.patch b/obsolete-buildroot/sources/openwrt/ipkg/dropbear/dropbear.patch deleted file mode 100644 index 6a45edd..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/dropbear/dropbear.patch +++ /dev/null @@ -1,21 +0,0 @@ -diff -bBurN dropbear-0.44/options.h dropbear-0.44-openwrt/options.h ---- dropbear-0.44/options.h 2005-01-03 10:24:03.000000000 +0100 -+++ dropbear-0.44-openwrt/options.h 2005-01-14 13:19:38.902029040 +0100 -@@ -139,7 +139,7 @@ - * will prevent Dropbear from blocking on the device. This could - * however significantly reduce the security of your ssh connections - * if the PRNG state becomes simpler. */ --#define DROPBEAR_RANDOM_DEV "/dev/random" -+#define DROPBEAR_RANDOM_DEV "/dev/urandom" - - /* prngd must be manually set up to produce output */ - /*#define DROPBEAR_PRNGD_SOCKET "/var/run/dropbear-rng"*/ -@@ -188,7 +188,7 @@ - #define DROPBEAR_VERSION "0.44" - #endif - --#define LOCAL_IDENT "SSH-2.0-dropbear_" DROPBEAR_VERSION -+#define LOCAL_IDENT "SSH-2.0-OpenSSH" - #define PROGNAME "dropbear" - - /* Spec recommends after one hour or 1 gigabyte of data. One hour diff --git a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/fprobe/CONTROL/conffiles deleted file mode 100644 index d498dc4..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/fprobe.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/fprobe/CONTROL/control deleted file mode 100644 index d17142d..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: fprobe -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a NetFlow probe -Depends: libpcap, libpthread diff --git a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/root/etc/fprobe.conf b/obsolete-buildroot/sources/openwrt/ipkg/fprobe/root/etc/fprobe.conf deleted file mode 100644 index 3abfba6..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/root/etc/fprobe.conf +++ /dev/null @@ -1,8 +0,0 @@ -# Interface to listen on -IFNAME=any - -# NetFlow collector (host:port) -REMOTE=192.168.1.100:2055 - -# Maximum log level (0=EMERG, 1=ALERT, 2=CRIT, 3=ERR, 4=WARNING, 5=NOTICE, 6=INFO, 7=DEBUG) -LOG_LEVEL=3 diff --git a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/root/etc/init.d/fprobe b/obsolete-buildroot/sources/openwrt/ipkg/fprobe/root/etc/init.d/fprobe deleted file mode 100644 index 2a61fce..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/fprobe/root/etc/init.d/fprobe +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh - -DEFAULT=/etc/fprobe.conf -OPTIONS="" -[ -f $DEFAULT ] && . $DEFAULT -[ -n "$IFNAME" ] && OPTIONS="$OPTIONS -i $IFNAME" -[ -n "$LOG_LEVEL" ] && OPTIONS="$OPTIONS -v $LOG_LEVEL" -[ -n "$REMOTE" ] && OPTIONS="$OPTIONS $REMOTE" - -case $1 in - start) - [ -d /var/run ] || mkdir -p /var/run - /usr/sbin/fprobe $OPTIONS - ;; - stop) - [ -f /var/run/fprobe.pid ] && kill $(cat /var/run/fprobe.pid) >/dev/null 2>&1 - ;; - *) - echo "usage: $0 (start|stop)" - exit 1 -esac - -exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ip6tables/ip6tables.control b/obsolete-buildroot/sources/openwrt/ipkg/ip6tables/ip6tables.control deleted file mode 100644 index adeb5b3..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ip6tables/ip6tables.control +++ /dev/null @@ -1,9 +0,0 @@ -Package: ip6tables -Architecture: mipsel -Version: 1.2.11-1 -Section: net -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: Embedded in the main OpenWrt buildroot -Depends: kmod-ipv6, kmod-ipt6 -Description: Linux kernel 2.4+ IPv6 packet filter administration tools diff --git a/obsolete-buildroot/sources/openwrt/ipkg/iproute/ip/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/iproute/ip/CONTROL/control deleted file mode 100644 index ed54f31..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/iproute/ip/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: ip -Architecture: mipsel -Version: 2.0 -Section: net -Priority: optional -Maintainer: Gerry Rozema <gerryr@rozeware.bc.ca> -Source: http://ftp.debian.org/debian/pool/main/i/iproute/iproute-20010824.orig.tar.gz -Depends: -Description: iproute2 stuff diff --git a/obsolete-buildroot/sources/openwrt/ipkg/iproute/tc/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/iproute/tc/CONTROL/control deleted file mode 100644 index b14e7c4..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/iproute/tc/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: tc -Architecture: mipsel -Version: 2.0 -Section: net -Priority: optional -Maintainer: Gerry Rozema <gerryr@rozeware.bc.ca> -Source: http://ftp.debian.org/debian/pool/main/i/iproute/iproute-20010824.orig.tar.gz -Depends: kmod-sched -Description: iproute2 stuff diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/CONTROL/control deleted file mode 100644 index 957732b..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: kmod-ipt6 -Architecture: mipsel -Version: 2.4.20-1 -Section: kernel -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: Embedded in the main OpenWrt buildroot -Depends: kmod-ipv6, ip6tables -Description: ip6tables kernel modules diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/CONTROL/rules deleted file mode 100755 index 82afed8..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/CONTROL/rules +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-ipt6 - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/net/ipv6/netfilter/*.o \ - - install -m0755 -d $(MY_INSTALL_DIR)/lib/modules/2.4.20/ipt6 - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/net/ipv6/netfilter/*.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ipt6/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/kmod-ipt6.control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/kmod-ipt6.control deleted file mode 100644 index 957732b..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipt6/kmod-ipt6.control +++ /dev/null @@ -1,9 +0,0 @@ -Package: kmod-ipt6 -Architecture: mipsel -Version: 2.4.20-1 -Section: kernel -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: Embedded in the main OpenWrt buildroot -Depends: kmod-ipv6, ip6tables -Description: ip6tables kernel modules diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/CONTROL/control deleted file mode 100644 index fdeb1c7..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: kmod-ipv6 -Architecture: mipsel -Version: 2.4.20-1 -Section: kernel -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: Embedded in the main OpenWrt buildroot -Depends: -Description: Kernel modules for the IPv6 protocol diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/CONTROL/rules deleted file mode 100755 index a1e8111..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/CONTROL/rules +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-ipv6 - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/net/ipv6/ipv6.o \ - - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/net/ipv6/ipv6.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/kmod-ipv6.control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/kmod-ipv6.control deleted file mode 100644 index fdeb1c7..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ipv6/kmod-ipv6.control +++ /dev/null @@ -1,9 +0,0 @@ -Package: kmod-ipv6 -Architecture: mipsel -Version: 2.4.20-1 -Section: kernel -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: Embedded in the main OpenWrt buildroot -Depends: -Description: Kernel modules for the IPv6 protocol diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/control deleted file mode 100644 index 87cf409..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: kmod-nfs -Priority: optional -Section: kernel -Version: 2.4.20-1 -Architecture: mipsel -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: NFS kernel modules diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/postinst b/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/postinst deleted file mode 100644 index 1371a39..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/postinst +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/sh -cat << EOF - - -Using the nfs modules: - insmod sunrpc - insmod lockd - insmod nfs - mount server:/mnt /mnt -o nolock - -If you do not specify nolock the mount process will hang -until rpciod is killed. (killall -9 rpciod) - -- press enter - -EOF -read diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/rules deleted file mode 100755 index 94129b7..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-nfs/CONTROL/rules +++ /dev/null @@ -1,39 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-nfs - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/fs/lockd/lockd.o \ - modules/2.4.20/kernel/fs/nfs/nfs.o \ - modules/2.4.20/kernel/net/sunrpc/sunrpc.o \ - - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/fs/lockd/*.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/fs/nfs/*.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/net/sunrpc/*.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-async/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-async/CONTROL/control deleted file mode 100644 index 108ae2b..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-async/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: kmod-ppp-async -Priority: optional -Section: kernel -Version: 2.4.20-1 -Architecture: mipsel -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: PPP async serial channel driver kernel module diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-async/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-async/CONTROL/rules deleted file mode 100755 index 7e137ed..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-async/CONTROL/rules +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-ppp-async - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/drivers/net/ppp_async.o \ - - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/drivers/net/ppp_async.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-mppe-mppc/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-mppe-mppc/CONTROL/control deleted file mode 100644 index fb668fd..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-mppe-mppc/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: kmod-ppp-mppe-mppc -Priority: optional -Section: kernel -Version: 2.4.20-1 -Architecture: mipsel -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: Microsoft PPP compression/encryption (MPPC/MPPE) kernel module diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-mppe-mppc/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-mppe-mppc/CONTROL/rules deleted file mode 100755 index df16839..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-ppp-mppe-mppc/CONTROL/rules +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-ppp-mppe-mppc - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/drivers/net/ppp_mppe_mppc.o \ - - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/drivers/net/ppp_mppe_mppc.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-sched/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-sched/CONTROL/control deleted file mode 100644 index f7669af..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-sched/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: kmod-sched -Priority: optional -Section: kernel -Version: 2.4.20-1 -Architecture: mipsel -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: Traffic Control (TC) kernel modules diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-sched/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-sched/CONTROL/rules deleted file mode 100755 index bf3e6b4..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-sched/CONTROL/rules +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-sched - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/net/sched/*.o \ - - install -m0755 -d $(MY_INSTALL_DIR)/lib/modules/2.4.20/sched - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/net/sched/*.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/sched/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-tun/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/kmod-tun/CONTROL/control deleted file mode 100644 index 3c9ab98..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-tun/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: kmod-tun -Priority: optional -Section: kernel -Version: 2.4.20-1 -Architecture: mipsel -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: Universal TUN/TAP device driver kernel module diff --git a/obsolete-buildroot/sources/openwrt/ipkg/kmod-tun/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/kmod-tun/CONTROL/rules deleted file mode 100755 index 58e95f7..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/kmod-tun/CONTROL/rules +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -PACKAGE := kmod-tun - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib/ - bzcat $(TOPDIR)/openwrt-kmodules.tar.bz2 | tar -C $(MY_INSTALL_DIR)/lib/ -xvf - \ - modules/2.4.20/kernel/drivers/net/tun.o \ - - mv -f \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel/drivers/net/tun.o \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/ - - rm -rf \ - $(MY_INSTALL_DIR)/lib/modules/2.4.20/kernel - - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/libmatrixssl/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/libmatrixssl/CONTROL/control deleted file mode 100644 index a417b42..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/libmatrixssl/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: libmatrixssl -Priority: optional -Section: libs -Version: TBDL -Architecture: TBDL -Maintainer: Nico -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: an embedded SSL implementation -Depends: libpthread diff --git a/obsolete-buildroot/sources/openwrt/ipkg/libpcap/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/libpcap/CONTROL/control deleted file mode 100644 index 3ea09b3..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/libpcap/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: libpcap -Priority: optional -Section: libs -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a low-level packet capture library diff --git a/obsolete-buildroot/sources/openwrt/ipkg/libpthread/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/libpthread/CONTROL/control deleted file mode 100644 index fa1bea0..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/libpthread/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: libpthread -Priority: optional -Section: libs -Version: 0.9.27-1 -Architecture: mipsel -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: POSIX threads library diff --git a/obsolete-buildroot/sources/openwrt/ipkg/libpthread/CONTROL/rules b/obsolete-buildroot/sources/openwrt/ipkg/libpthread/CONTROL/rules deleted file mode 100755 index b538467..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/libpthread/CONTROL/rules +++ /dev/null @@ -1,34 +0,0 @@ -#!/usr/bin/make -f - -ifeq ($(strip $(TOPDIR)),) -TOPDIR := $(shell pwd)/../../../.. -endif - - -# variables extracted from $(TOPDIR)/Makefile -ARCH:= mipsel -STAGING_DIR=$(TOPDIR)/build_$(ARCH)/staging_dir -REAL_GNU_TARGET_NAME=$(ARCH)-linux-uclibc -TARGET_CROSS=$(STAGING_DIR)/bin/$(REAL_GNU_TARGET_NAME)- -STRIP=$(TARGET_CROSS)strip --remove-section=.comment --remove-section=.note -# could be better if replaced with: -#include $(TOPDIR)/Config - - -PACKAGE := libpthread - -MY_INSTALL_DIR := /tmp/$(PACKAGE) - - -build: - - -install: - rm -rf $(MY_INSTALL_DIR) - install -m0755 -d $(MY_INSTALL_DIR)/lib - install -m0755 $(STAGING_DIR)/$(REAL_GNU_TARGET_NAME)/lib/libpthread-0.9.27.so $(MY_INSTALL_DIR)/lib - $(STRIP) $(MY_INSTALL_DIR)/lib/libpthread*.so* - ln -fs libpthread-0.9.27.so $(MY_INSTALL_DIR)/lib/libpthread.so.0 - -clean: - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ntpclient/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ntpclient/CONTROL/control deleted file mode 100644 index 30194d1..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ntpclient/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: ntpclient -Architecture: mipsel -Version: 2003.194-1 -Section: utils -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: http://doolittle.faludi.com/ntpclient/ -Depends: -Description: utility to setting system time from NTP server diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.conffiles b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.conffiles deleted file mode 100644 index cb3c639..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/ssh_config diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.control b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.control deleted file mode 100644 index 3585250..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.control +++ /dev/null @@ -1,12 +0,0 @@ -Package: openssh-client -Priority: optional -Version: 3.8p1-1 -Architecture: mipsel -Maintainer: below0 -Section: net -Depends: zlib libssl -Source: Embedded in the main OpenWrt buildroot -Description: The OpenSSH client. Allows for access to remote systems via the SSH protocol. - Includes: ssh, scp - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.ex.control b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.ex.control deleted file mode 100644 index 5eb808a..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.ex.control +++ /dev/null @@ -1,12 +0,0 @@ -Package: openssh-client-extras -Priority: optional -Version: 3.8p1-1 -Architecture: mipsel -Maintainer: below0 -Section: net -Depends: openssh-client -Source: Embedded in the main OpenWrt buildroot -Description: Various optional OpenSSH client tools. - Includes: ssh-add, ssh-agent, ssh-keyscan, ssk-keysign - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.preinst b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.preinst deleted file mode 100644 index 029c789..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.preinst +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -# Make sure password and group databases exist -if [ ! -f /etc/passwd ]; then - echo -e "root::0:0::/tmp:/bin/sh\nnobody:x:65534:65534:nobody:/tmp:/bin/sh\nsshd:x:100:65534:sshd:/var:/bin/false\n" > /etc/passwd - [ -f /etc/group ] || echo -e "root:x:0:\nnogroup:x:65534:\n" > /etc/group - echo "\n\nNOTICE: SSH requires proper root password to be configured, set it now." - passwd -fi - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.ssh_config b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.ssh_config deleted file mode 100644 index 2692e89..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.client.ssh_config +++ /dev/null @@ -1,37 +0,0 @@ -# $OpenBSD: ssh_config,v 1.19 2003/08/13 08:46:31 markus Exp $ - -# This is the ssh client system-wide configuration file. See -# ssh_config(5) for more information. This file provides defaults for -# users, and the values can be changed in per-user configuration files -# or on the command line. - -# Configuration data is parsed as follows: -# 1. command line options -# 2. user-specific file -# 3. system-wide file -# Any configuration value is only changed the first time it is set. -# Thus, host-specific definitions should be at the beginning of the -# configuration file, and defaults at the end. - -# Site-wide defaults for various options - -# Host * -# ForwardAgent no -# ForwardX11 no -# RhostsRSAAuthentication no -# RSAAuthentication yes -# PasswordAuthentication yes -# HostbasedAuthentication no -# BatchMode no -# CheckHostIP yes -# AddressFamily any -# ConnectTimeout 0 -# StrictHostKeyChecking ask -# IdentityFile ~/.ssh/identity -# IdentityFile ~/.ssh/id_rsa -# IdentityFile ~/.ssh/id_dsa -# Port 22 -# Protocol 2,1 -# Cipher 3des -# Ciphers aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,arcfour,aes192-cbc,aes256-cbc -# EscapeChar ~ diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.patch b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.patch deleted file mode 100644 index 7d85a04..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.patch +++ /dev/null @@ -1,289 +0,0 @@ ---- openssh-3.6.1p1/Makefile.in.orig 2003-03-20 17:34:34.000000000 -0700 -+++ openssh-3.6.1p1/Makefile.in 2003-04-25 17:09:00.000000000 -0600 -@@ -27,7 +27,7 @@ - RAND_HELPER=$(libexecdir)/ssh-rand-helper - PRIVSEP_PATH=@PRIVSEP_PATH@ - SSH_PRIVSEP_USER=@SSH_PRIVSEP_USER@ --STRIP_OPT=@STRIP_OPT@ -+STRIP_OPT= - - PATHS= -DSSHDIR=\"$(sysconfdir)\" \ - -D_PATH_SSH_PROGRAM=\"$(SSH_PROGRAM)\" \ ---- openssh-3.8p1/configure.ac.orig 2004-02-23 22:47:04.000000000 -0700 -+++ openssh-3.8p1/configure.ac 2004-03-19 01:41:47.000000000 -0700 -@@ -481,6 +481,9 @@ - [ - AC_MSG_RESULT(no) - AC_MSG_ERROR([*** compiler cannot create working executables, check config.log ***]) -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) - ] - ) - -@@ -632,6 +635,9 @@ - else - AC_MSG_WARN([zlib version may have security problems]) - fi -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) - ] - ) - -@@ -696,6 +702,9 @@ - [ - AC_MSG_RESULT(no) - AC_DEFINE(BROKEN_ONE_BYTE_DIRENT_D_NAME) -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) - ] - ) - -@@ -727,6 +736,9 @@ - [ - AC_MSG_RESULT(no) - AC_MSG_ERROR([** Incomplete or missing s/key libraries.]) -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) - ]) - fi - ] -@@ -840,7 +852,11 @@ - ], - [AC_MSG_RESULT(yes)], - [AC_DEFINE(BROKEN_SETRESUID) -- AC_MSG_RESULT(not implemented)] -+ AC_MSG_RESULT(not implemented) -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) -+ ] - ) - ]) - -@@ -854,7 +870,11 @@ - ], - [AC_MSG_RESULT(yes)], - [AC_DEFINE(BROKEN_SETRESGID) -- AC_MSG_RESULT(not implemented)] -+ AC_MSG_RESULT(not implemented) -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) -+ ] - ) - ]) - -@@ -890,6 +910,9 @@ - AC_MSG_RESULT(no) - AC_DEFINE(BROKEN_SNPRINTF) - AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor]) -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) - ] - ) - fi -@@ -963,7 +986,10 @@ - [ - AC_MSG_RESULT(no) - AC_DEFINE(SSHD_ACQUIRES_CTTY) -- ] -+ ], -+ [AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) -+ ] - ) - fi - -@@ -1096,6 +1122,10 @@ - [ - AC_MSG_RESULT(not found) - AC_MSG_ERROR(OpenSSL version header not found.) -+ ], -+ [ -+ ssl_header_ver="0x0090704fL (OpenSSL 0.9.7d 17 Mar 2004)" -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to $ssl_header_ver]) - ] - ) - -@@ -1129,6 +1159,10 @@ - [ - AC_MSG_RESULT(not found) - AC_MSG_ERROR(OpenSSL library not found.) -+ ], -+ [ -+ ssl_header_ver="0x0090704fL (OpenSSL 0.9.7d 17 Mar 2004)" -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to $ssl_library_ver]) - ] - ) - -@@ -1148,7 +1182,11 @@ - AC_MSG_ERROR([Your OpenSSL headers do not match your library. - Check config.log for details. - Also see contrib/findssl.sh for help identifying header/library mismatches.]) -- ] -+ ], -+ [ -+ AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) -+ ] - ) - - # Some systems want crypt() from libcrypt, *not* the version in OpenSSL, -@@ -1183,6 +1221,11 @@ - # Default to use of the rand helper if OpenSSL doesn't - # seed itself - USE_RAND_HELPER=yes -+ ], -+ [ -+ OPENSSL_SEEDS_ITSELF=yes -+ AC_MSG_RESULT(yes) -+ AC_MSG_WARN([Cannot run test when crosscompiling, defaulted to yes.]) - ] - ) - -@@ -1773,7 +1816,8 @@ - #else - main() { exit(0); } - #endif -- ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ] -+ ], [ true ], [ AC_DEFINE(BROKEN_SNPRINTF) ], -+ [ true ] - ) - fi - -@@ -1893,6 +1937,7 @@ - } - ], - [ ac_cv_have_accrights_in_msghdr="yes" ], -+ [ ac_cv_have_accrights_in_msghdr="no" ], - [ ac_cv_have_accrights_in_msghdr="no" ] - ) - ]) -@@ -1917,7 +1962,8 @@ - } - ], - [ ac_cv_have_control_in_msghdr="yes" ], -- [ ac_cv_have_control_in_msghdr="no" ] -+ [ ac_cv_have_control_in_msghdr="no" ], -+ [ ac_cv_have_control_in_msghdr="yes" ] - ) - ]) - if test "x$ac_cv_have_control_in_msghdr" = "xyes" ; then -@@ -2229,12 +2275,9 @@ - ) - fi - fi --AC_CHECK_FILE("/dev/ptc", -- [ -- AC_DEFINE_UNQUOTED(HAVE_DEV_PTS_AND_PTC) -- have_dev_ptc=1 -- ] --) -+AC_MSG_CHECKING([for "/dev/ptc"]) -+AC_MSG_RESULT(no) -+have_dev_ptc=0 - - # Options from here on. Some of these are preset by platform above - AC_ARG_WITH(mantype, -@@ -2329,15 +2372,8 @@ - fi - - # check for /etc/default/login and use it if present. --AC_ARG_ENABLE(etc-default-login, -- [ --disable-etc-default-login Disable using PATH from /etc/default/login [no]],, --[ --AC_CHECK_FILE("/etc/default/login", [ external_path_file=/etc/default/login ]) -- --if test "x$external_path_file" = "x/etc/default/login"; then -- AC_DEFINE(HAVE_ETC_DEFAULT_LOGIN) --fi --]) -+AC_MSG_CHECKING([for "/etc/default/login"]) -+AC_MSG_RESULT(no) - - dnl BSD systems use /etc/login.conf so --with-default-path= has no effect - if test $ac_cv_func_login_getcapbool = "yes" -a \ ---- openssh-3.8p1.orig/sshd_config Fri Sep 27 05:21:58 2002 -+++ openssh-3.8p1/sshd_config Mon Mar 17 14:55:00 2003 -@@ -89,5 +89,8 @@ - #Banner /some/path - #VerifyReverseMapping no - -+ClientAliveInterval 15 -+ClientAliveCountMax 4 -+ - # override default of no subsystems --Subsystem sftp /usr/libexec/sftp-server -+Subsystem sftp /usr/sbin/sftp-server ---- openssh-3.6.1p1/S50sshd Fri Sep 27 05:21:58 2002 -+++ openssh-3.6.1p1/S50sshd Mon Mar 17 14:55:00 2003 -@@ -0,0 +1,64 @@ -+#!/bin/sh -+# -+# sshd Starts sshd. -+# -+ -+# Make sure the ssh-keygen progam exists -+[ -f /usr/bin/ssh-keygen ] || exit 0 -+ -+# Check for the SSH1 RSA key -+if [ ! -f /etc/ssh_host_key ] ; then -+ echo Generating RSA Key... -+ /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh_host_key -C '' -N '' -+fi -+ -+# Check for the SSH2 RSA key -+if [ ! -f /etc/ssh_host_rsa_key ] ; then -+ echo Generating RSA Key... -+ /usr/bin/ssh-keygen -t rsa -f /etc/ssh_host_rsa_key -C '' -N '' -+fi -+ -+# Check for the SSH2 DSA key -+if [ ! -f /etc/ssh_host_dsa_key ] ; then -+ echo Generating DSA Key... -+ echo THIS CAN TAKE A MINUTE OR TWO DEPENDING ON YOUR PROCESSOR! -+ echo -+ /usr/bin/ssh-keygen -t dsa -f /etc/ssh_host_dsa_key -C '' -N '' -+fi -+ -+umask 077 -+ -+start() { -+ echo -n "Starting sshd: " -+ /usr/sbin/sshd -+ touch /var/lock/sshd -+ echo "OK" -+} -+stop() { -+ echo -n "Stopping sshd: " -+ killall sshd -+ rm -f /var/lock/sshd -+ echo "OK" -+} -+restart() { -+ stop -+ start -+} -+ -+case "$1" in -+ start) -+ start -+ ;; -+ stop) -+ stop -+ ;; -+ restart|reload) -+ restart -+ ;; -+ *) -+ echo $"Usage: $0 {start|stop|restart}" -+ exit 1 -+esac -+ -+exit $? -+ diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.S50sshd-ipk b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.S50sshd-ipk deleted file mode 100644 index 6f77ad9..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.S50sshd-ipk +++ /dev/null @@ -1,45 +0,0 @@ -#!/bin/sh -# -# sshd Starts sshd. -# - -mkdir -p /var/lock -mkdir -p /var/empty -chmod 600 /var/empty - -umask 077 - -start() { - echo -n "Starting sshd: " - /usr/sbin/sshd - touch /var/lock/sshd - echo "OK" -} -stop() { - echo -n "Stopping sshd: " - killall sshd - rm -f /var/lock/sshd - echo "OK" -} -restart() { - stop - start -} - -case "$1" in - start) - start - ;; - stop) - stop - ;; - restart|reload) - restart - ;; - *) - echo $"Usage: $0 {start|stop|restart}" - exit 1 -esac - -exit $? - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.conffiles b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.conffiles deleted file mode 100644 index 5877b3b..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/sshd_config diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.control b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.control deleted file mode 100644 index 943da93..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.control +++ /dev/null @@ -1,13 +0,0 @@ -Package: openssh-server -Priority: optional -Version: 3.8p1-1 -Architecture: mipsel -Maintainer: below0 -Section: net -Depends: zlib libssl -Source: Embedded in the main OpenWrt buildroot -Description: The OpenSSH server daemon. - Allows for access to the system via the SSH client. - Includes: sshd, ssh-keygen - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.postinst b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.postinst deleted file mode 100644 index 16d2bf4..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.postinst +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh - -# Check for the SSH1 RSA key -if [ ! -f /etc/ssh_host_key ] ; then - echo Generating RSA Key... - /usr/bin/ssh-keygen -t rsa1 -f /etc/ssh_host_key -C '' -N '' -fi - -# Check for the SSH2 RSA key -if [ ! -f /etc/ssh_host_rsa_key ] ; then - echo Generating RSA Key... - /usr/bin/ssh-keygen -t rsa -f /etc/ssh_host_rsa_key -C '' -N '' -fi - -# Check for the SSH2 DSA key -if [ ! -f /etc/ssh_host_dsa_key ] ; then - echo "Generating DSA Key... (Takes a few minutes)" - /usr/bin/ssh-keygen -t dsa -f /etc/ssh_host_dsa_key -C '' -N '' -fi - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.preinst b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.preinst deleted file mode 100644 index 029c789..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.preinst +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -# Make sure password and group databases exist -if [ ! -f /etc/passwd ]; then - echo -e "root::0:0::/tmp:/bin/sh\nnobody:x:65534:65534:nobody:/tmp:/bin/sh\nsshd:x:100:65534:sshd:/var:/bin/false\n" > /etc/passwd - [ -f /etc/group ] || echo -e "root:x:0:\nnogroup:x:65534:\n" > /etc/group - echo "\n\nNOTICE: SSH requires proper root password to be configured, set it now." - passwd -fi - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.sshd_config b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.sshd_config deleted file mode 100644 index 22e5dc212..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.server.sshd_config +++ /dev/null @@ -1,100 +0,0 @@ -# $OpenBSD: sshd_config,v 1.68 2003/12/29 16:39:50 millert Exp $ - -# This is the sshd server system-wide configuration file. See -# sshd_config(5) for more information. - -# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin - -# The strategy used for options in the default sshd_config shipped with -# OpenSSH is to specify options with their default value where -# possible, but leave them commented. Uncommented options change a -# default value. - -#Port 22 -#Protocol 2,1 -#ListenAddress 0.0.0.0 -#ListenAddress :: - -# HostKey for protocol version 1 -#HostKey /etc/ssh_host_key -# HostKeys for protocol version 2 -#HostKey /etc/ssh_host_rsa_key -#HostKey /etc/ssh_host_dsa_key - -# Lifetime and size of ephemeral version 1 server key -#KeyRegenerationInterval 1h -#ServerKeyBits 768 - -# Logging -#obsoletes QuietMode and FascistLogging -#SyslogFacility AUTH -#LogLevel INFO - -# Authentication: - -#LoginGraceTime 2m -#PermitRootLogin yes -#StrictModes yes - -#RSAAuthentication yes -#PubkeyAuthentication yes -#AuthorizedKeysFile .ssh/authorized_keys - -# For this to work you will also need host keys in /etc/ssh_known_hosts -#RhostsRSAAuthentication no -# similar for protocol version 2 -#HostbasedAuthentication no -# Change to yes if you don't trust ~/.ssh/known_hosts for -# RhostsRSAAuthentication and HostbasedAuthentication -#IgnoreUserKnownHosts no -# Don't read the user's ~/.rhosts and ~/.shosts files -#IgnoreRhosts yes - -# To disable tunneled clear text passwords, change to no here! -#PasswordAuthentication yes -#PermitEmptyPasswords no - -# Change to no to disable s/key passwords -#ChallengeResponseAuthentication yes - -# Kerberos options -#KerberosAuthentication no -#KerberosOrLocalPasswd yes -#KerberosTicketCleanup yes -#KerberosGetAFSToken no - -# GSSAPI options -#GSSAPIAuthentication no -#GSSAPICleanupCredentials yes - -# Set this to 'yes' to enable PAM authentication (via challenge-response) -# and session processing. Depending on your PAM configuration, this may -# bypass the setting of 'PasswordAuthentication' and 'PermitEmptyPasswords' -#UsePAM no - -#AllowTcpForwarding yes -#GatewayPorts no -#X11Forwarding no -#X11DisplayOffset 10 -#X11UseLocalhost yes -#PrintMotd yes -#PrintLastLog yes -#TCPKeepAlive yes -#UseLogin no -#UsePrivilegeSeparation yes -#PermitUserEnvironment no -#Compression yes -#ClientAliveInterval 0 -#ClientAliveCountMax 3 -#UseDNS yes -#PidFile /var/run/sshd.pid -#MaxStartups 10 - -# no default banner path -#Banner /some/path - -ClientAliveInterval 15 -ClientAliveCountMax 4 - -# override default of no subsystems -Subsystem sftp /usr/sbin/sftp-server diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.sftp-client.control b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.sftp-client.control deleted file mode 100644 index 12949f1..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.sftp-client.control +++ /dev/null @@ -1,12 +0,0 @@ -Package: openssh-sftp-client -Priority: optional -Version: 3.8p1-1 -Architecture: mipsel -Maintainer: below0 -Section: net -Depends: openssh-client -Source: Embedded in the main OpenWrt buildroot -Description: OpenSSH Secure FTP server. - Includes: sftp-server - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.sftp-server.control b/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.sftp-server.control deleted file mode 100644 index 45f5c9a..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssh/openssh.sftp-server.control +++ /dev/null @@ -1,12 +0,0 @@ -Package: openssh-sftp-server -Priority: optional -Version: 3.8p1-1 -Architecture: mipsel -Maintainer: below0 -Section: net -Depends: openssh-server -Source: Embedded in the main OpenWrt buildroot -Description: OpenSSH Secure FTP server. - Includes: sftp-server - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssl/control b/obsolete-buildroot/sources/openwrt/ipkg/openssl/control deleted file mode 100644 index 4fe0b87..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssl/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: libssl -Priority: optional -Version: 0.9.7d-1 -Architecture: mipsel -Maintainer: below0 -Section: libs -Source: Embedded in the main OpenWrt buildroot -Description: OpenSSL libraries used for SSL encryption. - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/openssl/openssl.patch b/obsolete-buildroot/sources/openwrt/ipkg/openssl/openssl.patch deleted file mode 100644 index 2e8d50f..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/openssl/openssl.patch +++ /dev/null @@ -1,238 +0,0 @@ ---- openssl-0.9.7.orig/Configure -+++ openssl-0.9.7/Configure -@@ -1,4 +1,4 @@ --: -+#!/usr/bin/perl - eval 'exec perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ## -@@ -373,6 +373,40 @@ - # assembler versions -- currently defunct: - ##"OpenBSD-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer:::(unknown):SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2:${alpha_asm}", - -+# Sane Linux configuration values, stolen from the Debian package.... -+"linux-alpha","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-alpha-ev4","gcc:-DTERMIO -O3 -mcpu=ev4 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-alpha-ev5","gcc:-DTERMIO -O3 -mcpu=ev5 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_RISC1 DES_UNROLL:${alpha_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-arm","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_RISC1::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-freebsd-alpha","gcc:-DTERMIOS -O -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-freebsd-i386", "gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE -D_THREADSAFE:::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-hppa","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-hurd-i386","gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-ia64","gcc:-DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:SIXTY_FOUR_BIT_LONG RC4_CHUNK RC4_CHAR:asm/ia64.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+#"linux-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC", -+"linux-i386","gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-i386-i486","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i486 -mcpu=i486 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-i386-i586","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i586 -mcpu=i586 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-i386-i686/cmov","gcc:-DL_ENDIAN -DTERMIO -O3 -march=i686 -mcpu=i686 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-m68k","gcc:-DB_ENDIAN -DTERMIO -O2 -Wall::-D_REENTRANT::-ldl:BN_LLONG MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mips", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-mipsel", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-netbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-netbsd-m68k", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-netbsd-sparc", "gcc:-DB_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX DES_UNROLL::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-openbsd-alpha","gcc:-DTERMIOS -O3 -fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG DES_INT DES_PTR DES_RISC2::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-openbsd-i386", "gcc:-DL_ENDIAN -DTERMIOS -O3 -fomit-frame-pointer -m486::(unknown):::BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_out_asm}:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-openbsd-mips","gcc:-O2 -DL_ENDIAN::(unknown)::BN_LLONG MD2_CHAR RC4_INDEX RC4_CHAR DES_UNROLL DES_RISC2 DES_PTR BF_PTR:::::::::::dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-powerpc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG DES_UNROLL DES_RISC2 DES_PTR MD2_CHAR RC4_INDEX::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-s390","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh3", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh4", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh3eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sh4eb", "gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sparc","gcc:-DB_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR::::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sparc-v8","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v8 -fomit-frame-pointer -Wall -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8.o:::::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-sparc-v9","gcc:-DB_ENDIAN -DTERMIO -O3 -mcpu=v9 -Wa,-Av8plus -fomit-frame-pointer -Wall -DULTRASPARC -DBN_DIV2W::-D_REENTRANT::-ldl:BN_LLONG RC4_CHAR RC4_CHUNK DES_UNROLL BF_PTR:asm/sparcv8plus.o:::asm/md5-sparcv8plus.o::::::dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", -+"linux-cris", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -Wall::-D_REENTRANT::-ldl:BN_LLONG::::::::::dlfcn:linux-shared:-fpic::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", - # The intel boxes :-), It would be worth seeing if bsdi-gcc can use the - # bn86-elf.o file file since it is hand tweaked assembler. - "linux-elf", "gcc:-DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486 -Wall::-D_REENTRANT::-ldl:BN_LLONG ${x86_gcc_des} ${x86_gcc_opts}:${x86_elf_asm}:dlfcn:linux-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)", ---- openssl-0.9.7.orig/crypto/md5/asm/md5-sparcv9.S -+++ openssl-0.9.7/crypto/md5/asm/md5-sparcv9.S -@@ -72,14 +72,14 @@ - #define Dval R8 - - #if defined(MD5_BLOCK_DATA_ORDER) --# if defined(OPENSSL_SYSNAME_ULTRASPARC) -+/*# if defined(OPENSSL_SYSNAME_ULTRASPARC)*/ - # define LOAD lda - # define X(i) [%i1+i*4]%asi - # define md5_block md5_block_asm_data_order_aligned - # define ASI_PRIMARY_LITTLE 0x88 --# else -+/*# else - # error "MD5_BLOCK_DATA_ORDER is supported only on UltraSPARC!" --# endif -+# endif*/ - #else - # define LOAD ld - # define X(i) [%i1+i*4] ---- openssl-0.9.7.orig/crypto/opensslconf.h -+++ openssl-0.9.7/crypto/opensslconf.h -@@ -4,17 +4,38 @@ - /* OpenSSL was configured with the following options: */ - #ifndef OPENSSL_DOING_MAKEDEPEND - -+#ifndef OPENSSL_NO_IDEA -+# define OPENSSL_NO_IDEA -+#endif -+#ifndef OPENSSL_NO_MDC2 -+# define OPENSSL_NO_MDC2 -+#endif -+#ifndef OPENSSL_NO_RC5 -+# define OPENSSL_NO_RC5 -+#endif - #ifndef OPENSSL_NO_KRB5 - # define OPENSSL_NO_KRB5 - #endif - - #endif /* OPENSSL_DOING_MAKEDEPEND */ -+#ifndef OPENSSL_THREADS -+# define OPENSSL_THREADS -+#endif - - /* The OPENSSL_NO_* macros are also defined as NO_* if the application - asks for it. This is a transient feature that is provided for those - who haven't had the time to do the appropriate changes in their - applications. */ - #ifdef OPENSSL_ALGORITHM_DEFINES -+# if defined(OPENSSL_NO_IDEA) && !defined(NO_IDEA) -+# define NO_IDEA -+# endif -+# if defined(OPENSSL_NO_MDC2) && !defined(NO_MDC2) -+# define NO_MDC2 -+# endif -+# if defined(OPENSSL_NO_RC5) && !defined(NO_RC5) -+# define NO_RC5 -+# endif - # if defined(OPENSSL_NO_KRB5) && !defined(NO_KRB5) - # define NO_KRB5 - # endif -@@ -27,7 +48,7 @@ - - #if !(defined(VMS) || defined(__VMS)) /* VMS uses logical names instead */ - #if defined(HEADER_CRYPTLIB_H) && !defined(OPENSSLDIR) --#define OPENSSLDIR "/usr/local/ssl" -+#define OPENSSLDIR "/usr/lib/ssl" - #endif - #endif - -@@ -79,7 +100,7 @@ - - #if defined(HEADER_BN_H) && !defined(CONFIG_HEADER_BN_H) - #define CONFIG_HEADER_BN_H --#undef BN_LLONG -+#define BN_LLONG - - /* Should we define BN_DIV2W here? */ - -@@ -98,7 +119,7 @@ - #define CONFIG_HEADER_RC4_LOCL_H - /* if this is defined data[i] is used instead of *data, this is a %20 - * speedup on x86 */ --#undef RC4_INDEX -+#define RC4_INDEX - #endif - - #if defined(HEADER_BF_LOCL_H) && !defined(CONFIG_HEADER_BF_LOCL_H) -@@ -112,14 +133,14 @@ - /* the following is tweaked from a config script, that is why it is a - * protected undef/define */ - #ifndef DES_PTR --#undef DES_PTR -+#define DES_PTR - #endif - - /* This helps C compiler generate the correct code for multiple functional - * units. It reduces register dependancies at the expense of 2 more - * registers */ - #ifndef DES_RISC1 --#undef DES_RISC1 -+#define DES_RISC1 - #endif - - #ifndef DES_RISC2 -@@ -133,7 +154,7 @@ - /* Unroll the inner loop, this sometimes helps, sometimes hinders. - * Very mucy CPU dependant */ - #ifndef DES_UNROLL --#undef DES_UNROLL -+#define DES_UNROLL - #endif - - /* These default values were supplied by ---- openssl-0.9.7.orig/ssl/ssl_algs.c -+++ openssl-0.9.7/ssl/ssl_algs.c -@@ -109,3 +109,8 @@ - return(1); - } - -+#undef SSLeay_add_ssl_algorithms -+int SSLeay_add_ssl_algorithms(void) -+ { -+ return SSL_library_init(); -+ } ---- openssl-0.9.7.orig/tools/c_rehash.in -+++ openssl-0.9.7/tools/c_rehash.in -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -+#!/usr/bin/perl - - - # Perl c_rehash script, scan all files in a directory ---- openssl-0.9.7.orig/util/clean-depend.pl -+++ openssl-0.9.7/util/clean-depend.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - # Clean the dependency list in a makefile of standard includes... - # Written by Ben Laurie <ben@algroup.co.uk> 19 Jan 1999 - ---- openssl-0.9.7.orig/util/extract-names.pl -+++ openssl-0.9.7/util/extract-names.pl -@@ -1,4 +1,4 @@ --#!/usr/bin/perl -+#!/usr/bin/perl - - $/ = ""; # Eat a paragraph at once. - while(<STDIN>) { ---- openssl-0.9.7.orig/util/mkdef.pl -+++ openssl-0.9.7/util/mkdef.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - # - # generate a .def file - # ---- openssl-0.9.7.orig/util/mkerr.pl -+++ openssl-0.9.7/util/mkerr.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - - my $config = "crypto/err/openssl.ec"; - my $debug = 0; ---- openssl-0.9.7.orig/util/mkstack.pl -+++ openssl-0.9.7/util/mkstack.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - - # This is a utility that searches out "DECLARE_STACK_OF()" - # declarations in .h and .c files, and updates/creates/replaces ---- openssl-0.9.7.orig/util/pod2man.pl -+++ openssl-0.9.7/util/pod2man.pl -@@ -1,4 +1,4 @@ --: #!/usr/bin/perl-5.005 -+#!/usr/bin/perl - eval 'exec /usr/bin/perl -S $0 ${1+"$@"}' - if $running_under_some_shell; - ---- openssl-0.9.7.orig/util/selftest.pl -+++ openssl-0.9.7/util/selftest.pl -@@ -1,4 +1,4 @@ --#!/usr/local/bin/perl -w -+#!/usr/bin/perl - # - # Run the test suite and generate a report - # diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/conffiles deleted file mode 100644 index 70fe146..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/conffiles +++ /dev/null @@ -1,2 +0,0 @@ -/etc/ppp/radius.conf -/etc/ppp/radius/servers diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/control deleted file mode 100644 index e9411b3..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: ppp-radius-plugin -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a RADIUS plugin for the PPP daemon -Depends: ppp diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius-options b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius-options deleted file mode 100644 index 1cb1867..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius-options +++ /dev/null @@ -1,2 +0,0 @@ -plugin radius.so -radius-config-file /etc/ppp/radius.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius.conf b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius.conf deleted file mode 100644 index bf630fe..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius.conf +++ /dev/null @@ -1,8 +0,0 @@ -authserver localhost:1812 -acctserver localhost:1813 -dictionary /etc/ppp/radius/dictionary -servers /etc/ppp/radius/servers -seqfile /var/tmp/radius.seq -radius_timeout 10 -radius_retries 3 -mapfile /dev/null
\ No newline at end of file diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary deleted file mode 100644 index 706d1ce..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary +++ /dev/null @@ -1,253 +0,0 @@ -# -# Updated 97/06/13 to livingston-radius-2.01 miquels@cistron.nl -# -# This file contains dictionary translations for parsing -# requests and generating responses. All transactions are -# composed of Attribute/Value Pairs. The value of each attribute -# is specified as one of 4 data types. Valid data types are: -# -# string - 0-253 octets -# ipaddr - 4 octets in network byte order -# integer - 32 bit value in big endian order (high byte first) -# date - 32 bit value in big endian order - seconds since -# 00:00:00 GMT, Jan. 1, 1970 -# -# Enumerated values are stored in the user file with dictionary -# VALUE translations for easy administration. -# -# Example: -# -# ATTRIBUTE VALUE -# --------------- ----- -# Framed-Protocol = PPP -# 7 = 1 (integer encoding) -# - -# The dictionary format now supports vendor-specific attributes. -# Vendors are introduced like this: -# -# VENDOR vendor_name vendor_number -# -# For example: -# -# VENDOR RoaringPenguin 10055 -# -# Vendor-specific attributes have a fifth field with the name of the -# vendor. For example: -# -# ATTRIBUTE RP-Upstream-Speed-Limit 1 integer RoaringPenguin -# -# introduces a Roaring Penguin vendor-specific attribbute with name -# RP-Upstream-Speed-Limit, number 1, type integer and vendor RoaringPenguin. - -# -# Following are the proper new names. Use these. -# -ATTRIBUTE User-Name 1 string -ATTRIBUTE Password 2 string -ATTRIBUTE CHAP-Password 3 string -ATTRIBUTE NAS-IP-Address 4 ipaddr -ATTRIBUTE NAS-Port-Id 5 integer -ATTRIBUTE Service-Type 6 integer -ATTRIBUTE Framed-Protocol 7 integer -ATTRIBUTE Framed-IP-Address 8 ipaddr -ATTRIBUTE Framed-IP-Netmask 9 ipaddr -ATTRIBUTE Framed-Routing 10 integer -ATTRIBUTE Filter-Id 11 string -ATTRIBUTE Framed-MTU 12 integer -ATTRIBUTE Framed-Compression 13 integer -ATTRIBUTE Login-IP-Host 14 ipaddr -ATTRIBUTE Login-Service 15 integer -ATTRIBUTE Login-TCP-Port 16 integer -ATTRIBUTE Reply-Message 18 string -ATTRIBUTE Callback-Number 19 string -ATTRIBUTE Callback-Id 20 string -ATTRIBUTE Framed-Route 22 string -ATTRIBUTE Framed-IPX-Network 23 ipaddr -ATTRIBUTE State 24 string -ATTRIBUTE Class 25 string -ATTRIBUTE Session-Timeout 27 integer -ATTRIBUTE Idle-Timeout 28 integer -ATTRIBUTE Termination-Action 29 integer -ATTRIBUTE Called-Station-Id 30 string -ATTRIBUTE Calling-Station-Id 31 string -ATTRIBUTE NAS-Identifier 32 string -ATTRIBUTE Acct-Status-Type 40 integer -ATTRIBUTE Acct-Delay-Time 41 integer -ATTRIBUTE Acct-Input-Octets 42 integer -ATTRIBUTE Acct-Output-Octets 43 integer -ATTRIBUTE Acct-Session-Id 44 string -ATTRIBUTE Acct-Authentic 45 integer -ATTRIBUTE Acct-Session-Time 46 integer -ATTRIBUTE Acct-Input-Packets 47 integer -ATTRIBUTE Acct-Output-Packets 48 integer -ATTRIBUTE Acct-Terminate-Cause 49 integer -ATTRIBUTE Chap-Challenge 60 string -ATTRIBUTE NAS-Port-Type 61 integer -ATTRIBUTE Port-Limit 62 integer -ATTRIBUTE Connect-Info 77 string - -# RFC 2869 -ATTRIBUTE Acct-Interim-Interval 85 integer - -# -# Experimental Non Protocol Attributes used by Cistron-Radiusd -# -ATTRIBUTE Huntgroup-Name 221 string -ATTRIBUTE User-Category 1029 string -ATTRIBUTE Group-Name 1030 string -ATTRIBUTE Simultaneous-Use 1034 integer -ATTRIBUTE Strip-User-Name 1035 integer -ATTRIBUTE Fall-Through 1036 integer -ATTRIBUTE Add-Port-To-IP-Address 1037 integer -ATTRIBUTE Exec-Program 1038 string -ATTRIBUTE Exec-Program-Wait 1039 string -ATTRIBUTE Hint 1040 string - -# -# Non-Protocol Attributes -# These attributes are used internally by the server -# -ATTRIBUTE Expiration 21 date -ATTRIBUTE Auth-Type 1000 integer -ATTRIBUTE Menu 1001 string -ATTRIBUTE Termination-Menu 1002 string -ATTRIBUTE Prefix 1003 string -ATTRIBUTE Suffix 1004 string -ATTRIBUTE Group 1005 string -ATTRIBUTE Crypt-Password 1006 string -ATTRIBUTE Connect-Rate 1007 integer - -# -# Experimental, implementation specific attributes -# -# Limit session traffic -ATTRIBUTE Session-Octets-Limit 227 integer -# What to assume as limit - 0 in+out, 1 in, 2 out, 3 max(in,out) -ATTRIBUTE Octets-Direction 228 integer - -# -# Integer Translations -# - -# User Types - -VALUE Service-Type Login-User 1 -VALUE Service-Type Framed-User 2 -VALUE Service-Type Callback-Login-User 3 -VALUE Service-Type Callback-Framed-User 4 -VALUE Service-Type Outbound-User 5 -VALUE Service-Type Administrative-User 6 -VALUE Service-Type NAS-Prompt-User 7 - -# Framed Protocols - -VALUE Framed-Protocol PPP 1 -VALUE Framed-Protocol SLIP 2 - -# Framed Routing Values - -VALUE Framed-Routing None 0 -VALUE Framed-Routing Broadcast 1 -VALUE Framed-Routing Listen 2 -VALUE Framed-Routing Broadcast-Listen 3 - -# Framed Compression Types - -VALUE Framed-Compression None 0 -VALUE Framed-Compression Van-Jacobson-TCP-IP 1 - -# Login Services - -VALUE Login-Service Telnet 0 -VALUE Login-Service Rlogin 1 -VALUE Login-Service TCP-Clear 2 -VALUE Login-Service PortMaster 3 - -# Status Types - -VALUE Acct-Status-Type Start 1 -VALUE Acct-Status-Type Stop 2 -VALUE Acct-Status-Type Accounting-On 7 -VALUE Acct-Status-Type Accounting-Off 8 - -# Authentication Types - -VALUE Acct-Authentic RADIUS 1 -VALUE Acct-Authentic Local 2 -VALUE Acct-Authentic PowerLink128 100 - -# Termination Options - -VALUE Termination-Action Default 0 -VALUE Termination-Action RADIUS-Request 1 - -# NAS Port Types, available in 3.3.1 and later - -VALUE NAS-Port-Type Async 0 -VALUE NAS-Port-Type Sync 1 -VALUE NAS-Port-Type ISDN 2 -VALUE NAS-Port-Type ISDN-V120 3 -VALUE NAS-Port-Type ISDN-V110 4 - -# Acct Terminate Causes, available in 3.3.2 and later - -VALUE Acct-Terminate-Cause User-Request 1 -VALUE Acct-Terminate-Cause Lost-Carrier 2 -VALUE Acct-Terminate-Cause Lost-Service 3 -VALUE Acct-Terminate-Cause Idle-Timeout 4 -VALUE Acct-Terminate-Cause Session-Timeout 5 -VALUE Acct-Terminate-Cause Admin-Reset 6 -VALUE Acct-Terminate-Cause Admin-Reboot 7 -VALUE Acct-Terminate-Cause Port-Error 8 -VALUE Acct-Terminate-Cause NAS-Error 9 -VALUE Acct-Terminate-Cause NAS-Request 10 -VALUE Acct-Terminate-Cause NAS-Reboot 11 -VALUE Acct-Terminate-Cause Port-Unneeded 12 -VALUE Acct-Terminate-Cause Port-Preempted 13 -VALUE Acct-Terminate-Cause Port-Suspended 14 -VALUE Acct-Terminate-Cause Service-Unavailable 15 -VALUE Acct-Terminate-Cause Callback 16 -VALUE Acct-Terminate-Cause User-Error 17 -VALUE Acct-Terminate-Cause Host-Request 18 - -# -# Non-Protocol Integer Translations -# - -VALUE Auth-Type Local 0 -VALUE Auth-Type System 1 -VALUE Auth-Type SecurID 2 -VALUE Auth-Type Crypt-Local 3 -VALUE Auth-Type Reject 4 - -# -# Cistron extensions -# -VALUE Auth-Type Pam 253 -VALUE Auth-Type None 254 - -# -# Experimental Non-Protocol Integer Translations for Cistron-Radiusd -# -VALUE Fall-Through No 0 -VALUE Fall-Through Yes 1 -VALUE Add-Port-To-IP-Address No 0 -VALUE Add-Port-To-IP-Address Yes 1 - -# -# Configuration Values -# uncomment these two lines to turn account expiration on -# - -#VALUE Server-Config Password-Expiration 30 -#VALUE Server-Config Password-Warning 5 - -# Octets-Direction -VALUE Octets-Direction Sum 0 -VALUE Octets-Direction Input 1 -VALUE Octets-Direction Output 2 -VALUE Octets-Direction MaxOveral 3 -VALUE Octets-Direction MaxSession 4 - -INCLUDE /etc/ppp/radius/dictionary.microsoft diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary.microsoft b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary.microsoft deleted file mode 100644 index 09fdbba..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/dictionary.microsoft +++ /dev/null @@ -1,81 +0,0 @@ -# -# Microsoft's VSA's, from RFC 2548 -# -# $Id$ -# - -VENDOR Microsoft 311 Microsoft - -ATTRIBUTE MS-CHAP-Response 1 string Microsoft -ATTRIBUTE MS-CHAP-Error 2 string Microsoft -ATTRIBUTE MS-CHAP-CPW-1 3 string Microsoft -ATTRIBUTE MS-CHAP-CPW-2 4 string Microsoft -ATTRIBUTE MS-CHAP-LM-Enc-PW 5 string Microsoft -ATTRIBUTE MS-CHAP-NT-Enc-PW 6 string Microsoft -ATTRIBUTE MS-MPPE-Encryption-Policy 7 string Microsoft -# This is referred to as both singular and plural in the RFC. -# Plural seems to make more sense. -ATTRIBUTE MS-MPPE-Encryption-Type 8 string Microsoft -ATTRIBUTE MS-MPPE-Encryption-Types 8 string Microsoft -ATTRIBUTE MS-RAS-Vendor 9 integer Microsoft -ATTRIBUTE MS-CHAP-Domain 10 string Microsoft -ATTRIBUTE MS-CHAP-Challenge 11 string Microsoft -ATTRIBUTE MS-CHAP-MPPE-Keys 12 string Microsoft -ATTRIBUTE MS-BAP-Usage 13 integer Microsoft -ATTRIBUTE MS-Link-Utilization-Threshold 14 integer Microsoft -ATTRIBUTE MS-Link-Drop-Time-Limit 15 integer Microsoft -ATTRIBUTE MS-MPPE-Send-Key 16 string Microsoft -ATTRIBUTE MS-MPPE-Recv-Key 17 string Microsoft -ATTRIBUTE MS-RAS-Version 18 string Microsoft -ATTRIBUTE MS-Old-ARAP-Password 19 string Microsoft -ATTRIBUTE MS-New-ARAP-Password 20 string Microsoft -ATTRIBUTE MS-ARAP-PW-Change-Reason 21 integer Microsoft - -ATTRIBUTE MS-Filter 22 string Microsoft -ATTRIBUTE MS-Acct-Auth-Type 23 integer Microsoft -ATTRIBUTE MS-Acct-EAP-Type 24 integer Microsoft - -ATTRIBUTE MS-CHAP2-Response 25 string Microsoft -ATTRIBUTE MS-CHAP2-Success 26 string Microsoft -ATTRIBUTE MS-CHAP2-CPW 27 string Microsoft - -ATTRIBUTE MS-Primary-DNS-Server 28 ipaddr Microsoft -ATTRIBUTE MS-Secondary-DNS-Server 29 ipaddr Microsoft -ATTRIBUTE MS-Primary-NBNS-Server 30 ipaddr Microsoft -ATTRIBUTE MS-Secondary-NBNS-Server 31 ipaddr Microsoft - -#ATTRIBUTE MS-ARAP-Challenge 33 string Microsoft - - -# -# Integer Translations -# - -# MS-BAP-Usage Values - -VALUE MS-BAP-Usage Not-Allowed 0 -VALUE MS-BAP-Usage Allowed 1 -VALUE MS-BAP-Usage Required 2 - -# MS-ARAP-Password-Change-Reason Values - -VALUE MS-ARAP-PW-Change-Reason Just-Change-Password 1 -VALUE MS-ARAP-PW-Change-Reason Expired-Password 2 -VALUE MS-ARAP-PW-Change-Reason Admin-Requires-Password-Change 3 -VALUE MS-ARAP-PW-Change-Reason Password-Too-Short 4 - -# MS-Acct-Auth-Type Values - -VALUE MS-Acct-Auth-Type PAP 1 -VALUE MS-Acct-Auth-Type CHAP 2 -VALUE MS-Acct-Auth-Type MS-CHAP-1 3 -VALUE MS-Acct-Auth-Type MS-CHAP-2 4 -VALUE MS-Acct-Auth-Type EAP 5 - -# MS-Acct-EAP-Type Values - -VALUE MS-Acct-EAP-Type MD5 4 -VALUE MS-Acct-EAP-Type OTP 5 -VALUE MS-Acct-EAP-Type Generic-Token-Card 6 -VALUE MS-Acct-EAP-Type TLS 13 - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/servers b/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/servers deleted file mode 100644 index 0c5b3b9..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp-radius-plugin/root/etc/ppp/radius/servers +++ /dev/null @@ -1 +0,0 @@ -localhost secret diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/conffiles deleted file mode 100644 index 8ad17eb..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/conffiles +++ /dev/null @@ -1,2 +0,0 @@ -/etc/ppp/chap-secrets -/etc/ppp/options diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/control deleted file mode 100644 index b4e071e..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: ppp -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a Point-to-Point Protocol (PPP) daemon diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/chap-secrets b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/chap-secrets deleted file mode 100644 index f31e376..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/chap-secrets +++ /dev/null @@ -1 +0,0 @@ -nico pptp-server secret 172.16.1.101
\ No newline at end of file diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/options b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/options deleted file mode 100644 index 77170e9..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/options +++ /dev/null @@ -1 +0,0 @@ -#debug diff --git a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/peers/.placeholder b/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/peers/.placeholder deleted file mode 100644 index e69de29..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/ppp/root/etc/ppp/peers/.placeholder +++ /dev/null diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/conffiles deleted file mode 100644 index 7ebe115..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/ppp/ip-up diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/control deleted file mode 100644 index 6996b8e..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/control +++ /dev/null @@ -1,10 +0,0 @@ -Package: pppoecd -Priority: optional -Version: 1.0 -Architecture: mipsel -Maintainer: below0 -Section: net -Source: Embedded in the main openwrt tarball -Description: Linksys PPPoE daemon for access to internet using DSL modems - - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/postrm b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/postrm deleted file mode 100644 index 0d53d99..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/postrm +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -rm -rf /etc/ppp - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/prerm b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/prerm deleted file mode 100644 index 092bf00..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/CONTROL/prerm +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -killall pppoecd -sleep 3 -killall -9 pppoecd
\ No newline at end of file diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/pppoecd-pathnames.patch b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/pppoecd-pathnames.patch deleted file mode 100644 index e6c1099..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/pppoecd-pathnames.patch +++ /dev/null @@ -1,66 +0,0 @@ ---- pathnames.h.orig Tue Oct 14 03:09:53 2003 -+++ pathnames.h Sat Jul 10 21:04:34 2004 -@@ -9,37 +9,37 @@ - - #else /* HAVE_PATHS_H */ - #ifndef _PATH_VARRUN --#define _PATH_VARRUN "/tmp/ppp/" -+#define _PATH_VARRUN "/var/run" - #endif - #define _PATH_DEVNULL "/dev/null" - #endif /* HAVE_PATHS_H */ - - #ifndef _ROOT_PATH --#define _ROOT_PATH -+#define _ROOT_PATH "/etc" - #endif - --#define _PATH_UPAPFILE _ROOT_PATH "/tmp/ppp/pap-secrets" --#define _PATH_CHAPFILE _ROOT_PATH "/tmp/ppp/chap-secrets" --#define _PATH_SYSOPTIONS _ROOT_PATH "/tmp/ppp/options" --#define _PATH_IPUP _ROOT_PATH "/tmp/ppp/ip-up" --#define _PATH_IPDOWN _ROOT_PATH "/tmp/ppp/ip-down" --#define _PATH_AUTHUP _ROOT_PATH "/tmp/ppp/auth-up" --#define _PATH_AUTHDOWN _ROOT_PATH "/tmp/ppp/auth-down" --#define _PATH_TTYOPT _ROOT_PATH "/tmp/ppp/options." --#define _PATH_CONNERRS _ROOT_PATH "/tmp/ppp/connect-errors" --#define _PATH_PEERFILES _ROOT_PATH "/tmp/ppp/peers/" --#define _PATH_RESOLV _ROOT_PATH "/tmp/ppp/resolv.conf" -+#define _PATH_UPAPFILE _ROOT_PATH "/ppp/pap-secrets" -+#define _PATH_CHAPFILE _ROOT_PATH "/ppp/chap-secrets" -+#define _PATH_SYSOPTIONS _ROOT_PATH "/ppp/options" -+#define _PATH_IPUP _ROOT_PATH "/ppp/ip-up" -+#define _PATH_IPDOWN _ROOT_PATH "/ppp/ip-down" -+#define _PATH_AUTHUP _ROOT_PATH "/ppp/auth-up" -+#define _PATH_AUTHDOWN _ROOT_PATH "/ppp/auth-down" -+#define _PATH_TTYOPT _ROOT_PATH "/ppp/options." -+#define _PATH_CONNERRS "/tmp/connect-errors" -+#define _PATH_PEERFILES _ROOT_PATH "/ppp/peers/" -+#define _PATH_RESOLV "/tmp/resolv.conf" - - #define _PATH_USEROPT ".ppprc" - - #ifdef INET6 --#define _PATH_IPV6UP _ROOT_PATH "/tmp/ppp/ipv6-up" --#define _PATH_IPV6DOWN _ROOT_PATH "/tmp/ppp/ipv6-down" -+#define _PATH_IPV6UP _ROOT_PATH "/ppp/ipv6-up" -+#define _PATH_IPV6DOWN _ROOT_PATH "/ppp/ipv6-down" - #endif - - #ifdef IPX_CHANGE --#define _PATH_IPXUP _ROOT_PATH "/tmp/ppp/ipx-up" --#define _PATH_IPXDOWN _ROOT_PATH "/tmp/ppp/ipx-down" -+#define _PATH_IPXUP _ROOT_PATH "/ppp/ipx-up" -+#define _PATH_IPXDOWN _ROOT_PATH "/ppp/ipx-down" - #endif /* IPX_CHANGE */ - - #ifdef __STDC__ -@@ -48,7 +48,7 @@ - #ifdef HAVE_PATHS_H - #define _PATH_PPPDB "/var/run/pppd.tdb" - #else --#define _PATH_PPPDB "/tmp/ppp/pppd.tdb" -+#define _PATH_PPPDB "/tmp/pppd.tdb" - #endif - #endif /* __STDC__ */ - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/pppoecd.patch b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/pppoecd.patch deleted file mode 100644 index 4fa4afc..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/pppoecd.patch +++ /dev/null @@ -1,27 +0,0 @@ ---- pppoe.c.orig Sat Jul 10 20:55:38 2004 -+++ pppoe.c Sat Jul 10 20:55:55 2004 -@@ -131,8 +131,7 @@ - - if (pppoe_srv_name !=NULL) { - if (strlen (pppoe_srv_name) > 255) { -- poe_error (ses," Service name too long -- (maximum allowed 256 chars)"); -+ poe_error (ses," Service name too long (maximum allowed 256 chars)"); - poe_die(-1); - } - ses->filt->stag = make_filter_tag(PTT_SRV_NAME, ---- Makefile.orig Sun Jul 11 03:26:49 2004 -+++ Makefile Sun Jul 11 03:27:18 2004 -@@ -68,9 +68,9 @@ - all: pppoecd - - install: all -- install -d $(INSTALLDIR)/usr/sbin -- install -m 755 pppoecd $(INSTALLDIR)/usr/sbin -- $(STRIP) $(INSTALLDIR)/usr/sbin/pppoecd -+ install -d $(INSTALLDIR)/sbin -+ install -m 755 pppoecd $(INSTALLDIR)/sbin -+ $(STRIP) $(INSTALLDIR)/sbin/pppoecd - - pppoecd: $(OBJS) - $(LD) -r -o .$@ $^ $(LIBCRYPT) diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/root/etc/ppp/ip-up b/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/root/etc/ppp/ip-up deleted file mode 100644 index da43294..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pppoecd/root/etc/ppp/ip-up +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh - -# set default route -/sbin/route add default gw $IPREMOTE - diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/CONTROL/conffiles deleted file mode 100644 index 7b134c1..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/ppp/pptp-client-options diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/CONTROL/control deleted file mode 100644 index a2f8662..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: pptp-client -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a Point-to-Point Tunneling Protocol (PPTP) client -Depends: ppp diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/root/etc/ppp/peers/pptp-client-sample b/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/root/etc/ppp/peers/pptp-client-sample deleted file mode 100644 index 9872791..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/root/etc/ppp/peers/pptp-client-sample +++ /dev/null @@ -1,5 +0,0 @@ -#pty "/usr/sbin/pptp HOST --nolaunchpppd" -#name USERNAME -#remotename PROVIDER -#require-mppe-128 -#file /etc/ppp/pptp-client-options diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/root/etc/ppp/pptp-client-options b/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/root/etc/ppp/pptp-client-options deleted file mode 100644 index 35cea63..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-client/root/etc/ppp/pptp-client-options +++ /dev/null @@ -1,7 +0,0 @@ -lock -defaultroute -noauth -nobsdcomp -nodeflate -noipdefault -asyncmap 0 diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/conffiles deleted file mode 100644 index 34a387b..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/conffiles +++ /dev/null @@ -1,2 +0,0 @@ -/etc/ppp/pptp-server-options -/etc/pptpd.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/control deleted file mode 100644 index 8cb012e..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: pptp-server -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a Point-to-Point Tunneling Protocol (PPTP) server -Depends: ppp diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/init.d/pptp-server b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/init.d/pptp-server deleted file mode 100644 index 3015c66..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/init.d/pptp-server +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/sh - -case $1 in - start) - insmod ppp_async >/dev/null 2>&1 - insmod ppp_mppe_mppc >/dev/null 2>&1 - [ -d /var/run ] || mkdir -p /var/run - /usr/sbin/pptpd - ;; - stop) - [ -f /var/run/pptpd.pid ] && kill $(cat /var/run/pptpd.pid) >/dev/null 2>&1 - ;; - *) - echo "usage: $0 (start|stop)" - exit 1 -esac - -exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/ppp/pptp-server-options b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/ppp/pptp-server-options deleted file mode 100644 index cca8027..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/ppp/pptp-server-options +++ /dev/null @@ -1,27 +0,0 @@ -#debug -#logfile /tmp/pptp-server.log -172.16.1.1: -auth -name "pptp-server" -lcp-echo-failure 3 -lcp-echo-interval 60 -default-asyncmap -mtu 1482 -mru 1482 -nobsdcomp -nodeflate -#noproxyarp -#nomppc -nomppe-40 -nomppe-56 -nomppe-stateful -require-mppe -require-mppe-128 -require-mschap-v2 -refuse-chap -refuse-mschap -refuse-eap -refuse-pap -#ms-dns 172.16.1.1 -#plugin radius.so -#radius-config-file /etc/radius.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/pptpd.conf b/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/pptpd.conf deleted file mode 100644 index e9ac115..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/pptp-server/root/etc/pptpd.conf +++ /dev/null @@ -1,5 +0,0 @@ -#debug -option /etc/ppp/pptp-server-options -speed 115200 -stimeout 10 -#localip & remoteip are not needed, ip management is done by pppd diff --git a/obsolete-buildroot/sources/openwrt/ipkg/radvd/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/radvd/CONTROL/control deleted file mode 100644 index 0c7066a..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/radvd/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: radvd -Architecture: mipsel -Version: 0.7.2-1 -Section: net -Priority: optional -Maintainer: twolife -Source: http://v6web.litech.org/radvd/ -Depends: kmod-ipv6 -Description: Routing Advertisement Daemon for IPv6 diff --git a/obsolete-buildroot/sources/openwrt/ipkg/radvd/CONTROL/postinst b/obsolete-buildroot/sources/openwrt/ipkg/radvd/CONTROL/postinst deleted file mode 100644 index d3274a2..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/radvd/CONTROL/postinst +++ /dev/null @@ -1,12 +0,0 @@ -#!/bin/sh - -# This code is from radvd package found on: -# http://openwrt.org/ipkg/ - -if [ ! -f /etc/radvd.conf ] ; then - echo - echo - echo See /etc/radvd.conf for configuration. - echo - cp /etc/radvd.conf.example /etc/radvd.conf -fi diff --git a/obsolete-buildroot/sources/openwrt/ipkg/radvd/radvd.conf.example b/obsolete-buildroot/sources/openwrt/ipkg/radvd/radvd.conf.example deleted file mode 100644 index dae402c..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/radvd/radvd.conf.example +++ /dev/null @@ -1,33 +0,0 @@ -# This conffile is from radvd package found on: -# http://openwrt.org/ipkg/ -# For more examples, see the radvd documentation. - -interface br0 -{ - AdvSendAdvert off; - -# -# These settings cause advertisements to be sent every 3-10 seconds. This -# range is good for 6to4 with a dynamic IPv4 address, but can be greatly -# increased when not using 6to4 prefixes. -# - - MinRtrAdvInterval 3; - MaxRtrAdvInterval 10; - -# -# Disable Mobile IPv6 support -# - AdvHomeAgentFlag off; - -# -# example of a standard prefix -# - prefix fec0:0:0:1::/64 - { - AdvOnLink on; - AdvAutonomous on; - AdvRouterAddr off; - }; - -}; diff --git a/obsolete-buildroot/sources/openwrt/ipkg/strace/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/strace/CONTROL/control deleted file mode 100644 index edbbc58..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/strace/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: strace -Architecture: mipsel -Version: 4.5.6-1 -Section: utils -Priority: optional -Maintainer: Sebastien NOEL <me@twolife.org> -Source: http://sourceforge.net/projects/strace/ -Depends: -Description: A system call tracer diff --git a/obsolete-buildroot/sources/openwrt/ipkg/tcpdump/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/tcpdump/CONTROL/control deleted file mode 100644 index ac349d4..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/tcpdump/CONTROL/control +++ /dev/null @@ -1,9 +0,0 @@ -Package: tcpdump -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a powerful network traffic monitoring tool -Depends: libpcap diff --git a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/CONTROL/conffiles b/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/CONTROL/conffiles deleted file mode 100644 index 45632cf..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/CONTROL/conffiles +++ /dev/null @@ -1 +0,0 @@ -/etc/vsftpd.conf diff --git a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/CONTROL/control b/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/CONTROL/control deleted file mode 100644 index 28b8ced..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/CONTROL/control +++ /dev/null @@ -1,8 +0,0 @@ -Package: vsftpd -Priority: optional -Section: net -Version: TBDL -Architecture: TBDL -Maintainer: Nico <nthill@free.fr> -Source: http://openwrt.org/cgi-bin/viewcvs.cgi/buildroot/ -Description: a fast and secure FTP server diff --git a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/root/etc/init.d/vsftpd b/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/root/etc/init.d/vsftpd deleted file mode 100644 index 0152e4e..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/root/etc/init.d/vsftpd +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/sh - -case $1 in - start) - [ -d /var/run/vsftpd ] || mkdir -p /var/run/vsftpd - /usr/sbin/vsftpd - ;; - stop) - pid=$(pidof vsftpd) - x=$$ # exclude our pid since we have the same name - pid=$(echo $pid | sed -e "s/$x//") - [ -n "$pid" ] && kill -TERM $pid - ;; - *) - echo "usage: $0 (start|stop)" - exit 1 -esac - -exit $? diff --git a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/root/etc/vsftpd.conf b/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/root/etc/vsftpd.conf deleted file mode 100644 index f3ba34f..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/vsftpd/root/etc/vsftpd.conf +++ /dev/null @@ -1,17 +0,0 @@ -background=YES -listen=YES -anonymous_enable=NO -local_enable=YES -write_enable=YES -local_umask=022 -check_shell=NO -#dirmessage_enable=YES -#ftpd_banner=Welcome to blah FTP service. -session_support=NO -#syslog_enable=YES -#userlist_enable=YES -#userlist_deny=NO -#userlist_file=/etc/vsftpd.users -#xferlog_enable=YES -#xferlog_file=/var/log/vsftpd.log -#xferlog_std_format=YES diff --git a/obsolete-buildroot/sources/openwrt/ipkg/zlib/control b/obsolete-buildroot/sources/openwrt/ipkg/zlib/control deleted file mode 100644 index 608176d..0000000 --- a/obsolete-buildroot/sources/openwrt/ipkg/zlib/control +++ /dev/null @@ -1,10 +0,0 @@ -Package: zlib -Priority: optional -Version: 1.1.4-1 -Architecture: mipsel -Maintainer: below0 -Section: libs -Source: Embedded in the main OpenWrt buildroot -Description: zlib is a library implementing the 'deflate' compression system used by many programs. - - diff --git a/obsolete-buildroot/sources/openwrt/kernel/compressed-20040531.tar.bz2 b/obsolete-buildroot/sources/openwrt/kernel/compressed-20040531.tar.bz2 Binary files differdeleted file mode 100644 index c8e06b8..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/compressed-20040531.tar.bz2 +++ /dev/null diff --git a/obsolete-buildroot/sources/openwrt/kernel/diag.c b/obsolete-buildroot/sources/openwrt/kernel/diag.c deleted file mode 100644 index 41cb17b..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/diag.c +++ /dev/null @@ -1,210 +0,0 @@ -// replacement diag module -// (c) 2004 openwrt -// mbm at alt dot org -// -// initial release 2004/03/28 -// -// 2004/08/26 asus & buffalo support added - -#include <linux/module.h> -#include <linux/init.h> -#include <linux/kernel.h> -#include <linux/sysctl.h> -#include <asm/io.h> -#include <typedefs.h> -#include <bcm4710.h> -#include <sbutils.h> - -extern char * nvram_get(const char *name); -static void *sbh; - -// v2.x - - - - - -#define DIAG_GPIO (1<<1) -#define DMZ_GPIO (1<<7) - -static void set_gpio(uint32 mask, uint32 value) { - sb_gpiocontrol(sbh,mask,0); - sb_gpioouten(sbh,mask,mask); - sb_gpioout(sbh,mask,value); -} - -static void v2_set_diag(u8 state) { - set_gpio(DIAG_GPIO,state); -} -static void v2_set_dmz(u8 state) { - set_gpio(DMZ_GPIO,state); -} - -// v1.x - - - - - -#define LED_DIAG 0x13 -#define LED_DMZ 0x12 - -static void v1_set_diag(u8 state) { - if (!state) { - *(volatile u8*)(KSEG1ADDR(BCM4710_EUART)+LED_DIAG)=0xFF; - } else { - *(volatile u8*)(KSEG1ADDR(BCM4710_EUART)+LED_DIAG); - } -} -static void v1_set_dmz(u8 state) { - if (!state) { - *(volatile u8*)(KSEG1ADDR(BCM4710_EUART)+LED_DMZ)=0xFF; - } else { - *(volatile u8*)(KSEG1ADDR(BCM4710_EUART)+LED_DMZ); - } -} - -// - - - - - -static void ignore(u8 ignored) {}; - -// - - - - - -#define BIT_DMZ 0x01 -#define BIT_DIAG 0x04 - -void (*set_diag)(u8 state); -void (*set_dmz)(u8 state); - -static unsigned int diag = 0; - -static void diag_change() -{ - //printk(KERN_INFO "led -> %02x\n",diag); - - set_diag(0xFF); // off - set_dmz(0xFF); // off - - if(diag & BIT_DIAG) - set_diag(0x00); // on - if(diag & BIT_DMZ) - set_dmz(0x00); // on -} - -static int proc_diag(ctl_table *table, int write, struct file *filp, - void *buffer, size_t *lenp) -{ - int r; - r = proc_dointvec(table, write, filp, buffer, lenp); - if (write && !r) { - diag_change(); - } - return r; -} - -// - - - - - -static unsigned char reset_gpio = 0; -static unsigned char reset_polarity = 0; -static unsigned int reset = 0; - -static int proc_reset(ctl_table *table, int write, struct file *filp, - void *buffer, size_t *lenp) -{ - - if (reset_gpio) { - sb_gpiocontrol(sbh,reset_gpio,reset_gpio); - sb_gpioouten(sbh,reset_gpio,0); - reset=!(sb_gpioin(sbh)&reset_gpio); - - if (reset_polarity) reset=!reset; - } else { - reset=0; - } - - return proc_dointvec(table, write, filp, buffer, lenp); -} - -// - - - - - -static struct ctl_table_header *diag_sysctl_header; - -static ctl_table sys_diag[] = { - { - ctl_name: 2000, - procname: "diag", - data: &diag, - maxlen: sizeof(diag), - mode: 0644, - proc_handler: proc_diag - }, - { - ctl_name: 2001, - procname: "reset", - data: &reset, - maxlen: sizeof(reset), - mode: 0444, - proc_handler: proc_reset - }, - { 0 } -}; - -static int __init diag_init() -{ - char *buf; - u32 board_type; - sbh = sb_kattach(); - sb_gpiosetcore(sbh); - - board_type = sb_boardtype(sbh); - printk(KERN_INFO "diag boardtype: %08x\n",board_type); - - set_diag=ignore; - set_dmz=ignore; - - if ((board_type & 0xf00) == 0x400) { - board_type=1; - buf=nvram_get("boardtype")?:""; - if (!strcmp(buf,"bcm94710dev")) { - buf=nvram_get("boardnum")?:""; - if (!strcmp(buf,"42")) { - // wrt54g v1.x - set_diag=v1_set_diag; - set_dmz=v1_set_dmz; - reset_gpio=(1<<6); - reset_polarity=0; - } else if (!strcmp(buf,"asusX")) { - //asus wl-500g - //no leds - reset_gpio=(1<<6); - reset_polarity=1; - } - } else if (!strcmp(buf,"bcm94710ap")) { - buf=nvram_get("boardnum")?:""; - if (!strcmp(buf,"42")) { - // buffalo - set_dmz=v2_set_dmz; - reset_gpio=(1<<4); - reset_polarity=1; - } else if (!strcmp(buf,"44")) { - //dell truemobile - set_dmz=v2_set_dmz; - reset_gpio=(1<<0); - reset_polarity=0; - } - } - } else { - board_type=2; - set_diag=v2_set_diag; - set_dmz=v2_set_dmz; - reset_gpio=(1<<6); - reset_polarity=0; - buf=nvram_get("boardnum")?:""; - if (!strcmp(buf,"44")) { - set_diag=ignore; - set_dmz=ignore; - reset_gpio=(1<<5); - reset_polarity=0; - } - } - printk(KERN_INFO "using v%d hardware\n",board_type); - - diag_sysctl_header = register_sysctl_table(sys_diag, 0); - diag_change(); - - return 0; -} - -static void __exit diag_exit() -{ - unregister_sysctl_table(diag_sysctl_header); -} - -module_init(diag_init); -module_exit(diag_exit); diff --git a/obsolete-buildroot/sources/openwrt/kernel/linux.config b/obsolete-buildroot/sources/openwrt/kernel/linux.config deleted file mode 100644 index 60424ce..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/linux.config +++ /dev/null @@ -1,853 +0,0 @@ -# -# Automatically generated by make menuconfig: don't edit -# -CONFIG_MIPS=y -CONFIG_MIPS32=y -# CONFIG_MIPS64 is not set - -# -# Code maturity level options -# -CONFIG_EXPERIMENTAL=y - -# -# Loadable module support -# -CONFIG_MODULES=y -# CONFIG_MODVERSIONS is not set -# CONFIG_KMOD is not set - -# -# Machine selection -# -# CONFIG_ACER_PICA_61 is not set -# CONFIG_MIPS_DB1000 is not set -# CONFIG_MIPS_DB1100 is not set -# CONFIG_MIPS_DB1500 is not set -# CONFIG_MIPS_PB1000 is not set -# CONFIG_MIPS_PB1100 is not set -# CONFIG_MIPS_PB1500 is not set -# CONFIG_BAGET_MIPS is not set -# CONFIG_CASIO_E55 is not set -# CONFIG_MIPS_COBALT is not set -# CONFIG_DECSTATION is not set -# CONFIG_MIPS_EV64120 is not set -# CONFIG_MIPS_EV96100 is not set -# CONFIG_MIPS_IVR is not set -# CONFIG_HP_LASERJET is not set -# CONFIG_IBM_WORKPAD is not set -# CONFIG_LASAT is not set -# CONFIG_MIPS_ITE8172 is not set -# CONFIG_MIPS_ATLAS is not set -# CONFIG_MIPS_MAGNUM_4000 is not set -# CONFIG_MIPS_MALTA is not set -# CONFIG_MIPS_SEAD is not set -# CONFIG_MOMENCO_OCELOT is not set -# CONFIG_MOMENCO_OCELOT_G is not set -# CONFIG_DDB5074 is not set -# CONFIG_DDB5476 is not set -# CONFIG_DDB5477 is not set -# CONFIG_NEC_OSPREY is not set -# CONFIG_NEC_EAGLE is not set -# CONFIG_OLIVETTI_M700 is not set -# CONFIG_NINO is not set -# CONFIG_SGI_IP22 is not set -# CONFIG_SGI_IP27 is not set -# CONFIG_SGI_IP32 is not set -# CONFIG_SIBYTE_SB1xxx_SOC is not set -CONFIG_MIPS_BRCM=y -CONFIG_BCM947XX=y -CONFIG_BCM4710=y -CONFIG_BCM4310=y -CONFIG_BCM4704=y -# CONFIG_BCM5365 is not set -# CONFIG_SNI_RM200_PCI is not set -# CONFIG_TOSHIBA_JMR3927 is not set -# CONFIG_VICTOR_MPC30X is not set -# CONFIG_ZAO_CAPCELLA is not set -# CONFIG_HIGHMEM is not set -CONFIG_RWSEM_GENERIC_SPINLOCK=y -# CONFIG_RWSEM_XCHGADD_ALGORITHM is not set -CONFIG_CMDLINE="root=/dev/mtdblock2 rootfstype=squashfs init=/etc/preinit noinitrd console=ttyS0,115200" -CONFIG_PCI=y -CONFIG_NONCOHERENT_IO=y -CONFIG_NEW_TIME_C=y -CONFIG_NEW_IRQ=y -CONFIG_HND=y -# CONFIG_MIPS_AU1000 is not set - -# -# CPU selection -# -CONFIG_CPU_MIPS32=y -# CONFIG_CPU_MIPS64 is not set -# CONFIG_CPU_R3000 is not set -# CONFIG_CPU_TX39XX is not set -# CONFIG_CPU_VR41XX is not set -# CONFIG_CPU_R4300 is not set -# CONFIG_CPU_R4X00 is not set -# CONFIG_CPU_TX49XX is not set -# CONFIG_CPU_R5000 is not set -# CONFIG_CPU_R5432 is not set -# CONFIG_CPU_R6000 is not set -# CONFIG_CPU_NEVADA is not set -# CONFIG_CPU_R8000 is not set -# CONFIG_CPU_R10000 is not set -# CONFIG_CPU_RM7000 is not set -# CONFIG_CPU_SB1 is not set -CONFIG_CPU_HAS_PREFETCH=y -# CONFIG_VTAG_ICACHE is not set -# CONFIG_64BIT_PHYS_ADDR is not set -# CONFIG_CPU_ADVANCED is not set -CONFIG_CPU_HAS_LLSC=y -# CONFIG_CPU_HAS_LLDSCD is not set -# CONFIG_CPU_HAS_WB is not set -CONFIG_CPU_HAS_SYNC=y - -# -# General setup -# -CONFIG_CPU_LITTLE_ENDIAN=y -CONFIG_NET=y -# CONFIG_PCI_NAMES is not set -# CONFIG_ISA is not set -# CONFIG_EISA is not set -# CONFIG_TC is not set -# CONFIG_MCA is not set -# CONFIG_SBUS is not set -CONFIG_HOTPLUG=y - -# -# PCMCIA/CardBus support -# -# CONFIG_PCMCIA is not set - -# -# PCI Hotplug Support -# -# CONFIG_HOTPLUG_PCI is not set -# CONFIG_HOTPLUG_PCI_COMPAQ is not set -# CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM is not set -# CONFIG_HOTPLUG_PCI_ACPI is not set -CONFIG_SYSVIPC=y -# CONFIG_BSD_PROCESS_ACCT is not set -CONFIG_SYSCTL=y -# CONFIG_PRINT_SYSCALLS is not set -CONFIG_KCORE_ELF=y -# CONFIG_KCORE_AOUT is not set -# CONFIG_BINFMT_AOUT is not set -CONFIG_BINFMT_ELF=y -# CONFIG_MIPS32_COMPAT is not set -# CONFIG_MIPS32_O32 is not set -# CONFIG_MIPS32_N32 is not set -# CONFIG_BINFMT_ELF32 is not set -# CONFIG_BINFMT_MISC is not set -# CONFIG_PM is not set - -# -# Memory Technology Devices (MTD) -# -CONFIG_MTD=y -# CONFIG_MTD_DEBUG is not set -CONFIG_MTD_PARTITIONS=y -# CONFIG_MTD_CONCAT is not set -# CONFIG_MTD_REDBOOT_PARTS is not set -CONFIG_MTD_CHAR=y -# CONFIG_MTD_BLOCK is not set -CONFIG_MTD_BLOCK_RO=y -# CONFIG_FTL is not set -# CONFIG_NFTL is not set - -# -# RAM/ROM/Flash chip drivers -# -CONFIG_MTD_CFI=y -# CONFIG_MTD_JEDECPROBE is not set -CONFIG_MTD_GEN_PROBE=y -CONFIG_MTD_CFI_ADV_OPTIONS=y -CONFIG_MTD_CFI_NOSWAP=y -# CONFIG_MTD_CFI_BE_BYTE_SWAP is not set -# CONFIG_MTD_CFI_LE_BYTE_SWAP is not set -CONFIG_MTD_CFI_GEOMETRY=y -# CONFIG_MTD_CFI_B1 is not set -CONFIG_MTD_CFI_B2=y -# CONFIG_MTD_CFI_B4 is not set -CONFIG_MTD_CFI_I1=y -# CONFIG_MTD_CFI_I2 is not set -# CONFIG_MTD_CFI_I4 is not set -CONFIG_MTD_CFI_INTELEXT=y -CONFIG_MTD_CFI_AMDSTD=y -CONFIG_MTD_CFI_SSTSTD=y -# CONFIG_MTD_RAM is not set -# CONFIG_MTD_ROM is not set -# CONFIG_MTD_ABSENT is not set -# CONFIG_MTD_OBSOLETE_CHIPS is not set -# CONFIG_MTD_AMDSTD is not set -# CONFIG_MTD_SHARP is not set -# CONFIG_MTD_JEDEC is not set - -# -# Mapping drivers for chip access -# -# CONFIG_MTD_PHYSMAP is not set -CONFIG_MTD_BCM947XX=y -# CONFIG_MTD_PB1000 is not set -# CONFIG_MTD_PB1500 is not set -# CONFIG_MTD_PB1100 is not set -# CONFIG_MTD_CSTM_MIPS_IXX is not set -# CONFIG_MTD_OCELOT is not set -# CONFIG_MTD_LASAT is not set -# CONFIG_MTD_PCI is not set - -# -# Self-contained MTD device drivers -# -CONFIG_MTD_SFLASH=y -# CONFIG_MTD_PMC551 is not set -# CONFIG_MTD_SLRAM is not set -# CONFIG_MTD_MTDRAM is not set -# CONFIG_MTD_BLKMTD is not set -# CONFIG_MTD_DOC1000 is not set -# CONFIG_MTD_DOC2000 is not set -# CONFIG_MTD_DOC2001 is not set -# CONFIG_MTD_DOCPROBE is not set - -# -# NAND Flash Device Drivers -# -# CONFIG_MTD_NAND is not set - -# -# Parallel port support -# -# CONFIG_PARPORT is not set - -# -# Plug and Play configuration -# -# CONFIG_PNP is not set -# CONFIG_ISAPNP is not set - -# -# Block devices -# -# CONFIG_BLK_DEV_MSYS is not set -# CONFIG_NOROOT is not set -# CONFIG_BLK_DEV_FD is not set -# CONFIG_BLK_DEV_XD is not set -# CONFIG_PARIDE is not set -# CONFIG_BLK_CPQ_DA is not set -# CONFIG_BLK_CPQ_CISS_DA is not set -# CONFIG_CISS_SCSI_TAPE is not set -# CONFIG_BLK_DEV_DAC960 is not set -# CONFIG_BLK_DEV_UMEM is not set -CONFIG_BLK_DEV_LOOP=y -CONFIG_BLK_DEV_NBD=m -# CONFIG_BLK_DEV_RAM is not set -# CONFIG_BLK_DEV_INITRD is not set -# CONFIG_BLK_STATS is not set - -# -# Multi-device support (RAID and LVM) -# -# CONFIG_MD is not set -# CONFIG_BLK_DEV_MD is not set -# CONFIG_MD_LINEAR is not set -# CONFIG_MD_RAID0 is not set -# CONFIG_MD_RAID1 is not set -# CONFIG_MD_RAID5 is not set -# CONFIG_MD_MULTIPATH is not set -# CONFIG_BLK_DEV_LVM is not set - -# -# Networking options -# -CONFIG_PACKET=y -CONFIG_PACKET_MMAP=y -CONFIG_NETLINK_DEV=m -CONFIG_NETFILTER=y -# CONFIG_NETFILTER_DEBUG is not set -# CONFIG_FILTER is not set -CONFIG_UNIX=y -CONFIG_NETSWAP=y -CONFIG_INET=y -# CONFIG_IP_MULTICAST is not set -CONFIG_IP_ADVANCED_ROUTER=y -CONFIG_IP_MULTIPLE_TABLES=y -CONFIG_IP_ROUTE_FWMARK=y -CONFIG_IP_ROUTE_NAT=y -CONFIG_IP_ROUTE_MULTIPATH=y -CONFIG_IP_ROUTE_TOS=y -# CONFIG_IP_ROUTE_VERBOSE is not set -# CONFIG_IP_ROUTE_LARGE_TABLES is not set -# CONFIG_IP_PNP is not set -CONFIG_NET_IPIP=m -CONFIG_NET_IPGRE=m -# CONFIG_ARPD is not set -# CONFIG_INET_ECN is not set -# CONFIG_SYN_COOKIES is not set - -# -# IP: Netfilter Configuration -# -CONFIG_IP_NF_CONNTRACK=y -CONFIG_IP_NF_FTP=y -CONFIG_IP_NF_H323=y -CONFIG_IP_NF_CONNTRACK_MARK=y -# CONFIG_IP_NF_AMANDA is not set -CONFIG_IP_NF_TFTP=y -CONFIG_IP_NF_IRC=y -CONFIG_IP_NF_CT_PROTO_GRE=y -CONFIG_IP_NF_PPTP=y -CONFIG_IP_NF_MMS=y -CONFIG_IP_NF_QUEUE=m -CONFIG_IP_NF_IPTABLES=y -CONFIG_IP_NF_MATCH_LIMIT=m -CONFIG_IP_NF_SET=m -CONFIG_IP_NF_SET_MAX=256 -CONFIG_IP_NF_SET_IPMAP=m -CONFIG_IP_NF_SET_PORTMAP=m -CONFIG_IP_NF_SET_MACIPMAP=m -CONFIG_IP_NF_SET_IPHASH=m -CONFIG_IP_NF_MATCH_QUOTA=m -CONFIG_IP_NF_POOL=m -CONFIG_IP_POOL_STATISTICS=y -CONFIG_IP_NF_MATCH_IPRANGE=m -CONFIG_IP_NF_MATCH_DSTLIMIT=m -CONFIG_IP_NF_MATCH_MAC=m -CONFIG_IP_NF_MATCH_PKTTYPE=m -CONFIG_IP_NF_MATCH_MARK=y -CONFIG_IP_NF_MATCH_MULTIPORT=y -CONFIG_IP_NF_MATCH_TOS=m -CONFIG_IP_NF_MATCH_CONDITION=m -# CONFIG_IP_NF_MATCH_RANDOM is not set -CONFIG_IP_NF_MATCH_PSD=m -# CONFIG_IP_NF_MATCH_OSF is not set -# CONFIG_IP_NF_MATCH_NTH is not set -CONFIG_IP_NF_MATCH_IPV4OPTIONS=m -# CONFIG_IP_NF_MATCH_FUZZY is not set -CONFIG_IP_NF_MATCH_RECENT=m -CONFIG_IP_NF_MATCH_ECN=m -CONFIG_IP_NF_MATCH_DSCP=m -CONFIG_IP_NF_MATCH_AH_ESP=m -CONFIG_IP_NF_MATCH_LENGTH=m -# CONFIG_IP_NF_MATCH_U32 is not set -CONFIG_IP_NF_MATCH_TTL=m -CONFIG_IP_NF_MATCH_TCPMSS=y -# CONFIG_IP_NF_MATCH_REALM is not set -CONFIG_IP_NF_MATCH_HELPER=m -CONFIG_IP_NF_MATCH_STATE=y -CONFIG_IP_NF_MATCH_CONNMARK=m -CONFIG_IP_NF_MATCH_CONNLIMIT=m -CONFIG_IP_NF_MATCH_CONNTRACK=m -CONFIG_IP_NF_MATCH_UNCLEAN=m -CONFIG_IP_NF_MATCH_STRING=m -# CONFIG_IP_NF_MATCH_OWNER is not set -CONFIG_IP_NF_MATCH_PHYSDEV=m -CONFIG_IP_NF_FILTER=y -CONFIG_IP_NF_TARGET_REJECT=y -CONFIG_IP_NF_TARGET_NETLINK=m -CONFIG_IP_NF_TARGET_IPV4OPTSSTRIP=m -CONFIG_IP_NF_TARGET_MIRROR=m -CONFIG_IP_NF_NAT=y -CONFIG_IP_NF_NAT_NEEDED=y -CONFIG_IP_NF_TARGET_MASQUERADE=y -CONFIG_IP_NF_TARGET_REDIRECT=y -CONFIG_IP_NF_NAT_H323=y -# CONFIG_IP_NF_TARGET_SAME is not set -# CONFIG_IP_NF_TARGET_NETMAP is not set -CONFIG_IP_NF_NAT_PPTP=y -CONFIG_IP_NF_NAT_PROTO_GRE=y -# CONFIG_IP_NF_NAT_LOCAL is not set -CONFIG_IP_NF_NAT_SNMP_BASIC=m -CONFIG_IP_NF_NAT_IRC=y -CONFIG_IP_NF_NAT_MMS=y -CONFIG_IP_NF_NAT_FTP=y -CONFIG_IP_NF_NAT_TFTP=y -CONFIG_IP_NF_MANGLE=y -CONFIG_IP_NF_TARGET_TOS=m -CONFIG_IP_NF_TARGET_ECN=m -CONFIG_IP_NF_TARGET_DSCP=m -CONFIG_IP_NF_TARGET_MARK=y -CONFIG_IP_NF_TARGET_IPMARK=m -CONFIG_IP_NF_TARGET_CLASSIFY=m -CONFIG_IP_NF_TARGET_LOG=y -CONFIG_IP_NF_TARGET_CONNMARK=m -CONFIG_IP_NF_TARGET_TTL=m -CONFIG_IP_NF_TARGET_ULOG=m -CONFIG_IP_NF_TARGET_TCPMSS=y -# CONFIG_IP_NF_RAW is not set -CONFIG_IP_NF_ARPTABLES=m -CONFIG_IP_NF_ARPFILTER=m -CONFIG_IP_NF_ARP_MANGLE=m -CONFIG_IPV6=m - -# -# IPv6: Netfilter Configuration -# -CONFIG_IP6_NF_QUEUE=m -CONFIG_IP6_NF_IPTABLES=m -CONFIG_IP6_NF_MATCH_LIMIT=m -CONFIG_IP6_NF_MATCH_MAC=m -# CONFIG_IP6_NF_MATCH_RANDOM is not set -# CONFIG_IP6_NF_MATCH_NTH is not set -# CONFIG_IP6_NF_MATCH_FUZZY is not set -# CONFIG_IP6_NF_MATCH_RT is not set -# CONFIG_IP6_NF_MATCH_OPTS is not set -# CONFIG_IP6_NF_MATCH_FRAG is not set -# CONFIG_IP6_NF_MATCH_HL is not set -CONFIG_IP6_NF_MATCH_MULTIPORT=m -CONFIG_IP6_NF_MATCH_OWNER=m -CONFIG_IP6_NF_MATCH_MARK=m -# CONFIG_IP6_NF_MATCH_IPV6HEADER is not set -# CONFIG_IP6_NF_MATCH_AHESP is not set -CONFIG_IP6_NF_MATCH_LENGTH=m -CONFIG_IP6_NF_MATCH_EUI64=m -CONFIG_IP6_NF_FILTER=m -CONFIG_IP6_NF_TARGET_REJECT=m -# CONFIG_IP6_NF_TARGET_HL is not set -CONFIG_IP6_NF_TARGET_LOG=m -CONFIG_IP6_NF_MANGLE=m -CONFIG_IP6_NF_TARGET_MARK=m -# CONFIG_KHTTPD is not set -# CONFIG_ATM is not set -CONFIG_VLAN_8021Q=y -# CONFIG_IPX is not set -# CONFIG_ATALK is not set - -# -# Appletalk devices -# -# CONFIG_DEV_APPLETALK is not set -# CONFIG_DECNET is not set -CONFIG_BRIDGE=y -CONFIG_BRIDGE_NF_EBTABLES=m -CONFIG_BRIDGE_EBT_T_FILTER=m -CONFIG_BRIDGE_EBT_T_NAT=m -CONFIG_BRIDGE_EBT_BROUTE=m -CONFIG_BRIDGE_EBT_LOG=m -CONFIG_BRIDGE_EBT_IPF=m -CONFIG_BRIDGE_EBT_ARPF=m -CONFIG_BRIDGE_EBT_AMONG=m -CONFIG_BRIDGE_EBT_LIMIT=m -CONFIG_BRIDGE_EBT_VLANF=m -CONFIG_BRIDGE_EBT_802_3=m -CONFIG_BRIDGE_EBT_PKTTYPE=m -CONFIG_BRIDGE_EBT_STP=m -CONFIG_BRIDGE_EBT_MARKF=m -CONFIG_BRIDGE_EBT_ARPREPLY=m -CONFIG_BRIDGE_EBT_SNAT=m -CONFIG_BRIDGE_EBT_DNAT=m -CONFIG_BRIDGE_EBT_REDIRECT=m -CONFIG_BRIDGE_EBT_MARK_T=m -# CONFIG_X25 is not set -# CONFIG_LAPB is not set -# CONFIG_LLC is not set -# CONFIG_NET_DIVERT is not set -# CONFIG_ECONET is not set -CONFIG_WAN_ROUTER=m -# CONFIG_NET_FASTROUTE is not set -# CONFIG_NET_HW_FLOWCONTROL is not set - -# -# QoS and/or fair queueing -# -CONFIG_NET_SCHED=y -CONFIG_NET_SCH_CBQ=m -CONFIG_NET_SCH_HTB=m -CONFIG_NET_SCH_CSZ=m -CONFIG_NET_SCH_PRIO=m -CONFIG_NET_SCH_RED=m -CONFIG_NET_SCH_SFQ=m -CONFIG_NET_SCH_TEQL=m -CONFIG_NET_SCH_TBF=m -CONFIG_NET_SCH_GRED=m -CONFIG_NET_SCH_DSMARK=m -CONFIG_NET_SCH_INGRESS=m -CONFIG_NET_QOS=y -CONFIG_NET_ESTIMATOR=y -CONFIG_NET_CLS=y -CONFIG_NET_CLS_TCINDEX=m -CONFIG_NET_CLS_ROUTE4=m -CONFIG_NET_CLS_ROUTE=y -CONFIG_NET_CLS_FW=m -CONFIG_NET_CLS_U32=m -CONFIG_NET_CLS_RSVP=m -CONFIG_NET_CLS_RSVP6=m -CONFIG_NET_CLS_POLICE=y - -# -# Network testing -# -# CONFIG_NET_PKTGEN is not set - -# -# Telephony Support -# -# CONFIG_PHONE is not set -# CONFIG_PHONE_IXJ is not set -# CONFIG_PHONE_IXJ_PCMCIA is not set - -# -# ATA/IDE/MFM/RLL support -# -# CONFIG_IDE is not set -# CONFIG_BLK_DEV_IDE_MODES is not set -# CONFIG_BLK_DEV_HD is not set - -# -# SCSI support -# -# CONFIG_SCSI is not set - -# -# I2O device support -# -# CONFIG_I2O is not set -# CONFIG_I2O_PCI is not set -# CONFIG_I2O_BLOCK is not set -# CONFIG_I2O_LAN is not set -# CONFIG_I2O_SCSI is not set -# CONFIG_I2O_PROC is not set - -# -# Network device support -# -CONFIG_NETDEVICES=y - -# -# Broadcom HND network devices -# -CONFIG_HND=y -# CONFIG_IL is not set -CONFIG_ET=m -# CONFIG_ET_4413 is not set -CONFIG_ET_47XX=y -CONFIG_WL=m -CONFIG_WL_AP=y -CONFIG_WL_STA=y - -# -# ARCnet devices -# -# CONFIG_ARCNET is not set -# CONFIG_DUMMY is not set -# CONFIG_BONDING is not set -# CONFIG_EQUALIZER is not set -CONFIG_TUN=m -# CONFIG_ETHERTAP is not set - -# -# Ethernet (10 or 100Mbit) -# -CONFIG_NET_ETHERNET=y -# CONFIG_SUNLANCE is not set -# CONFIG_HAPPYMEAL is not set -# CONFIG_SUNBMAC is not set -# CONFIG_SUNQE is not set -# CONFIG_SUNGEM is not set -# CONFIG_NET_VENDOR_3COM is not set -# CONFIG_LANCE is not set -# CONFIG_NET_VENDOR_SMC is not set -# CONFIG_NET_VENDOR_RACAL is not set -# CONFIG_HP100 is not set -# CONFIG_NET_ISA is not set -# CONFIG_NET_PCI is not set -# CONFIG_NET_POCKET is not set - -# -# Ethernet (1000 Mbit) -# -# CONFIG_ACENIC is not set -# CONFIG_DL2K is not set -# CONFIG_E1000 is not set -# CONFIG_MYRI_SBUS is not set -# CONFIG_NS83820 is not set -# CONFIG_HAMACHI is not set -# CONFIG_YELLOWFIN is not set -# CONFIG_SK98LIN is not set -# CONFIG_TIGON3 is not set -# CONFIG_FDDI is not set -# CONFIG_HIPPI is not set -# CONFIG_PLIP is not set -CONFIG_PPP=y -# CONFIG_PPP_MULTILINK is not set -# CONFIG_PPP_FILTER is not set -CONFIG_PPP_ASYNC=m -# CONFIG_PPP_SYNC_TTY is not set -CONFIG_PPP_DEFLATE=m -CONFIG_PPP_BSDCOMP=m -CONFIG_PPP_MPPE=m -CONFIG_PPPOE=m -# CONFIG_SLIP is not set - -# -# Wireless LAN (non-hamradio) -# -CONFIG_NET_RADIO=y -# CONFIG_STRIP is not set -# CONFIG_WAVELAN is not set -# CONFIG_ARLAN is not set -# CONFIG_AIRONET4500 is not set -# CONFIG_AIRONET4500_NONCS is not set -# CONFIG_AIRONET4500_PROC is not set -# CONFIG_AIRO is not set -# CONFIG_HERMES is not set -# CONFIG_PLX_HERMES is not set -# CONFIG_PCI_HERMES is not set -CONFIG_NET_WIRELESS=y - -# -# Token Ring devices -# -# CONFIG_TR is not set -# CONFIG_NET_FC is not set -# CONFIG_RCPCI is not set -CONFIG_SHAPER=m - -# -# Wan interfaces -# -# CONFIG_WAN is not set - -# -# Amateur Radio support -# -# CONFIG_HAMRADIO is not set - -# -# IrDA (infrared) support -# -# CONFIG_IRDA is not set - -# -# ISDN subsystem -# -# CONFIG_ISDN is not set - -# -# Input core support -# -# CONFIG_INPUT is not set -# CONFIG_INPUT_KEYBDEV is not set -# CONFIG_INPUT_MOUSEDEV is not set -# CONFIG_INPUT_JOYDEV is not set -# CONFIG_INPUT_EVDEV is not set - -# -# Character devices -# -# CONFIG_VT is not set -CONFIG_SERIAL=y -CONFIG_SERIAL_CONSOLE=y -# CONFIG_SERIAL_EXTENDED is not set -# CONFIG_SERIAL_NONSTANDARD is not set -CONFIG_UNIX98_PTYS=y -CONFIG_UNIX98_PTY_COUNT=128 - -# -# I2C support -# -# CONFIG_I2C is not set - -# -# Mice -# -# CONFIG_BUSMOUSE is not set -# CONFIG_MOUSE is not set - -# -# Joysticks -# -# CONFIG_INPUT_GAMEPORT is not set -# CONFIG_QIC02_TAPE is not set - -# -# Watchdog Cards -# -CONFIG_WATCHDOG=y -CONFIG_WATCHDOG_NOWAYOUT=y -# CONFIG_ACQUIRE_WDT is not set -# CONFIG_ADVANTECH_WDT is not set -# CONFIG_ALIM7101_WDT is not set -# CONFIG_SC520_WDT is not set -# CONFIG_PCWATCHDOG is not set -# CONFIG_EUROTECH_WDT is not set -# CONFIG_IB700_WDT is not set -# CONFIG_WAFER_WDT is not set -# CONFIG_I810_TCO is not set -# CONFIG_MIXCOMWD is not set -# CONFIG_60XX_WDT is not set -# CONFIG_SC1200_WDT is not set -CONFIG_SOFT_WATCHDOG=y -# CONFIG_W83877F_WDT is not set -# CONFIG_WDT is not set -# CONFIG_WDTPCI is not set -# CONFIG_MACHZ_WDT is not set -# CONFIG_INDYDOG is not set -# CONFIG_AMD7XX_TCO is not set -# CONFIG_AMD_PM768 is not set -# CONFIG_NVRAM is not set -# CONFIG_RTC is not set -# CONFIG_DTLK is not set -# CONFIG_R3964 is not set -# CONFIG_APPLICOM is not set - -# -# Ftape, the floppy tape device driver -# -# CONFIG_FTAPE is not set -# CONFIG_AGP is not set -# CONFIG_DRM is not set - -# -# File systems -# -CONFIG_BLKDEV_SWAP=m -# CONFIG_QUOTA is not set -# CONFIG_AUTOFS_FS is not set -# CONFIG_AUTOFS4_FS is not set -# CONFIG_REISERFS_FS is not set -# CONFIG_REISERFS_CHECK is not set -# CONFIG_REISERFS_PROC_INFO is not set -# CONFIG_ADFS_FS is not set -# CONFIG_ADFS_FS_RW is not set -# CONFIG_AFFS_FS is not set -# CONFIG_HFS_FS is not set -# CONFIG_BEFS_FS is not set -# CONFIG_BEFS_DEBUG is not set -# CONFIG_BFS_FS is not set -# CONFIG_EXT3_FS is not set -# CONFIG_JBD is not set -# CONFIG_JBD_DEBUG is not set -# CONFIG_FAT_FS is not set -# CONFIG_MSDOS_FS is not set -# CONFIG_UMSDOS_FS is not set -# CONFIG_VFAT_FS is not set -# CONFIG_EFS_FS is not set -# CONFIG_JFFS_FS is not set -CONFIG_JFFS2_FS=y -CONFIG_JFFS2_FS_DEBUG=0 -# CONFIG_JFFS2_BBC_ARMLIB is not set -CONFIG_JFFS2_BBC_LZO=y -CONFIG_JFFS2_BBC_LZARI=y -CONFIG_JFFS2_BBC_LZHD=y -CONFIG_JFFS2_BBC_LZSS=y -# CONFIG_CRAMFS is not set -CONFIG_SQUASHFS=y -# CONFIG_TMPFS is not set -CONFIG_RAMFS=y -# CONFIG_ISO9660_FS is not set -# CONFIG_JOLIET is not set -# CONFIG_ZISOFS is not set -# CONFIG_JFS_FS is not set -# CONFIG_JFS_DEBUG is not set -# CONFIG_JFS_STATISTICS is not set -# CONFIG_MINIX_FS is not set -# CONFIG_VXFS_FS is not set -# CONFIG_NTFS_FS is not set -# CONFIG_NTFS_RW is not set -# CONFIG_HPFS_FS is not set -CONFIG_PROC_FS=y -CONFIG_DEVFS_FS=y -CONFIG_DEVFS_MOUNT=y -# CONFIG_DEVFS_DEBUG is not set -# CONFIG_DEVPTS_FS is not set -# CONFIG_QNX4FS_FS is not set -# CONFIG_QNX4FS_RW is not set -# CONFIG_ROMFS_FS is not set -# CONFIG_EXT2_FS is not set -# CONFIG_SYSV_FS is not set -# CONFIG_UDF_FS is not set -# CONFIG_UDF_RW is not set -# CONFIG_UFS_FS is not set -# CONFIG_UFS_FS_WRITE is not set - -# -# Network File Systems -# -# CONFIG_CODA_FS is not set -# CONFIG_INTERMEZZO_FS is not set -CONFIG_NFS_FS=m -CONFIG_NFS_V3=y -# CONFIG_ROOT_NFS is not set -CONFIG_SWAP_VIA_NFS=m -CONFIG_NETSWAP=y -# CONFIG_NFSD is not set -# CONFIG_NFSD_V3 is not set -# CONFIG_NFSD_TCP is not set -CONFIG_SUNRPC=m -CONFIG_LOCKD=m -CONFIG_LOCKD_V4=y -# CONFIG_SMB_FS is not set -# CONFIG_NCP_FS is not set -# CONFIG_NCPFS_PACKET_SIGNING is not set -# CONFIG_NCPFS_IOCTL_LOCKING is not set -# CONFIG_NCPFS_STRONG is not set -# CONFIG_NCPFS_NFS_NS is not set -# CONFIG_NCPFS_OS2_NS is not set -# CONFIG_NCPFS_SMALLDOS is not set -# CONFIG_NCPFS_NLS is not set -# CONFIG_NCPFS_EXTRAS is not set -# CONFIG_ZISOFS_FS is not set - -# -# Partition Types -# -CONFIG_PARTITION_ADVANCED=y -# CONFIG_ACORN_PARTITION is not set -# CONFIG_OSF_PARTITION is not set -# CONFIG_AMIGA_PARTITION is not set -# CONFIG_ATARI_PARTITION is not set -# CONFIG_MAC_PARTITION is not set -# CONFIG_MSDOS_PARTITION is not set -# CONFIG_LDM_PARTITION is not set -# CONFIG_SGI_PARTITION is not set -# CONFIG_ULTRIX_PARTITION is not set -# CONFIG_SUN_PARTITION is not set -# CONFIG_EFI_PARTITION is not set -# CONFIG_SMB_NLS is not set -# CONFIG_NLS is not set - -# -# Multimedia devices -# -# CONFIG_VIDEO_DEV is not set - -# -# Sound -# -# CONFIG_SOUND is not set - -# -# USB support -# -# CONFIG_USB is not set - -# -# Support for USB gadgets -# -# CONFIG_USB_GADGET is not set - -# -# Bluetooth support -# -# CONFIG_BLUEZ is not set - -# -# Kernel hacking -# -CONFIG_CROSSCOMPILE=y -# CONFIG_KERNPROF is not set -# CONFIG_MCOUNT is not set -# CONFIG_DEBUG is not set -CONFIG_MAGIC_SYSRQ=y -# CONFIG_MIPS_UNCACHED is not set -# CONFIG_KTRACE is not set -# CONFIG_HWSIM is not set - -# -# Library routines -# -CONFIG_ZLIB_INFLATE=y -CONFIG_ZLIB_DEFLATE=y diff --git a/obsolete-buildroot/sources/openwrt/kernel/netfilter/patches/100-revert_netfilter.patch b/obsolete-buildroot/sources/openwrt/kernel/netfilter/patches/100-revert_netfilter.patch deleted file mode 100644 index 611261f..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/netfilter/patches/100-revert_netfilter.patch +++ /dev/null @@ -1,5834 +0,0 @@ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack.h 2003-08-12 07:43:11.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack.h 2004-05-09 04:13:03.000000000 -0400 -@@ -45,39 +45,27 @@ - - #include <linux/netfilter_ipv4/ip_conntrack_tcp.h> - #include <linux/netfilter_ipv4/ip_conntrack_icmp.h> --#include <linux/netfilter_ipv4/ip_conntrack_proto_gre.h> - - /* per conntrack: protocol private data */ - union ip_conntrack_proto { - /* insert conntrack proto private data here */ -- struct ip_ct_gre gre; - struct ip_ct_tcp tcp; - struct ip_ct_icmp icmp; - }; - - union ip_conntrack_expect_proto { - /* insert expect proto private data here */ -- struct ip_ct_gre_expect gre; - }; - - /* Add protocol helper include file here */ --#include <linux/netfilter_ipv4/ip_conntrack_pptp.h> --#include <linux/netfilter_ipv4/ip_conntrack_mms.h> --#include <linux/netfilter_ipv4/ip_conntrack_h323.h> -- - #include <linux/netfilter_ipv4/ip_conntrack_ftp.h> - #include <linux/netfilter_ipv4/ip_conntrack_irc.h> --#include <linux/netfilter_ipv4/ip_autofw.h> - - /* per expectation: application helper private data */ - union ip_conntrack_expect_help { - /* insert conntrack helper private data (expect) here */ -- struct ip_ct_pptp_expect exp_pptp_info; -- struct ip_ct_mms_expect exp_mms_info; -- struct ip_ct_h225_expect exp_h225_info; - struct ip_ct_ftp_expect exp_ftp_info; - struct ip_ct_irc_expect exp_irc_info; -- struct ip_autofw_expect exp_autofw_info; - - #ifdef CONFIG_IP_NF_NAT_NEEDED - union { -@@ -89,21 +77,16 @@ - /* per conntrack: application helper private data */ - union ip_conntrack_help { - /* insert conntrack helper private data (master) here */ -- struct ip_ct_pptp_master ct_pptp_info; -- struct ip_ct_mms_master ct_mms_info; -- struct ip_ct_h225_master ct_h225_info; - struct ip_ct_ftp_master ct_ftp_info; - struct ip_ct_irc_master ct_irc_info; - }; - - #ifdef CONFIG_IP_NF_NAT_NEEDED - #include <linux/netfilter_ipv4/ip_nat.h> --#include <linux/netfilter_ipv4/ip_nat_pptp.h> - - /* per conntrack: nat application helper private data */ - union ip_conntrack_nat_help { - /* insert nat helper private data here */ -- struct ip_nat_pptp nat_pptp_info; - }; - #endif - -@@ -275,9 +258,5 @@ - } - - extern unsigned int ip_conntrack_htable_size; -- --/* connection tracking time out variables. */ --extern int sysctl_ip_conntrack_tcp_timeouts[10]; --extern int sysctl_ip_conntrack_udp_timeouts[2]; - #endif /* __KERNEL__ */ - #endif /* _IP_CONNTRACK_H */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack_h323.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack_h323.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack_h323.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack_h323.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,30 +0,0 @@ --#ifndef _IP_CONNTRACK_H323_H --#define _IP_CONNTRACK_H323_H --/* H.323 connection tracking. */ -- --#ifdef __KERNEL__ --/* Protects H.323 related data */ --DECLARE_LOCK_EXTERN(ip_h323_lock); --#endif -- --/* Default H.225 port */ --#define H225_PORT 1720 -- --/* This structure is per expected connection */ --struct ip_ct_h225_expect { -- u_int16_t port; /* Port of the H.225 helper/RTCP/RTP channel */ -- enum ip_conntrack_dir dir; /* Direction of the original connection */ -- unsigned int offset; /* offset of the address in the payload */ --}; -- --/* This structure exists only once per master */ --struct ip_ct_h225_master { -- int is_h225; /* H.225 or H.245 connection */ --#ifdef CONFIG_IP_NF_NAT_NEEDED -- enum ip_conntrack_dir dir; /* Direction of the original connection */ -- u_int32_t seq[IP_CT_DIR_MAX]; /* Exceptional packet mangling for signal addressess... */ -- unsigned int offset[IP_CT_DIR_MAX]; /* ...and the offset of the addresses in the payload */ --#endif --}; -- --#endif /* _IP_CONNTRACK_H323_H */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack_mms.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack_mms.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack_mms.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack_mms.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,31 +0,0 @@ --#ifndef _IP_CONNTRACK_MMS_H --#define _IP_CONNTRACK_MMS_H --/* MMS tracking. */ -- --#ifdef __KERNEL__ --#include <linux/netfilter_ipv4/lockhelp.h> -- --DECLARE_LOCK_EXTERN(ip_mms_lock); -- --#define MMS_PORT 1755 --#define MMS_SRV_MSG_ID 196610 -- --#define MMS_SRV_MSG_OFFSET 36 --#define MMS_SRV_UNICODE_STRING_OFFSET 60 --#define MMS_SRV_CHUNKLENLV_OFFSET 16 --#define MMS_SRV_CHUNKLENLM_OFFSET 32 --#define MMS_SRV_MESSAGELENGTH_OFFSET 8 --#endif -- --/* This structure is per expected connection */ --struct ip_ct_mms_expect { -- u_int32_t len; -- u_int32_t padding; -- u_int16_t port; --}; -- --/* This structure exists only once per master */ --struct ip_ct_mms_master { --}; -- --#endif /* _IP_CONNTRACK_MMS_H */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack_pptp.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack_pptp.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack_pptp.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack_pptp.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,313 +0,0 @@ --/* PPTP constants and structs */ --#ifndef _CONNTRACK_PPTP_H --#define _CONNTRACK_PPTP_H -- --/* state of the control session */ --enum pptp_ctrlsess_state { -- PPTP_SESSION_NONE, /* no session present */ -- PPTP_SESSION_ERROR, /* some session error */ -- PPTP_SESSION_STOPREQ, /* stop_sess request seen */ -- PPTP_SESSION_REQUESTED, /* start_sess request seen */ -- PPTP_SESSION_CONFIRMED, /* session established */ --}; -- --/* state of the call inside the control session */ --enum pptp_ctrlcall_state { -- PPTP_CALL_NONE, -- PPTP_CALL_ERROR, -- PPTP_CALL_OUT_REQ, -- PPTP_CALL_OUT_CONF, -- PPTP_CALL_IN_REQ, -- PPTP_CALL_IN_REP, -- PPTP_CALL_IN_CONF, -- PPTP_CALL_CLEAR_REQ, --}; -- -- --/* conntrack private data */ --struct ip_ct_pptp_master { -- enum pptp_ctrlsess_state sstate; /* session state */ -- -- /* everything below is going to be per-expectation in newnat, -- * since there could be more than one call within one session */ -- enum pptp_ctrlcall_state cstate; /* call state */ -- u_int16_t pac_call_id; /* call id of PAC, host byte order */ -- u_int16_t pns_call_id; /* call id of PNS, host byte order */ --}; -- --/* conntrack_expect private member */ --struct ip_ct_pptp_expect { -- enum pptp_ctrlcall_state cstate; /* call state */ -- u_int16_t pac_call_id; /* call id of PAC */ -- u_int16_t pns_call_id; /* call id of PNS */ --}; -- -- --#ifdef __KERNEL__ -- --#include <linux/netfilter_ipv4/lockhelp.h> --DECLARE_LOCK_EXTERN(ip_pptp_lock); -- --#define IP_CONNTR_PPTP PPTP_CONTROL_PORT -- --union pptp_ctrl_union { -- void *rawreq; -- struct PptpStartSessionRequest *sreq; -- struct PptpStartSessionReply *srep; -- struct PptpStopSessionReqest *streq; -- struct PptpStopSessionReply *strep; -- struct PptpOutCallRequest *ocreq; -- struct PptpOutCallReply *ocack; -- struct PptpInCallRequest *icreq; -- struct PptpInCallReply *icack; -- struct PptpInCallConnected *iccon; -- struct PptpClearCallRequest *clrreq; -- struct PptpCallDisconnectNotify *disc; -- struct PptpWanErrorNotify *wanerr; -- struct PptpSetLinkInfo *setlink; --}; -- -- -- --#define PPTP_CONTROL_PORT 1723 -- --#define PPTP_PACKET_CONTROL 1 --#define PPTP_PACKET_MGMT 2 -- --#define PPTP_MAGIC_COOKIE 0x1a2b3c4d -- --struct pptp_pkt_hdr { -- __u16 packetLength; -- __u16 packetType; -- __u32 magicCookie; --}; -- --/* PptpControlMessageType values */ --#define PPTP_START_SESSION_REQUEST 1 --#define PPTP_START_SESSION_REPLY 2 --#define PPTP_STOP_SESSION_REQUEST 3 --#define PPTP_STOP_SESSION_REPLY 4 --#define PPTP_ECHO_REQUEST 5 --#define PPTP_ECHO_REPLY 6 --#define PPTP_OUT_CALL_REQUEST 7 --#define PPTP_OUT_CALL_REPLY 8 --#define PPTP_IN_CALL_REQUEST 9 --#define PPTP_IN_CALL_REPLY 10 --#define PPTP_IN_CALL_CONNECT 11 --#define PPTP_CALL_CLEAR_REQUEST 12 --#define PPTP_CALL_DISCONNECT_NOTIFY 13 --#define PPTP_WAN_ERROR_NOTIFY 14 --#define PPTP_SET_LINK_INFO 15 -- --#define PPTP_MSG_MAX 15 -- --/* PptpGeneralError values */ --#define PPTP_ERROR_CODE_NONE 0 --#define PPTP_NOT_CONNECTED 1 --#define PPTP_BAD_FORMAT 2 --#define PPTP_BAD_VALUE 3 --#define PPTP_NO_RESOURCE 4 --#define PPTP_BAD_CALLID 5 --#define PPTP_REMOVE_DEVICE_ERROR 6 -- --struct PptpControlHeader { -- __u16 messageType; -- __u16 reserved; --}; -- --/* FramingCapability Bitmap Values */ --#define PPTP_FRAME_CAP_ASYNC 0x1 --#define PPTP_FRAME_CAP_SYNC 0x2 -- --/* BearerCapability Bitmap Values */ --#define PPTP_BEARER_CAP_ANALOG 0x1 --#define PPTP_BEARER_CAP_DIGITAL 0x2 -- --struct PptpStartSessionRequest { -- __u16 protocolVersion; -- __u8 reserved1; -- __u8 reserved2; -- __u32 framingCapability; -- __u32 bearerCapability; -- __u16 maxChannels; -- __u16 firmwareRevision; -- __u8 hostName[64]; -- __u8 vendorString[64]; --}; -- --/* PptpStartSessionResultCode Values */ --#define PPTP_START_OK 1 --#define PPTP_START_GENERAL_ERROR 2 --#define PPTP_START_ALREADY_CONNECTED 3 --#define PPTP_START_NOT_AUTHORIZED 4 --#define PPTP_START_UNKNOWN_PROTOCOL 5 -- --struct PptpStartSessionReply { -- __u16 protocolVersion; -- __u8 resultCode; -- __u8 generalErrorCode; -- __u32 framingCapability; -- __u32 bearerCapability; -- __u16 maxChannels; -- __u16 firmwareRevision; -- __u8 hostName[64]; -- __u8 vendorString[64]; --}; -- --/* PptpStopReasons */ --#define PPTP_STOP_NONE 1 --#define PPTP_STOP_PROTOCOL 2 --#define PPTP_STOP_LOCAL_SHUTDOWN 3 -- --struct PptpStopSessionRequest { -- __u8 reason; --}; -- --/* PptpStopSessionResultCode */ --#define PPTP_STOP_OK 1 --#define PPTP_STOP_GENERAL_ERROR 2 -- --struct PptpStopSessionReply { -- __u8 resultCode; -- __u8 generalErrorCode; --}; -- --struct PptpEchoRequest { -- __u32 identNumber; --}; -- --/* PptpEchoReplyResultCode */ --#define PPTP_ECHO_OK 1 --#define PPTP_ECHO_GENERAL_ERROR 2 -- --struct PptpEchoReply { -- __u32 identNumber; -- __u8 resultCode; -- __u8 generalErrorCode; -- __u16 reserved; --}; -- --/* PptpFramingType */ --#define PPTP_ASYNC_FRAMING 1 --#define PPTP_SYNC_FRAMING 2 --#define PPTP_DONT_CARE_FRAMING 3 -- --/* PptpCallBearerType */ --#define PPTP_ANALOG_TYPE 1 --#define PPTP_DIGITAL_TYPE 2 --#define PPTP_DONT_CARE_BEARER_TYPE 3 -- --struct PptpOutCallRequest { -- __u16 callID; -- __u16 callSerialNumber; -- __u32 minBPS; -- __u32 maxBPS; -- __u32 bearerType; -- __u32 framingType; -- __u16 packetWindow; -- __u16 packetProcDelay; -- __u16 reserved1; -- __u16 phoneNumberLength; -- __u16 reserved2; -- __u8 phoneNumber[64]; -- __u8 subAddress[64]; --}; -- --/* PptpCallResultCode */ --#define PPTP_OUTCALL_CONNECT 1 --#define PPTP_OUTCALL_GENERAL_ERROR 2 --#define PPTP_OUTCALL_NO_CARRIER 3 --#define PPTP_OUTCALL_BUSY 4 --#define PPTP_OUTCALL_NO_DIAL_TONE 5 --#define PPTP_OUTCALL_TIMEOUT 6 --#define PPTP_OUTCALL_DONT_ACCEPT 7 -- --struct PptpOutCallReply { -- __u16 callID; -- __u16 peersCallID; -- __u8 resultCode; -- __u8 generalErrorCode; -- __u16 causeCode; -- __u32 connectSpeed; -- __u16 packetWindow; -- __u16 packetProcDelay; -- __u32 physChannelID; --}; -- --struct PptpInCallRequest { -- __u16 callID; -- __u16 callSerialNumber; -- __u32 callBearerType; -- __u32 physChannelID; -- __u16 dialedNumberLength; -- __u16 dialingNumberLength; -- __u8 dialedNumber[64]; -- __u8 dialingNumber[64]; -- __u8 subAddress[64]; --}; -- --/* PptpInCallResultCode */ --#define PPTP_INCALL_ACCEPT 1 --#define PPTP_INCALL_GENERAL_ERROR 2 --#define PPTP_INCALL_DONT_ACCEPT 3 -- --struct PptpInCallReply { -- __u16 callID; -- __u16 peersCallID; -- __u8 resultCode; -- __u8 generalErrorCode; -- __u16 packetWindow; -- __u16 packetProcDelay; -- __u16 reserved; --}; -- --struct PptpInCallConnected { -- __u16 peersCallID; -- __u16 reserved; -- __u32 connectSpeed; -- __u16 packetWindow; -- __u16 packetProcDelay; -- __u32 callFramingType; --}; -- --struct PptpClearCallRequest { -- __u16 callID; -- __u16 reserved; --}; -- --struct PptpCallDisconnectNotify { -- __u16 callID; -- __u8 resultCode; -- __u8 generalErrorCode; -- __u16 causeCode; -- __u16 reserved; -- __u8 callStatistics[128]; --}; -- --struct PptpWanErrorNotify { -- __u16 peersCallID; -- __u16 reserved; -- __u32 crcErrors; -- __u32 framingErrors; -- __u32 hardwareOverRuns; -- __u32 bufferOverRuns; -- __u32 timeoutErrors; -- __u32 alignmentErrors; --}; -- --struct PptpSetLinkInfo { -- __u16 peersCallID; -- __u16 reserved; -- __u32 sendAccm; -- __u32 recvAccm; --}; -- -- --struct pptp_priv_data { -- __u16 call_id; -- __u16 mcall_id; -- __u16 pcall_id; --}; -- --#endif /* __KERNEL__ */ --#endif /* _CONNTRACK_PPTP_H */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack_proto_gre.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,121 +0,0 @@ --#ifndef _CONNTRACK_PROTO_GRE_H --#define _CONNTRACK_PROTO_GRE_H --#include <asm/byteorder.h> -- --/* GRE PROTOCOL HEADER */ -- --/* GRE Version field */ --#define GRE_VERSION_1701 0x0 --#define GRE_VERSION_PPTP 0x1 -- --/* GRE Protocol field */ --#define GRE_PROTOCOL_PPTP 0x880B -- --/* GRE Flags */ --#define GRE_FLAG_C 0x80 --#define GRE_FLAG_R 0x40 --#define GRE_FLAG_K 0x20 --#define GRE_FLAG_S 0x10 --#define GRE_FLAG_A 0x80 -- --#define GRE_IS_C(f) ((f)&GRE_FLAG_C) --#define GRE_IS_R(f) ((f)&GRE_FLAG_R) --#define GRE_IS_K(f) ((f)&GRE_FLAG_K) --#define GRE_IS_S(f) ((f)&GRE_FLAG_S) --#define GRE_IS_A(f) ((f)&GRE_FLAG_A) -- --/* GRE is a mess: Four different standards */ --struct gre_hdr { --#if defined(__LITTLE_ENDIAN_BITFIELD) -- __u16 rec:3, -- srr:1, -- seq:1, -- key:1, -- routing:1, -- csum:1, -- version:3, -- reserved:4, -- ack:1; --#elif defined(__BIG_ENDIAN_BITFIELD) -- __u16 csum:1, -- routing:1, -- key:1, -- seq:1, -- srr:1, -- rec:3, -- ack:1, -- reserved:4, -- version:3; --#else --#error "Adjust your <asm/byteorder.h> defines" --#endif -- __u16 protocol; --}; -- --/* modified GRE header for PPTP */ --struct gre_hdr_pptp { -- __u8 flags; /* bitfield */ -- __u8 version; /* should be GRE_VERSION_PPTP */ -- __u16 protocol; /* should be GRE_PROTOCOL_PPTP */ -- __u16 payload_len; /* size of ppp payload, not inc. gre header */ -- __u16 call_id; /* peer's call_id for this session */ -- __u32 seq; /* sequence number. Present if S==1 */ -- __u32 ack; /* seq number of highest packet recieved by */ -- /* sender in this session */ --}; -- -- --/* this is part of ip_conntrack */ --struct ip_ct_gre { -- unsigned int stream_timeout; -- unsigned int timeout; --}; -- --/* this is part of ip_conntrack_expect */ --struct ip_ct_gre_expect { -- struct ip_ct_gre_keymap *keymap_orig, *keymap_reply; --}; -- --#ifdef __KERNEL__ -- --/* structure for original <-> reply keymap */ --struct ip_ct_gre_keymap { -- struct list_head list; -- -- struct ip_conntrack_tuple tuple; -- struct ip_conntrack_expect *master; --}; -- -- --/* add new tuple->key_reply pair to keymap */ --int ip_ct_gre_keymap_add(struct ip_conntrack_expect *exp, -- struct ip_conntrack_tuple *t, -- int reply); -- --/* change an existing keymap entry */ --void ip_ct_gre_keymap_change(struct ip_ct_gre_keymap *km, -- struct ip_conntrack_tuple *t); -- -- -- --/* get pointer to gre key, if present */ --static inline u_int32_t *gre_key(struct gre_hdr *greh) --{ -- if (!greh->key) -- return NULL; -- if (greh->csum || greh->routing) -- return (u_int32_t *) (greh+sizeof(*greh)+4); -- return (u_int32_t *) (greh+sizeof(*greh)); --} -- --/* get pointer ot gre csum, if present */ --static inline u_int16_t *gre_csum(struct gre_hdr *greh) --{ -- if (!greh->csum) -- return NULL; -- return (u_int16_t *) (greh+sizeof(*greh)); --} -- --#endif /* __KERNEL__ */ -- --#endif /* _CONNTRACK_PROTO_GRE_H */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack_tftp.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack_tftp.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack_tftp.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack_tftp.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,13 +0,0 @@ --#ifndef _IP_CT_TFTP --#define _IP_CT_TFTP -- --#define TFTP_PORT 69 -- --struct tftphdr { -- u_int16_t opcode; --}; -- --#define TFTP_OPCODE_READ 1 --#define TFTP_OPCODE_WRITE 2 -- --#endif /* _IP_CT_TFTP */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_conntrack_tuple.h linux.stock/include/linux/netfilter_ipv4/ip_conntrack_tuple.h ---- linux/include/linux/netfilter_ipv4/ip_conntrack_tuple.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_conntrack_tuple.h 2004-05-09 04:13:03.000000000 -0400 -@@ -14,7 +14,7 @@ - union ip_conntrack_manip_proto - { - /* Add other protocols here. */ -- u_int32_t all; -+ u_int16_t all; - - struct { - u_int16_t port; -@@ -25,9 +25,6 @@ - struct { - u_int16_t id; - } icmp; -- struct { -- u_int32_t key; -- } gre; - }; - - /* The manipulable part of the tuple. */ -@@ -47,7 +44,7 @@ - u_int32_t ip; - union { - /* Add other protocols here. */ -- u_int64_t all; -+ u_int16_t all; - - struct { - u_int16_t port; -@@ -58,11 +55,6 @@ - struct { - u_int8_t type, code; - } icmp; -- struct { -- u_int16_t protocol; -- u_int8_t version; -- u_int32_t key; -- } gre; - } u; - - /* The protocol. */ -@@ -80,16 +72,10 @@ - #ifdef __KERNEL__ - - #define DUMP_TUPLE(tp) \ --DEBUGP("tuple %p: %u %u.%u.%u.%u:%u -> %u.%u.%u.%u:%u\n", \ -+DEBUGP("tuple %p: %u %u.%u.%u.%u:%hu -> %u.%u.%u.%u:%hu\n", \ - (tp), (tp)->dst.protonum, \ -- NIPQUAD((tp)->src.ip), ntohl((tp)->src.u.all), \ -- NIPQUAD((tp)->dst.ip), ntohl((tp)->dst.u.all)) -- --#define DUMP_TUPLE_RAW(x) \ -- DEBUGP("tuple %p: %u %u.%u.%u.%u:0x%08x -> %u.%u.%u.%u:0x%08x\n",\ -- (x), (x)->dst.protonum, \ -- NIPQUAD((x)->src.ip), ntohl((x)->src.u.all), \ -- NIPQUAD((x)->dst.ip), ntohl((x)->dst.u.all)) -+ NIPQUAD((tp)->src.ip), ntohs((tp)->src.u.all), \ -+ NIPQUAD((tp)->dst.ip), ntohs((tp)->dst.u.all)) - - #define CTINFO2DIR(ctinfo) ((ctinfo) >= IP_CT_IS_REPLY ? IP_CT_DIR_REPLY : IP_CT_DIR_ORIGINAL) - -diff -Nurb linux/include/linux/netfilter_ipv4/ip_nat_pptp.h linux.stock/include/linux/netfilter_ipv4/ip_nat_pptp.h ---- linux/include/linux/netfilter_ipv4/ip_nat_pptp.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_nat_pptp.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,11 +0,0 @@ --/* PPTP constants and structs */ --#ifndef _NAT_PPTP_H --#define _NAT_PPTP_H -- --/* conntrack private data */ --struct ip_nat_pptp { -- u_int16_t pns_call_id; /* NAT'ed PNS call id */ -- u_int16_t pac_call_id; /* NAT'ed PAC call id */ --}; -- --#endif /* _NAT_PPTP_H */ -diff -Nurb linux/include/linux/netfilter_ipv4/ip_pool.h linux.stock/include/linux/netfilter_ipv4/ip_pool.h ---- linux/include/linux/netfilter_ipv4/ip_pool.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ip_pool.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,64 +0,0 @@ --#ifndef _IP_POOL_H --#define _IP_POOL_H -- --/***************************************************************************/ --/* This program is free software; you can redistribute it and/or modify */ --/* it under the terms of the GNU General Public License as published by */ --/* the Free Software Foundation; either version 2 of the License, or */ --/* (at your option) any later version. */ --/* */ --/* This program is distributed in the hope that it will be useful, */ --/* but WITHOUT ANY WARRANTY; without even the implied warranty of */ --/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the */ --/* GNU General Public License for more details. */ --/* */ --/* You should have received a copy of the GNU General Public License */ --/* along with this program; if not, write to the Free Software */ --/* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA*/ --/***************************************************************************/ -- --/* A sockopt of such quality has hardly ever been seen before on the open -- * market! This little beauty, hardly ever used: above 64, so it's -- * traditionally used for firewalling, not touched (even once!) by the -- * 2.0, 2.2 and 2.4 kernels! -- * -- * Comes with its own certificate of authenticity, valid anywhere in the -- * Free world! -- * -- * Rusty, 19.4.2000 -- */ --#define SO_IP_POOL 81 -- --typedef int ip_pool_t; /* pool index */ --#define IP_POOL_NONE ((ip_pool_t)-1) -- --struct ip_pool_request { -- int op; -- ip_pool_t index; -- u_int32_t addr; -- u_int32_t addr2; --}; -- --/* NOTE: I deliberately break the first cut ippool utility. Nobody uses it. */ -- --#define IP_POOL_BAD001 0x00000010 -- --#define IP_POOL_FLUSH 0x00000011 /* req.index, no arguments */ --#define IP_POOL_INIT 0x00000012 /* from addr to addr2 incl. */ --#define IP_POOL_DESTROY 0x00000013 /* req.index, no arguments */ --#define IP_POOL_ADD_ADDR 0x00000014 /* add addr to pool */ --#define IP_POOL_DEL_ADDR 0x00000015 /* del addr from pool */ --#define IP_POOL_HIGH_NR 0x00000016 /* result in req.index */ --#define IP_POOL_LOOKUP 0x00000017 /* result in addr and addr2 */ --#define IP_POOL_USAGE 0x00000018 /* result in addr */ --#define IP_POOL_TEST_ADDR 0x00000019 /* result (0/1) returned */ -- --#ifdef __KERNEL__ -- --/* NOTE: ip_pool_match() and ip_pool_mod() expect ADDR to be host byte order */ --extern int ip_pool_match(ip_pool_t pool, u_int32_t addr); --extern int ip_pool_mod(ip_pool_t pool, u_int32_t addr, int isdel); -- --#endif -- --#endif /*_IP_POOL_H*/ -diff -Nurb linux/include/linux/netfilter_ipv4/ipt_pool.h linux.stock/include/linux/netfilter_ipv4/ipt_pool.h ---- linux/include/linux/netfilter_ipv4/ipt_pool.h 2003-07-04 04:12:27.000000000 -0400 -+++ linux.stock/include/linux/netfilter_ipv4/ipt_pool.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,25 +0,0 @@ --#ifndef _IPT_POOL_H --#define _IPT_POOL_H -- --#include <linux/netfilter_ipv4/ip_pool.h> -- --#define IPT_POOL_INV_SRC 0x00000001 --#define IPT_POOL_INV_DST 0x00000002 --#define IPT_POOL_DEL_SRC 0x00000004 --#define IPT_POOL_DEL_DST 0x00000008 --#define IPT_POOL_INV_MOD_SRC 0x00000010 --#define IPT_POOL_INV_MOD_DST 0x00000020 --#define IPT_POOL_MOD_SRC_ACCEPT 0x00000040 --#define IPT_POOL_MOD_DST_ACCEPT 0x00000080 --#define IPT_POOL_MOD_SRC_DROP 0x00000100 --#define IPT_POOL_MOD_DST_DROP 0x00000200 -- --/* match info */ --struct ipt_pool_info --{ -- ip_pool_t src; -- ip_pool_t dst; -- unsigned flags; --}; -- --#endif /*_IPT_POOL_H*/ -diff -Nurb linux/net/ipv4/netfilter/Config.in linux.stock/net/ipv4/netfilter/Config.in ---- linux/net/ipv4/netfilter/Config.in 2004-02-19 06:04:35.000000000 -0500 -+++ linux.stock/net/ipv4/netfilter/Config.in 2004-05-09 04:13:03.000000000 -0400 -@@ -7,12 +7,7 @@ - tristate 'Connection tracking (required for masq/NAT)' CONFIG_IP_NF_CONNTRACK - if [ "$CONFIG_IP_NF_CONNTRACK" != "n" ]; then - dep_tristate ' FTP protocol support' CONFIG_IP_NF_FTP $CONFIG_IP_NF_CONNTRACK -- dep_tristate ' TFTP protocol support' CONFIG_IP_NF_TFTP $CONFIG_IP_NF_CONNTRACK -- dep_tristate ' H.323 (netmeeting) support' CONFIG_IP_NF_H323 $CONFIG_IP_NF_CONNTRACK - dep_tristate ' IRC protocol support' CONFIG_IP_NF_IRC $CONFIG_IP_NF_CONNTRACK -- dep_tristate ' MMS protocol support' CONFIG_IP_NF_MMS $CONFIG_IP_NF_CONNTRACK -- dep_tristate ' GRE protocol support' CONFIG_IP_NF_CT_PROTO_GRE $CONFIG_IP_NF_CONNTRACK -- dep_tristate ' PPTP protocol support' CONFIG_IP_NF_PPTP $CONFIG_IP_NF_CT_PROTO_GRE - fi - - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -@@ -22,19 +17,11 @@ - if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; then - # The simple matches. - dep_tristate ' limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES -- -- dep_tristate ' IP address pool support' CONFIG_IP_NF_POOL $CONFIG_IP_NF_IPTABLES -- if [ "$CONFIG_IP_NF_POOL" = "y" -o "$CONFIG_IP_NF_POOL" = "m" ]; then -- bool ' enable statistics on pool usage' CONFIG_IP_POOL_STATISTICS n -- fi -- - dep_tristate ' MAC address match support' CONFIG_IP_NF_MATCH_MAC $CONFIG_IP_NF_IPTABLES - dep_tristate ' Packet type match support' CONFIG_IP_NF_MATCH_PKTTYPE $CONFIG_IP_NF_IPTABLES - dep_tristate ' netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES - dep_tristate ' Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES -- dep_tristate ' Multiple port with ranges match support' CONFIG_IP_NF_MATCH_MPORT $CONFIG_IP_NF_IPTABLES - dep_tristate ' TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES -- dep_tristate ' TIME match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_TIME $CONFIG_IP_NF_IPTABLES - dep_tristate ' ECN match support' CONFIG_IP_NF_MATCH_ECN $CONFIG_IP_NF_IPTABLES - - dep_tristate ' DSCP match support' CONFIG_IP_NF_MATCH_DSCP $CONFIG_IP_NF_IPTABLES -@@ -52,7 +39,6 @@ - fi - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then - dep_tristate ' Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES -- dep_tristate ' Webstr match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_WEBSTR $CONFIG_IP_NF_IPTABLES - dep_tristate ' Owner match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_OWNER $CONFIG_IP_NF_IPTABLES - fi - # The targets -@@ -70,29 +56,6 @@ - define_bool CONFIG_IP_NF_NAT_NEEDED y - dep_tristate ' MASQUERADE target support' CONFIG_IP_NF_TARGET_MASQUERADE $CONFIG_IP_NF_NAT - dep_tristate ' REDIRECT target support' CONFIG_IP_NF_TARGET_REDIRECT $CONFIG_IP_NF_NAT -- dep_tristate ' Automatic port forwarding (autofw) target support' CONFIG_IP_NF_AUTOFW $CONFIG_IP_NF_NAT -- dep_tristate ' TRIGGER target support (port-trigger)' CONFIG_IP_NF_TARGET_TRIGGER $CONFIG_IP_NF_NAT -- if [ "$CONFIG_IP_NF_H323" = "m" ]; then -- define_tristate CONFIG_IP_NF_NAT_H323 m -- else -- if [ "$CONFIG_IP_NF_H323" = "y" ]; then -- define_tristate CONFIG_IP_NF_NAT_H323 $CONFIG_IP_NF_NAT -- fi -- fi -- if [ "$CONFIG_IP_NF_PPTP" = "m" ]; then -- define_tristate CONFIG_IP_NF_NAT_PPTP m -- else -- if [ "$CONFIG_IP_NF_PPTP" = "y" ]; then -- define_tristate CONFIG_IP_NF_NAT_PPTP $CONFIG_IP_NF_NAT -- fi -- fi -- if [ "$CONFIG_IP_NF_CT_PROTO_GRE" = "m" ]; then -- define_tristate CONFIG_IP_NF_NAT_PROTO_GRE m -- else -- if [ "$CONFIG_IP_NF_CT_PROTO_GRE" = "y" ]; then -- define_tristate CONFIG_IP_NF_NAT_PROTO_GRE $CONFIG_IP_NF_NAT -- fi -- fi - bool ' NAT of local connections (READ HELP)' CONFIG_IP_NF_NAT_LOCAL - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then - dep_tristate ' Basic SNMP-ALG support (EXPERIMENTAL)' CONFIG_IP_NF_NAT_SNMP_BASIC $CONFIG_IP_NF_NAT -@@ -104,13 +67,6 @@ - define_tristate CONFIG_IP_NF_NAT_IRC $CONFIG_IP_NF_NAT - fi - fi -- if [ "$CONFIG_IP_NF_MMS" = "m" ]; then -- define_tristate CONFIG_IP_NF_NAT_MMS m -- else -- if [ "$CONFIG_IP_NF_MMS" = "y" ]; then -- define_tristate CONFIG_IP_NF_NAT_MMS $CONFIG_IP_NF_NAT -- fi -- fi - # If they want FTP, set to $CONFIG_IP_NF_NAT (m or y), - # or $CONFIG_IP_NF_FTP (m or y), whichever is weaker. Argh. - if [ "$CONFIG_IP_NF_FTP" = "m" ]; then -@@ -120,13 +76,6 @@ - define_tristate CONFIG_IP_NF_NAT_FTP $CONFIG_IP_NF_NAT - fi - fi -- if [ "$CONFIG_IP_NF_TFTP" = "m" ]; then -- define_tristate CONFIG_IP_NF_NAT_TFTP m -- else -- if [ "$CONFIG_IP_NF_TFTP" = "y" ]; then -- define_tristate CONFIG_IP_NF_NAT_TFTP $CONFIG_IP_NF_NAT -- fi -- fi - fi - fi - -diff -Nurb linux/net/ipv4/netfilter/Makefile linux.stock/net/ipv4/netfilter/Makefile ---- linux/net/ipv4/netfilter/Makefile 2004-02-19 06:04:35.000000000 -0500 -+++ linux.stock/net/ipv4/netfilter/Makefile 2004-05-09 04:13:03.000000000 -0400 -@@ -31,48 +31,20 @@ - # connection tracking - obj-$(CONFIG_IP_NF_CONNTRACK) += ip_conntrack.o - --# H.323 support --obj-$(CONFIG_IP_NF_H323) += ip_conntrack_h323.o --obj-$(CONFIG_IP_NF_NAT_H323) += ip_nat_h323.o --ifdef CONFIG_IP_NF_NAT_H323 -- export-objs += ip_conntrack_h323.o --endif -- -- --# connection tracking protocol helpers --obj-$(CONFIG_IP_NF_CT_PROTO_GRE) += ip_conntrack_proto_gre.o --ifdef CONFIG_IP_NF_CT_PROTO_GRE -- export-objs += ip_conntrack_proto_gre.o --endif -- --# NAT protocol helpers --obj-$(CONFIG_IP_NF_NAT_PROTO_GRE) += ip_nat_proto_gre.o -- - # connection tracking helpers --obj-$(CONFIG_IP_NF_MMS) += ip_conntrack_mms.o --ifdef CONFIG_IP_NF_NAT_MMS -- export-objs += ip_conntrack_mms.o --endif --obj-$(CONFIG_IP_NF_PPTP) += ip_conntrack_pptp.o --ifdef CONFIG_IP_NF_NAT_PPTP -- export-objs += ip_conntrack_pptp.o --endif --obj-$(CONFIG_IP_NF_TFTP) += ip_conntrack_tftp.o - obj-$(CONFIG_IP_NF_FTP) += ip_conntrack_ftp.o - ifdef CONFIG_IP_NF_NAT_FTP - export-objs += ip_conntrack_ftp.o - endif -+ - obj-$(CONFIG_IP_NF_IRC) += ip_conntrack_irc.o - ifdef CONFIG_IP_NF_NAT_IRC - export-objs += ip_conntrack_irc.o - endif - - # NAT helpers --obj-$(CONFIG_IP_NF_NAT_PPTP) += ip_nat_pptp.o --obj-$(CONFIG_IP_NF_NAT_TFTP) += ip_nat_tftp.o - obj-$(CONFIG_IP_NF_NAT_FTP) += ip_nat_ftp.o - obj-$(CONFIG_IP_NF_NAT_IRC) += ip_nat_irc.o --obj-$(CONFIG_IP_NF_NAT_MMS) += ip_nat_mms.o - - # generic IP tables - obj-$(CONFIG_IP_NF_IPTABLES) += ip_tables.o -@@ -86,19 +58,12 @@ - obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper.o - obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o - obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o --obj-$(CONFIG_IP_NF_POOL) += ipt_pool.o ip_pool.o - obj-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac.o - - obj-$(CONFIG_IP_NF_MATCH_PKTTYPE) += ipt_pkttype.o - obj-$(CONFIG_IP_NF_MATCH_MULTIPORT) += ipt_multiport.o -- --obj-$(CONFIG_IP_NF_MATCH_MPORT) += ipt_mport.o -- - obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_owner.o - obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o -- --obj-$(CONFIG_IP_NF_MATCH_TIME) += ipt_time.o -- - obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o - obj-$(CONFIG_IP_NF_MATCH_DSCP) += ipt_dscp.o - obj-$(CONFIG_IP_NF_MATCH_AH_ESP) += ipt_ah.o ipt_esp.o -@@ -109,7 +74,6 @@ - obj-$(CONFIG_IP_NF_MATCH_STATE) += ipt_state.o - obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += ipt_conntrack.o - obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o --obj-$(CONFIG_IP_NF_MATCH_WEBSTR) += ipt_webstr.o - obj-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss.o - - # targets -@@ -125,8 +89,6 @@ - obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o - obj-$(CONFIG_IP_NF_TARGET_ULOG) += ipt_ULOG.o - obj-$(CONFIG_IP_NF_TARGET_TCPMSS) += ipt_TCPMSS.o --obj-$(CONFIG_IP_NF_AUTOFW) += ip_autofw.o --obj-$(CONFIG_IP_NF_TARGET_TRIGGER) += ipt_TRIGGER.o - - # generic ARP tables - obj-$(CONFIG_IP_NF_ARPTABLES) += arp_tables.o -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_core.c linux.stock/net/ipv4/netfilter/ip_conntrack_core.c ---- linux/net/ipv4/netfilter/ip_conntrack_core.c 2003-08-12 07:33:45.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_core.c 2004-05-09 04:13:03.000000000 -0400 -@@ -47,7 +47,11 @@ - - #define IP_CONNTRACK_VERSION "2.1" - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - DECLARE_RWLOCK(ip_conntrack_lock); - DECLARE_RWLOCK(ip_conntrack_expect_tuple_lock); -@@ -62,29 +66,6 @@ - struct list_head *ip_conntrack_hash; - static kmem_cache_t *ip_conntrack_cachep; - --#define SECS * HZ --#define MINS * 60 SECS --#define HOURS * 60 MINS --#define DAYS * 24 HOURS -- --int sysctl_ip_conntrack_tcp_timeouts[10] = { -- 30 MINS, /* TCP_CONNTRACK_NONE, */ -- 5 DAYS, /* TCP_CONNTRACK_ESTABLISHED, */ -- 2 MINS, /* TCP_CONNTRACK_SYN_SENT, */ -- 60 SECS, /* TCP_CONNTRACK_SYN_RECV, */ -- 2 MINS, /* TCP_CONNTRACK_FIN_WAIT, */ -- 2 MINS, /* TCP_CONNTRACK_TIME_WAIT, */ -- 10 SECS, /* TCP_CONNTRACK_CLOSE, */ -- 60 SECS, /* TCP_CONNTRACK_CLOSE_WAIT, */ -- 30 SECS, /* TCP_CONNTRACK_LAST_ACK, */ -- 2 MINS, /* TCP_CONNTRACK_LISTEN, */ --}; -- --int sysctl_ip_conntrack_udp_timeouts[2] = { -- 30 SECS, /* UNREPLIED */ -- 180 SECS /* ASSURED */ --}; -- - extern struct ip_conntrack_protocol ip_conntrack_generic_protocol; - - static inline int proto_cmpfn(const struct ip_conntrack_protocol *curr, -@@ -129,6 +110,9 @@ - static inline u_int32_t - hash_conntrack(const struct ip_conntrack_tuple *tuple) - { -+#if 0 -+ dump_tuple(tuple); -+#endif - /* ntohl because more differences in low bits. */ - /* To ensure that halves of the same connection don't hash - clash, we add the source per-proto again. */ -@@ -160,8 +144,6 @@ - tuple->dst.ip = iph->daddr; - tuple->dst.protonum = iph->protocol; - -- tuple->src.u.all = tuple->dst.u.all = 0; -- - ret = protocol->pkt_to_tuple((u_int32_t *)iph + iph->ihl, - len - 4*iph->ihl, - tuple); -@@ -177,8 +159,6 @@ - inverse->dst.ip = orig->src.ip; - inverse->dst.protonum = orig->dst.protonum; - -- inverse->src.u.all = inverse->dst.u.all = 0; -- - return protocol->invert_tuple(inverse, orig); - } - -@@ -196,8 +176,8 @@ - static void - destroy_expect(struct ip_conntrack_expect *exp) - { -- DEBUGP("destroy_expect(%p) use=%d\n", exp, atomic_read(&exp->use)); -- IP_NF_ASSERT(atomic_read(&exp->use)); -+ DEBUGP("destroy_expect(%p) use=%d\n", exp, atomic_read(exp->use)); -+ IP_NF_ASSERT(atomic_read(exp->use)); - IP_NF_ASSERT(!timer_pending(&exp->timeout)); - - kfree(exp); -@@ -267,11 +247,11 @@ - static void unexpect_related(struct ip_conntrack_expect *expect) - { - IP_NF_ASSERT(expect->expectant); -+ IP_NF_ASSERT(expect->expectant->helper); - /* if we are supposed to have a timer, but we can't delete - * it: race condition. __unexpect_related will - * be calledd by timeout function */ -- if (expect->expectant->helper -- && expect->expectant->helper->timeout -+ if (expect->expectant->helper->timeout - && !del_timer(&expect->timeout)) - return; - -@@ -580,6 +560,7 @@ - if (!h) { - /* Locally generated ICMPs will match inverted if they - haven't been SNAT'ed yet */ -+ /* FIXME: NAT code has to handle half-done double NAT --RR */ - if (hooknum == NF_IP_LOCAL_OUT) - h = ip_conntrack_find_get(&origtuple, NULL); - -@@ -725,7 +706,6 @@ - - /* If the expectation is dying, then this is a looser. */ - if (expected -- && expected->expectant->helper - && expected->expectant->helper->timeout - && ! del_timer(&expected->timeout)) - expected = NULL; -@@ -744,7 +724,6 @@ - conntrack->master = expected; - expected->sibling = conntrack; - LIST_DELETE(&ip_conntrack_expect_list, expected); -- INIT_LIST_HEAD(&expected->list); - expected->expectant->expecting--; - nf_conntrack_get(&master_ct(conntrack)->infos[0]); - } -@@ -821,9 +800,23 @@ - int set_reply; - int ret; - -+ /* FIXME: Do this right please. --RR */ - (*pskb)->nfcache |= NFC_UNKNOWN; - - /* Doesn't cover locally-generated broadcast, so not worth it. */ -+#if 0 -+ /* Ignore broadcast: no `connection'. */ -+ if ((*pskb)->pkt_type == PACKET_BROADCAST) { -+ printk("Broadcast packet!\n"); -+ return NF_ACCEPT; -+ } else if (((*pskb)->nh.iph->daddr & htonl(0x000000FF)) -+ == htonl(0x000000FF)) { -+ printk("Should bcast: %u.%u.%u.%u->%u.%u.%u.%u (sk=%p, ptype=%u)\n", -+ NIPQUAD((*pskb)->nh.iph->saddr), -+ NIPQUAD((*pskb)->nh.iph->daddr), -+ (*pskb)->sk, (*pskb)->pkt_type); -+ } -+#endif - - /* Previously seen (loopback)? Ignore. Do this before - fragment check. */ -@@ -943,8 +936,8 @@ - * so there is no need to use the tuple lock too */ - - DEBUGP("ip_conntrack_expect_related %p\n", related_to); -- DEBUGP("tuple: "); DUMP_TUPLE_RAW(&expect->tuple); -- DEBUGP("mask: "); DUMP_TUPLE_RAW(&expect->mask); -+ DEBUGP("tuple: "); DUMP_TUPLE(&expect->tuple); -+ DEBUGP("mask: "); DUMP_TUPLE(&expect->mask); - - old = LIST_FIND(&ip_conntrack_expect_list, resent_expect, - struct ip_conntrack_expect *, &expect->tuple, -@@ -954,8 +947,7 @@ - pointing into the payload - otherwise we should have to copy - the data filled out by the helper over the old one */ - DEBUGP("expect_related: resent packet\n"); -- if (related_to->helper && -- related_to->helper->timeout) { -+ if (related_to->helper->timeout) { - if (!del_timer(&old->timeout)) { - /* expectation is dying. Fall through */ - old = NULL; -@@ -970,32 +962,26 @@ - WRITE_UNLOCK(&ip_conntrack_lock); - return -EEXIST; - } -- } else if (related_to->helper && -- related_to->helper->max_expected && -+ } else if (related_to->helper->max_expected && - related_to->expecting >= related_to->helper->max_expected) { - struct list_head *cur_item; - /* old == NULL */ -- if (!(related_to->helper->flags & -- IP_CT_HELPER_F_REUSE_EXPECT)) { -- WRITE_UNLOCK(&ip_conntrack_lock); - if (net_ratelimit()) - printk(KERN_WARNING - "ip_conntrack: max number of expected " - "connections %i of %s reached for " -- "%u.%u.%u.%u->%u.%u.%u.%u\n", -+ "%u.%u.%u.%u->%u.%u.%u.%u%s\n", - related_to->helper->max_expected, - related_to->helper->name, - NIPQUAD(related_to->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip), -- NIPQUAD(related_to->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip)); -+ NIPQUAD(related_to->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip), -+ related_to->helper->flags & IP_CT_HELPER_F_REUSE_EXPECT ? -+ ", reusing" : ""); -+ if (!(related_to->helper->flags & -+ IP_CT_HELPER_F_REUSE_EXPECT)) { -+ WRITE_UNLOCK(&ip_conntrack_lock); - return -EPERM; - } -- DEBUGP("ip_conntrack: max number of expected " -- "connections %i of %s reached for " -- "%u.%u.%u.%u->%u.%u.%u.%u, reusing\n", -- related_to->helper->max_expected, -- related_to->helper->name, -- NIPQUAD(related_to->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip), -- NIPQUAD(related_to->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip)); - - /* choose the the oldest expectation to evict */ - list_for_each(cur_item, &related_to->sibling_list) { -@@ -1055,8 +1041,7 @@ - /* add to global list of expectations */ - list_prepend(&ip_conntrack_expect_list, &new->list); - /* add and start timer if required */ -- if (related_to->helper && -- related_to->helper->timeout) { -+ if (related_to->helper->timeout) { - init_timer(&new->timeout); - new->timeout.data = (unsigned long)new; - new->timeout.function = expectation_timed_out; -@@ -1079,10 +1064,11 @@ - - MUST_BE_READ_LOCKED(&ip_conntrack_lock); - WRITE_LOCK(&ip_conntrack_expect_tuple_lock); -+ - DEBUGP("change_expect:\n"); -- DEBUGP("exp tuple: "); DUMP_TUPLE_RAW(&expect->tuple); -- DEBUGP("exp mask: "); DUMP_TUPLE_RAW(&expect->mask); -- DEBUGP("newtuple: "); DUMP_TUPLE_RAW(newtuple); -+ DEBUGP("exp tuple: "); DUMP_TUPLE(&expect->tuple); -+ DEBUGP("exp mask: "); DUMP_TUPLE(&expect->mask); -+ DEBUGP("newtuple: "); DUMP_TUPLE(newtuple); - if (expect->ct_tuple.dst.protonum == 0) { - /* Never seen before */ - DEBUGP("change expect: never seen before\n"); -@@ -1360,8 +1346,6 @@ - 0, NULL }; - - #define NET_IP_CONNTRACK_MAX 2089 --#define NET_IP_CONNTRACK_TCP_TIMEOUTS 2090 --#define NET_IP_CONNTRACK_UDP_TIMEOUTS 2091 - #define NET_IP_CONNTRACK_MAX_NAME "ip_conntrack_max" - - #ifdef CONFIG_SYSCTL -@@ -1370,14 +1354,6 @@ - static ctl_table ip_conntrack_table[] = { - { NET_IP_CONNTRACK_MAX, NET_IP_CONNTRACK_MAX_NAME, &ip_conntrack_max, - sizeof(ip_conntrack_max), 0644, NULL, proc_dointvec }, -- { NET_IP_CONNTRACK_TCP_TIMEOUTS, "ip_conntrack_tcp_timeouts", -- &sysctl_ip_conntrack_tcp_timeouts, -- sizeof(sysctl_ip_conntrack_tcp_timeouts), -- 0644, NULL, &proc_dointvec_jiffies, &sysctl_jiffies }, -- { NET_IP_CONNTRACK_UDP_TIMEOUTS, "ip_conntrack_udp_timeouts", -- &sysctl_ip_conntrack_udp_timeouts, -- sizeof(sysctl_ip_conntrack_udp_timeouts), -- 0644, NULL, &proc_dointvec_jiffies, &sysctl_jiffies }, - { 0 } - }; - -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_ftp.c linux.stock/net/ipv4/netfilter/ip_conntrack_ftp.c ---- linux/net/ipv4/netfilter/ip_conntrack_ftp.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_ftp.c 2004-05-09 04:13:03.000000000 -0400 -@@ -24,7 +24,11 @@ - static int loose = 0; - MODULE_PARM(loose, "i"); - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - static int try_rfc959(const char *, size_t, u_int32_t [], char); - static int try_eprt(const char *, size_t, u_int32_t [], char); -@@ -191,6 +195,16 @@ - } - - if (strnicmp(data, pattern, plen) != 0) { -+#if 0 -+ size_t i; -+ -+ DEBUGP("ftp: string mismatch\n"); -+ for (i = 0; i < plen; i++) { -+ DEBUGFTP("ftp:char %u `%c'(%u) vs `%c'(%u)\n", -+ i, data[i], data[i], -+ pattern[i], pattern[i]); -+ } -+#endif - return 0; - } - -@@ -214,6 +228,7 @@ - return 1; - } - -+/* FIXME: This should be in userspace. Later. */ - static int help(const struct iphdr *iph, size_t len, - struct ip_conntrack *ct, - enum ip_conntrack_info ctinfo) -@@ -249,6 +264,7 @@ - } - - /* Checksum invalid? Ignore. */ -+ /* FIXME: Source route IP option packets --RR */ - if (tcp_v4_check(tcph, tcplen, iph->saddr, iph->daddr, - csum_partial((char *)tcph, tcplen, 0))) { - DEBUGP("ftp_help: bad csum: %p %u %u.%u.%u.%u %u.%u.%u.%u\n", -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_h323.c linux.stock/net/ipv4/netfilter/ip_conntrack_h323.c ---- linux/net/ipv4/netfilter/ip_conntrack_h323.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_h323.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,302 +0,0 @@ --/* -- * H.323 'brute force' extension for H.323 connection tracking. -- * Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> -- * -- * Based on ip_masq_h323.c for 2.2 kernels from CoRiTel, Sofia project. -- * (http://www.coritel.it/projects/sofia/nat/) -- * Uses Sampsa Ranta's excellent idea on using expectfn to 'bind' -- * the unregistered helpers to the conntrack entries. -- */ -- -- --#include <linux/module.h> --#include <linux/netfilter.h> --#include <linux/ip.h> --#include <net/checksum.h> --#include <net/tcp.h> -- --#include <linux/netfilter_ipv4/lockhelp.h> --#include <linux/netfilter_ipv4/ip_conntrack.h> --#include <linux/netfilter_ipv4/ip_conntrack_core.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_tuple.h> --#include <linux/netfilter_ipv4/ip_conntrack_h323.h> -- --MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); --MODULE_DESCRIPTION("H.323 'brute force' connection tracking module"); --MODULE_LICENSE("GPL"); -- --DECLARE_LOCK(ip_h323_lock); --struct module *ip_conntrack_h323 = THIS_MODULE; -- --#define DEBUGP(format, args...) -- --static int h245_help(const struct iphdr *iph, size_t len, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo) --{ -- struct tcphdr *tcph = (void *)iph + iph->ihl * 4; -- unsigned char *data = (unsigned char *) tcph + tcph->doff * 4; -- unsigned char *data_limit; -- u_int32_t tcplen = len - iph->ihl * 4; -- u_int32_t datalen = tcplen - tcph->doff * 4; -- int dir = CTINFO2DIR(ctinfo); -- struct ip_ct_h225_master *info = &ct->help.ct_h225_info; -- struct ip_conntrack_expect expect, *exp = &expect; -- struct ip_ct_h225_expect *exp_info = &exp->help.exp_h225_info; -- u_int16_t data_port; -- u_int32_t data_ip; -- unsigned int i; -- -- DEBUGP("ct_h245_help: help entered %u.%u.%u.%u:%u->%u.%u.%u.%u:%u\n", -- NIPQUAD(iph->saddr), ntohs(tcph->source), -- NIPQUAD(iph->daddr), ntohs(tcph->dest)); -- -- /* Can't track connections formed before we registered */ -- if (!info) -- return NF_ACCEPT; -- -- /* Until there's been traffic both ways, don't look in packets. */ -- if (ctinfo != IP_CT_ESTABLISHED -- && ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY) { -- DEBUGP("ct_h245_help: Conntrackinfo = %u\n", ctinfo); -- return NF_ACCEPT; -- } -- -- /* Not whole TCP header or too short packet? */ -- if (tcplen < sizeof(struct tcphdr) || tcplen < tcph->doff * 4 + 5) { -- DEBUGP("ct_h245_help: tcplen = %u\n", (unsigned)tcplen); -- return NF_ACCEPT; -- } -- -- /* Checksum invalid? Ignore. */ -- if (tcp_v4_check(tcph, tcplen, iph->saddr, iph->daddr, -- csum_partial((char *)tcph, tcplen, 0))) { -- DEBUGP("ct_h245_help: bad csum: %p %u %u.%u.%u.%u %u.%u.%u.%u\n", -- tcph, tcplen, NIPQUAD(iph->saddr), -- NIPQUAD(iph->daddr)); -- return NF_ACCEPT; -- } -- -- data_limit = (unsigned char *) data + datalen; -- /* bytes: 0123 45 -- ipadrr port */ -- for (i = 0; data < (data_limit - 5); data++, i++) { -- memcpy(&data_ip, data, sizeof(u_int32_t)); -- if (data_ip == iph->saddr) { -- memcpy(&data_port, data + 4, sizeof(u_int16_t)); -- memset(&expect, 0, sizeof(expect)); -- /* update the H.225 info */ -- DEBUGP("ct_h245_help: new RTCP/RTP requested %u.%u.%u.%u:->%u.%u.%u.%u:%u\n", -- NIPQUAD(ct->tuplehash[!dir].tuple.src.ip), -- NIPQUAD(iph->saddr), ntohs(data_port)); -- LOCK_BH(&ip_h323_lock); -- info->is_h225 = H225_PORT + 1; -- exp_info->port = data_port; -- exp_info->dir = dir; -- exp_info->offset = i; -- -- exp->seq = ntohl(tcph->seq) + i; -- -- exp->tuple = ((struct ip_conntrack_tuple) -- { { ct->tuplehash[!dir].tuple.src.ip, -- { 0 } }, -- { data_ip, -- { data_port }, -- IPPROTO_UDP }}); -- exp->mask = ((struct ip_conntrack_tuple) -- { { 0xFFFFFFFF, { 0 } }, -- { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }}); -- -- exp->expectfn = NULL; -- -- /* Ignore failure; should only happen with NAT */ -- ip_conntrack_expect_related(ct, exp); -- -- UNLOCK_BH(&ip_h323_lock); -- } -- } -- -- return NF_ACCEPT; -- --} -- --/* H.245 helper is not registered! */ --static struct ip_conntrack_helper h245 = -- { { NULL, NULL }, -- "H.245", /* name */ -- IP_CT_HELPER_F_REUSE_EXPECT, /* flags */ -- NULL, /* module */ -- 8, /* max_ expected */ -- 240, /* timeout */ -- { { 0, { 0 } }, /* tuple */ -- { 0, { 0 }, IPPROTO_TCP } }, -- { { 0, { 0xFFFF } }, /* mask */ -- { 0, { 0 }, 0xFFFF } }, -- h245_help /* helper */ -- }; -- --static int h225_expect(struct ip_conntrack *ct) --{ -- WRITE_LOCK(&ip_conntrack_lock); -- ct->helper = &h245; -- DEBUGP("h225_expect: helper for %p added\n", ct); -- WRITE_UNLOCK(&ip_conntrack_lock); -- -- return NF_ACCEPT; /* unused */ --} -- --static int h225_help(const struct iphdr *iph, size_t len, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo) --{ -- struct tcphdr *tcph = (void *)iph + iph->ihl * 4; -- unsigned char *data = (unsigned char *) tcph + tcph->doff * 4; -- unsigned char *data_limit; -- u_int32_t tcplen = len - iph->ihl * 4; -- u_int32_t datalen = tcplen - tcph->doff * 4; -- int dir = CTINFO2DIR(ctinfo); -- struct ip_ct_h225_master *info = &ct->help.ct_h225_info; -- struct ip_conntrack_expect expect, *exp = &expect; -- struct ip_ct_h225_expect *exp_info = &exp->help.exp_h225_info; -- u_int16_t data_port; -- u_int32_t data_ip; -- unsigned int i; -- -- DEBUGP("ct_h225_help: help entered %u.%u.%u.%u:%u->%u.%u.%u.%u:%u\n", -- NIPQUAD(iph->saddr), ntohs(tcph->source), -- NIPQUAD(iph->daddr), ntohs(tcph->dest)); -- -- /* Can't track connections formed before we registered */ -- if (!info) -- return NF_ACCEPT; -- -- /* Until there's been traffic both ways, don't look in packets. */ -- if (ctinfo != IP_CT_ESTABLISHED -- && ctinfo != IP_CT_ESTABLISHED + IP_CT_IS_REPLY) { -- DEBUGP("ct_h225_help: Conntrackinfo = %u\n", ctinfo); -- return NF_ACCEPT; -- } -- -- /* Not whole TCP header or too short packet? */ -- if (tcplen < sizeof(struct tcphdr) || tcplen < tcph->doff * 4 + 5) { -- DEBUGP("ct_h225_help: tcplen = %u\n", (unsigned)tcplen); -- return NF_ACCEPT; -- } -- -- /* Checksum invalid? Ignore. */ -- if (tcp_v4_check(tcph, tcplen, iph->saddr, iph->daddr, -- csum_partial((char *)tcph, tcplen, 0))) { -- DEBUGP("ct_h225_help: bad csum: %p %u %u.%u.%u.%u %u.%u.%u.%u\n", -- tcph, tcplen, NIPQUAD(iph->saddr), -- NIPQUAD(iph->daddr)); -- return NF_ACCEPT; -- } -- -- data_limit = (unsigned char *) data + datalen; -- /* bytes: 0123 45 -- ipadrr port */ -- for (i = 0; data < (data_limit - 5); data++, i++) { -- memcpy(&data_ip, data, sizeof(u_int32_t)); -- if (data_ip == iph->saddr) { -- memcpy(&data_port, data + 4, sizeof(u_int16_t)); -- if (data_port == tcph->source) { -- /* Signal address */ -- DEBUGP("ct_h225_help: sourceCallSignalAddress from %u.%u.%u.%u\n", -- NIPQUAD(iph->saddr)); -- /* Update the H.225 info so that NAT can mangle the address/port -- even when we have no expected connection! */ --#ifdef CONFIG_IP_NF_NAT_NEEDED -- LOCK_BH(&ip_h323_lock); -- info->dir = dir; -- info->seq[IP_CT_DIR_ORIGINAL] = ntohl(tcph->seq) + i; -- info->offset[IP_CT_DIR_ORIGINAL] = i; -- UNLOCK_BH(&ip_h323_lock); --#endif -- } else { -- memset(&expect, 0, sizeof(expect)); -- -- /* update the H.225 info */ -- LOCK_BH(&ip_h323_lock); -- info->is_h225 = H225_PORT; -- exp_info->port = data_port; -- exp_info->dir = dir; -- exp_info->offset = i; -- -- exp->seq = ntohl(tcph->seq) + i; -- -- exp->tuple = ((struct ip_conntrack_tuple) -- { { ct->tuplehash[!dir].tuple.src.ip, -- { 0 } }, -- { data_ip, -- { data_port }, -- IPPROTO_TCP }}); -- exp->mask = ((struct ip_conntrack_tuple) -- { { 0xFFFFFFFF, { 0 } }, -- { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }}); -- -- exp->expectfn = h225_expect; -- -- /* Ignore failure */ -- ip_conntrack_expect_related(ct, exp); -- -- DEBUGP("ct_h225_help: new H.245 requested %u.%u.%u.%u->%u.%u.%u.%u:%u\n", -- NIPQUAD(ct->tuplehash[!dir].tuple.src.ip), -- NIPQUAD(iph->saddr), ntohs(data_port)); -- -- UNLOCK_BH(&ip_h323_lock); -- } --#ifdef CONFIG_IP_NF_NAT_NEEDED -- } else if (data_ip == iph->daddr) { -- memcpy(&data_port, data + 4, sizeof(u_int16_t)); -- if (data_port == tcph->dest) { -- /* Signal address */ -- DEBUGP("ct_h225_help: destCallSignalAddress %u.%u.%u.%u\n", -- NIPQUAD(iph->daddr)); -- /* Update the H.225 info so that NAT can mangle the address/port -- even when we have no expected connection! */ -- LOCK_BH(&ip_h323_lock); -- info->dir = dir; -- info->seq[IP_CT_DIR_REPLY] = ntohl(tcph->seq) + i; -- info->offset[IP_CT_DIR_REPLY] = i; -- UNLOCK_BH(&ip_h323_lock); -- } --#endif -- } -- } -- -- return NF_ACCEPT; -- --} -- --static struct ip_conntrack_helper h225 = -- { { NULL, NULL }, -- "H.225", /* name */ -- IP_CT_HELPER_F_REUSE_EXPECT, /* flags */ -- THIS_MODULE, /* module */ -- 2, /* max_expected */ -- 240, /* timeout */ -- { { 0, { __constant_htons(H225_PORT) } }, /* tuple */ -- { 0, { 0 }, IPPROTO_TCP } }, -- { { 0, { 0xFFFF } }, /* mask */ -- { 0, { 0 }, 0xFFFF } }, -- h225_help /* helper */ -- }; -- --static int __init init(void) --{ -- return ip_conntrack_helper_register(&h225); --} -- --static void __exit fini(void) --{ -- /* Unregister H.225 helper */ -- ip_conntrack_helper_unregister(&h225); --} -- --#ifdef CONFIG_IP_NF_NAT_NEEDED --EXPORT_SYMBOL(ip_h323_lock); --#endif -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_mms.c linux.stock/net/ipv4/netfilter/ip_conntrack_mms.c ---- linux/net/ipv4/netfilter/ip_conntrack_mms.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_mms.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,292 +0,0 @@ --/* MMS extension for IP connection tracking -- * (C) 2002 by Filip Sneppe <filip.sneppe@cronos.be> -- * based on ip_conntrack_ftp.c and ip_conntrack_irc.c -- * -- * ip_conntrack_mms.c v0.3 2002-09-22 -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version -- * 2 of the License, or (at your option) any later version. -- * -- * Module load syntax: -- * insmod ip_conntrack_mms.o ports=port1,port2,...port<MAX_PORTS> -- * -- * Please give the ports of all MMS servers You wish to connect to. -- * If you don't specify ports, the default will be TCP port 1755. -- * -- * More info on MMS protocol, firewalls and NAT: -- * http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwmt/html/MMSFirewall.asp -- * http://www.microsoft.com/windows/windowsmedia/serve/firewall.asp -- * -- * The SDP project people are reverse-engineering MMS: -- * http://get.to/sdp -- */ -- --#include <linux/config.h> --#include <linux/module.h> --#include <linux/netfilter.h> --#include <linux/ip.h> --#include <linux/ctype.h> --#include <net/checksum.h> --#include <net/tcp.h> -- --#include <linux/netfilter_ipv4/lockhelp.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_mms.h> -- --DECLARE_LOCK(ip_mms_lock); --struct module *ip_conntrack_mms = THIS_MODULE; -- --#define MAX_PORTS 8 --static int ports[MAX_PORTS]; --static int ports_c; --#ifdef MODULE_PARM --MODULE_PARM(ports, "1-" __MODULE_STRING(MAX_PORTS) "i"); --#endif -- --#define DEBUGP(format, args...) -- --#ifdef CONFIG_IP_NF_NAT_NEEDED --EXPORT_SYMBOL(ip_mms_lock); --#endif -- --MODULE_AUTHOR("Filip Sneppe <filip.sneppe@cronos.be>"); --MODULE_DESCRIPTION("Microsoft Windows Media Services (MMS) connection tracking module"); --MODULE_LICENSE("GPL"); -- --/* #define isdigit(c) (c >= '0' && c <= '9') */ -- --/* copied from drivers/usb/serial/io_edgeport.c - not perfect but will do the trick */ --static void unicode_to_ascii (char *string, short *unicode, int unicode_size) --{ -- int i; -- for (i = 0; i < unicode_size; ++i) { -- string[i] = (char)(unicode[i]); -- } -- string[unicode_size] = 0x00; --} -- --__inline static int atoi(char *s) --{ -- int i=0; -- while (isdigit(*s)) { -- i = i*10 + *(s++) - '0'; -- } -- return i; --} -- --/* convert ip address string like "192.168.0.10" to unsigned int */ --__inline static u_int32_t asciiiptoi(char *s) --{ -- unsigned int i, j, k; -- -- for(i=k=0; k<3; ++k, ++s, i<<=8) { -- i+=atoi(s); -- for(j=0; (*(++s) != '.') && (j<3); ++j) -- ; -- } -- i+=atoi(s); -- return ntohl(i); --} -- --int parse_mms(const char *data, -- const unsigned int datalen, -- u_int32_t *mms_ip, -- u_int16_t *mms_proto, -- u_int16_t *mms_port, -- char **mms_string_b, -- char **mms_string_e, -- char **mms_padding_e) --{ -- int unicode_size, i; -- char tempstring[28]; /* "\\255.255.255.255\UDP\65535" */ -- char getlengthstring[28]; -- -- for(unicode_size=0; -- (char) *(data+(MMS_SRV_UNICODE_STRING_OFFSET+unicode_size*2)) != (char)0; -- unicode_size++) -- if ((unicode_size == 28) || (MMS_SRV_UNICODE_STRING_OFFSET+unicode_size*2 >= datalen)) -- return -1; /* out of bounds - incomplete packet */ -- -- unicode_to_ascii(tempstring, (short *)(data+MMS_SRV_UNICODE_STRING_OFFSET), unicode_size); -- DEBUGP("ip_conntrack_mms: offset 60: %s\n", (const char *)(tempstring)); -- -- /* IP address ? */ -- *mms_ip = asciiiptoi(tempstring+2); -- -- i=sprintf(getlengthstring, "%u.%u.%u.%u", HIPQUAD(*mms_ip)); -- -- /* protocol ? */ -- if(strncmp(tempstring+3+i, "TCP", 3)==0) -- *mms_proto = IPPROTO_TCP; -- else if(strncmp(tempstring+3+i, "UDP", 3)==0) -- *mms_proto = IPPROTO_UDP; -- -- /* port ? */ -- *mms_port = atoi(tempstring+7+i); -- -- /* we store a pointer to the beginning of the "\\a.b.c.d\proto\port" -- unicode string, one to the end of the string, and one to the end -- of the packet, since we must keep track of the number of bytes -- between end of the unicode string and the end of packet (padding) */ -- *mms_string_b = (char *)(data + MMS_SRV_UNICODE_STRING_OFFSET); -- *mms_string_e = (char *)(data + MMS_SRV_UNICODE_STRING_OFFSET + unicode_size * 2); -- *mms_padding_e = (char *)(data + datalen); /* looks funny, doesn't it */ -- return 0; --} -- -- --static int help(const struct iphdr *iph, size_t len, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo) --{ -- /* tcplen not negative guaranteed by ip_conntrack_tcp.c */ -- struct tcphdr *tcph = (void *)iph + iph->ihl * 4; -- const char *data = (const char *)tcph + tcph->doff * 4; -- unsigned int tcplen = len - iph->ihl * 4; -- unsigned int datalen = tcplen - tcph->doff * 4; -- int dir = CTINFO2DIR(ctinfo); -- struct ip_conntrack_expect expect, *exp = &expect; -- struct ip_ct_mms_expect *exp_mms_info = &exp->help.exp_mms_info; -- -- u_int32_t mms_ip; -- u_int16_t mms_proto; -- char mms_proto_string[8]; -- u_int16_t mms_port; -- char *mms_string_b, *mms_string_e, *mms_padding_e; -- -- /* Until there's been traffic both ways, don't look in packets. */ -- if (ctinfo != IP_CT_ESTABLISHED -- && ctinfo != IP_CT_ESTABLISHED+IP_CT_IS_REPLY) { -- DEBUGP("ip_conntrack_mms: Conntrackinfo = %u\n", ctinfo); -- return NF_ACCEPT; -- } -- -- /* Not whole TCP header? */ -- if (tcplen < sizeof(struct tcphdr) || tcplen < tcph->doff*4) { -- DEBUGP("ip_conntrack_mms: tcplen = %u\n", (unsigned)tcplen); -- return NF_ACCEPT; -- } -- -- /* Checksum invalid? Ignore. */ -- if (tcp_v4_check(tcph, tcplen, iph->saddr, iph->daddr, -- csum_partial((char *)tcph, tcplen, 0))) { -- DEBUGP("mms_help: bad csum: %p %u %u.%u.%u.%u %u.%u.%u.%u\n", -- tcph, tcplen, NIPQUAD(iph->saddr), -- NIPQUAD(iph->daddr)); -- return NF_ACCEPT; -- } -- -- /* Only look at packets with 0x00030002/196610 on bytes 36->39 of TCP payload */ -- if( (MMS_SRV_MSG_OFFSET < datalen) && -- ((*(u32 *)(data+MMS_SRV_MSG_OFFSET)) == MMS_SRV_MSG_ID)) { -- DEBUGP("ip_conntrack_mms: offset 37: %u %u %u %u, datalen:%u\n", -- (u8)*(data+36), (u8)*(data+37), -- (u8)*(data+38), (u8)*(data+39), -- datalen); -- if(parse_mms(data, datalen, &mms_ip, &mms_proto, &mms_port, -- &mms_string_b, &mms_string_e, &mms_padding_e)) -- if(net_ratelimit()) -- printk(KERN_WARNING -- "ip_conntrack_mms: Unable to parse data payload\n"); -- -- memset(&expect, 0, sizeof(expect)); -- -- sprintf(mms_proto_string, "(%u)", mms_proto); -- DEBUGP("ip_conntrack_mms: adding %s expectation %u.%u.%u.%u -> %u.%u.%u.%u:%u\n", -- mms_proto == IPPROTO_TCP ? "TCP" -- : mms_proto == IPPROTO_UDP ? "UDP":mms_proto_string, -- NIPQUAD(ct->tuplehash[!dir].tuple.src.ip), -- NIPQUAD(mms_ip), -- mms_port); -- -- /* it's possible that the client will just ask the server to tunnel -- the stream over the same TCP session (from port 1755): there's -- shouldn't be a need to add an expectation in that case, but it -- makes NAT packet mangling so much easier */ -- LOCK_BH(&ip_mms_lock); -- -- DEBUGP("ip_conntrack_mms: tcph->seq = %u\n", tcph->seq); -- -- exp->seq = ntohl(tcph->seq) + (mms_string_b - data); -- exp_mms_info->len = (mms_string_e - mms_string_b); -- exp_mms_info->padding = (mms_padding_e - mms_string_e); -- exp_mms_info->port = mms_port; -- -- DEBUGP("ip_conntrack_mms: wrote info seq=%u (ofs=%u), len=%d, padding=%u\n", -- exp->seq, (mms_string_e - data), exp_mms_info->len, exp_mms_info->padding); -- -- exp->tuple = ((struct ip_conntrack_tuple) -- { { ct->tuplehash[!dir].tuple.src.ip, { 0 } }, -- { mms_ip, -- { (__u16) ntohs(mms_port) }, -- mms_proto } } -- ); -- exp->mask = ((struct ip_conntrack_tuple) -- { { 0xFFFFFFFF, { 0 } }, -- { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }}); -- exp->expectfn = NULL; -- ip_conntrack_expect_related(ct, &expect); -- UNLOCK_BH(&ip_mms_lock); -- } -- -- return NF_ACCEPT; --} -- --static struct ip_conntrack_helper mms[MAX_PORTS]; --static char mms_names[MAX_PORTS][10]; -- --/* Not __exit: called from init() */ --static void fini(void) --{ -- int i; -- for (i = 0; (i < MAX_PORTS) && ports[i]; i++) { -- DEBUGP("ip_conntrack_mms: unregistering helper for port %d\n", -- ports[i]); -- ip_conntrack_helper_unregister(&mms[i]); -- } --} -- --static int __init init(void) --{ -- int i, ret; -- char *tmpname; -- -- if (ports[0] == 0) -- ports[0] = MMS_PORT; -- -- for (i = 0; (i < MAX_PORTS) && ports[i]; i++) { -- memset(&mms[i], 0, sizeof(struct ip_conntrack_helper)); -- mms[i].tuple.src.u.tcp.port = htons(ports[i]); -- mms[i].tuple.dst.protonum = IPPROTO_TCP; -- mms[i].mask.src.u.tcp.port = 0xFFFF; -- mms[i].mask.dst.protonum = 0xFFFF; -- mms[i].max_expected = 1; -- mms[i].timeout = 0; -- mms[i].flags = IP_CT_HELPER_F_REUSE_EXPECT; -- mms[i].me = THIS_MODULE; -- mms[i].help = help; -- -- tmpname = &mms_names[i][0]; -- if (ports[i] == MMS_PORT) -- sprintf(tmpname, "mms"); -- else -- sprintf(tmpname, "mms-%d", ports[i]); -- mms[i].name = tmpname; -- -- DEBUGP("ip_conntrack_mms: registering helper for port %d\n", -- ports[i]); -- ret = ip_conntrack_helper_register(&mms[i]); -- -- if (ret) { -- fini(); -- return ret; -- } -- ports_c++; -- } -- return 0; --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_pptp.c linux.stock/net/ipv4/netfilter/ip_conntrack_pptp.c ---- linux/net/ipv4/netfilter/ip_conntrack_pptp.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_pptp.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,531 +0,0 @@ --/* -- * ip_conntrack_pptp.c - Version 1.11 -- * -- * Connection tracking support for PPTP (Point to Point Tunneling Protocol). -- * PPTP is a a protocol for creating virtual private networks. -- * It is a specification defined by Microsoft and some vendors -- * working with Microsoft. PPTP is built on top of a modified -- * version of the Internet Generic Routing Encapsulation Protocol. -- * GRE is defined in RFC 1701 and RFC 1702. Documentation of -- * PPTP can be found in RFC 2637 -- * -- * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org>, -- * -- * Development of this code funded by Astaro AG (http://www.astaro.com/) -- * -- * Limitations: -- * - We blindly assume that control connections are always -- * established in PNS->PAC direction. This is a violation -- * of RFFC2673 -- * -- * TODO: - finish support for multiple calls within one session -- * (needs expect reservations in newnat) -- * - testing of incoming PPTP calls -- */ -- --#include <linux/config.h> --#include <linux/module.h> --#include <linux/netfilter.h> --#include <linux/ip.h> --#include <net/checksum.h> --#include <net/tcp.h> -- --#include <linux/netfilter_ipv4/lockhelp.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_proto_gre.h> --#include <linux/netfilter_ipv4/ip_conntrack_pptp.h> -- --MODULE_LICENSE("GPL"); --MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); --MODULE_DESCRIPTION("Netfilter connection tracking helper module for PPTP"); -- --DECLARE_LOCK(ip_pptp_lock); -- --#define DEBUGP(format, args...) -- --#define SECS *HZ --#define MINS * 60 SECS --#define HOURS * 60 MINS --#define DAYS * 24 HOURS -- --#define PPTP_GRE_TIMEOUT (10 MINS) --#define PPTP_GRE_STREAM_TIMEOUT (5 DAYS) -- --static int pptp_expectfn(struct ip_conntrack *ct) --{ -- struct ip_conntrack_expect *exp, *other_exp; -- struct ip_conntrack *master; -- -- DEBUGP("increasing timeouts\n"); -- /* increase timeout of GRE data channel conntrack entry */ -- ct->proto.gre.timeout = PPTP_GRE_TIMEOUT; -- ct->proto.gre.stream_timeout = PPTP_GRE_STREAM_TIMEOUT; -- -- master = master_ct(ct); -- if (!master) { -- DEBUGP(" no master!!!\n"); -- return 0; -- } -- -- DEBUGP("completing tuples with ct info\n"); -- /* we can do this, since we're unconfirmed */ -- if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.gre.key == -- htonl(master->help.ct_pptp_info.pac_call_id)) { -- /* assume PNS->PAC */ -- ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.gre.key = -- htonl(master->help.ct_pptp_info.pns_call_id); -- ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.gre.key = -- htonl(master->help.ct_pptp_info.pns_call_id); -- } else { -- /* assume PAC->PNS */ -- ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.gre.key = -- htonl(master->help.ct_pptp_info.pac_call_id); -- ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.gre.key = -- htonl(master->help.ct_pptp_info.pns_call_id); -- } -- -- return 0; --} -- --/* timeout GRE data connections */ --static int pptp_timeout_related(struct ip_conntrack *ct) --{ -- struct list_head *cur_item; -- struct ip_conntrack_expect *exp; -- -- list_for_each(cur_item, &ct->sibling_list) { -- exp = list_entry(cur_item, struct ip_conntrack_expect, -- expected_list); -- -- if (!exp->sibling) -- continue; -- -- DEBUGP("setting timeout of conntrack %p to 0\n", -- exp->sibling); -- exp->sibling->proto.gre.timeout = 0; -- exp->sibling->proto.gre.stream_timeout = 0; -- ip_ct_refresh(exp->sibling, 0); -- } -- -- return 0; --} -- --/* expect GRE connection in PNS->PAC direction */ --static inline int --exp_gre(struct ip_conntrack *master, -- u_int32_t seq, -- u_int16_t callid, -- u_int16_t peer_callid) --{ -- struct ip_conntrack_expect exp; -- struct ip_conntrack_tuple inv_tuple; -- -- memset(&exp, 0, sizeof(exp)); -- /* tuple in original direction, PAC->PNS */ -- exp.tuple.src.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; -- exp.tuple.src.u.gre.key = htonl(ntohs(peer_callid)); -- exp.tuple.dst.ip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; -- exp.tuple.dst.u.gre.key = htonl(ntohs(callid)); -- exp.tuple.dst.u.gre.protocol = __constant_htons(GRE_PROTOCOL_PPTP); -- exp.tuple.dst.u.gre.version = GRE_VERSION_PPTP; -- exp.tuple.dst.protonum = IPPROTO_GRE; -- -- exp.mask.src.ip = 0xffffffff; -- exp.mask.src.u.all = 0; -- exp.mask.dst.u.all = 0; -- exp.mask.dst.u.gre.key = 0xffffffff; -- exp.mask.dst.u.gre.version = 0xff; -- exp.mask.dst.u.gre.protocol = 0xffff; -- exp.mask.dst.ip = 0xffffffff; -- exp.mask.dst.protonum = 0xffff; -- -- exp.seq = seq; -- exp.expectfn = pptp_expectfn; -- -- exp.help.exp_pptp_info.pac_call_id = ntohs(callid); -- exp.help.exp_pptp_info.pns_call_id = ntohs(peer_callid); -- -- DEBUGP("calling expect_related "); -- DUMP_TUPLE_RAW(&exp.tuple); -- -- /* Add GRE keymap entries */ -- ip_ct_gre_keymap_add(&exp, &exp.tuple, 0); -- invert_tuplepr(&inv_tuple, &exp.tuple); -- ip_ct_gre_keymap_add(&exp, &inv_tuple, 1); -- -- ip_conntrack_expect_related(master, &exp); -- -- return 0; --} -- --static inline int --pptp_inbound_pkt(struct tcphdr *tcph, -- struct pptp_pkt_hdr *pptph, -- size_t datalen, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo) --{ -- struct PptpControlHeader *ctlh; -- union pptp_ctrl_union pptpReq; -- -- struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info; -- u_int16_t msg, *cid, *pcid; -- u_int32_t seq; -- -- ctlh = (struct PptpControlHeader *) -- ((char *) pptph + sizeof(struct pptp_pkt_hdr)); -- pptpReq.rawreq = (void *) -- ((char *) ctlh + sizeof(struct PptpControlHeader)); -- -- msg = ntohs(ctlh->messageType); -- DEBUGP("inbound control message %s\n", strMName[msg]); -- -- switch (msg) { -- case PPTP_START_SESSION_REPLY: -- /* server confirms new control session */ -- if (info->sstate < PPTP_SESSION_REQUESTED) { -- DEBUGP("%s without START_SESS_REQUEST\n", -- strMName[msg]); -- break; -- } -- if (pptpReq.srep->resultCode == PPTP_START_OK) -- info->sstate = PPTP_SESSION_CONFIRMED; -- else -- info->sstate = PPTP_SESSION_ERROR; -- break; -- -- case PPTP_STOP_SESSION_REPLY: -- /* server confirms end of control session */ -- if (info->sstate > PPTP_SESSION_STOPREQ) { -- DEBUGP("%s without STOP_SESS_REQUEST\n", -- strMName[msg]); -- break; -- } -- if (pptpReq.strep->resultCode == PPTP_STOP_OK) -- info->sstate = PPTP_SESSION_NONE; -- else -- info->sstate = PPTP_SESSION_ERROR; -- break; -- -- case PPTP_OUT_CALL_REPLY: -- /* server accepted call, we now expect GRE frames */ -- if (info->sstate != PPTP_SESSION_CONFIRMED) { -- DEBUGP("%s but no session\n", strMName[msg]); -- break; -- } -- if (info->cstate != PPTP_CALL_OUT_REQ && -- info->cstate != PPTP_CALL_OUT_CONF) { -- DEBUGP("%s without OUTCALL_REQ\n", strMName[msg]); -- break; -- } -- if (pptpReq.ocack->resultCode != PPTP_OUTCALL_CONNECT) { -- info->cstate = PPTP_CALL_NONE; -- break; -- } -- -- cid = &pptpReq.ocack->callID; -- pcid = &pptpReq.ocack->peersCallID; -- -- info->pac_call_id = ntohs(*cid); -- -- if (htons(info->pns_call_id) != *pcid) { -- DEBUGP("%s for unknown callid %u\n", -- strMName[msg], ntohs(*pcid)); -- break; -- } -- -- DEBUGP("%s, CID=%X, PCID=%X\n", strMName[msg], -- ntohs(*cid), ntohs(*pcid)); -- -- info->cstate = PPTP_CALL_OUT_CONF; -- -- seq = ntohl(tcph->seq) + ((void *)pcid - (void *)pptph); -- exp_gre(ct, seq, *cid, *pcid); -- break; -- -- case PPTP_IN_CALL_REQUEST: -- /* server tells us about incoming call request */ -- if (info->sstate != PPTP_SESSION_CONFIRMED) { -- DEBUGP("%s but no session\n", strMName[msg]); -- break; -- } -- pcid = &pptpReq.icack->peersCallID; -- DEBUGP("%s, PCID=%X\n", strMName[msg], ntohs(*pcid)); -- info->cstate = PPTP_CALL_IN_REQ; -- info->pac_call_id= ntohs(*pcid); -- break; -- -- case PPTP_IN_CALL_CONNECT: -- /* server tells us about incoming call established */ -- if (info->sstate != PPTP_SESSION_CONFIRMED) { -- DEBUGP("%s but no session\n", strMName[msg]); -- break; -- } -- if (info->sstate != PPTP_CALL_IN_REP -- && info->sstate != PPTP_CALL_IN_CONF) { -- DEBUGP("%s but never sent IN_CALL_REPLY\n", -- strMName[msg]); -- break; -- } -- -- pcid = &pptpReq.iccon->peersCallID; -- cid = &info->pac_call_id; -- -- if (info->pns_call_id != ntohs(*pcid)) { -- DEBUGP("%s for unknown CallID %u\n", -- strMName[msg], ntohs(*cid)); -- break; -- } -- -- DEBUGP("%s, PCID=%X\n", strMName[msg], ntohs(*pcid)); -- info->cstate = PPTP_CALL_IN_CONF; -- -- /* we expect a GRE connection from PAC to PNS */ -- seq = ntohl(tcph->seq) + ((void *)pcid - (void *)pptph); -- exp_gre(ct, seq, *cid, *pcid); -- -- break; -- -- case PPTP_CALL_DISCONNECT_NOTIFY: -- /* server confirms disconnect */ -- cid = &pptpReq.disc->callID; -- DEBUGP("%s, CID=%X\n", strMName[msg], ntohs(*cid)); -- info->cstate = PPTP_CALL_NONE; -- -- /* untrack this call id, unexpect GRE packets */ -- pptp_timeout_related(ct); -- /* NEWNAT: look up exp for call id and unexpct_related */ -- break; -- -- case PPTP_WAN_ERROR_NOTIFY: -- break; -- -- case PPTP_ECHO_REQUEST: -- case PPTP_ECHO_REPLY: -- /* I don't have to explain these ;) */ -- break; -- default: -- DEBUGP("invalid %s (TY=%d)\n", (msg <= PPTP_MSG_MAX) -- ? strMName[msg]:strMName[0], msg); -- break; -- } -- -- return NF_ACCEPT; -- --} -- --static inline int --pptp_outbound_pkt(struct tcphdr *tcph, -- struct pptp_pkt_hdr *pptph, -- size_t datalen, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo) --{ -- struct PptpControlHeader *ctlh; -- union pptp_ctrl_union pptpReq; -- struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info; -- u_int16_t msg, *cid, *pcid; -- -- ctlh = (struct PptpControlHeader *) ((void *) pptph + sizeof(*pptph)); -- pptpReq.rawreq = (void *) ((void *) ctlh + sizeof(*ctlh)); -- -- msg = ntohs(ctlh->messageType); -- DEBUGP("outbound control message %s\n", strMName[msg]); -- -- switch (msg) { -- case PPTP_START_SESSION_REQUEST: -- /* client requests for new control session */ -- if (info->sstate != PPTP_SESSION_NONE) { -- DEBUGP("%s but we already have one", -- strMName[msg]); -- } -- info->sstate = PPTP_SESSION_REQUESTED; -- break; -- case PPTP_STOP_SESSION_REQUEST: -- /* client requests end of control session */ -- info->sstate = PPTP_SESSION_STOPREQ; -- break; -- -- case PPTP_OUT_CALL_REQUEST: -- /* client initiating connection to server */ -- if (info->sstate != PPTP_SESSION_CONFIRMED) { -- DEBUGP("%s but no session\n", -- strMName[msg]); -- break; -- } -- info->cstate = PPTP_CALL_OUT_REQ; -- /* track PNS call id */ -- cid = &pptpReq.ocreq->callID; -- DEBUGP("%s, CID=%X\n", strMName[msg], ntohs(*cid)); -- info->pns_call_id = ntohs(*cid); -- break; -- case PPTP_IN_CALL_REPLY: -- /* client answers incoming call */ -- if (info->cstate != PPTP_CALL_IN_REQ -- && info->cstate != PPTP_CALL_IN_REP) { -- DEBUGP("%s without incall_req\n", -- strMName[msg]); -- break; -- } -- if (pptpReq.icack->resultCode != PPTP_INCALL_ACCEPT) { -- info->cstate = PPTP_CALL_NONE; -- break; -- } -- pcid = &pptpReq.icack->peersCallID; -- if (info->pac_call_id != ntohs(*pcid)) { -- DEBUGP("%s for unknown call %u\n", -- strMName[msg], ntohs(*pcid)); -- break; -- } -- DEBUGP("%s, CID=%X\n", strMName[msg], ntohs(*pcid)); -- /* part two of the three-way handshake */ -- info->cstate = PPTP_CALL_IN_REP; -- info->pns_call_id = ntohs(pptpReq.icack->callID); -- break; -- -- case PPTP_CALL_CLEAR_REQUEST: -- /* client requests hangup of call */ -- if (info->sstate != PPTP_SESSION_CONFIRMED) { -- DEBUGP("CLEAR_CALL but no session\n"); -- break; -- } -- /* FUTURE: iterate over all calls and check if -- * call ID is valid. We don't do this without newnat, -- * because we only know about last call */ -- info->cstate = PPTP_CALL_CLEAR_REQ; -- break; -- case PPTP_SET_LINK_INFO: -- break; -- case PPTP_ECHO_REQUEST: -- case PPTP_ECHO_REPLY: -- /* I don't have to explain these ;) */ -- break; -- default: -- DEBUGP("invalid %s (TY=%d)\n", (msg <= PPTP_MSG_MAX)? -- strMName[msg]:strMName[0], msg); -- /* unknown: no need to create GRE masq table entry */ -- break; -- } -- -- return NF_ACCEPT; --} -- -- --/* track caller id inside control connection, call expect_related */ --static int --conntrack_pptp_help(const struct iphdr *iph, size_t len, -- struct ip_conntrack *ct, enum ip_conntrack_info ctinfo) -- --{ -- struct pptp_pkt_hdr *pptph; -- -- struct tcphdr *tcph = (void *) iph + iph->ihl * 4; -- u_int32_t tcplen = len - iph->ihl * 4; -- u_int32_t datalen = tcplen - tcph->doff * 4; -- void *datalimit; -- int dir = CTINFO2DIR(ctinfo); -- struct ip_ct_pptp_master *info = &ct->help.ct_pptp_info; -- -- int oldsstate, oldcstate; -- int ret; -- -- /* don't do any tracking before tcp handshake complete */ -- if (ctinfo != IP_CT_ESTABLISHED -- && ctinfo != IP_CT_ESTABLISHED+IP_CT_IS_REPLY) { -- DEBUGP("ctinfo = %u, skipping\n", ctinfo); -- return NF_ACCEPT; -- } -- -- /* not a complete TCP header? */ -- if (tcplen < sizeof(struct tcphdr) || tcplen < tcph->doff * 4) { -- DEBUGP("tcplen = %u\n", tcplen); -- return NF_ACCEPT; -- } -- -- /* checksum invalid? */ -- if (tcp_v4_check(tcph, tcplen, iph->saddr, iph->daddr, -- csum_partial((char *) tcph, tcplen, 0))) { -- printk(KERN_NOTICE __FILE__ ": bad csum\n"); --// return NF_ACCEPT; -- } -- -- if (tcph->fin || tcph->rst) { -- DEBUGP("RST/FIN received, timeouting GRE\n"); -- /* can't do this after real newnat */ -- info->cstate = PPTP_CALL_NONE; -- -- /* untrack this call id, unexpect GRE packets */ -- pptp_timeout_related(ct); -- /* no need to call unexpect_related since master conn -- * dies anyway */ -- } -- -- -- pptph = (struct pptp_pkt_hdr *) ((void *) tcph + tcph->doff * 4); -- datalimit = (void *) pptph + datalen; -- -- /* not a full pptp packet header? */ -- if ((void *) pptph+sizeof(*pptph) >= datalimit) { -- DEBUGP("no full PPTP header, can't track\n"); -- return NF_ACCEPT; -- } -- -- /* if it's not a control message we can't do anything with it */ -- if (ntohs(pptph->packetType) != PPTP_PACKET_CONTROL || -- ntohl(pptph->magicCookie) != PPTP_MAGIC_COOKIE) { -- DEBUGP("not a control packet\n"); -- return NF_ACCEPT; -- } -- -- oldsstate = info->sstate; -- oldcstate = info->cstate; -- -- LOCK_BH(&ip_pptp_lock); -- -- if (dir == IP_CT_DIR_ORIGINAL) -- /* client -> server (PNS -> PAC) */ -- ret = pptp_outbound_pkt(tcph, pptph, datalen, ct, ctinfo); -- else -- /* server -> client (PAC -> PNS) */ -- ret = pptp_inbound_pkt(tcph, pptph, datalen, ct, ctinfo); -- DEBUGP("sstate: %d->%d, cstate: %d->%d\n", -- oldsstate, info->sstate, oldcstate, info->cstate); -- UNLOCK_BH(&ip_pptp_lock); -- -- return ret; --} -- --/* control protocol helper */ --static struct ip_conntrack_helper pptp = { -- { NULL, NULL }, -- "pptp", IP_CT_HELPER_F_REUSE_EXPECT, THIS_MODULE, 2, 0, -- { { 0, { tcp: { port: __constant_htons(PPTP_CONTROL_PORT) } } }, -- { 0, { 0 }, IPPROTO_TCP } }, -- { { 0, { tcp: { port: 0xffff } } }, -- { 0, { 0 }, 0xffff } }, -- conntrack_pptp_help }; -- --/* ip_conntrack_pptp initialization */ --static int __init init(void) --{ -- int retcode; -- -- DEBUGP(__FILE__ ": registering helper\n"); -- if ((retcode = ip_conntrack_helper_register(&pptp))) { -- printk(KERN_ERR "Unable to register conntrack application " -- "helper for pptp: %d\n", retcode); -- return -EIO; -- } -- -- return 0; --} -- --static void __exit fini(void) --{ -- ip_conntrack_helper_unregister(&pptp); --} -- --module_init(init); --module_exit(fini); -- --EXPORT_SYMBOL(ip_pptp_lock); -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_pptp_priv.h linux.stock/net/ipv4/netfilter/ip_conntrack_pptp_priv.h ---- linux/net/ipv4/netfilter/ip_conntrack_pptp_priv.h 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_pptp_priv.h 1969-12-31 19:00:00.000000000 -0500 -@@ -1,24 +0,0 @@ --#ifndef _IP_CT_PPTP_PRIV_H --#define _IP_CT_PPTP_PRIV_H -- --/* PptpControlMessageType names */ --static const char *strMName[] = { -- "UNKNOWN_MESSAGE", -- "START_SESSION_REQUEST", -- "START_SESSION_REPLY", -- "STOP_SESSION_REQUEST", -- "STOP_SESSION_REPLY", -- "ECHO_REQUEST", -- "ECHO_REPLY", -- "OUT_CALL_REQUEST", -- "OUT_CALL_REPLY", -- "IN_CALL_REQUEST", -- "IN_CALL_REPLY", -- "IN_CALL_CONNECT", -- "CALL_CLEAR_REQUEST", -- "CALL_DISCONNECT_NOTIFY", -- "WAN_ERROR_NOTIFY", -- "SET_LINK_INFO" --}; -- --#endif -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_proto_gre.c linux.stock/net/ipv4/netfilter/ip_conntrack_proto_gre.c ---- linux/net/ipv4/netfilter/ip_conntrack_proto_gre.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_proto_gre.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,320 +0,0 @@ --/* -- * ip_conntrack_proto_gre.c - Version 1.11 -- * -- * Connection tracking protocol helper module for GRE. -- * -- * GRE is a generic encapsulation protocol, which is generally not very -- * suited for NAT, as it has no protocol-specific part as port numbers. -- * -- * It has an optional key field, which may help us distinguishing two -- * connections between the same two hosts. -- * -- * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 -- * -- * PPTP is built on top of a modified version of GRE, and has a mandatory -- * field called "CallID", which serves us for the same purpose as the key -- * field in plain GRE. -- * -- * Documentation about PPTP can be found in RFC 2637 -- * -- * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org> -- * -- * Development of this code funded by Astaro AG (http://www.astaro.com/) -- * -- */ -- --#include <linux/config.h> --#include <linux/module.h> --#include <linux/types.h> --#include <linux/timer.h> --#include <linux/netfilter.h> --#include <linux/ip.h> --#include <linux/in.h> --#include <linux/list.h> -- --#include <linux/netfilter_ipv4/lockhelp.h> -- --DECLARE_RWLOCK(ip_ct_gre_lock); --#define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_ct_gre_lock) --#define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_ct_gre_lock) -- --#include <linux/netfilter_ipv4/listhelp.h> --#include <linux/netfilter_ipv4/ip_conntrack_protocol.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_core.h> -- --#include <linux/netfilter_ipv4/ip_conntrack_proto_gre.h> --#include <linux/netfilter_ipv4/ip_conntrack_pptp.h> -- --MODULE_LICENSE("GPL"); --MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); --MODULE_DESCRIPTION("netfilter connection tracking protocol helper for GRE"); -- --/* shamelessly stolen from ip_conntrack_proto_udp.c */ --#define GRE_TIMEOUT (30*HZ) --#define GRE_STREAM_TIMEOUT (180*HZ) -- --#define DEBUGP(x, args...) --#define DUMP_TUPLE_GRE(x) -- --/* GRE KEYMAP HANDLING FUNCTIONS */ --static LIST_HEAD(gre_keymap_list); -- --static inline int gre_key_cmpfn(const struct ip_ct_gre_keymap *km, -- const struct ip_conntrack_tuple *t) --{ -- return ((km->tuple.src.ip == t->src.ip) && -- (km->tuple.dst.ip == t->dst.ip) && -- (km->tuple.dst.protonum == t->dst.protonum) && -- (km->tuple.dst.u.all == t->dst.u.all)); --} -- --/* look up the source key for a given tuple */ --static u_int32_t gre_keymap_lookup(struct ip_conntrack_tuple *t) --{ -- struct ip_ct_gre_keymap *km; -- u_int32_t key; -- -- READ_LOCK(&ip_ct_gre_lock); -- km = LIST_FIND(&gre_keymap_list, gre_key_cmpfn, -- struct ip_ct_gre_keymap *, t); -- if (!km) { -- READ_UNLOCK(&ip_ct_gre_lock); -- return 0; -- } -- -- key = km->tuple.src.u.gre.key; -- READ_UNLOCK(&ip_ct_gre_lock); -- -- return key; --} -- --/* add a single keymap entry, associate with specified expect */ --int ip_ct_gre_keymap_add(struct ip_conntrack_expect *exp, -- struct ip_conntrack_tuple *t, int reply) --{ -- struct ip_ct_gre_keymap *km; -- -- km = kmalloc(sizeof(*km), GFP_ATOMIC); -- if (!km) -- return -1; -- -- /* initializing list head should be sufficient */ -- memset(km, 0, sizeof(*km)); -- -- memcpy(&km->tuple, t, sizeof(*t)); -- km->master = exp; -- -- if (!reply) -- exp->proto.gre.keymap_orig = km; -- else -- exp->proto.gre.keymap_reply = km; -- -- DEBUGP("adding new entry %p: ", km); -- DUMP_TUPLE_GRE(&km->tuple); -- -- WRITE_LOCK(&ip_ct_gre_lock); -- list_append(&gre_keymap_list, km); -- WRITE_UNLOCK(&ip_ct_gre_lock); -- -- return 0; --} -- --/* change the tuple of a keymap entry (used by nat helper) */ --void ip_ct_gre_keymap_change(struct ip_ct_gre_keymap *km, -- struct ip_conntrack_tuple *t) --{ -- DEBUGP("changing entry %p to: ", km); -- DUMP_TUPLE_GRE(t); -- -- WRITE_LOCK(&ip_ct_gre_lock); -- memcpy(&km->tuple, t, sizeof(km->tuple)); -- WRITE_UNLOCK(&ip_ct_gre_lock); --} -- -- --/* PUBLIC CONNTRACK PROTO HELPER FUNCTIONS */ -- --/* invert gre part of tuple */ --static int gre_invert_tuple(struct ip_conntrack_tuple *tuple, -- const struct ip_conntrack_tuple *orig) --{ -- tuple->dst.u.gre.protocol = orig->dst.u.gre.protocol; -- tuple->dst.u.gre.version = orig->dst.u.gre.version; -- -- tuple->dst.u.gre.key = orig->src.u.gre.key; -- tuple->src.u.gre.key = orig->dst.u.gre.key; -- -- return 1; --} -- --/* gre hdr info to tuple */ --static int gre_pkt_to_tuple(const void *datah, size_t datalen, -- struct ip_conntrack_tuple *tuple) --{ -- struct gre_hdr *grehdr = (struct gre_hdr *) datah; -- struct gre_hdr_pptp *pgrehdr = (struct gre_hdr_pptp *) datah; -- u_int32_t srckey; -- -- /* core guarantees 8 protocol bytes, no need for size check */ -- -- tuple->dst.u.gre.version = grehdr->version; -- tuple->dst.u.gre.protocol = grehdr->protocol; -- -- switch (grehdr->version) { -- case GRE_VERSION_1701: -- if (!grehdr->key) { -- DEBUGP("Can't track GRE without key\n"); -- return 0; -- } -- tuple->dst.u.gre.key = *(gre_key(grehdr)); -- break; -- -- case GRE_VERSION_PPTP: -- if (ntohs(grehdr->protocol) != GRE_PROTOCOL_PPTP) { -- DEBUGP("GRE_VERSION_PPTP but unknown proto\n"); -- return 0; -- } -- tuple->dst.u.gre.key = htonl(ntohs(pgrehdr->call_id)); -- break; -- -- default: -- printk(KERN_WARNING "unknown GRE version %hu\n", -- tuple->dst.u.gre.version); -- return 0; -- } -- -- srckey = gre_keymap_lookup(tuple); -- -- tuple->src.u.gre.key = srckey; -- -- return 1; --} -- --/* print gre part of tuple */ --static unsigned int gre_print_tuple(char *buffer, -- const struct ip_conntrack_tuple *tuple) --{ -- return sprintf(buffer, "version=%d protocol=0x%04x srckey=0x%x dstkey=0x%x ", -- tuple->dst.u.gre.version, -- ntohs(tuple->dst.u.gre.protocol), -- ntohl(tuple->src.u.gre.key), -- ntohl(tuple->dst.u.gre.key)); --} -- --/* print private data for conntrack */ --static unsigned int gre_print_conntrack(char *buffer, -- const struct ip_conntrack *ct) --{ -- return sprintf(buffer, "timeout=%u, stream_timeout=%u ", -- (ct->proto.gre.timeout / HZ), -- (ct->proto.gre.stream_timeout / HZ)); --} -- --/* Returns verdict for packet, and may modify conntrack */ --static int gre_packet(struct ip_conntrack *ct, -- struct iphdr *iph, size_t len, -- enum ip_conntrack_info conntrackinfo) --{ -- /* If we've seen traffic both ways, this is a GRE connection. -- * Extend timeout. */ -- if (ct->status & IPS_SEEN_REPLY) { -- ip_ct_refresh(ct, ct->proto.gre.stream_timeout); -- /* Also, more likely to be important, and not a probe. */ -- set_bit(IPS_ASSURED_BIT, &ct->status); -- } else -- ip_ct_refresh(ct, ct->proto.gre.timeout); -- -- return NF_ACCEPT; --} -- --/* Called when a new connection for this protocol found. */ --static int gre_new(struct ip_conntrack *ct, -- struct iphdr *iph, size_t len) --{ -- DEBUGP(": "); -- DUMP_TUPLE_GRE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- -- /* initialize to sane value. Ideally a conntrack helper -- * (e.g. in case of pptp) is increasing them */ -- ct->proto.gre.stream_timeout = GRE_STREAM_TIMEOUT; -- ct->proto.gre.timeout = GRE_TIMEOUT; -- -- return 1; --} -- --/* Called when a conntrack entry has already been removed from the hashes -- * and is about to be deleted from memory */ --static void gre_destroy(struct ip_conntrack *ct) --{ -- struct ip_conntrack_expect *master = ct->master; -- -- DEBUGP(" entering\n"); -- -- if (!master) { -- DEBUGP("no master exp for ct %p\n", ct); -- return; -- } -- -- WRITE_LOCK(&ip_ct_gre_lock); -- if (master->proto.gre.keymap_orig) { -- DEBUGP("removing %p from list\n", master->proto.gre.keymap_orig); -- list_del(&master->proto.gre.keymap_orig->list); -- kfree(master->proto.gre.keymap_orig); -- } -- if (master->proto.gre.keymap_reply) { -- DEBUGP("removing %p from list\n", master->proto.gre.keymap_reply); -- list_del(&master->proto.gre.keymap_reply->list); -- kfree(master->proto.gre.keymap_reply); -- } -- WRITE_UNLOCK(&ip_ct_gre_lock); --} -- --/* protocol helper struct */ --static struct ip_conntrack_protocol gre = { { NULL, NULL }, IPPROTO_GRE, -- "gre", -- gre_pkt_to_tuple, -- gre_invert_tuple, -- gre_print_tuple, -- gre_print_conntrack, -- gre_packet, -- gre_new, -- gre_destroy, -- NULL, -- THIS_MODULE }; -- --/* ip_conntrack_proto_gre initialization */ --static int __init init(void) --{ -- int retcode; -- -- if ((retcode = ip_conntrack_protocol_register(&gre))) { -- printk(KERN_ERR "Unable to register conntrack protocol " -- "helper for gre: %d\n", retcode); -- return -EIO; -- } -- -- return 0; --} -- --static void __exit fini(void) --{ -- struct list_head *pos, *n; -- -- /* delete all keymap entries */ -- WRITE_LOCK(&ip_ct_gre_lock); -- list_for_each_safe(pos, n, &gre_keymap_list) { -- DEBUGP("deleting keymap %p\n", pos); -- list_del(pos); -- kfree(pos); -- } -- WRITE_UNLOCK(&ip_ct_gre_lock); -- -- ip_conntrack_protocol_unregister(&gre); --} -- --EXPORT_SYMBOL(ip_ct_gre_keymap_add); --EXPORT_SYMBOL(ip_ct_gre_keymap_change); -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_proto_tcp.c linux.stock/net/ipv4/netfilter/ip_conntrack_proto_tcp.c ---- linux/net/ipv4/netfilter/ip_conntrack_proto_tcp.c 2003-08-12 07:33:45.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_proto_tcp.c 2004-05-09 04:13:03.000000000 -0400 -@@ -15,11 +15,17 @@ - #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> - #include <linux/netfilter_ipv4/lockhelp.h> - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - /* Protects conntrack->proto.tcp */ - static DECLARE_RWLOCK(tcp_lock); - -+/* FIXME: Examine ipfilter's timeouts and conntrack transitions more -+ closely. They're more complex. --RR */ - - /* Actually, I believe that neither ipmasq (where this code is stolen - from) nor ipfilter do it exactly right. A new conntrack machine taking -@@ -39,6 +45,25 @@ - "LISTEN" - }; - -+#define SECS *HZ -+#define MINS * 60 SECS -+#define HOURS * 60 MINS -+#define DAYS * 24 HOURS -+ -+ -+static unsigned long tcp_timeouts[] -+= { 30 MINS, /* TCP_CONNTRACK_NONE, */ -+ 5 DAYS, /* TCP_CONNTRACK_ESTABLISHED, */ -+ 2 MINS, /* TCP_CONNTRACK_SYN_SENT, */ -+ 60 SECS, /* TCP_CONNTRACK_SYN_RECV, */ -+ 2 MINS, /* TCP_CONNTRACK_FIN_WAIT, */ -+ 2 MINS, /* TCP_CONNTRACK_TIME_WAIT, */ -+ 10 SECS, /* TCP_CONNTRACK_CLOSE, */ -+ 60 SECS, /* TCP_CONNTRACK_CLOSE_WAIT, */ -+ 30 SECS, /* TCP_CONNTRACK_LAST_ACK, */ -+ 2 MINS, /* TCP_CONNTRACK_LISTEN, */ -+}; -+ - #define sNO TCP_CONNTRACK_NONE - #define sES TCP_CONNTRACK_ESTABLISHED - #define sSS TCP_CONNTRACK_SYN_SENT -@@ -161,13 +186,13 @@ - && tcph->syn && tcph->ack) - conntrack->proto.tcp.handshake_ack - = htonl(ntohl(tcph->seq) + 1); -+ WRITE_UNLOCK(&tcp_lock); - - /* If only reply is a RST, we can consider ourselves not to - have an established connection: this is a fairly common - problem case, so we can delete the conntrack - immediately. --RR */ - if (!(conntrack->status & IPS_SEEN_REPLY) && tcph->rst) { -- WRITE_UNLOCK(&tcp_lock); - if (del_timer(&conntrack->timeout)) - conntrack->timeout.function((unsigned long)conntrack); - } else { -@@ -178,9 +203,7 @@ - && tcph->ack_seq == conntrack->proto.tcp.handshake_ack) - set_bit(IPS_ASSURED_BIT, &conntrack->status); - -- WRITE_UNLOCK(&tcp_lock); -- ip_ct_refresh(conntrack, -- sysctl_ip_conntrack_tcp_timeouts[newconntrack]); -+ ip_ct_refresh(conntrack, tcp_timeouts[newconntrack]); - } - - return NF_ACCEPT; -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_proto_udp.c linux.stock/net/ipv4/netfilter/ip_conntrack_proto_udp.c ---- linux/net/ipv4/netfilter/ip_conntrack_proto_udp.c 2003-08-12 07:33:45.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_proto_udp.c 2004-05-09 04:13:03.000000000 -0400 -@@ -5,7 +5,9 @@ - #include <linux/in.h> - #include <linux/udp.h> - #include <linux/netfilter_ipv4/ip_conntrack_protocol.h> --#include <linux/netfilter_ipv4/ip_conntrack_udp.h> -+ -+#define UDP_TIMEOUT (30*HZ) -+#define UDP_STREAM_TIMEOUT (180*HZ) - - static int udp_pkt_to_tuple(const void *datah, size_t datalen, - struct ip_conntrack_tuple *tuple) -@@ -50,13 +52,11 @@ - /* If we've seen traffic both ways, this is some kind of UDP - stream. Extend timeout. */ - if (conntrack->status & IPS_SEEN_REPLY) { -- ip_ct_refresh(conntrack, -- sysctl_ip_conntrack_udp_timeouts[UDP_STREAM_TIMEOUT]); -+ ip_ct_refresh(conntrack, UDP_STREAM_TIMEOUT); - /* Also, more likely to be important, and not a probe */ - set_bit(IPS_ASSURED_BIT, &conntrack->status); - } else -- ip_ct_refresh(conntrack, -- sysctl_ip_conntrack_udp_timeouts[UDP_TIMEOUT]); -+ ip_ct_refresh(conntrack, UDP_TIMEOUT); - - return NF_ACCEPT; - } -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_standalone.c linux.stock/net/ipv4/netfilter/ip_conntrack_standalone.c ---- linux/net/ipv4/netfilter/ip_conntrack_standalone.c 2003-08-12 07:33:45.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_standalone.c 2004-05-09 04:13:03.000000000 -0400 -@@ -27,7 +27,11 @@ - #include <linux/netfilter_ipv4/ip_conntrack_helper.h> - #include <linux/netfilter_ipv4/listhelp.h> - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - struct module *ip_conntrack_module = THIS_MODULE; - MODULE_LICENSE("GPL"); -@@ -52,17 +56,12 @@ - return len; - } - -+/* FIXME: Don't print source proto part. --RR */ - static unsigned int - print_expect(char *buffer, const struct ip_conntrack_expect *expect) - { - unsigned int len; - -- if (!expect || !expect->expectant || !expect->expectant->helper) { -- DEBUGP("expect %x expect->expectant %x expect->expectant->helper %x\n", -- expect, expect->expectant, expect->expectant->helper); -- return 0; -- } -- - if (expect->expectant->helper->timeout) - len = sprintf(buffer, "EXPECTING: %lu ", - timer_pending(&expect->timeout) -@@ -294,6 +293,8 @@ - return ret; - } - -+/* FIXME: Allow NULL functions and sub in pointers to generic for -+ them. --RR */ - int ip_conntrack_protocol_register(struct ip_conntrack_protocol *proto) - { - int ret = 0; -@@ -362,8 +363,6 @@ - EXPORT_SYMBOL(ip_ct_find_proto); - EXPORT_SYMBOL(__ip_ct_find_proto); - EXPORT_SYMBOL(ip_ct_find_helper); --EXPORT_SYMBOL(sysctl_ip_conntrack_tcp_timeouts); --EXPORT_SYMBOL(sysctl_ip_conntrack_udp_timeouts); - EXPORT_SYMBOL(ip_conntrack_expect_related); - EXPORT_SYMBOL(ip_conntrack_change_expect); - EXPORT_SYMBOL(ip_conntrack_unexpect_related); -diff -Nurb linux/net/ipv4/netfilter/ip_conntrack_tftp.c linux.stock/net/ipv4/netfilter/ip_conntrack_tftp.c ---- linux/net/ipv4/netfilter/ip_conntrack_tftp.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_conntrack_tftp.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,126 +0,0 @@ --/* -- * Licensed under GNU GPL version 2 Copyright Magnus Boden <mb@ozaba.mine.nu> -- * Version: 0.0.7 -- * -- * Thu 21 Mar 2002 Harald Welte <laforge@gnumonks.org> -- * - port to newnat API -- * -- */ -- --#include <linux/module.h> --#include <linux/ip.h> --#include <linux/udp.h> -- --#include <linux/netfilter.h> --#include <linux/netfilter_ipv4/ip_tables.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_tftp.h> -- --MODULE_AUTHOR("Magnus Boden <mb@ozaba.mine.nu>"); --MODULE_DESCRIPTION("Netfilter connection tracking module for tftp"); --MODULE_LICENSE("GPL"); -- --#define MAX_PORTS 8 --static int ports[MAX_PORTS]; --static int ports_c = 0; --#ifdef MODULE_PARM --MODULE_PARM(ports, "1-" __MODULE_STRING(MAX_PORTS) "i"); --MODULE_PARM_DESC(ports, "port numbers of tftp servers"); --#endif -- --#define DEBUGP(format, args...) -- --static int tftp_help(const struct iphdr *iph, size_t len, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo) --{ -- struct udphdr *udph = (void *)iph + iph->ihl * 4; -- struct tftphdr *tftph = (void *)udph + 8; -- struct ip_conntrack_expect exp; -- -- switch (ntohs(tftph->opcode)) { -- /* RRQ and WRQ works the same way */ -- case TFTP_OPCODE_READ: -- case TFTP_OPCODE_WRITE: -- DEBUGP(""); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); -- memset(&exp, 0, sizeof(exp)); -- -- exp.tuple = ct->tuplehash[IP_CT_DIR_REPLY].tuple; -- exp.mask.src.ip = 0xffffffff; -- exp.mask.dst.ip = 0xffffffff; -- exp.mask.dst.u.udp.port = 0xffff; -- exp.mask.dst.protonum = 0xffff; -- exp.expectfn = NULL; -- -- DEBUGP("expect: "); -- DUMP_TUPLE(&exp.tuple); -- DUMP_TUPLE(&exp.mask); -- ip_conntrack_expect_related(ct, &exp); -- break; -- default: -- DEBUGP("Unknown opcode\n"); -- } -- return NF_ACCEPT; --} -- --static struct ip_conntrack_helper tftp[MAX_PORTS]; --static char tftp_names[MAX_PORTS][10]; -- --static void fini(void) --{ -- int i; -- -- for (i = 0 ; i < ports_c; i++) { -- DEBUGP("unregistering helper for port %d\n", -- ports[i]); -- ip_conntrack_helper_unregister(&tftp[i]); -- } --} -- --static int __init init(void) --{ -- int i, ret; -- char *tmpname; -- -- if (!ports[0]) -- ports[0]=TFTP_PORT; -- -- for (i = 0 ; (i < MAX_PORTS) && ports[i] ; i++) { -- /* Create helper structure */ -- memset(&tftp[i], 0, sizeof(struct ip_conntrack_helper)); -- -- tftp[i].tuple.dst.protonum = IPPROTO_UDP; -- tftp[i].tuple.src.u.udp.port = htons(ports[i]); -- tftp[i].mask.dst.protonum = 0xFFFF; -- tftp[i].mask.src.u.udp.port = 0xFFFF; -- tftp[i].max_expected = 1; -- tftp[i].timeout = 0; -- tftp[i].flags = IP_CT_HELPER_F_REUSE_EXPECT; -- tftp[i].me = THIS_MODULE; -- tftp[i].help = tftp_help; -- -- tmpname = &tftp_names[i][0]; -- if (ports[i] == TFTP_PORT) -- sprintf(tmpname, "tftp"); -- else -- sprintf(tmpname, "tftp-%d", i); -- tftp[i].name = tmpname; -- -- DEBUGP("port #%d: %d\n", i, ports[i]); -- -- ret=ip_conntrack_helper_register(&tftp[i]); -- if (ret) { -- printk("ERROR registering helper for port %d\n", -- ports[i]); -- fini(); -- return(ret); -- } -- ports_c++; -- } -- return(0); --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_nat_core.c linux.stock/net/ipv4/netfilter/ip_nat_core.c ---- linux/net/ipv4/netfilter/ip_nat_core.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_core.c 2004-05-09 04:13:03.000000000 -0400 -@@ -31,7 +31,11 @@ - #include <linux/netfilter_ipv4/ip_conntrack_helper.h> - #include <linux/netfilter_ipv4/listhelp.h> - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - DECLARE_RWLOCK(ip_nat_lock); - DECLARE_RWLOCK_EXTERN(ip_conntrack_lock); -@@ -207,6 +211,7 @@ - { - struct rtable *rt; - -+ /* FIXME: IPTOS_TOS(iph->tos) --RR */ - if (ip_route_output(&rt, var_ip, 0, 0, 0) != 0) { - DEBUGP("do_extra_mangle: Can't get route to %u.%u.%u.%u\n", - NIPQUAD(var_ip)); -@@ -429,7 +434,7 @@ - *tuple = *orig_tuple; - while ((rptr = find_best_ips_proto_fast(tuple, mr, conntrack, hooknum)) - != NULL) { -- DEBUGP("Found best for "); DUMP_TUPLE_RAW(tuple); -+ DEBUGP("Found best for "); DUMP_TUPLE(tuple); - /* 3) The per-protocol part of the manip is made to - map into the range to make a unique tuple. */ - -@@ -529,6 +534,31 @@ - invert_tuplepr(&orig_tp, - &conntrack->tuplehash[IP_CT_DIR_REPLY].tuple); - -+#if 0 -+ { -+ unsigned int i; -+ -+ DEBUGP("Hook %u (%s), ", hooknum, -+ HOOK2MANIP(hooknum)==IP_NAT_MANIP_SRC ? "SRC" : "DST"); -+ DUMP_TUPLE(&orig_tp); -+ DEBUGP("Range %p: ", mr); -+ for (i = 0; i < mr->rangesize; i++) { -+ DEBUGP("%u:%s%s%s %u.%u.%u.%u - %u.%u.%u.%u %u - %u\n", -+ i, -+ (mr->range[i].flags & IP_NAT_RANGE_MAP_IPS) -+ ? " MAP_IPS" : "", -+ (mr->range[i].flags -+ & IP_NAT_RANGE_PROTO_SPECIFIED) -+ ? " PROTO_SPECIFIED" : "", -+ (mr->range[i].flags & IP_NAT_RANGE_FULL) -+ ? " FULL" : "", -+ NIPQUAD(mr->range[i].min_ip), -+ NIPQUAD(mr->range[i].max_ip), -+ mr->range[i].min.all, -+ mr->range[i].max.all); -+ } -+ } -+#endif - - do { - if (!get_unique_tuple(&new_tuple, &orig_tp, mr, conntrack, -@@ -538,6 +568,15 @@ - return NF_DROP; - } - -+#if 0 -+ DEBUGP("Hook %u (%s) %p\n", hooknum, -+ HOOK2MANIP(hooknum)==IP_NAT_MANIP_SRC ? "SRC" : "DST", -+ conntrack); -+ DEBUGP("Original: "); -+ DUMP_TUPLE(&orig_tp); -+ DEBUGP("New: "); -+ DUMP_TUPLE(&new_tuple); -+#endif - - /* We now have two tuples (SRCIP/SRCPT/DSTIP/DSTPT): - the original (A/B/C/D') and the mangled one (E/F/G/H'). -@@ -554,6 +593,8 @@ - If fail this race (reply tuple now used), repeat. */ - } while (!ip_conntrack_alter_reply(conntrack, &reply)); - -+ /* FIXME: We can simply used existing conntrack reply tuple -+ here --RR */ - /* Create inverse of original: C/D/A/B' */ - invert_tuplepr(&inv_tuple, &orig_tp); - -@@ -678,6 +719,17 @@ - iph->check); - iph->daddr = manip->ip; - } -+#if 0 -+ if (ip_fast_csum((u8 *)iph, iph->ihl) != 0) -+ DEBUGP("IP: checksum on packet bad.\n"); -+ -+ if (proto == IPPROTO_TCP) { -+ void *th = (u_int32_t *)iph + iph->ihl; -+ if (tcp_v4_check(th, len - 4*iph->ihl, iph->saddr, iph->daddr, -+ csum_partial((char *)th, len-4*iph->ihl, 0))) -+ DEBUGP("TCP: checksum on packet bad\n"); -+ } -+#endif - } - - static inline int exp_for_packet(struct ip_conntrack_expect *exp, -@@ -765,6 +817,7 @@ - continue; - - if (exp_for_packet(exp, pskb)) { -+ /* FIXME: May be true multiple times in the case of UDP!! */ - DEBUGP("calling nat helper (exp=%p) for packet\n", - exp); - ret = helper->help(ct, exp, info, ctinfo, -@@ -926,6 +979,7 @@ - INIT_LIST_HEAD(&byipsproto[i]); - } - -+ /* FIXME: Man, this is a hack. <SIGH> */ - IP_NF_ASSERT(ip_conntrack_destroyed == NULL); - ip_conntrack_destroyed = &ip_nat_cleanup_conntrack; - -diff -Nurb linux/net/ipv4/netfilter/ip_nat_h323.c linux.stock/net/ipv4/netfilter/ip_nat_h323.c ---- linux/net/ipv4/netfilter/ip_nat_h323.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_h323.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,403 +0,0 @@ --/* -- * H.323 'brute force' extension for NAT alteration. -- * Jozsef Kadlecsik <kadlec@blackhole.kfki.hu> -- * -- * Based on ip_masq_h323.c for 2.2 kernels from CoRiTel, Sofia project. -- * (http://www.coritel.it/projects/sofia/nat.html) -- * Uses Sampsa Ranta's excellent idea on using expectfn to 'bind' -- * the unregistered helpers to the conntrack entries. -- */ -- -- --#include <linux/module.h> --#include <linux/netfilter.h> --#include <linux/ip.h> --#include <net/checksum.h> --#include <net/tcp.h> -- --#include <linux/netfilter_ipv4/lockhelp.h> --#include <linux/netfilter_ipv4/ip_nat.h> --#include <linux/netfilter_ipv4/ip_nat_helper.h> --#include <linux/netfilter_ipv4/ip_nat_rule.h> --#include <linux/netfilter_ipv4/ip_conntrack_tuple.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_h323.h> -- --MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>"); --MODULE_DESCRIPTION("H.323 'brute force' connection tracking module"); --MODULE_LICENSE("GPL"); -- --DECLARE_LOCK_EXTERN(ip_h323_lock); --struct module *ip_nat_h323 = THIS_MODULE; -- --#define DEBUGP(format, args...) -- -- --static unsigned int --h225_nat_expected(struct sk_buff **pskb, -- unsigned int hooknum, -- struct ip_conntrack *ct, -- struct ip_nat_info *info); -- --static unsigned int h225_nat_help(struct ip_conntrack *ct, -- struct ip_conntrack_expect *exp, -- struct ip_nat_info *info, -- enum ip_conntrack_info ctinfo, -- unsigned int hooknum, -- struct sk_buff **pskb); -- --static struct ip_nat_helper h245 = -- { { NULL, NULL }, -- "H.245", /* name */ -- 0, /* flags */ -- NULL, /* module */ -- { { 0, { 0 } }, /* tuple */ -- { 0, { 0 }, IPPROTO_TCP } }, -- { { 0, { 0xFFFF } }, /* mask */ -- { 0, { 0 }, 0xFFFF } }, -- h225_nat_help, /* helper */ -- h225_nat_expected /* expectfn */ -- }; -- --static unsigned int --h225_nat_expected(struct sk_buff **pskb, -- unsigned int hooknum, -- struct ip_conntrack *ct, -- struct ip_nat_info *info) --{ -- struct ip_nat_multi_range mr; -- u_int32_t newdstip, newsrcip, newip; -- u_int16_t port; -- struct ip_ct_h225_expect *exp_info; -- struct ip_ct_h225_master *master_info; -- struct ip_conntrack *master = master_ct(ct); -- unsigned int is_h225, ret; -- -- IP_NF_ASSERT(info); -- IP_NF_ASSERT(master); -- -- IP_NF_ASSERT(!(info->initialized & (1<<HOOK2MANIP(hooknum)))); -- -- DEBUGP("h225_nat_expected: We have a connection!\n"); -- master_info = &ct->master->expectant->help.ct_h225_info; -- exp_info = &ct->master->help.exp_h225_info; -- -- LOCK_BH(&ip_h323_lock); -- -- DEBUGP("master: "); -- DUMP_TUPLE(&master->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- DUMP_TUPLE(&master->tuplehash[IP_CT_DIR_REPLY].tuple); -- DEBUGP("conntrack: "); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- if (exp_info->dir == IP_CT_DIR_ORIGINAL) { -- /* Make connection go to the client. */ -- newdstip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; -- newsrcip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; -- DEBUGP("h225_nat_expected: %u.%u.%u.%u->%u.%u.%u.%u (to client)\n", -- NIPQUAD(newsrcip), NIPQUAD(newdstip)); -- } else { -- /* Make the connection go to the server */ -- newdstip = master->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip; -- newsrcip = master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- DEBUGP("h225_nat_expected: %u.%u.%u.%u->%u.%u.%u.%u (to server)\n", -- NIPQUAD(newsrcip), NIPQUAD(newdstip)); -- } -- port = exp_info->port; -- is_h225 = master_info->is_h225 == H225_PORT; -- UNLOCK_BH(&ip_h323_lock); -- -- if (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC) -- newip = newsrcip; -- else -- newip = newdstip; -- -- DEBUGP("h225_nat_expected: IP to %u.%u.%u.%u\n", NIPQUAD(newip)); -- -- mr.rangesize = 1; -- /* We don't want to manip the per-protocol, just the IPs... */ -- mr.range[0].flags = IP_NAT_RANGE_MAP_IPS; -- mr.range[0].min_ip = mr.range[0].max_ip = newip; -- -- /* ... unless we're doing a MANIP_DST, in which case, make -- sure we map to the correct port */ -- if (HOOK2MANIP(hooknum) == IP_NAT_MANIP_DST) { -- mr.range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED; -- mr.range[0].min = mr.range[0].max -- = ((union ip_conntrack_manip_proto) -- { port }); -- } -- -- ret = ip_nat_setup_info(ct, &mr, hooknum); -- -- if (is_h225) { -- DEBUGP("h225_nat_expected: H.225, setting NAT helper for %p\n", ct); -- /* NAT expectfn called with ip_nat_lock write-locked */ -- info->helper = &h245; -- } -- return ret; --} -- --static int h323_signal_address_fixup(struct ip_conntrack *ct, -- struct sk_buff **pskb, -- enum ip_conntrack_info ctinfo) --{ -- struct iphdr *iph = (*pskb)->nh.iph; -- struct tcphdr *tcph = (void *)iph + iph->ihl*4; -- unsigned char *data; -- u_int32_t tcplen = (*pskb)->len - iph->ihl*4; -- u_int32_t datalen = tcplen - tcph->doff*4; -- struct ip_ct_h225_master *info = &ct->help.ct_h225_info; -- u_int32_t newip; -- u_int16_t port; -- u_int8_t buffer[6]; -- int i; -- -- MUST_BE_LOCKED(&ip_h323_lock); -- -- DEBUGP("h323_signal_address_fixup: %s %s\n", -- between(info->seq[IP_CT_DIR_ORIGINAL], ntohl(tcph->seq), ntohl(tcph->seq) + datalen) -- ? "yes" : "no", -- between(info->seq[IP_CT_DIR_REPLY], ntohl(tcph->seq), ntohl(tcph->seq) + datalen) -- ? "yes" : "no"); -- if (!(between(info->seq[IP_CT_DIR_ORIGINAL], ntohl(tcph->seq), ntohl(tcph->seq) + datalen) -- || between(info->seq[IP_CT_DIR_REPLY], ntohl(tcph->seq), ntohl(tcph->seq) + datalen))) -- return 1; -- -- DEBUGP("h323_signal_address_fixup: offsets %u + 6 and %u + 6 in %u\n", -- info->offset[IP_CT_DIR_ORIGINAL], -- info->offset[IP_CT_DIR_REPLY], -- tcplen); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); -- -- for (i = 0; i < IP_CT_DIR_MAX; i++) { -- DEBUGP("h323_signal_address_fixup: %s %s\n", -- info->dir == IP_CT_DIR_ORIGINAL ? "original" : "reply", -- i == IP_CT_DIR_ORIGINAL ? "caller" : "callee"); -- if (!between(info->seq[i], ntohl(tcph->seq), -- ntohl(tcph->seq) + datalen)) -- continue; -- if (!between(info->seq[i] + 6, ntohl(tcph->seq), -- ntohl(tcph->seq) + datalen)) { -- /* Partial retransmisison. It's a cracker being funky. */ -- if (net_ratelimit()) { -- printk("H.323_NAT: partial packet %u/6 in %u/%u\n", -- info->seq[i], -- ntohl(tcph->seq), -- ntohl(tcph->seq) + datalen); -- } -- return 0; -- } -- -- /* Change address inside packet to match way we're mapping -- this connection. */ -- if (i == IP_CT_DIR_ORIGINAL) { -- newip = ct->tuplehash[!info->dir].tuple.dst.ip; -- port = ct->tuplehash[!info->dir].tuple.dst.u.tcp.port; -- } else { -- newip = ct->tuplehash[!info->dir].tuple.src.ip; -- port = ct->tuplehash[!info->dir].tuple.src.u.tcp.port; -- } -- -- data = (char *) tcph + tcph->doff * 4 + info->offset[i]; -- -- DEBUGP("h323_signal_address_fixup: orig %s IP:port %u.%u.%u.%u:%u\n", -- i == IP_CT_DIR_ORIGINAL ? "source" : "dest ", -- data[0], data[1], data[2], data[3], -- (data[4] << 8 | data[5])); -- -- /* Modify the packet */ -- memcpy(buffer, &newip, 4); -- memcpy(buffer + 4, &port, 2); -- if (!ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, info->offset[i], -- 6, buffer, 6)) -- return 0; -- -- DEBUGP("h323_signal_address_fixup: new %s IP:port %u.%u.%u.%u:%u\n", -- i == IP_CT_DIR_ORIGINAL ? "source" : "dest ", -- data[0], data[1], data[2], data[3], -- (data[4] << 8 | data[5])); -- } -- -- return 1; --} -- --static int h323_data_fixup(struct ip_ct_h225_expect *info, -- struct ip_conntrack *ct, -- struct sk_buff **pskb, -- enum ip_conntrack_info ctinfo, -- struct ip_conntrack_expect *expect) --{ -- u_int32_t newip; -- u_int16_t port; -- u_int8_t buffer[6]; -- struct ip_conntrack_tuple newtuple; -- struct iphdr *iph = (*pskb)->nh.iph; -- struct tcphdr *tcph = (void *)iph + iph->ihl*4; -- unsigned char *data; -- u_int32_t tcplen = (*pskb)->len - iph->ihl*4; -- struct ip_ct_h225_master *master_info = &ct->help.ct_h225_info; -- int is_h225; -- -- MUST_BE_LOCKED(&ip_h323_lock); -- DEBUGP("h323_data_fixup: offset %u + 6 in %u\n", info->offset, tcplen); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); -- -- if (!between(expect->seq + 6, ntohl(tcph->seq), -- ntohl(tcph->seq) + tcplen - tcph->doff * 4)) { -- /* Partial retransmisison. It's a cracker being funky. */ -- if (net_ratelimit()) { -- printk("H.323_NAT: partial packet %u/6 in %u/%u\n", -- expect->seq, -- ntohl(tcph->seq), -- ntohl(tcph->seq) + tcplen - tcph->doff * 4); -- } -- return 0; -- } -- -- /* Change address inside packet to match way we're mapping -- this connection. */ -- if (info->dir == IP_CT_DIR_REPLY) { -- /* Must be where client thinks server is */ -- newip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; -- /* Expect something from client->server */ -- newtuple.src.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; -- newtuple.dst.ip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; -- } else { -- /* Must be where server thinks client is */ -- newip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- /* Expect something from server->client */ -- newtuple.src.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip; -- newtuple.dst.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- } -- -- is_h225 = (master_info->is_h225 == H225_PORT); -- -- if (is_h225) { -- newtuple.dst.protonum = IPPROTO_TCP; -- newtuple.src.u.tcp.port = expect->tuple.src.u.tcp.port; -- } else { -- newtuple.dst.protonum = IPPROTO_UDP; -- newtuple.src.u.udp.port = expect->tuple.src.u.udp.port; -- } -- -- /* Try to get same port: if not, try to change it. */ -- for (port = ntohs(info->port); port != 0; port++) { -- if (is_h225) -- newtuple.dst.u.tcp.port = htons(port); -- else -- newtuple.dst.u.udp.port = htons(port); -- -- if (ip_conntrack_change_expect(expect, &newtuple) == 0) -- break; -- } -- if (port == 0) { -- DEBUGP("h323_data_fixup: no free port found!\n"); -- return 0; -- } -- -- port = htons(port); -- -- data = (char *) tcph + tcph->doff * 4 + info->offset; -- -- DEBUGP("h323_data_fixup: orig IP:port %u.%u.%u.%u:%u\n", -- data[0], data[1], data[2], data[3], -- (data[4] << 8 | data[5])); -- -- /* Modify the packet */ -- memcpy(buffer, &newip, 4); -- memcpy(buffer + 4, &port, 2); -- if (!ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, info->offset, -- 6, buffer, 6)) -- return 0; -- -- DEBUGP("h323_data_fixup: new IP:port %u.%u.%u.%u:%u\n", -- data[0], data[1], data[2], data[3], -- (data[4] << 8 | data[5])); -- -- return 1; --} -- --static unsigned int h225_nat_help(struct ip_conntrack *ct, -- struct ip_conntrack_expect *exp, -- struct ip_nat_info *info, -- enum ip_conntrack_info ctinfo, -- unsigned int hooknum, -- struct sk_buff **pskb) --{ -- int dir; -- struct ip_ct_h225_expect *exp_info; -- -- /* Only mangle things once: original direction in POST_ROUTING -- and reply direction on PRE_ROUTING. */ -- dir = CTINFO2DIR(ctinfo); -- DEBUGP("nat_h323: dir %s at hook %s\n", -- dir == IP_CT_DIR_ORIGINAL ? "ORIG" : "REPLY", -- hooknum == NF_IP_POST_ROUTING ? "POSTROUTING" -- : hooknum == NF_IP_PRE_ROUTING ? "PREROUTING" -- : hooknum == NF_IP_LOCAL_OUT ? "OUTPUT" : "???"); -- if (!((hooknum == NF_IP_POST_ROUTING && dir == IP_CT_DIR_ORIGINAL) -- || (hooknum == NF_IP_PRE_ROUTING && dir == IP_CT_DIR_REPLY))) { -- DEBUGP("nat_h323: Not touching dir %s at hook %s\n", -- dir == IP_CT_DIR_ORIGINAL ? "ORIG" : "REPLY", -- hooknum == NF_IP_POST_ROUTING ? "POSTROUTING" -- : hooknum == NF_IP_PRE_ROUTING ? "PREROUTING" -- : hooknum == NF_IP_LOCAL_OUT ? "OUTPUT" : "???"); -- return NF_ACCEPT; -- } -- -- if (!exp) { -- LOCK_BH(&ip_h323_lock); -- if (!h323_signal_address_fixup(ct, pskb, ctinfo)) { -- UNLOCK_BH(&ip_h323_lock); -- return NF_DROP; -- } -- UNLOCK_BH(&ip_h323_lock); -- return NF_ACCEPT; -- } -- -- exp_info = &exp->help.exp_h225_info; -- -- LOCK_BH(&ip_h323_lock); -- if (!h323_data_fixup(exp_info, ct, pskb, ctinfo, exp)) { -- UNLOCK_BH(&ip_h323_lock); -- return NF_DROP; -- } -- UNLOCK_BH(&ip_h323_lock); -- -- return NF_ACCEPT; --} -- --static struct ip_nat_helper h225 = -- { { NULL, NULL }, -- "H.225", /* name */ -- IP_NAT_HELPER_F_ALWAYS, /* flags */ -- THIS_MODULE, /* module */ -- { { 0, { __constant_htons(H225_PORT) } }, /* tuple */ -- { 0, { 0 }, IPPROTO_TCP } }, -- { { 0, { 0xFFFF } }, /* mask */ -- { 0, { 0 }, 0xFFFF } }, -- h225_nat_help, /* helper */ -- h225_nat_expected /* expectfn */ -- }; -- --static int __init init(void) --{ -- int ret; -- -- ret = ip_nat_helper_register(&h225); -- -- if (ret != 0) -- printk("ip_nat_h323: cannot initialize the module!\n"); -- -- return ret; --} -- --static void __exit fini(void) --{ -- ip_nat_helper_unregister(&h225); --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_nat_helper.c linux.stock/net/ipv4/netfilter/ip_nat_helper.c ---- linux/net/ipv4/netfilter/ip_nat_helper.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_helper.c 2004-05-09 04:13:03.000000000 -0400 -@@ -8,9 +8,6 @@ - * - add support for SACK adjustment - * 14 Mar 2002 Harald Welte <laforge@gnumonks.org>: - * - merge SACK support into newnat API -- * 16 Aug 2002 Brian J. Murrell <netfilter@interlinx.bc.ca>: -- * - make ip_nat_resize_packet more generic (TCP and UDP) -- * - add ip_nat_mangle_udp_packet - */ - #include <linux/version.h> - #include <linux/config.h> -@@ -25,7 +22,6 @@ - #include <net/icmp.h> - #include <net/ip.h> - #include <net/tcp.h> --#include <net/udp.h> - - #define ASSERT_READ_LOCK(x) MUST_BE_READ_LOCKED(&ip_nat_lock) - #define ASSERT_WRITE_LOCK(x) MUST_BE_WRITE_LOCKED(&ip_nat_lock) -@@ -38,8 +34,13 @@ - #include <linux/netfilter_ipv4/ip_nat_helper.h> - #include <linux/netfilter_ipv4/listhelp.h> - -+#if 0 -+#define DEBUGP printk -+#define DUMP_OFFSET(x) printk("offset_before=%d, offset_after=%d, correction_pos=%u\n", x->offset_before, x->offset_after, x->correction_pos); -+#else - #define DEBUGP(format, args...) - #define DUMP_OFFSET(x) -+#endif - - DECLARE_LOCK(ip_nat_seqofs_lock); - -@@ -50,12 +51,18 @@ - int new_size) - { - struct iphdr *iph; -+ struct tcphdr *tcph; -+ void *data; - int dir; - struct ip_nat_seq *this_way, *other_way; - - DEBUGP("ip_nat_resize_packet: old_size = %u, new_size = %u\n", - (*skb)->len, new_size); - -+ iph = (*skb)->nh.iph; -+ tcph = (void *)iph + iph->ihl*4; -+ data = (void *)tcph + tcph->doff*4; -+ - dir = CTINFO2DIR(ctinfo); - - this_way = &ct->nat.info.seq[dir]; -@@ -77,9 +84,8 @@ - } - - iph = (*skb)->nh.iph; -- if (iph->protocol == IPPROTO_TCP) { -- struct tcphdr *tcph = (void *)iph + iph->ihl*4; -- void *data = (void *)tcph + tcph->doff*4; -+ tcph = (void *)iph + iph->ihl*4; -+ data = (void *)tcph + tcph->doff*4; - - DEBUGP("ip_nat_resize_packet: Seq_offset before: "); - DUMP_OFFSET(this_way); -@@ -95,20 +101,25 @@ - this_way->correction_pos = ntohl(tcph->seq); - this_way->offset_before = this_way->offset_after; - this_way->offset_after = (int32_t) -- this_way->offset_before + new_size - -- (*skb)->len; -+ this_way->offset_before + new_size - (*skb)->len; - } - - UNLOCK_BH(&ip_nat_seqofs_lock); - - DEBUGP("ip_nat_resize_packet: Seq_offset after: "); - DUMP_OFFSET(this_way); -- } - - return 1; - } - - -+/* Generic function for mangling variable-length address changes inside -+ * NATed connections (like the PORT XXX,XXX,XXX,XXX,XXX,XXX command in FTP). -+ * -+ * Takes care about all the nasty sequence number changes, checksumming, -+ * skb enlargement, ... -+ * -+ * */ - int - ip_nat_mangle_tcp_packet(struct sk_buff **skb, - struct ip_conntrack *ct, -@@ -163,7 +174,6 @@ - tcph = (void *)iph + iph->ihl*4; - data = (void *)tcph + tcph->doff*4; - -- if (rep_len != match_len) - /* move post-replacement */ - memmove(data + match_offset + rep_len, - data + match_offset + match_len, -@@ -198,104 +208,6 @@ - return 1; - } - --int --ip_nat_mangle_udp_packet(struct sk_buff **skb, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo, -- unsigned int match_offset, -- unsigned int match_len, -- char *rep_buffer, -- unsigned int rep_len) --{ -- struct iphdr *iph = (*skb)->nh.iph; -- struct udphdr *udph = (void *)iph + iph->ihl * 4; -- unsigned char *data; -- u_int32_t udplen, newlen, newudplen; -- -- udplen = (*skb)->len - iph->ihl*4; -- newudplen = udplen - match_len + rep_len; -- newlen = iph->ihl*4 + newudplen; -- -- if (newlen > 65535) { -- if (net_ratelimit()) -- printk("ip_nat_mangle_udp_packet: nat'ed packet " -- "exceeds maximum packet size\n"); -- return 0; -- } -- -- if ((*skb)->len != newlen) { -- if (!ip_nat_resize_packet(skb, ct, ctinfo, newlen)) { -- printk("resize_packet failed!!\n"); -- return 0; -- } -- } -- -- /* Alexey says: if a hook changes _data_ ... it can break -- original packet sitting in tcp queue and this is fatal */ -- if (skb_cloned(*skb)) { -- struct sk_buff *nskb = skb_copy(*skb, GFP_ATOMIC); -- if (!nskb) { -- if (net_ratelimit()) -- printk("Out of memory cloning TCP packet\n"); -- return 0; -- } -- /* Rest of kernel will get very unhappy if we pass it -- a suddenly-orphaned skbuff */ -- if ((*skb)->sk) -- skb_set_owner_w(nskb, (*skb)->sk); -- kfree_skb(*skb); -- *skb = nskb; -- } -- -- /* skb may be copied !! */ -- iph = (*skb)->nh.iph; -- udph = (void *)iph + iph->ihl*4; -- data = (void *)udph + sizeof(struct udphdr); -- -- if (rep_len != match_len) -- /* move post-replacement */ -- memmove(data + match_offset + rep_len, -- data + match_offset + match_len, -- (*skb)->tail - (data + match_offset + match_len)); -- -- /* insert data from buffer */ -- memcpy(data + match_offset, rep_buffer, rep_len); -- -- /* update skb info */ -- if (newlen > (*skb)->len) { -- DEBUGP("ip_nat_mangle_udp_packet: Extending packet by " -- "%u to %u bytes\n", newlen - (*skb)->len, newlen); -- skb_put(*skb, newlen - (*skb)->len); -- } else { -- DEBUGP("ip_nat_mangle_udp_packet: Shrinking packet from " -- "%u to %u bytes\n", (*skb)->len, newlen); -- skb_trim(*skb, newlen); -- } -- -- /* update the length of the UDP and IP packets to the new values*/ -- udph->len = htons((*skb)->len - iph->ihl*4); -- iph->tot_len = htons(newlen); -- -- /* fix udp checksum if udp checksum was previously calculated */ -- if ((*skb)->csum != 0) { -- (*skb)->csum = csum_partial((char *)udph + -- sizeof(struct udphdr), -- newudplen - sizeof(struct udphdr), -- 0); -- -- udph->check = 0; -- udph->check = csum_tcpudp_magic(iph->saddr, iph->daddr, -- newudplen, IPPROTO_UDP, -- csum_partial((char *)udph, -- sizeof(struct udphdr), -- (*skb)->csum)); -- } -- -- ip_send_check(iph); -- -- return 1; --} -- - /* Adjust one found SACK option including checksum correction */ - static void - sack_adjust(struct tcphdr *tcph, -diff -Nurb linux/net/ipv4/netfilter/ip_nat_mms.c linux.stock/net/ipv4/netfilter/ip_nat_mms.c ---- linux/net/ipv4/netfilter/ip_nat_mms.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_mms.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,330 +0,0 @@ --/* MMS extension for TCP NAT alteration. -- * (C) 2002 by Filip Sneppe <filip.sneppe@cronos.be> -- * based on ip_nat_ftp.c and ip_nat_irc.c -- * -- * ip_nat_mms.c v0.3 2002-09-22 -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version -- * 2 of the License, or (at your option) any later version. -- * -- * Module load syntax: -- * insmod ip_nat_mms.o ports=port1,port2,...port<MAX_PORTS> -- * -- * Please give the ports of all MMS servers You wish to connect to. -- * If you don't specify ports, the default will be TCP port 1755. -- * -- * More info on MMS protocol, firewalls and NAT: -- * http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnwmt/html/MMSFirewall.asp -- * http://www.microsoft.com/windows/windowsmedia/serve/firewall.asp -- * -- * The SDP project people are reverse-engineering MMS: -- * http://get.to/sdp -- */ -- -- --#include <linux/module.h> --#include <linux/netfilter_ipv4.h> --#include <linux/ip.h> --#include <linux/tcp.h> --#include <net/tcp.h> --#include <linux/netfilter_ipv4/ip_nat.h> --#include <linux/netfilter_ipv4/ip_nat_helper.h> --#include <linux/netfilter_ipv4/ip_nat_rule.h> --#include <linux/netfilter_ipv4/ip_conntrack_mms.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> -- --#define DEBUGP(format, args...) --#define DUMP_BYTES(address, counter) -- --#define MAX_PORTS 8 --static int ports[MAX_PORTS]; --static int ports_c = 0; -- --#ifdef MODULE_PARM --MODULE_PARM(ports, "1-" __MODULE_STRING(MAX_PORTS) "i"); --#endif -- --MODULE_AUTHOR("Filip Sneppe <filip.sneppe@cronos.be>"); --MODULE_DESCRIPTION("Microsoft Windows Media Services (MMS) NAT module"); --MODULE_LICENSE("GPL"); -- --DECLARE_LOCK_EXTERN(ip_mms_lock); -- -- --static int mms_data_fixup(const struct ip_ct_mms_expect *ct_mms_info, -- struct ip_conntrack *ct, -- struct sk_buff **pskb, -- enum ip_conntrack_info ctinfo, -- struct ip_conntrack_expect *expect) --{ -- u_int32_t newip; -- struct ip_conntrack_tuple t; -- struct iphdr *iph = (*pskb)->nh.iph; -- struct tcphdr *tcph = (void *) iph + iph->ihl * 4; -- char *data = (char *)tcph + tcph->doff * 4; -- int i, j, k, port; -- u_int16_t mms_proto; -- -- u_int32_t *mms_chunkLenLV = (u_int32_t *)(data + MMS_SRV_CHUNKLENLV_OFFSET); -- u_int32_t *mms_chunkLenLM = (u_int32_t *)(data + MMS_SRV_CHUNKLENLM_OFFSET); -- u_int32_t *mms_messageLength = (u_int32_t *)(data + MMS_SRV_MESSAGELENGTH_OFFSET); -- -- int zero_padding; -- -- char buffer[28]; /* "\\255.255.255.255\UDP\65635" * 2 (for unicode) */ -- char unicode_buffer[75]; /* 27*2 (unicode) + 20 + 1 */ -- char proto_string[6]; -- -- MUST_BE_LOCKED(&ip_mms_lock); -- -- /* what was the protocol again ? */ -- mms_proto = expect->tuple.dst.protonum; -- sprintf(proto_string, "%u", mms_proto); -- -- DEBUGP("ip_nat_mms: mms_data_fixup: info (seq %u + %u) in %u, proto %s\n", -- expect->seq, ct_mms_info->len, ntohl(tcph->seq), -- mms_proto == IPPROTO_UDP ? "UDP" -- : mms_proto == IPPROTO_TCP ? "TCP":proto_string); -- -- newip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- -- /* Alter conntrack's expectations. */ -- t = expect->tuple; -- t.dst.ip = newip; -- for (port = ct_mms_info->port; port != 0; port++) { -- t.dst.u.tcp.port = htons(port); -- if (ip_conntrack_change_expect(expect, &t) == 0) { -- DEBUGP("ip_nat_mms: mms_data_fixup: using port %d\n", port); -- break; -- } -- } -- -- if(port == 0) -- return 0; -- -- sprintf(buffer, "\\\\%u.%u.%u.%u\\%s\\%u", -- NIPQUAD(newip), -- expect->tuple.dst.protonum == IPPROTO_UDP ? "UDP" -- : expect->tuple.dst.protonum == IPPROTO_TCP ? "TCP":proto_string, -- port); -- DEBUGP("ip_nat_mms: new unicode string=%s\n", buffer); -- -- memset(unicode_buffer, 0, sizeof(char)*75); -- -- for (i=0; i<strlen(buffer); ++i) -- *(unicode_buffer+i*2)=*(buffer+i); -- -- DEBUGP("ip_nat_mms: mms_data_fixup: padding: %u len: %u\n", ct_mms_info->padding, ct_mms_info->len); -- DEBUGP("ip_nat_mms: mms_data_fixup: offset: %u\n", MMS_SRV_UNICODE_STRING_OFFSET+ct_mms_info->len); -- DUMP_BYTES(data+MMS_SRV_UNICODE_STRING_OFFSET, 60); -- -- /* add end of packet to it */ -- for (j=0; j<ct_mms_info->padding; ++j) { -- DEBUGP("ip_nat_mms: mms_data_fixup: i=%u j=%u byte=%u\n", -- i, j, (u8)*(data+MMS_SRV_UNICODE_STRING_OFFSET+ct_mms_info->len+j)); -- *(unicode_buffer+i*2+j) = *(data+MMS_SRV_UNICODE_STRING_OFFSET+ct_mms_info->len+j); -- } -- -- /* pad with zeroes at the end ? see explanation of weird math below */ -- zero_padding = (8-(strlen(buffer)*2 + ct_mms_info->padding + 4)%8)%8; -- for (k=0; k<zero_padding; ++k) -- *(unicode_buffer+i*2+j+k)= (char)0; -- -- DEBUGP("ip_nat_mms: mms_data_fixup: zero_padding = %u\n", zero_padding); -- DEBUGP("ip_nat_mms: original=> chunkLenLV=%u chunkLenLM=%u messageLength=%u\n", -- *mms_chunkLenLV, *mms_chunkLenLM, *mms_messageLength); -- -- /* explanation, before I forget what I did: -- strlen(buffer)*2 + ct_mms_info->padding + 4 must be divisable by 8; -- divide by 8 and add 3 to compute the mms_chunkLenLM field, -- but note that things may have to be padded with zeroes to align by 8 -- bytes, hence we add 7 and divide by 8 to get the correct length */ -- *mms_chunkLenLM = (u_int32_t) (3+(strlen(buffer)*2+ct_mms_info->padding+11)/8); -- *mms_chunkLenLV = *mms_chunkLenLM+2; -- *mms_messageLength = *mms_chunkLenLV*8; -- -- DEBUGP("ip_nat_mms: modified=> chunkLenLV=%u chunkLenLM=%u messageLength=%u\n", -- *mms_chunkLenLV, *mms_chunkLenLM, *mms_messageLength); -- -- ip_nat_mangle_tcp_packet(pskb, ct, ctinfo, -- expect->seq - ntohl(tcph->seq), -- ct_mms_info->len + ct_mms_info->padding, unicode_buffer, -- strlen(buffer)*2 + ct_mms_info->padding + zero_padding); -- DUMP_BYTES(unicode_buffer, 60); -- -- return 1; --} -- --static unsigned int --mms_nat_expected(struct sk_buff **pskb, -- unsigned int hooknum, -- struct ip_conntrack *ct, -- struct ip_nat_info *info) --{ -- struct ip_nat_multi_range mr; -- u_int32_t newdstip, newsrcip, newip; -- -- struct ip_conntrack *master = master_ct(ct); -- -- IP_NF_ASSERT(info); -- IP_NF_ASSERT(master); -- -- IP_NF_ASSERT(!(info->initialized & (1 << HOOK2MANIP(hooknum)))); -- -- DEBUGP("ip_nat_mms: mms_nat_expected: We have a connection!\n"); -- -- newdstip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; -- newsrcip = ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.ip; -- DEBUGP("ip_nat_mms: mms_nat_expected: hook %s: newsrc->newdst %u.%u.%u.%u->%u.%u.%u.%u\n", -- hooknum == NF_IP_POST_ROUTING ? "POSTROUTING" -- : hooknum == NF_IP_PRE_ROUTING ? "PREROUTING" -- : hooknum == NF_IP_LOCAL_OUT ? "OUTPUT" : "???", -- NIPQUAD(newsrcip), NIPQUAD(newdstip)); -- -- if (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC) -- newip = newsrcip; -- else -- newip = newdstip; -- -- DEBUGP("ip_nat_mms: mms_nat_expected: IP to %u.%u.%u.%u\n", NIPQUAD(newip)); -- -- mr.rangesize = 1; -- /* We don't want to manip the per-protocol, just the IPs. */ -- mr.range[0].flags = IP_NAT_RANGE_MAP_IPS; -- mr.range[0].min_ip = mr.range[0].max_ip = newip; -- -- return ip_nat_setup_info(ct, &mr, hooknum); --} -- -- --static unsigned int mms_nat_help(struct ip_conntrack *ct, -- struct ip_conntrack_expect *exp, -- struct ip_nat_info *info, -- enum ip_conntrack_info ctinfo, -- unsigned int hooknum, -- struct sk_buff **pskb) --{ -- struct iphdr *iph = (*pskb)->nh.iph; -- struct tcphdr *tcph = (void *) iph + iph->ihl * 4; -- unsigned int datalen; -- int dir; -- struct ip_ct_mms_expect *ct_mms_info; -- -- if (!exp) -- DEBUGP("ip_nat_mms: no exp!!"); -- -- ct_mms_info = &exp->help.exp_mms_info; -- -- /* Only mangle things once: original direction in POST_ROUTING -- and reply direction on PRE_ROUTING. */ -- dir = CTINFO2DIR(ctinfo); -- if (!((hooknum == NF_IP_POST_ROUTING && dir == IP_CT_DIR_ORIGINAL) -- ||(hooknum == NF_IP_PRE_ROUTING && dir == IP_CT_DIR_REPLY))) { -- DEBUGP("ip_nat_mms: mms_nat_help: not touching dir %s at hook %s\n", -- dir == IP_CT_DIR_ORIGINAL ? "ORIG" : "REPLY", -- hooknum == NF_IP_POST_ROUTING ? "POSTROUTING" -- : hooknum == NF_IP_PRE_ROUTING ? "PREROUTING" -- : hooknum == NF_IP_LOCAL_OUT ? "OUTPUT" : "???"); -- return NF_ACCEPT; -- } -- DEBUGP("ip_nat_mms: mms_nat_help: beyond not touching (dir %s at hook %s)\n", -- dir == IP_CT_DIR_ORIGINAL ? "ORIG" : "REPLY", -- hooknum == NF_IP_POST_ROUTING ? "POSTROUTING" -- : hooknum == NF_IP_PRE_ROUTING ? "PREROUTING" -- : hooknum == NF_IP_LOCAL_OUT ? "OUTPUT" : "???"); -- -- datalen = (*pskb)->len - iph->ihl * 4 - tcph->doff * 4; -- -- DEBUGP("ip_nat_mms: mms_nat_help: %u+%u=%u %u %u\n", exp->seq, ct_mms_info->len, -- exp->seq + ct_mms_info->len, -- ntohl(tcph->seq), -- ntohl(tcph->seq) + datalen); -- -- LOCK_BH(&ip_mms_lock); -- /* Check wether the whole IP/proto/port pattern is carried in the payload */ -- if (between(exp->seq + ct_mms_info->len, -- ntohl(tcph->seq), -- ntohl(tcph->seq) + datalen)) { -- if (!mms_data_fixup(ct_mms_info, ct, pskb, ctinfo, exp)) { -- UNLOCK_BH(&ip_mms_lock); -- return NF_DROP; -- } -- } else { -- /* Half a match? This means a partial retransmisison. -- It's a cracker being funky. */ -- if (net_ratelimit()) { -- printk("ip_nat_mms: partial packet %u/%u in %u/%u\n", -- exp->seq, ct_mms_info->len, -- ntohl(tcph->seq), -- ntohl(tcph->seq) + datalen); -- } -- UNLOCK_BH(&ip_mms_lock); -- return NF_DROP; -- } -- UNLOCK_BH(&ip_mms_lock); -- -- return NF_ACCEPT; --} -- --static struct ip_nat_helper mms[MAX_PORTS]; --static char mms_names[MAX_PORTS][10]; -- --/* Not __exit: called from init() */ --static void fini(void) --{ -- int i; -- -- for (i = 0; (i < MAX_PORTS) && ports[i]; i++) { -- DEBUGP("ip_nat_mms: unregistering helper for port %d\n", ports[i]); -- ip_nat_helper_unregister(&mms[i]); -- } --} -- --static int __init init(void) --{ -- int i, ret = 0; -- char *tmpname; -- -- if (ports[0] == 0) -- ports[0] = MMS_PORT; -- -- for (i = 0; (i < MAX_PORTS) && ports[i]; i++) { -- -- memset(&mms[i], 0, sizeof(struct ip_nat_helper)); -- -- mms[i].tuple.dst.protonum = IPPROTO_TCP; -- mms[i].tuple.src.u.tcp.port = htons(ports[i]); -- mms[i].mask.dst.protonum = 0xFFFF; -- mms[i].mask.src.u.tcp.port = 0xFFFF; -- mms[i].help = mms_nat_help; -- mms[i].me = THIS_MODULE; -- mms[i].flags = 0; -- mms[i].expect = mms_nat_expected; -- -- tmpname = &mms_names[i][0]; -- if (ports[i] == MMS_PORT) -- sprintf(tmpname, "mms"); -- else -- sprintf(tmpname, "mms-%d", i); -- mms[i].name = tmpname; -- -- DEBUGP("ip_nat_mms: register helper for port %d\n", -- ports[i]); -- ret = ip_nat_helper_register(&mms[i]); -- -- if (ret) { -- printk("ip_nat_mms: error registering " -- "helper for port %d\n", ports[i]); -- fini(); -- return ret; -- } -- ports_c++; -- } -- -- return ret; --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_nat_pptp.c linux.stock/net/ipv4/netfilter/ip_nat_pptp.c ---- linux/net/ipv4/netfilter/ip_nat_pptp.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_pptp.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,412 +0,0 @@ --/* -- * ip_nat_pptp.c - Version 1.11 -- * -- * NAT support for PPTP (Point to Point Tunneling Protocol). -- * PPTP is a a protocol for creating virtual private networks. -- * It is a specification defined by Microsoft and some vendors -- * working with Microsoft. PPTP is built on top of a modified -- * version of the Internet Generic Routing Encapsulation Protocol. -- * GRE is defined in RFC 1701 and RFC 1702. Documentation of -- * PPTP can be found in RFC 2637 -- * -- * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org> -- * -- * Development of this code funded by Astaro AG (http://www.astaro.com/) -- * -- * TODO: - Support for multiple calls within one session -- * (needs netfilter newnat code) -- * - NAT to a unique tuple, not to TCP source port -- * (needs netfilter tuple reservation) -- * - Support other NAT scenarios than SNAT of PNS -- * -- */ -- --#include <linux/config.h> --#include <linux/module.h> --#include <linux/ip.h> --#include <linux/tcp.h> --#include <net/tcp.h> --#include <linux/netfilter_ipv4/ip_nat.h> --#include <linux/netfilter_ipv4/ip_nat_rule.h> --#include <linux/netfilter_ipv4/ip_nat_helper.h> --#include <linux/netfilter_ipv4/ip_nat_pptp.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_proto_gre.h> --#include <linux/netfilter_ipv4/ip_conntrack_pptp.h> -- --MODULE_LICENSE("GPL"); --MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); --MODULE_DESCRIPTION("Netfilter NAT helper module for PPTP"); -- -- --#define DEBUGP(format, args...) -- --static unsigned int --pptp_nat_expected(struct sk_buff **pskb, -- unsigned int hooknum, -- struct ip_conntrack *ct, -- struct ip_nat_info *info) --{ -- struct ip_conntrack *master = master_ct(ct); -- struct ip_nat_multi_range mr; -- struct ip_ct_pptp_master *ct_pptp_info; -- struct ip_nat_pptp *nat_pptp_info; -- u_int32_t newsrcip, newdstip, newcid; -- int ret; -- -- IP_NF_ASSERT(info); -- IP_NF_ASSERT(master); -- IP_NF_ASSERT(!(info->initialized & (1 << HOOK2MANIP(hooknum)))); -- -- DEBUGP("we have a connection!\n"); -- -- LOCK_BH(&ip_pptp_lock); -- ct_pptp_info = &master->help.ct_pptp_info; -- nat_pptp_info = &master->nat.help.nat_pptp_info; -- -- /* need to alter GRE tuple because conntrack expectfn() used 'wrong' -- * (unmanipulated) values */ -- if (hooknum == NF_IP_PRE_ROUTING) { -- DEBUGP("completing tuples with NAT info \n"); -- /* we can do this, since we're unconfirmed */ -- if (ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.u.gre.key == -- htonl(ct_pptp_info->pac_call_id)) { -- /* assume PNS->PAC */ -- ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.gre.key = -- htonl(nat_pptp_info->pns_call_id); --// ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.u.gre.key = --// htonl(nat_pptp_info->pac_call_id); -- ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.gre.key = -- htonl(nat_pptp_info->pns_call_id); -- } else { -- /* assume PAC->PNS */ -- DEBUGP("WRONG DIRECTION\n"); -- ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.src.u.gre.key = -- htonl(nat_pptp_info->pac_call_id); -- ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.u.gre.key = -- htonl(nat_pptp_info->pns_call_id); -- } -- } -- -- if (HOOK2MANIP(hooknum) == IP_NAT_MANIP_DST) { -- newdstip = master->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip; -- newcid = htonl(master->nat.help.nat_pptp_info.pac_call_id); -- -- mr.rangesize = 1; -- mr.range[0].flags = IP_NAT_RANGE_MAP_IPS | IP_NAT_RANGE_PROTO_SPECIFIED; -- mr.range[0].min_ip = mr.range[0].max_ip = newdstip; -- mr.range[0].min = mr.range[0].max = -- ((union ip_conntrack_manip_proto ) { newcid }); -- DEBUGP("change dest ip to %u.%u.%u.%u\n", -- NIPQUAD(newdstip)); -- DEBUGP("change dest key to 0x%x\n", ntohl(newcid)); -- ret = ip_nat_setup_info(ct, &mr, hooknum); -- } else { -- newsrcip = master->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- /* nat_multi_range is in network byte order, and GRE tuple -- * is 32 bits, not 16 like callID */ -- newcid = htonl(master->help.ct_pptp_info.pns_call_id); -- -- mr.rangesize = 1; -- mr.range[0].flags = IP_NAT_RANGE_MAP_IPS -- |IP_NAT_RANGE_PROTO_SPECIFIED; -- mr.range[0].min_ip = mr.range[0].max_ip = newsrcip; -- mr.range[0].min = mr.range[0].max = -- ((union ip_conntrack_manip_proto ) { newcid }); -- DEBUGP("change src ip to %u.%u.%u.%u\n", -- NIPQUAD(newsrcip)); -- DEBUGP("change 'src' key to 0x%x\n", ntohl(newcid)); -- ret = ip_nat_setup_info(ct, &mr, hooknum); -- } -- -- UNLOCK_BH(&ip_pptp_lock); -- -- return ret; -- --} -- --/* outbound packets == from PNS to PAC */ --static inline unsigned int --pptp_outbound_pkt(struct tcphdr *tcph, struct pptp_pkt_hdr *pptph, -- size_t datalen, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo, -- struct ip_conntrack_expect *exp) -- --{ -- struct PptpControlHeader *ctlh; -- union pptp_ctrl_union pptpReq; -- struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info; -- struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info; -- -- u_int16_t msg, *cid = NULL, new_callid; -- -- ctlh = (struct PptpControlHeader *) ((void *) pptph + sizeof(*pptph)); -- pptpReq.rawreq = (void *) ((void *) ctlh + sizeof(*ctlh)); -- -- new_callid = htons(ct_pptp_info->pns_call_id); -- -- switch (msg = ntohs(ctlh->messageType)) { -- case PPTP_OUT_CALL_REQUEST: -- cid = &pptpReq.ocreq->callID; -- -- /* save original call ID in nat_info */ -- nat_pptp_info->pns_call_id = ct_pptp_info->pns_call_id; -- -- new_callid = tcph->source; -- /* save new call ID in ct info */ -- ct_pptp_info->pns_call_id = ntohs(new_callid); -- break; -- case PPTP_IN_CALL_REPLY: -- cid = &pptpReq.icreq->callID; -- break; -- case PPTP_CALL_CLEAR_REQUEST: -- cid = &pptpReq.clrreq->callID; -- break; -- case PPTP_CALL_DISCONNECT_NOTIFY: -- cid = &pptpReq.disc->callID; -- break; -- -- default: -- DEBUGP("unknown outbound packet 0x%04x:%s\n", msg, -- (msg <= PPTP_MSG_MAX)? strMName[msg]:strMName[0]); -- /* fall through */ -- -- case PPTP_SET_LINK_INFO: -- /* only need to NAT in case PAC is behind NAT box */ -- case PPTP_START_SESSION_REQUEST: -- case PPTP_START_SESSION_REPLY: -- case PPTP_STOP_SESSION_REQUEST: -- case PPTP_STOP_SESSION_REPLY: -- case PPTP_ECHO_REQUEST: -- case PPTP_ECHO_REPLY: -- /* no need to alter packet */ -- return NF_ACCEPT; -- } -- -- IP_NF_ASSERT(cid); -- -- DEBUGP("altering call id from 0x%04x to 0x%04x\n", -- ntohs(*cid), ntohs(new_callid)); -- /* mangle packet */ -- tcph->check = ip_nat_cheat_check(*cid^0xFFFF, -- new_callid, tcph->check); -- *cid = new_callid; -- -- return NF_ACCEPT; --} -- --/* inbound packets == from PAC to PNS */ --static inline unsigned int --pptp_inbound_pkt(struct tcphdr *tcph, struct pptp_pkt_hdr *pptph, -- size_t datalen, -- struct ip_conntrack *ct, -- enum ip_conntrack_info ctinfo, -- struct ip_conntrack_expect *oldexp) --{ -- struct PptpControlHeader *ctlh; -- union pptp_ctrl_union pptpReq; -- struct ip_ct_pptp_master *ct_pptp_info = &ct->help.ct_pptp_info; -- struct ip_nat_pptp *nat_pptp_info = &ct->nat.help.nat_pptp_info; -- -- u_int16_t msg, new_cid = 0, new_pcid, *pcid = NULL, *cid = NULL; -- u_int32_t old_dst_ip; -- -- struct ip_conntrack_tuple t; -- -- ctlh = (struct PptpControlHeader *) ((void *) pptph + sizeof(*pptph)); -- pptpReq.rawreq = (void *) ((void *) ctlh + sizeof(*ctlh)); -- -- new_pcid = htons(nat_pptp_info->pns_call_id); -- -- switch (msg = ntohs(ctlh->messageType)) { -- case PPTP_OUT_CALL_REPLY: -- pcid = &pptpReq.ocack->peersCallID; -- cid = &pptpReq.ocack->callID; -- if (!oldexp) { -- DEBUGP("outcall but no expectation\n"); -- break; -- } -- old_dst_ip = oldexp->tuple.dst.ip; -- t = oldexp->tuple; -- -- /* save original PAC call ID in nat_info */ -- nat_pptp_info->pac_call_id = ct_pptp_info->pac_call_id; -- -- /* store new callID in ct_info, so conntrack works */ -- //ct_pptp_info->pac_call_id = ntohs(tcph->source); -- //new_cid = htons(ct_pptp_info->pac_call_id); -- -- /* alter expectation */ -- if (t.dst.ip == ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip) { -- /* expectation for PNS->PAC direction */ -- t.dst.u.gre.key = htonl(ct_pptp_info->pac_call_id); -- t.src.u.gre.key = htonl(nat_pptp_info->pns_call_id); -- } else { -- /* expectation for PAC->PNS direction */ -- t.dst.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- DEBUGP("EXPECTATION IN WRONG DIRECTION!!!\n"); -- } -- -- if (!ip_conntrack_change_expect(oldexp, &t)) { -- DEBUGP("successfully changed expect\n"); -- } else { -- DEBUGP("can't change expect\n"); -- } -- ip_ct_gre_keymap_change(oldexp->proto.gre.keymap_orig, &t); -- /* reply keymap */ -- t.src.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.src.ip; -- t.dst.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- t.src.u.gre.key = htonl(nat_pptp_info->pac_call_id); -- t.dst.u.gre.key = htonl(ct_pptp_info->pns_call_id); -- ip_ct_gre_keymap_change(oldexp->proto.gre.keymap_reply, &t); -- -- break; -- case PPTP_IN_CALL_CONNECT: -- pcid = &pptpReq.iccon->peersCallID; -- if (!oldexp) -- break; -- old_dst_ip = oldexp->tuple.dst.ip; -- t = oldexp->tuple; -- -- /* alter expectation, no need for callID */ -- if (t.dst.ip == ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple.dst.ip) { -- /* expectation for PNS->PAC direction */ -- t.src.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- } else { -- /* expectation for PAC->PNS direction */ -- t.dst.ip = ct->tuplehash[IP_CT_DIR_REPLY].tuple.dst.ip; -- } -- -- if (!ip_conntrack_change_expect(oldexp, &t)) { -- DEBUGP("successfully changed expect\n"); -- } else { -- DEBUGP("can't change expect\n"); -- } -- break; -- case PPTP_IN_CALL_REQUEST: -- /* only need to nat in case PAC is behind NAT box */ -- break; -- case PPTP_WAN_ERROR_NOTIFY: -- pcid = &pptpReq.wanerr->peersCallID; -- break; -- default: -- DEBUGP("unknown inbound packet %s\n", -- (msg <= PPTP_MSG_MAX)? strMName[msg]:strMName[0]); -- /* fall through */ -- -- case PPTP_START_SESSION_REQUEST: -- case PPTP_START_SESSION_REPLY: -- case PPTP_STOP_SESSION_REQUEST: -- case PPTP_ECHO_REQUEST: -- case PPTP_ECHO_REPLY: -- /* no need to alter packet */ -- return NF_ACCEPT; -- } -- -- /* mangle packet */ -- IP_NF_ASSERT(pcid); -- DEBUGP("altering peer call id from 0x%04x to 0x%04x\n", -- ntohs(*pcid), ntohs(new_pcid)); -- tcph->check = ip_nat_cheat_check(*pcid^0xFFFF, -- new_pcid, tcph->check); -- *pcid = new_pcid; -- -- if (new_cid) { -- IP_NF_ASSERT(cid); -- DEBUGP("altering call id from 0x%04x to 0x%04x\n", -- ntohs(*cid), ntohs(new_cid)); -- tcph->check = ip_nat_cheat_check(*cid^0xFFFF, -- new_cid, tcph->check); -- *cid = new_cid; -- } -- -- /* great, at least we don't need to resize packets */ -- return NF_ACCEPT; --} -- -- --static unsigned int tcp_help(struct ip_conntrack *ct, -- struct ip_conntrack_expect *exp, -- struct ip_nat_info *info, -- enum ip_conntrack_info ctinfo, -- unsigned int hooknum, struct sk_buff **pskb) --{ -- struct iphdr *iph = (*pskb)->nh.iph; -- struct tcphdr *tcph = (void *) iph + iph->ihl*4; -- unsigned int datalen = (*pskb)->len - iph->ihl*4 - tcph->doff*4; -- struct pptp_pkt_hdr *pptph; -- void *datalimit; -- -- int dir; -- -- DEBUGP("entering\n"); -- -- /* Only mangle things once: original direction in POST_ROUTING -- and reply direction on PRE_ROUTING. */ -- dir = CTINFO2DIR(ctinfo); -- if (!((hooknum == NF_IP_POST_ROUTING && dir == IP_CT_DIR_ORIGINAL) -- || (hooknum == NF_IP_PRE_ROUTING && dir == IP_CT_DIR_REPLY))) { -- DEBUGP("Not touching dir %s at hook %s\n", -- dir == IP_CT_DIR_ORIGINAL ? "ORIG" : "REPLY", -- hooknum == NF_IP_POST_ROUTING ? "POSTROUTING" -- : hooknum == NF_IP_PRE_ROUTING ? "PREROUTING" -- : hooknum == NF_IP_LOCAL_OUT ? "OUTPUT" : "???"); -- return NF_ACCEPT; -- } -- -- /* if packet is too small, just skip it */ -- if (datalen < sizeof(struct pptp_pkt_hdr)+ -- sizeof(struct PptpControlHeader)) { -- DEBUGP("pptp packet too short\n"); -- return NF_ACCEPT; -- } -- -- -- pptph = (struct pptp_pkt_hdr *) ((void *)tcph + tcph->doff*4); -- datalimit = (void *) pptph + datalen; -- -- LOCK_BH(&ip_pptp_lock); -- -- if (dir == IP_CT_DIR_ORIGINAL) { -- /* reuqests sent by client to server (PNS->PAC) */ -- pptp_outbound_pkt(tcph, pptph, datalen, ct, ctinfo, exp); -- } else { -- /* response from the server to the client (PAC->PNS) */ -- pptp_inbound_pkt(tcph, pptph, datalen, ct, ctinfo, exp); -- } -- -- UNLOCK_BH(&ip_pptp_lock); -- -- return NF_ACCEPT; --} -- --/* nat helper struct for control connection */ --static struct ip_nat_helper pptp_tcp_helper = { -- { NULL, NULL }, -- "pptp", IP_NAT_HELPER_F_ALWAYS, THIS_MODULE, -- { { 0, { tcp: { port: __constant_htons(PPTP_CONTROL_PORT) } } }, -- { 0, { 0 }, IPPROTO_TCP } }, -- { { 0, { tcp: { port: 0xFFFF } } }, -- { 0, { 0 }, 0xFFFF } }, -- tcp_help, pptp_nat_expected }; -- -- --static int __init init(void) --{ -- DEBUGP("init_module\n" ); -- -- if (ip_nat_helper_register(&pptp_tcp_helper)) -- return -EIO; -- -- return 0; --} -- --static void __exit fini(void) --{ -- DEBUGP("cleanup_module\n" ); -- ip_nat_helper_unregister(&pptp_tcp_helper); --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_nat_proto_gre.c linux.stock/net/ipv4/netfilter/ip_nat_proto_gre.c ---- linux/net/ipv4/netfilter/ip_nat_proto_gre.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_proto_gre.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,212 +0,0 @@ --/* -- * ip_nat_proto_gre.c - Version 1.11 -- * -- * NAT protocol helper module for GRE. -- * -- * GRE is a generic encapsulation protocol, which is generally not very -- * suited for NAT, as it has no protocol-specific part as port numbers. -- * -- * It has an optional key field, which may help us distinguishing two -- * connections between the same two hosts. -- * -- * GRE is defined in RFC 1701 and RFC 1702, as well as RFC 2784 -- * -- * PPTP is built on top of a modified version of GRE, and has a mandatory -- * field called "CallID", which serves us for the same purpose as the key -- * field in plain GRE. -- * -- * Documentation about PPTP can be found in RFC 2637 -- * -- * (C) 2000-2002 by Harald Welte <laforge@gnumonks.org> -- * -- * Development of this code funded by Astaro AG (http://www.astaro.com/) -- * -- */ -- --#include <linux/config.h> --#include <linux/module.h> --#include <linux/ip.h> --#include <linux/netfilter_ipv4/ip_nat.h> --#include <linux/netfilter_ipv4/ip_nat_rule.h> --#include <linux/netfilter_ipv4/ip_nat_protocol.h> --#include <linux/netfilter_ipv4/ip_conntrack_proto_gre.h> -- --MODULE_LICENSE("GPL"); --MODULE_AUTHOR("Harald Welte <laforge@gnumonks.org>"); --MODULE_DESCRIPTION("Netfilter NAT protocol helper module for GRE"); -- --#define DEBUGP(x, args...) -- --/* is key in given range between min and max */ --static int --gre_in_range(const struct ip_conntrack_tuple *tuple, -- enum ip_nat_manip_type maniptype, -- const union ip_conntrack_manip_proto *min, -- const union ip_conntrack_manip_proto *max) --{ -- return ntohl(tuple->src.u.gre.key) >= ntohl(min->gre.key) -- && ntohl(tuple->src.u.gre.key) <= ntohl(max->gre.key); --} -- --/* generate unique tuple ... */ --static int --gre_unique_tuple(struct ip_conntrack_tuple *tuple, -- const struct ip_nat_range *range, -- enum ip_nat_manip_type maniptype, -- const struct ip_conntrack *conntrack) --{ -- u_int32_t min, i, range_size; -- u_int32_t key = 0, *keyptr; -- -- if (maniptype == IP_NAT_MANIP_SRC) -- keyptr = &tuple->src.u.gre.key; -- else -- keyptr = &tuple->dst.u.gre.key; -- -- if (!(range->flags & IP_NAT_RANGE_PROTO_SPECIFIED)) { -- -- switch (tuple->dst.u.gre.version) { -- case 0: -- DEBUGP("NATing GRE version 0 (ct=%p)\n", -- conntrack); -- min = 1; -- range_size = 0xffffffff; -- break; -- case GRE_VERSION_PPTP: -- DEBUGP("%p: NATing GRE PPTP\n", -- conntrack); -- min = 1; -- range_size = 0xffff; -- break; -- default: -- printk(KERN_WARNING "nat_gre: unknown GRE version\n"); -- return 0; -- break; -- } -- -- } else { -- min = ntohl(range->min.gre.key); -- range_size = ntohl(range->max.gre.key) - min + 1; -- } -- -- DEBUGP("min = %u, range_size = %u\n", min, range_size); -- -- for (i = 0; i < range_size; i++, key++) { -- *keyptr = htonl(min + key % range_size); -- if (!ip_nat_used_tuple(tuple, conntrack)) -- return 1; -- } -- -- DEBUGP("%p: no NAT mapping\n", conntrack); -- -- return 0; --} -- --/* manipulate a GRE packet according to maniptype */ --static void --gre_manip_pkt(struct iphdr *iph, size_t len, -- const struct ip_conntrack_manip *manip, -- enum ip_nat_manip_type maniptype) --{ -- struct gre_hdr *greh = (struct gre_hdr *)((u_int32_t *)iph+iph->ihl); -- struct gre_hdr_pptp *pgreh = (struct gre_hdr_pptp *) greh; -- -- /* we only have destination manip of a packet, since 'source key' -- * is not present in the packet itself */ -- if (maniptype == IP_NAT_MANIP_DST) { -- /* key manipulation is always dest */ -- switch (greh->version) { -- case 0: -- if (!greh->key) { -- DEBUGP("can't nat GRE w/o key\n"); -- break; -- } -- if (greh->csum) { -- *(gre_csum(greh)) = -- ip_nat_cheat_check(~*(gre_key(greh)), -- manip->u.gre.key, -- *(gre_csum(greh))); -- } -- *(gre_key(greh)) = manip->u.gre.key; -- break; -- case GRE_VERSION_PPTP: -- DEBUGP("call_id -> 0x%04x\n", -- ntohl(manip->u.gre.key)); -- pgreh->call_id = htons(ntohl(manip->u.gre.key)); -- break; -- default: -- DEBUGP("can't nat unknown GRE version\n"); -- break; -- } -- } --} -- --/* print out a nat tuple */ --static unsigned int --gre_print(char *buffer, -- const struct ip_conntrack_tuple *match, -- const struct ip_conntrack_tuple *mask) --{ -- unsigned int len = 0; -- -- if (mask->dst.u.gre.version) -- len += sprintf(buffer + len, "version=%d ", -- ntohs(match->dst.u.gre.version)); -- -- if (mask->dst.u.gre.protocol) -- len += sprintf(buffer + len, "protocol=0x%x ", -- ntohs(match->dst.u.gre.protocol)); -- -- if (mask->src.u.gre.key) -- len += sprintf(buffer + len, "srckey=0x%x ", -- ntohl(match->src.u.gre.key)); -- -- if (mask->dst.u.gre.key) -- len += sprintf(buffer + len, "dstkey=0x%x ", -- ntohl(match->src.u.gre.key)); -- -- return len; --} -- --/* print a range of keys */ --static unsigned int --gre_print_range(char *buffer, const struct ip_nat_range *range) --{ -- if (range->min.gre.key != 0 -- || range->max.gre.key != 0xFFFF) { -- if (range->min.gre.key == range->max.gre.key) -- return sprintf(buffer, "key 0x%x ", -- ntohl(range->min.gre.key)); -- else -- return sprintf(buffer, "keys 0x%u-0x%u ", -- ntohl(range->min.gre.key), -- ntohl(range->max.gre.key)); -- } else -- return 0; --} -- --/* nat helper struct */ --static struct ip_nat_protocol gre = -- { { NULL, NULL }, "GRE", IPPROTO_GRE, -- gre_manip_pkt, -- gre_in_range, -- gre_unique_tuple, -- gre_print, -- gre_print_range -- }; -- --static int __init init(void) --{ -- if (ip_nat_protocol_register(&gre)) -- return -EIO; -- -- return 0; --} -- --static void __exit fini(void) --{ -- ip_nat_protocol_unregister(&gre); --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_nat_standalone.c linux.stock/net/ipv4/netfilter/ip_nat_standalone.c ---- linux/net/ipv4/netfilter/ip_nat_standalone.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_standalone.c 2004-05-09 04:13:03.000000000 -0400 -@@ -37,7 +37,11 @@ - #include <linux/netfilter_ipv4/ip_conntrack_core.h> - #include <linux/netfilter_ipv4/listhelp.h> - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - #define HOOKNAME(hooknum) ((hooknum) == NF_IP_POST_ROUTING ? "POST_ROUTING" \ - : ((hooknum) == NF_IP_PRE_ROUTING ? "PRE_ROUTING" \ -@@ -354,6 +358,5 @@ - EXPORT_SYMBOL(ip_nat_helper_unregister); - EXPORT_SYMBOL(ip_nat_cheat_check); - EXPORT_SYMBOL(ip_nat_mangle_tcp_packet); --EXPORT_SYMBOL(ip_nat_mangle_udp_packet); - EXPORT_SYMBOL(ip_nat_used_tuple); - MODULE_LICENSE("GPL"); -diff -Nurb linux/net/ipv4/netfilter/ip_nat_tftp.c linux.stock/net/ipv4/netfilter/ip_nat_tftp.c ---- linux/net/ipv4/netfilter/ip_nat_tftp.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_nat_tftp.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,186 +0,0 @@ --/* -- * Licensed under GNU GPL version 2 Copyright Magnus Boden <mb@ozaba.mine.nu> -- * Version: 0.0.7 -- * -- * Thu 21 Mar 2002 Harald Welte <laforge@gnumonks.org> -- * - Port to newnat API -- * -- * This module currently supports DNAT: -- * iptables -t nat -A PREROUTING -d x.x.x.x -j DNAT --to-dest x.x.x.y -- * -- * and SNAT: -- * iptables -t nat -A POSTROUTING { -j MASQUERADE , -j SNAT --to-source x.x.x.x } -- * -- * It has not been tested with -- * -j SNAT --to-source x.x.x.x-x.x.x.y since I only have one external ip -- * If you do test this please let me know if it works or not. -- * -- */ -- --#include <linux/module.h> --#include <linux/netfilter_ipv4.h> --#include <linux/ip.h> --#include <linux/udp.h> -- --#include <linux/netfilter.h> --#include <linux/netfilter_ipv4/ip_tables.h> --#include <linux/netfilter_ipv4/ip_conntrack_helper.h> --#include <linux/netfilter_ipv4/ip_conntrack_tftp.h> --#include <linux/netfilter_ipv4/ip_nat_helper.h> --#include <linux/netfilter_ipv4/ip_nat_rule.h> -- --MODULE_AUTHOR("Magnus Boden <mb@ozaba.mine.nu>"); --MODULE_DESCRIPTION("Netfilter NAT helper for tftp"); --MODULE_LICENSE("GPL"); -- --#define MAX_PORTS 8 -- --static int ports[MAX_PORTS]; --static int ports_c = 0; --#ifdef MODULE_PARM --MODULE_PARM(ports,"1-" __MODULE_STRING(MAX_PORTS) "i"); --MODULE_PARM_DESC(ports, "port numbers of tftp servers"); --#endif -- --#define DEBUGP(format, args...) --static unsigned int --tftp_nat_help(struct ip_conntrack *ct, -- struct ip_conntrack_expect *exp, -- struct ip_nat_info *info, -- enum ip_conntrack_info ctinfo, -- unsigned int hooknum, -- struct sk_buff **pskb) --{ -- int dir = CTINFO2DIR(ctinfo); -- struct iphdr *iph = (*pskb)->nh.iph; -- struct udphdr *udph = (void *)iph + iph->ihl * 4; -- struct tftphdr *tftph = (void *)udph + 8; -- struct ip_conntrack_tuple repl; -- -- if (!((hooknum == NF_IP_POST_ROUTING && dir == IP_CT_DIR_ORIGINAL) -- || (hooknum == NF_IP_PRE_ROUTING && dir == IP_CT_DIR_REPLY))) -- return NF_ACCEPT; -- -- if (!exp) { -- DEBUGP("no conntrack expectation to modify\n"); -- return NF_ACCEPT; -- } -- -- switch (ntohs(tftph->opcode)) { -- /* RRQ and WRQ works the same way */ -- case TFTP_OPCODE_READ: -- case TFTP_OPCODE_WRITE: -- repl = ct->tuplehash[IP_CT_DIR_REPLY].tuple; -- DEBUGP(""); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_ORIGINAL].tuple); -- DUMP_TUPLE(&ct->tuplehash[IP_CT_DIR_REPLY].tuple); -- DEBUGP("expecting: "); -- DUMP_TUPLE_RAW(&repl); -- DUMP_TUPLE_RAW(&exp->mask); -- ip_conntrack_change_expect(exp, &repl); -- break; -- default: -- DEBUGP("Unknown opcode\n"); -- } -- -- return NF_ACCEPT; --} -- --static unsigned int --tftp_nat_expected(struct sk_buff **pskb, -- unsigned int hooknum, -- struct ip_conntrack *ct, -- struct ip_nat_info *info) --{ -- const struct ip_conntrack *master = ct->master->expectant; -- const struct ip_conntrack_tuple *orig = -- &master->tuplehash[IP_CT_DIR_ORIGINAL].tuple; -- struct ip_nat_multi_range mr; -- -- IP_NF_ASSERT(info); -- IP_NF_ASSERT(master); -- IP_NF_ASSERT(!(info->initialized & (1 << HOOK2MANIP(hooknum)))); -- -- mr.rangesize = 1; -- mr.range[0].flags = IP_NAT_RANGE_MAP_IPS; -- -- if (HOOK2MANIP(hooknum) == IP_NAT_MANIP_SRC) { -- mr.range[0].min_ip = mr.range[0].max_ip = orig->dst.ip; -- DEBUGP("orig: %u.%u.%u.%u:%u <-> %u.%u.%u.%u:%u " -- "newsrc: %u.%u.%u.%u\n", -- NIPQUAD((*pskb)->nh.iph->saddr), ntohs(udph->source), -- NIPQUAD((*pskb)->nh.iph->daddr), ntohs(udph->dest), -- NIPQUAD(orig->dst.ip)); -- } else { -- mr.range[0].min_ip = mr.range[0].max_ip = orig->src.ip; -- mr.range[0].min.udp.port = mr.range[0].max.udp.port = -- orig->src.u.udp.port; -- mr.range[0].flags |= IP_NAT_RANGE_PROTO_SPECIFIED; -- -- DEBUGP("orig: %u.%u.%u.%u:%u <-> %u.%u.%u.%u:%u " -- "newdst: %u.%u.%u.%u:%u\n", -- NIPQUAD((*pskb)->nh.iph->saddr), ntohs(udph->source), -- NIPQUAD((*pskb)->nh.iph->daddr), ntohs(udph->dest), -- NIPQUAD(orig->src.ip), ntohs(orig->src.u.udp.port)); -- } -- -- return ip_nat_setup_info(ct,&mr,hooknum); --} -- --static struct ip_nat_helper tftp[MAX_PORTS]; --static char tftp_names[MAX_PORTS][10]; -- --static void fini(void) --{ -- int i; -- -- for (i = 0 ; i < ports_c; i++) { -- DEBUGP("unregistering helper for port %d\n", ports[i]); -- ip_nat_helper_unregister(&tftp[i]); -- } --} -- --static int __init init(void) --{ -- int i, ret; -- char *tmpname; -- -- if (!ports[0]) -- ports[0] = TFTP_PORT; -- -- for (i = 0 ; (i < MAX_PORTS) && ports[i] ; i++) { -- memset(&tftp[i], 0, sizeof(struct ip_nat_helper)); -- -- tftp[i].tuple.dst.protonum = IPPROTO_UDP; -- tftp[i].tuple.src.u.udp.port = htons(ports[i]); -- tftp[i].mask.dst.protonum = 0xFFFF; -- tftp[i].mask.src.u.udp.port = 0xFFFF; -- tftp[i].help = tftp_nat_help; -- tftp[i].flags = 0; -- tftp[i].me = THIS_MODULE; -- tftp[i].expect = tftp_nat_expected; -- -- tmpname = &tftp_names[i][0]; -- if (ports[i] == TFTP_PORT) -- sprintf(tmpname, "tftp"); -- else -- sprintf(tmpname, "tftp-%d", i); -- tftp[i].name = tmpname; -- -- DEBUGP("ip_nat_tftp: registering for port %d: name %s\n", -- ports[i], tftp[i].name); -- ret = ip_nat_helper_register(&tftp[i]); -- -- if (ret) { -- printk("ip_nat_tftp: unable to register for port %d\n", -- ports[i]); -- fini(); -- return ret; -- } -- ports_c++; -- } -- return ret; --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_pool.c linux.stock/net/ipv4/netfilter/ip_pool.c ---- linux/net/ipv4/netfilter/ip_pool.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_pool.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,328 +0,0 @@ --/* Kernel module for IP pool management */ -- --#include <linux/module.h> --#include <linux/ip.h> --#include <linux/skbuff.h> --#include <linux/netfilter_ipv4/ip_tables.h> --#include <linux/netfilter_ipv4/ip_pool.h> --#include <linux/errno.h> --#include <asm/uaccess.h> --#include <asm/bitops.h> --#include <linux/interrupt.h> --#include <linux/spinlock.h> -- --#define DP(format, args...) -- --MODULE_LICENSE("GPL"); -- --#define NR_POOL 16 --static int nr_pool = NR_POOL;/* overwrite this when loading module */ -- --struct ip_pool { -- u_int32_t first_ip; /* host byte order, included in range */ -- u_int32_t last_ip; /* host byte order, included in range */ -- void *members; /* the bitmap proper */ -- int nr_use; /* total nr. of tests through this */ -- int nr_match; /* total nr. of matches through this */ -- rwlock_t lock; --}; -- --static struct ip_pool *POOL; -- --static inline struct ip_pool *lookup(ip_pool_t index) --{ -- if (index < 0 || index >= nr_pool) { -- DP("ip_pool:lookup: bad index %d\n", index); -- return 0; -- } -- return POOL+index; --} -- --int ip_pool_match(ip_pool_t index, u_int32_t addr) --{ -- struct ip_pool *pool = lookup(index); -- int res = 0; -- -- if (!pool || !pool->members) -- return 0; -- read_lock_bh(&pool->lock); -- if (pool->members) { -- if (addr >= pool->first_ip && addr <= pool->last_ip) { -- addr -= pool->first_ip; -- if (test_bit(addr, pool->members)) { -- res = 1; --#ifdef CONFIG_IP_POOL_STATISTICS -- pool->nr_match++; --#endif -- } -- } --#ifdef CONFIG_IP_POOL_STATISTICS -- pool->nr_use++; --#endif -- } -- read_unlock_bh(&pool->lock); -- return res; --} -- --static int pool_change(ip_pool_t index, u_int32_t addr, int isdel) --{ -- struct ip_pool *pool; -- int res = -1; -- -- pool = lookup(index); -- if ( !pool || !pool->members -- || addr < pool->first_ip || addr > pool->last_ip) -- return -1; -- read_lock_bh(&pool->lock); -- if (pool->members && addr >= pool->first_ip && addr <= pool->last_ip) { -- addr -= pool->first_ip; -- res = isdel -- ? (0 != test_and_clear_bit(addr, pool->members)) -- : (0 != test_and_set_bit(addr, pool->members)); -- } -- read_unlock_bh(&pool->lock); -- return res; --} -- --int ip_pool_mod(ip_pool_t index, u_int32_t addr, int isdel) --{ -- int res = pool_change(index,addr,isdel); -- -- if (!isdel) res = !res; -- return res; --} -- --static inline int bitmap_bytes(u_int32_t a, u_int32_t b) --{ -- return 4*((((b-a+8)/8)+3)/4); --} -- --static inline int poolbytes(ip_pool_t index) --{ -- struct ip_pool *pool = lookup(index); -- -- return pool ? bitmap_bytes(pool->first_ip, pool->last_ip) : 0; --} -- --static int setpool( -- struct sock *sk, -- int optval, -- void *user, -- unsigned int len --) { -- struct ip_pool_request req; -- -- DP("ip_pool:setpool: optval=%d, user=%p, len=%d\n", optval, user, len); -- if (!capable(CAP_NET_ADMIN)) -- return -EPERM; -- if (optval != SO_IP_POOL) -- return -EBADF; -- if (len != sizeof(req)) -- return -EINVAL; -- if (copy_from_user(&req, user, sizeof(req)) != 0) -- return -EFAULT; -- printk("obsolete op - upgrade your ippool(8) utility.\n"); -- return -EINVAL; --} -- --static int getpool( -- struct sock *sk, -- int optval, -- void *user, -- int *len --) { -- struct ip_pool_request req; -- struct ip_pool *pool; -- ip_pool_t i; -- int newbytes; -- void *newmembers; -- int res; -- -- DP("ip_pool:getpool: optval=%d, user=%p\n", optval, user); -- if (!capable(CAP_NET_ADMIN)) -- return -EINVAL; -- if (optval != SO_IP_POOL) -- return -EINVAL; -- if (*len != sizeof(req)) { -- return -EFAULT; -- } -- if (copy_from_user(&req, user, sizeof(req)) != 0) -- return -EFAULT; -- DP("ip_pool:getpool op=%d, index=%d\n", req.op, req.index); -- if (req.op < IP_POOL_BAD001) { -- printk("obsolete op - upgrade your ippool(8) utility.\n"); -- return -EFAULT; -- } -- switch(req.op) { -- case IP_POOL_HIGH_NR: -- DP("ip_pool HIGH_NR\n"); -- req.index = IP_POOL_NONE; -- for (i=0; i<nr_pool; i++) -- if (POOL[i].members) -- req.index = i; -- return copy_to_user(user, &req, sizeof(req)); -- case IP_POOL_LOOKUP: -- DP("ip_pool LOOKUP\n"); -- pool = lookup(req.index); -- if (!pool) -- return -EINVAL; -- if (!pool->members) -- return -EBADF; -- req.addr = htonl(pool->first_ip); -- req.addr2 = htonl(pool->last_ip); -- return copy_to_user(user, &req, sizeof(req)); -- case IP_POOL_USAGE: -- DP("ip_pool USE\n"); -- pool = lookup(req.index); -- if (!pool) -- return -EINVAL; -- if (!pool->members) -- return -EBADF; -- req.addr = pool->nr_use; -- req.addr2 = pool->nr_match; -- return copy_to_user(user, &req, sizeof(req)); -- case IP_POOL_TEST_ADDR: -- DP("ip_pool TEST 0x%08x\n", req.addr); -- pool = lookup(req.index); -- if (!pool) -- return -EINVAL; -- res = 0; -- read_lock_bh(&pool->lock); -- if (!pool->members) { -- DP("ip_pool TEST_ADDR no members in pool\n"); -- res = -EBADF; -- goto unlock_and_return_res; -- } -- req.addr = ntohl(req.addr); -- if (req.addr < pool->first_ip) { -- DP("ip_pool TEST_ADDR address < pool bounds\n"); -- res = -ERANGE; -- goto unlock_and_return_res; -- } -- if (req.addr > pool->last_ip) { -- DP("ip_pool TEST_ADDR address > pool bounds\n"); -- res = -ERANGE; -- goto unlock_and_return_res; -- } -- req.addr = (0 != test_bit((req.addr - pool->first_ip), -- pool->members)); -- read_unlock_bh(&pool->lock); -- return copy_to_user(user, &req, sizeof(req)); -- case IP_POOL_FLUSH: -- DP("ip_pool FLUSH not yet implemented.\n"); -- return -EBUSY; -- case IP_POOL_DESTROY: -- DP("ip_pool DESTROY not yet implemented.\n"); -- return -EBUSY; -- case IP_POOL_INIT: -- DP("ip_pool INIT 0x%08x-0x%08x\n", req.addr, req.addr2); -- pool = lookup(req.index); -- if (!pool) -- return -EINVAL; -- req.addr = ntohl(req.addr); -- req.addr2 = ntohl(req.addr2); -- if (req.addr > req.addr2) { -- DP("ip_pool INIT bad ip range\n"); -- return -EINVAL; -- } -- newbytes = bitmap_bytes(req.addr, req.addr2); -- newmembers = kmalloc(newbytes, GFP_KERNEL); -- if (!newmembers) { -- DP("ip_pool INIT out of mem for %d bytes\n", newbytes); -- return -ENOMEM; -- } -- memset(newmembers, 0, newbytes); -- write_lock_bh(&pool->lock); -- if (pool->members) { -- DP("ip_pool INIT pool %d exists\n", req.index); -- kfree(newmembers); -- res = -EBUSY; -- goto unlock_and_return_res; -- } -- pool->first_ip = req.addr; -- pool->last_ip = req.addr2; -- pool->nr_use = 0; -- pool->nr_match = 0; -- pool->members = newmembers; -- write_unlock_bh(&pool->lock); -- return 0; -- case IP_POOL_ADD_ADDR: -- DP("ip_pool ADD_ADDR 0x%08x\n", req.addr); -- req.addr = pool_change(req.index, ntohl(req.addr), 0); -- return copy_to_user(user, &req, sizeof(req)); -- case IP_POOL_DEL_ADDR: -- DP("ip_pool DEL_ADDR 0x%08x\n", req.addr); -- req.addr = pool_change(req.index, ntohl(req.addr), 1); -- return copy_to_user(user, &req, sizeof(req)); -- default: -- DP("ip_pool:getpool bad op %d\n", req.op); -- return -EINVAL; -- } -- return -EINVAL; -- --unlock_and_return_res: -- if (pool) -- read_unlock_bh(&pool->lock); -- return res; --} -- --static struct nf_sockopt_ops so_pool --= { { NULL, NULL }, PF_INET, -- SO_IP_POOL, SO_IP_POOL+1, &setpool, -- SO_IP_POOL, SO_IP_POOL+1, &getpool, -- 0, NULL }; -- --MODULE_PARM(nr_pool, "i"); -- --static int __init init(void) --{ -- ip_pool_t i; -- int res; -- -- if (nr_pool < 1) { -- printk("ip_pool module init: bad nr_pool %d\n", nr_pool); -- return -EINVAL; -- } -- POOL = kmalloc(nr_pool * sizeof(*POOL), GFP_KERNEL); -- if (!POOL) { -- printk("ip_pool module init: out of memory for nr_pool %d\n", -- nr_pool); -- return -ENOMEM; -- } -- for (i=0; i<nr_pool; i++) { -- POOL[i].first_ip = 0; -- POOL[i].last_ip = 0; -- POOL[i].members = 0; -- POOL[i].nr_use = 0; -- POOL[i].nr_match = 0; -- POOL[i].lock = RW_LOCK_UNLOCKED; -- } -- res = nf_register_sockopt(&so_pool); -- DP("ip_pool:init %d pools, result %d\n", nr_pool, res); -- if (res != 0) { -- kfree(POOL); -- POOL = 0; -- } -- return res; --} -- --static void __exit fini(void) --{ -- ip_pool_t i; -- -- DP("ip_pool:fini BYEBYE\n"); -- nf_unregister_sockopt(&so_pool); -- for (i=0; i<nr_pool; i++) { -- if (POOL[i].members) { -- kfree(POOL[i].members); -- POOL[i].members = 0; -- } -- } -- kfree(POOL); -- POOL = 0; -- DP("ip_pool:fini these are the famous last words\n"); -- return; --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv4/netfilter/ip_tables.c linux.stock/net/ipv4/netfilter/ip_tables.c ---- linux/net/ipv4/netfilter/ip_tables.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ip_tables.c 2004-05-09 04:13:03.000000000 -0400 -@@ -62,6 +62,11 @@ - #include <linux/netfilter_ipv4/lockhelp.h> - #include <linux/netfilter_ipv4/listhelp.h> - -+#if 0 -+/* All the better to debug you with... */ -+#define static -+#define inline -+#endif - - /* Locking is simple: we assume at worst case there will be one packet - in user context and one from bottom halves (or soft irq if Alexey's -@@ -83,6 +88,7 @@ - { - /* Size per table */ - unsigned int size; -+ /* Number of entries: FIXME. --RR */ - unsigned int number; - /* Initial number of entries. Needed for module usage count */ - unsigned int initial_entries; -@@ -106,6 +112,11 @@ - #define TABLE_OFFSET(t,p) 0 - #endif - -+#if 0 -+#define down(x) do { printk("DOWN:%u:" #x "\n", __LINE__); down(x); } while(0) -+#define down_interruptible(x) ({ int __r; printk("DOWNi:%u:" #x "\n", __LINE__); __r = down_interruptible(x); if (__r != 0) printk("ABORT-DOWNi:%u\n", __LINE__); __r; }) -+#define up(x) do { printk("UP:%u:" #x "\n", __LINE__); up(x); } while(0) -+#endif - - /* Returns whether matches rule or not. */ - static inline int -@@ -408,6 +419,12 @@ - { - void *ret; - -+#if 0 -+ duprintf("find_inlist: searching for `%s' in %s.\n", -+ name, head == &ipt_target ? "ipt_target" -+ : head == &ipt_match ? "ipt_match" -+ : head == &ipt_tables ? "ipt_tables" : "UNKNOWN"); -+#endif - - *error = down_interruptible(mutex); - if (*error != 0) -@@ -745,6 +762,8 @@ - newinfo->underflow[h] = underflows[h]; - } - -+ /* FIXME: underflows must be unconditional, standard verdicts -+ < 0 (not IPT_RETURN). --RR */ - - /* Clear counters and comefrom */ - e->counters = ((struct ipt_counters) { 0, 0 }); -@@ -957,6 +976,7 @@ - goto free_counters; - } - -+ /* FIXME: use iterator macros --RR */ - /* ... then go back and fix counters and names */ - for (off = 0, num = 0; off < total_size; off += e->next_offset, num++){ - unsigned int i; -@@ -1134,6 +1154,14 @@ - const struct ipt_counters addme[], - unsigned int *i) - { -+#if 0 -+ duprintf("add_counter: Entry %u %lu/%lu + %lu/%lu\n", -+ *i, -+ (long unsigned int)e->counters.pcnt, -+ (long unsigned int)e->counters.bcnt, -+ (long unsigned int)addme[*i].pcnt, -+ (long unsigned int)addme[*i].bcnt); -+#endif - - ADD_COUNTER(e->counters, addme[*i].bcnt, addme[*i].pcnt); - -@@ -1495,6 +1523,7 @@ - return 0; - } - -+ /* FIXME: Try tcp doff >> packet len against various stacks --RR */ - - #define FWINVTCP(bool,invflg) ((bool) ^ !!(tcpinfo->invflags & invflg)) - -@@ -1670,15 +1699,14 @@ - = { { NULL, NULL }, "icmp", &icmp_match, &icmp_checkentry, NULL }; - - #ifdef CONFIG_PROC_FS --static inline int print_name(const char *i, -+static inline int print_name(const struct ipt_table *t, - off_t start_offset, char *buffer, int length, - off_t *pos, unsigned int *count) - { - if ((*count)++ >= start_offset) { - unsigned int namelen; - -- namelen = sprintf(buffer + *pos, "%s\n", -- i + sizeof(struct list_head)); -+ namelen = sprintf(buffer + *pos, "%s\n", t->name); - if (*pos + namelen > length) { - /* Stop iterating */ - return 1; -@@ -1696,7 +1724,7 @@ - if (down_interruptible(&ipt_mutex) != 0) - return 0; - -- LIST_FIND(&ipt_tables, print_name, void *, -+ LIST_FIND(&ipt_tables, print_name, struct ipt_table *, - offset, buffer, length, &pos, &count); - - up(&ipt_mutex); -@@ -1705,46 +1733,6 @@ - *start=(char *)((unsigned long)count-offset); - return pos; - } -- --static int ipt_get_targets(char *buffer, char **start, off_t offset, int length) --{ -- off_t pos = 0; -- unsigned int count = 0; -- -- if (down_interruptible(&ipt_mutex) != 0) -- return 0; -- -- LIST_FIND(&ipt_target, print_name, void *, -- offset, buffer, length, &pos, &count); -- -- up(&ipt_mutex); -- -- *start = (char *)((unsigned long)count - offset); -- return pos; --} -- --static int ipt_get_matches(char *buffer, char **start, off_t offset, int length) --{ -- off_t pos = 0; -- unsigned int count = 0; -- -- if (down_interruptible(&ipt_mutex) != 0) -- return 0; -- -- LIST_FIND(&ipt_match, print_name, void *, -- offset, buffer, length, &pos, &count); -- -- up(&ipt_mutex); -- -- *start = (char *)((unsigned long)count - offset); -- return pos; --} -- --static struct { char *name; get_info_t *get_info; } ipt_proc_entry[] = --{ { "ip_tables_names", ipt_get_tables }, -- { "ip_tables_targets", ipt_get_targets }, -- { "ip_tables_matches", ipt_get_matches }, -- { NULL, NULL} }; - #endif /*CONFIG_PROC_FS*/ - - static int __init init(void) -@@ -1770,20 +1758,14 @@ - #ifdef CONFIG_PROC_FS - { - struct proc_dir_entry *proc; -- int i; - -- for (i = 0; ipt_proc_entry[i].name; i++) { -- proc = proc_net_create(ipt_proc_entry[i].name, 0, -- ipt_proc_entry[i].get_info); -+ proc = proc_net_create("ip_tables_names", 0, ipt_get_tables); - if (!proc) { -- while (--i >= 0) -- proc_net_remove(ipt_proc_entry[i].name); - nf_unregister_sockopt(&ipt_sockopts); - return -ENOMEM; - } - proc->owner = THIS_MODULE; - } -- } - #endif - - printk("ip_tables: (C) 2000-2002 Netfilter core team\n"); -@@ -1794,11 +1776,7 @@ - { - nf_unregister_sockopt(&ipt_sockopts); - #ifdef CONFIG_PROC_FS -- { -- int i; -- for (i = 0; ipt_proc_entry[i].name; i++) -- proc_net_remove(ipt_proc_entry[i].name); -- } -+ proc_net_remove("ip_tables_names"); - #endif - } - -diff -Nurb linux/net/ipv4/netfilter/ipchains_core.c linux.stock/net/ipv4/netfilter/ipchains_core.c ---- linux/net/ipv4/netfilter/ipchains_core.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipchains_core.c 2004-05-09 04:13:03.000000000 -0400 -@@ -977,10 +977,17 @@ - || ftmp->ipfw.fw_dst.s_addr!=frwl->ipfw.fw_dst.s_addr - || ftmp->ipfw.fw_smsk.s_addr!=frwl->ipfw.fw_smsk.s_addr - || ftmp->ipfw.fw_dmsk.s_addr!=frwl->ipfw.fw_dmsk.s_addr -+#if 0 -+ || ftmp->ipfw.fw_flg!=frwl->ipfw.fw_flg -+#else - || ((ftmp->ipfw.fw_flg & ~IP_FW_F_MARKABS) - != (frwl->ipfw.fw_flg & ~IP_FW_F_MARKABS)) -+#endif - || ftmp->ipfw.fw_invflg!=frwl->ipfw.fw_invflg - || ftmp->ipfw.fw_proto!=frwl->ipfw.fw_proto -+#if 0 -+ || ftmp->ipfw.fw_mark!=frwl->ipfw.fw_mark -+#endif - || ftmp->ipfw.fw_redirpt!=frwl->ipfw.fw_redirpt - || ftmp->ipfw.fw_spts[0]!=frwl->ipfw.fw_spts[0] - || ftmp->ipfw.fw_spts[1]!=frwl->ipfw.fw_spts[1] -@@ -1566,6 +1573,7 @@ - ) - { - #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,29) -+ /* FIXME: No more `atomic' read and reset. Wonderful 8-( --RR */ - int reset = 0; - #endif - struct ip_chain *i; -diff -Nurb linux/net/ipv4/netfilter/ipfwadm_core.c linux.stock/net/ipv4/netfilter/ipfwadm_core.c ---- linux/net/ipv4/netfilter/ipfwadm_core.c 2003-10-14 04:09:33.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipfwadm_core.c 2004-05-09 04:13:03.000000000 -0400 -@@ -20,7 +20,7 @@ - * license in recognition of the original copyright. - * -- Alan Cox. - * -- * $Id: ipfwadm_core.c,v 1.1.1.4 2003/10/14 08:09:33 sparq Exp $ -+ * $Id: ipfwadm_core.c,v 1.9.2.2 2002/01/24 15:50:42 davem Exp $ - * - * Ported from BSD to Linux, - * Alan Cox 22/Nov/1994. -@@ -1205,6 +1205,7 @@ - ) - { - #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,29) -+ /* FIXME: No more `atomic' read and reset. Wonderful 8-( --RR */ - int reset = 0; - #endif - return ip_chain_procinfo(IP_FW_ACCT, buffer,start, offset,length, -@@ -1223,6 +1224,7 @@ - ) - { - #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,29) -+ /* FIXME: No more `atomic' read and reset. Wonderful 8-( --RR */ - int reset = 0; - #endif - return ip_chain_procinfo(IP_FW_IN, buffer,start,offset,length, -@@ -1237,6 +1239,7 @@ - ) - { - #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,29) -+ /* FIXME: No more `atomic' read and reset. Wonderful 8-( --RR */ - int reset = 0; - #endif - return ip_chain_procinfo(IP_FW_OUT, buffer,start,offset,length, -@@ -1251,6 +1254,7 @@ - ) - { - #if LINUX_VERSION_CODE >= KERNEL_VERSION(2,3,29) -+ /* FIXME: No more `atomic' read and reset. Wonderful 8-( --RR */ - int reset = 0; - #endif - return ip_chain_procinfo(IP_FW_FWD, buffer,start,offset,length, -diff -Nurb linux/net/ipv4/netfilter/ipt_ECN.c linux.stock/net/ipv4/netfilter/ipt_ECN.c ---- linux/net/ipv4/netfilter/ipt_ECN.c 2003-10-14 04:02:57.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipt_ECN.c 2004-05-09 04:13:03.000000000 -0400 -@@ -87,8 +87,8 @@ - } - - if (diffs[0] != *tcpflags) { -- diffs[0] = diffs[0] ^ 0xFFFF; -- diffs[1] = *tcpflags; -+ diffs[0] = htons(diffs[0]) ^ 0xFFFF; -+ diffs[1] = htons(*tcpflags); - tcph->check = csum_fold(csum_partial((char *)diffs, - sizeof(diffs), - tcph->check^0xFFFF)); -diff -Nurb linux/net/ipv4/netfilter/ipt_LOG.c linux.stock/net/ipv4/netfilter/ipt_LOG.c ---- linux/net/ipv4/netfilter/ipt_LOG.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipt_LOG.c 2004-05-09 04:13:03.000000000 -0400 -@@ -14,11 +14,15 @@ - #include <net/route.h> - #include <linux/netfilter_ipv4/ipt_LOG.h> - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - struct esphdr { - __u32 spi; --}; -+}; /* FIXME evil kludge */ - - /* Use lock to serialize, so printks don't overlap */ - static spinlock_t log_lock = SPIN_LOCK_UNLOCKED; -diff -Nurb linux/net/ipv4/netfilter/ipt_REJECT.c linux.stock/net/ipv4/netfilter/ipt_REJECT.c ---- linux/net/ipv4/netfilter/ipt_REJECT.c 2003-07-04 04:12:31.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipt_REJECT.c 2004-05-09 04:13:03.000000000 -0400 -@@ -6,8 +6,6 @@ - #include <linux/module.h> - #include <linux/skbuff.h> - #include <linux/ip.h> --#include <linux/udp.h> --#include <linux/icmp.h> - #include <net/icmp.h> - #include <net/ip.h> - #include <net/tcp.h> -@@ -16,7 +14,11 @@ - #include <linux/netfilter_ipv4/ip_tables.h> - #include <linux/netfilter_ipv4/ipt_REJECT.h> - -+#if 0 -+#define DEBUGP printk -+#else - #define DEBUGP(format, args...) -+#endif - - /* If the original packet is part of a connection, but the connection - is not confirmed, our manufactured reply will not be associated -@@ -155,7 +157,6 @@ - static void send_unreach(struct sk_buff *skb_in, int code) - { - struct iphdr *iph; -- struct udphdr *udph; - struct icmphdr *icmph; - struct sk_buff *nskb; - u32 saddr; -@@ -167,6 +168,7 @@ - if (!rt) - return; - -+ /* FIXME: Use sysctl number. --RR */ - if (!xrlim_allow(&rt->u.dst, 1*HZ)) - return; - -@@ -184,19 +186,6 @@ - if (iph->frag_off&htons(IP_OFFSET)) - return; - -- /* if UDP checksum is set, verify it's correct */ -- if (iph->protocol == IPPROTO_UDP -- && skb_in->tail-(u8*)iph >= sizeof(struct udphdr)) { -- int datalen = skb_in->len - (iph->ihl<<2); -- udph = (struct udphdr *)((char *)iph + (iph->ihl<<2)); -- if (udph->check -- && csum_tcpudp_magic(iph->saddr, iph->daddr, -- datalen, IPPROTO_UDP, -- csum_partial((char *)udph, datalen, -- 0)) != 0) -- return; -- } -- - /* If we send an ICMP error to an ICMP error a mess would result.. */ - if (iph->protocol == IPPROTO_ICMP - && skb_in->tail-(u8*)iph >= sizeof(struct icmphdr)) { -@@ -271,6 +260,7 @@ - /* Copy as much of original packet as will fit */ - data = skb_put(nskb, - length - sizeof(struct iphdr) - sizeof(struct icmphdr)); -+ /* FIXME: won't work with nonlinear skbs --RR */ - memcpy(data, skb_in->nh.iph, - length - sizeof(struct iphdr) - sizeof(struct icmphdr)); - icmph->checksum = ip_compute_csum((unsigned char *)icmph, -diff -Nurb linux/net/ipv4/netfilter/ipt_ULOG.c linux.stock/net/ipv4/netfilter/ipt_ULOG.c ---- linux/net/ipv4/netfilter/ipt_ULOG.c 2003-07-04 04:12:32.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipt_ULOG.c 2004-05-09 04:13:03.000000000 -0400 -@@ -12,7 +12,6 @@ - * module loadtime -HW - * 2002/07/07 remove broken nflog_rcv() function -HW - * 2002/08/29 fix shifted/unshifted nlgroup bug -HW -- * 2002/10/30 fix uninitialized mac_len field - <Anders K. Pedersen> - * - * Released under the terms of the GPL - * -@@ -32,7 +31,7 @@ - * Specify, after how many clock ticks (intel: 100 per second) the queue - * should be flushed even if it is not full yet. - * -- * ipt_ULOG.c,v 1.22 2002/10/30 09:07:31 laforge Exp -+ * ipt_ULOG.c,v 1.21 2002/08/29 10:54:34 laforge Exp - */ - - #include <linux/module.h> -@@ -60,7 +59,12 @@ - #define ULOG_NL_EVENT 111 /* Harald's favorite number */ - #define ULOG_MAXNLGROUPS 32 /* numer of nlgroups */ - -+#if 0 -+#define DEBUGP(format, args...) printk(__FILE__ ":" __FUNCTION__ ":" \ -+ format, ## args) -+#else - #define DEBUGP(format, args...) -+#endif - - #define PRINTR(format, args...) do { if (net_ratelimit()) printk(format, ## args); } while (0) - -@@ -220,8 +224,7 @@ - && in->hard_header_len <= ULOG_MAC_LEN) { - memcpy(pm->mac, (*pskb)->mac.raw, in->hard_header_len); - pm->mac_len = in->hard_header_len; -- } else -- pm->mac_len = 0; -+ } - - if (in) - strncpy(pm->indev_name, in->name, sizeof(pm->indev_name)); -diff -Nurb linux/net/ipv4/netfilter/ipt_multiport.c linux.stock/net/ipv4/netfilter/ipt_multiport.c ---- linux/net/ipv4/netfilter/ipt_multiport.c 2003-07-04 04:12:32.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipt_multiport.c 2004-05-09 04:13:03.000000000 -0400 -@@ -8,7 +8,11 @@ - #include <linux/netfilter_ipv4/ipt_multiport.h> - #include <linux/netfilter_ipv4/ip_tables.h> - -+#if 0 -+#define duprintf(format, args...) printk(format , ## args) -+#else - #define duprintf(format, args...) -+#endif - - /* Returns 1 if the port is matched by the test, 0 otherwise. */ - static inline int -@@ -74,7 +78,7 @@ - - /* Must specify proto == TCP/UDP, no unknown flags or bad count */ - return (ip->proto == IPPROTO_TCP || ip->proto == IPPROTO_UDP) -- && !(ip->invflags & IPT_INV_PROTO) -+ && !(ip->flags & IPT_INV_PROTO) - && matchsize == IPT_ALIGN(sizeof(struct ipt_multiport)) - && (multiinfo->flags == IPT_MULTIPORT_SOURCE - || multiinfo->flags == IPT_MULTIPORT_DESTINATION -diff -Nurb linux/net/ipv4/netfilter/ipt_pool.c linux.stock/net/ipv4/netfilter/ipt_pool.c ---- linux/net/ipv4/netfilter/ipt_pool.c 2003-07-04 04:12:32.000000000 -0400 -+++ linux.stock/net/ipv4/netfilter/ipt_pool.c 1969-12-31 19:00:00.000000000 -0500 -@@ -1,71 +0,0 @@ --/* Kernel module to match an IP address pool. */ -- --#include <linux/module.h> --#include <linux/ip.h> --#include <linux/skbuff.h> -- --#include <linux/netfilter_ipv4/ip_tables.h> --#include <linux/netfilter_ipv4/ip_pool.h> --#include <linux/netfilter_ipv4/ipt_pool.h> -- --static inline int match_pool( -- ip_pool_t index, -- __u32 addr, -- int inv --) { -- if (ip_pool_match(index, ntohl(addr))) -- inv = !inv; -- return inv; --} -- --static int match( -- const struct sk_buff *skb, -- const struct net_device *in, -- const struct net_device *out, -- const void *matchinfo, -- int offset, -- const void *hdr, -- u_int16_t datalen, -- int *hotdrop --) { -- const struct ipt_pool_info *info = matchinfo; -- const struct iphdr *iph = skb->nh.iph; -- -- if (info->src != IP_POOL_NONE && !match_pool(info->src, iph->saddr, -- info->flags&IPT_POOL_INV_SRC)) -- return 0; -- -- if (info->dst != IP_POOL_NONE && !match_pool(info->dst, iph->daddr, -- info->flags&IPT_POOL_INV_DST)) -- return 0; -- -- return 1; --} -- --static int checkentry( -- const char *tablename, -- const struct ipt_ip *ip, -- void *matchinfo, -- unsigned int matchsize, -- unsigned int hook_mask --) { -- if (matchsize != IPT_ALIGN(sizeof(struct ipt_pool_info))) -- return 0; -- return 1; --} -- --static struct ipt_match pool_match --= { { NULL, NULL }, "pool", &match, &checkentry, NULL, THIS_MODULE }; -- --static int __init init(void) --{ -- return ipt_register_match(&pool_match); --} -- --static void __exit fini(void) --{ -- ipt_unregister_match(&pool_match); --} -- --module_init(init); --module_exit(fini); -diff -Nurb linux/net/ipv6/mcast.c linux.stock/net/ipv6/mcast.c ---- linux/net/ipv6/mcast.c 2003-10-14 04:09:34.000000000 -0400 -+++ linux.stock/net/ipv6/mcast.c 2004-05-09 04:13:22.000000000 -0400 -@@ -5,7 +5,7 @@ - * Authors: - * Pedro Roque <roque@di.fc.ul.pt> - * -- * $Id: mcast.c,v 1.1.1.4 2003/10/14 08:09:34 sparq Exp $ -+ * $Id: mcast.c,v 1.38 2001/08/15 07:36:31 davem Exp $ - * - * Based on linux/ipv4/igmp.c and linux/ipv4/ip_sockglue.c - * ---- linux/include/linux/ppp-comp.h 2004-08-16 20:58:32.089851872 -0400 -+++ linux.stock/include/linux/ppp-comp.h 2004-08-16 20:59:48.217278744 -0400 -@@ -24,7 +24,7 @@ - * OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, - * OR MODIFICATIONS. - * -- * $Id: ppp-comp.h,v 1.1.1.4 2003/10/14 08:09:26 sparq Exp $ -+ * $Id: ppp-comp.h,v 1.6 1997/11/27 06:04:44 paulus Exp $ - */ - - /* diff --git a/obsolete-buildroot/sources/openwrt/kernel/netfilter/patches/110-conntrack_setting.patch b/obsolete-buildroot/sources/openwrt/kernel/netfilter/patches/110-conntrack_setting.patch deleted file mode 100644 index 87be89d..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/netfilter/patches/110-conntrack_setting.patch +++ /dev/null @@ -1,20 +0,0 @@ ---- ../../buildroot-unpacked/build_mipsel/linux/net/ipv4/netfilter/ip_conntrack_core.c 2004-11-28 22:59:36.000000000 -0500 -+++ linux/net/ipv4/netfilter/ip_conntrack_core.c 2004-11-30 05:05:32.000000000 -0500 -@@ -1386,7 +1386,7 @@ - nf_unregister_sockopt(&so_getorigdst); - } - --static int hashsize = 0; -+static int hashsize = 5953 - MODULE_PARM(hashsize, "i"); - - int __init ip_conntrack_init(void) -@@ -1407,7 +1407,7 @@ - if (ip_conntrack_htable_size < 16) - ip_conntrack_htable_size = 16; - } -- ip_conntrack_max = 8 * ip_conntrack_htable_size; -+ ip_conntrack_max = ip_conntrack_htable_size; - - printk("ip_conntrack version %s (%u buckets, %d max)" - " - %Zd bytes per conntrack\n", IP_CONNTRACK_VERSION, diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/110-sch_htb.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/110-sch_htb.patch deleted file mode 100644 index 3c9a50e..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/patches/110-sch_htb.patch +++ /dev/null @@ -1,570 +0,0 @@ ---- linux/net/sched/sch_htb.c 2003-10-14 01:09:35.000000000 -0700 -+++ linux.2.4.26/net/sched/sch_htb.c 2004-05-10 00:05:51.000000000 -0700 -@@ -9,6 +9,8 @@ - * Authors: Martin Devera, <devik@cdi.cz> - * - * Credits (in time order) for older HTB versions: -+ * Stef Coene <stef.coene@docum.org> -+ * HTB support at LARTC mailing list - * Ondrej Kraus, <krauso@barr.cz> - * found missing INIT_QDISC(htb) - * Vladimir Smelhaus, Aamer Akhter, Bert Hubert -@@ -17,9 +19,13 @@ - * code review and helpful comments on shaping - * Tomasz Wrona, <tw@eter.tym.pl> - * created test case so that I was able to fix nasty bug -+ * Wilfried Weissmann -+ * spotted bug in dequeue code and helped with fix -+ * Jiri Fojtasek -+ * fixed requeue routine - * and many others. thanks. - * -- * $Id: sch_htb.c,v 1.1.1.4 2003/10/14 08:09:35 sparq Exp $ -+ * $Id: sch_htb.c,v 1.25 2003/12/07 11:08:25 devik Exp devik $ - */ - #include <linux/config.h> - #include <linux/module.h> -@@ -71,16 +77,12 @@ - #define HTB_HYSTERESIS 1/* whether to use mode hysteresis for speedup */ - #define HTB_QLOCK(S) spin_lock_bh(&(S)->dev->queue_lock) - #define HTB_QUNLOCK(S) spin_unlock_bh(&(S)->dev->queue_lock) --#define HTB_VER 0x30007 /* major must be matched with number suplied by TC as version */ -+#define HTB_VER 0x30010 /* major must be matched with number suplied by TC as version */ - - #if HTB_VER >> 16 != TC_HTB_PROTOVER - #error "Mismatched sch_htb.c and pkt_sch.h" - #endif - --/* temporary debug defines to be removed after beta stage */ --#define DEVIK_MEND(N) --#define DEVIK_MSTART(N) -- - /* debugging support; S is subsystem, these are defined: - 0 - netlink messages - 1 - enqueue -@@ -100,13 +102,16 @@ - from LSB - */ - #ifdef HTB_DEBUG --#define HTB_DBG(S,L,FMT,ARG...) if (((q->debug>>(2*S))&3) >= L) \ -+#define HTB_DBG_COND(S,L) (((q->debug>>(2*S))&3) >= L) -+#define HTB_DBG(S,L,FMT,ARG...) if (HTB_DBG_COND(S,L)) \ - printk(KERN_DEBUG FMT,##ARG) - #define HTB_CHCL(cl) BUG_TRAP((cl)->magic == HTB_CMAGIC) - #define HTB_PASSQ q, - #define HTB_ARGQ struct htb_sched *q, - #define static -+#undef __inline__ - #define __inline__ -+#undef inline - #define inline - #define HTB_CMAGIC 0xFEFAFEF1 - #define htb_safe_rb_erase(N,R) do { BUG_TRAP((N)->rb_color != -1); \ -@@ -114,6 +119,7 @@ - rb_erase(N,R); \ - (N)->rb_color = -1; } while (0) - #else -+#define HTB_DBG_COND(S,L) (0) - #define HTB_DBG(S,L,FMT,ARG...) - #define HTB_PASSQ - #define HTB_ARGQ -@@ -219,6 +225,9 @@ - /* time of nearest event per level (row) */ - unsigned long near_ev_cache[TC_HTB_MAXDEPTH]; - -+ /* cached value of jiffies in dequeue */ -+ unsigned long jiffies; -+ - /* whether we hit non-work conserving class during this dequeue; we use */ - int nwc_hit; /* this to disable mindelay complaint in dequeue */ - -@@ -297,7 +306,7 @@ - rules in it */ - if (skb->priority == sch->handle) - return HTB_DIRECT; /* X:0 (direct flow) selected */ -- if ((cl = htb_find(skb->priority,sch)) != NULL) -+ if ((cl = htb_find(skb->priority,sch)) != NULL && cl->level == 0) - return cl; - - tcf = q->filter_list; -@@ -338,7 +347,7 @@ - static void htb_debug_dump (struct htb_sched *q) - { - int i,p; -- printk(KERN_DEBUG "htb*g j=%lu\n",jiffies); -+ printk(KERN_DEBUG "htb*g j=%lu lj=%lu\n",jiffies,q->jiffies); - /* rows */ - for (i=TC_HTB_MAXDEPTH-1;i>=0;i--) { - printk(KERN_DEBUG "htb*r%d m=%x",i,q->row_mask[i]); -@@ -421,26 +430,24 @@ - if ((delay <= 0 || delay > cl->mbuffer) && net_ratelimit()) - printk(KERN_ERR "HTB: suspicious delay in wait_tree d=%ld cl=%X h=%d\n",delay,cl->classid,debug_hint); - #endif -- DEVIK_MSTART(9); -- cl->pq_key = jiffies + PSCHED_US2JIFFIE(delay); -- if (cl->pq_key == jiffies) -+ cl->pq_key = q->jiffies + PSCHED_US2JIFFIE(delay); -+ if (cl->pq_key == q->jiffies) - cl->pq_key++; - - /* update the nearest event cache */ -- if (q->near_ev_cache[cl->level] - cl->pq_key < 0x80000000) -+ if (time_after(q->near_ev_cache[cl->level], cl->pq_key)) - q->near_ev_cache[cl->level] = cl->pq_key; - - while (*p) { - struct htb_class *c; parent = *p; - c = rb_entry(parent, struct htb_class, pq_node); -- if (cl->pq_key - c->pq_key < 0x80000000) -+ if (time_after_eq(cl->pq_key, c->pq_key)) - p = &parent->rb_right; - else - p = &parent->rb_left; - } - rb_link_node(&cl->pq_node, parent, p); - rb_insert_color(&cl->pq_node, &q->wait_pq[cl->level]); -- DEVIK_MEND(9); - } - - /** -@@ -453,12 +460,14 @@ - { - rb_node_t *p; - if ((*n)->rb_right) { -+ /* child at right. use it or its leftmost ancestor */ - *n = (*n)->rb_right; - while ((*n)->rb_left) - *n = (*n)->rb_left; - return; - } - while ((p = (*n)->rb_parent) != NULL) { -+ /* if we've arrived from left child then we have next node */ - if (p->rb_left == *n) break; - *n = p; - } -@@ -602,7 +611,7 @@ - long toks; - - if ((toks = (cl->ctokens + *diff)) < ( --#ifdef HTB_HYSTERESIS -+#if HTB_HYSTERESIS - cl->cmode != HTB_CANT_SEND ? -cl->cbuffer : - #endif - 0)) { -@@ -610,7 +619,7 @@ - return HTB_CANT_SEND; - } - if ((toks = (cl->tokens + *diff)) >= ( --#ifdef HTB_HYSTERESIS -+#if HTB_HYSTERESIS - cl->cmode == HTB_CAN_SEND ? -cl->buffer : - #endif - 0)) -@@ -689,7 +698,6 @@ - struct htb_sched *q = (struct htb_sched *)sch->data; - struct htb_class *cl = htb_classify(skb,sch); - -- DEVIK_MSTART(0); - if (cl == HTB_DIRECT || !cl) { - /* enqueue to helper queue */ - if (q->direct_queue.qlen < q->direct_qlen && cl) { -@@ -698,25 +706,20 @@ - } else { - kfree_skb (skb); - sch->stats.drops++; -- DEVIK_MEND(0); - return NET_XMIT_DROP; - } - } else if (cl->un.leaf.q->enqueue(skb, cl->un.leaf.q) != NET_XMIT_SUCCESS) { - sch->stats.drops++; - cl->stats.drops++; -- DEVIK_MEND(0); - return NET_XMIT_DROP; - } else { - cl->stats.packets++; cl->stats.bytes += skb->len; -- DEVIK_MSTART(1); - htb_activate (q,cl); -- DEVIK_MEND(1); - } - - sch->q.qlen++; - sch->stats.packets++; sch->stats.bytes += skb->len; -- HTB_DBG(1,1,"htb_enq_ok cl=%X skb=%p\n",cl?cl->classid:0,skb); -- DEVIK_MEND(0); -+ HTB_DBG(1,1,"htb_enq_ok cl=%X skb=%p\n",(cl && cl != HTB_DIRECT)?cl->classid:0,skb); - return NET_XMIT_SUCCESS; - } - -@@ -725,16 +728,18 @@ - { - struct htb_sched *q = (struct htb_sched *)sch->data; - struct htb_class *cl = htb_classify(skb,sch); -+ struct sk_buff *tskb; - - if (cl == HTB_DIRECT || !cl) { - /* enqueue to helper queue */ - if (q->direct_queue.qlen < q->direct_qlen && cl) { -- __skb_queue_tail(&q->direct_queue, skb); -- q->direct_pkts++; -+ __skb_queue_head(&q->direct_queue, skb); - } else { -- kfree_skb (skb); -- sch->stats.drops++; -- return NET_XMIT_DROP; -+ __skb_queue_head(&q->direct_queue, skb); -+ tskb = __skb_dequeue_tail(&q->direct_queue); -+ kfree_skb (tskb); -+ sch->stats.drops++; -+ return NET_XMIT_CN; - } - } else if (cl->un.leaf.q->ops->requeue(skb, cl->un.leaf.q) != NET_XMIT_SUCCESS) { - sch->stats.drops++; -@@ -744,7 +749,7 @@ - htb_activate (q,cl); - - sch->q.qlen++; -- HTB_DBG(1,1,"htb_req_ok cl=%X skb=%p\n",cl?cl->classid:0,skb); -+ HTB_DBG(1,1,"htb_req_ok cl=%X skb=%p\n",(cl && cl != HTB_DIRECT)?cl->classid:0,skb); - return NET_XMIT_SUCCESS; - } - -@@ -819,7 +824,7 @@ - cl->classid, diff, - (unsigned long long) q->now, - (unsigned long long) cl->t_c, -- jiffies); -+ q->jiffies); - diff = 1000; - } - #endif -@@ -862,6 +867,7 @@ - * - * Scans event queue for pending events and applies them. Returns jiffies to - * next pending event (0 for no event in pq). -+ * Note: Aplied are events whose have cl->pq_key <= jiffies. - */ - static long htb_do_events(struct htb_sched *q,int level) - { -@@ -876,9 +882,9 @@ - while (p->rb_left) p = p->rb_left; - - cl = rb_entry(p, struct htb_class, pq_node); -- if (cl->pq_key - (jiffies+1) < 0x80000000) { -- HTB_DBG(8,3,"htb_do_ev_ret delay=%ld\n",cl->pq_key - jiffies); -- return cl->pq_key - jiffies; -+ if (time_after(cl->pq_key, q->jiffies)) { -+ HTB_DBG(8,3,"htb_do_ev_ret delay=%ld\n",cl->pq_key - q->jiffies); -+ return cl->pq_key - q->jiffies; - } - htb_safe_rb_erase(p,q->wait_pq+level); - diff = PSCHED_TDIFF_SAFE(q->now, cl->t_c, (u32)cl->mbuffer, 0); -@@ -889,7 +895,7 @@ - cl->classid, diff, - (unsigned long long) q->now, - (unsigned long long) cl->t_c, -- jiffies); -+ q->jiffies); - diff = 1000; - } - #endif -@@ -916,6 +922,7 @@ - rb_node_t **pptr; - } stk[TC_HTB_MAXDEPTH],*sp = stk; - -+ BUG_TRAP(tree->rb_node); - sp->root = tree->rb_node; - sp->pptr = pptr; - -@@ -949,16 +956,36 @@ - htb_dequeue_tree(struct htb_sched *q,int prio,int level) - { - struct sk_buff *skb = NULL; -- //struct htb_sched *q = (struct htb_sched *)sch->data; - struct htb_class *cl,*start; - /* look initial class up in the row */ -- DEVIK_MSTART(6); - start = cl = htb_lookup_leaf (q->row[level]+prio,prio,q->ptr[level]+prio); - - do { -- BUG_TRAP(cl && cl->un.leaf.q->q.qlen); if (!cl) return NULL; -+next: -+ BUG_TRAP(cl); -+ if (!cl) return NULL; - HTB_DBG(4,1,"htb_deq_tr prio=%d lev=%d cl=%X defic=%d\n", - prio,level,cl->classid,cl->un.leaf.deficit[level]); -+ -+ /* class can be empty - it is unlikely but can be true if leaf -+ qdisc drops packets in enqueue routine or if someone used -+ graft operation on the leaf since last dequeue; -+ simply deactivate and skip such class */ -+ if (unlikely(cl->un.leaf.q->q.qlen == 0)) { -+ struct htb_class *next; -+ htb_deactivate(q,cl); -+ -+ /* row/level might become empty */ -+ if ((q->row_mask[level] & (1 << prio)) == 0) -+ return NULL; -+ -+ next = htb_lookup_leaf (q->row[level]+prio, -+ prio,q->ptr[level]+prio); -+ if (cl == start) /* fix start if we just deleted it */ -+ start = next; -+ cl = next; -+ goto next; -+ } - - if (likely((skb = cl->un.leaf.q->dequeue(cl->un.leaf.q)) != NULL)) - break; -@@ -971,8 +998,6 @@ - cl = htb_lookup_leaf (q->row[level]+prio,prio,q->ptr[level]+prio); - } while (cl != start); - -- DEVIK_MEND(6); -- DEVIK_MSTART(7); - if (likely(skb != NULL)) { - if ((cl->un.leaf.deficit[level] -= skb->len) < 0) { - HTB_DBG(4,2,"htb_next_cl oldptr=%p quant_add=%d\n", -@@ -984,11 +1009,8 @@ - gives us slightly better performance */ - if (!cl->un.leaf.q->q.qlen) - htb_deactivate (q,cl); -- DEVIK_MSTART(8); - htb_charge_class (q,cl,level,skb->len); -- DEVIK_MEND(8); - } -- DEVIK_MEND(7); - return skb; - } - -@@ -1002,9 +1024,8 @@ - printk(KERN_INFO "HTB delay %ld > 5sec\n", delay); - delay = 5*HZ; - } -- del_timer(&q->timer); -- q->timer.expires = jiffies + delay; -- add_timer(&q->timer); -+ /* why don't use jiffies here ? because expires can be in past */ -+ mod_timer(&q->timer, q->jiffies + delay); - sch->flags |= TCQ_F_THROTTLED; - sch->stats.overlimits++; - HTB_DBG(3,1,"htb_deq t_delay=%ld\n",delay); -@@ -1016,7 +1037,11 @@ - struct htb_sched *q = (struct htb_sched *)sch->data; - int level; - long min_delay; -+#ifdef HTB_DEBUG -+ int evs_used = 0; -+#endif - -+ q->jiffies = jiffies; - HTB_DBG(3,1,"htb_deq dircnt=%d qlen=%d\n",skb_queue_len(&q->direct_queue), - sch->q.qlen); - -@@ -1027,27 +1052,26 @@ - return skb; - } - -- DEVIK_MSTART(2); - if (!sch->q.qlen) goto fin; - PSCHED_GET_TIME(q->now); - -- min_delay = HZ*5; -+ min_delay = LONG_MAX; - q->nwc_hit = 0; - for (level = 0; level < TC_HTB_MAXDEPTH; level++) { - /* common case optimization - skip event handler quickly */ - int m; - long delay; -- DEVIK_MSTART(3); -- if (jiffies - q->near_ev_cache[level] < 0x80000000 || 0) { -+ if (time_after_eq(q->jiffies, q->near_ev_cache[level])) { - delay = htb_do_events(q,level); -- q->near_ev_cache[level] += delay ? delay : HZ; -+ q->near_ev_cache[level] = q->jiffies + (delay ? delay : HZ); -+#ifdef HTB_DEBUG -+ evs_used++; -+#endif - } else -- delay = q->near_ev_cache[level] - jiffies; -+ delay = q->near_ev_cache[level] - q->jiffies; - - if (delay && min_delay > delay) - min_delay = delay; -- DEVIK_MEND(3); -- DEVIK_MSTART(5); - m = ~q->row_mask[level]; - while (m != (int)(-1)) { - int prio = ffz (m); -@@ -1056,29 +1080,29 @@ - if (likely(skb != NULL)) { - sch->q.qlen--; - sch->flags &= ~TCQ_F_THROTTLED; -- DEVIK_MEND(5); - goto fin; - } - } -- DEVIK_MEND(5); - } -- DEVIK_MSTART(4); - #ifdef HTB_DEBUG -- if (!q->nwc_hit && min_delay >= 5*HZ && net_ratelimit()) { -- printk(KERN_ERR "HTB: mindelay=%ld, report it please !\n",min_delay); -- htb_debug_dump(q); -+ if (!q->nwc_hit && min_delay >= 10*HZ && net_ratelimit()) { -+ if (min_delay == LONG_MAX) { -+ printk(KERN_ERR "HTB: dequeue bug (%d,%lu,%lu), report it please !\n", -+ evs_used,q->jiffies,jiffies); -+ htb_debug_dump(q); -+ } else -+ printk(KERN_WARNING "HTB: mindelay=%ld, some class has " -+ "too small rate\n",min_delay); - } - #endif -- htb_delay_by (sch,min_delay); -- DEVIK_MEND(4); -+ htb_delay_by (sch,min_delay > 5*HZ ? 5*HZ : min_delay); - fin: -- HTB_DBG(3,1,"htb_deq_end %s j=%lu skb=%p\n",sch->dev->name,jiffies,skb); -- DEVIK_MEND(2); -+ HTB_DBG(3,1,"htb_deq_end %s j=%lu skb=%p\n",sch->dev->name,q->jiffies,skb); - return skb; - } - - /* try to drop from each class (by prio) until one succeed */ --static int htb_drop(struct Qdisc* sch) -+static unsigned int htb_drop(struct Qdisc* sch) - { - struct htb_sched *q = (struct htb_sched *)sch->data; - int prio; -@@ -1086,14 +1110,15 @@ - for (prio = TC_HTB_NUMPRIO - 1; prio >= 0; prio--) { - struct list_head *p; - list_for_each (p,q->drops+prio) { -- struct htb_class *cl = list_entry(p,struct htb_class, -- un.leaf.drop_list); -+ struct htb_class *cl = list_entry(p, struct htb_class, -+ un.leaf.drop_list); -+ unsigned int len; - if (cl->un.leaf.q->ops->drop && -- cl->un.leaf.q->ops->drop(cl->un.leaf.q)) { -+ (len = cl->un.leaf.q->ops->drop(cl->un.leaf.q))) { - sch->q.qlen--; - if (!cl->un.leaf.q->q.qlen) - htb_deactivate (q,cl); -- return 1; -+ return len; - } - } - } -@@ -1208,7 +1233,8 @@ - gopt.direct_pkts = q->direct_pkts; - - #ifdef HTB_DEBUG -- htb_debug_dump(q); -+ if (HTB_DBG_COND(0,2)) -+ htb_debug_dump(q); - #endif - gopt.version = HTB_VER; - gopt.rate2quantum = q->rate2quantum; -@@ -1289,6 +1315,9 @@ - return -ENOBUFS; - sch_tree_lock(sch); - if ((*old = xchg(&cl->un.leaf.q, new)) != NULL) { -+ if (cl->prio_activity) -+ htb_deactivate ((struct htb_sched*)sch->data,cl); -+ - /* TODO: is it correct ? Why CBQ doesn't do it ? */ - sch->q.qlen -= (*old)->q.qlen; - qdisc_reset(*old); -@@ -1323,7 +1352,7 @@ - - while ((tp = *fl) != NULL) { - *fl = tp->next; -- tp->ops->destroy(tp); -+ tcf_destroy(tp); - } - } - -@@ -1371,11 +1400,16 @@ - #ifdef HTB_RATECM - del_timer_sync (&q->rttim); - #endif -+ /* This line used to be after htb_destroy_class call below -+ and surprisingly it worked in 2.4. But it must precede it -+ because filter need its target class alive to be able to call -+ unbind_filter on it (without Oops). */ -+ htb_destroy_filters(&q->filter_list); -+ - while (!list_empty(&q->root)) - htb_destroy_class (sch,list_entry(q->root.next, - struct htb_class,sibling)); - -- htb_destroy_filters(&q->filter_list); - __skb_queue_purge(&q->direct_queue); - MOD_DEC_USE_COUNT; - } -@@ -1438,12 +1472,13 @@ - parent = parentid == TC_H_ROOT ? NULL : htb_find (parentid,sch); - - hopt = RTA_DATA(tb[TCA_HTB_PARMS-1]); -- HTB_DBG(0,1,"htb_chg cl=%p, clid=%X, opt/prio=%d, rate=%u, buff=%d, quant=%d\n", cl,cl?cl->classid:0,(int)hopt->prio,hopt->rate.rate,hopt->buffer,hopt->quantum); -+ HTB_DBG(0,1,"htb_chg cl=%p(%X), clid=%X, parid=%X, opt/prio=%d, rate=%u, buff=%d, quant=%d\n", cl,cl?cl->classid:0,classid,parentid,(int)hopt->prio,hopt->rate.rate,hopt->buffer,hopt->quantum); - rtab = qdisc_get_rtab(&hopt->rate, tb[TCA_HTB_RTAB-1]); - ctab = qdisc_get_rtab(&hopt->ceil, tb[TCA_HTB_CTAB-1]); - if (!rtab || !ctab) goto failure; - - if (!cl) { /* new class */ -+ struct Qdisc *new_q; - /* check for valid classid */ - if (!classid || TC_H_MAJ(classid^sch->handle) || htb_find(classid,sch)) - goto failure; -@@ -1467,6 +1502,10 @@ - cl->magic = HTB_CMAGIC; - #endif - -+ /* create leaf qdisc early because it uses kmalloc(GFP_KERNEL) -+ so that can't be used inside of sch_tree_lock -+ -- thanks to Karlis Peisenieks */ -+ new_q = qdisc_create_dflt(sch->dev, &pfifo_qdisc_ops); - sch_tree_lock(sch); - if (parent && !parent->level) { - /* turn parent into inner node */ -@@ -1485,8 +1524,7 @@ - memset (&parent->un.inner,0,sizeof(parent->un.inner)); - } - /* leaf (we) needs elementary qdisc */ -- if (!(cl->un.leaf.q = qdisc_create_dflt(sch->dev, &pfifo_qdisc_ops))) -- cl->un.leaf.q = &noop_qdisc; -+ cl->un.leaf.q = new_q ? new_q : &noop_qdisc; - - cl->classid = classid; cl->parent = parent; - -@@ -1514,11 +1552,11 @@ - if (!cl->level) { - cl->un.leaf.quantum = rtab->rate.rate / q->rate2quantum; - if (!hopt->quantum && cl->un.leaf.quantum < 1000) { -- printk(KERN_WARNING "HTB: quantum of class %X is small. Consider r2q change.", cl->classid); -+ printk(KERN_WARNING "HTB: quantum of class %X is small. Consider r2q change.\n", cl->classid); - cl->un.leaf.quantum = 1000; - } - if (!hopt->quantum && cl->un.leaf.quantum > 200000) { -- printk(KERN_WARNING "HTB: quantum of class %X is big. Consider r2q change.", cl->classid); -+ printk(KERN_WARNING "HTB: quantum of class %X is big. Consider r2q change.\n", cl->classid); - cl->un.leaf.quantum = 200000; - } - if (hopt->quantum) ---- linux/include/net/pkt_cls.h 2003-07-04 01:12:28.000000000 -0700 -+++ linux.2.4.26/include/net/pkt_cls.h 2004-05-10 22:21:40.000000000 -0700 -@@ -77,7 +77,11 @@ - return -1; - } - -- -+static inline void tcf_destroy(struct tcf_proto *tp) -+{ -+ tp->ops->destroy(tp); -+ kfree(tp); -+} - - extern int register_tcf_proto_ops(struct tcf_proto_ops *ops); - extern int unregister_tcf_proto_ops(struct tcf_proto_ops *ops); diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/120-openwrt.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/120-openwrt.patch deleted file mode 100644 index 4e543de..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/patches/120-openwrt.patch +++ /dev/null @@ -1,2521 +0,0 @@ -diff -Nurb linux.orig/Makefile linux/Makefile ---- linux.orig/Makefile 2003-10-14 04:00:10.000000000 -0400 -+++ linux/Makefile 2004-05-25 21:12:24.000000000 -0400 -@@ -17,7 +17,7 @@ - FINDHPATH = $(HPATH)/asm $(HPATH)/linux $(HPATH)/scsi $(HPATH)/net $(HPATH)/math-emu - - HOSTCC = gcc --HOSTCFLAGS = -Wall -Wstrict-prototypes -O2 -fomit-frame-pointer -+HOSTCFLAGS = -Wall -Wstrict-prototypes -Os -fomit-frame-pointer - - CROSS_COMPILE = - -@@ -88,7 +88,7 @@ - - CPPFLAGS := -D__KERNEL__ -I$(HPATH) - --CFLAGS := $(CPPFLAGS) -Wall -Wstrict-prototypes -Wno-trigraphs -O2 \ -+CFLAGS := $(CPPFLAGS) -Wall -Wstrict-prototypes -Wno-trigraphs -Os \ - -fno-strict-aliasing -fno-common - - # Turn on -pg to instrument the kernel with calls to mcount(). -diff -Nurb linux.orig/arch/mips/brcm-boards/bcm947xx/setup.c linux/arch/mips/brcm-boards/bcm947xx/setup.c ---- linux.orig/arch/mips/brcm-boards/bcm947xx/setup.c 2003-11-11 09:08:46.000000000 -0500 -+++ linux/arch/mips/brcm-boards/bcm947xx/setup.c 2004-05-25 21:12:24.000000000 -0400 -@@ -27,6 +27,7 @@ - #include <linux/ext2_fs.h> - #include <linux/romfs_fs.h> - #include <linux/cramfs_fs.h> -+#include <linux/squashfs_fs.h> - #endif - - #include <typedefs.h> -@@ -160,37 +161,38 @@ - #ifdef CONFIG_MTD_PARTITIONS - - static struct mtd_partition bcm947xx_parts[] = { -- { name: "pmon", offset: 0, size: 0, /*mask_flags: MTD_WRITEABLE,*/ }, -+ { name: "pmon", offset: 0, size: 0, mask_flags: MTD_WRITEABLE, }, - { name: "linux", offset: 0, size: 0, }, - { name: "rootfs", offset: 0, size: 0, /*mask_flags: MTD_WRITEABLE,*/ }, - { name: "nvram", offset: 0, size: 0, }, -+ { name: "OpenWrt", offset: 0, size: 0, }, - { name: NULL, }, - }; - --struct mtd_partition * __init --init_mtd_partitions(struct mtd_info *mtd, size_t size) -+ -+static int __init -+find_root(struct mtd_info *mtd, size_t size, struct mtd_partition *part) - { -- struct minix_super_block *minixsb; -- struct ext2_super_block *ext2sb; -- struct romfs_super_block *romfsb; - struct cramfs_super *cramfsb; -+ struct squashfs_super_block *squashfsb; - struct trx_header *trx; -+ - unsigned char buf[512]; - int off; - size_t len; - -- minixsb = (struct minix_super_block *) buf; -- ext2sb = (struct ext2_super_block *) buf; -- romfsb = (struct romfs_super_block *) buf; - cramfsb = (struct cramfs_super *) buf; -+ squashfsb = (struct squashfs_super_block *) buf; - trx = (struct trx_header *) buf; - -- /* Look at every 64 KB boundary */ -- for (off = 0; off < size; off += (64 * 1024)) { -+ part->offset = 0; -+ part->size = 0; -+ -+ for (off = 0; off < size; off += mtd->erasesize) { - memset(buf, 0xe5, sizeof(buf)); - - /* -- * Read block 0 to test for romfs and cramfs superblock -+ * Read block 0 to test for cramfs superblock - */ - if (MTD_READ(mtd, off, sizeof(buf), &len, buf) || - len != sizeof(buf)) -@@ -198,75 +200,105 @@ - - /* Try looking at TRX header for rootfs offset */ - if (le32_to_cpu(trx->magic) == TRX_MAGIC) { -- bcm947xx_parts[1].offset = off; - if (le32_to_cpu(trx->offsets[1]) > off) - off = le32_to_cpu(trx->offsets[1]); - continue; - } - -- /* romfs is at block zero too */ -- if (romfsb->word0 == ROMSB_WORD0 && -- romfsb->word1 == ROMSB_WORD1) { -- printk(KERN_NOTICE -- "%s: romfs filesystem found at block %d\n", -- mtd->name, off / BLOCK_SIZE); -- goto done; -- } -- -- /* so is cramfs */ -+ /* need to find cramfs */ - if (cramfsb->magic == CRAMFS_MAGIC) { - printk(KERN_NOTICE - "%s: cramfs filesystem found at block %d\n", - mtd->name, off / BLOCK_SIZE); -- goto done; -- } - -- /* -- * Read block 1 to test for minix and ext2 superblock -- */ -- if (MTD_READ(mtd, off + BLOCK_SIZE, sizeof(buf), &len, buf) || -- len != sizeof(buf)) -- continue; -- -- /* Try minix */ -- if (minixsb->s_magic == MINIX_SUPER_MAGIC || -- minixsb->s_magic == MINIX_SUPER_MAGIC2) { -- printk(KERN_NOTICE -- "%s: Minix filesystem found at block %d\n", -- mtd->name, off / BLOCK_SIZE); -+ part->size = cramfsb->size; - goto done; - } - -- /* Try ext2 */ -- if (ext2sb->s_magic == cpu_to_le16(EXT2_SUPER_MAGIC)) { -+ /* or squashfs */ -+ if (squashfsb->s_magic == SQUASHFS_MAGIC) { - printk(KERN_NOTICE -- "%s: ext2 filesystem found at block %d\n", -+ "%s: squashfs filesystem found at block %d\n", - mtd->name, off / BLOCK_SIZE); -+ part->size = squashfsb->bytes_used+2048; - goto done; - } -- } - -+ } - printk(KERN_NOTICE -- "%s: Couldn't find valid ROM disk image\n", -+ "%s: Couldn't find valid cramfs image\n", - mtd->name); -+ return -1; -+ -+done: -+ part->offset = off; -+ return 0; -+} -+ -+ -+struct mtd_partition * __init -+init_mtd_partitions(struct mtd_info *mtd, size_t size) -+{ -+ -+ bcm947xx_parts[0].offset=0; -+ bcm947xx_parts[0].size=256*1024; - -- done: - /* Find and size nvram */ - bcm947xx_parts[3].offset = size - ROUNDUP(NVRAM_SPACE, mtd->erasesize); - bcm947xx_parts[3].size = size - bcm947xx_parts[3].offset; - - /* Find and size rootfs */ -- if (off < size) { -- bcm947xx_parts[2].offset = off; -- bcm947xx_parts[2].size = bcm947xx_parts[3].offset - bcm947xx_parts[2].offset; -- } -+ //if (off < size) { -+ // bcm947xx_parts[2].offset = off; -+ // bcm947xx_parts[2].size = bcm947xx_parts[3].offset - bcm947xx_parts[2].offset; -+ //} -+ -+ /* Find and size rootfs */ -+ find_root(mtd,size,&bcm947xx_parts[2]); -+ -+ - - /* Size linux (kernel and rootfs) */ -+ bcm947xx_parts[1].offset = bcm947xx_parts[0].size; - bcm947xx_parts[1].size = bcm947xx_parts[3].offset - bcm947xx_parts[1].offset; - -+ -+ -+ /* calculate leftover flash, and assign it to the jffs partition */ -+ size_t spot; -+ size_t len; -+ size_t mask; -+ // get the offset to the end of the root_fs -+ spot=bcm947xx_parts[2].offset+bcm947xx_parts[2].size; -+ // round it up to an erase size boundary -+ spot+=mtd->erasesize-1; -+ // mask the number to the boundary -+ mask=mtd->erasesize; -+ mask=mask-1; -+ mask=mask^0xffffffff; -+ spot&=mask; -+ // length = flashsize - start position - nvram size -+ len=size-spot; -+ len=len-bcm947xx_parts[3].size; -+ -+ -+ bcm947xx_parts[4].offset = spot; -+ bcm947xx_parts[4].size = len; -+ -+ -+ -+ - /* Size pmon */ - bcm947xx_parts[0].size = bcm947xx_parts[1].offset - bcm947xx_parts[0].offset; - -+ //int x; -+ //for(x=0; x<5; x++) { -+ // printk(KERN_NOTICE -+ // "Partition %d mask_flags %08x\n", -+ // x,bcm947xx_parts[x].mask_flags); -+ //} -+ -+ - return bcm947xx_parts; - } - -diff -Nurb linux.orig/drivers/mtd/maps/bcm947xx-flash.c linux/drivers/mtd/maps/bcm947xx-flash.c ---- linux.orig/drivers/mtd/maps/bcm947xx-flash.c 2003-11-08 04:35:52.000000000 -0500 -+++ linux/drivers/mtd/maps/bcm947xx-flash.c 2004-05-25 21:12:24.000000000 -0400 -@@ -82,7 +82,21 @@ - - void bcm947xx_map_copy_from(struct map_info *map, void *to, unsigned long from, ssize_t len) - { -+ //memcpy_fromio(to, map->map_priv_1 + from, len); -+ if (len==1) { - memcpy_fromio(to, map->map_priv_1 + from, len); -+ } else { -+ int i; -+ u16 *dest = (u16 *) to; -+ u16 *src = (u16 *) (map->map_priv_1 + from); -+ -+ for (i = 0; i < (len / 2); i++) { -+ dest[i] = src[i]; -+ } -+ -+ if (len & 1) -+ *((u8 *)dest+len-1) = src[i] & 0xff; -+ } - } - - void bcm947xx_map_write8(struct map_info *map, __u8 d, unsigned long adr) -diff -Nurb linux.orig/drivers/net/Makefile linux/drivers/net/Makefile ---- linux.orig/drivers/net/Makefile 2004-02-12 21:35:15.000000000 -0500 -+++ linux/drivers/net/Makefile 2004-05-25 21:12:24.000000000 -0400 -@@ -25,7 +25,7 @@ - list-multi := rcpci.o - rcpci-objs := rcpci45.o rclanmtl.o - --subdir-m += mac -+# subdir-m += mac - subdir-m += diag - - ifeq ($(CONFIG_HW_QOS),y) -diff -Nurb linux.orig/fs/Config.in linux/fs/Config.in ---- linux.orig/fs/Config.in 2003-07-04 04:12:05.000000000 -0400 -+++ linux/fs/Config.in 2004-05-25 21:13:03.000000000 -0400 -@@ -47,6 +47,7 @@ - int 'JFFS2 debugging verbosity (0 = quiet, 2 = noisy)' CONFIG_JFFS2_FS_DEBUG 0 - fi - tristate 'Compressed ROM file system support' CONFIG_CRAMFS -+tristate 'Squashed file system support' CONFIG_SQUASHFS - bool 'Virtual memory file system support (former shm fs)' CONFIG_TMPFS - define_bool CONFIG_RAMFS y - -diff -Nurb linux.orig/fs/Makefile linux/fs/Makefile ---- linux.orig/fs/Makefile 2003-07-04 04:12:05.000000000 -0400 -+++ linux/fs/Makefile 2004-05-25 21:13:03.000000000 -0400 -@@ -68,6 +68,7 @@ - subdir-$(CONFIG_SUN_OPENPROMFS) += openpromfs - subdir-$(CONFIG_BEFS_FS) += befs - subdir-$(CONFIG_JFS_FS) += jfs -+subdir-$(CONFIG_SQUASHFS) += squashfs - - - obj-$(CONFIG_BINFMT_AOUT) += binfmt_aout.o -diff -Nurb linux.orig/fs/squashfs/Makefile linux/fs/squashfs/Makefile ---- linux.orig/fs/squashfs/Makefile 1969-12-31 19:00:00.000000000 -0500 -+++ linux/fs/squashfs/Makefile 2004-05-25 21:13:03.000000000 -0400 -@@ -0,0 +1,11 @@ -+# -+# Makefile for the linux squashfs routines. -+# -+ -+O_TARGET := squashfs.o -+ -+obj-y := inode.o -+ -+obj-m := $(O_TARGET) -+ -+include $(TOPDIR)/Rules.make -diff -Nurb linux.orig/fs/squashfs/inode.c linux/fs/squashfs/inode.c ---- linux.orig/fs/squashfs/inode.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux/fs/squashfs/inode.c 2004-05-25 21:13:03.000000000 -0400 -@@ -0,0 +1,1515 @@ -+/* -+ * Squashfs - a compressed read only filesystem for Linux -+ * -+ * Copyright (c) 2002, 2003, 2004 Phillip Lougher <plougher@users.sourceforge.net> -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2, -+ * or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -+ * Squashfs - a compressed read only filesystem for Linux -+ * -+ * inode.c -+ */ -+ -+#define SQUASHFS_1_0_COMPATIBILITY -+ -+#include <linux/types.h> -+#include <linux/squashfs_fs.h> -+#include <linux/module.h> -+#include <linux/errno.h> -+#include <linux/slab.h> -+#include <linux/fs.h> -+#include <linux/locks.h> -+#include <linux/init.h> -+#include <linux/dcache.h> -+#include <asm/uaccess.h> -+#include <linux/wait.h> -+#include <asm/semaphore.h> -+#include <linux/zlib.h> -+#include <linux/blkdev.h> -+#include <linux/vmalloc.h> -+ -+#ifdef SQUASHFS_TRACE -+#define TRACE(s, args...) printk(KERN_NOTICE "SQUASHFS: "s, ## args) -+#else -+#define TRACE(s, args...) {} -+#endif -+ -+#define ERROR(s, args...) printk(KERN_ERR "SQUASHFS error: "s, ## args) -+ -+#define SERROR(s, args...) if(!silent) printk(KERN_ERR "SQUASHFS error: "s, ## args) -+#define WARNING(s, args...) printk(KERN_WARNING "SQUASHFS: "s, ## args) -+ -+static struct super_block *squashfs_read_super(struct super_block *, void *, int); -+static void squashfs_put_super(struct super_block *); -+static int squashfs_statfs(struct super_block *, struct statfs *); -+static int squashfs_symlink_readpage(struct file *file, struct page *page); -+static int squashfs_readpage(struct file *file, struct page *page); -+static int squashfs_readpage4K(struct file *file, struct page *page); -+static int squashfs_readdir(struct file *, void *, filldir_t); -+static struct dentry *squashfs_lookup(struct inode *, struct dentry *); -+static unsigned int read_data(struct super_block *s, char *buffer, -+ unsigned int index, unsigned int length, int, unsigned int *next_index); -+static int squashfs_get_cached_block(struct super_block *s, char *buffer, -+ unsigned int block, unsigned int offset, int length, -+ unsigned int *next_block, unsigned int *next_offset); -+static struct inode *squashfs_iget(struct super_block *s, squashfs_inode inode); -+static unsigned int read_blocklist(struct inode *inode, int index, int readahead_blks, -+ char *block_list, char **block_p, unsigned int *bsize); -+static void squashfs_put_super(struct super_block *s); -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+static int squashfs_readpage_lessthan4K(struct file *file, struct page *page); -+static struct inode *squashfs_iget_1(struct super_block *s, squashfs_inode inode); -+static unsigned int read_blocklist_1(struct inode *inode, int index, int readahead_blks, -+ char *block_list, char **block_p, unsigned int *bsize); -+#endif -+ -+DECLARE_MUTEX(read_data_mutex); -+ -+static z_stream stream; -+ -+static DECLARE_FSTYPE_DEV(squashfs_fs_type, "squashfs", squashfs_read_super); -+ -+static unsigned char squashfs_filetype_table[] = { -+ DT_UNKNOWN, DT_DIR, DT_REG, DT_LNK, DT_BLK, DT_CHR, DT_FIFO, DT_SOCK -+}; -+ -+static struct super_operations squashfs_ops = { -+ statfs: squashfs_statfs, -+ put_super: squashfs_put_super, -+}; -+ -+static struct address_space_operations squashfs_symlink_aops = { -+ readpage: squashfs_symlink_readpage -+}; -+ -+static struct address_space_operations squashfs_aops = { -+ readpage: squashfs_readpage -+}; -+ -+static struct address_space_operations squashfs_aops_4K = { -+ readpage: squashfs_readpage4K -+}; -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+static struct address_space_operations squashfs_aops_lessthan4K = { -+ readpage: squashfs_readpage_lessthan4K -+}; -+#endif -+ -+static struct file_operations squashfs_dir_ops = { -+ read: generic_read_dir, -+ readdir: squashfs_readdir -+}; -+ -+static struct inode_operations squashfs_dir_inode_ops = { -+ lookup: squashfs_lookup -+}; -+ -+ -+static unsigned int read_data(struct super_block *s, char *buffer, -+ unsigned int index, unsigned int length, int datablock, unsigned int *next_index) -+{ -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ struct buffer_head *bh[((SQUASHFS_FILE_MAX_SIZE - 1) >> msBlk->devblksize_log2) + 2]; -+ unsigned int offset = index & ((1 << msBlk->devblksize_log2) - 1); -+ unsigned int cur_index = index >> msBlk->devblksize_log2; -+ int bytes, avail_bytes, b, k; -+ char *c_buffer; -+ unsigned int compressed; -+ unsigned int c_byte = length; -+ -+ if(c_byte) { -+ bytes = msBlk->devblksize - offset; -+ if(datablock) { -+ c_buffer = (compressed = SQUASHFS_COMPRESSED_BLOCK(c_byte)) ? msBlk->read_data : buffer; -+ c_byte = SQUASHFS_COMPRESSED_SIZE_BLOCK(c_byte); -+ } else { -+ c_buffer = (compressed = SQUASHFS_COMPRESSED(c_byte)) ? msBlk->read_data : buffer; -+ c_byte = SQUASHFS_COMPRESSED_SIZE(c_byte); -+ } -+ -+ TRACE("Block @ 0x%x, %scompressed size %d\n", index, compressed ? "" : "un", (unsigned int) c_byte); -+ -+ if(!(bh[0] = sb_getblk(s, cur_index))) -+ goto block_release; -+ for(b = 1; bytes < c_byte; b++) { -+ if(!(bh[b] = sb_getblk(s, ++cur_index))) -+ goto block_release; -+ bytes += msBlk->devblksize; -+ } -+ ll_rw_block(READ, b, bh); -+ } else { -+ unsigned short temp; -+ if(!(bh[0] = sb_bread(s, cur_index))) -+ goto read_failure; -+ -+ if(msBlk->devblksize - offset == 1) { -+ if(msBlk->swap) -+ ((unsigned char *) &temp)[1] = *((unsigned char *) (bh[0]->b_data + offset)); -+ else -+ ((unsigned char *) &temp)[0] = *((unsigned char *) (bh[0]->b_data + offset)); -+ brelse(bh[0]); -+ if(!(bh[0] = sb_bread(s, ++cur_index))) -+ goto read_failure; -+ if(msBlk->swap) -+ ((unsigned char *) &temp)[0] = *((unsigned char *) bh[0]->b_data); -+ else -+ ((unsigned char *) &temp)[1] = *((unsigned char *) bh[0]->b_data); -+ c_byte = temp; -+ offset = 1; -+ } -+ else { -+ if(msBlk->swap) { -+ unsigned short temp; -+ ((unsigned char *) &temp)[1] = *((unsigned char *) (bh[0]->b_data + offset)); -+ ((unsigned char *) &temp)[0] = *((unsigned char *) (bh[0]->b_data + offset + 1)); -+ c_byte = temp; -+ } else -+ c_byte = *((unsigned short *) (bh[0]->b_data + offset)); -+ offset += 2; -+ } -+ if(SQUASHFS_CHECK_DATA(msBlk->sBlk.flags)) { -+ if(offset == msBlk->devblksize) { -+ brelse(bh[0]); -+ if(!(bh[0] = sb_bread(s, ++cur_index))) -+ goto read_failure; -+ offset = 0; -+ } -+ if(*((unsigned char *) (bh[0]->b_data + offset)) != SQUASHFS_MARKER_BYTE) { -+ ERROR("Metadata block marker corrupt @ %x\n", index); -+ brelse(bh[0]); -+ return 0; -+ } -+ offset ++; -+ } -+ -+ bytes = msBlk->devblksize - offset; -+ if(datablock) { -+ c_buffer = (compressed = SQUASHFS_COMPRESSED_BLOCK(c_byte)) ? msBlk->read_data : buffer; -+ c_byte = SQUASHFS_COMPRESSED_SIZE_BLOCK(c_byte); -+ } else { -+ c_buffer = (compressed = SQUASHFS_COMPRESSED(c_byte)) ? msBlk->read_data : buffer; -+ c_byte = SQUASHFS_COMPRESSED_SIZE(c_byte); -+ } -+ -+ TRACE("Block @ 0x%x, %scompressed size %d\n", index, compressed ? "" : "un", (unsigned int) c_byte); -+ -+ for(b = 1; bytes < c_byte; b++) { -+ if(!(bh[b] = sb_getblk(s, ++cur_index))) -+ goto block_release; -+ bytes += msBlk->devblksize; -+ } -+ ll_rw_block(READ, b - 1, bh + 1); -+ } -+ -+ if(compressed) -+ down(&read_data_mutex); -+ -+ for(bytes = 0, k = 0; k < b; k++) { -+ avail_bytes = (c_byte - bytes) > (msBlk->devblksize - offset) ? msBlk->devblksize - offset : c_byte - bytes; -+ wait_on_buffer(bh[k]); -+ memcpy(c_buffer + bytes, bh[k]->b_data + offset, avail_bytes); -+ bytes += avail_bytes; -+ offset = 0; -+ brelse(bh[k]); -+ } -+ -+ /* -+ * uncompress block -+ */ -+ if(compressed) { -+ int zlib_err; -+ -+ stream.next_in = c_buffer; -+ stream.avail_in = c_byte; -+ stream.next_out = buffer; -+ stream.avail_out = msBlk->read_size; -+ if(((zlib_err = zlib_inflateInit(&stream)) != Z_OK) || -+ ((zlib_err = zlib_inflate(&stream, Z_FINISH)) != Z_STREAM_END) || -+ ((zlib_err = zlib_inflateEnd(&stream)) != Z_OK)) { -+ ERROR("zlib_fs returned unexpected result 0x%x\n", zlib_err); -+ bytes = 0; -+ } else -+ bytes = stream.total_out; -+ up(&read_data_mutex); -+ } -+ -+ if(next_index) -+ *next_index = index + c_byte + (length ? 0 : (SQUASHFS_CHECK_DATA(msBlk->sBlk.flags) ? 3 : 2)); -+ -+ return bytes; -+ -+block_release: -+ while(--b >= 0) brelse(bh[b]); -+ -+read_failure: -+ ERROR("sb_bread failed reading block 0x%x\n", cur_index); -+ return 0; -+} -+ -+ -+static int squashfs_get_cached_block(struct super_block *s, char *buffer, -+ unsigned int block, unsigned int offset, int length, -+ unsigned int *next_block, unsigned int *next_offset) -+{ -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ int n, i, bytes, return_length = length; -+ unsigned int next_index; -+ -+ TRACE("Entered squashfs_get_cached_block [%x:%x]\n", block, offset); -+ -+ for(;;) { -+ for(i = 0; i < SQUASHFS_CACHED_BLKS; i++) -+ if(msBlk->block_cache[i].block == block) -+ break; -+ -+ down(&msBlk->block_cache_mutex); -+ if(i == SQUASHFS_CACHED_BLKS) { -+ /* read inode header block */ -+ for(i = msBlk->next_cache, n = SQUASHFS_CACHED_BLKS; n ; n --, i = (i + 1) % SQUASHFS_CACHED_BLKS) -+ if(msBlk->block_cache[i].block != SQUASHFS_USED_BLK) -+ break; -+ if(n == 0) { -+ up(&msBlk->block_cache_mutex); -+ sleep_on(&msBlk->waitq); -+ continue; -+ } -+ msBlk->next_cache = (i + 1) % SQUASHFS_CACHED_BLKS; -+ -+ if(msBlk->block_cache[i].block == SQUASHFS_INVALID_BLK) { -+ if(!(msBlk->block_cache[i].data = (unsigned char *) -+ kmalloc(SQUASHFS_METADATA_SIZE, GFP_KERNEL))) { -+ ERROR("Failed to allocate cache block\n"); -+ up(&msBlk->block_cache_mutex); -+ return 0; -+ } -+ } -+ -+ msBlk->block_cache[i].block = SQUASHFS_USED_BLK; -+ up(&msBlk->block_cache_mutex); -+ if(!(msBlk->block_cache[i].length = read_data(s, msBlk->block_cache[i].data, block, 0, 0, -+ &next_index))) { -+ ERROR("Unable to read cache block [%x:%x]\n", block, offset); -+ return 0; -+ } -+ down(&msBlk->block_cache_mutex); -+ wake_up(&msBlk->waitq); -+ msBlk->block_cache[i].block = block; -+ msBlk->block_cache[i].next_index = next_index; -+ TRACE("Read cache block [%x:%x]\n", block, offset); -+ } -+ -+ if(msBlk->block_cache[i].block != block) { -+ up(&msBlk->block_cache_mutex); -+ continue; -+ } -+ -+ if((bytes = msBlk->block_cache[i].length - offset) >= length) { -+ if(buffer) -+ memcpy(buffer, msBlk->block_cache[i].data + offset, length); -+ if(msBlk->block_cache[i].length - offset == length) { -+ *next_block = msBlk->block_cache[i].next_index; -+ *next_offset = 0; -+ } else { -+ *next_block = block; -+ *next_offset = offset + length; -+ } -+ -+ up(&msBlk->block_cache_mutex); -+ return return_length; -+ } else { -+ if(buffer) { -+ memcpy(buffer, msBlk->block_cache[i].data + offset, bytes); -+ buffer += bytes; -+ } -+ block = msBlk->block_cache[i].next_index; -+ up(&msBlk->block_cache_mutex); -+ length -= bytes; -+ offset = 0; -+ } -+ } -+} -+ -+ -+static int get_fragment_location(struct super_block *s, unsigned int fragment, unsigned int *fragment_start_block, unsigned int *fragment_size) -+{ -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ unsigned int start_block = msBlk->fragment_index[SQUASHFS_FRAGMENT_INDEX(fragment)]; -+ int offset = SQUASHFS_FRAGMENT_INDEX_OFFSET(fragment); -+ squashfs_fragment_entry fragment_entry; -+ -+ if(msBlk->swap) { -+ squashfs_fragment_entry sfragment_entry; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sfragment_entry, start_block, offset, -+ sizeof(sfragment_entry), &start_block, &offset)) -+ return 0; -+ SQUASHFS_SWAP_FRAGMENT_ENTRY(&fragment_entry, &sfragment_entry); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &fragment_entry, start_block, offset, -+ sizeof(fragment_entry), &start_block, &offset)) -+ return 0; -+ -+ *fragment_start_block = fragment_entry.start_block; -+ *fragment_size = fragment_entry.size; -+ -+ return 1; -+} -+ -+ -+void release_cached_fragment(squashfs_sb_info *msBlk, struct squashfs_fragment_cache *fragment) -+{ -+ down(&msBlk->fragment_mutex); -+ fragment->locked --; -+ wake_up(&msBlk->fragment_wait_queue); -+ up(&msBlk->fragment_mutex); -+} -+ -+ -+struct squashfs_fragment_cache *get_cached_fragment(struct super_block *s, unsigned int start_block, int length) -+{ -+ int i, n; -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ -+ for(;;) { -+ down(&msBlk->fragment_mutex); -+ for(i = 0; i < SQUASHFS_CACHED_FRAGMENTS && msBlk->fragment[i].block != start_block; i++); -+ if(i == SQUASHFS_CACHED_FRAGMENTS) { -+ for(i = msBlk->next_fragment, n = SQUASHFS_CACHED_FRAGMENTS; -+ n && msBlk->fragment[i].locked; n--, i = (i + 1) % SQUASHFS_CACHED_FRAGMENTS); -+ -+ if(n == 0) { -+ up(&msBlk->fragment_mutex); -+ sleep_on(&msBlk->fragment_wait_queue); -+ continue; -+ } -+ msBlk->next_fragment = (msBlk->next_fragment + 1) % SQUASHFS_CACHED_FRAGMENTS; -+ -+ if(msBlk->fragment[i].data == NULL) -+ if(!(msBlk->fragment[i].data = (unsigned char *) -+ kmalloc(SQUASHFS_FILE_MAX_SIZE, GFP_KERNEL))) { -+ ERROR("Failed to allocate fragment cache block\n"); -+ up(&msBlk->fragment_mutex); -+ return NULL; -+ } -+ -+ msBlk->fragment[i].block = SQUASHFS_INVALID_BLK; -+ msBlk->fragment[i].locked = 1; -+ up(&msBlk->fragment_mutex); -+ if(!(msBlk->fragment[i].length = read_data(s, msBlk->fragment[i].data, start_block, length, -+ 1, NULL))) { -+ ERROR("Unable to read fragment cache block [%x]\n", start_block); -+ msBlk->fragment[i].locked = 0; -+ return NULL; -+ } -+ msBlk->fragment[i].block = start_block; -+ TRACE("New fragment %d, start block %d, locked %d\n", i, msBlk->fragment[i].block, msBlk->fragment[i].locked); -+ return &msBlk->fragment[i]; -+ } -+ -+ msBlk->fragment[i].locked ++; -+ up(&msBlk->fragment_mutex); -+ -+ TRACE("Got fragment %d, start block %d, locked %d\n", i, msBlk->fragment[i].block, msBlk->fragment[i].locked); -+ return &msBlk->fragment[i]; -+ } -+} -+ -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+static struct inode *squashfs_iget_1(struct super_block *s, squashfs_inode inode) -+{ -+ struct inode *i = new_inode(s); -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ unsigned int block = SQUASHFS_INODE_BLK(inode) + sBlk->inode_table_start; -+ unsigned int offset = SQUASHFS_INODE_OFFSET(inode); -+ unsigned int next_block, next_offset; -+ squashfs_base_inode_header_1 inodeb; -+ -+ TRACE("Entered squashfs_iget_1\n"); -+ -+ if(msBlk->swap) { -+ squashfs_base_inode_header_1 sinodeb; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodeb, block, offset, -+ sizeof(sinodeb), &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_BASE_INODE_HEADER_1(&inodeb, &sinodeb, sizeof(sinodeb)); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodeb, block, offset, -+ sizeof(inodeb), &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_nlink = 1; -+ -+ i->i_mtime = sBlk->mkfs_time; -+ i->i_atime = sBlk->mkfs_time; -+ i->i_ctime = sBlk->mkfs_time; -+ -+ if(inodeb.inode_type != SQUASHFS_IPC_TYPE) -+ i->i_uid = msBlk->uid[((inodeb.inode_type - 1) / SQUASHFS_TYPES) * 16 + inodeb.uid]; -+ i->i_ino = SQUASHFS_MK_VFS_INODE(block - sBlk->inode_table_start, offset); -+ -+ i->i_mode = inodeb.mode; -+ -+ switch(inodeb.inode_type == SQUASHFS_IPC_TYPE ? SQUASHFS_IPC_TYPE : (inodeb.inode_type - 1) % SQUASHFS_TYPES + 1) { -+ case SQUASHFS_FILE_TYPE: { -+ squashfs_reg_inode_header_1 inodep; -+ -+ if(msBlk->swap) { -+ squashfs_reg_inode_header_1 sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_REG_INODE_HEADER_1(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = inodep.file_size; -+ i->i_fop = &generic_ro_fops; -+ if(sBlk->block_size > 4096) -+ i->i_data.a_ops = &squashfs_aops; -+ else if(sBlk->block_size == 4096) -+ i->i_data.a_ops = &squashfs_aops_4K; -+ else -+ i->i_data.a_ops = &squashfs_aops_lessthan4K; -+ i->i_mode |= S_IFREG; -+ i->i_mtime = inodep.mtime; -+ i->i_atime = inodep.mtime; -+ i->i_ctime = inodep.mtime; -+ i->i_blocks = ((i->i_size - 1) >> 9) + 1; -+ i->i_blksize = PAGE_CACHE_SIZE; -+ i->u.squashfs_i.fragment_start_block = SQUASHFS_INVALID_BLK; -+ i->u.squashfs_i.fragment_offset = 0; -+ i->u.squashfs_i.start_block = inodep.start_block; -+ i->u.squashfs_i.block_list_start = next_block; -+ i->u.squashfs_i.offset = next_offset; -+ TRACE("File inode %x:%x, start_block %x, block_list_start %x, offset %x\n", -+ SQUASHFS_INODE_BLK(inode), offset, inodep.start_block, next_block, next_offset); -+ break; -+ } -+ case SQUASHFS_DIR_TYPE: { -+ squashfs_dir_inode_header_1 inodep; -+ -+ if(msBlk->swap) { -+ squashfs_dir_inode_header_1 sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_DIR_INODE_HEADER_1(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = inodep.file_size; -+ i->i_op = &squashfs_dir_inode_ops; -+ i->i_fop = &squashfs_dir_ops; -+ i->i_mode |= S_IFDIR; -+ i->i_mtime = inodep.mtime; -+ i->i_atime = inodep.mtime; -+ i->i_ctime = inodep.mtime; -+ i->u.squashfs_i.start_block = inodep.start_block; -+ i->u.squashfs_i.offset = inodep.offset; -+ TRACE("Directory inode %x:%x, start_block %x, offset %x\n", SQUASHFS_INODE_BLK(inode), offset, -+ inodep.start_block, inodep.offset); -+ break; -+ } -+ case SQUASHFS_SYMLINK_TYPE: { -+ squashfs_symlink_inode_header_1 inodep; -+ -+ if(msBlk->swap) { -+ squashfs_symlink_inode_header_1 sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_SYMLINK_INODE_HEADER_1(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = inodep.symlink_size; -+ i->i_op = &page_symlink_inode_operations; -+ i->i_data.a_ops = &squashfs_symlink_aops; -+ i->i_mode |= S_IFLNK; -+ i->u.squashfs_i.start_block = next_block; -+ i->u.squashfs_i.offset = next_offset; -+ TRACE("Symbolic link inode %x:%x, start_block %x, offset %x\n", -+ SQUASHFS_INODE_BLK(inode), offset, next_block, next_offset); -+ break; -+ } -+ case SQUASHFS_BLKDEV_TYPE: -+ case SQUASHFS_CHRDEV_TYPE: { -+ squashfs_dev_inode_header_1 inodep; -+ -+ if(msBlk->swap) { -+ squashfs_dev_inode_header_1 sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_DEV_INODE_HEADER_1(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = 0; -+ i->i_mode |= (inodeb.inode_type == SQUASHFS_CHRDEV_TYPE) ? S_IFCHR : S_IFBLK; -+ init_special_inode(i, i->i_mode, inodep.rdev); -+ TRACE("Device inode %x:%x, rdev %x\n", SQUASHFS_INODE_BLK(inode), offset, inodep.rdev); -+ break; -+ } -+ case SQUASHFS_IPC_TYPE: { -+ squashfs_ipc_inode_header_1 inodep; -+ -+ if(msBlk->swap) { -+ squashfs_ipc_inode_header_1 sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_IPC_INODE_HEADER_1(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = 0; -+ i->i_mode |= (inodep.type == SQUASHFS_FIFO_TYPE) ? S_IFIFO : S_IFSOCK; -+ i->i_uid = msBlk->uid[inodep.offset * 16 + inodeb.uid]; -+ init_special_inode(i, i->i_mode, 0); -+ break; -+ } -+ default: -+ ERROR("Unknown inode type %d in squashfs_iget!\n", inodeb.inode_type); -+ goto failed_read1; -+ } -+ -+ if(inodeb.guid == SQUASHFS_GUIDS) -+ i->i_gid = i->i_uid; -+ else -+ i->i_gid = msBlk->guid[inodeb.guid]; -+ -+ return i; -+ -+failed_read: -+ ERROR("Unable to read inode [%x:%x]\n", block, offset); -+ -+failed_read1: -+ return NULL; -+} -+#endif -+ -+ -+static struct inode *squashfs_iget(struct super_block *s, squashfs_inode inode) -+{ -+ struct inode *i = new_inode(s); -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ unsigned int block = SQUASHFS_INODE_BLK(inode) + sBlk->inode_table_start; -+ unsigned int offset = SQUASHFS_INODE_OFFSET(inode); -+ unsigned int next_block, next_offset; -+ squashfs_base_inode_header inodeb; -+ -+ TRACE("Entered squashfs_iget\n"); -+ -+ if(msBlk->swap) { -+ squashfs_base_inode_header sinodeb; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodeb, block, offset, -+ sizeof(sinodeb), &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_BASE_INODE_HEADER(&inodeb, &sinodeb, sizeof(sinodeb)); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodeb, block, offset, -+ sizeof(inodeb), &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_nlink = 1; -+ -+ i->i_mtime = sBlk->mkfs_time; -+ i->i_atime = sBlk->mkfs_time; -+ i->i_ctime = sBlk->mkfs_time; -+ -+ if(inodeb.inode_type != SQUASHFS_IPC_TYPE) -+ i->i_uid = msBlk->uid[((inodeb.inode_type - 1) / SQUASHFS_TYPES) * 16 + inodeb.uid]; -+ i->i_ino = SQUASHFS_MK_VFS_INODE(block - sBlk->inode_table_start, offset); -+ -+ i->i_mode = inodeb.mode; -+ -+ switch(inodeb.inode_type) { -+ case SQUASHFS_FILE_TYPE: { -+ squashfs_reg_inode_header inodep; -+ -+ if(msBlk->swap) { -+ squashfs_reg_inode_header sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_REG_INODE_HEADER(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->u.squashfs_i.fragment_start_block = SQUASHFS_INVALID_BLK; -+ if(inodep.fragment != SQUASHFS_INVALID_BLK && !get_fragment_location(s, inodep.fragment, -+ &i->u.squashfs_i.fragment_start_block, &i->u.squashfs_i.fragment_size)) -+ goto failed_read; -+ -+ i->u.squashfs_i.fragment_offset = inodep.offset; -+ i->i_size = inodep.file_size; -+ i->i_fop = &generic_ro_fops; -+ if(sBlk->block_size > 4096) -+ i->i_data.a_ops = &squashfs_aops; -+ else -+ i->i_data.a_ops = &squashfs_aops_4K; -+ i->i_mode |= S_IFREG; -+ i->i_mtime = inodep.mtime; -+ i->i_atime = inodep.mtime; -+ i->i_ctime = inodep.mtime; -+ i->i_blocks = ((i->i_size - 1) >> 9) + 1; -+ i->i_blksize = PAGE_CACHE_SIZE; -+ i->u.squashfs_i.start_block = inodep.start_block; -+ i->u.squashfs_i.block_list_start = next_block; -+ i->u.squashfs_i.offset = next_offset; -+ TRACE("File inode %x:%x, start_block %x, block_list_start %x, offset %x fragment_index %x fragment_offset %x\n", -+ SQUASHFS_INODE_BLK(inode), offset, inodep.start_block, next_block, next_offset, inodep.fragment, inodep.offset); -+ break; -+ } -+ case SQUASHFS_DIR_TYPE: { -+ squashfs_dir_inode_header inodep; -+ -+ if(msBlk->swap) { -+ squashfs_dir_inode_header sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_DIR_INODE_HEADER(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = inodep.file_size; -+ i->i_op = &squashfs_dir_inode_ops; -+ i->i_fop = &squashfs_dir_ops; -+ i->i_mode |= S_IFDIR; -+ i->i_mtime = inodep.mtime; -+ i->i_atime = inodep.mtime; -+ i->i_ctime = inodep.mtime; -+ i->u.squashfs_i.start_block = inodep.start_block; -+ i->u.squashfs_i.offset = inodep.offset; -+ TRACE("Directory inode %x:%x, start_block %x, offset %x\n", SQUASHFS_INODE_BLK(inode), offset, -+ inodep.start_block, inodep.offset); -+ break; -+ } -+ case SQUASHFS_SYMLINK_TYPE: { -+ squashfs_symlink_inode_header inodep; -+ -+ if(msBlk->swap) { -+ squashfs_symlink_inode_header sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_SYMLINK_INODE_HEADER(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = inodep.symlink_size; -+ i->i_op = &page_symlink_inode_operations; -+ i->i_data.a_ops = &squashfs_symlink_aops; -+ i->i_mode |= S_IFLNK; -+ i->u.squashfs_i.start_block = next_block; -+ i->u.squashfs_i.offset = next_offset; -+ TRACE("Symbolic link inode %x:%x, start_block %x, offset %x\n", -+ SQUASHFS_INODE_BLK(inode), offset, next_block, next_offset); -+ break; -+ } -+ case SQUASHFS_BLKDEV_TYPE: -+ case SQUASHFS_CHRDEV_TYPE: { -+ squashfs_dev_inode_header inodep; -+ -+ if(msBlk->swap) { -+ squashfs_dev_inode_header sinodep; -+ -+ if(!squashfs_get_cached_block(s, (char *) &sinodep, block, offset, sizeof(sinodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ SQUASHFS_SWAP_DEV_INODE_HEADER(&inodep, &sinodep); -+ } else -+ if(!squashfs_get_cached_block(s, (char *) &inodep, block, offset, sizeof(inodep), -+ &next_block, &next_offset)) -+ goto failed_read; -+ -+ i->i_size = 0; -+ i->i_mode |= (inodeb.inode_type == SQUASHFS_CHRDEV_TYPE) ? S_IFCHR : S_IFBLK; -+ init_special_inode(i, i->i_mode, inodep.rdev); -+ TRACE("Device inode %x:%x, rdev %x\n", SQUASHFS_INODE_BLK(inode), offset, inodep.rdev); -+ break; -+ } -+ case SQUASHFS_FIFO_TYPE: -+ case SQUASHFS_SOCKET_TYPE: { -+ i->i_size = 0; -+ i->i_mode |= (inodeb.inode_type == SQUASHFS_FIFO_TYPE) ? S_IFIFO : S_IFSOCK; -+ init_special_inode(i, i->i_mode, 0); -+ break; -+ } -+ default: -+ ERROR("Unknown inode type %d in squashfs_iget!\n", inodeb.inode_type); -+ goto failed_read1; -+ } -+ -+ if(inodeb.guid == SQUASHFS_GUIDS) -+ i->i_gid = i->i_uid; -+ else -+ i->i_gid = msBlk->guid[inodeb.guid]; -+ -+ return i; -+ -+failed_read: -+ ERROR("Unable to read inode [%x:%x]\n", block, offset); -+ -+failed_read1: -+ return NULL; -+} -+ -+ -+static struct super_block *squashfs_read_super(struct super_block *s, -+ void *data, int silent) -+{ -+ kdev_t dev = s->s_dev; -+ squashfs_sb_info *msBlk = &s->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ int i; -+ -+ TRACE("Entered squashfs_read_superblock\n"); -+ -+ msBlk->devblksize = get_hardsect_size(dev); -+ if(msBlk->devblksize < BLOCK_SIZE) -+ msBlk->devblksize = BLOCK_SIZE; -+ msBlk->devblksize_log2 = ffz(~msBlk->devblksize); -+ set_blocksize(dev, msBlk->devblksize); -+ s->s_blocksize = msBlk->devblksize; -+ s->s_blocksize_bits = msBlk->devblksize_log2; -+ -+ init_MUTEX(&msBlk->read_page_mutex); -+ init_MUTEX(&msBlk->block_cache_mutex); -+ init_MUTEX(&msBlk->fragment_mutex); -+ -+ init_waitqueue_head(&msBlk->waitq); -+ init_waitqueue_head(&msBlk->fragment_wait_queue); -+ -+ if(!read_data(s, (char *) sBlk, SQUASHFS_START, sizeof(squashfs_super_block) | SQUASHFS_COMPRESSED_BIT, 0, NULL)) { -+ SERROR("unable to read superblock\n"); -+ goto failed_mount; -+ } -+ -+ /* Check it is a SQUASHFS superblock */ -+ msBlk->swap = 0; -+ if((s->s_magic = sBlk->s_magic) != SQUASHFS_MAGIC) { -+ if(sBlk->s_magic == SQUASHFS_MAGIC_SWAP) { -+ squashfs_super_block sblk; -+ WARNING("Mounting a different endian SQUASHFS filesystem on %s\n", bdevname(dev)); -+ SQUASHFS_SWAP_SUPER_BLOCK(&sblk, sBlk); -+ memcpy(sBlk, &sblk, sizeof(squashfs_super_block)); -+ msBlk->swap = 1; -+ } else { -+ SERROR("Can't find a SQUASHFS superblock on %s\n", bdevname(dev)); -+ goto failed_mount; -+ } -+ } -+ -+ /* Check the MAJOR & MINOR versions */ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+ if((sBlk->s_major != 1) && (sBlk->s_major != 2 || sBlk->s_minor > SQUASHFS_MINOR)) { -+ SERROR("Major/Minor mismatch, filesystem is (%d:%d), I support (1 : x) or (2 : <= %d)\n", -+ sBlk->s_major, sBlk->s_minor, SQUASHFS_MINOR); -+ goto failed_mount; -+ } -+ if(sBlk->s_major == 1) -+ sBlk->block_size = sBlk->block_size_1; -+#else -+ if(sBlk->s_major != SQUASHFS_MAJOR || sBlk->s_minor > SQUASHFS_MINOR) { -+ SERROR("Major/Minor mismatch, filesystem is (%d:%d), I support (%d: <= %d)\n", -+ sBlk->s_major, sBlk->s_minor, SQUASHFS_MAJOR, SQUASHFS_MINOR); -+ goto failed_mount; -+ } -+#endif -+ -+ TRACE("Found valid superblock on %s\n", bdevname(dev)); -+ TRACE("Inodes are %scompressed\n", SQUASHFS_UNCOMPRESSED_INODES(sBlk->flags) ? "un" : ""); -+ TRACE("Data is %scompressed\n", SQUASHFS_UNCOMPRESSED_DATA(sBlk->flags) ? "un" : ""); -+ TRACE("Check data is %s present in the filesystem\n", SQUASHFS_CHECK_DATA(sBlk->flags) ? "" : "not"); -+ TRACE("Filesystem size %d bytes\n", sBlk->bytes_used); -+ TRACE("Block size %d\n", sBlk->block_size); -+ TRACE("Number of inodes %d\n", sBlk->inodes); -+ if(sBlk->s_major > 1) -+ TRACE("Number of fragments %d\n", sBlk->fragments); -+ TRACE("Number of uids %d\n", sBlk->no_uids); -+ TRACE("Number of gids %d\n", sBlk->no_guids); -+ TRACE("sBlk->inode_table_start %x\n", sBlk->inode_table_start); -+ TRACE("sBlk->directory_table_start %x\n", sBlk->directory_table_start); -+ if(sBlk->s_major > 1) -+ TRACE("sBlk->fragment_table_start %x\n", sBlk->fragment_table_start); -+ TRACE("sBlk->uid_start %x\n", sBlk->uid_start); -+ -+ s->s_flags |= MS_RDONLY; -+ s->s_op = &squashfs_ops; -+ -+ /* Init inode_table block pointer array */ -+ if(!(msBlk->block_cache = (squashfs_cache *) kmalloc(sizeof(squashfs_cache) * SQUASHFS_CACHED_BLKS, GFP_KERNEL))) { -+ ERROR("Failed to allocate block cache\n"); -+ goto failed_mount; -+ } -+ -+ for(i = 0; i < SQUASHFS_CACHED_BLKS; i++) -+ msBlk->block_cache[i].block = SQUASHFS_INVALID_BLK; -+ -+ msBlk->next_cache = 0; -+ -+ /* Allocate read_data block */ -+ msBlk->read_size = (sBlk->block_size < SQUASHFS_METADATA_SIZE) ? SQUASHFS_METADATA_SIZE : sBlk->block_size; -+ if(!(msBlk->read_data = (char *) kmalloc(msBlk->read_size, GFP_KERNEL))) { -+ ERROR("Failed to allocate read_data block\n"); -+ goto failed_mount1; -+ } -+ -+ /* Allocate read_page block */ -+ if(sBlk->block_size > PAGE_CACHE_SIZE && -+ !(msBlk->read_page = (char *) kmalloc(sBlk->block_size, GFP_KERNEL))) { -+ ERROR("Failed to allocate read_page block\n"); -+ goto failed_mount2; -+ } -+ -+ /* Allocate uid and gid tables */ -+ if(!(msBlk->uid = (squashfs_uid *) kmalloc((sBlk->no_uids + -+ sBlk->no_guids) * sizeof(squashfs_uid), GFP_KERNEL))) { -+ ERROR("Failed to allocate uid/gid table\n"); -+ goto failed_mount3; -+ } -+ msBlk->guid = msBlk->uid + sBlk->no_uids; -+ -+ if(msBlk->swap) { -+ squashfs_uid suid[sBlk->no_uids + sBlk->no_guids]; -+ -+ if(!read_data(s, (char *) &suid, sBlk->uid_start, ((sBlk->no_uids + sBlk->no_guids) * -+ sizeof(squashfs_uid)) | SQUASHFS_COMPRESSED_BIT, 0, NULL)) { -+ SERROR("unable to read uid/gid table\n"); -+ goto failed_mount4; -+ } -+ SQUASHFS_SWAP_DATA(msBlk->uid, suid, (sBlk->no_uids + sBlk->no_guids), (sizeof(squashfs_uid) * 8)); -+ } else -+ if(!read_data(s, (char *) msBlk->uid, sBlk->uid_start, ((sBlk->no_uids + sBlk->no_guids) * -+ sizeof(squashfs_uid)) | SQUASHFS_COMPRESSED_BIT, 0, NULL)) { -+ SERROR("unable to read uid/gid table\n"); -+ goto failed_mount4; -+ } -+ -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+ if(sBlk->s_major == 1) { -+ msBlk->iget = squashfs_iget_1; -+ msBlk->read_blocklist = read_blocklist_1; -+ msBlk->fragment = (struct squashfs_fragment_cache *) msBlk->fragment_index = NULL; -+ goto allocate_root; -+ } -+#endif -+ msBlk->iget = squashfs_iget; -+ msBlk->read_blocklist = read_blocklist; -+ -+ if(!(msBlk->fragment = (struct squashfs_fragment_cache *) kmalloc(sizeof(struct squashfs_fragment_cache) * SQUASHFS_CACHED_FRAGMENTS, GFP_KERNEL))) { -+ ERROR("Failed to allocate fragment block cache\n"); -+ goto failed_mount4; -+ } -+ -+ for(i = 0; i < SQUASHFS_CACHED_FRAGMENTS; i++) { -+ msBlk->fragment[i].locked = 0; -+ msBlk->fragment[i].block = SQUASHFS_INVALID_BLK; -+ msBlk->fragment[i].data = NULL; -+ } -+ -+ msBlk->next_fragment = 0; -+ -+ /* Allocate fragment index table */ -+ if(!(msBlk->fragment_index = (squashfs_fragment_index *) kmalloc(SQUASHFS_FRAGMENT_INDEX_BYTES(sBlk->fragments), GFP_KERNEL))) { -+ ERROR("Failed to allocate uid/gid table\n"); -+ goto failed_mount5; -+ } -+ -+ if(SQUASHFS_FRAGMENT_INDEX_BYTES(sBlk->fragments) && -+ !read_data(s, (char *) msBlk->fragment_index, sBlk->fragment_table_start, -+ SQUASHFS_FRAGMENT_INDEX_BYTES(sBlk->fragments) | SQUASHFS_COMPRESSED_BIT, 0, NULL)) { -+ SERROR("unable to read fragment index table\n"); -+ goto failed_mount6; -+ } -+ -+ if(msBlk->swap) { -+ int i; -+ squashfs_fragment_index fragment; -+ -+ for(i = 0; i < SQUASHFS_FRAGMENT_INDEXES(sBlk->fragments); i++) { -+ SQUASHFS_SWAP_FRAGMENT_INDEXES((&fragment), &msBlk->fragment_index[i], 1); -+ msBlk->fragment_index[i] = fragment; -+ } -+ } -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+allocate_root: -+#endif -+ if(!(s->s_root = d_alloc_root((msBlk->iget)(s, sBlk->root_inode)))) { -+ ERROR("Root inode create failed\n"); -+ goto failed_mount5; -+ } -+ -+ TRACE("Leaving squashfs_read_super\n"); -+ return s; -+ -+failed_mount6: -+ kfree(msBlk->fragment_index); -+failed_mount5: -+ kfree(msBlk->fragment); -+failed_mount4: -+ kfree(msBlk->uid); -+failed_mount3: -+ kfree(msBlk->read_page); -+failed_mount2: -+ kfree(msBlk->read_data); -+failed_mount1: -+ kfree(msBlk->block_cache); -+failed_mount: -+ return NULL; -+} -+ -+ -+static int squashfs_statfs(struct super_block *s, struct statfs *buf) -+{ -+ squashfs_super_block *sBlk = &s->u.squashfs_sb.sBlk; -+ -+ TRACE("Entered squashfs_statfs\n"); -+ buf->f_type = SQUASHFS_MAGIC; -+ buf->f_bsize = sBlk->block_size; -+ buf->f_blocks = ((sBlk->bytes_used - 1) >> sBlk->block_log) + 1; -+ buf->f_bfree = buf->f_bavail = 0; -+ buf->f_files = sBlk->inodes; -+ buf->f_ffree = 0; -+ buf->f_namelen = SQUASHFS_NAME_LEN; -+ return 0; -+} -+ -+ -+static int squashfs_symlink_readpage(struct file *file, struct page *page) -+{ -+ struct inode *inode = page->mapping->host; -+ int index = page->index << PAGE_CACHE_SHIFT, length, bytes; -+ int block = inode->u.squashfs_i.start_block; -+ int offset = inode->u.squashfs_i.offset; -+ void *pageaddr = kmap(page); -+ -+ TRACE("Entered squashfs_symlink_readpage, page index %x, start block %x, offset %x\n", -+ (unsigned int) page->index, inode->u.squashfs_i.start_block, inode->u.squashfs_i.offset); -+ -+ for(length = 0; length < index; length += bytes) { -+ if(!(bytes = squashfs_get_cached_block(inode->i_sb, NULL, block, offset, -+ PAGE_CACHE_SIZE, &block, &offset))) { -+ ERROR("Unable to read symbolic link [%x:%x]\n", block, offset); -+ goto skip_read; -+ } -+ } -+ -+ if(length != index) { -+ ERROR("(squashfs_symlink_readpage) length != index\n"); -+ bytes = 0; -+ goto skip_read; -+ } -+ -+ bytes = (inode->i_size - length) > PAGE_CACHE_SIZE ? PAGE_CACHE_SIZE : inode->i_size - length; -+ if(!(bytes = squashfs_get_cached_block(inode->i_sb, pageaddr, block, offset, bytes, &block, &offset))) -+ ERROR("Unable to read symbolic link [%x:%x]\n", block, offset); -+ -+skip_read: -+ memset(pageaddr + bytes, 0, PAGE_CACHE_SIZE - bytes); -+ kunmap(page); -+ flush_dcache_page(page); -+ SetPageUptodate(page); -+ UnlockPage(page); -+ -+ return 0; -+} -+ -+ -+#define SIZE 256 -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+static unsigned int read_blocklist_1(struct inode *inode, int index, int readahead_blks, -+ char *block_list, char **block_p, unsigned int *bsize) -+{ -+ squashfs_sb_info *msBlk = &inode->i_sb->u.squashfs_sb; -+ unsigned short *block_listp; -+ int i = 0; -+ int block_ptr = inode->u.squashfs_i.block_list_start; -+ int offset = inode->u.squashfs_i.offset; -+ int block = inode->u.squashfs_i.start_block; -+ -+ for(;;) { -+ int blocks = (index + readahead_blks - i); -+ if(blocks > (SIZE >> 1)) { -+ if((index - i) <= (SIZE >> 1)) -+ blocks = index - i; -+ else -+ blocks = SIZE >> 1; -+ } -+ -+ if(msBlk->swap) { -+ unsigned char sblock_list[SIZE]; -+ if(!squashfs_get_cached_block(inode->i_sb, (char *) sblock_list, block_ptr, offset, blocks << 1, &block_ptr, &offset)) { -+ ERROR("Unable to read block list [%d:%x]\n", block_ptr, offset); -+ return 0; -+ } -+ SQUASHFS_SWAP_SHORTS(((unsigned short *)block_list), ((unsigned short *)sblock_list), blocks); -+ } else -+ if(!squashfs_get_cached_block(inode->i_sb, (char *) block_list, block_ptr, offset, blocks << 1, &block_ptr, &offset)) { -+ ERROR("Unable to read block list [%d:%x]\n", block_ptr, offset); -+ return 0; -+ } -+ for(block_listp = (unsigned short *) block_list; i < index && blocks; i ++, block_listp ++, blocks --) -+ block += SQUASHFS_COMPRESSED_SIZE(*block_listp); -+ if(blocks >= readahead_blks) -+ break; -+ } -+ -+ if(bsize) -+ *bsize = SQUASHFS_COMPRESSED_SIZE(*block_listp) | (!SQUASHFS_COMPRESSED(*block_listp) ? SQUASHFS_COMPRESSED_BIT_BLOCK : 0); -+ else -+ (unsigned short *) *block_p = block_listp; -+ return block; -+} -+#endif -+ -+ -+ -+static unsigned int read_blocklist(struct inode *inode, int index, int readahead_blks, -+ char *block_list, char **block_p, unsigned int *bsize) -+{ -+ squashfs_sb_info *msBlk = &inode->i_sb->u.squashfs_sb; -+ unsigned int *block_listp; -+ int i = 0; -+ int block_ptr = inode->u.squashfs_i.block_list_start; -+ int offset = inode->u.squashfs_i.offset; -+ int block = inode->u.squashfs_i.start_block; -+ -+ for(;;) { -+ int blocks = (index + readahead_blks - i); -+ if(blocks > (SIZE >> 2)) { -+ if((index - i) <= (SIZE >> 2)) -+ blocks = index - i; -+ else -+ blocks = SIZE >> 2; -+ } -+ -+ if(msBlk->swap) { -+ unsigned char sblock_list[SIZE]; -+ if(!squashfs_get_cached_block(inode->i_sb, (char *) sblock_list, block_ptr, offset, blocks << 2, &block_ptr, &offset)) { -+ ERROR("Unable to read block list [%d:%x]\n", block_ptr, offset); -+ return 0; -+ } -+ SQUASHFS_SWAP_INTS(((unsigned int *)block_list), ((unsigned int *)sblock_list), blocks); -+ } else -+ if(!squashfs_get_cached_block(inode->i_sb, (char *) block_list, block_ptr, offset, blocks << 2, &block_ptr, &offset)) { -+ ERROR("Unable to read block list [%d:%x]\n", block_ptr, offset); -+ return 0; -+ } -+ for(block_listp = (unsigned int *) block_list; i < index && blocks; i ++, block_listp ++, blocks --) -+ block += SQUASHFS_COMPRESSED_SIZE_BLOCK(*block_listp); -+ if(blocks >= readahead_blks) -+ break; -+ } -+ -+ *bsize = *block_listp; -+ return block; -+} -+ -+ -+static int squashfs_readpage(struct file *file, struct page *page) -+{ -+ struct inode *inode = page->mapping->host; -+ squashfs_sb_info *msBlk = &inode->i_sb->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ unsigned char block_list[SIZE]; -+ unsigned int bsize, block, i = 0, bytes = 0, byte_offset = 0; -+ int index = page->index >> (sBlk->block_log - PAGE_CACHE_SHIFT); -+ void *pageaddr = kmap(page); -+ struct squashfs_fragment_cache *fragment; -+ char *data_ptr = msBlk->read_page; -+ -+ int mask = (1 << (sBlk->block_log - PAGE_CACHE_SHIFT)) - 1; -+ int start_index = page->index & ~mask; -+ int end_index = start_index | mask; -+ -+ TRACE("Entered squashfs_readpage, page index %x, start block %x\n", (unsigned int) page->index, -+ inode->u.squashfs_i.start_block); -+ -+ if(inode->u.squashfs_i.fragment_start_block == SQUASHFS_INVALID_BLK || index < (inode->i_size >> sBlk->block_log)) { -+ if((block = (msBlk->read_blocklist)(inode, index, 1, block_list, NULL, &bsize)) == 0) -+ goto skip_read; -+ -+ down(&msBlk->read_page_mutex); -+ if(!(bytes = read_data(inode->i_sb, msBlk->read_page, block, bsize, 1, NULL))) { -+ ERROR("Unable to read page, block %x, size %x\n", block, bsize); -+ up(&msBlk->read_page_mutex); -+ goto skip_read; -+ } -+ } else { -+ if((fragment = get_cached_fragment(inode->i_sb, inode->u.squashfs_i.fragment_start_block, inode->u.squashfs_i.fragment_size)) == NULL) { -+ ERROR("Unable to read page, block %x, size %x\n", inode->u.squashfs_i.fragment_start_block, (int) inode->u.squashfs_i.fragment_size); -+ goto skip_read; -+ } -+ bytes = inode->u.squashfs_i.fragment_offset + (inode->i_size & (sBlk->block_size - 1)); -+ byte_offset = inode->u.squashfs_i.fragment_offset; -+ data_ptr = fragment->data; -+ } -+ -+ for(i = start_index; i <= end_index && byte_offset < bytes; i++, byte_offset += PAGE_CACHE_SIZE) { -+ struct page *push_page; -+ int available_bytes = (bytes - byte_offset) > PAGE_CACHE_SIZE ? PAGE_CACHE_SIZE : bytes - byte_offset; -+ -+ TRACE("bytes %d, i %d, byte_offset %d, available_bytes %d\n", bytes, i, byte_offset, available_bytes); -+ -+ if(i == page->index) { -+ memcpy(pageaddr, data_ptr + byte_offset, available_bytes); -+ memset(pageaddr + available_bytes, 0, PAGE_CACHE_SIZE - available_bytes); -+ kunmap(page); -+ flush_dcache_page(page); -+ SetPageUptodate(page); -+ UnlockPage(page); -+ } else if((push_page = grab_cache_page_nowait(page->mapping, i))) { -+ void *pageaddr = kmap(push_page); -+ memcpy(pageaddr, data_ptr + byte_offset, available_bytes); -+ memset(pageaddr + available_bytes, 0, PAGE_CACHE_SIZE - available_bytes); -+ kunmap(push_page); -+ flush_dcache_page(push_page); -+ SetPageUptodate(push_page); -+ UnlockPage(push_page); -+ page_cache_release(push_page); -+ } -+ } -+ -+ if(inode->u.squashfs_i.fragment_start_block == SQUASHFS_INVALID_BLK || index < (inode->i_size >> sBlk->block_log)) -+ up(&msBlk->read_page_mutex); -+ else -+ release_cached_fragment(msBlk, fragment); -+ -+ return 0; -+ -+skip_read: -+ memset(pageaddr + bytes, 0, PAGE_CACHE_SIZE - bytes); -+ kunmap(page); -+ flush_dcache_page(page); -+ SetPageUptodate(page); -+ UnlockPage(page); -+ -+ return 0; -+} -+ -+ -+static int squashfs_readpage4K(struct file *file, struct page *page) -+{ -+ struct inode *inode = page->mapping->host; -+ squashfs_sb_info *msBlk = &inode->i_sb->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ unsigned char block_list[SIZE]; -+ unsigned int bsize, block, bytes = 0; -+ void *pageaddr = kmap(page); -+ -+ TRACE("Entered squashfs_readpage4K, page index %x, start block %x\n", (unsigned int) page->index, -+ inode->u.squashfs_i.start_block); -+ -+ if(page->index < (inode->i_size >> sBlk->block_log)) { -+ block = (msBlk->read_blocklist)(inode, page->index, 1, block_list, NULL, &bsize); -+ -+ if(!(bytes = read_data(inode->i_sb, pageaddr, block, bsize, 1, NULL))) -+ ERROR("Unable to read page, block %x, size %x\n", block, bsize); -+ } else { -+ struct squashfs_fragment_cache *fragment; -+ -+ if((fragment = get_cached_fragment(inode->i_sb, inode->u.squashfs_i.fragment_start_block, inode->u.squashfs_i.fragment_size)) == NULL) -+ ERROR("Unable to read page, block %x, size %x\n", inode->u.squashfs_i.fragment_start_block, (int) inode->u.squashfs_i.fragment_size); -+ else { -+ bytes = inode->i_size & (sBlk->block_size - 1); -+ memcpy(pageaddr, fragment->data + inode->u.squashfs_i.fragment_offset, bytes); -+ release_cached_fragment(msBlk, fragment); -+ } -+ } -+ -+ memset(pageaddr + bytes, 0, PAGE_CACHE_SIZE - bytes); -+ kunmap(page); -+ flush_dcache_page(page); -+ SetPageUptodate(page); -+ UnlockPage(page); -+ -+ return 0; -+} -+ -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+static int squashfs_readpage_lessthan4K(struct file *file, struct page *page) -+{ -+ struct inode *inode = page->mapping->host; -+ squashfs_sb_info *msBlk = &inode->i_sb->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ unsigned char block_list[SIZE]; -+ unsigned short *block_listp, block, bytes = 0; -+ int index = page->index << (PAGE_CACHE_SHIFT - sBlk->block_log); -+ int file_blocks = ((inode->i_size - 1) >> sBlk->block_log) + 1; -+ int readahead_blks = 1 << (PAGE_CACHE_SHIFT - sBlk->block_log); -+ void *pageaddr = kmap(page); -+ -+ int i_end = index + (1 << (PAGE_CACHE_SHIFT - sBlk->block_log)); -+ int byte; -+ -+ TRACE("Entered squashfs_readpage_lessthan4K, page index %x, start block %x\n", (unsigned int) page->index, -+ inode->u.squashfs_i.start_block); -+ -+ block = read_blocklist_1(inode, index, readahead_blks, block_list, (char **) &block_listp, NULL); -+ -+ if(i_end > file_blocks) -+ i_end = file_blocks; -+ -+ while(index < i_end) { -+ if(!(byte = read_data(inode->i_sb, pageaddr, block, *block_listp, 0, NULL))) { -+ ERROR("Unable to read page, block %x, size %x\n", block, *block_listp); -+ goto skip_read; -+ } -+ block += SQUASHFS_COMPRESSED_SIZE(*block_listp); -+ pageaddr += byte; -+ bytes += byte; -+ index ++; -+ block_listp ++; -+ } -+ -+skip_read: -+ memset(pageaddr, 0, PAGE_CACHE_SIZE - bytes); -+ kunmap(page); -+ flush_dcache_page(page); -+ SetPageUptodate(page); -+ UnlockPage(page); -+ -+ return 0; -+} -+#endif -+ -+ -+static int squashfs_readdir(struct file *file, void *dirent, filldir_t filldir) -+{ -+ struct inode *i = file->f_dentry->d_inode; -+ squashfs_sb_info *msBlk = &i->i_sb->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ int next_block = i->u.squashfs_i.start_block + sBlk->directory_table_start, next_offset = -+ i->u.squashfs_i.offset, length = 0, dirs_read = 0, dir_count; -+ squashfs_dir_header dirh; -+ char buffer[sizeof(squashfs_dir_entry) + SQUASHFS_NAME_LEN + 1]; -+ squashfs_dir_entry *dire = (squashfs_dir_entry *) buffer; -+ -+ TRACE("Entered squashfs_readdir [%x:%x]\n", next_block, next_offset); -+ -+ while(length < i->i_size) { -+ /* read directory header */ -+ if(msBlk->swap) { -+ squashfs_dir_header sdirh; -+ if(!squashfs_get_cached_block(i->i_sb, (char *) &sdirh, next_block, -+ next_offset, sizeof(sdirh), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(sdirh); -+ SQUASHFS_SWAP_DIR_HEADER(&dirh, &sdirh); -+ } else { -+ if(!squashfs_get_cached_block(i->i_sb, (char *) &dirh, next_block, -+ next_offset, sizeof(dirh), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(dirh); -+ } -+ -+ dir_count = dirh.count + 1; -+ while(dir_count--) { -+ if(msBlk->swap) { -+ squashfs_dir_entry sdire; -+ if(!squashfs_get_cached_block(i->i_sb, (char *) &sdire, next_block, -+ next_offset, sizeof(sdire), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(sdire); -+ SQUASHFS_SWAP_DIR_ENTRY(dire, &sdire); -+ } else { -+ if(!squashfs_get_cached_block(i->i_sb, (char *) dire, next_block, -+ next_offset, sizeof(*dire), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(*dire); -+ } -+ -+ if(!squashfs_get_cached_block(i->i_sb, dire->name, next_block, -+ next_offset, dire->size + 1, &next_block, &next_offset)) -+ goto failed_read; -+ length += dire->size + 1; -+ -+ if(file->f_pos >= length) -+ continue; -+ -+ dire->name[dire->size + 1] = '\0'; -+ -+ TRACE("Calling filldir(%x, %s, %d, %d, %x:%x, %d)\n", (unsigned int) dirent, -+ dire->name, dire->size + 1, (int) file->f_pos, -+ dirh.start_block, dire->offset, squashfs_filetype_table[dire->type]); -+ -+ if(filldir(dirent, dire->name, dire->size + 1, file->f_pos, SQUASHFS_MK_VFS_INODE(dirh.start_block, -+ dire->offset), squashfs_filetype_table[dire->type]) < 0) { -+ TRACE("Filldir returned less than 0\n"); -+ return dirs_read; -+ } -+ -+ file->f_pos = length; -+ dirs_read ++; -+ } -+ } -+ -+ return dirs_read; -+ -+failed_read: -+ ERROR("Unable to read directory block [%x:%x]\n", next_block, next_offset); -+ return 0; -+} -+ -+ -+static struct dentry *squashfs_lookup(struct inode *i, struct dentry *dentry) -+{ -+ const char *name =dentry->d_name.name; -+ int len = dentry->d_name.len; -+ struct inode *inode = NULL; -+ squashfs_sb_info *msBlk = &i->i_sb->u.squashfs_sb; -+ squashfs_super_block *sBlk = &msBlk->sBlk; -+ int next_block = i->u.squashfs_i.start_block + sBlk->directory_table_start, next_offset = -+ i->u.squashfs_i.offset, length = 0, dir_count; -+ squashfs_dir_header dirh; -+ char buffer[sizeof(squashfs_dir_entry) + SQUASHFS_NAME_LEN]; -+ squashfs_dir_entry *dire = (squashfs_dir_entry *) buffer; -+ -+ TRACE("Entered squashfs_lookup [%x:%x]\n", next_block, next_offset); -+ -+ while(length < i->i_size) { -+ /* read directory header */ -+ if(msBlk->swap) { -+ squashfs_dir_header sdirh; -+ if(!squashfs_get_cached_block(i->i_sb, (char *) &sdirh, next_block, next_offset, -+ sizeof(sdirh), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(sdirh); -+ SQUASHFS_SWAP_DIR_HEADER(&dirh, &sdirh); -+ } else { -+ if(!squashfs_get_cached_block(i->i_sb, (char *) &dirh, next_block, next_offset, -+ sizeof(dirh), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(dirh); -+ } -+ -+ dir_count = dirh.count + 1; -+ while(dir_count--) { -+ if(msBlk->swap) { -+ squashfs_dir_entry sdire; -+ if(!squashfs_get_cached_block(i->i_sb, (char *) &sdire, -+ next_block,next_offset, sizeof(sdire), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(sdire); -+ SQUASHFS_SWAP_DIR_ENTRY(dire, &sdire); -+ } else { -+ if(!squashfs_get_cached_block(i->i_sb, (char *) dire, -+ next_block,next_offset, sizeof(*dire), &next_block, &next_offset)) -+ goto failed_read; -+ length += sizeof(*dire); -+ } -+ -+ if(!squashfs_get_cached_block(i->i_sb, dire->name, -+ next_block, next_offset, dire->size + 1, &next_block, &next_offset)) -+ goto failed_read; -+ length += dire->size + 1; -+ -+ if((len == dire->size + 1) && !strncmp(name, dire->name, len)) { -+ squashfs_inode ino = SQUASHFS_MKINODE(dirh.start_block, dire->offset); -+ -+ TRACE("calling squashfs_iget for directory entry %s, inode %x:%x\n", -+ name, dirh.start_block, dire->offset); -+ -+ inode = (msBlk->iget)(i->i_sb, ino); -+ -+ goto exit_loop; -+ } -+ } -+ } -+ -+exit_loop: -+ d_add(dentry, inode); -+ return ERR_PTR(0); -+ -+failed_read: -+ ERROR("Unable to read directory block [%x:%x]\n", next_block, next_offset); -+ goto exit_loop; -+} -+ -+ -+static void squashfs_put_super(struct super_block *s) -+{ -+ if(s->u.squashfs_sb.block_cache) kfree(s->u.squashfs_sb.block_cache); -+ if(s->u.squashfs_sb.read_data) kfree(s->u.squashfs_sb.read_data); -+ if(s->u.squashfs_sb.read_page) kfree(s->u.squashfs_sb.read_page); -+ if(s->u.squashfs_sb.uid) kfree(s->u.squashfs_sb.uid); -+ s->u.squashfs_sb.block_cache = (void *) s->u.squashfs_sb.uid = -+ s->u.squashfs_sb.read_data = s->u.squashfs_sb.read_page = NULL; -+} -+ -+ -+static int __init init_squashfs_fs(void) -+{ -+ -+ if(!(stream.workspace = (char *) vmalloc(zlib_inflate_workspacesize()))) { -+ ERROR("Failed to allocate zlib workspace\n"); -+ return -ENOMEM; -+ } -+ return register_filesystem(&squashfs_fs_type); -+} -+ -+ -+static void __exit exit_squashfs_fs(void) -+{ -+ vfree(stream.workspace); -+ unregister_filesystem(&squashfs_fs_type); -+} -+ -+ -+EXPORT_NO_SYMBOLS; -+ -+module_init(init_squashfs_fs); -+module_exit(exit_squashfs_fs); -+MODULE_DESCRIPTION("squashfs, a compressed read-only filesystem"); -+MODULE_AUTHOR("Phillip Lougher <plougher@users.sourceforge.net>"); -+MODULE_LICENSE("GPL"); -diff -Nurb linux.orig/include/linux/fs.h linux/include/linux/fs.h ---- linux.orig/include/linux/fs.h 2003-07-04 04:12:25.000000000 -0400 -+++ linux/include/linux/fs.h 2004-05-25 21:13:03.000000000 -0400 -@@ -313,6 +313,7 @@ - #include <linux/usbdev_fs_i.h> - #include <linux/jffs2_fs_i.h> - #include <linux/cramfs_fs_sb.h> -+#include <linux/squashfs_fs_i.h> - - /* - * Attribute flags. These should be or-ed together to figure out what -@@ -503,6 +504,7 @@ - struct socket socket_i; - struct usbdev_inode_info usbdev_i; - struct jffs2_inode_info jffs2_i; -+ struct squashfs_inode_info squashfs_i; - void *generic_ip; - } u; - }; -@@ -697,6 +699,7 @@ - #include <linux/usbdev_fs_sb.h> - #include <linux/cramfs_fs_sb.h> - #include <linux/jffs2_fs_sb.h> -+#include <linux/squashfs_fs_sb.h> - - extern struct list_head super_blocks; - extern spinlock_t sb_lock; -@@ -755,6 +758,7 @@ - struct usbdev_sb_info usbdevfs_sb; - struct jffs2_sb_info jffs2_sb; - struct cramfs_sb_info cramfs_sb; -+ struct squashfs_sb_info squashfs_sb; - void *generic_sbp; - } u; - /* -diff -Nurb linux.orig/include/linux/squashfs_fs.h linux/include/linux/squashfs_fs.h ---- linux.orig/include/linux/squashfs_fs.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux/include/linux/squashfs_fs.h 2004-05-25 21:13:03.000000000 -0400 -@@ -0,0 +1,474 @@ -+#ifndef SQUASHFS_FS -+#define SQUASHFS_FS -+/* -+ * Squashfs -+ * -+ * Copyright (c) 2002, 2003, 2004 Phillip Lougher <plougher@users.sourceforge.net> -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2, -+ * or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -+ * -+ * squashfs_fs.h -+ */ -+ -+#define SQUASHFS_MAJOR 2 -+#define SQUASHFS_MINOR 0 -+#define SQUASHFS_MAGIC 0x73717368 -+#define SQUASHFS_MAGIC_SWAP 0x68737173 -+#define SQUASHFS_START 0 -+ -+/* size of metadata (inode and directory) blocks */ -+#define SQUASHFS_METADATA_SIZE 8192 -+#define SQUASHFS_METADATA_LOG 13 -+ -+/* default size of data blocks */ -+#define SQUASHFS_FILE_SIZE 65536 -+#define SQUASHFS_FILE_LOG 16 -+ -+#define SQUASHFS_FILE_MAX_SIZE 65536 -+ -+/* Max number of uids and gids */ -+#define SQUASHFS_UIDS 256 -+#define SQUASHFS_GUIDS 255 -+ -+/* Max length of filename (not 255) */ -+#define SQUASHFS_NAME_LEN 256 -+ -+#define SQUASHFS_INVALID ((long long) 0xffffffffffff) -+#define SQUASHFS_INVALID_BLK ((long long) 0xffffffff) -+#define SQUASHFS_USED_BLK ((long long) 0xfffffffe) -+ -+/* Filesystem flags */ -+#define SQUASHFS_NOI 0 -+#define SQUASHFS_NOD 1 -+#define SQUASHFS_CHECK 2 -+#define SQUASHFS_NOF 3 -+#define SQUASHFS_NO_FRAG 4 -+#define SQUASHFS_ALWAYS_FRAG 5 -+#define SQUASHFS_DUPLICATE 6 -+#define SQUASHFS_BIT(flag, bit) ((flag >> bit) & 1) -+#define SQUASHFS_UNCOMPRESSED_INODES(flags) SQUASHFS_BIT(flags, SQUASHFS_NOI) -+#define SQUASHFS_UNCOMPRESSED_DATA(flags) SQUASHFS_BIT(flags, SQUASHFS_NOD) -+#define SQUASHFS_UNCOMPRESSED_FRAGMENTS(flags) SQUASHFS_BIT(flags, SQUASHFS_NOF) -+#define SQUASHFS_NO_FRAGMENTS(flags) SQUASHFS_BIT(flags, SQUASHFS_NO_FRAG) -+#define SQUASHFS_ALWAYS_FRAGMENTS(flags) SQUASHFS_BIT(flags, SQUASHFS_ALWAYS_FRAG) -+#define SQUASHFS_DUPLICATES(flags) SQUASHFS_BIT(flags, SQUASHFS_DUPLICATE) -+#define SQUASHFS_CHECK_DATA(flags) SQUASHFS_BIT(flags, SQUASHFS_CHECK) -+#define SQUASHFS_MKFLAGS(noi, nod, check_data, nof, no_frag, always_frag, duplicate_checking) (noi | (nod << 1) | (check_data << 2) | (nof << 3) | (no_frag << 4) | (always_frag << 5) | (duplicate_checking << 6)) -+ -+/* Max number of types and file types */ -+#define SQUASHFS_DIR_TYPE 1 -+#define SQUASHFS_FILE_TYPE 2 -+#define SQUASHFS_SYMLINK_TYPE 3 -+#define SQUASHFS_BLKDEV_TYPE 4 -+#define SQUASHFS_CHRDEV_TYPE 5 -+#define SQUASHFS_FIFO_TYPE 6 -+#define SQUASHFS_SOCKET_TYPE 7 -+ -+/* 1.0 filesystem type definitions */ -+#define SQUASHFS_TYPES 5 -+#define SQUASHFS_IPC_TYPE 0 -+ -+/* Flag whether block is compressed or uncompressed, bit is set if block is uncompressed */ -+#define SQUASHFS_COMPRESSED_BIT (1 << 15) -+#define SQUASHFS_COMPRESSED_SIZE(B) (((B) & ~SQUASHFS_COMPRESSED_BIT) ? \ -+ (B) & ~SQUASHFS_COMPRESSED_BIT : SQUASHFS_COMPRESSED_BIT) -+ -+#define SQUASHFS_COMPRESSED(B) (!((B) & SQUASHFS_COMPRESSED_BIT)) -+ -+#define SQUASHFS_COMPRESSED_BIT_BLOCK (1 << 24) -+#define SQUASHFS_COMPRESSED_SIZE_BLOCK(B) (((B) & ~SQUASHFS_COMPRESSED_BIT_BLOCK) ? \ -+ (B) & ~SQUASHFS_COMPRESSED_BIT_BLOCK : SQUASHFS_COMPRESSED_BIT_BLOCK) -+ -+#define SQUASHFS_COMPRESSED_BLOCK(B) (!((B) & SQUASHFS_COMPRESSED_BIT_BLOCK)) -+ -+/* -+ * Inode number ops. Inodes consist of a compressed block number, and an uncompressed -+ * offset within that block -+ */ -+#define SQUASHFS_INODE_BLK(a) ((unsigned int) ((a) >> 16)) -+#define SQUASHFS_INODE_OFFSET(a) ((unsigned int) ((a) & 0xffff)) -+#define SQUASHFS_MKINODE(A, B) ((squashfs_inode)(((squashfs_inode) (A) << 16)\ -+ + (B))) -+ -+/* Compute 32 bit VFS inode number from squashfs inode number */ -+#define SQUASHFS_MK_VFS_INODE(a, b) ((unsigned int) (((a) << 8) + ((b) >> 2) + 1)) -+ -+/* Translate between VFS mode and squashfs mode */ -+#define SQUASHFS_MODE(a) ((a) & 0xfff) -+ -+/* fragment and fragment table defines */ -+typedef unsigned int squashfs_fragment_index; -+#define SQUASHFS_FRAGMENT_BYTES(A) (A * sizeof(squashfs_fragment_entry)) -+#define SQUASHFS_FRAGMENT_INDEX(A) (SQUASHFS_FRAGMENT_BYTES(A) / SQUASHFS_METADATA_SIZE) -+#define SQUASHFS_FRAGMENT_INDEX_OFFSET(A) (SQUASHFS_FRAGMENT_BYTES(A) % SQUASHFS_METADATA_SIZE) -+#define SQUASHFS_FRAGMENT_INDEXES(A) ((SQUASHFS_FRAGMENT_BYTES(A) + SQUASHFS_METADATA_SIZE - 1) / SQUASHFS_METADATA_SIZE) -+#define SQUASHFS_FRAGMENT_INDEX_BYTES(A) (SQUASHFS_FRAGMENT_INDEXES(A) * sizeof(squashfs_fragment_index)) -+#define SQUASHFS_CACHED_FRAGMENTS 3 -+ -+/* cached data constants for filesystem */ -+#define SQUASHFS_CACHED_BLKS 8 -+ -+#define SQUASHFS_MAX_FILE_SIZE_LOG 32 -+#define SQUASHFS_MAX_FILE_SIZE ((long long) 1 << (SQUASHFS_MAX_FILE_SIZE_LOG - 1)) -+ -+#define SQUASHFS_MARKER_BYTE 0xff -+ -+/* -+ * definitions for structures on disk -+ */ -+ -+typedef unsigned int squashfs_block; -+typedef long long squashfs_inode; -+ -+typedef unsigned int squashfs_uid; -+ -+typedef struct squashfs_super_block { -+ unsigned int s_magic; -+ unsigned int inodes; -+ unsigned int bytes_used; -+ unsigned int uid_start; -+ unsigned int guid_start; -+ unsigned int inode_table_start; -+ unsigned int directory_table_start; -+ unsigned int s_major:16; -+ unsigned int s_minor:16; -+ unsigned int block_size_1:16; -+ unsigned int block_log:16; -+ unsigned int flags:8; -+ unsigned int no_uids:8; -+ unsigned int no_guids:8; -+ time_t mkfs_time /* time of filesystem creation */; -+ squashfs_inode root_inode; -+ unsigned int block_size; -+ unsigned int fragments; -+ unsigned int fragment_table_start; -+} __attribute__ ((packed)) squashfs_super_block; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:8; /* index into uid table */ -+ unsigned int guid:8; /* index into guid table */ -+} __attribute__ ((packed)) squashfs_base_inode_header; -+ -+typedef squashfs_base_inode_header squashfs_ipc_inode_header; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:8; /* index into uid table */ -+ unsigned int guid:8; /* index into guid table */ -+ unsigned short rdev; -+} __attribute__ ((packed)) squashfs_dev_inode_header; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:8; /* index into uid table */ -+ unsigned int guid:8; /* index into guid table */ -+ unsigned short symlink_size; -+ char symlink[0]; -+} __attribute__ ((packed)) squashfs_symlink_inode_header; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:8; /* index into uid table */ -+ unsigned int guid:8; /* index into guid table */ -+ time_t mtime; -+ squashfs_block start_block; -+ unsigned int fragment; -+ unsigned int offset; -+ unsigned int file_size:SQUASHFS_MAX_FILE_SIZE_LOG; -+ unsigned short block_list[0]; -+} __attribute__ ((packed)) squashfs_reg_inode_header; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:8; /* index into uid table */ -+ unsigned int guid:8; /* index into guid table */ -+ unsigned int file_size:19; -+ unsigned int offset:13; -+ time_t mtime; -+ unsigned int start_block:24; -+} __attribute__ ((packed)) squashfs_dir_inode_header; -+ -+typedef union { -+ squashfs_base_inode_header base; -+ squashfs_dev_inode_header dev; -+ squashfs_symlink_inode_header symlink; -+ squashfs_reg_inode_header reg; -+ squashfs_dir_inode_header dir; -+ squashfs_ipc_inode_header ipc; -+} squashfs_inode_header; -+ -+typedef struct { -+ unsigned int offset:13; -+ unsigned int type:3; -+ unsigned int size:8; -+ char name[0]; -+} __attribute__ ((packed)) squashfs_dir_entry; -+ -+typedef struct { -+ unsigned int count:8; -+ unsigned int start_block:24; -+} __attribute__ ((packed)) squashfs_dir_header; -+ -+ -+typedef struct { -+ unsigned int start_block; -+ unsigned int size; -+} __attribute__ ((packed)) squashfs_fragment_entry; -+ -+extern int squashfs_uncompress_block(void *d, int dstlen, void *s, int srclen); -+extern int squashfs_uncompress_init(void); -+extern int squashfs_uncompress_exit(void); -+ -+/* -+ * macros to convert each packed bitfield structure from little endian to big -+ * endian and vice versa. These are needed when creating or using a filesystem on a -+ * machine with different byte ordering to the target architecture. -+ * -+ */ -+ -+#define SQUASHFS_SWAP_SUPER_BLOCK(s, d) {\ -+ SQUASHFS_MEMSET(s, d, sizeof(squashfs_super_block));\ -+ SQUASHFS_SWAP((s)->s_magic, d, 0, 32);\ -+ SQUASHFS_SWAP((s)->inodes, d, 32, 32);\ -+ SQUASHFS_SWAP((s)->bytes_used, d, 64, 32);\ -+ SQUASHFS_SWAP((s)->uid_start, d, 96, 32);\ -+ SQUASHFS_SWAP((s)->guid_start, d, 128, 32);\ -+ SQUASHFS_SWAP((s)->inode_table_start, d, 160, 32);\ -+ SQUASHFS_SWAP((s)->directory_table_start, d, 192, 32);\ -+ SQUASHFS_SWAP((s)->s_major, d, 224, 16);\ -+ SQUASHFS_SWAP((s)->s_minor, d, 240, 16);\ -+ SQUASHFS_SWAP((s)->block_size_1, d, 256, 16);\ -+ SQUASHFS_SWAP((s)->block_log, d, 272, 16);\ -+ SQUASHFS_SWAP((s)->flags, d, 288, 8);\ -+ SQUASHFS_SWAP((s)->no_uids, d, 296, 8);\ -+ SQUASHFS_SWAP((s)->no_guids, d, 304, 8);\ -+ SQUASHFS_SWAP((s)->mkfs_time, d, 312, 32);\ -+ SQUASHFS_SWAP((s)->root_inode, d, 344, 64);\ -+ SQUASHFS_SWAP((s)->block_size, d, 408, 32);\ -+ SQUASHFS_SWAP((s)->fragments, d, 440, 32);\ -+ SQUASHFS_SWAP((s)->fragment_table_start, d, 472, 32);\ -+} -+ -+#define SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, n) {\ -+ SQUASHFS_MEMSET(s, d, n);\ -+ SQUASHFS_SWAP((s)->inode_type, d, 0, 4);\ -+ SQUASHFS_SWAP((s)->mode, d, 4, 12);\ -+ SQUASHFS_SWAP((s)->uid, d, 16, 8);\ -+ SQUASHFS_SWAP((s)->guid, d, 24, 8);\ -+} -+ -+#define SQUASHFS_SWAP_IPC_INODE_HEADER(s, d) SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_ipc_inode_header)) -+ -+#define SQUASHFS_SWAP_DEV_INODE_HEADER(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_dev_inode_header));\ -+ SQUASHFS_SWAP((s)->rdev, d, 32, 16);\ -+} -+ -+#define SQUASHFS_SWAP_SYMLINK_INODE_HEADER(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_symlink_inode_header));\ -+ SQUASHFS_SWAP((s)->symlink_size, d, 32, 16);\ -+} -+ -+#define SQUASHFS_SWAP_REG_INODE_HEADER(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_reg_inode_header));\ -+ SQUASHFS_SWAP((s)->mtime, d, 32, 32);\ -+ SQUASHFS_SWAP((s)->start_block, d, 64, 32);\ -+ SQUASHFS_SWAP((s)->fragment, d, 96, 32);\ -+ SQUASHFS_SWAP((s)->offset, d, 128, 32);\ -+ SQUASHFS_SWAP((s)->file_size, d, 160, SQUASHFS_MAX_FILE_SIZE_LOG);\ -+} -+ -+#define SQUASHFS_SWAP_DIR_INODE_HEADER(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_dir_inode_header));\ -+ SQUASHFS_SWAP((s)->file_size, d, 32, 19);\ -+ SQUASHFS_SWAP((s)->offset, d, 51, 13);\ -+ SQUASHFS_SWAP((s)->mtime, d, 64, 32);\ -+ SQUASHFS_SWAP((s)->start_block, d, 96, 24);\ -+} -+ -+#define SQUASHFS_SWAP_DIR_HEADER(s, d) {\ -+ SQUASHFS_MEMSET(s, d, sizeof(squashfs_dir_header));\ -+ SQUASHFS_SWAP((s)->count, d, 0, 8);\ -+ SQUASHFS_SWAP((s)->start_block, d, 8, 24);\ -+} -+ -+#define SQUASHFS_SWAP_DIR_ENTRY(s, d) {\ -+ SQUASHFS_MEMSET(s, d, sizeof(squashfs_dir_entry));\ -+ SQUASHFS_SWAP((s)->offset, d, 0, 13);\ -+ SQUASHFS_SWAP((s)->type, d, 13, 3);\ -+ SQUASHFS_SWAP((s)->size, d, 16, 8);\ -+} -+ -+#define SQUASHFS_SWAP_FRAGMENT_ENTRY(s, d) {\ -+ SQUASHFS_MEMSET(s, d, sizeof(squashfs_fragment_entry));\ -+ SQUASHFS_SWAP((s)->start_block, d, 0, 32);\ -+ SQUASHFS_SWAP((s)->size, d, 32, 32);\ -+} -+ -+#define SQUASHFS_SWAP_SHORTS(s, d, n) {\ -+ int entry;\ -+ int bit_position;\ -+ SQUASHFS_MEMSET(s, d, n * 2);\ -+ for(entry = 0, bit_position = 0; entry < n; entry++, bit_position += 16)\ -+ SQUASHFS_SWAP(s[entry], d, bit_position, 16);\ -+} -+ -+#define SQUASHFS_SWAP_INTS(s, d, n) {\ -+ int entry;\ -+ int bit_position;\ -+ SQUASHFS_MEMSET(s, d, n * 4);\ -+ for(entry = 0, bit_position = 0; entry < n; entry++, bit_position += 32)\ -+ SQUASHFS_SWAP(s[entry], d, bit_position, 32);\ -+} -+ -+#define SQUASHFS_SWAP_DATA(s, d, n, bits) {\ -+ int entry;\ -+ int bit_position;\ -+ SQUASHFS_MEMSET(s, d, n * bits / 8);\ -+ for(entry = 0, bit_position = 0; entry < n; entry++, bit_position += bits)\ -+ SQUASHFS_SWAP(s[entry], d, bit_position, bits);\ -+} -+ -+#define SQUASHFS_SWAP_FRAGMENT_INDEXES(s, d, n) SQUASHFS_SWAP_INTS(s, d, n) -+ -+#ifdef SQUASHFS_1_0_COMPATIBILITY -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:4; /* index into uid table */ -+ unsigned int guid:4; /* index into guid table */ -+} __attribute__ ((packed)) squashfs_base_inode_header_1; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:4; /* index into uid table */ -+ unsigned int guid:4; /* index into guid table */ -+ unsigned int type:4; -+ unsigned int offset:4; -+} __attribute__ ((packed)) squashfs_ipc_inode_header_1; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:4; /* index into uid table */ -+ unsigned int guid:4; /* index into guid table */ -+ unsigned short rdev; -+} __attribute__ ((packed)) squashfs_dev_inode_header_1; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:4; /* index into uid table */ -+ unsigned int guid:4; /* index into guid table */ -+ unsigned short symlink_size; -+ char symlink[0]; -+} __attribute__ ((packed)) squashfs_symlink_inode_header_1; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:4; /* index into uid table */ -+ unsigned int guid:4; /* index into guid table */ -+ time_t mtime; -+ squashfs_block start_block; -+ unsigned int file_size:SQUASHFS_MAX_FILE_SIZE_LOG; -+ unsigned short block_list[0]; -+} __attribute__ ((packed)) squashfs_reg_inode_header_1; -+ -+typedef struct { -+ unsigned int inode_type:4; -+ unsigned int mode:12; /* protection */ -+ unsigned int uid:4; /* index into uid table */ -+ unsigned int guid:4; /* index into guid table */ -+ unsigned int file_size:19; -+ unsigned int offset:13; -+ time_t mtime; -+ unsigned int start_block:24; -+} __attribute__ ((packed)) squashfs_dir_inode_header_1; -+ -+#define SQUASHFS_SWAP_BASE_INODE_HEADER_1(s, d, n) {\ -+ SQUASHFS_MEMSET(s, d, n);\ -+ SQUASHFS_SWAP((s)->inode_type, d, 0, 4);\ -+ SQUASHFS_SWAP((s)->mode, d, 4, 12);\ -+ SQUASHFS_SWAP((s)->uid, d, 16, 4);\ -+ SQUASHFS_SWAP((s)->guid, d, 20, 4);\ -+} -+ -+#define SQUASHFS_SWAP_IPC_INODE_HEADER_1(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER_1(s, d, sizeof(squashfs_ipc_inode_header_1));\ -+ SQUASHFS_SWAP((s)->type, d, 24, 4);\ -+ SQUASHFS_SWAP((s)->offset, d, 28, 4);\ -+} -+ -+#define SQUASHFS_SWAP_DEV_INODE_HEADER_1(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER_1(s, d, sizeof(squashfs_dev_inode_header_1));\ -+ SQUASHFS_SWAP((s)->rdev, d, 24, 16);\ -+} -+ -+#define SQUASHFS_SWAP_SYMLINK_INODE_HEADER_1(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_symlink_inode_header_1));\ -+ SQUASHFS_SWAP((s)->symlink_size, d, 24, 16);\ -+} -+ -+#define SQUASHFS_SWAP_REG_INODE_HEADER_1(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_reg_inode_header_1));\ -+ SQUASHFS_SWAP((s)->mtime, d, 24, 32);\ -+ SQUASHFS_SWAP((s)->start_block, d, 56, 32);\ -+ SQUASHFS_SWAP((s)->file_size, d, 88, SQUASHFS_MAX_FILE_SIZE_LOG);\ -+} -+ -+#define SQUASHFS_SWAP_DIR_INODE_HEADER_1(s, d) {\ -+ SQUASHFS_SWAP_BASE_INODE_HEADER(s, d, sizeof(squashfs_dir_inode_header_1));\ -+ SQUASHFS_SWAP((s)->file_size, d, 24, 19);\ -+ SQUASHFS_SWAP((s)->offset, d, 43, 13);\ -+ SQUASHFS_SWAP((s)->mtime, d, 56, 32);\ -+ SQUASHFS_SWAP((s)->start_block, d, 88, 24);\ -+} -+#endif -+ -+#ifdef __KERNEL__ -+/* -+ * macros used to swap each structure entry, taking into account -+ * bitfields and different bitfield placing conventions on differing architectures -+ */ -+#include <asm/byteorder.h> -+#ifdef __BIG_ENDIAN -+ /* convert from little endian to big endian */ -+#define SQUASHFS_SWAP(value, p, pos, tbits) _SQUASHFS_SWAP(value, p, pos, tbits, b_pos) -+#else -+ /* convert from big endian to little endian */ -+#define SQUASHFS_SWAP(value, p, pos, tbits) _SQUASHFS_SWAP(value, p, pos, tbits, 64 - tbits - b_pos) -+#endif -+ -+#define _SQUASHFS_SWAP(value, p, pos, tbits, SHIFT) {\ -+ int bits;\ -+ int b_pos = pos % 8;\ -+ unsigned long long val = 0;\ -+ unsigned char *s = (unsigned char *)p + (pos / 8);\ -+ unsigned char *d = ((unsigned char *) &val) + 7;\ -+ for(bits = 0; bits < (tbits + b_pos); bits += 8) \ -+ *d-- = *s++;\ -+ value = (val >> (SHIFT))/* & ((1 << tbits) - 1)*/;\ -+} -+#define SQUASHFS_MEMSET(s, d, n) memset(s, 0, n); -+#endif -+#endif -diff -Nurb linux.orig/include/linux/squashfs_fs_i.h linux/include/linux/squashfs_fs_i.h ---- linux.orig/include/linux/squashfs_fs_i.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux/include/linux/squashfs_fs_i.h 2004-05-25 21:13:03.000000000 -0400 -@@ -0,0 +1,33 @@ -+#ifndef SQUASHFS_FS_I -+#define SQUASHFS_FS_I -+/* -+ * Squashfs -+ * -+ * Copyright (c) 2002, 2003, 2004 Phillip Lougher <plougher@users.sourceforge.net> -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2, -+ * or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -+ * -+ * squashfs_fs_i.h -+ */ -+ -+typedef struct squashfs_inode_info { -+ unsigned int start_block; -+ unsigned int block_list_start; -+ unsigned int offset; -+ unsigned int fragment_start_block; -+ unsigned int fragment_size; -+ unsigned int fragment_offset; -+ } squashfs_inode_info; -+#endif -diff -Nurb linux.orig/include/linux/squashfs_fs_sb.h linux/include/linux/squashfs_fs_sb.h ---- linux.orig/include/linux/squashfs_fs_sb.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux/include/linux/squashfs_fs_sb.h 2004-05-25 21:13:03.000000000 -0400 -@@ -0,0 +1,65 @@ -+#ifndef SQUASHFS_FS_SB -+#define SQUASHFS_FS_SB -+/* -+ * Squashfs -+ * -+ * Copyright (c) 2002, 2003, 2004 Phillip Lougher <plougher@users.sourceforge.net> -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version 2, -+ * or (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -+ * -+ * squashfs_fs_sb.h -+ */ -+ -+#include <linux/squashfs_fs.h> -+ -+typedef struct { -+ unsigned int block; -+ int length; -+ unsigned int next_index; -+ char *data; -+ } squashfs_cache; -+ -+struct squashfs_fragment_cache { -+ unsigned int block; -+ int length; -+ unsigned int locked; -+ char *data; -+ }; -+ -+typedef struct squashfs_sb_info { -+ squashfs_super_block sBlk; -+ int devblksize; -+ int devblksize_log2; -+ int swap; -+ squashfs_cache *block_cache; -+ struct squashfs_fragment_cache *fragment; -+ int next_cache; -+ int next_fragment; -+ squashfs_uid *uid; -+ squashfs_uid *guid; -+ squashfs_fragment_index *fragment_index; -+ unsigned int read_size; -+ char *read_data; -+ char *read_page; -+ struct semaphore read_page_mutex; -+ struct semaphore block_cache_mutex; -+ struct semaphore fragment_mutex; -+ wait_queue_head_t waitq; -+ wait_queue_head_t fragment_wait_queue; -+ struct inode *(*iget)(struct super_block *s, squashfs_inode inode); -+ unsigned int (*read_blocklist)(struct inode *inode, int index, int readahead_blks, -+ char *block_list, char **block_p, unsigned int *bsize); -+ } squashfs_sb_info; -+#endif -diff -Nurb linux.orig/init/do_mounts.c linux/init/do_mounts.c ---- linux.orig/init/do_mounts.c 2003-11-08 03:13:20.000000000 -0500 -+++ linux/init/do_mounts.c 2004-05-25 21:13:03.000000000 -0400 -@@ -16,6 +16,7 @@ - #include <linux/ext2_fs.h> - #include <linux/romfs_fs.h> - #include <linux/cramfs_fs.h> -+#include <linux/squashfs_fs.h> - - #undef BUILD_CRAMDISK - -@@ -470,6 +471,7 @@ - * ext2 - * romfs - * gzip -+ * squashfs - */ - static int __init - identify_ramdisk_image(int fd, int start_block) -@@ -479,6 +481,7 @@ - struct ext2_super_block *ext2sb; - struct romfs_super_block *romfsb; - struct cramfs_super *cramfsb; -+ struct squashfs_super_block *squashfsb; - int nblocks = -1; - unsigned char *buf; - -@@ -490,6 +493,7 @@ - ext2sb = (struct ext2_super_block *) buf; - romfsb = (struct romfs_super_block *) buf; - cramfsb = (struct cramfs_super *) buf; -+ squashfsb = (struct squashfs_super_block *) buf; - memset(buf, 0xe5, size); - - /* -@@ -536,6 +540,15 @@ - goto done; - } - -+ /* squashfs is at block zero too */ -+ if (squashfsb->s_magic == SQUASHFS_MAGIC) { -+ printk(KERN_NOTICE -+ "RAMDISK: squashfs filesystem found at block %d\n", -+ start_block); -+ nblocks = (squashfsb->bytes_used+BLOCK_SIZE-1)>>BLOCK_SIZE_BITS; -+ goto done; -+ } -+ - /* - * Read block 1 to test for minix and ext2 superblock - */ -diff -Nurb linux.orig/kernel/ksyms.c linux/kernel/ksyms.c ---- linux.orig/kernel/ksyms.c 2003-07-04 04:12:28.000000000 -0400 -+++ linux/kernel/ksyms.c 2004-05-25 21:12:24.000000000 -0400 -@@ -482,9 +482,9 @@ - EXPORT_SYMBOL(simple_strtoull); - EXPORT_SYMBOL(system_utsname); /* UTS data */ - EXPORT_SYMBOL(uts_sem); /* UTS semaphore */ --#ifndef __mips__ -+//#ifndef __mips__ //bite me. -mbm. - EXPORT_SYMBOL(sys_call_table); --#endif -+//#endif - EXPORT_SYMBOL(machine_restart); - EXPORT_SYMBOL(machine_halt); - EXPORT_SYMBOL(machine_power_off); -diff -Nurb linux.orig/lib/Config.in linux/lib/Config.in ---- linux.orig/lib/Config.in 2003-07-04 04:12:29.000000000 -0400 -+++ linux/lib/Config.in 2004-05-25 21:13:03.000000000 -0400 -@@ -8,12 +8,14 @@ - # Do we need the compression support? - # - if [ "$CONFIG_CRAMFS" = "y" -o \ -+ "$CONFIG_SQUASHFS" = "y" -o \ - "$CONFIG_PPP_DEFLATE" = "y" -o \ - "$CONFIG_JFFS2_FS" = "y" -o \ - "$CONFIG_ZISOFS_FS" = "y" ]; then - define_tristate CONFIG_ZLIB_INFLATE y - else - if [ "$CONFIG_CRAMFS" = "m" -o \ -+ "$CONFIG_SQUASHFS" = "m" -o \ - "$CONFIG_PPP_DEFLATE" = "m" -o \ - "$CONFIG_JFFS2_FS" = "m" -o \ - "$CONFIG_ZISOFS_FS" = "m" ]; then diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/130-nfsswap.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/130-nfsswap.patch deleted file mode 100644 index d2f8e7a..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/patches/130-nfsswap.patch +++ /dev/null @@ -1,2362 +0,0 @@ -diff -Nurb linux.orig/Documentation/netswap.txt linux/Documentation/netswap.txt ---- linux.orig/Documentation/netswap.txt 1969-12-31 19:00:00.000000000 -0500 -+++ linux/Documentation/netswap.txt 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,51 @@ -+ Swapping over network -+ -+Support for this is enabled via the CONFIG_NETSWAP option, which is -+automatically enabled when enabling swap files located on NFS volumes -+(CONFIG_SWAP_VIA_NFS). -+ -+When swapping to files located on a network file system like NFS or -+CODA or others or to nbd (network block device, see `nbd.txt') -+partitions there is the problem that this requires additional memory, -+besides the page which is currently swapped in or out, probably at -+least two more pages for each page in question. -+ -+This means that not only there needs to be free space left in the swap -+file or the swap partition, but in addition there must be enough free -+memory left in the system to perform the swap out of pages. -+ -+This is particularly painful as receiving data over the network itself -+consumes memory, and this memory is allocated from an interrupt -+context (i.e. in the interrupt handler of the network card). That -+means that on a congested network there are chances that the machine -+runs out of memory, simply because the network device's interrupt -+routines allocate memory faster that it is freed by swapping via -+network. -+ -+To cope with this problem, there is a new socket option `SO_SWAPPING' -+which has to be set on the `SOL_SOCKET' level with setsockopt() (see -+setsockopt(2)). When this option is set on any network socket, then -+the system will start to drop network packets it receives on any other -+socket when the number of free pages falls below a certain threshold. -+ -+This threshold initially is 4 pages less than `freepages.min' (see -+`Documentation/sysctl/vm.txt') but can be tuned using the sysctl -+interface by writing to the file `/proc/sys/net/swapping/threshold' -+ -+There are two other files: -+ -+`/proc/sys/net/swapping/dropped': -+ how many network packets have been dropped so far. This file is -+ writable, writing to it simply sets the counter to the given value -+ (useful for resetting the counter). -+ -+`/proc/sys/net/swapping/sock_count': -+ How many network sockets have the `SO_SWAPPING' option set (read -+ only, of course). -+ -+When using swap-files on NFS volumes, then the `SO_SWAPPING' option is -+set or cleared by swapon/swapoff system calls, so the user need not -+care about it. -+ -+Swapping over the network is insecure unless the data would be -+encrypted, which is not the case with NFS. It is also very slow. -diff -Nurb linux.orig/Documentation/nfsswap.txt linux/Documentation/nfsswap.txt ---- linux.orig/Documentation/nfsswap.txt 1969-12-31 19:00:00.000000000 -0500 -+++ linux/Documentation/nfsswap.txt 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,41 @@ -+ Swapping to files on NFS volumes -+ -+To do this you have to say `Y' or `M' to the CONFIG_SWAP_VIA_NFS -+configuration option. When compling support for this as a module you -+should read `Documentation/modules.txt'. For auto-loading of the -+module during the `swapon' system call you have to place a line like -+ -+alias swapfile-mod nfsswap -+ -+in `/etc/modules.conf' (or `/etc/conf.modules', depending on your -+setup). NFS volumes holding swapfile should be mounted with `rsize' -+and `wsize' set to something less than the size of a page, otherwise -+deadlocks caused by memory fragmentation can happen, i.e. mount the -+volume which is to hold the swapfiles with -+ -+mount -t nfs -o rsize=2048,wsize=2048 NFS_SERVER_IP:/server_volume /mount_point -+ -+or set the option in `/etc/fstab'. Read `Documentation/nfsroot.txt' to -+learn how to set mount options for the root file system, if your swap -+files are to be located on the root file system. -+ -+Setting the `rsize' and `wsize' to anything less than PAGE_SIZE is a -+performance hit, so you probably want to have at least two volumes -+mounted, one for the swapfiles, one for the rest. -+ -+You may want to read `Documentation/netswap.txt' as well. -+ -+Swapfiles on NFS volumes can be treated like any other swapfile, -+i.e. -+ -+dd if=/dev/zero of=/swapfiles/SWAPFILE bs=1k count=20480 -+mkswap /swapfiles/SWAPFILE -+swapon /swapfiles/SWAPFILE -+ -+will create a 20M swapfile and tell the system to use it. Actually, -+one could use lseek(2) to create an empty swapfile. This is different -+from swapfiles located on local harddisk. -+ -+Swapping over the network is insecure unless the data would be -+encrypted, which is not the case with NFS. It is also very slow. -+ -diff -Nurb linux.orig/drivers/block/blkpg.c linux/drivers/block/blkpg.c ---- linux.orig/drivers/block/blkpg.c 2003-07-04 04:11:31.000000000 -0400 -+++ linux/drivers/block/blkpg.c 2004-05-31 02:18:03.000000000 -0400 -@@ -34,7 +34,7 @@ - #include <linux/blk.h> /* for set_device_ro() */ - #include <linux/blkpg.h> - #include <linux/genhd.h> --#include <linux/swap.h> /* for is_swap_partition() */ -+#include <linux/swap.h> /* for swap_run_test() */ - #include <linux/module.h> /* for EXPORT_SYMBOL */ - - #include <asm/uaccess.h> -@@ -114,6 +114,29 @@ - return 0; - } - -+/* swap_run_test() applies this hook to all swapfiles until it returns -+ * "1". If it never returns "1", the result of swap_run_test() is "0", -+ * otherwise "1". -+ */ -+static int is_swap_partition_hook(unsigned int flags, struct file *swap_file, -+ void *testdata) -+{ -+ kdev_t swap_dev = S_ISBLK(swap_file->f_dentry->d_inode->i_mode) -+ ? swap_file->f_dentry->d_inode->i_rdev : 0; -+ kdev_t dev = *((kdev_t *)testdata); -+ -+ if (flags & SWP_USED && dev == swap_dev) { -+ return 1; -+ } else { -+ return 0; -+ } -+} -+ -+static inline int is_swap_partition(kdev_t dev) -+{ -+ return swap_run_test(is_swap_partition_hook, &dev); -+} -+ - /* - * Delete a partition given by partition number - * -diff -Nurb linux.orig/fs/Config.in linux/fs/Config.in ---- linux.orig/fs/Config.in 2004-05-31 02:02:43.000000000 -0400 -+++ linux/fs/Config.in 2004-05-31 02:18:03.000000000 -0400 -@@ -4,6 +4,12 @@ - mainmenu_option next_comment - comment 'File systems' - -+if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -+ tristate 'Swapping to block devices' CONFIG_BLKDEV_SWAP -+else -+ define_bool CONFIG_BLKDEV_SWAP y -+fi -+ - bool 'Quota support' CONFIG_QUOTA - tristate 'Kernel automounter support' CONFIG_AUTOFS_FS - tristate 'Kernel automounter version 4 support (also supports v3)' CONFIG_AUTOFS4_FS -@@ -110,6 +116,12 @@ - dep_tristate 'NFS file system support' CONFIG_NFS_FS $CONFIG_INET - dep_mbool ' Provide NFSv3 client support' CONFIG_NFS_V3 $CONFIG_NFS_FS - dep_bool ' Root file system on NFS' CONFIG_ROOT_NFS $CONFIG_NFS_FS $CONFIG_IP_PNP -+ if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -+ dep_tristate ' Swapping via NFS (EXPERIMENTAL)' CONFIG_SWAP_VIA_NFS $CONFIG_NFS_FS -+ if [ "$CONFIG_SWAP_VIA_NFS" = "y" -o "$CONFIG_SWAP_VIA_NFS" = "m" ]; then -+ define_bool CONFIG_NETSWAP y -+ fi -+ fi - - dep_tristate 'NFS server support' CONFIG_NFSD $CONFIG_INET - dep_mbool ' Provide NFSv3 server support' CONFIG_NFSD_V3 $CONFIG_NFSD -diff -Nurb linux.orig/fs/Makefile linux/fs/Makefile ---- linux.orig/fs/Makefile 2004-05-31 02:02:42.000000000 -0400 -+++ linux/fs/Makefile 2004-05-31 02:18:03.000000000 -0400 -@@ -8,7 +8,7 @@ - O_TARGET := fs.o - - export-objs := filesystems.o open.o dcache.o buffer.o --mod-subdirs := nls -+mod-subdirs := nls nfs - - obj-y := open.o read_write.o devices.o file_table.o buffer.o \ - super.o block_dev.o char_dev.o stat.o exec.o pipe.o namei.o \ -@@ -70,6 +70,7 @@ - subdir-$(CONFIG_JFS_FS) += jfs - subdir-$(CONFIG_SQUASHFS) += squashfs - -+obj-$(CONFIG_BLKDEV_SWAP) += blkdev_swap.o - - obj-$(CONFIG_BINFMT_AOUT) += binfmt_aout.o - obj-$(CONFIG_BINFMT_EM86) += binfmt_em86.o -diff -Nurb linux.orig/fs/blkdev_swap.c linux/fs/blkdev_swap.c ---- linux.orig/fs/blkdev_swap.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux/fs/blkdev_swap.c 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,309 @@ -+/* -+ * Swapping to partitions or files located on partitions. -+ */ -+ -+#include <linux/config.h> -+#include <linux/module.h> -+#include <linux/init.h> -+#include <linux/slab.h> -+#include <linux/locks.h> -+#include <linux/blkdev.h> -+#include <linux/pagemap.h> -+#include <linux/swap.h> -+#include <linux/fs.h> -+ -+#ifdef DEBUG_BLKDEV_SWAP -+# define dprintk(fmt...) printk(##fmt) -+#else -+# define dprintk(fmt...) do { /* */ } while (0) -+#endif -+ -+#define BLKDEV_SWAP_ID "blkdev" -+#define BLKDEV_FILE_SWAP_ID "blkdev file" -+ -+/* -+ * Helper function, copied here from buffer.c -+ */ -+ -+/* -+ * Start I/O on a page. -+ * This function expects the page to be locked and may return -+ * before I/O is complete. You then have to check page->locked -+ * and page->uptodate. -+ * -+ * brw_page() is SMP-safe, although it's being called with the -+ * kernel lock held - but the code is ready. -+ * -+ * FIXME: we need a swapper_inode->get_block function to remove -+ * some of the bmap kludges and interface ugliness here. -+ */ -+int brw_page(int rw, struct page *page, kdev_t dev, int b[], int size) -+{ -+ struct buffer_head *head, *bh; -+ -+ if (!PageLocked(page)) -+ panic("brw_page: page not locked for I/O"); -+ -+ if (!page->buffers) -+ create_empty_buffers(page, dev, size); -+ head = bh = page->buffers; -+ -+ /* Stage 1: lock all the buffers */ -+ do { -+ lock_buffer(bh); -+ bh->b_blocknr = *(b++); -+ set_bit(BH_Mapped, &bh->b_state); -+ set_buffer_async_io(bh); -+ bh = bh->b_this_page; -+ } while (bh != head); -+ -+ /* Stage 2: start the IO */ -+ do { -+ struct buffer_head *next = bh->b_this_page; -+ submit_bh(rw, bh); -+ bh = next; -+ } while (bh != head); -+ return 0; -+} -+ -+/* -+ * We implement to methods: swapping to partitions, and swapping to files -+ * located on partitions. -+ */ -+ -+struct blkdev_swap_data { -+ kdev_t dev; -+}; -+ -+struct test_data { -+ struct file * filp; -+ kdev_t dev; -+}; -+ -+static int is_blkdev_swapping(unsigned int flags, -+ struct file * swapf, -+ void *data) -+{ -+ struct test_data *testdata = (struct test_data *) data; -+ struct file * filp = testdata->filp; -+ kdev_t dev = testdata->dev; -+ -+ /* Only check filp's that don't match the one already opened -+ * for us by sys_swapon(). Otherwise, we will always flag a -+ * busy swap file. -+ */ -+ -+ if (swapf != filp) { -+ if (dev == swapf->f_dentry->d_inode->i_rdev) -+ return 1; -+ } -+ return 0; -+} -+ -+static int blkdev_swap_open(struct file * filp, void **dptr) -+{ -+ int swapfilesize; -+ kdev_t dev; -+ struct blkdev_swap_data *data; -+ int error; -+ struct test_data testdata; -+ -+ MOD_INC_USE_COUNT; -+ -+ if (!S_ISBLK(filp->f_dentry->d_inode->i_mode)) { -+ dprintk(__FUNCTION__": can't handle this swap file: %s\n", -+ swapf->d_name.name); -+ error = 0; /* not for us */ -+ goto bad_swap; -+ } -+ -+ dev = filp->f_dentry->d_inode->i_rdev; -+ set_blocksize(dev, PAGE_SIZE); -+ error = -ENODEV; -+ if (!dev || -+ (blk_size[MAJOR(dev)] && !blk_size[MAJOR(dev)][MINOR(dev)])) { -+ printk("blkdev_swap_open: blkdev weirdness for %s\n", -+ filp->f_dentry->d_name.name); -+ goto bad_swap; -+ } -+ -+ /* Check to make sure that we aren't already swapping. */ -+ error = -EBUSY; -+ testdata.filp = filp; -+ testdata.dev = dev; -+ if (swap_run_test(is_blkdev_swapping, &testdata)) { -+ printk("blkdev_swap_open: already swapping to %s\n", -+ filp->f_dentry->d_name.name); -+ goto bad_swap; -+ } -+ -+ swapfilesize = 0; -+ if (blk_size[MAJOR(dev)]) -+ swapfilesize = blk_size[MAJOR(dev)][MINOR(dev)] -+ >> (PAGE_SHIFT - 10); -+ -+ if ((data = kmalloc(sizeof(*data), GFP_KERNEL)) == NULL) { -+ printk("blkdev_swap_open: can't allocate data for %s\n", -+ filp->f_dentry->d_name.name); -+ error = -ENOMEM; -+ goto bad_swap; -+ } -+ data->dev = dev; -+ *dptr = data; -+ -+ dprintk("blkdev_swap_open: returning %d\n", swapfilesize); -+ return swapfilesize; -+ -+ bad_swap: -+ MOD_DEC_USE_COUNT; -+ return error; /* this swap thing is not for us */ -+} -+ -+static int blkdev_swap_release(struct file * filp, void *data) -+{ -+ dprintk("blkdev_swap_release: releasing swap device %s\n", -+ filp->f_dentry->d_name.name); -+ kfree(data); -+ MOD_DEC_USE_COUNT; -+ return 0; -+} -+ -+static int blkdev_rw_page(int rw, struct page *page, unsigned long offset, -+ void *ptr) -+{ -+ struct blkdev_swap_data *data = (struct blkdev_swap_data *)ptr; -+ brw_page(rw, page, data->dev, (int *)&offset, PAGE_SIZE); -+ return 1; -+} -+ -+static struct swap_ops blkdev_swap_ops = { -+ blkdev_swap_open, -+ blkdev_swap_release, -+ blkdev_rw_page -+}; -+ -+struct blkdevfile_swap_data { -+ struct inode *swapf; -+}; -+ -+static int is_blkdevfile_swapping(unsigned int flags, -+ struct file * swapf, -+ void * data) -+{ -+ struct file * filp = (struct file *) data; -+ -+ /* Only check filp's that don't match the one already opened -+ * for us by sys_swapon(). Otherwise, we will always flag a -+ * busy swap file. -+ */ -+ -+ if (swapf != filp) { -+ if (filp->f_dentry->d_inode == swapf->f_dentry->d_inode) -+ return 1; -+ } -+ return 0; -+} -+ -+static int blkdevfile_swap_open(struct file *swapf, void **dptr) -+{ -+ int error = 0; -+ int swapfilesize; -+ struct blkdevfile_swap_data *data; -+ -+ MOD_INC_USE_COUNT; -+ -+ /* first check whether this is a regular file located on a local -+ * hard disk -+ */ -+ if (!S_ISREG(swapf->f_dentry->d_inode->i_mode)) { -+ dprintk("blkdevfile_swap_open: " -+ "can't handle this swap file: %s\n", -+ swapf->d_name.name); -+ error = 0; /* not for us */ -+ goto bad_swap; -+ } -+ if (!swapf->f_dentry->d_inode->i_mapping->a_ops->bmap) { -+ dprintk("blkdevfile_swap_open: no bmap for file: %s\n", -+ swapf->d_name.name); -+ error = 0; /* not for us */ -+ goto bad_swap; -+ } -+ -+ if (swap_run_test(is_blkdevfile_swapping, swapf)) { -+ dprintk("blkdevfile_swap_open: already swapping to %s\n", -+ swapf->d_name.name); -+ error = -EBUSY; -+ goto bad_swap; -+ } -+ swapfilesize = swapf->f_dentry->d_inode->i_size >> PAGE_SHIFT; -+ if ((data = kmalloc(sizeof(*data), GFP_KERNEL)) == NULL) { -+ error = -ENOMEM; -+ goto bad_swap; -+ } -+ data->swapf = swapf->f_dentry->d_inode; -+ *dptr = data; -+ return swapfilesize; -+ -+ bad_swap: -+ MOD_DEC_USE_COUNT; -+ return error; -+} -+ -+static int blkdevfile_swap_release(struct file *swapf, void *data) -+{ -+ kfree(data); -+ MOD_DEC_USE_COUNT; -+ return 0; -+} -+ -+static int blkdevfile_rw_page(int rw, struct page *page, unsigned long offset, -+ void *ptr) -+{ -+ struct blkdevfile_swap_data *data = (struct blkdevfile_swap_data *)ptr; -+ struct inode * swapf = data->swapf; -+ int i, j; -+ unsigned int block = offset -+ << (PAGE_SHIFT - swapf->i_sb->s_blocksize_bits); -+ kdev_t dev = swapf->i_dev; -+ int block_size; -+ int zones[PAGE_SIZE/512]; -+ int zones_used; -+ -+ block_size = swapf->i_sb->s_blocksize; -+ for (i=0, j=0; j< PAGE_SIZE ; i++, j += block_size) -+ if (!(zones[i] = bmap(swapf,block++))) { -+ printk("blkdevfile_rw_page: bad swap file\n"); -+ return 0; -+ } -+ zones_used = i; -+ -+ /* block_size == PAGE_SIZE/zones_used */ -+ brw_page(rw, page, dev, zones, block_size); -+ return 1; -+} -+ -+static struct swap_ops blkdevfile_swap_ops = { -+ blkdevfile_swap_open, -+ blkdevfile_swap_release, -+ blkdevfile_rw_page -+ }; -+ -+int __init blkdev_swap_init(void) -+{ -+ (void)register_swap_method(BLKDEV_SWAP_ID, &blkdev_swap_ops); -+ (void)register_swap_method(BLKDEV_FILE_SWAP_ID, &blkdevfile_swap_ops); -+ return 0; -+} -+ -+void __exit blkdev_swap_exit(void) -+{ -+ unregister_swap_method(BLKDEV_SWAP_ID); -+ unregister_swap_method(BLKDEV_FILE_SWAP_ID); -+} -+ -+module_init(blkdev_swap_init) -+module_exit(blkdev_swap_exit) -+ -+MODULE_LICENSE("GPL"); -+MODULE_AUTHOR("Many. Stuffed into a module by cH (Claus-Justus Heine)"); -+MODULE_DESCRIPTION("Swapping to partitions and files on local hard-disks"); -diff -Nurb linux.orig/fs/buffer.c linux/fs/buffer.c ---- linux.orig/fs/buffer.c 2003-07-04 04:12:05.000000000 -0400 -+++ linux/fs/buffer.c 2004-05-31 02:21:05.000000000 -0400 -@@ -743,7 +743,7 @@ - bh->b_private = private; - } - --static void end_buffer_io_async(struct buffer_head * bh, int uptodate) -+void end_buffer_io_async(struct buffer_head * bh, int uptodate) - { - static spinlock_t page_uptodate_lock = SPIN_LOCK_UNLOCKED; - unsigned long flags; -@@ -2344,35 +2344,6 @@ - return err; - } - --int brw_page(int rw, struct page *page, kdev_t dev, int b[], int size) --{ -- struct buffer_head *head, *bh; -- -- if (!PageLocked(page)) -- panic("brw_page: page not locked for I/O"); -- -- if (!page->buffers) -- create_empty_buffers(page, dev, size); -- head = bh = page->buffers; -- -- /* Stage 1: lock all the buffers */ -- do { -- lock_buffer(bh); -- bh->b_blocknr = *(b++); -- set_bit(BH_Mapped, &bh->b_state); -- set_buffer_async_io(bh); -- bh = bh->b_this_page; -- } while (bh != head); -- -- /* Stage 2: start the IO */ -- do { -- struct buffer_head *next = bh->b_this_page; -- submit_bh(rw, bh); -- bh = next; -- } while (bh != head); -- return 0; --} -- - int block_symlink(struct inode *inode, const char *symname, int len) - { - struct address_space *mapping = inode->i_mapping; -diff -Nurb linux.orig/fs/nfs/Makefile linux/fs/nfs/Makefile ---- linux.orig/fs/nfs/Makefile 2003-07-04 04:12:07.000000000 -0400 -+++ linux/fs/nfs/Makefile 2004-05-31 02:18:03.000000000 -0400 -@@ -15,6 +15,14 @@ - obj-$(CONFIG_ROOT_NFS) += nfsroot.o mount_clnt.o - obj-$(CONFIG_NFS_V3) += nfs3proc.o nfs3xdr.o - --obj-m := $(O_TARGET) -+obj-$(CONFIG_SWAP_VIA_NFS) += nfsswap.o -+ifeq ($(CONFIG_SWAP_VIA_NFS),m) -+export-objs := nfs_syms.o -+obj-y += nfs_syms.o -+endif -+ -+ifeq ($(CONFIG_NFS_FS),m) -+obj-m += $(O_TARGET) -+endif - - include $(TOPDIR)/Rules.make -diff -Nurb linux.orig/fs/nfs/file.c linux/fs/nfs/file.c ---- linux.orig/fs/nfs/file.c 2003-07-04 04:12:07.000000000 -0400 -+++ linux/fs/nfs/file.c 2004-05-31 02:18:03.000000000 -0400 -@@ -58,11 +58,6 @@ - setattr: nfs_notify_change, - }; - --/* Hack for future NFS swap support */ --#ifndef IS_SWAPFILE --# define IS_SWAPFILE(inode) (0) --#endif -- - /* - * Flush all dirty pages, and check for write errors. - * -@@ -217,8 +212,6 @@ - inode->i_ino, (unsigned long) count, (unsigned long) *ppos); - - result = -EBUSY; -- if (IS_SWAPFILE(inode)) -- goto out_swapfile; - result = nfs_revalidate_inode(NFS_SERVER(inode), inode); - if (result) - goto out; -@@ -230,10 +223,6 @@ - result = generic_file_write(file, buf, count, ppos); - out: - return result; -- --out_swapfile: -- printk(KERN_INFO "NFS: attempt to write to active swap file!\n"); -- goto out; - } - - /* -diff -Nurb linux.orig/fs/nfs/nfs_syms.c linux/fs/nfs/nfs_syms.c ---- linux.orig/fs/nfs/nfs_syms.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux/fs/nfs/nfs_syms.c 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,10 @@ -+#include <linux/config.h> -+#define __NO_VERSION__ -+#include <linux/module.h> -+#include <linux/types.h> -+#include <linux/sunrpc/clnt.h> -+#include <linux/nfs_fs.h> -+ -+EXPORT_SYMBOL(__nfs_refresh_inode); -+EXPORT_SYMBOL(nfs_write_attributes); -+ -diff -Nurb linux.orig/fs/nfs/nfsswap.c linux/fs/nfs/nfsswap.c ---- linux.orig/fs/nfs/nfsswap.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux/fs/nfs/nfsswap.c 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,350 @@ -+/* -+ * Swapping to files located on NFS mounted volumes -+ * Copyright (c) 2000 Claus-Justus Heine -+ * -+ */ -+ -+#include <linux/config.h> -+#include <linux/module.h> -+#include <linux/init.h> -+#include <linux/types.h> -+#include <linux/slab.h> -+#include <linux/swap.h> -+#include <linux/pagemap.h> -+#include <linux/file.h> -+#include <linux/fs.h> -+#include <linux/socket.h> -+#include <linux/smp_lock.h> -+#include <net/netswapping.h> -+#include <net/sock.h> -+ -+#include <linux/sunrpc/clnt.h> -+#include <linux/nfs_fs.h> -+#include <linux/nfs_fs_sb.h> -+#include <asm/uaccess.h> -+ -+#define NFSDBG_FACILITY NFSDBG_SWAP -+ -+#define NFS_SWAP_ID "nfs file" -+ -+/* we cache some values here. In principle, we only need the file. -+ */ -+struct nfs_swap_data { -+ struct file *file; -+ struct inode *inode; -+ struct nfs_server *server; -+ struct socket *socket; -+}; -+ -+/* Nearly a clone of nfs_readpage_sync() in read.c, but "struct page" does not -+ * contain information about the file offset when swapping. So. -+ */ -+static int nfs_read_swap_page(struct page *page, -+ struct nfs_server *server, -+ struct inode *inode, -+ struct file *file) -+{ -+ unsigned int rsize = server->rsize; -+ unsigned int count = PAGE_SIZE; -+ unsigned int offset = 0; /* always at start of page */ -+ int result, eof; -+ struct rpc_cred *cred; -+ struct nfs_fattr fattr; -+ -+ cred = nfs_file_cred(file); -+ -+ do { -+ if (count < rsize) -+ rsize = count; -+ -+ lock_kernel(); -+ result = NFS_PROTO(inode)->read(inode, cred, -+ &fattr, -+ NFS_RPC_SWAPFLAGS, -+ offset, rsize, page, &eof); -+ nfs_refresh_inode(inode, &fattr); -+ unlock_kernel(); -+ -+ /* -+ * Even if we had a partial success we can't mark the page -+ * cache valid. -+ */ -+ if (result < 0) { -+ if (result == -EISDIR) -+ result = -EINVAL; -+ goto io_error; -+ } -+ count -= result; -+ offset += result; -+ if (result < rsize) /* NFSv2ism */ -+ break; -+ } while (count); -+ -+ if (count) { -+ char *kaddr = kmap(page); -+ memset(kaddr + offset, 0, count); -+ kunmap(page); -+ } -+ flush_dcache_page(page); -+ result = 0; -+ -+io_error: -+ return result; -+} -+ -+/* Like nfs_writepage_sync(), but when swapping page->index does not encode -+ * the offset in the swap file alone. -+ * -+ */ -+static int nfs_write_swap_page(struct page *page, -+ struct nfs_server *server, -+ struct inode *inode, -+ struct file *file) -+{ -+ struct rpc_cred *cred; -+ unsigned int wsize = server->wsize; -+ unsigned int count = PAGE_SIZE; -+ unsigned int offset = 0; -+ int result; -+ struct nfs_writeverf verf; -+ struct nfs_fattr fattr; -+ -+ cred = nfs_file_cred(file); -+ -+ do { -+ if (count < wsize) -+ wsize = count; -+ -+ lock_kernel(); -+ result = NFS_PROTO(inode)->write(inode, cred, &fattr, -+ NFS_RW_SWAP|NFS_RW_SYNC, -+ offset, wsize, page, &verf); -+ nfs_write_attributes(inode, &fattr); -+ unlock_kernel(); -+ -+ if (result < 0) { -+ goto io_error; -+ } -+ if (result != wsize) -+ printk("NFS: short write, wsize=%u, result=%d\n", -+ wsize, result); -+ offset += wsize; -+ count -= wsize; -+ /* -+ * If we've extended the file, update the inode -+ * now so we don't invalidate the cache. -+ */ -+ if (offset > inode->i_size) -+ inode->i_size = offset; -+ } while (count); -+ -+ result = 0; -+ -+io_error: -+ -+ return result; -+} -+ -+/* Unluckily (for us) form 2.4.19 -> 2.4.20 the nfs-proc's where -+ * changed and expect now a proper file-mapping page, where index -+ * encodes the offset alone. -+ * -+ * What we do: we save the original value of page->index, initialize -+ * page->index to what the NFS/sun-rpc subsystem expects and restore -+ * the index later. -+ */ -+static int nfs_rw_swap_page(int rw, struct page *page, -+ unsigned long offset, void *dptr) -+{ -+ int error; -+ struct nfs_swap_data *data = dptr; -+ unsigned long alloc_flag = current->flags & PF_MEMALLOC; -+ unsigned long page_index; -+ -+ if (!PageLocked(page)) -+ panic("nfs_rw_swap_page: page not locked for I/O"); -+ -+ /* prevent memory deadlocks */ -+ if (!(current->flags & PF_MEMALLOC)) { -+ dprintk("nfs_rw_swap_page: Setting PF_MEMALLOC\n"); -+ } -+ current->flags |= PF_MEMALLOC; -+ -+ /* now tweak the page->index field ... */ -+ page_index = page->index; -+ page->index = ((loff_t)offset*(loff_t)PAGE_SIZE) >> PAGE_CACHE_SHIFT; -+ -+ if (rw == WRITE) { -+ error = nfs_write_swap_page(page, -+ data->server, -+ data->inode, -+ data->file); -+ } else { -+ error = nfs_read_swap_page(page, -+ data->server, -+ data->inode, -+ data->file); -+ } -+ -+ if (!alloc_flag) { -+ current->flags &= ~PF_MEMALLOC; -+ } -+ -+ /* now restore the page->index field ... */ -+ page->index = page_index; -+ -+ if (error) { -+ /* Must mark the page invalid after I/O error */ -+ SetPageError(page); -+ ClearPageUptodate(page); -+ } else { -+ ClearPageError(page); -+ SetPageUptodate(page); -+ } -+ -+ if (!error) { /* in case of an error rw_swap_page() likes to unlock -+ * itself. -+ */ -+ UnlockPage(page); -+ } -+ -+ return error < 0 ? 0 : 1; -+} -+ -+static int is_nfsfile_swapping(unsigned int flags, -+ struct file * swapf, -+ void * data) -+{ -+ struct file * filp = (struct file *) data; -+ -+ /* Only check filp's that don't match the one already opened -+ * for us by sys_swapon(). Otherwise, we will always flag a -+ * busy swap file. -+ */ -+ -+ if (swapf != filp) { -+ if (filp->f_dentry->d_inode == swapf->f_dentry->d_inode) -+ return 1; -+ } -+ return 0; -+} -+ -+static int nfs_swap_open(struct file *swapf, void **dptr) -+{ -+ int error = 0; -+ int swapfilesize; -+ struct nfs_swap_data *data; -+ int on = 1; -+ mm_segment_t fs; -+ struct inode *inode = swapf->f_dentry->d_inode; -+ -+ MOD_INC_USE_COUNT; -+ -+ if (!S_ISREG(inode->i_mode)) { -+ dprintk("nfs_swap_open: can't handle this swap file: %s\n", -+ swapf->f_dentry->d_name.name); -+ error = 0; /* not for us */ -+ goto bad_swap; -+ } -+ /* determine whether this file really is located on an NFS mounted -+ * volume -+ */ -+ if (!inode->i_sb || inode->i_sb->s_magic != NFS_SUPER_MAGIC) { -+ dprintk("nfs_swap_open: %s is not an NFS file.\n", -+ swapf->f_dentry->d_name.name); -+ error = 0; /* not for us */ -+ goto bad_swap; -+ } -+ -+ if (swap_run_test(is_nfsfile_swapping, swapf)) { -+ dprintk("nfs_swap_open: already swapping to %s\n", -+ swapf->f_dentry->d_name.name); -+ error = -EBUSY; -+ goto bad_swap; -+ } -+ swapfilesize = inode->i_size >> PAGE_SHIFT; -+ if ((data = kmalloc(sizeof(*data), GFP_KERNEL)) == NULL) { -+ error = -ENOMEM; -+ goto bad_swap; -+ } -+ data->file = swapf; -+ data->inode = inode; -+ data->server = NFS_SERVER(inode); -+ data->socket = data->server->client->cl_xprt->sock; -+ -+ /* set socket option SO_SWAPPING */ -+ fs = get_fs(); -+ set_fs(KERNEL_DS); -+ error = sock_setsockopt(data->socket, SOL_SOCKET, SO_SWAPPING, -+ (char *)&on, sizeof(on)); -+ set_fs(fs); -+ if (error) { -+ dprintk("nfs_swap_open: error setting SO_SWAPPING\n"); -+ goto bad_swap_2; -+ } -+ -+ *dptr = data; -+ return swapfilesize; -+ -+ bad_swap_2: -+ kfree(data); -+ bad_swap: -+ MOD_DEC_USE_COUNT; -+ return error; -+} -+ -+static int nfs_swap_release(struct file *swapf, void *dptr) -+{ -+ struct nfs_swap_data *data = (struct nfs_swap_data *)dptr; -+ int off = 0; -+ mm_segment_t fs; -+ int error; -+ -+#if 1 -+ if (swapf != data->file || -+ swapf->f_dentry->d_inode != data->inode || -+ !swapf->f_dentry->d_inode->i_sb || -+ swapf->f_dentry->d_inode->i_sb->s_magic != NFS_SUPER_MAGIC || -+ NFS_SERVER(swapf->f_dentry->d_inode) != data->server || -+ data->socket != data->server->client->cl_xprt->sock) { -+ panic("nfs_swap_release: nfs swap data messed up"); -+ } -+#endif -+ -+ /* remove socket option SO_SWAPPING */ -+ fs = get_fs(); -+ set_fs(KERNEL_DS); -+ error = sock_setsockopt(data->socket, SOL_SOCKET, SO_SWAPPING, -+ (char *)&off, sizeof(off)); -+ set_fs(fs); -+ if (error) { -+ dprintk("nfs_swap_open: error clearing SO_SWAPPING\n"); -+ } -+ kfree(data); -+ MOD_DEC_USE_COUNT; -+ return error; -+} -+ -+static struct swap_ops nfs_swap_ops = { -+ open: nfs_swap_open, -+ release: nfs_swap_release, -+ rw_page: nfs_rw_swap_page -+}; -+ -+int __init nfs_swap_init(void) -+{ -+ (void)register_swap_method(NFS_SWAP_ID, &nfs_swap_ops); -+ return 0; -+} -+ -+void __exit nfs_swap_exit(void) -+{ -+ unregister_swap_method(NFS_SWAP_ID); -+} -+ -+module_init(nfs_swap_init) -+module_exit(nfs_swap_exit) -+ -+MODULE_LICENSE("GPL"); -+MODULE_AUTHOR("(c) 1996-2002 cH (Claus-Justus Heine)"); -+MODULE_DESCRIPTION("Swapping to files located on volumes mounted via NFS"); -diff -Nurb linux.orig/fs/nfs/read.c linux/fs/nfs/read.c ---- linux.orig/fs/nfs/read.c 2003-07-04 04:12:08.000000000 -0400 -+++ linux/fs/nfs/read.c 2004-05-31 02:18:03.000000000 -0400 -@@ -50,11 +50,6 @@ - */ - static void nfs_readpage_result(struct rpc_task *task); - --/* Hack for future NFS swap support */ --#ifndef IS_SWAPFILE --# define IS_SWAPFILE(inode) (0) --#endif -- - static kmem_cache_t *nfs_rdata_cachep; - - static __inline__ struct nfs_read_data *nfs_readdata_alloc(void) -@@ -92,7 +87,6 @@ - int rsize = NFS_SERVER(inode)->rsize; - int result; - int count = PAGE_CACHE_SIZE; -- int flags = IS_SWAPFILE(inode)? NFS_RPC_SWAPFLAGS : 0; - int eof; - - dprintk("NFS: nfs_readpage_sync(%p)\n", page); -@@ -114,7 +108,7 @@ - offset, rsize, page); - - lock_kernel(); -- result = NFS_PROTO(inode)->read(inode, cred, &fattr, flags, -+ result = NFS_PROTO(inode)->read(inode, cred, &fattr, 0, - offset, rsize, page, &eof); - nfs_refresh_inode(inode, &fattr); - unlock_kernel(); -@@ -246,7 +240,7 @@ - task = &data->task; - - /* N.B. Do we need to test? Never called for swapfile inode */ -- flags = RPC_TASK_ASYNC | (IS_SWAPFILE(inode)? NFS_RPC_SWAPFLAGS : 0); -+ flags = RPC_TASK_ASYNC; - - nfs_read_rpcsetup(head, data); - -@@ -476,8 +470,6 @@ - } - - error = nfs_readpage_sync(file, inode, page); -- if (error < 0 && IS_SWAPFILE(inode)) -- printk("Aiee.. nfs swap-in of page failed!\n"); - out: - return error; - -diff -Nurb linux.orig/fs/nfs/write.c linux/fs/nfs/write.c ---- linux.orig/fs/nfs/write.c 2003-07-04 04:12:08.000000000 -0400 -+++ linux/fs/nfs/write.c 2004-05-31 02:20:47.000000000 -0400 -@@ -3,7 +3,6 @@ - #include <linux/config.h> - #include <linux/types.h> - #include <linux/slab.h> --#include <linux/swap.h> - #include <linux/pagemap.h> - #include <linux/file.h> - -@@ -46,11 +45,6 @@ - static void nfs_commit_done(struct rpc_task *); - #endif - --/* Hack for future NFS swap support */ --#ifndef IS_SWAPFILE --# define IS_SWAPFILE(inode) (0) --#endif -- - static kmem_cache_t *nfs_wdata_cachep; - - static __inline__ struct nfs_write_data *nfs_writedata_alloc(void) -@@ -82,7 +76,7 @@ - * For the moment, we just call nfs_refresh_inode(). - */ - static __inline__ int --nfs_write_attributes(struct inode *inode, struct nfs_fattr *fattr) -+__nfs_write_attributes(struct inode *inode, struct nfs_fattr *fattr) - { - if ((fattr->valid & NFS_ATTR_FATTR) && !(fattr->valid & NFS_ATTR_WCC)) { - fattr->pre_size = NFS_CACHE_ISIZE(inode); -@@ -93,6 +87,11 @@ - return nfs_refresh_inode(inode, fattr); - } - -+int nfs_write_attributes(struct inode *inode, struct nfs_fattr *fattr) -+{ -+ return __nfs_write_attributes(inode, fattr); -+} -+ - /* - * Write a page synchronously. - * Offset is the data offset within the page. -@@ -104,8 +103,7 @@ - struct rpc_cred *cred = NULL; - loff_t base; - unsigned int wsize = NFS_SERVER(inode)->wsize; -- int result, refresh = 0, written = 0, flags; -- u8 *buffer; -+ int result, refresh = 0, written = 0; - struct nfs_fattr fattr; - struct nfs_writeverf verf; - -@@ -121,15 +119,14 @@ - - base = page_offset(page) + offset; - -- flags = ((IS_SWAPFILE(inode)) ? NFS_RW_SWAP : 0) | NFS_RW_SYNC; -- - do { -- if (count < wsize && !IS_SWAPFILE(inode)) -+ if (count < wsize) - wsize = count; - -- result = NFS_PROTO(inode)->write(inode, cred, &fattr, flags, -+ result = NFS_PROTO(inode)->write(inode, cred, &fattr, -+ NFS_RW_SYNC, - offset, wsize, page, &verf); -- nfs_write_attributes(inode, &fattr); -+ __nfs_write_attributes(inode, &fattr); - - if (result < 0) { - /* Must mark the page invalid after I/O error */ -@@ -140,7 +137,6 @@ - printk("NFS: short write, wsize=%u, result=%d\n", - wsize, result); - refresh = 1; -- buffer += wsize; - base += wsize; - offset += wsize; - written += wsize; -@@ -979,7 +975,7 @@ - } - #endif - -- nfs_write_attributes(inode, resp->fattr); -+ __nfs_write_attributes(inode, resp->fattr); - while (!list_empty(&data->pages)) { - req = nfs_list_entry(data->pages.next); - nfs_list_remove_request(req); -@@ -1133,7 +1129,7 @@ - if (nfs_async_handle_jukebox(task)) - return; - -- nfs_write_attributes(inode, resp->fattr); -+ __nfs_write_attributes(inode, resp->fattr); - while (!list_empty(&data->pages)) { - req = nfs_list_entry(data->pages.next); - nfs_list_remove_request(req); -diff -Nurb linux.orig/include/linux/fs.h linux/include/linux/fs.h ---- linux.orig/include/linux/fs.h 2004-05-31 02:06:19.000000000 -0400 -+++ linux/include/linux/fs.h 2004-05-31 02:18:03.000000000 -0400 -@@ -1500,6 +1500,10 @@ - extern int inode_change_ok(struct inode *, struct iattr *); - extern int inode_setattr(struct inode *, struct iattr *); - -+/* for swapping to block devices */ -+void create_empty_buffers(struct page *page, kdev_t dev, unsigned long blocksize); -+void end_buffer_io_async(struct buffer_head * bh, int uptodate); -+ - /* - * Common dentry functions for inclusion in the VFS - * or in other stackable file systems. Some of these -diff -Nurb linux.orig/include/linux/nfs_fs.h linux/include/linux/nfs_fs.h ---- linux.orig/include/linux/nfs_fs.h 2004-05-31 02:06:28.000000000 -0400 -+++ linux/include/linux/nfs_fs.h 2004-05-31 02:18:03.000000000 -0400 -@@ -40,8 +40,8 @@ - */ - #define NFS_MAX_DIRCACHE 16 - --#define NFS_MAX_FILE_IO_BUFFER_SIZE 32768 --#define NFS_DEF_FILE_IO_BUFFER_SIZE 4096 -+#define NFS_MAX_FILE_IO_BUFFER_SIZE (8*PAGE_SIZE) -+#define NFS_DEF_FILE_IO_BUFFER_SIZE PAGE_SIZE - - /* - * The upper limit on timeouts for the exponential backoff algorithm. -@@ -205,6 +205,8 @@ - extern int nfs_writepage(struct page *); - extern int nfs_flush_incompatible(struct file *file, struct page *page); - extern int nfs_updatepage(struct file *, struct page *, unsigned int, unsigned int); -+extern int nfs_write_attributes(struct inode *inode, struct nfs_fattr *fattr); -+ - /* - * Try to write back everything synchronously (but check the - * return value!) -@@ -375,6 +377,7 @@ - #define NFSDBG_XDR 0x0020 - #define NFSDBG_FILE 0x0040 - #define NFSDBG_ROOT 0x0080 -+#define NFSDBG_SWAP 0x0100 - #define NFSDBG_ALL 0xFFFF - - #ifdef __KERNEL__ -diff -Nurb linux.orig/include/linux/slab.h linux/include/linux/slab.h ---- linux.orig/include/linux/slab.h 2004-05-31 02:06:19.000000000 -0400 -+++ linux/include/linux/slab.h 2004-05-31 02:18:03.000000000 -0400 -@@ -39,6 +39,7 @@ - #define SLAB_HWCACHE_ALIGN 0x00002000UL /* align objs on a h/w cache lines */ - #define SLAB_CACHE_DMA 0x00004000UL /* use GFP_DMA memory */ - #define SLAB_MUST_HWCACHE_ALIGN 0x00008000UL /* force alignment */ -+#define SLAB_LOW_GFP_ORDER 0x00010000UL /* use as low a gfp order as possible */ - - /* flags passed to a constructor func */ - #define SLAB_CTOR_CONSTRUCTOR 0x001UL /* if not set, then deconstructor */ -diff -Nurb linux.orig/include/linux/swap.h linux/include/linux/swap.h ---- linux.orig/include/linux/swap.h 2004-05-31 02:06:19.000000000 -0400 -+++ linux/include/linux/swap.h 2004-05-31 02:18:03.000000000 -0400 -@@ -58,15 +58,29 @@ - #define SWAP_MAP_MAX 0x7fff - #define SWAP_MAP_BAD 0x8000 - -+struct swap_ops { -+ int (*open)(struct file *swapf, void **data); -+ int (*release)(struct file *swapf, void *data); -+ int (*rw_page)(int rw, -+ struct page *page, unsigned long offset, void *data); -+}; -+ -+struct swap_method { -+ struct swap_method *next; -+ char * name; -+ struct swap_ops *ops; -+ int use_count; -+}; -+ - /* - * The in-memory structure used to track swap areas. - */ - struct swap_info_struct { - unsigned int flags; -- kdev_t swap_device; -+ struct file *swap_file; -+ struct swap_method *method; -+ void *data; - spinlock_t sdev_lock; -- struct dentry * swap_file; -- struct vfsmount *swap_vfsmnt; - unsigned short * swap_map; - unsigned int lowest_bit; - unsigned int highest_bit; -@@ -141,11 +155,15 @@ - extern int total_swap_pages; - extern unsigned int nr_swapfiles; - extern struct swap_info_struct swap_info[]; --extern int is_swap_partition(kdev_t); -+extern int register_swap_method(char *name, struct swap_ops *ops); -+extern int unregister_swap_method(char *name); -+extern int swap_run_test(int (*test_fct)(unsigned int flags, -+ struct file *swap_file, -+ void *testdata), void *testdata); - extern void si_swapinfo(struct sysinfo *); - extern swp_entry_t get_swap_page(void); --extern void get_swaphandle_info(swp_entry_t, unsigned long *, kdev_t *, -- struct inode **); -+struct swap_method *get_swaphandle_info(swp_entry_t entry, -+ unsigned long *offset, void **data); - extern int swap_duplicate(swp_entry_t); - extern int swap_count(struct page *); - extern int valid_swaphandles(swp_entry_t, unsigned long *); -diff -Nurb linux.orig/include/net/netswapping.h linux/include/net/netswapping.h ---- linux.orig/include/net/netswapping.h 1969-12-31 19:00:00.000000000 -0500 -+++ linux/include/net/netswapping.h 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,47 @@ -+#ifndef _LINUX_NETSWAPPING_H -+#define _LINUX_NETSWAPPING_H -+ -+#include <linux/swap.h> -+#include <linux/init.h> -+ -+/* It is a mess. Socket options are defined in asm-ARCH/socket.h */ -+ -+#define SO_SWAPPING 0x00100000 /* hopefully not used by anybody else */ -+ -+#ifdef __KERNEL__ -+ -+#define CTL_NETSWAP 0x00100000 -+ -+enum { -+ NET_SWAP_DROPPED = 1, -+ NET_SWAP_DROP_THRESHOLD = 2, -+ NET_SWAP_SOCK_COUNT = 3 -+}; -+ -+extern unsigned int netswap_free_pages_min; -+extern int netswap_sock_count; -+extern unsigned int netswap_dropped; -+ -+/* this is "#defined" and not inline because sock.h includes us, but we need -+ * the "struct sock" definition. -+ */ -+#define netswap_low_memory(sk, skb) \ -+({ \ -+ int _ret = 0; \ -+ \ -+ if (netswap_sock_count > 0 && /* anybody swapping via network? */ \ -+ !(sk)->swapping && /* but we are not needed for swapping */ \ -+ nr_free_pages() < netswap_free_pages_min) { /* so drop us */ \ -+ printk("netswap_low_memory: " \ -+ "dropping skb 0x%p@0x%p\n", skb, sk); \ -+ netswap_dropped ++; \ -+ _ret = 1; \ -+ } \ -+ _ret; \ -+}) -+ -+extern int __init netswap_init(void); -+ -+#endif -+ -+#endif -diff -Nurb linux.orig/include/net/sock.h linux/include/net/sock.h ---- linux.orig/include/net/sock.h 2004-05-31 02:07:17.000000000 -0400 -+++ linux/include/net/sock.h 2004-05-31 02:18:03.000000000 -0400 -@@ -103,6 +103,10 @@ - #include <linux/filter.h> - #endif - -+#ifdef CONFIG_NETSWAP -+#include <net/netswapping.h> -+#endif -+ - #include <asm/atomic.h> - #include <net/dst.h> - -@@ -536,6 +540,12 @@ - no_check, - broadcast, - bsdism; -+#ifdef CONFIG_NETSWAP -+ /* Increased by SO_SWAPPING with arg != 0, decreased by -+ * SO_SWAPPING with arg 0 -+ */ -+ int swapping; -+#endif - unsigned char debug; - unsigned char rcvtstamp; - unsigned char use_write_queue; -@@ -1165,6 +1175,11 @@ - return err; /* Toss packet */ - } - #endif /* CONFIG_FILTER */ -+#ifdef CONFIG_NETSWAP -+ /* an inline function defined in net/netswapping.h */ -+ if (netswap_low_memory(sk, skb)) -+ return -ENOMEM; -+#endif /* CONFIG_NETSWAP */ - - skb->dev = NULL; - skb_set_owner_r(skb, sk); -diff -Nurb linux.orig/kernel/ksyms.c linux/kernel/ksyms.c ---- linux.orig/kernel/ksyms.c 2004-05-31 02:02:43.000000000 -0400 -+++ linux/kernel/ksyms.c 2004-05-31 02:18:03.000000000 -0400 -@@ -41,6 +41,7 @@ - #include <linux/mm.h> - #include <linux/capability.h> - #include <linux/highuid.h> -+#include <linux/swapctl.h> - #include <linux/brlock.h> - #include <linux/fs.h> - #include <linux/tty.h> -@@ -127,6 +128,11 @@ - EXPORT_SYMBOL(kmap_prot); - EXPORT_SYMBOL(kmap_pte); - #endif -+EXPORT_SYMBOL(nr_free_pages); -+/* EXPORT_SYMBOL(freepages); */ -+EXPORT_SYMBOL(register_swap_method); -+EXPORT_SYMBOL(unregister_swap_method); -+EXPORT_SYMBOL(swap_run_test); - - /* filesystem internal functions */ - EXPORT_SYMBOL(def_blk_fops); -@@ -531,7 +537,7 @@ - EXPORT_SYMBOL(make_bad_inode); - EXPORT_SYMBOL(is_bad_inode); - EXPORT_SYMBOL(event); --EXPORT_SYMBOL(brw_page); -+EXPORT_SYMBOL(end_buffer_io_async); - EXPORT_SYMBOL(__inode_dir_notify); - - #ifdef CONFIG_UID16 -diff -Nurb linux.orig/mm/page_io.c linux/mm/page_io.c ---- linux.orig/mm/page_io.c 2003-07-04 04:12:29.000000000 -0400 -+++ linux/mm/page_io.c 2004-05-31 02:18:03.000000000 -0400 -@@ -36,11 +36,8 @@ - static int rw_swap_page_base(int rw, swp_entry_t entry, struct page *page) - { - unsigned long offset; -- int zones[PAGE_SIZE/512]; -- int zones_used; -- kdev_t dev = 0; -- int block_size; -- struct inode *swapf = 0; -+ struct swap_method *method; -+ void *data; - - if (rw == READ) { - ClearPageUptodate(page); -@@ -48,30 +45,11 @@ - } else - kstat.pswpout++; - -- get_swaphandle_info(entry, &offset, &dev, &swapf); -- if (dev) { -- zones[0] = offset; -- zones_used = 1; -- block_size = PAGE_SIZE; -- } else if (swapf) { -- int i, j; -- unsigned int block = offset -- << (PAGE_SHIFT - swapf->i_sb->s_blocksize_bits); -- -- block_size = swapf->i_sb->s_blocksize; -- for (i=0, j=0; j< PAGE_SIZE ; i++, j += block_size) -- if (!(zones[i] = bmap(swapf,block++))) { -- printk("rw_swap_page: bad swap file\n"); -- return 0; -- } -- zones_used = i; -- dev = swapf->i_dev; -- } else { -+ method = get_swaphandle_info(entry, &offset, &data); -+ if (!method || !method->ops->rw_page(rw, page, offset, data)) { - return 0; - } - -- /* block_size == PAGE_SIZE/zones_used */ -- brw_page(rw, page, dev, zones, block_size); - return 1; - } - -diff -Nurb linux.orig/mm/slab.c linux/mm/slab.c ---- linux.orig/mm/slab.c 2003-07-04 04:12:29.000000000 -0400 -+++ linux/mm/slab.c 2004-05-31 02:18:03.000000000 -0400 -@@ -111,10 +111,12 @@ - # define CREATE_MASK (SLAB_DEBUG_INITIAL | SLAB_RED_ZONE | \ - SLAB_POISON | SLAB_HWCACHE_ALIGN | \ - SLAB_NO_REAP | SLAB_CACHE_DMA | \ -- SLAB_MUST_HWCACHE_ALIGN) -+ SLAB_MUST_HWCACHE_ALIGN | \ -+ SLAB_LOW_GFP_ORDER) - #else - # define CREATE_MASK (SLAB_HWCACHE_ALIGN | SLAB_NO_REAP | \ -- SLAB_CACHE_DMA | SLAB_MUST_HWCACHE_ALIGN) -+ SLAB_CACHE_DMA | SLAB_MUST_HWCACHE_ALIGN | \ -+ SLAB_LOW_GFP_ORDER) - #endif - - /* -@@ -247,8 +249,13 @@ - }; - - /* internal c_flags */ --#define CFLGS_OFF_SLAB 0x010000UL /* slab management in own cache */ --#define CFLGS_OPTIMIZE 0x020000UL /* optimized slab lookup */ -+#define CFLGS_OFF_SLAB 0x020000UL /* slab management in own cache */ -+#define CFLGS_OPTIMIZE 0x040000UL /* optimized slab lookup */ -+#define CFLGS_MASK (CFLGS_OFF_SLAB | CFLGS_OPTIMIZE) -+ -+#if (CFLGS_MASK & CREATE_MASK) -+# error BUG: internal and external SLAB flags overlap -+#endif - - /* c_dflags (dynamic flags). Need to hold the spinlock to access this member */ - #define DFLGS_GROWN 0x000001UL /* don't reap a recently grown */ -@@ -452,7 +459,12 @@ - snprintf(name, sizeof(name), "size-%Zd",sizes->cs_size); - if (!(sizes->cs_cachep = - kmem_cache_create(name, sizes->cs_size, -- 0, SLAB_HWCACHE_ALIGN, NULL, NULL))) { -+ 0, -+#if CONFIG_NETSWAP -+ SLAB_LOW_GFP_ORDER| /* sorry */ -+#endif -+ SLAB_HWCACHE_ALIGN, -+ NULL, NULL))) { - BUG(); - } - -@@ -731,6 +743,8 @@ - break; - if (!cachep->num) - goto next; -+ if (cachep->gfporder == 0 && (flags & SLAB_LOW_GFP_ORDER)) -+ break; - if (flags & CFLGS_OFF_SLAB && cachep->num > offslab_limit) { - /* Oops, this num of objs will cause problems. */ - cachep->gfporder--; -diff -Nurb linux.orig/mm/swapfile.c linux/mm/swapfile.c ---- linux.orig/mm/swapfile.c 2003-07-04 04:12:29.000000000 -0400 -+++ linux/mm/swapfile.c 2004-05-31 02:18:03.000000000 -0400 -@@ -11,12 +11,17 @@ - #include <linux/swap.h> - #include <linux/swapctl.h> - #include <linux/blkdev.h> /* for blk_size */ -+#include <linux/file.h> - #include <linux/vmalloc.h> - #include <linux/pagemap.h> - #include <linux/shm.h> - - #include <asm/pgtable.h> - -+#ifdef CONFIG_KMOD -+#include <linux/kmod.h> -+#endif -+ - spinlock_t swaplock = SPIN_LOCK_UNLOCKED; - unsigned int nr_swapfiles; - int total_swap_pages; -@@ -31,8 +36,78 @@ - - struct swap_info_struct swap_info[MAX_SWAPFILES]; - -+static struct swap_method *swap_methods = NULL; -+ - #define SWAPFILE_CLUSTER 256 - -+int register_swap_method(char *name, struct swap_ops *ops) -+{ -+ struct swap_method *pos; -+ struct swap_method *new; -+ int result = 0; -+ -+ lock_kernel(); -+ -+ for (pos = swap_methods; pos; pos = pos->next) { -+ if (strcmp(pos->name, name) == 0) { -+ printk(KERN_ERR "register_swap_method: " -+ "method %s already registered\n", name); -+ result = -EBUSY; -+ goto out; -+ } -+ } -+ -+ if (!(new = kmalloc(sizeof(*new), GFP_KERNEL))) { -+ printk(KERN_ERR "register_swap_method: " -+ "no memory for new method \"%s\"\n", name); -+ result = -ENOMEM; -+ goto out; -+ } -+ -+ new->name = name; -+ new->ops = ops; -+ new->use_count = 0; -+ -+ /* ok, insert at top of list */ -+ printk("register_swap_method: method %s\n", name); -+ new->next = swap_methods; -+ swap_methods = new; -+ out: -+ unlock_kernel(); -+ return result; -+} -+ -+int unregister_swap_method(char *name) -+{ -+ struct swap_method **method, *next; -+ int result = 0; -+ -+ lock_kernel(); -+ -+ for (method = &swap_methods; *method; method = &(*method)->next) { -+ if (strcmp((*method)->name, name) == 0) { -+ if ((*method)->use_count > 0) { -+ printk(KERN_ERR "unregister_swap_method: " -+ "method \"%s\" is in use\n", name); -+ result = -EBUSY; -+ goto out; -+ } -+ -+ next = (*method)->next; -+ kfree(*method); -+ *method = next; -+ printk("unregister_swap_method: method %s\n", name); -+ goto out; -+ } -+ } -+ /* not found */ -+ printk("unregister_swap_method: no such method %s\n", name); -+ result = -ENOENT; -+ out: -+ unlock_kernel(); -+ return result; -+} -+ - static inline int scan_swap_map(struct swap_info_struct *si) - { - unsigned long offset; -@@ -711,13 +786,14 @@ - struct nameidata nd; - int i, type, prev; - int err; -+ struct file *swap_file; - - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; - - err = user_path_walk(specialfile, &nd); - if (err) -- goto out; -+ return err; - - lock_kernel(); - prev = -1; -@@ -725,15 +801,20 @@ - for (type = swap_list.head; type >= 0; type = swap_info[type].next) { - p = swap_info + type; - if ((p->flags & SWP_WRITEOK) == SWP_WRITEOK) { -- if (p->swap_file == nd.dentry) -+ if (p->swap_file && -+ p->swap_file->f_dentry == nd.dentry) - break; - } - prev = type; - } - err = -EINVAL; -+ /* p->swap_file contains all needed info, no need to keep nd, so -+ * release it now. -+ */ -+ path_release(&nd); - if (type < 0) { - swap_list_unlock(); -- goto out_dput; -+ goto out; - } - - if (prev < 0) { -@@ -767,32 +848,30 @@ - total_swap_pages += p->pages; - p->flags = SWP_WRITEOK; - swap_list_unlock(); -- goto out_dput; -+ goto out; - } -- if (p->swap_device) -- blkdev_put(p->swap_file->d_inode->i_bdev, BDEV_SWAP); -- path_release(&nd); - -+ if (p->method->ops->release) -+ p->method->ops->release(p->swap_file, p->data); - swap_list_lock(); - swap_device_lock(p); -- nd.mnt = p->swap_vfsmnt; -- nd.dentry = p->swap_file; -- p->swap_vfsmnt = NULL; -+ p->method->use_count --; -+ p->method = NULL; -+ p->data = NULL; -+ swap_file = p->swap_file; - p->swap_file = NULL; -- p->swap_device = 0; - p->max = 0; - swap_map = p->swap_map; - p->swap_map = NULL; - p->flags = 0; - swap_device_unlock(p); - swap_list_unlock(); -+ filp_close(swap_file, NULL); - vfree(swap_map); - err = 0; - --out_dput: -- unlock_kernel(); -- path_release(&nd); - out: -+ unlock_kernel(); - return err; - } - -@@ -805,18 +884,17 @@ - if (!page) - return -ENOMEM; - -- len += sprintf(buf, "Filename\t\t\tType\t\tSize\tUsed\tPriority\n"); -+ len += sprintf(buf, "%-32s%-16s%-8s%-8sPriority\n", -+ "Filename", "Type", "Size", "Used"); - for (i = 0 ; i < nr_swapfiles ; i++, ptr++) { - if ((ptr->flags & SWP_USED) && ptr->swap_map) { -- char * path = d_path(ptr->swap_file, ptr->swap_vfsmnt, -+ char * path = d_path(ptr->swap_file->f_dentry, -+ ptr->swap_file->f_vfsmnt, - page, PAGE_SIZE); - - len += sprintf(buf + len, "%-31s ", path); - -- if (!ptr->swap_device) -- len += sprintf(buf + len, "file\t\t"); -- else -- len += sprintf(buf + len, "partition\t"); -+ len += sprintf(buf + len, "%-15s ", ptr->method->name); - - usedswap = 0; - for (j = 0; j < ptr->max; ++j) -@@ -827,7 +905,7 @@ - default: - usedswap++; - } -- len += sprintf(buf + len, "%d\t%d\t%d\n", ptr->pages << (PAGE_SHIFT - 10), -+ len += sprintf(buf + len, "%-8d%-8d%d\n", ptr->pages << (PAGE_SHIFT - 10), - usedswap << (PAGE_SHIFT - 10), ptr->prio); - } - } -@@ -835,18 +913,55 @@ - return len; - } - --int is_swap_partition(kdev_t dev) { -+/* apply a test function to all active swap objects. E.g. for checking -+ * whether a partition is used for swapping -+ */ -+int swap_run_test(int (*test_fct)(unsigned int flags, -+ struct file * swap_file, -+ void *testdata), void *testdata) -+{ - struct swap_info_struct *ptr = swap_info; - int i; - - for (i = 0 ; i < nr_swapfiles ; i++, ptr++) { -- if (ptr->flags & SWP_USED) -- if (ptr->swap_device == dev) -+ if (ptr->swap_file && -+ test_fct(ptr->flags, ptr->swap_file, testdata)) - return 1; - } - return 0; - } - -+/* Walk through the list of known swap method until somebody wants to -+ * handle this file. Pick the first one which claims to be able to -+ * swap to this kind of file. -+ * -+ * return value: < 0: error, 0: not found, > 0: swapfilesize -+ */ -+int find_swap_method(struct file *swap_file, -+ struct swap_info_struct *p) -+{ -+ int swapfilesize = 0; -+ struct swap_method *method; -+ -+ p->method = NULL; -+ for (method = swap_methods; method; method = method->next) { -+ swapfilesize = method->ops->open(swap_file, &p->data); -+ if (swapfilesize == 0) { -+ continue; -+ } -+ if (swapfilesize > 0) { -+ p->method = method; -+ p->method->use_count ++; -+ p->swap_file = swap_file; -+ break; -+ } -+ if (swapfilesize < 0) { -+ break; -+ } -+ } -+ return swapfilesize; -+} -+ - /* - * Written 01/25/92 by Simmule Turner, heavily changed by Linus. - * -@@ -855,8 +970,6 @@ - asmlinkage long sys_swapon(const char * specialfile, int swap_flags) - { - struct swap_info_struct * p; -- struct nameidata nd; -- struct inode * swap_inode; - unsigned int type; - int i, j, prev; - int error; -@@ -866,8 +979,9 @@ - int nr_good_pages = 0; - unsigned long maxpages = 1; - int swapfilesize; -- struct block_device *bdev = NULL; - unsigned short *swap_map; -+ char * tmp_specialfile; -+ struct file *swap_file; - - if (!capable(CAP_SYS_ADMIN)) - return -EPERM; -@@ -886,8 +1000,7 @@ - nr_swapfiles = type+1; - p->flags = SWP_USED; - p->swap_file = NULL; -- p->swap_vfsmnt = NULL; -- p->swap_device = 0; -+ p->method = NULL; - p->swap_map = NULL; - p->lowest_bit = 0; - p->highest_bit = 0; -@@ -901,53 +1014,56 @@ - p->prio = --least_priority; - } - swap_list_unlock(); -- error = user_path_walk(specialfile, &nd); -- if (error) -+ -+ /* Open the swap using filp_open. Bail out on any errors. */ -+ tmp_specialfile = getname(specialfile); -+ if (IS_ERR(tmp_specialfile)) { -+ error = PTR_ERR(tmp_specialfile); - goto bad_swap_2; -+ } -+ p->swap_file = filp_open(tmp_specialfile, O_RDWR, 0600); -+ putname(tmp_specialfile); -+ if (IS_ERR(p->swap_file)) { -+ error = PTR_ERR(p->swap_file); -+ goto bad_swap_1; -+ } - -- p->swap_file = nd.dentry; -- p->swap_vfsmnt = nd.mnt; -- swap_inode = nd.dentry->d_inode; - error = -EINVAL; - -- if (S_ISBLK(swap_inode->i_mode)) { -- kdev_t dev = swap_inode->i_rdev; -- struct block_device_operations *bdops; -- devfs_handle_t de; -- -- p->swap_device = dev; -- set_blocksize(dev, PAGE_SIZE); -- -- bd_acquire(swap_inode); -- bdev = swap_inode->i_bdev; -- de = devfs_get_handle_from_inode(swap_inode); -- bdops = devfs_get_ops(de); /* Increments module use count */ -- if (bdops) bdev->bd_op = bdops; -- -- error = blkdev_get(bdev, FMODE_READ|FMODE_WRITE, 0, BDEV_SWAP); -- devfs_put_ops(de);/*Decrement module use count now we're safe*/ -- if (error) -- goto bad_swap_2; -- set_blocksize(dev, PAGE_SIZE); -- error = -ENODEV; -- if (!dev || (blk_size[MAJOR(dev)] && -- !blk_size[MAJOR(dev)][MINOR(dev)])) -- goto bad_swap; -- swapfilesize = 0; -- if (blk_size[MAJOR(dev)]) -- swapfilesize = blk_size[MAJOR(dev)][MINOR(dev)] -- >> (PAGE_SHIFT - 10); -- } else if (S_ISREG(swap_inode->i_mode)) -- swapfilesize = swap_inode->i_size >> PAGE_SHIFT; -- else -- goto bad_swap; -+ swapfilesize = find_swap_method(p->swap_file, p); -+ if (swapfilesize < 0) { -+ error = swapfilesize; -+ goto bad_swap_1; -+ } -+#ifdef CONFIG_KMOD -+ if (swapfilesize == 0) { -+ (void)request_module("swapfile-mod"); -+ -+ swapfilesize = find_swap_method(p->swap_file, p); -+ if (swapfilesize < 0) { -+ error = swapfilesize; -+ goto bad_swap_1; -+ } -+ } -+#endif -+ if (swapfilesize == 0) { -+ printk("Don't know how to swap to this kind of file\n"); -+ goto bad_swap_1; /* free swap map */ -+ } -+ -+ /* After this point, the swap-file has been opened by the swap -+ * method. We must make sure to use the bad_swap label for any -+ * errors. -+ */ - - error = -EBUSY; - for (i = 0 ; i < nr_swapfiles ; i++) { - struct swap_info_struct *q = &swap_info[i]; - if (i == type || !q->swap_file) - continue; -- if (swap_inode->i_mapping == q->swap_file->d_inode->i_mapping) -+ if (p->swap_file->f_dentry->d_inode->i_mapping -+ == -+ q->swap_file->f_dentry->d_inode->i_mapping) - goto bad_swap; - } - -@@ -1083,17 +1199,27 @@ - swap_list_unlock(); - error = 0; - goto out; -+ - bad_swap: -- if (bdev) -- blkdev_put(bdev, BDEV_SWAP); -+ if (p->method->ops->release) -+ p->method->ops->release(p->swap_file, p->data); -+ swap_list_lock(); -+ p->method->use_count --; -+ p->method = NULL; -+ p->data = NULL; -+ swap_list_unlock(); -+ -+bad_swap_1: -+ swap_list_lock(); -+ swap_file = p->swap_file; -+ p->swap_file = NULL; -+ swap_list_unlock(); -+ filp_close(swap_file, NULL); -+ - bad_swap_2: -+ - swap_list_lock(); - swap_map = p->swap_map; -- nd.mnt = p->swap_vfsmnt; -- nd.dentry = p->swap_file; -- p->swap_device = 0; -- p->swap_file = NULL; -- p->swap_vfsmnt = NULL; - p->swap_map = NULL; - p->flags = 0; - if (!(swap_flags & SWAP_FLAG_PREFER)) -@@ -1101,7 +1227,7 @@ - swap_list_unlock(); - if (swap_map) - vfree(swap_map); -- path_release(&nd); -+ - out: - if (swap_header) - free_page((long) swap_header); -@@ -1217,8 +1343,8 @@ - /* - * Prior swap_duplicate protects against swap device deletion. - */ --void get_swaphandle_info(swp_entry_t entry, unsigned long *offset, -- kdev_t *dev, struct inode **swapf) -+struct swap_method *get_swaphandle_info(swp_entry_t entry, -+ unsigned long *offset, void **data) - { - unsigned long type; - struct swap_info_struct *p; -@@ -1226,32 +1352,26 @@ - type = SWP_TYPE(entry); - if (type >= nr_swapfiles) { - printk(KERN_ERR "rw_swap_page: %s%08lx\n", Bad_file, entry.val); -- return; -+ return NULL; - } - - p = &swap_info[type]; - *offset = SWP_OFFSET(entry); - if (*offset >= p->max && *offset != 0) { - printk(KERN_ERR "rw_swap_page: %s%08lx\n", Bad_offset, entry.val); -- return; -+ return NULL; - } - if (p->swap_map && !p->swap_map[*offset]) { - printk(KERN_ERR "rw_swap_page: %s%08lx\n", Unused_offset, entry.val); -- return; -+ return NULL; - } - if (!(p->flags & SWP_USED)) { - printk(KERN_ERR "rw_swap_page: %s%08lx\n", Unused_file, entry.val); -- return; -+ return NULL; - } - -- if (p->swap_device) { -- *dev = p->swap_device; -- } else if (p->swap_file) { -- *swapf = p->swap_file->d_inode; -- } else { -- printk(KERN_ERR "rw_swap_page: no swap file or device\n"); -- } -- return; -+ *data = p->data; -+ return p->method; - } - - /* -diff -Nurb linux.orig/net/Config.in linux/net/Config.in ---- linux.orig/net/Config.in 2003-07-04 04:12:29.000000000 -0400 -+++ linux/net/Config.in 2004-05-31 02:18:03.000000000 -0400 -@@ -16,6 +16,9 @@ - fi - bool 'Socket Filtering' CONFIG_FILTER - tristate 'Unix domain sockets' CONFIG_UNIX -+if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then -+ bool 'Swapping via network sockets (EXPERIMENTAL)' CONFIG_NETSWAP -+fi - bool 'TCP/IP networking' CONFIG_INET - if [ "$CONFIG_INET" = "y" ]; then - source net/ipv4/Config.in -diff -Nurb linux.orig/net/Makefile linux/net/Makefile ---- linux.orig/net/Makefile 2003-07-04 04:12:29.000000000 -0400 -+++ linux/net/Makefile 2004-05-31 02:18:03.000000000 -0400 -@@ -51,6 +51,7 @@ - ifeq ($(CONFIG_NET),y) - obj-$(CONFIG_MODULES) += netsyms.o - obj-$(CONFIG_SYSCTL) += sysctl_net.o -+obj-$(CONFIG_NETSWAP) += netswapping.o - endif - - include $(TOPDIR)/Rules.make -diff -Nurb linux.orig/net/core/sock.c linux/net/core/sock.c ---- linux.orig/net/core/sock.c 2003-10-14 04:09:32.000000000 -0400 -+++ linux/net/core/sock.c 2004-05-31 02:18:03.000000000 -0400 -@@ -402,6 +402,21 @@ - ret = -ENONET; - break; - #endif -+#ifdef CONFIG_NETSWAP -+ case SO_SWAPPING: -+ if (valbool) { -+ if (!sk->swapping) { -+ netswap_sock_count ++; -+ } -+ sk->swapping ++; -+ } else if (sk->swapping > 0) { -+ sk->swapping --; -+ if (!sk->swapping) { -+ netswap_sock_count --; -+ } -+ } -+ break; -+#endif - /* We implement the SO_SNDLOWAT etc to - not be settable (1003.1g 5.3) */ - default: -@@ -552,6 +567,12 @@ - goto lenout; - } - -+#ifdef CONFIG_NETSWAP -+ case SO_SWAPPING: -+ v.val = sk->swapping; -+ break; -+#endif -+ - /* Dubious BSD thing... Probably nobody even uses it, but - * the UNIX standard wants it for whatever reason... -DaveM - */ -diff -Nurb linux.orig/net/ipv4/tcp_ipv4.c linux/net/ipv4/tcp_ipv4.c ---- linux.orig/net/ipv4/tcp_ipv4.c 2003-10-14 04:09:33.000000000 -0400 -+++ linux/net/ipv4/tcp_ipv4.c 2004-05-31 02:18:03.000000000 -0400 -@@ -1657,6 +1657,12 @@ - if (filter && sk_filter(skb, filter)) - goto discard; - #endif /* CONFIG_FILTER */ -+#ifdef CONFIG_NETSWAP -+ /* tcp doesn't use sock_queue_rcv_skb() ... */ -+ /* an inline function defined in net/netswapping.h */ -+ if (netswap_low_memory(sk, skb)) -+ goto discard; -+#endif /* CONFIG_NETSWAP */ - - IP_INC_STATS_BH(IpInDelivers); - -diff -Nurb linux.orig/net/ipv6/tcp_ipv6.c linux/net/ipv6/tcp_ipv6.c ---- linux.orig/net/ipv6/tcp_ipv6.c 2003-10-14 04:09:34.000000000 -0400 -+++ linux/net/ipv6/tcp_ipv6.c 2004-05-31 02:18:03.000000000 -0400 -@@ -1424,6 +1424,12 @@ - if (filter && sk_filter(skb, filter)) - goto discard; - #endif /* CONFIG_FILTER */ -+#ifdef CONFIG_NETSWAP -+ /* tcp doesn't use sock_queue_rcv_skb() ... */ -+ /* an inline function defined in net/netswapping.h */ -+ if (netswap_low_memory(sk, skb)) -+ goto discard; -+#endif /* CONFIG_NETSWAP */ - - /* - * socket locking is here for SMP purposes as backlog rcv -diff -Nurb linux.orig/net/netswapping.c linux/net/netswapping.c ---- linux.orig/net/netswapping.c 1969-12-31 19:00:00.000000000 -0500 -+++ linux/net/netswapping.c 2004-05-31 02:18:03.000000000 -0400 -@@ -0,0 +1,76 @@ -+/* -+ * linux/net/swapping.c -+ * -+ * Support paging over network connections (inet only) -+ * -+ * (c) 2000 Claus-Justus Heine <heine@instmath.rwth-aachen.de> -+ */ -+ -+#include <linux/slab.h> -+#include <linux/swap.h> -+#include <linux/swapctl.h> -+#include <linux/skbuff.h> -+#include <linux/module.h> -+#include <linux/sysctl.h> -+#include <linux/init.h> -+#include <net/netswapping.h> -+#include <net/sock.h> -+#include <asm/uaccess.h> -+ -+unsigned int netswap_dropped; /* statistics */ -+unsigned int netswap_free_pages_min; -+int netswap_sock_count; /* how many sockets have swapping option set */ -+ -+#ifdef CONFIG_SYSCTL -+ -+static ctl_table netswap_table[] = { -+ {NET_SWAP_DROPPED, "dropped", -+ &netswap_dropped, sizeof(int), 0644, NULL, &proc_dointvec }, -+ {NET_SWAP_DROP_THRESHOLD, "threshold", -+ &netswap_free_pages_min, sizeof(int), 0644, NULL, &proc_dointvec }, -+ {NET_SWAP_SOCK_COUNT, "sock_count", -+ &netswap_sock_count, sizeof(int), 0444, NULL, &proc_dointvec }, -+ {0}, -+}; -+ -+static struct ctl_table_header *netswap_sysctl_header; -+ -+static ctl_table netswap_net_table[] = { -+ {CTL_NETSWAP, "swapping", NULL, 0, 0555, netswap_table}, -+ {0} -+}; -+ -+static ctl_table netswap_root_table[] = { -+ {CTL_NET, "net", NULL, 0, 0555, netswap_net_table}, -+ {0} -+}; -+ -+#endif -+ -+int __init netswap_init(void) -+{ -+ /* drop packets when below this threshold */ -+ netswap_free_pages_min = 32 /* freepages.min */; -+#ifdef CONFIG_SYSCTL -+ netswap_sysctl_header = register_sysctl_table(netswap_root_table, 0); -+#endif -+ return 0; -+} -+ -+void __exit netswap_exit(void) -+{ -+#ifdef CONFIG_SYSCTL -+ unregister_sysctl_table(netswap_sysctl_header); -+#endif -+} -+ -+/* linux/init.h -- VERY nice :-) -+ * -+ * On the other hand, we have no control over the order the initcalls -+ * are performed ... -+ * -+ * Actually, we are not compiled as module ... -+ */ -+ -+module_init(netswap_init) -+module_exit(netswap_exit) -diff -Nurb linux.orig/net/netsyms.c linux/net/netsyms.c ---- linux.orig/net/netsyms.c 2004-05-31 02:02:49.000000000 -0400 -+++ linux/net/netsyms.c 2004-05-31 02:18:03.000000000 -0400 -@@ -601,4 +601,10 @@ - EXPORT_SYMBOL(wireless_send_event); - #endif /* CONFIG_NET_RADIO || CONFIG_NET_PCMCIA_RADIO */ - -+#ifdef CONFIG_NETSWAP -+EXPORT_SYMBOL(netswap_sock_count); -+EXPORT_SYMBOL(netswap_free_pages_min); -+EXPORT_SYMBOL(netswap_dropped); -+#endif -+ - #endif /* CONFIG_NET */ -diff -Nurb linux.orig/net/packet/af_packet.c linux/net/packet/af_packet.c ---- linux.orig/net/packet/af_packet.c 2003-10-14 04:09:35.000000000 -0400 -+++ linux/net/packet/af_packet.c 2004-05-31 02:18:03.000000000 -0400 -@@ -449,6 +449,12 @@ - snaplen = res; - } - #endif /* CONFIG_FILTER */ -+#ifdef CONFIG_NETSWAP -+ /* packet doesn't use sock_queue_rcv_skb() ... */ -+ /* an inline function defined in net/netswapping.h */ -+ if (netswap_low_memory(sk, skb)) -+ goto drop_n_restore; -+#endif /* CONFIG_NETSWAP */ - - if (atomic_read(&sk->rmem_alloc) + skb->truesize >= (unsigned)sk->rcvbuf) - goto drop_n_acct; -@@ -496,7 +502,7 @@ - po->stats.tp_drops++; - spin_unlock(&sk->receive_queue.lock); - --#ifdef CONFIG_FILTER -+#if defined(CONFIG_FILTER) || defined(CONFIG_NETSWAP) - drop_n_restore: - #endif - if (skb_head != skb->data && skb_shared(skb)) { -@@ -557,6 +563,12 @@ - snaplen = res; - } - #endif -+#ifdef CONFIG_NETSWAP -+ /* packet doesn't use sock_queue_rcv_skb() ... */ -+ /* an inline function defined in net/netswapping.h */ -+ if (netswap_low_memory(sk, skb)) -+ goto drop_n_restore; -+#endif /* CONFIG_NETSWAP */ - - if (sk->type == SOCK_DGRAM) { - macoff = netoff = TPACKET_ALIGN(TPACKET_HDRLEN) + 16; -diff -Nurb linux.orig/net/sunrpc/sched.c linux/net/sunrpc/sched.c ---- linux.orig/net/sunrpc/sched.c 2003-07-04 04:12:33.000000000 -0400 -+++ linux/net/sunrpc/sched.c 2004-05-31 02:18:03.000000000 -0400 -@@ -79,10 +79,11 @@ - */ - static spinlock_t rpc_sched_lock = SPIN_LOCK_UNLOCKED; - -+#if CONFIG_SWAP_VIA_NFS || CONFIG_SWAP_VIA_NFS_MODULE - /* - * This is the last-ditch buffer for NFS swap requests - */ --static u32 swap_buffer[PAGE_SIZE >> 2]; -+static u32 swap_buffer[2*PAGE_SIZE >> 2]; - static long swap_buffer_used; - - /* -@@ -96,6 +97,7 @@ - { - clear_bit(1, &swap_buffer_used); - } -+#endif - - /* - * Disable the timer for a given RPC task. Should be called with -@@ -501,6 +503,7 @@ - __rpc_execute(struct rpc_task *task) - { - int status = 0; -+ unsigned long alloc_flag = current->flags & PF_MEMALLOC; - - dprintk("RPC: %4d rpc_execute flgs %x\n", - task->tk_pid, task->tk_flags); -@@ -510,6 +513,13 @@ - return 0; - } - -+ if (task->tk_flags & RPC_TASK_SWAPPER) { -+ if (!current->flags & PF_MEMALLOC) { -+ dprintk("__rpc_execute: Setting PF_MEMALLOC\n"); -+ } -+ current->flags |= PF_MEMALLOC; -+ } -+ - restarted: - while (1) { - /* -@@ -554,7 +564,8 @@ - rpc_set_sleeping(task); - if (RPC_IS_ASYNC(task)) { - spin_unlock_bh(&rpc_queue_lock); -- return 0; -+ status = 0; -+ goto out; - } - } - spin_unlock_bh(&rpc_queue_lock); -@@ -563,7 +574,12 @@ - /* sync task: sleep here */ - dprintk("RPC: %4d sync task going to sleep\n", - task->tk_pid); -- if (current->pid == rpciod_pid) -+ /* it's ok to wait for rpciod when swapping, -+ * because this means it needed memory and is -+ * doing the swap-out itself. -+ */ -+ if (current->pid == rpciod_pid && -+ !(task->tk_flags & RPC_TASK_SWAPPER)) - printk(KERN_ERR "RPC: rpciod waiting on sync task!\n"); - - __wait_event(task->tk_wait, !RPC_IS_SLEEPING(task)); -@@ -608,6 +624,10 @@ - /* Release all resources associated with the task */ - rpc_release_task(task); - -+ out: -+ if (!alloc_flag) { -+ current->flags &= ~PF_MEMALLOC; -+ } - return status; - } - -@@ -699,10 +719,16 @@ - { - u32 *buffer; - int gfp; -+ unsigned long alloc_flag = current->flags & PF_MEMALLOC; -+ void *ret = NULL; - -- if (flags & RPC_TASK_SWAPPER) -+ if (flags & RPC_TASK_SWAPPER) { - gfp = GFP_ATOMIC; -- else if (flags & RPC_TASK_ASYNC) -+ if (!(current->flags & PF_MEMALLOC)) { -+ dprintk("rpc_allocate: Setting PF_MEMALLOC\n"); -+ } -+ current->flags |= PF_MEMALLOC; -+ } else if (flags & RPC_TASK_ASYNC) - gfp = GFP_RPC; - else - gfp = GFP_KERNEL; -@@ -710,29 +736,44 @@ - do { - if ((buffer = (u32 *) kmalloc(size, gfp)) != NULL) { - dprintk("RPC: allocated buffer %p\n", buffer); -- return buffer; -+ ret = buffer; -+ goto out; - } -+#if CONFIG_SWAP_VIA_NFS || CONFIG_SWAP_VIA_NFS_MODULE - if ((flags & RPC_TASK_SWAPPER) && size <= sizeof(swap_buffer) - && rpc_lock_swapbuf()) { - dprintk("RPC: used last-ditch swap buffer\n"); -- return swap_buffer; -+ ret = swap_buffer; -+ goto out; -+#endif -+ } -+ if (flags & RPC_TASK_ASYNC) { -+ ret = NULL; -+ goto out; - } -- if (flags & RPC_TASK_ASYNC) -- return NULL; - yield(); - } while (!signalled()); - -- return NULL; -+ out: -+ if (!alloc_flag) { -+ current->flags &= ~PF_MEMALLOC; -+ } -+ return ret; - } - - void - rpc_free(void *buffer) - { -+#if CONFIG_SWAP_VIA_NFS || CONFIG_SWAP_VIA_NFS_MODULE - if (buffer != swap_buffer) { -+#endif - kfree(buffer); - return; -+#if CONFIG_SWAP_VIA_NFS || CONFIG_SWAP_VIA_NFS_MODULE - } - rpc_unlock_swapbuf(); -+ printk("RPC: Released swap buffer\n"); -+#endif - } - - /* -diff -Nurb linux.orig/net/sunrpc/xprt.c linux/net/sunrpc/xprt.c ---- linux.orig/net/sunrpc/xprt.c 2003-07-04 04:12:33.000000000 -0400 -+++ linux/net/sunrpc/xprt.c 2004-05-31 02:18:03.000000000 -0400 -@@ -139,7 +139,7 @@ - __xprt_lock_write(struct rpc_xprt *xprt, struct rpc_task *task) - { - if (!xprt->snd_task) { -- if (xprt->nocong || __xprt_get_cong(xprt, task)) -+ if (__xprt_get_cong(xprt, task)) - xprt->snd_task = task; - } - if (xprt->snd_task != task) { -@@ -179,7 +179,7 @@ - if (!task) - return; - } -- if (xprt->nocong || __xprt_get_cong(xprt, task)) -+ if (__xprt_get_cong(xprt, task)) - xprt->snd_task = task; - } - -@@ -276,6 +276,9 @@ - { - struct rpc_rqst *req = task->tk_rqstp; - -+ if (xprt->nocong || RPC_IS_SWAPPER(task)) -+ return 1; -+ - if (req->rq_cong) - return 1; - dprintk("RPC: %4d xprt_cwnd_limited cong = %ld cwnd = %ld\n", diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/140-ebtables-brnf-5.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/140-ebtables-brnf-5.patch deleted file mode 100644 index 60de305..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/patches/140-ebtables-brnf-5.patch +++ /dev/null @@ -1,5552 +0,0 @@ ---- linux-2.4.21/net/bridge/br_private.h Mon Feb 25 20:38:14 2002 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/br_private.h Fri Aug 8 01:09:06 2003 -@@ -144,8 +144,10 @@ extern void br_fdb_insert(struct net_bri - /* br_forward.c */ - extern void br_deliver(struct net_bridge_port *to, - struct sk_buff *skb); -+extern int br_dev_queue_push_xmit(struct sk_buff *skb); - extern void br_forward(struct net_bridge_port *to, - struct sk_buff *skb); -+extern int br_forward_finish(struct sk_buff *skb); - extern void br_flood_deliver(struct net_bridge *br, - struct sk_buff *skb, - int clone); -@@ -166,7 +168,8 @@ extern void br_get_port_ifindices(struct - int *ifindices); - - /* br_input.c */ --extern void br_handle_frame(struct sk_buff *skb); -+extern int br_handle_frame_finish(struct sk_buff *skb); -+extern int br_handle_frame(struct sk_buff *skb); - - /* br_ioctl.c */ - extern void br_call_ioctl_atomic(void (*fn)(void)); -@@ -176,6 +179,10 @@ extern int br_ioctl(struct net_bridge *b - unsigned long arg1, - unsigned long arg2); - extern int br_ioctl_deviceless_stub(unsigned long arg); -+ -+/* br_netfilter.c */ -+extern int br_netfilter_init(void); -+extern void br_netfilter_fini(void); - - /* br_stp.c */ - extern int br_is_root_bridge(struct net_bridge *br); ---- linux-2.4.21/include/linux/if_bridge.h Thu Nov 22 20:47:12 2001 -+++ linux-2.4.21-ebt-brnf-3/include/linux/if_bridge.h Fri Aug 8 01:09:06 2003 -@@ -102,7 +102,8 @@ struct net_bridge; - struct net_bridge_port; - - extern int (*br_ioctl_hook)(unsigned long arg); --extern void (*br_handle_frame_hook)(struct sk_buff *skb); -+extern int (*br_handle_frame_hook)(struct sk_buff *skb); -+extern int (*br_should_route_hook)(struct sk_buff **pskb); - - #endif - ---- linux-2.4.21/net/core/dev.c Fri Jun 13 16:51:39 2003 -+++ linux-2.4.21-ebt-brnf-3/net/core/dev.c Fri Aug 8 01:10:03 2003 -@@ -1424,7 +1424,7 @@ static void net_tx_action(struct softirq - - - #if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) --void (*br_handle_frame_hook)(struct sk_buff *skb) = NULL; -+int (*br_handle_frame_hook)(struct sk_buff *skb) = NULL; - #endif - - static __inline__ int handle_bridge(struct sk_buff *skb, -@@ -1441,7 +1441,6 @@ static __inline__ int handle_bridge(stru - } - } - -- br_handle_frame_hook(skb); - return ret; - } - -@@ -1497,11 +1496,16 @@ int netif_receive_skb(struct sk_buff *sk - if (skb->dev->divert && skb->dev->divert->divert) - ret = handle_diverter(skb); - #endif /* CONFIG_NET_DIVERT */ -- -+ - #if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) - if (skb->dev->br_port != NULL && -- br_handle_frame_hook != NULL) { -- return handle_bridge(skb, pt_prev); -+ br_handle_frame_hook != NULL) { -+ int ret; -+ -+ ret = handle_bridge(skb, pt_prev); -+ if (br_handle_frame_hook(skb) == 0) -+ return ret; -+ pt_prev = NULL; - } - #endif - -@@ -1897,7 +1901,7 @@ static int dev_proc_stats(char *buffer, - * are adjusted, %RTM_NEWLINK is sent to the routing socket and the - * function returns zero. - */ -- -+ - int netdev_set_master(struct net_device *slave, struct net_device *master) - { - struct net_device *old = slave->master; ---- linux-2.4.21/net/bridge/br_input.c Sat Aug 3 02:39:46 2002 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/br_input.c Fri Aug 8 01:09:06 2003 -@@ -24,6 +24,9 @@ unsigned char bridge_ula[6] = { 0x01, 0x - - static int br_pass_frame_up_finish(struct sk_buff *skb) - { -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug = 0; -+#endif - netif_rx(skb); - - return 0; -@@ -46,7 +49,7 @@ static void br_pass_frame_up(struct net_ - br_pass_frame_up_finish); - } - --static int br_handle_frame_finish(struct sk_buff *skb) -+int br_handle_frame_finish(struct sk_buff *skb) - { - struct net_bridge *br; - unsigned char *dest; -@@ -112,7 +115,7 @@ err_nolock: - return 0; - } - --void br_handle_frame(struct sk_buff *skb) -+int br_handle_frame(struct sk_buff *skb) - { - struct net_bridge *br; - unsigned char *dest; -@@ -146,25 +149,35 @@ void br_handle_frame(struct sk_buff *skb - goto handle_special_frame; - - if (p->state == BR_STATE_FORWARDING) { -+ -+ if (br_should_route_hook && br_should_route_hook(&skb)) { -+ read_unlock(&br->lock); -+ return -1; -+ } -+ -+ if (!memcmp(p->br->dev.dev_addr, dest, ETH_ALEN)) -+ skb->pkt_type = PACKET_HOST; -+ - NF_HOOK(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL, - br_handle_frame_finish); - read_unlock(&br->lock); -- return; -+ return 0; - } - - err: - read_unlock(&br->lock); - err_nolock: - kfree_skb(skb); -- return; -+ return 0; - - handle_special_frame: - if (!dest[5]) { - br_stp_handle_bpdu(skb); - read_unlock(&br->lock); -- return; -+ return 0; - } - - read_unlock(&br->lock); - kfree_skb(skb); -+ return 0; - } ---- linux-2.4.21/net/bridge/br_forward.c Sat Aug 3 02:39:46 2002 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/br_forward.c Fri Aug 8 01:09:06 2003 -@@ -30,18 +30,22 @@ static inline int should_deliver(struct - return 1; - } - --static int __dev_queue_push_xmit(struct sk_buff *skb) -+int br_dev_queue_push_xmit(struct sk_buff *skb) - { -+#ifdef CONFIG_NETFILTER -+ if (skb->nf_bridge) -+ memcpy(skb->data - 16, skb->nf_bridge->hh, 16); -+#endif - skb_push(skb, ETH_HLEN); - dev_queue_xmit(skb); - - return 0; - } - --static int __br_forward_finish(struct sk_buff *skb) -+int br_forward_finish(struct sk_buff *skb) - { - NF_HOOK(PF_BRIDGE, NF_BR_POST_ROUTING, skb, NULL, skb->dev, -- __dev_queue_push_xmit); -+ br_dev_queue_push_xmit); - - return 0; - } -@@ -49,8 +53,11 @@ static int __br_forward_finish(struct sk - static void __br_deliver(struct net_bridge_port *to, struct sk_buff *skb) - { - skb->dev = to->dev; -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug = 0; -+#endif - NF_HOOK(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, -- __br_forward_finish); -+ br_forward_finish); - } - - static void __br_forward(struct net_bridge_port *to, struct sk_buff *skb) -@@ -61,7 +68,7 @@ static void __br_forward(struct net_brid - skb->dev = to->dev; - - NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, indev, skb->dev, -- __br_forward_finish); -+ br_forward_finish); - } - - /* called under bridge lock */ ---- linux-2.4.21/net/bridge/br.c Fri Nov 29 00:53:15 2002 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/br.c Fri Aug 8 01:09:06 2003 -@@ -29,6 +29,8 @@ - #include "../atm/lec.h" - #endif - -+int (*br_should_route_hook) (struct sk_buff **pskb) = NULL; -+ - void br_dec_use_count() - { - MOD_DEC_USE_COUNT; -@@ -43,6 +45,10 @@ static int __init br_init(void) - { - printk(KERN_INFO "NET4: Ethernet Bridge 008 for NET4.0\n"); - -+#ifdef CONFIG_NETFILTER -+ if (br_netfilter_init()) -+ return 1; -+#endif - br_handle_frame_hook = br_handle_frame; - br_ioctl_hook = br_ioctl_deviceless_stub; - #if defined(CONFIG_ATM_LANE) || defined(CONFIG_ATM_LANE_MODULE) -@@ -61,6 +67,9 @@ static void __br_clear_ioctl_hook(void) - - static void __exit br_deinit(void) - { -+#ifdef CONFIG_NETFILTER -+ br_netfilter_fini(); -+#endif - unregister_netdevice_notifier(&br_device_notifier); - br_call_ioctl_atomic(__br_clear_ioctl_hook); - -@@ -74,7 +83,7 @@ static void __exit br_deinit(void) - #endif - } - --EXPORT_NO_SYMBOLS; -+EXPORT_SYMBOL(br_should_route_hook); - - module_init(br_init) - module_exit(br_deinit) ---- linux-2.4.21/net/bridge/Makefile Fri Dec 29 23:07:24 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/Makefile Fri Aug 8 01:09:06 2003 -@@ -7,10 +7,17 @@ - # - # Note 2! The CFLAGS definition is now in the main makefile... - -+export-objs := br.o -+ - O_TARGET := bridge.o - obj-y := br.o br_device.o br_fdb.o br_forward.o br_if.o br_input.o \ - br_ioctl.o br_notify.o br_stp.o br_stp_bpdu.o \ - br_stp_if.o br_stp_timer.o -+ -+ifeq ($(CONFIG_NETFILTER),y) -+obj-y += br_netfilter.o -+endif -+ - obj-m := $(O_TARGET) - - include $(TOPDIR)/Rules.make ---- linux-2.4.21/include/linux/netfilter_bridge.h Tue Jun 12 04:15:27 2001 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge.h Fri Aug 8 01:09:06 2003 -@@ -1,11 +1,14 @@ - #ifndef __LINUX_BRIDGE_NETFILTER_H - #define __LINUX_BRIDGE_NETFILTER_H - --/* bridge-specific defines for netfilter. -+/* bridge-specific defines for netfilter. - */ - - #include <linux/config.h> - #include <linux/netfilter.h> -+#if defined(__KERNEL__) && defined(CONFIG_NETFILTER) -+#include <asm/atomic.h> -+#endif - - /* Bridge Hooks */ - /* After promisc drops, checksum checks. */ -@@ -18,7 +21,49 @@ - #define NF_BR_LOCAL_OUT 3 - /* Packets about to hit the wire. */ - #define NF_BR_POST_ROUTING 4 --#define NF_BR_NUMHOOKS 5 -+/* Not really a hook, but used for the ebtables broute table */ -+#define NF_BR_BROUTING 5 -+#define NF_BR_NUMHOOKS 6 - -+#ifdef __KERNEL__ - -+#define BRNF_PKT_TYPE 0x01 -+#define BRNF_BRIDGED_DNAT 0x02 -+#define BRNF_DONT_TAKE_PARENT 0x04 -+#define BRNF_BRIDGED 0x08 -+ -+enum nf_br_hook_priorities { -+ NF_BR_PRI_FIRST = INT_MIN, -+ NF_BR_PRI_NAT_DST_BRIDGED = -300, -+ NF_BR_PRI_FILTER_BRIDGED = -200, -+ NF_BR_PRI_BRNF = 0, -+ NF_BR_PRI_NAT_DST_OTHER = 100, -+ NF_BR_PRI_FILTER_OTHER = 200, -+ NF_BR_PRI_NAT_SRC = 300, -+ NF_BR_PRI_LAST = INT_MAX, -+}; -+ -+#ifdef CONFIG_NETFILTER -+static inline -+struct nf_bridge_info *nf_bridge_alloc(struct sk_buff *skb) -+{ -+ struct nf_bridge_info **nf_bridge = &(skb->nf_bridge); -+ -+ if ((*nf_bridge = kmalloc(sizeof(**nf_bridge), GFP_ATOMIC)) != NULL) { -+ atomic_set(&(*nf_bridge)->use, 1); -+ (*nf_bridge)->mask = 0; -+ (*nf_bridge)->physindev = (*nf_bridge)->physoutdev = NULL; -+ } -+ -+ return *nf_bridge; -+} -+ -+struct bridge_skb_cb { -+ union { -+ __u32 ipv4; -+ } daddr; -+}; -+#endif /* CONFIG_NETFILTER */ -+ -+#endif /* __KERNEL__ */ - #endif ---- linux-2.4.21/net/Makefile Sat Aug 3 02:39:46 2002 -+++ linux-2.4.21-ebt-brnf-3/net/Makefile Fri Aug 8 01:09:06 2003 -@@ -7,7 +7,8 @@ - - O_TARGET := network.o - --mod-subdirs := ipv4/netfilter ipv6/netfilter ipx irda bluetooth atm netlink sched core -+mod-subdirs := ipv4/netfilter ipv6/netfilter bridge/netfilter ipx irda \ -+ bluetooth atm netlink sched core - export-objs := netsyms.o - - subdir-y := core ethernet -@@ -23,6 +24,12 @@ subdir-$(CONFIG_IPV6) += ipv6 - ifneq ($(CONFIG_IPV6),n) - ifneq ($(CONFIG_IPV6),) - subdir-$(CONFIG_NETFILTER) += ipv6/netfilter -+endif -+endif -+ -+ifneq ($(CONFIG_BRIDGE),n) -+ifneq ($(CONFIG_BRIDGE),) -+subdir-$(CONFIG_BRIDGE) += bridge/netfilter - endif - endif - ---- linux-2.4.21/net/Config.in Sat Aug 3 02:39:46 2002 -+++ linux-2.4.21-ebt-brnf-3/net/Config.in Fri Aug 8 01:09:06 2003 -@@ -65,6 +65,9 @@ if [ "$CONFIG_DECNET" != "n" ]; then - source net/decnet/Config.in - fi - dep_tristate '802.1d Ethernet Bridging' CONFIG_BRIDGE $CONFIG_INET -+if [ "$CONFIG_BRIDGE" != "n" -a "$CONFIG_NETFILTER" != "n" ]; then -+ source net/bridge/netfilter/Config.in -+fi - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then - tristate 'CCITT X.25 Packet Layer (EXPERIMENTAL)' CONFIG_X25 - tristate 'LAPB Data Link Driver (EXPERIMENTAL)' CONFIG_LAPB ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/Makefile Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,30 @@ -+# -+# Makefile for the netfilter modules on top of bridging. -+# -+# Note! Dependencies are done automagically by 'make dep', which also -+# removes any old dependencies. DON'T put your own dependencies here -+# unless it's something special (ie not a .c file). -+# -+# Note 2! The CFLAGS definition is now in the main makefile... -+ -+O_TARGET := netfilter.o -+ -+export-objs := ebtables.o -+ -+obj-$(CONFIG_BRIDGE_NF_EBTABLES) += ebtables.o -+obj-$(CONFIG_BRIDGE_EBT_T_FILTER) += ebtable_filter.o -+obj-$(CONFIG_BRIDGE_EBT_T_NAT) += ebtable_nat.o -+obj-$(CONFIG_BRIDGE_EBT_BROUTE) += ebtable_broute.o -+obj-$(CONFIG_BRIDGE_EBT_IPF) += ebt_ip.o -+obj-$(CONFIG_BRIDGE_EBT_ARPF) += ebt_arp.o -+obj-$(CONFIG_BRIDGE_EBT_VLANF) += ebt_vlan.o -+obj-$(CONFIG_BRIDGE_EBT_MARKF) += ebt_mark_m.o -+obj-$(CONFIG_BRIDGE_EBT_802_3) += ebt_802_3.o -+obj-$(CONFIG_BRIDGE_EBT_PKTTYPE) += ebt_pkttype.o -+obj-$(CONFIG_BRIDGE_EBT_PKTTYPE) += ebt_stp.o -+obj-$(CONFIG_BRIDGE_EBT_LOG) += ebt_log.o -+obj-$(CONFIG_BRIDGE_EBT_SNAT) += ebt_snat.o -+obj-$(CONFIG_BRIDGE_EBT_DNAT) += ebt_dnat.o -+obj-$(CONFIG_BRIDGE_EBT_REDIRECT) += ebt_redirect.o -+obj-$(CONFIG_BRIDGE_EBT_MARK_T) += ebt_mark.o -+include $(TOPDIR)/Rules.make ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/Config.in Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,19 @@ -+# -+# Bridge netfilter configuration -+# -+dep_tristate ' Bridge: ebtables' CONFIG_BRIDGE_NF_EBTABLES $CONFIG_BRIDGE -+dep_tristate ' ebt: filter table support' CONFIG_BRIDGE_EBT_T_FILTER $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: nat table support' CONFIG_BRIDGE_EBT_T_NAT $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: broute table support' CONFIG_BRIDGE_EBT_BROUTE $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: log support' CONFIG_BRIDGE_EBT_LOG $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: IP filter support' CONFIG_BRIDGE_EBT_IPF $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: ARP filter support' CONFIG_BRIDGE_EBT_ARPF $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: 802.1Q VLAN filter support' CONFIG_BRIDGE_EBT_VLANF $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: 802.3 filter support' CONFIG_BRIDGE_EBT_802_3 $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: packet type filter support' CONFIG_BRIDGE_EBT_PKTTYPE $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: STP filter support' CONFIG_BRIDGE_EBT_STP $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: mark filter support' CONFIG_BRIDGE_EBT_MARKF $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: snat target support' CONFIG_BRIDGE_EBT_SNAT $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: dnat target support' CONFIG_BRIDGE_EBT_DNAT $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: redirect target support' CONFIG_BRIDGE_EBT_REDIRECT $CONFIG_BRIDGE_NF_EBTABLES -+dep_tristate ' ebt: mark target support' CONFIG_BRIDGE_EBT_MARK_T $CONFIG_BRIDGE_NF_EBTABLES ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebtable_filter.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,90 @@ -+/* -+ * ebtable_filter -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/module.h> -+ -+#define FILTER_VALID_HOOKS ((1 << NF_BR_LOCAL_IN) | (1 << NF_BR_FORWARD) | \ -+ (1 << NF_BR_LOCAL_OUT)) -+ -+static struct ebt_entries initial_chains[] = -+{ -+ {0, "INPUT", 0, EBT_ACCEPT, 0}, -+ {0, "FORWARD", 0, EBT_ACCEPT, 0}, -+ {0, "OUTPUT", 0, EBT_ACCEPT, 0} -+}; -+ -+static struct ebt_replace initial_table = -+{ -+ "filter", FILTER_VALID_HOOKS, 0, 3 * sizeof(struct ebt_entries), -+ { [NF_BR_LOCAL_IN]&initial_chains[0], [NF_BR_FORWARD]&initial_chains[1], -+ [NF_BR_LOCAL_OUT]&initial_chains[2] }, 0, NULL, (char *)initial_chains -+}; -+ -+static int check(const struct ebt_table_info *info, unsigned int valid_hooks) -+{ -+ if (valid_hooks & ~FILTER_VALID_HOOKS) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_table frame_filter = -+{ -+ {NULL, NULL}, "filter", &initial_table, FILTER_VALID_HOOKS, -+ RW_LOCK_UNLOCKED, check, NULL -+}; -+ -+static unsigned int -+ebt_hook (unsigned int hook, struct sk_buff **pskb, const struct net_device *in, -+ const struct net_device *out, int (*okfn)(struct sk_buff *)) -+{ -+ return ebt_do_table(hook, pskb, in, out, &frame_filter); -+} -+ -+static struct nf_hook_ops ebt_ops_filter[] = { -+ { { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_LOCAL_IN, -+ NF_BR_PRI_FILTER_BRIDGED}, -+ { { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_FORWARD, -+ NF_BR_PRI_FILTER_BRIDGED}, -+ { { NULL, NULL }, ebt_hook, PF_BRIDGE, NF_BR_LOCAL_OUT, -+ NF_BR_PRI_FILTER_OTHER} -+}; -+ -+static int __init init(void) -+{ -+ int i, j, ret; -+ -+ ret = ebt_register_table(&frame_filter); -+ if (ret < 0) -+ return ret; -+ for (i = 0; i < sizeof(ebt_ops_filter) / sizeof(ebt_ops_filter[0]); i++) -+ if ((ret = nf_register_hook(&ebt_ops_filter[i])) < 0) -+ goto cleanup; -+ return ret; -+cleanup: -+ for (j = 0; j < i; j++) -+ nf_unregister_hook(&ebt_ops_filter[j]); -+ ebt_unregister_table(&frame_filter); -+ return ret; -+} -+ -+static void __exit fini(void) -+{ -+ int i; -+ -+ for (i = 0; i < sizeof(ebt_ops_filter) / sizeof(ebt_ops_filter[0]); i++) -+ nf_unregister_hook(&ebt_ops_filter[i]); -+ ebt_unregister_table(&frame_filter); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebtable_nat.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,96 @@ -+/* -+ * ebtable_nat -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/module.h> -+#define NAT_VALID_HOOKS ((1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_LOCAL_OUT) | \ -+ (1 << NF_BR_POST_ROUTING)) -+ -+static struct ebt_entries initial_chains[] = -+{ -+ {0, "PREROUTING", 0, EBT_ACCEPT, 0}, -+ {0, "OUTPUT", 0, EBT_ACCEPT, 0}, -+ {0, "POSTROUTING", 0, EBT_ACCEPT, 0} -+}; -+ -+static struct ebt_replace initial_table = -+{ -+ "nat", NAT_VALID_HOOKS, 0, 3 * sizeof(struct ebt_entries), -+ { [NF_BR_PRE_ROUTING]&initial_chains[0], [NF_BR_LOCAL_OUT]&initial_chains[1], -+ [NF_BR_POST_ROUTING]&initial_chains[2] }, 0, NULL, (char *)initial_chains -+}; -+ -+static int check(const struct ebt_table_info *info, unsigned int valid_hooks) -+{ -+ if (valid_hooks & ~NAT_VALID_HOOKS) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_table frame_nat = -+{ -+ {NULL, NULL}, "nat", &initial_table, NAT_VALID_HOOKS, -+ RW_LOCK_UNLOCKED, check, NULL -+}; -+ -+static unsigned int -+ebt_nat_dst(unsigned int hook, struct sk_buff **pskb, const struct net_device *in -+ , const struct net_device *out, int (*okfn)(struct sk_buff *)) -+{ -+ return ebt_do_table(hook, pskb, in, out, &frame_nat); -+} -+ -+static unsigned int -+ebt_nat_src(unsigned int hook, struct sk_buff **pskb, const struct net_device *in -+ , const struct net_device *out, int (*okfn)(struct sk_buff *)) -+{ -+ return ebt_do_table(hook, pskb, in, out, &frame_nat); -+} -+ -+static struct nf_hook_ops ebt_ops_nat[] = { -+ { { NULL, NULL }, ebt_nat_dst, PF_BRIDGE, NF_BR_LOCAL_OUT, -+ NF_BR_PRI_NAT_DST_OTHER}, -+ { { NULL, NULL }, ebt_nat_src, PF_BRIDGE, NF_BR_POST_ROUTING, -+ NF_BR_PRI_NAT_SRC}, -+ { { NULL, NULL }, ebt_nat_dst, PF_BRIDGE, NF_BR_PRE_ROUTING, -+ NF_BR_PRI_NAT_DST_BRIDGED}, -+}; -+ -+static int __init init(void) -+{ -+ int i, ret, j; -+ -+ ret = ebt_register_table(&frame_nat); -+ if (ret < 0) -+ return ret; -+ for (i = 0; i < sizeof(ebt_ops_nat) / sizeof(ebt_ops_nat[0]); i++) -+ if ((ret = nf_register_hook(&ebt_ops_nat[i])) < 0) -+ goto cleanup; -+ return ret; -+cleanup: -+ for (j = 0; j < i; j++) -+ nf_unregister_hook(&ebt_ops_nat[j]); -+ ebt_unregister_table(&frame_nat); -+ return ret; -+} -+ -+static void __exit fini(void) -+{ -+ int i; -+ -+ for (i = 0; i < sizeof(ebt_ops_nat) / sizeof(ebt_ops_nat[0]); i++) -+ nf_unregister_hook(&ebt_ops_nat[i]); -+ ebt_unregister_table(&frame_nat); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebtable_broute.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,79 @@ -+/* -+ * ebtable_broute -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ * This table lets you choose between routing and bridging for frames -+ * entering on a bridge enslaved nic. This table is traversed before any -+ * other ebtables table. See net/bridge/br_input.c. -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/module.h> -+#include <linux/if_bridge.h> -+#include <linux/brlock.h> -+ -+// EBT_ACCEPT means the frame will be bridged -+// EBT_DROP means the frame will be routed -+static struct ebt_entries initial_chain = -+ {0, "BROUTING", 0, EBT_ACCEPT, 0}; -+ -+static struct ebt_replace initial_table = -+{ -+ "broute", 1 << NF_BR_BROUTING, 0, sizeof(struct ebt_entries), -+ { [NF_BR_BROUTING]&initial_chain}, 0, NULL, (char *)&initial_chain -+}; -+ -+static int check(const struct ebt_table_info *info, unsigned int valid_hooks) -+{ -+ if (valid_hooks & ~(1 << NF_BR_BROUTING)) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_table broute_table = -+{ -+ {NULL, NULL}, "broute", &initial_table, 1 << NF_BR_BROUTING, -+ RW_LOCK_UNLOCKED, check, NULL -+}; -+ -+static int ebt_broute(struct sk_buff **pskb) -+{ -+ int ret; -+ -+ ret = ebt_do_table(NF_BR_BROUTING, pskb, (*pskb)->dev, NULL, -+ &broute_table); -+ if (ret == NF_DROP) -+ return 1; // route it -+ return 0; // bridge it -+} -+ -+static int __init init(void) -+{ -+ int ret; -+ -+ ret = ebt_register_table(&broute_table); -+ if (ret < 0) -+ return ret; -+ br_write_lock_bh(BR_NETPROTO_LOCK); -+ // see br_input.c -+ br_should_route_hook = ebt_broute; -+ br_write_unlock_bh(BR_NETPROTO_LOCK); -+ return ret; -+} -+ -+static void __exit fini(void) -+{ -+ br_write_lock_bh(BR_NETPROTO_LOCK); -+ br_should_route_hook = NULL; -+ br_write_unlock_bh(BR_NETPROTO_LOCK); -+ ebt_unregister_table(&broute_table); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_802_3.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,74 @@ -+/* -+ * 802_3 -+ * -+ * Author: -+ * Chris Vitale csv@bluetail.com -+ * -+ * May 2003 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_802_3.h> -+#include <linux/module.h> -+ -+static int ebt_filter_802_3(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *data, unsigned int datalen) -+{ -+ struct ebt_802_3_info *info = (struct ebt_802_3_info *)data; -+ struct ebt_802_3_hdr *hdr = (struct ebt_802_3_hdr *)skb->mac.ethernet; -+ uint16_t type = hdr->llc.ui.ctrl & IS_UI ? hdr->llc.ui.type : hdr->llc.ni.type; -+ -+ if (info->bitmask & EBT_802_3_SAP) { -+ if (FWINV(info->sap != hdr->llc.ui.ssap, EBT_802_3_SAP)) -+ return EBT_NOMATCH; -+ if (FWINV(info->sap != hdr->llc.ui.dsap, EBT_802_3_SAP)) -+ return EBT_NOMATCH; -+ } -+ -+ if (info->bitmask & EBT_802_3_TYPE) { -+ if (!(hdr->llc.ui.dsap == CHECK_TYPE && hdr->llc.ui.ssap == CHECK_TYPE)) -+ return EBT_NOMATCH; -+ if (FWINV(info->type != type, EBT_802_3_TYPE)) -+ return EBT_NOMATCH; -+ } -+ -+ return EBT_MATCH; -+} -+ -+static struct ebt_match filter_802_3; -+static int ebt_802_3_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_802_3_info *info = (struct ebt_802_3_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_802_3_info))) -+ return -EINVAL; -+ if (info->bitmask & ~EBT_802_3_MASK || info->invflags & ~EBT_802_3_MASK) -+ return -EINVAL; -+ -+ return 0; -+} -+ -+static struct ebt_match filter_802_3 = -+{ -+ .name = EBT_802_3_MATCH, -+ .match = ebt_filter_802_3, -+ .check = ebt_802_3_check, -+ .me = THIS_MODULE, -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_match(&filter_802_3); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_802_3); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_mark.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,66 @@ -+/* -+ * ebt_mark -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * July, 2002 -+ * -+ */ -+ -+// The mark target can be used in any chain -+// I believe adding a mangle table just for marking is total overkill -+// Marking a frame doesn't really change anything in the frame anyway -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_mark_t.h> -+#include <linux/module.h> -+ -+static int ebt_target_mark(struct sk_buff **pskb, unsigned int hooknr, -+ const struct net_device *in, const struct net_device *out, -+ const void *data, unsigned int datalen) -+{ -+ struct ebt_mark_t_info *info = (struct ebt_mark_t_info *)data; -+ -+ if ((*pskb)->nfmark != info->mark) { -+ (*pskb)->nfmark = info->mark; -+ (*pskb)->nfcache |= NFC_ALTERED; -+ } -+ return info->target; -+} -+ -+static int ebt_target_mark_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_mark_t_info *info = (struct ebt_mark_t_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_mark_t_info))) -+ return -EINVAL; -+ if (BASE_CHAIN && info->target == EBT_RETURN) -+ return -EINVAL; -+ CLEAR_BASE_CHAIN_BIT; -+ if (INVALID_TARGET) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_target mark_target = -+{ -+ {NULL, NULL}, EBT_MARK_TARGET, ebt_target_mark, -+ ebt_target_mark_check, NULL, THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_target(&mark_target); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_target(&mark_target); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_mark_m.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,61 @@ -+/* -+ * ebt_mark_m -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * July, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_mark_m.h> -+#include <linux/module.h> -+ -+static int ebt_filter_mark(const struct sk_buff *skb, -+ const struct net_device *in, const struct net_device *out, const void *data, -+ unsigned int datalen) -+{ -+ struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data; -+ -+ if (info->bitmask & EBT_MARK_OR) -+ return !(!!(skb->nfmark & info->mask) ^ info->invert); -+ return !(((skb->nfmark & info->mask) == info->mark) ^ info->invert); -+} -+ -+static int ebt_mark_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_mark_m_info *info = (struct ebt_mark_m_info *) data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_mark_m_info))) -+ return -EINVAL; -+ if (info->bitmask & ~EBT_MARK_MASK) -+ return -EINVAL; -+ if ((info->bitmask & EBT_MARK_OR) && (info->bitmask & EBT_MARK_AND)) -+ return -EINVAL; -+ if (!info->bitmask) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_match filter_mark = -+{ -+ {NULL, NULL}, EBT_MARK_MATCH, ebt_filter_mark, ebt_mark_check, NULL, -+ THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_match(&filter_mark); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_mark); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_pkttype.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,60 @@ -+/* -+ * ebt_pkttype -+ * -+ * Authors: -+ * Bart De Schuymer <bdschuym@pandora.be> -+ * -+ * April, 2003 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_pkttype.h> -+#include <linux/module.h> -+ -+static int ebt_filter_pkttype(const struct sk_buff *skb, -+ const struct net_device *in, -+ const struct net_device *out, -+ const void *data, -+ unsigned int datalen) -+{ -+ struct ebt_pkttype_info *info = (struct ebt_pkttype_info *)data; -+ -+ return (skb->pkt_type != info->pkt_type) ^ info->invert; -+} -+ -+static int ebt_pkttype_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_pkttype_info *info = (struct ebt_pkttype_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_pkttype_info))) -+ return -EINVAL; -+ if (info->invert != 0 && info->invert != 1) -+ return -EINVAL; -+ /* Allow any pkt_type value */ -+ return 0; -+} -+ -+static struct ebt_match filter_pkttype = -+{ -+ .name = EBT_PKTTYPE_MATCH, -+ .match = ebt_filter_pkttype, -+ .check = ebt_pkttype_check, -+ .me = THIS_MODULE, -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_match(&filter_pkttype); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_pkttype); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_stp.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,191 @@ -+/* -+ * ebt_stp -+ * -+ * Authors: -+ * Bart De Schuymer <bdschuym@pandora.be> -+ * Stephen Hemminger <shemminger@osdl.org> -+ * -+ * June, 2003 -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_stp.h> -+#include <linux/module.h> -+ -+#define BPDU_TYPE_CONFIG 0 -+#define BPDU_TYPE_TCN 0x80 -+ -+struct stp_header { -+ uint8_t dsap; -+ uint8_t ssap; -+ uint8_t ctrl; -+ uint8_t pid; -+ uint8_t vers; -+ uint8_t type; -+}; -+ -+struct stp_config_pdu { -+ uint8_t flags; -+ uint8_t root[8]; -+ uint8_t root_cost[4]; -+ uint8_t sender[8]; -+ uint8_t port[2]; -+ uint8_t msg_age[2]; -+ uint8_t max_age[2]; -+ uint8_t hello_time[2]; -+ uint8_t forward_delay[2]; -+}; -+ -+#define NR16(p) (p[0] << 8 | p[1]) -+#define NR32(p) ((p[0] << 24) | (p[1] << 16) | (p[2] << 8) | p[3]) -+ -+static int ebt_filter_config(struct ebt_stp_info *info, -+ struct stp_config_pdu *stpc) -+{ -+ struct ebt_stp_config_info *c; -+ uint16_t v16; -+ uint32_t v32; -+ int verdict, i; -+ -+ c = &info->config; -+ if ((info->bitmask & EBT_STP_FLAGS) && -+ FWINV(c->flags != stpc->flags, EBT_STP_FLAGS)) -+ return EBT_NOMATCH; -+ if (info->bitmask & EBT_STP_ROOTPRIO) { -+ v16 = NR16(stpc->root); -+ if (FWINV(v16 < c->root_priol || -+ v16 > c->root_priou, EBT_STP_ROOTPRIO)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_ROOTADDR) { -+ verdict = 0; -+ for (i = 0; i < 6; i++) -+ verdict |= (stpc->root[2+i] ^ c->root_addr[i]) & -+ c->root_addrmsk[i]; -+ if (FWINV(verdict != 0, EBT_STP_ROOTADDR)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_ROOTCOST) { -+ v32 = NR32(stpc->root_cost); -+ if (FWINV(v32 < c->root_costl || -+ v32 > c->root_costu, EBT_STP_ROOTCOST)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_SENDERPRIO) { -+ v16 = NR16(stpc->sender); -+ if (FWINV(v16 < c->sender_priol || -+ v16 > c->sender_priou, EBT_STP_SENDERPRIO)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_SENDERADDR) { -+ verdict = 0; -+ for (i = 0; i < 6; i++) -+ verdict |= (stpc->sender[2+i] ^ c->sender_addr[i]) & -+ c->sender_addrmsk[i]; -+ if (FWINV(verdict != 0, EBT_STP_SENDERADDR)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_PORT) { -+ v16 = NR16(stpc->port); -+ if (FWINV(v16 < c->portl || -+ v16 > c->portu, EBT_STP_PORT)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_MSGAGE) { -+ v16 = NR16(stpc->msg_age); -+ if (FWINV(v16 < c->msg_agel || -+ v16 > c->msg_ageu, EBT_STP_MSGAGE)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_MAXAGE) { -+ v16 = NR16(stpc->max_age); -+ if (FWINV(v16 < c->max_agel || -+ v16 > c->max_ageu, EBT_STP_MAXAGE)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_HELLOTIME) { -+ v16 = NR16(stpc->hello_time); -+ if (FWINV(v16 < c->hello_timel || -+ v16 > c->hello_timeu, EBT_STP_HELLOTIME)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_STP_FWDD) { -+ v16 = NR16(stpc->forward_delay); -+ if (FWINV(v16 < c->forward_delayl || -+ v16 > c->forward_delayu, EBT_STP_FWDD)) -+ return EBT_NOMATCH; -+ } -+ return EBT_MATCH; -+} -+ -+static int ebt_filter_stp(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *data, unsigned int datalen) -+{ -+ struct ebt_stp_info *info = (struct ebt_stp_info *)data; -+ struct stp_header stph; -+ uint8_t header[6] = {0x42, 0x42, 0x03, 0x00, 0x00, 0x00}; -+ if (skb_copy_bits(skb, 0, &stph, sizeof(stph))) -+ return EBT_NOMATCH; -+ -+ /* The stp code only considers these */ -+ if (memcmp(&stph, header, sizeof(header))) -+ return EBT_NOMATCH; -+ -+ if (info->bitmask & EBT_STP_TYPE -+ && FWINV(info->type != stph.type, EBT_STP_TYPE)) -+ return EBT_NOMATCH; -+ -+ if (stph.type == BPDU_TYPE_CONFIG && -+ info->bitmask & EBT_STP_CONFIG_MASK) { -+ struct stp_config_pdu stpc; -+ -+ if (skb_copy_bits(skb, sizeof(stph), &stpc, sizeof(stpc))) -+ return EBT_NOMATCH; -+ return ebt_filter_config(info, &stpc); -+ } -+ return EBT_MATCH; -+} -+ -+static int ebt_stp_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_stp_info *info = (struct ebt_stp_info *)data; -+ int len = EBT_ALIGN(sizeof(struct ebt_stp_info)); -+ uint8_t bridge_ula[6] = { 0x01, 0x80, 0xc2, 0x00, 0x00, 0x00 }; -+ uint8_t msk[6] = { 0xff, 0xff, 0xff, 0xff, 0xff, 0xff }; -+ -+ if (info->bitmask & ~EBT_STP_MASK || info->invflags & ~EBT_STP_MASK || -+ !(info->bitmask & EBT_STP_MASK)) -+ return -EINVAL; -+ if (datalen != len) -+ return -EINVAL; -+ /* Make sure the match only receives stp frames */ -+ if (memcmp(e->destmac, bridge_ula, ETH_ALEN) || -+ memcmp(e->destmsk, msk, ETH_ALEN) || !(e->bitmask & EBT_DESTMAC)) -+ return -EINVAL; -+ -+ return 0; -+} -+ -+static struct ebt_match filter_stp = -+{ -+ .name = EBT_STP_MATCH, -+ .match = ebt_filter_stp, -+ .check = ebt_stp_check, -+ .me = THIS_MODULE, -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_match(&filter_stp); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_stp); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_redirect.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,71 @@ -+/* -+ * ebt_redirect -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_redirect.h> -+#include <linux/module.h> -+#include <net/sock.h> -+#include "../br_private.h" -+ -+static int ebt_target_redirect(struct sk_buff **pskb, unsigned int hooknr, -+ const struct net_device *in, const struct net_device *out, -+ const void *data, unsigned int datalen) -+{ -+ struct ebt_redirect_info *info = (struct ebt_redirect_info *)data; -+ -+ if (hooknr != NF_BR_BROUTING) -+ memcpy((**pskb).mac.ethernet->h_dest, -+ in->br_port->br->dev.dev_addr, ETH_ALEN); -+ else { -+ memcpy((**pskb).mac.ethernet->h_dest, -+ in->dev_addr, ETH_ALEN); -+ (*pskb)->pkt_type = PACKET_HOST; -+ } -+ return info->target; -+} -+ -+static int ebt_target_redirect_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_redirect_info *info = (struct ebt_redirect_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_redirect_info))) -+ return -EINVAL; -+ if (BASE_CHAIN && info->target == EBT_RETURN) -+ return -EINVAL; -+ CLEAR_BASE_CHAIN_BIT; -+ if ( (strcmp(tablename, "nat") || hookmask & ~(1 << NF_BR_PRE_ROUTING)) && -+ (strcmp(tablename, "broute") || hookmask & ~(1 << NF_BR_BROUTING)) ) -+ return -EINVAL; -+ if (INVALID_TARGET) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_target redirect_target = -+{ -+ {NULL, NULL}, EBT_REDIRECT_TARGET, ebt_target_redirect, -+ ebt_target_redirect_check, NULL, THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_target(&redirect_target); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_target(&redirect_target); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_arp.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,149 @@ -+/* -+ * ebt_arp -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * Tim Gardner <timg@tpi.com> -+ * -+ * April, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_arp.h> -+#include <linux/if_arp.h> -+#include <linux/if_ether.h> -+#include <linux/module.h> -+ -+static int ebt_filter_arp(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *data, unsigned int datalen) -+{ -+ struct ebt_arp_info *info = (struct ebt_arp_info *)data; -+ -+ if (info->bitmask & EBT_ARP_OPCODE && FWINV(info->opcode != -+ ((*skb).nh.arph)->ar_op, EBT_ARP_OPCODE)) -+ return EBT_NOMATCH; -+ if (info->bitmask & EBT_ARP_HTYPE && FWINV(info->htype != -+ ((*skb).nh.arph)->ar_hrd, EBT_ARP_HTYPE)) -+ return EBT_NOMATCH; -+ if (info->bitmask & EBT_ARP_PTYPE && FWINV(info->ptype != -+ ((*skb).nh.arph)->ar_pro, EBT_ARP_PTYPE)) -+ return EBT_NOMATCH; -+ -+ if (info->bitmask & (EBT_ARP_SRC_IP | EBT_ARP_DST_IP)) -+ { -+ uint32_t arp_len = sizeof(struct arphdr) + -+ (2 * (((*skb).nh.arph)->ar_hln)) + -+ (2 * (((*skb).nh.arph)->ar_pln)); -+ uint32_t dst; -+ uint32_t src; -+ -+ // Make sure the packet is long enough. -+ if ((((*skb).nh.raw) + arp_len) > (*skb).tail) -+ return EBT_NOMATCH; -+ // IPv4 addresses are always 4 bytes. -+ if (((*skb).nh.arph)->ar_pln != sizeof(uint32_t)) -+ return EBT_NOMATCH; -+ -+ if (info->bitmask & EBT_ARP_SRC_IP) { -+ memcpy(&src, ((*skb).nh.raw) + sizeof(struct arphdr) + -+ ((*skb).nh.arph)->ar_hln, sizeof(uint32_t)); -+ if (FWINV(info->saddr != (src & info->smsk), -+ EBT_ARP_SRC_IP)) -+ return EBT_NOMATCH; -+ } -+ -+ if (info->bitmask & EBT_ARP_DST_IP) { -+ memcpy(&dst, ((*skb).nh.raw)+sizeof(struct arphdr) + -+ (2*(((*skb).nh.arph)->ar_hln)) + -+ (((*skb).nh.arph)->ar_pln), sizeof(uint32_t)); -+ if (FWINV(info->daddr != (dst & info->dmsk), -+ EBT_ARP_DST_IP)) -+ return EBT_NOMATCH; -+ } -+ } -+ -+ if (info->bitmask & (EBT_ARP_SRC_MAC | EBT_ARP_DST_MAC)) -+ { -+ uint32_t arp_len = sizeof(struct arphdr) + -+ (2 * (((*skb).nh.arph)->ar_hln)) + -+ (2 * (((*skb).nh.arph)->ar_pln)); -+ unsigned char dst[ETH_ALEN]; -+ unsigned char src[ETH_ALEN]; -+ -+ // Make sure the packet is long enough. -+ if ((((*skb).nh.raw) + arp_len) > (*skb).tail) -+ return EBT_NOMATCH; -+ // MAC addresses are 6 bytes. -+ if (((*skb).nh.arph)->ar_hln != ETH_ALEN) -+ return EBT_NOMATCH; -+ if (info->bitmask & EBT_ARP_SRC_MAC) { -+ uint8_t verdict, i; -+ -+ memcpy(&src, ((*skb).nh.raw) + -+ sizeof(struct arphdr), -+ ETH_ALEN); -+ verdict = 0; -+ for (i = 0; i < 6; i++) -+ verdict |= (src[i] ^ info->smaddr[i]) & -+ info->smmsk[i]; -+ if (FWINV(verdict != 0, EBT_ARP_SRC_MAC)) -+ return EBT_NOMATCH; -+ } -+ -+ if (info->bitmask & EBT_ARP_DST_MAC) { -+ uint8_t verdict, i; -+ -+ memcpy(&dst, ((*skb).nh.raw) + -+ sizeof(struct arphdr) + -+ (((*skb).nh.arph)->ar_hln) + -+ (((*skb).nh.arph)->ar_pln), -+ ETH_ALEN); -+ verdict = 0; -+ for (i = 0; i < 6; i++) -+ verdict |= (dst[i] ^ info->dmaddr[i]) & -+ info->dmmsk[i]; -+ if (FWINV(verdict != 0, EBT_ARP_DST_MAC)) -+ return EBT_NOMATCH; -+ } -+ } -+ -+ return EBT_MATCH; -+} -+ -+static int ebt_arp_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_arp_info *info = (struct ebt_arp_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_arp_info))) -+ return -EINVAL; -+ if ((e->ethproto != __constant_htons(ETH_P_ARP) && -+ e->ethproto != __constant_htons(ETH_P_RARP)) || -+ e->invflags & EBT_IPROTO) -+ return -EINVAL; -+ if (info->bitmask & ~EBT_ARP_MASK || info->invflags & ~EBT_ARP_MASK) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_match filter_arp = -+{ -+ {NULL, NULL}, EBT_ARP_MATCH, ebt_filter_arp, ebt_arp_check, NULL, -+ THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_match(&filter_arp); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_arp); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_ip.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,121 @@ -+/* -+ * ebt_ip -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ * Changes: -+ * added ip-sport and ip-dport -+ * Innominate Security Technologies AG <mhopf@innominate.com> -+ * September, 2002 -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_ip.h> -+#include <linux/ip.h> -+#include <linux/in.h> -+#include <linux/module.h> -+ -+struct tcpudphdr { -+ uint16_t src; -+ uint16_t dst; -+}; -+ -+union h_u { -+ unsigned char *raw; -+ struct tcpudphdr *tuh; -+}; -+ -+static int ebt_filter_ip(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *data, -+ unsigned int datalen) -+{ -+ struct ebt_ip_info *info = (struct ebt_ip_info *)data; -+ -+ if (info->bitmask & EBT_IP_TOS && -+ FWINV(info->tos != ((*skb).nh.iph)->tos, EBT_IP_TOS)) -+ return EBT_NOMATCH; -+ if (info->bitmask & EBT_IP_PROTO) { -+ if (FWINV(info->protocol != ((*skb).nh.iph)->protocol, -+ EBT_IP_PROTO)) -+ return EBT_NOMATCH; -+ if ( info->protocol == IPPROTO_TCP || -+ info->protocol == IPPROTO_UDP ) -+ { -+ union h_u h; -+ h.raw = skb->data + skb->nh.iph->ihl*4; -+ if (info->bitmask & EBT_IP_DPORT) { -+ uint16_t port = ntohs(h.tuh->dst); -+ if (FWINV(port < info->dport[0] || -+ port > info->dport[1], -+ EBT_IP_DPORT)) -+ return EBT_NOMATCH; -+ } -+ if (info->bitmask & EBT_IP_SPORT) { -+ uint16_t port = ntohs(h.tuh->src); -+ if (FWINV(port < info->sport[0] || -+ port > info->sport[1], -+ EBT_IP_SPORT)) -+ return EBT_NOMATCH; -+ } -+ } -+ } -+ if (info->bitmask & EBT_IP_SOURCE && -+ FWINV((((*skb).nh.iph)->saddr & info->smsk) != -+ info->saddr, EBT_IP_SOURCE)) -+ return EBT_NOMATCH; -+ if ((info->bitmask & EBT_IP_DEST) && -+ FWINV((((*skb).nh.iph)->daddr & info->dmsk) != -+ info->daddr, EBT_IP_DEST)) -+ return EBT_NOMATCH; -+ return EBT_MATCH; -+} -+ -+static int ebt_ip_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_ip_info *info = (struct ebt_ip_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_ip_info))) -+ return -EINVAL; -+ if (e->ethproto != __constant_htons(ETH_P_IP) || -+ e->invflags & EBT_IPROTO) -+ return -EINVAL; -+ if (info->bitmask & ~EBT_IP_MASK || info->invflags & ~EBT_IP_MASK) -+ return -EINVAL; -+ if (info->bitmask & (EBT_IP_DPORT | EBT_IP_SPORT)) { -+ if (!info->bitmask & EBT_IPROTO) -+ return -EINVAL; -+ if (info->protocol != IPPROTO_TCP && -+ info->protocol != IPPROTO_UDP) -+ return -EINVAL; -+ } -+ if (info->bitmask & EBT_IP_DPORT && info->dport[0] > info->dport[1]) -+ return -EINVAL; -+ if (info->bitmask & EBT_IP_SPORT && info->sport[0] > info->sport[1]) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_match filter_ip = -+{ -+ {NULL, NULL}, EBT_IP_MATCH, ebt_filter_ip, ebt_ip_check, NULL, -+ THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_match(&filter_ip); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_ip); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_vlan.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,259 @@ -+/* -+ * Description: EBTables 802.1Q match extension kernelspace module. -+ * Authors: Nick Fedchik <nick@fedchik.org.ua> -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * This program is free software; you can redistribute it and/or modify -+ * it under the terms of the GNU General Public License as published by -+ * the Free Software Foundation; either version 2 of the License, or -+ * (at your option) any later version. -+ * -+ * This program is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -+ * GNU General Public License for more details. -+ * -+ * You should have received a copy of the GNU General Public License -+ * along with this program; if not, write to the Free Software -+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -+ */ -+ -+#include <linux/if_ether.h> -+#include <linux/if_vlan.h> -+#include <linux/module.h> -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_vlan.h> -+ -+static unsigned char debug; -+#define MODULE_VERSION "0.6" -+ -+MODULE_PARM(debug, "0-1b"); -+MODULE_PARM_DESC(debug, "debug=1 is turn on debug messages"); -+MODULE_AUTHOR("Nick Fedchik <nick@fedchik.org.ua>"); -+MODULE_DESCRIPTION("802.1Q match module (ebtables extension), v" -+ MODULE_VERSION); -+MODULE_LICENSE("GPL"); -+ -+ -+#define DEBUG_MSG(args...) if (debug) printk (KERN_DEBUG "ebt_vlan: " args) -+#define INV_FLAG(_inv_flag_) (info->invflags & _inv_flag_) ? "!" : "" -+#define GET_BITMASK(_BIT_MASK_) info->bitmask & _BIT_MASK_ -+#define SET_BITMASK(_BIT_MASK_) info->bitmask |= _BIT_MASK_ -+#define EXIT_ON_MISMATCH(_MATCH_,_MASK_) if (!((info->_MATCH_ == _MATCH_)^!!(info->invflags & _MASK_))) return 1; -+ -+/* -+ * Function description: ebt_filter_vlan() is main engine for -+ * checking passed 802.1Q frame according to -+ * the passed extension parameters (in the *data buffer) -+ * ebt_filter_vlan() is called after successfull check the rule params -+ * by ebt_check_vlan() function. -+ * Parameters: -+ * const struct sk_buff *skb - pointer to passed ethernet frame buffer -+ * const void *data - pointer to passed extension parameters -+ * unsigned int datalen - length of passed *data buffer -+ * const struct net_device *in - -+ * const struct net_device *out - -+ * const struct ebt_counter *c - -+ * Returned values: -+ * 0 - ok (all rule params matched) -+ * 1 - miss (rule params not acceptable to the parsed frame) -+ */ -+static int -+ebt_filter_vlan(const struct sk_buff *skb, -+ const struct net_device *in, -+ const struct net_device *out, -+ const void *data, unsigned int datalen) -+{ -+ struct ebt_vlan_info *info = (struct ebt_vlan_info *) data; /* userspace data */ -+ struct vlan_ethhdr *frame = (struct vlan_ethhdr *) skb->mac.raw; /* Passed tagged frame */ -+ -+ unsigned short TCI; /* Whole TCI, given from parsed frame */ -+ unsigned short id; /* VLAN ID, given from frame TCI */ -+ unsigned char prio; /* user_priority, given from frame TCI */ -+ unsigned short encap; /* VLAN encapsulated Type/Length field, given from orig frame */ -+ -+ /* -+ * Tag Control Information (TCI) consists of the following elements: -+ * - User_priority. The user_priority field is three bits in length, -+ * interpreted as a binary number. -+ * - Canonical Format Indicator (CFI). The Canonical Format Indicator -+ * (CFI) is a single bit flag value. Currently ignored. -+ * - VLAN Identifier (VID). The VID is encoded as -+ * an unsigned binary number. -+ */ -+ TCI = ntohs(frame->h_vlan_TCI); -+ id = TCI & VLAN_VID_MASK; -+ prio = (TCI >> 13) & 0x7; -+ encap = frame->h_vlan_encapsulated_proto; -+ -+ /* -+ * Checking VLAN Identifier (VID) -+ */ -+ if (GET_BITMASK(EBT_VLAN_ID)) { /* Is VLAN ID parsed? */ -+ EXIT_ON_MISMATCH(id, EBT_VLAN_ID); -+ } -+ /* -+ * Checking user_priority -+ */ -+ if (GET_BITMASK(EBT_VLAN_PRIO)) { /* Is VLAN user_priority parsed? */ -+ EXIT_ON_MISMATCH(prio, EBT_VLAN_PRIO); -+ } -+ /* -+ * Checking Encapsulated Proto (Length/Type) field -+ */ -+ if (GET_BITMASK(EBT_VLAN_ENCAP)) { /* Is VLAN Encap parsed? */ -+ EXIT_ON_MISMATCH(encap, EBT_VLAN_ENCAP); -+ } -+ /* -+ * All possible extension parameters was parsed. -+ * If rule never returned by missmatch, then all ok. -+ */ -+ return 0; -+} -+ -+/* -+ * Function description: ebt_vlan_check() is called when userspace -+ * delivers the table entry to the kernel, -+ * and to check that userspace doesn't give a bad table. -+ * Parameters: -+ * const char *tablename - table name string -+ * unsigned int hooknr - hook number -+ * const struct ebt_entry *e - ebtables entry basic set -+ * const void *data - pointer to passed extension parameters -+ * unsigned int datalen - length of passed *data buffer -+ * Returned values: -+ * 0 - ok (all delivered rule params are correct) -+ * 1 - miss (rule params is out of range, invalid, incompatible, etc.) -+ */ -+static int -+ebt_check_vlan(const char *tablename, -+ unsigned int hooknr, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_vlan_info *info = (struct ebt_vlan_info *) data; -+ -+ /* -+ * Parameters buffer overflow check -+ */ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_vlan_info))) { -+ DEBUG_MSG -+ ("passed size %d is not eq to ebt_vlan_info (%d)\n", -+ datalen, sizeof(struct ebt_vlan_info)); -+ return -EINVAL; -+ } -+ -+ /* -+ * Is it 802.1Q frame checked? -+ */ -+ if (e->ethproto != __constant_htons(ETH_P_8021Q)) { -+ DEBUG_MSG -+ ("passed entry proto %2.4X is not 802.1Q (8100)\n", -+ (unsigned short) ntohs(e->ethproto)); -+ return -EINVAL; -+ } -+ -+ /* -+ * Check for bitmask range -+ * True if even one bit is out of mask -+ */ -+ if (info->bitmask & ~EBT_VLAN_MASK) { -+ DEBUG_MSG("bitmask %2X is out of mask (%2X)\n", -+ info->bitmask, EBT_VLAN_MASK); -+ return -EINVAL; -+ } -+ -+ /* -+ * Check for inversion flags range -+ */ -+ if (info->invflags & ~EBT_VLAN_MASK) { -+ DEBUG_MSG("inversion flags %2X is out of mask (%2X)\n", -+ info->invflags, EBT_VLAN_MASK); -+ return -EINVAL; -+ } -+ -+ /* -+ * Reserved VLAN ID (VID) values -+ * ----------------------------- -+ * 0 - The null VLAN ID. -+ * 1 - The default Port VID (PVID) -+ * 0x0FFF - Reserved for implementation use. -+ * if_vlan.h: VLAN_GROUP_ARRAY_LEN 4096. -+ */ -+ if (GET_BITMASK(EBT_VLAN_ID)) { /* when vlan-id param was spec-ed */ -+ if (!!info->id) { /* if id!=0 => check vid range */ -+ if (info->id > VLAN_GROUP_ARRAY_LEN) { -+ DEBUG_MSG -+ ("id %d is out of range (1-4096)\n", -+ info->id); -+ return -EINVAL; -+ } -+ /* -+ * Note: This is valid VLAN-tagged frame point. -+ * Any value of user_priority are acceptable, -+ * but should be ignored according to 802.1Q Std. -+ * So we just drop the prio flag. -+ */ -+ info->bitmask &= ~EBT_VLAN_PRIO; -+ } -+ /* -+ * Else, id=0 (null VLAN ID) => user_priority range (any?) -+ */ -+ } -+ -+ if (GET_BITMASK(EBT_VLAN_PRIO)) { -+ if ((unsigned char) info->prio > 7) { -+ DEBUG_MSG -+ ("prio %d is out of range (0-7)\n", -+ info->prio); -+ return -EINVAL; -+ } -+ } -+ /* -+ * Check for encapsulated proto range - it is possible to be -+ * any value for u_short range. -+ * if_ether.h: ETH_ZLEN 60 - Min. octets in frame sans FCS -+ */ -+ if (GET_BITMASK(EBT_VLAN_ENCAP)) { -+ if ((unsigned short) ntohs(info->encap) < ETH_ZLEN) { -+ DEBUG_MSG -+ ("encap frame length %d is less than minimal\n", -+ ntohs(info->encap)); -+ return -EINVAL; -+ } -+ } -+ -+ return 0; -+} -+ -+static struct ebt_match filter_vlan = { -+ {NULL, NULL}, -+ EBT_VLAN_MATCH, -+ ebt_filter_vlan, -+ ebt_check_vlan, -+ NULL, -+ THIS_MODULE -+}; -+ -+/* -+ * Module initialization function. -+ */ -+static int __init init(void) -+{ -+ DEBUG_MSG("ebtables 802.1Q extension module v" -+ MODULE_VERSION "\n"); -+ DEBUG_MSG("module debug=%d\n", !!debug); -+ return ebt_register_match(&filter_vlan); -+} -+ -+/* -+ * Module "finalization" function -+ */ -+static void __exit fini(void) -+{ -+ ebt_unregister_match(&filter_vlan); -+} -+ -+module_init(init); -+module_exit(fini); -+ -+EXPORT_NO_SYMBOLS; ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_log.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,152 @@ -+/* -+ * ebt_log -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_log.h> -+#include <linux/module.h> -+#include <linux/ip.h> -+#include <linux/in.h> -+#include <linux/if_arp.h> -+#include <linux/spinlock.h> -+ -+static spinlock_t ebt_log_lock = SPIN_LOCK_UNLOCKED; -+ -+static int ebt_log_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_log_info *info = (struct ebt_log_info *)data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_log_info))) -+ return -EINVAL; -+ if (info->bitmask & ~EBT_LOG_MASK) -+ return -EINVAL; -+ if (info->loglevel >= 8) -+ return -EINVAL; -+ info->prefix[EBT_LOG_PREFIX_SIZE - 1] = '\0'; -+ return 0; -+} -+ -+struct tcpudphdr -+{ -+ uint16_t src; -+ uint16_t dst; -+}; -+ -+struct arppayload -+{ -+ unsigned char mac_src[ETH_ALEN]; -+ unsigned char ip_src[4]; -+ unsigned char mac_dst[ETH_ALEN]; -+ unsigned char ip_dst[4]; -+}; -+ -+static void print_MAC(unsigned char *p) -+{ -+ int i; -+ -+ for (i = 0; i < ETH_ALEN; i++, p++) -+ printk("%02x%c", *p, i == ETH_ALEN - 1 ? ' ':':'); -+} -+ -+#define myNIPQUAD(a) a[0], a[1], a[2], a[3] -+static void ebt_log(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *data, unsigned int datalen) -+{ -+ struct ebt_log_info *info = (struct ebt_log_info *)data; -+ char level_string[4] = "< >"; -+ level_string[1] = '0' + info->loglevel; -+ -+ spin_lock_bh(&ebt_log_lock); -+ printk(level_string); -+ printk("%s IN=%s OUT=%s ", info->prefix, in ? in->name : "", -+ out ? out->name : ""); -+ -+ printk("MAC source = "); -+ print_MAC((skb->mac.ethernet)->h_source); -+ printk("MAC dest = "); -+ print_MAC((skb->mac.ethernet)->h_dest); -+ -+ printk("proto = 0x%04x", ntohs(((*skb).mac.ethernet)->h_proto)); -+ -+ if ((info->bitmask & EBT_LOG_IP) && skb->mac.ethernet->h_proto == -+ htons(ETH_P_IP)){ -+ struct iphdr *iph = skb->nh.iph; -+ printk(" IP SRC=%u.%u.%u.%u IP DST=%u.%u.%u.%u,", -+ NIPQUAD(iph->saddr), NIPQUAD(iph->daddr)); -+ printk(" IP tos=0x%02X, IP proto=%d", iph->tos, iph->protocol); -+ if (iph->protocol == IPPROTO_TCP || -+ iph->protocol == IPPROTO_UDP) { -+ struct tcpudphdr *ports = (struct tcpudphdr *)(skb->data + iph->ihl*4); -+ -+ if (skb->data + iph->ihl*4 > skb->tail) { -+ printk(" INCOMPLETE TCP/UDP header"); -+ goto out; -+ } -+ printk(" SPT=%u DPT=%u", ntohs(ports->src), -+ ntohs(ports->dst)); -+ } -+ goto out; -+ } -+ -+ if ((info->bitmask & EBT_LOG_ARP) && -+ ((skb->mac.ethernet->h_proto == __constant_htons(ETH_P_ARP)) || -+ (skb->mac.ethernet->h_proto == __constant_htons(ETH_P_RARP)))) { -+ struct arphdr * arph = skb->nh.arph; -+ printk(" ARP HTYPE=%d, PTYPE=0x%04x, OPCODE=%d", -+ ntohs(arph->ar_hrd), ntohs(arph->ar_pro), -+ ntohs(arph->ar_op)); -+ /* If it's for Ethernet and the lengths are OK, -+ * then log the ARP payload */ -+ if (arph->ar_hrd == __constant_htons(1) && -+ arph->ar_hln == ETH_ALEN && -+ arph->ar_pln == sizeof(uint32_t)) { -+ struct arppayload *arpp = (struct arppayload *)(skb->data + sizeof(*arph)); -+ -+ if (skb->data + sizeof(*arph) > skb->tail) { -+ printk(" INCOMPLETE ARP header"); -+ goto out; -+ } -+ -+ printk(" ARP MAC SRC="); -+ print_MAC(arpp->mac_src); -+ printk(" ARP IP SRC=%u.%u.%u.%u", -+ myNIPQUAD(arpp->ip_src)); -+ printk(" ARP MAC DST="); -+ print_MAC(arpp->mac_dst); -+ printk(" ARP IP DST=%u.%u.%u.%u", -+ myNIPQUAD(arpp->ip_dst)); -+ } -+ -+ } -+out: -+ printk("\n"); -+ spin_unlock_bh(&ebt_log_lock); -+} -+ -+static struct ebt_watcher log = -+{ -+ {NULL, NULL}, EBT_LOG_WATCHER, ebt_log, ebt_log_check, NULL, -+ THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_watcher(&log); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_watcher(&log); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_snat.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,64 @@ -+/* -+ * ebt_snat -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * June, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_nat.h> -+#include <linux/module.h> -+ -+static int ebt_target_snat(struct sk_buff **pskb, unsigned int hooknr, -+ const struct net_device *in, const struct net_device *out, -+ const void *data, unsigned int datalen) -+{ -+ struct ebt_nat_info *info = (struct ebt_nat_info *) data; -+ -+ memcpy(((**pskb).mac.ethernet)->h_source, info->mac, -+ ETH_ALEN * sizeof(unsigned char)); -+ return info->target; -+} -+ -+static int ebt_target_snat_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_nat_info *info = (struct ebt_nat_info *) data; -+ -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_nat_info))) -+ return -EINVAL; -+ if (BASE_CHAIN && info->target == EBT_RETURN) -+ return -EINVAL; -+ CLEAR_BASE_CHAIN_BIT; -+ if (strcmp(tablename, "nat")) -+ return -EINVAL; -+ if (hookmask & ~(1 << NF_BR_POST_ROUTING)) -+ return -EINVAL; -+ if (INVALID_TARGET) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_target snat = -+{ -+ {NULL, NULL}, EBT_SNAT_TARGET, ebt_target_snat, ebt_target_snat_check, -+ NULL, THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_target(&snat); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_target(&snat); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebt_dnat.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,65 @@ -+/* -+ * ebt_dnat -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * June, 2002 -+ * -+ */ -+ -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/netfilter_bridge/ebt_nat.h> -+#include <linux/module.h> -+#include <net/sock.h> -+ -+static int ebt_target_dnat(struct sk_buff **pskb, unsigned int hooknr, -+ const struct net_device *in, const struct net_device *out, -+ const void *data, unsigned int datalen) -+{ -+ struct ebt_nat_info *info = (struct ebt_nat_info *)data; -+ -+ memcpy(((**pskb).mac.ethernet)->h_dest, info->mac, -+ ETH_ALEN * sizeof(unsigned char)); -+ return info->target; -+} -+ -+static int ebt_target_dnat_check(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *data, unsigned int datalen) -+{ -+ struct ebt_nat_info *info = (struct ebt_nat_info *)data; -+ -+ if (BASE_CHAIN && info->target == EBT_RETURN) -+ return -EINVAL; -+ CLEAR_BASE_CHAIN_BIT; -+ if ( (strcmp(tablename, "nat") || -+ (hookmask & ~((1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_LOCAL_OUT)))) && -+ (strcmp(tablename, "broute") || hookmask & ~(1 << NF_BR_BROUTING)) ) -+ return -EINVAL; -+ if (datalen != EBT_ALIGN(sizeof(struct ebt_nat_info))) -+ return -EINVAL; -+ if (INVALID_TARGET) -+ return -EINVAL; -+ return 0; -+} -+ -+static struct ebt_target dnat = -+{ -+ {NULL, NULL}, EBT_DNAT_TARGET, ebt_target_dnat, ebt_target_dnat_check, -+ NULL, THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ebt_register_target(&dnat); -+} -+ -+static void __exit fini(void) -+{ -+ ebt_unregister_target(&dnat); -+} -+ -+module_init(init); -+module_exit(fini); -+EXPORT_NO_SYMBOLS; -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/netfilter/ebtables.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,1490 @@ -+/* -+ * ebtables -+ * -+ * Author: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * ebtables.c,v 2.0, July, 2002 -+ * -+ * This code is stongly inspired on the iptables code which is -+ * Copyright (C) 1999 Paul `Rusty' Russell & Michael J. Neuling -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ */ -+ -+// used for print_string -+#include <linux/sched.h> -+#include <linux/tty.h> -+ -+#include <linux/kmod.h> -+#include <linux/module.h> -+#include <linux/vmalloc.h> -+#include <linux/netfilter_bridge/ebtables.h> -+#include <linux/spinlock.h> -+#include <asm/uaccess.h> -+#include <linux/smp.h> -+#include <net/sock.h> -+// needed for logical [in,out]-dev filtering -+#include "../br_private.h" -+ -+// list_named_find -+#define ASSERT_READ_LOCK(x) -+#define ASSERT_WRITE_LOCK(x) -+#include <linux/netfilter_ipv4/listhelp.h> -+ -+#if 0 // use this for remote debugging -+// Copyright (C) 1998 by Ori Pomerantz -+// Print the string to the appropriate tty, the one -+// the current task uses -+static void print_string(char *str) -+{ -+ struct tty_struct *my_tty; -+ -+ /* The tty for the current task */ -+ my_tty = current->tty; -+ if (my_tty != NULL) { -+ (*(my_tty->driver).write)(my_tty, 0, str, strlen(str)); -+ (*(my_tty->driver).write)(my_tty, 0, "\015\012", 2); -+ } -+} -+ -+#define BUGPRINT(args) print_string(args); -+#else -+#define BUGPRINT(format, args...) printk("kernel msg: ebtables bug: please "\ -+ "report to author: "format, ## args) -+// #define BUGPRINT(format, args...) -+#endif -+#define MEMPRINT(format, args...) printk("kernel msg: ebtables "\ -+ ": out of memory: "format, ## args) -+// #define MEMPRINT(format, args...) -+ -+ -+ -+// Each cpu has its own set of counters, so there is no need for write_lock in -+// the softirq -+// For reading or updating the counters, the user context needs to -+// get a write_lock -+ -+// The size of each set of counters is altered to get cache alignment -+#define SMP_ALIGN(x) (((x) + SMP_CACHE_BYTES-1) & ~(SMP_CACHE_BYTES-1)) -+#define COUNTER_OFFSET(n) (SMP_ALIGN(n * sizeof(struct ebt_counter))) -+#define COUNTER_BASE(c, n, cpu) ((struct ebt_counter *)(((char *)c) + \ -+ COUNTER_OFFSET(n) * cpu)) -+ -+ -+ -+static DECLARE_MUTEX(ebt_mutex); -+static LIST_HEAD(ebt_tables); -+static LIST_HEAD(ebt_targets); -+static LIST_HEAD(ebt_matches); -+static LIST_HEAD(ebt_watchers); -+ -+static struct ebt_target ebt_standard_target = -+{ {NULL, NULL}, EBT_STANDARD_TARGET, NULL, NULL, NULL, NULL}; -+ -+static inline int ebt_do_watcher (struct ebt_entry_watcher *w, -+ const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out) -+{ -+ w->u.watcher->watcher(skb, in, out, w->data, -+ w->watcher_size); -+ // watchers don't give a verdict -+ return 0; -+} -+ -+static inline int ebt_do_match (struct ebt_entry_match *m, -+ const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out) -+{ -+ return m->u.match->match(skb, in, out, m->data, -+ m->match_size); -+} -+ -+static inline int ebt_dev_check(char *entry, const struct net_device *device) -+{ -+ if (*entry == '\0') -+ return 0; -+ if (!device) -+ return 1; -+ return !!strcmp(entry, device->name); -+} -+ -+#define FWINV2(bool,invflg) ((bool) ^ !!(e->invflags & invflg)) -+// process standard matches -+static inline int ebt_basic_match(struct ebt_entry *e, struct ethhdr *h, -+ const struct net_device *in, const struct net_device *out) -+{ -+ int verdict, i; -+ -+ if (e->bitmask & EBT_802_3) { -+ if (FWINV2(ntohs(h->h_proto) >= 1536, EBT_IPROTO)) -+ return 1; -+ } else if (!(e->bitmask & EBT_NOPROTO) && -+ FWINV2(e->ethproto != h->h_proto, EBT_IPROTO)) -+ return 1; -+ -+ if (FWINV2(ebt_dev_check(e->in, in), EBT_IIN)) -+ return 1; -+ if (FWINV2(ebt_dev_check(e->out, out), EBT_IOUT)) -+ return 1; -+ if ((!in || !in->br_port) ? 0 : FWINV2(ebt_dev_check( -+ e->logical_in, &in->br_port->br->dev), EBT_ILOGICALIN)) -+ return 1; -+ if ((!out || !out->br_port) ? 0 : FWINV2(ebt_dev_check( -+ e->logical_out, &out->br_port->br->dev), EBT_ILOGICALOUT)) -+ return 1; -+ -+ if (e->bitmask & EBT_SOURCEMAC) { -+ verdict = 0; -+ for (i = 0; i < 6; i++) -+ verdict |= (h->h_source[i] ^ e->sourcemac[i]) & -+ e->sourcemsk[i]; -+ if (FWINV2(verdict != 0, EBT_ISOURCE) ) -+ return 1; -+ } -+ if (e->bitmask & EBT_DESTMAC) { -+ verdict = 0; -+ for (i = 0; i < 6; i++) -+ verdict |= (h->h_dest[i] ^ e->destmac[i]) & -+ e->destmsk[i]; -+ if (FWINV2(verdict != 0, EBT_IDEST) ) -+ return 1; -+ } -+ return 0; -+} -+ -+// Do some firewalling -+unsigned int ebt_do_table (unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ struct ebt_table *table) -+{ -+ int i, nentries; -+ struct ebt_entry *point; -+ struct ebt_counter *counter_base, *cb_base; -+ struct ebt_entry_target *t; -+ int verdict, sp = 0; -+ struct ebt_chainstack *cs; -+ struct ebt_entries *chaininfo; -+ char *base; -+ struct ebt_table_info *private = table->private; -+ -+ read_lock_bh(&table->lock); -+ cb_base = COUNTER_BASE(private->counters, private->nentries, -+ cpu_number_map(smp_processor_id())); -+ if (private->chainstack) -+ cs = private->chainstack[cpu_number_map(smp_processor_id())]; -+ else -+ cs = NULL; -+ chaininfo = private->hook_entry[hook]; -+ nentries = private->hook_entry[hook]->nentries; -+ point = (struct ebt_entry *)(private->hook_entry[hook]->data); -+ counter_base = cb_base + private->hook_entry[hook]->counter_offset; -+ // base for chain jumps -+ base = private->entries; -+ i = 0; -+ while (i < nentries) { -+ if (ebt_basic_match(point, (**pskb).mac.ethernet, in, out)) -+ goto letscontinue; -+ -+ if (EBT_MATCH_ITERATE(point, ebt_do_match, *pskb, in, out) != 0) -+ goto letscontinue; -+ -+ // increase counter -+ (*(counter_base + i)).pcnt++; -+ (*(counter_base + i)).bcnt+=(**pskb).len; -+ -+ // these should only watch: not modify, nor tell us -+ // what to do with the packet -+ EBT_WATCHER_ITERATE(point, ebt_do_watcher, *pskb, in, -+ out); -+ -+ t = (struct ebt_entry_target *) -+ (((char *)point) + point->target_offset); -+ // standard target -+ if (!t->u.target->target) -+ verdict = ((struct ebt_standard_target *)t)->verdict; -+ else -+ verdict = t->u.target->target(pskb, hook, -+ in, out, t->data, t->target_size); -+ if (verdict == EBT_ACCEPT) { -+ read_unlock_bh(&table->lock); -+ return NF_ACCEPT; -+ } -+ if (verdict == EBT_DROP) { -+ read_unlock_bh(&table->lock); -+ return NF_DROP; -+ } -+ if (verdict == EBT_RETURN) { -+letsreturn: -+#ifdef CONFIG_NETFILTER_DEBUG -+ if (sp == 0) { -+ BUGPRINT("RETURN on base chain"); -+ // act like this is EBT_CONTINUE -+ goto letscontinue; -+ } -+#endif -+ sp--; -+ // put all the local variables right -+ i = cs[sp].n; -+ chaininfo = cs[sp].chaininfo; -+ nentries = chaininfo->nentries; -+ point = cs[sp].e; -+ counter_base = cb_base + -+ chaininfo->counter_offset; -+ continue; -+ } -+ if (verdict == EBT_CONTINUE) -+ goto letscontinue; -+#ifdef CONFIG_NETFILTER_DEBUG -+ if (verdict < 0) { -+ BUGPRINT("bogus standard verdict\n"); -+ read_unlock_bh(&table->lock); -+ return NF_DROP; -+ } -+#endif -+ // jump to a udc -+ cs[sp].n = i + 1; -+ cs[sp].chaininfo = chaininfo; -+ cs[sp].e = (struct ebt_entry *) -+ (((char *)point) + point->next_offset); -+ i = 0; -+ chaininfo = (struct ebt_entries *) (base + verdict); -+#ifdef CONFIG_NETFILTER_DEBUG -+ if (chaininfo->distinguisher) { -+ BUGPRINT("jump to non-chain\n"); -+ read_unlock_bh(&table->lock); -+ return NF_DROP; -+ } -+#endif -+ nentries = chaininfo->nentries; -+ point = (struct ebt_entry *)chaininfo->data; -+ counter_base = cb_base + chaininfo->counter_offset; -+ sp++; -+ continue; -+letscontinue: -+ point = (struct ebt_entry *) -+ (((char *)point) + point->next_offset); -+ i++; -+ } -+ -+ // I actually like this :) -+ if (chaininfo->policy == EBT_RETURN) -+ goto letsreturn; -+ if (chaininfo->policy == EBT_ACCEPT) { -+ read_unlock_bh(&table->lock); -+ return NF_ACCEPT; -+ } -+ read_unlock_bh(&table->lock); -+ return NF_DROP; -+} -+ -+// If it succeeds, returns element and locks mutex -+static inline void * -+find_inlist_lock_noload(struct list_head *head, const char *name, int *error, -+ struct semaphore *mutex) -+{ -+ void *ret; -+ -+ *error = down_interruptible(mutex); -+ if (*error != 0) -+ return NULL; -+ -+ ret = list_named_find(head, name); -+ if (!ret) { -+ *error = -ENOENT; -+ up(mutex); -+ } -+ return ret; -+} -+ -+#ifndef CONFIG_KMOD -+#define find_inlist_lock(h,n,p,e,m) find_inlist_lock_noload((h),(n),(e),(m)) -+#else -+static void * -+find_inlist_lock(struct list_head *head, const char *name, const char *prefix, -+ int *error, struct semaphore *mutex) -+{ -+ void *ret; -+ -+ ret = find_inlist_lock_noload(head, name, error, mutex); -+ if (!ret) { -+ char modulename[EBT_FUNCTION_MAXNAMELEN + strlen(prefix) + 1]; -+ strcpy(modulename, prefix); -+ strcat(modulename, name); -+ request_module(modulename); -+ ret = find_inlist_lock_noload(head, name, error, mutex); -+ } -+ return ret; -+} -+#endif -+ -+static inline struct ebt_table * -+find_table_lock(const char *name, int *error, struct semaphore *mutex) -+{ -+ return find_inlist_lock(&ebt_tables, name, "ebtable_", error, mutex); -+} -+ -+static inline struct ebt_match * -+find_match_lock(const char *name, int *error, struct semaphore *mutex) -+{ -+ return find_inlist_lock(&ebt_matches, name, "ebt_", error, mutex); -+} -+ -+static inline struct ebt_watcher * -+find_watcher_lock(const char *name, int *error, struct semaphore *mutex) -+{ -+ return find_inlist_lock(&ebt_watchers, name, "ebt_", error, mutex); -+} -+ -+static inline struct ebt_target * -+find_target_lock(const char *name, int *error, struct semaphore *mutex) -+{ -+ return find_inlist_lock(&ebt_targets, name, "ebt_", error, mutex); -+} -+ -+static inline int -+ebt_check_match(struct ebt_entry_match *m, struct ebt_entry *e, -+ const char *name, unsigned int hookmask, unsigned int *cnt) -+{ -+ struct ebt_match *match; -+ int ret; -+ -+ if (((char *)m) + m->match_size + sizeof(struct ebt_entry_match) > -+ ((char *)e) + e->watchers_offset) -+ return -EINVAL; -+ match = find_match_lock(m->u.name, &ret, &ebt_mutex); -+ if (!match) -+ return ret; -+ m->u.match = match; -+ if (match->me) -+ __MOD_INC_USE_COUNT(match->me); -+ up(&ebt_mutex); -+ if (match->check && -+ match->check(name, hookmask, e, m->data, m->match_size) != 0) { -+ BUGPRINT("match->check failed\n"); -+ if (match->me) -+ __MOD_DEC_USE_COUNT(match->me); -+ return -EINVAL; -+ } -+ (*cnt)++; -+ return 0; -+} -+ -+static inline int -+ebt_check_watcher(struct ebt_entry_watcher *w, struct ebt_entry *e, -+ const char *name, unsigned int hookmask, unsigned int *cnt) -+{ -+ struct ebt_watcher *watcher; -+ int ret; -+ -+ if (((char *)w) + w->watcher_size + sizeof(struct ebt_entry_watcher) > -+ ((char *)e) + e->target_offset) -+ return -EINVAL; -+ watcher = find_watcher_lock(w->u.name, &ret, &ebt_mutex); -+ if (!watcher) -+ return ret; -+ w->u.watcher = watcher; -+ if (watcher->me) -+ __MOD_INC_USE_COUNT(watcher->me); -+ up(&ebt_mutex); -+ if (watcher->check && -+ watcher->check(name, hookmask, e, w->data, w->watcher_size) != 0) { -+ BUGPRINT("watcher->check failed\n"); -+ if (watcher->me) -+ __MOD_DEC_USE_COUNT(watcher->me); -+ return -EINVAL; -+ } -+ (*cnt)++; -+ return 0; -+} -+ -+// this one is very careful, as it is the first function -+// to parse the userspace data -+static inline int -+ebt_check_entry_size_and_hooks(struct ebt_entry *e, -+ struct ebt_table_info *newinfo, char *base, char *limit, -+ struct ebt_entries **hook_entries, unsigned int *n, unsigned int *cnt, -+ unsigned int *totalcnt, unsigned int *udc_cnt, unsigned int valid_hooks) -+{ -+ int i; -+ -+ for (i = 0; i < NF_BR_NUMHOOKS; i++) { -+ if ((valid_hooks & (1 << i)) == 0) -+ continue; -+ if ( (char *)hook_entries[i] - base == -+ (char *)e - newinfo->entries) -+ break; -+ } -+ // beginning of a new chain -+ // if i == NF_BR_NUMHOOKS it must be a user defined chain -+ if (i != NF_BR_NUMHOOKS || !(e->bitmask & EBT_ENTRY_OR_ENTRIES)) { -+ if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) != 0) { -+ // we make userspace set this right, -+ // so there is no misunderstanding -+ BUGPRINT("EBT_ENTRY_OR_ENTRIES shouldn't be set " -+ "in distinguisher\n"); -+ return -EINVAL; -+ } -+ // this checks if the previous chain has as many entries -+ // as it said it has -+ if (*n != *cnt) { -+ BUGPRINT("nentries does not equal the nr of entries " -+ "in the chain\n"); -+ return -EINVAL; -+ } -+ // before we look at the struct, be sure it is not too big -+ if ((char *)hook_entries[i] + sizeof(struct ebt_entries) -+ > limit) { -+ BUGPRINT("entries_size too small\n"); -+ return -EINVAL; -+ } -+ if (((struct ebt_entries *)e)->policy != EBT_DROP && -+ ((struct ebt_entries *)e)->policy != EBT_ACCEPT) { -+ // only RETURN from udc -+ if (i != NF_BR_NUMHOOKS || -+ ((struct ebt_entries *)e)->policy != EBT_RETURN) { -+ BUGPRINT("bad policy\n"); -+ return -EINVAL; -+ } -+ } -+ if (i == NF_BR_NUMHOOKS) // it's a user defined chain -+ (*udc_cnt)++; -+ else -+ newinfo->hook_entry[i] = (struct ebt_entries *)e; -+ if (((struct ebt_entries *)e)->counter_offset != *totalcnt) { -+ BUGPRINT("counter_offset != totalcnt"); -+ return -EINVAL; -+ } -+ *n = ((struct ebt_entries *)e)->nentries; -+ *cnt = 0; -+ return 0; -+ } -+ // a plain old entry, heh -+ if (sizeof(struct ebt_entry) > e->watchers_offset || -+ e->watchers_offset > e->target_offset || -+ e->target_offset >= e->next_offset) { -+ BUGPRINT("entry offsets not in right order\n"); -+ return -EINVAL; -+ } -+ // this is not checked anywhere else -+ if (e->next_offset - e->target_offset < sizeof(struct ebt_entry_target)) { -+ BUGPRINT("target size too small\n"); -+ return -EINVAL; -+ } -+ -+ (*cnt)++; -+ (*totalcnt)++; -+ return 0; -+} -+ -+struct ebt_cl_stack -+{ -+ struct ebt_chainstack cs; -+ int from; -+ unsigned int hookmask; -+}; -+ -+// we need these positions to check that the jumps to a different part of the -+// entries is a jump to the beginning of a new chain. -+static inline int -+ebt_get_udc_positions(struct ebt_entry *e, struct ebt_table_info *newinfo, -+ struct ebt_entries **hook_entries, unsigned int *n, unsigned int valid_hooks, -+ struct ebt_cl_stack *udc) -+{ -+ int i; -+ -+ // we're only interested in chain starts -+ if (e->bitmask & EBT_ENTRY_OR_ENTRIES) -+ return 0; -+ for (i = 0; i < NF_BR_NUMHOOKS; i++) { -+ if ((valid_hooks & (1 << i)) == 0) -+ continue; -+ if (newinfo->hook_entry[i] == (struct ebt_entries *)e) -+ break; -+ } -+ // only care about udc -+ if (i != NF_BR_NUMHOOKS) -+ return 0; -+ -+ udc[*n].cs.chaininfo = (struct ebt_entries *)e; -+ // these initialisations are depended on later in check_chainloops() -+ udc[*n].cs.n = 0; -+ udc[*n].hookmask = 0; -+ -+ (*n)++; -+ return 0; -+} -+ -+static inline int -+ebt_cleanup_match(struct ebt_entry_match *m, unsigned int *i) -+{ -+ if (i && (*i)-- == 0) -+ return 1; -+ if (m->u.match->destroy) -+ m->u.match->destroy(m->data, m->match_size); -+ if (m->u.match->me) -+ __MOD_DEC_USE_COUNT(m->u.match->me); -+ -+ return 0; -+} -+ -+static inline int -+ebt_cleanup_watcher(struct ebt_entry_watcher *w, unsigned int *i) -+{ -+ if (i && (*i)-- == 0) -+ return 1; -+ if (w->u.watcher->destroy) -+ w->u.watcher->destroy(w->data, w->watcher_size); -+ if (w->u.watcher->me) -+ __MOD_DEC_USE_COUNT(w->u.watcher->me); -+ -+ return 0; -+} -+ -+static inline int -+ebt_cleanup_entry(struct ebt_entry *e, unsigned int *cnt) -+{ -+ struct ebt_entry_target *t; -+ -+ if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0) -+ return 0; -+ // we're done -+ if (cnt && (*cnt)-- == 0) -+ return 1; -+ EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, NULL); -+ EBT_MATCH_ITERATE(e, ebt_cleanup_match, NULL); -+ t = (struct ebt_entry_target *)(((char *)e) + e->target_offset); -+ if (t->u.target->destroy) -+ t->u.target->destroy(t->data, t->target_size); -+ if (t->u.target->me) -+ __MOD_DEC_USE_COUNT(t->u.target->me); -+ -+ return 0; -+} -+ -+static inline int -+ebt_check_entry(struct ebt_entry *e, struct ebt_table_info *newinfo, -+ const char *name, unsigned int *cnt, unsigned int valid_hooks, -+ struct ebt_cl_stack *cl_s, unsigned int udc_cnt) -+{ -+ struct ebt_entry_target *t; -+ struct ebt_target *target; -+ unsigned int i, j, hook = 0, hookmask = 0; -+ int ret; -+ -+ // Don't mess with the struct ebt_entries -+ if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0) -+ return 0; -+ -+ if (e->bitmask & ~EBT_F_MASK) { -+ BUGPRINT("Unknown flag for bitmask\n"); -+ return -EINVAL; -+ } -+ if (e->invflags & ~EBT_INV_MASK) { -+ BUGPRINT("Unknown flag for inv bitmask\n"); -+ return -EINVAL; -+ } -+ if ( (e->bitmask & EBT_NOPROTO) && (e->bitmask & EBT_802_3) ) { -+ BUGPRINT("NOPROTO & 802_3 not allowed\n"); -+ return -EINVAL; -+ } -+ // what hook do we belong to? -+ for (i = 0; i < NF_BR_NUMHOOKS; i++) { -+ if ((valid_hooks & (1 << i)) == 0) -+ continue; -+ if ((char *)newinfo->hook_entry[i] < (char *)e) -+ hook = i; -+ else -+ break; -+ } -+ // (1 << NF_BR_NUMHOOKS) tells the check functions the rule is on -+ // a base chain -+ if (i < NF_BR_NUMHOOKS) -+ hookmask = (1 << hook) | (1 << NF_BR_NUMHOOKS); -+ else { -+ for (i = 0; i < udc_cnt; i++) -+ if ((char *)(cl_s[i].cs.chaininfo) > (char *)e) -+ break; -+ if (i == 0) -+ hookmask = (1 << hook) | (1 << NF_BR_NUMHOOKS); -+ else -+ hookmask = cl_s[i - 1].hookmask; -+ } -+ i = 0; -+ ret = EBT_MATCH_ITERATE(e, ebt_check_match, e, name, hookmask, &i); -+ if (ret != 0) -+ goto cleanup_matches; -+ j = 0; -+ ret = EBT_WATCHER_ITERATE(e, ebt_check_watcher, e, name, hookmask, &j); -+ if (ret != 0) -+ goto cleanup_watchers; -+ t = (struct ebt_entry_target *)(((char *)e) + e->target_offset); -+ target = find_target_lock(t->u.name, &ret, &ebt_mutex); -+ if (!target) -+ goto cleanup_watchers; -+ if (target->me) -+ __MOD_INC_USE_COUNT(target->me); -+ up(&ebt_mutex); -+ -+ t->u.target = target; -+ if (t->u.target == &ebt_standard_target) { -+ if (e->target_offset + sizeof(struct ebt_standard_target) > -+ e->next_offset) { -+ BUGPRINT("Standard target size too big\n"); -+ ret = -EFAULT; -+ goto cleanup_watchers; -+ } -+ if (((struct ebt_standard_target *)t)->verdict < -+ -NUM_STANDARD_TARGETS) { -+ BUGPRINT("Invalid standard target\n"); -+ ret = -EFAULT; -+ goto cleanup_watchers; -+ } -+ } else if ((e->target_offset + t->target_size + -+ sizeof(struct ebt_entry_target) > e->next_offset) || -+ (t->u.target->check && -+ t->u.target->check(name, hookmask, e, t->data, t->target_size) != 0)){ -+ if (t->u.target->me) -+ __MOD_DEC_USE_COUNT(t->u.target->me); -+ ret = -EFAULT; -+ goto cleanup_watchers; -+ } -+ (*cnt)++; -+ return 0; -+cleanup_watchers: -+ EBT_WATCHER_ITERATE(e, ebt_cleanup_watcher, &j); -+cleanup_matches: -+ EBT_MATCH_ITERATE(e, ebt_cleanup_match, &i); -+ return ret; -+} -+ -+// checks for loops and sets the hook mask for udc -+// the hook mask for udc tells us from which base chains the udc can be -+// accessed. This mask is a parameter to the check() functions of the extensions -+static int check_chainloops(struct ebt_entries *chain, -+ struct ebt_cl_stack *cl_s, unsigned int udc_cnt, -+ unsigned int hooknr, char *base) -+{ -+ int i, chain_nr = -1, pos = 0, nentries = chain->nentries, verdict; -+ struct ebt_entry *e = (struct ebt_entry *)chain->data; -+ struct ebt_entry_target *t; -+ -+ while (pos < nentries || chain_nr != -1) { -+ // end of udc, go back one 'recursion' step -+ if (pos == nentries) { -+ // put back values of the time when this chain was called -+ e = cl_s[chain_nr].cs.e; -+ if (cl_s[chain_nr].from != -1) -+ nentries = -+ cl_s[cl_s[chain_nr].from].cs.chaininfo->nentries; -+ else -+ nentries = chain->nentries; -+ pos = cl_s[chain_nr].cs.n; -+ // make sure we won't see a loop that isn't one -+ cl_s[chain_nr].cs.n = 0; -+ chain_nr = cl_s[chain_nr].from; -+ if (pos == nentries) -+ continue; -+ } -+ t = (struct ebt_entry_target *) -+ (((char *)e) + e->target_offset); -+ if (strcmp(t->u.name, EBT_STANDARD_TARGET)) -+ goto letscontinue; -+ if (e->target_offset + sizeof(struct ebt_standard_target) > -+ e->next_offset) { -+ BUGPRINT("Standard target size too big\n"); -+ return -1; -+ } -+ verdict = ((struct ebt_standard_target *)t)->verdict; -+ if (verdict >= 0) { // jump to another chain -+ struct ebt_entries *hlp2 = -+ (struct ebt_entries *)(base + verdict); -+ for (i = 0; i < udc_cnt; i++) -+ if (hlp2 == cl_s[i].cs.chaininfo) -+ break; -+ // bad destination or loop -+ if (i == udc_cnt) { -+ BUGPRINT("bad destination\n"); -+ return -1; -+ } -+ if (cl_s[i].cs.n) { -+ BUGPRINT("loop\n"); -+ return -1; -+ } -+ // this can't be 0, so the above test is correct -+ cl_s[i].cs.n = pos + 1; -+ pos = 0; -+ cl_s[i].cs.e = ((void *)e + e->next_offset); -+ e = (struct ebt_entry *)(hlp2->data); -+ nentries = hlp2->nentries; -+ cl_s[i].from = chain_nr; -+ chain_nr = i; -+ // this udc is accessible from the base chain for hooknr -+ cl_s[i].hookmask |= (1 << hooknr); -+ continue; -+ } -+letscontinue: -+ e = (void *)e + e->next_offset; -+ pos++; -+ } -+ return 0; -+} -+ -+// do the parsing of the table/chains/entries/matches/watchers/targets, heh -+static int translate_table(struct ebt_replace *repl, -+ struct ebt_table_info *newinfo) -+{ -+ unsigned int i, j, k, udc_cnt; -+ int ret; -+ struct ebt_cl_stack *cl_s = NULL; // used in the checking for chain loops -+ -+ i = 0; -+ while (i < NF_BR_NUMHOOKS && !(repl->valid_hooks & (1 << i))) -+ i++; -+ if (i == NF_BR_NUMHOOKS) { -+ BUGPRINT("No valid hooks specified\n"); -+ return -EINVAL; -+ } -+ if (repl->hook_entry[i] != (struct ebt_entries *)repl->entries) { -+ BUGPRINT("Chains don't start at beginning\n"); -+ return -EINVAL; -+ } -+ // make sure chains are ordered after each other in same order -+ // as their corresponding hooks -+ for (j = i + 1; j < NF_BR_NUMHOOKS; j++) { -+ if (!(repl->valid_hooks & (1 << j))) -+ continue; -+ if ( repl->hook_entry[j] <= repl->hook_entry[i] ) { -+ BUGPRINT("Hook order must be followed\n"); -+ return -EINVAL; -+ } -+ i = j; -+ } -+ -+ for (i = 0; i < NF_BR_NUMHOOKS; i++) -+ newinfo->hook_entry[i] = NULL; -+ -+ newinfo->entries_size = repl->entries_size; -+ newinfo->nentries = repl->nentries; -+ -+ // do some early checkings and initialize some things -+ i = 0; // holds the expected nr. of entries for the chain -+ j = 0; // holds the up to now counted entries for the chain -+ k = 0; // holds the total nr. of entries, should equal -+ // newinfo->nentries afterwards -+ udc_cnt = 0; // will hold the nr. of user defined chains (udc) -+ ret = EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size, -+ ebt_check_entry_size_and_hooks, newinfo, repl->entries, -+ repl->entries + repl->entries_size, repl->hook_entry, &i, &j, &k, -+ &udc_cnt, repl->valid_hooks); -+ -+ if (ret != 0) -+ return ret; -+ -+ if (i != j) { -+ BUGPRINT("nentries does not equal the nr of entries in the " -+ "(last) chain\n"); -+ return -EINVAL; -+ } -+ if (k != newinfo->nentries) { -+ BUGPRINT("Total nentries is wrong\n"); -+ return -EINVAL; -+ } -+ -+ // check if all valid hooks have a chain -+ for (i = 0; i < NF_BR_NUMHOOKS; i++) { -+ if (newinfo->hook_entry[i] == NULL && -+ (repl->valid_hooks & (1 << i))) { -+ BUGPRINT("Valid hook without chain\n"); -+ return -EINVAL; -+ } -+ } -+ -+ // Get the location of the udc, put them in an array -+ // While we're at it, allocate the chainstack -+ if (udc_cnt) { -+ // this will get free'd in do_replace()/ebt_register_table() -+ // if an error occurs -+ newinfo->chainstack = (struct ebt_chainstack **) -+ vmalloc(smp_num_cpus * sizeof(struct ebt_chainstack)); -+ if (!newinfo->chainstack) -+ return -ENOMEM; -+ for (i = 0; i < smp_num_cpus; i++) { -+ newinfo->chainstack[i] = -+ vmalloc(udc_cnt * sizeof(struct ebt_chainstack)); -+ if (!newinfo->chainstack[i]) { -+ while (i) -+ vfree(newinfo->chainstack[--i]); -+ vfree(newinfo->chainstack); -+ newinfo->chainstack = NULL; -+ return -ENOMEM; -+ } -+ } -+ -+ cl_s = (struct ebt_cl_stack *) -+ vmalloc(udc_cnt * sizeof(struct ebt_cl_stack)); -+ if (!cl_s) -+ return -ENOMEM; -+ i = 0; // the i'th udc -+ EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size, -+ ebt_get_udc_positions, newinfo, repl->hook_entry, &i, -+ repl->valid_hooks, cl_s); -+ // sanity check -+ if (i != udc_cnt) { -+ BUGPRINT("i != udc_cnt\n"); -+ vfree(cl_s); -+ return -EFAULT; -+ } -+ } -+ -+ // Check for loops -+ for (i = 0; i < NF_BR_NUMHOOKS; i++) -+ if (repl->valid_hooks & (1 << i)) -+ if (check_chainloops(newinfo->hook_entry[i], -+ cl_s, udc_cnt, i, newinfo->entries)) { -+ if (cl_s) -+ vfree(cl_s); -+ return -EINVAL; -+ } -+ -+ // we now know the following (along with E=mc²): -+ // - the nr of entries in each chain is right -+ // - the size of the allocated space is right -+ // - all valid hooks have a corresponding chain -+ // - there are no loops -+ // - wrong data can still be on the level of a single entry -+ // - could be there are jumps to places that are not the -+ // beginning of a chain. This can only occur in chains that -+ // are not accessible from any base chains, so we don't care. -+ -+ // used to know what we need to clean up if something goes wrong -+ i = 0; -+ ret = EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size, -+ ebt_check_entry, newinfo, repl->name, &i, repl->valid_hooks, -+ cl_s, udc_cnt); -+ if (ret != 0) { -+ EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size, -+ ebt_cleanup_entry, &i); -+ } -+ if (cl_s) -+ vfree(cl_s); -+ return ret; -+} -+ -+// called under write_lock -+static void get_counters(struct ebt_counter *oldcounters, -+ struct ebt_counter *counters, unsigned int nentries) -+{ -+ int i, cpu; -+ struct ebt_counter *counter_base; -+ -+ // counters of cpu 0 -+ memcpy(counters, oldcounters, -+ sizeof(struct ebt_counter) * nentries); -+ // add other counters to those of cpu 0 -+ for (cpu = 1; cpu < smp_num_cpus; cpu++) { -+ counter_base = COUNTER_BASE(oldcounters, nentries, cpu); -+ for (i = 0; i < nentries; i++) { -+ counters[i].pcnt += counter_base[i].pcnt; -+ counters[i].bcnt += counter_base[i].bcnt; -+ } -+ } -+} -+ -+// replace the table -+static int do_replace(void *user, unsigned int len) -+{ -+ int ret, i, countersize; -+ struct ebt_table_info *newinfo; -+ struct ebt_replace tmp; -+ struct ebt_table *t; -+ struct ebt_counter *counterstmp = NULL; -+ // used to be able to unlock earlier -+ struct ebt_table_info *table; -+ -+ if (copy_from_user(&tmp, user, sizeof(tmp)) != 0) -+ return -EFAULT; -+ -+ if (len != sizeof(tmp) + tmp.entries_size) { -+ BUGPRINT("Wrong len argument\n"); -+ return -EINVAL; -+ } -+ -+ if (tmp.entries_size == 0) { -+ BUGPRINT("Entries_size never zero\n"); -+ return -EINVAL; -+ } -+ countersize = COUNTER_OFFSET(tmp.nentries) * smp_num_cpus; -+ newinfo = (struct ebt_table_info *) -+ vmalloc(sizeof(struct ebt_table_info) + countersize); -+ if (!newinfo) -+ return -ENOMEM; -+ -+ if (countersize) -+ memset(newinfo->counters, 0, countersize); -+ -+ newinfo->entries = (char *)vmalloc(tmp.entries_size); -+ if (!newinfo->entries) { -+ ret = -ENOMEM; -+ goto free_newinfo; -+ } -+ if (copy_from_user( -+ newinfo->entries, tmp.entries, tmp.entries_size) != 0) { -+ BUGPRINT("Couldn't copy entries from userspace\n"); -+ ret = -EFAULT; -+ goto free_entries; -+ } -+ -+ // the user wants counters back -+ // the check on the size is done later, when we have the lock -+ if (tmp.num_counters) { -+ counterstmp = (struct ebt_counter *) -+ vmalloc(tmp.num_counters * sizeof(struct ebt_counter)); -+ if (!counterstmp) { -+ ret = -ENOMEM; -+ goto free_entries; -+ } -+ } -+ else -+ counterstmp = NULL; -+ -+ // this can get initialized by translate_table() -+ newinfo->chainstack = NULL; -+ ret = translate_table(&tmp, newinfo); -+ -+ if (ret != 0) -+ goto free_counterstmp; -+ -+ t = find_table_lock(tmp.name, &ret, &ebt_mutex); -+ if (!t) -+ goto free_iterate; -+ -+ // the table doesn't like it -+ if (t->check && (ret = t->check(newinfo, tmp.valid_hooks))) -+ goto free_unlock; -+ -+ if (tmp.num_counters && tmp.num_counters != t->private->nentries) { -+ BUGPRINT("Wrong nr. of counters requested\n"); -+ ret = -EINVAL; -+ goto free_unlock; -+ } -+ -+ // we have the mutex lock, so no danger in reading this pointer -+ table = t->private; -+ // we need an atomic snapshot of the counters -+ write_lock_bh(&t->lock); -+ if (tmp.num_counters) -+ get_counters(t->private->counters, counterstmp, -+ t->private->nentries); -+ -+ t->private = newinfo; -+ write_unlock_bh(&t->lock); -+ up(&ebt_mutex); -+ // So, a user can change the chains while having messed up her counter -+ // allocation. Only reason why this is done is because this way the lock -+ // is held only once, while this doesn't bring the kernel into a -+ // dangerous state. -+ if (tmp.num_counters && -+ copy_to_user(tmp.counters, counterstmp, -+ tmp.num_counters * sizeof(struct ebt_counter))) { -+ BUGPRINT("Couldn't copy counters to userspace\n"); -+ ret = -EFAULT; -+ } -+ else -+ ret = 0; -+ -+ // decrease module count and free resources -+ EBT_ENTRY_ITERATE(table->entries, table->entries_size, -+ ebt_cleanup_entry, NULL); -+ -+ vfree(table->entries); -+ if (table->chainstack) { -+ for (i = 0; i < smp_num_cpus; i++) -+ vfree(table->chainstack[i]); -+ vfree(table->chainstack); -+ } -+ vfree(table); -+ -+ if (counterstmp) -+ vfree(counterstmp); -+ return ret; -+ -+free_unlock: -+ up(&ebt_mutex); -+free_iterate: -+ EBT_ENTRY_ITERATE(newinfo->entries, newinfo->entries_size, -+ ebt_cleanup_entry, NULL); -+free_counterstmp: -+ if (counterstmp) -+ vfree(counterstmp); -+ // can be initialized in translate_table() -+ if (newinfo->chainstack) { -+ for (i = 0; i < smp_num_cpus; i++) -+ vfree(newinfo->chainstack[i]); -+ vfree(newinfo->chainstack); -+ } -+free_entries: -+ if (newinfo->entries) -+ vfree(newinfo->entries); -+free_newinfo: -+ if (newinfo) -+ vfree(newinfo); -+ return ret; -+} -+ -+int ebt_register_target(struct ebt_target *target) -+{ -+ int ret; -+ -+ ret = down_interruptible(&ebt_mutex); -+ if (ret != 0) -+ return ret; -+ if (!list_named_insert(&ebt_targets, target)) { -+ up(&ebt_mutex); -+ return -EEXIST; -+ } -+ up(&ebt_mutex); -+ MOD_INC_USE_COUNT; -+ -+ return 0; -+} -+ -+void ebt_unregister_target(struct ebt_target *target) -+{ -+ down(&ebt_mutex); -+ LIST_DELETE(&ebt_targets, target); -+ up(&ebt_mutex); -+ MOD_DEC_USE_COUNT; -+} -+ -+int ebt_register_match(struct ebt_match *match) -+{ -+ int ret; -+ -+ ret = down_interruptible(&ebt_mutex); -+ if (ret != 0) -+ return ret; -+ if (!list_named_insert(&ebt_matches, match)) { -+ up(&ebt_mutex); -+ return -EEXIST; -+ } -+ up(&ebt_mutex); -+ MOD_INC_USE_COUNT; -+ -+ return 0; -+} -+ -+void ebt_unregister_match(struct ebt_match *match) -+{ -+ down(&ebt_mutex); -+ LIST_DELETE(&ebt_matches, match); -+ up(&ebt_mutex); -+ MOD_DEC_USE_COUNT; -+} -+ -+int ebt_register_watcher(struct ebt_watcher *watcher) -+{ -+ int ret; -+ -+ ret = down_interruptible(&ebt_mutex); -+ if (ret != 0) -+ return ret; -+ if (!list_named_insert(&ebt_watchers, watcher)) { -+ up(&ebt_mutex); -+ return -EEXIST; -+ } -+ up(&ebt_mutex); -+ MOD_INC_USE_COUNT; -+ -+ return 0; -+} -+ -+void ebt_unregister_watcher(struct ebt_watcher *watcher) -+{ -+ down(&ebt_mutex); -+ LIST_DELETE(&ebt_watchers, watcher); -+ up(&ebt_mutex); -+ MOD_DEC_USE_COUNT; -+} -+ -+int ebt_register_table(struct ebt_table *table) -+{ -+ struct ebt_table_info *newinfo; -+ int ret, i, countersize; -+ -+ if (!table || !table->table ||!table->table->entries || -+ table->table->entries_size == 0 || -+ table->table->counters || table->private) { -+ BUGPRINT("Bad table data for ebt_register_table!!!\n"); -+ return -EINVAL; -+ } -+ -+ countersize = COUNTER_OFFSET(table->table->nentries) * smp_num_cpus; -+ newinfo = (struct ebt_table_info *) -+ vmalloc(sizeof(struct ebt_table_info) + countersize); -+ ret = -ENOMEM; -+ if (!newinfo) -+ return -ENOMEM; -+ -+ newinfo->entries = (char *)vmalloc(table->table->entries_size); -+ if (!(newinfo->entries)) -+ goto free_newinfo; -+ -+ memcpy(newinfo->entries, table->table->entries, -+ table->table->entries_size); -+ -+ if (countersize) -+ memset(newinfo->counters, 0, countersize); -+ -+ // fill in newinfo and parse the entries -+ newinfo->chainstack = NULL; -+ ret = translate_table(table->table, newinfo); -+ if (ret != 0) { -+ BUGPRINT("Translate_table failed\n"); -+ goto free_chainstack; -+ } -+ -+ if (table->check && table->check(newinfo, table->valid_hooks)) { -+ BUGPRINT("The table doesn't like its own initial data, lol\n"); -+ return -EINVAL; -+ } -+ -+ table->private = newinfo; -+ table->lock = RW_LOCK_UNLOCKED; -+ ret = down_interruptible(&ebt_mutex); -+ if (ret != 0) -+ goto free_chainstack; -+ -+ if (list_named_find(&ebt_tables, table->name)) { -+ ret = -EEXIST; -+ BUGPRINT("Table name already exists\n"); -+ goto free_unlock; -+ } -+ -+ list_prepend(&ebt_tables, table); -+ up(&ebt_mutex); -+ MOD_INC_USE_COUNT; -+ return 0; -+free_unlock: -+ up(&ebt_mutex); -+free_chainstack: -+ if (newinfo->chainstack) { -+ for (i = 0; i < smp_num_cpus; i++) -+ vfree(newinfo->chainstack[i]); -+ vfree(newinfo->chainstack); -+ } -+ vfree(newinfo->entries); -+free_newinfo: -+ vfree(newinfo); -+ return ret; -+} -+ -+void ebt_unregister_table(struct ebt_table *table) -+{ -+ int i; -+ -+ if (!table) { -+ BUGPRINT("Request to unregister NULL table!!!\n"); -+ return; -+ } -+ down(&ebt_mutex); -+ LIST_DELETE(&ebt_tables, table); -+ up(&ebt_mutex); -+ EBT_ENTRY_ITERATE(table->private->entries, -+ table->private->entries_size, ebt_cleanup_entry, NULL); -+ if (table->private->entries) -+ vfree(table->private->entries); -+ if (table->private->chainstack) { -+ for (i = 0; i < smp_num_cpus; i++) -+ vfree(table->private->chainstack[i]); -+ vfree(table->private->chainstack); -+ } -+ vfree(table->private); -+ MOD_DEC_USE_COUNT; -+} -+ -+// userspace just supplied us with counters -+static int update_counters(void *user, unsigned int len) -+{ -+ int i, ret; -+ struct ebt_counter *tmp; -+ struct ebt_replace hlp; -+ struct ebt_table *t; -+ -+ if (copy_from_user(&hlp, user, sizeof(hlp))) -+ return -EFAULT; -+ -+ if (len != sizeof(hlp) + hlp.num_counters * sizeof(struct ebt_counter)) -+ return -EINVAL; -+ if (hlp.num_counters == 0) -+ return -EINVAL; -+ -+ if ( !(tmp = (struct ebt_counter *) -+ vmalloc(hlp.num_counters * sizeof(struct ebt_counter))) ){ -+ MEMPRINT("Update_counters && nomemory\n"); -+ return -ENOMEM; -+ } -+ -+ t = find_table_lock(hlp.name, &ret, &ebt_mutex); -+ if (!t) -+ goto free_tmp; -+ -+ if (hlp.num_counters != t->private->nentries) { -+ BUGPRINT("Wrong nr of counters\n"); -+ ret = -EINVAL; -+ goto unlock_mutex; -+ } -+ -+ if ( copy_from_user(tmp, hlp.counters, -+ hlp.num_counters * sizeof(struct ebt_counter)) ) { -+ BUGPRINT("Updata_counters && !cfu\n"); -+ ret = -EFAULT; -+ goto unlock_mutex; -+ } -+ -+ // we want an atomic add of the counters -+ write_lock_bh(&t->lock); -+ -+ // we add to the counters of the first cpu -+ for (i = 0; i < hlp.num_counters; i++) { -+ t->private->counters[i].pcnt += tmp[i].pcnt; -+ t->private->counters[i].bcnt += tmp[i].bcnt; -+ } -+ -+ write_unlock_bh(&t->lock); -+ ret = 0; -+unlock_mutex: -+ up(&ebt_mutex); -+free_tmp: -+ vfree(tmp); -+ return ret; -+} -+ -+static inline int ebt_make_matchname(struct ebt_entry_match *m, -+ char *base, char *ubase) -+{ -+ char *hlp = ubase - base + (char *)m; -+ if (copy_to_user(hlp, m->u.match->name, EBT_FUNCTION_MAXNAMELEN)) -+ return -EFAULT; -+ return 0; -+} -+ -+static inline int ebt_make_watchername(struct ebt_entry_watcher *w, -+ char *base, char *ubase) -+{ -+ char *hlp = ubase - base + (char *)w; -+ if (copy_to_user(hlp , w->u.watcher->name, EBT_FUNCTION_MAXNAMELEN)) -+ return -EFAULT; -+ return 0; -+} -+ -+static inline int ebt_make_names(struct ebt_entry *e, char *base, char *ubase) -+{ -+ int ret; -+ char *hlp; -+ struct ebt_entry_target *t; -+ -+ if ((e->bitmask & EBT_ENTRY_OR_ENTRIES) == 0) -+ return 0; -+ -+ hlp = ubase - base + (char *)e + e->target_offset; -+ t = (struct ebt_entry_target *)(((char *)e) + e->target_offset); -+ -+ ret = EBT_MATCH_ITERATE(e, ebt_make_matchname, base, ubase); -+ if (ret != 0) -+ return ret; -+ ret = EBT_WATCHER_ITERATE(e, ebt_make_watchername, base, ubase); -+ if (ret != 0) -+ return ret; -+ if (copy_to_user(hlp, t->u.target->name, EBT_FUNCTION_MAXNAMELEN)) -+ return -EFAULT; -+ return 0; -+} -+ -+// called with ebt_mutex down -+static int copy_everything_to_user(struct ebt_table *t, void *user, -+ int *len, int cmd) -+{ -+ struct ebt_replace tmp; -+ struct ebt_counter *counterstmp, *oldcounters; -+ unsigned int entries_size, nentries; -+ char *entries; -+ -+ if (cmd == EBT_SO_GET_ENTRIES) { -+ entries_size = t->private->entries_size; -+ nentries = t->private->nentries; -+ entries = t->private->entries; -+ oldcounters = t->private->counters; -+ } else { -+ entries_size = t->table->entries_size; -+ nentries = t->table->nentries; -+ entries = t->table->entries; -+ oldcounters = t->table->counters; -+ } -+ -+ if (copy_from_user(&tmp, user, sizeof(tmp))) { -+ BUGPRINT("Cfu didn't work\n"); -+ return -EFAULT; -+ } -+ -+ if (*len != sizeof(struct ebt_replace) + entries_size + -+ (tmp.num_counters? nentries * sizeof(struct ebt_counter): 0)) { -+ BUGPRINT("Wrong size\n"); -+ return -EINVAL; -+ } -+ -+ if (tmp.nentries != nentries) { -+ BUGPRINT("Nentries wrong\n"); -+ return -EINVAL; -+ } -+ -+ if (tmp.entries_size != entries_size) { -+ BUGPRINT("Wrong size\n"); -+ return -EINVAL; -+ } -+ -+ // userspace might not need the counters -+ if (tmp.num_counters) { -+ if (tmp.num_counters != nentries) { -+ BUGPRINT("Num_counters wrong\n"); -+ return -EINVAL; -+ } -+ counterstmp = (struct ebt_counter *) -+ vmalloc(nentries * sizeof(struct ebt_counter)); -+ if (!counterstmp) { -+ MEMPRINT("Couldn't copy counters, out of memory\n"); -+ return -ENOMEM; -+ } -+ write_lock_bh(&t->lock); -+ get_counters(oldcounters, counterstmp, nentries); -+ write_unlock_bh(&t->lock); -+ -+ if (copy_to_user(tmp.counters, counterstmp, -+ nentries * sizeof(struct ebt_counter))) { -+ BUGPRINT("Couldn't copy counters to userspace\n"); -+ vfree(counterstmp); -+ return -EFAULT; -+ } -+ vfree(counterstmp); -+ } -+ -+ if (copy_to_user(tmp.entries, entries, entries_size)) { -+ BUGPRINT("Couldn't copy entries to userspace\n"); -+ return -EFAULT; -+ } -+ // set the match/watcher/target names right -+ return EBT_ENTRY_ITERATE(entries, entries_size, -+ ebt_make_names, entries, tmp.entries); -+} -+ -+static int do_ebt_set_ctl(struct sock *sk, -+ int cmd, void *user, unsigned int len) -+{ -+ int ret; -+ -+ switch(cmd) { -+ case EBT_SO_SET_ENTRIES: -+ ret = do_replace(user, len); -+ break; -+ case EBT_SO_SET_COUNTERS: -+ ret = update_counters(user, len); -+ break; -+ default: -+ ret = -EINVAL; -+ } -+ return ret; -+} -+ -+static int do_ebt_get_ctl(struct sock *sk, int cmd, void *user, int *len) -+{ -+ int ret; -+ struct ebt_replace tmp; -+ struct ebt_table *t; -+ -+ if (copy_from_user(&tmp, user, sizeof(tmp))) -+ return -EFAULT; -+ -+ t = find_table_lock(tmp.name, &ret, &ebt_mutex); -+ if (!t) -+ return ret; -+ -+ switch(cmd) { -+ case EBT_SO_GET_INFO: -+ case EBT_SO_GET_INIT_INFO: -+ if (*len != sizeof(struct ebt_replace)){ -+ ret = -EINVAL; -+ up(&ebt_mutex); -+ break; -+ } -+ if (cmd == EBT_SO_GET_INFO) { -+ tmp.nentries = t->private->nentries; -+ tmp.entries_size = t->private->entries_size; -+ tmp.valid_hooks = t->valid_hooks; -+ } else { -+ tmp.nentries = t->table->nentries; -+ tmp.entries_size = t->table->entries_size; -+ tmp.valid_hooks = t->table->valid_hooks; -+ } -+ up(&ebt_mutex); -+ if (copy_to_user(user, &tmp, *len) != 0){ -+ BUGPRINT("c2u Didn't work\n"); -+ ret = -EFAULT; -+ break; -+ } -+ ret = 0; -+ break; -+ -+ case EBT_SO_GET_ENTRIES: -+ case EBT_SO_GET_INIT_ENTRIES: -+ ret = copy_everything_to_user(t, user, len, cmd); -+ up(&ebt_mutex); -+ break; -+ -+ default: -+ up(&ebt_mutex); -+ ret = -EINVAL; -+ } -+ -+ return ret; -+} -+ -+static struct nf_sockopt_ops ebt_sockopts = -+{ { NULL, NULL }, PF_INET, EBT_BASE_CTL, EBT_SO_SET_MAX + 1, do_ebt_set_ctl, -+ EBT_BASE_CTL, EBT_SO_GET_MAX + 1, do_ebt_get_ctl, 0, NULL -+}; -+ -+static int __init init(void) -+{ -+ int ret; -+ -+ down(&ebt_mutex); -+ list_named_insert(&ebt_targets, &ebt_standard_target); -+ up(&ebt_mutex); -+ if ((ret = nf_register_sockopt(&ebt_sockopts)) < 0) -+ return ret; -+ -+ printk(KERN_NOTICE "Ebtables v2.0 registered\n"); -+ return 0; -+} -+ -+static void __exit fini(void) -+{ -+ nf_unregister_sockopt(&ebt_sockopts); -+ printk(KERN_NOTICE "Ebtables v2.0 unregistered\n"); -+} -+ -+EXPORT_SYMBOL(ebt_register_table); -+EXPORT_SYMBOL(ebt_unregister_table); -+EXPORT_SYMBOL(ebt_register_match); -+EXPORT_SYMBOL(ebt_unregister_match); -+EXPORT_SYMBOL(ebt_register_watcher); -+EXPORT_SYMBOL(ebt_unregister_watcher); -+EXPORT_SYMBOL(ebt_register_target); -+EXPORT_SYMBOL(ebt_unregister_target); -+EXPORT_SYMBOL(ebt_do_table); -+module_init(init); -+module_exit(fini); -+MODULE_LICENSE("GPL"); ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebtables.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,361 @@ -+/* -+ * ebtables -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * ebtables.c,v 2.0, September, 2002 -+ * -+ * This code is stongly inspired on the iptables code which is -+ * Copyright (C) 1999 Paul `Rusty' Russell & Michael J. Neuling -+ */ -+ -+#ifndef __LINUX_BRIDGE_EFF_H -+#define __LINUX_BRIDGE_EFF_H -+#include <linux/if.h> -+#include <linux/netfilter_bridge.h> -+#include <linux/if_ether.h> -+ -+#define EBT_TABLE_MAXNAMELEN 32 -+#define EBT_CHAIN_MAXNAMELEN EBT_TABLE_MAXNAMELEN -+#define EBT_FUNCTION_MAXNAMELEN EBT_TABLE_MAXNAMELEN -+ -+// verdicts >0 are "branches" -+#define EBT_ACCEPT -1 -+#define EBT_DROP -2 -+#define EBT_CONTINUE -3 -+#define EBT_RETURN -4 -+#define NUM_STANDARD_TARGETS 4 -+ -+struct ebt_replace -+{ -+ char name[EBT_TABLE_MAXNAMELEN]; -+ unsigned int valid_hooks; -+ // nr of rules in the table -+ unsigned int nentries; -+ // total size of the entries -+ unsigned int entries_size; -+ // start of the chains -+ struct ebt_entries *hook_entry[NF_BR_NUMHOOKS]; -+ // nr of counters userspace expects back -+ unsigned int num_counters; -+ // where the kernel will put the old counters -+ struct ebt_counter *counters; -+ char *entries; -+}; -+ -+struct ebt_counter -+{ -+ uint64_t pcnt; -+ uint64_t bcnt; -+}; -+ -+struct ebt_entries { -+ // this field is always set to zero -+ // See EBT_ENTRY_OR_ENTRIES. -+ // Must be same size as ebt_entry.bitmask -+ unsigned int distinguisher; -+ // the chain name -+ char name[EBT_CHAIN_MAXNAMELEN]; -+ // counter offset for this chain -+ unsigned int counter_offset; -+ // one standard (accept, drop, return) per hook -+ int policy; -+ // nr. of entries -+ unsigned int nentries; -+ // entry list -+ char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); -+}; -+ -+// used for the bitmask of struct ebt_entry -+ -+// This is a hack to make a difference between an ebt_entry struct and an -+// ebt_entries struct when traversing the entries from start to end. -+// Using this simplifies the code alot, while still being able to use -+// ebt_entries. -+// Contrary, iptables doesn't use something like ebt_entries and therefore uses -+// different techniques for naming the policy and such. So, iptables doesn't -+// need a hack like this. -+#define EBT_ENTRY_OR_ENTRIES 0x01 -+// these are the normal masks -+#define EBT_NOPROTO 0x02 -+#define EBT_802_3 0x04 -+#define EBT_SOURCEMAC 0x08 -+#define EBT_DESTMAC 0x10 -+#define EBT_F_MASK (EBT_NOPROTO | EBT_802_3 | EBT_SOURCEMAC | EBT_DESTMAC \ -+ | EBT_ENTRY_OR_ENTRIES) -+ -+#define EBT_IPROTO 0x01 -+#define EBT_IIN 0x02 -+#define EBT_IOUT 0x04 -+#define EBT_ISOURCE 0x8 -+#define EBT_IDEST 0x10 -+#define EBT_ILOGICALIN 0x20 -+#define EBT_ILOGICALOUT 0x40 -+#define EBT_INV_MASK (EBT_IPROTO | EBT_IIN | EBT_IOUT | EBT_ILOGICALIN \ -+ | EBT_ILOGICALOUT | EBT_ISOURCE | EBT_IDEST) -+ -+struct ebt_entry_match -+{ -+ union { -+ char name[EBT_FUNCTION_MAXNAMELEN]; -+ struct ebt_match *match; -+ } u; -+ // size of data -+ unsigned int match_size; -+ unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); -+}; -+ -+struct ebt_entry_watcher -+{ -+ union { -+ char name[EBT_FUNCTION_MAXNAMELEN]; -+ struct ebt_watcher *watcher; -+ } u; -+ // size of data -+ unsigned int watcher_size; -+ unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); -+}; -+ -+struct ebt_entry_target -+{ -+ union { -+ char name[EBT_FUNCTION_MAXNAMELEN]; -+ struct ebt_target *target; -+ } u; -+ // size of data -+ unsigned int target_size; -+ unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); -+}; -+ -+#define EBT_STANDARD_TARGET "standard" -+struct ebt_standard_target -+{ -+ struct ebt_entry_target target; -+ int verdict; -+}; -+ -+// one entry -+struct ebt_entry { -+ // this needs to be the first field -+ unsigned int bitmask; -+ unsigned int invflags; -+ uint16_t ethproto; -+ // the physical in-dev -+ char in[IFNAMSIZ]; -+ // the logical in-dev -+ char logical_in[IFNAMSIZ]; -+ // the physical out-dev -+ char out[IFNAMSIZ]; -+ // the logical out-dev -+ char logical_out[IFNAMSIZ]; -+ unsigned char sourcemac[ETH_ALEN]; -+ unsigned char sourcemsk[ETH_ALEN]; -+ unsigned char destmac[ETH_ALEN]; -+ unsigned char destmsk[ETH_ALEN]; -+ // sizeof ebt_entry + matches -+ unsigned int watchers_offset; -+ // sizeof ebt_entry + matches + watchers -+ unsigned int target_offset; -+ // sizeof ebt_entry + matches + watchers + target -+ unsigned int next_offset; -+ unsigned char elems[0] __attribute__ ((aligned (__alignof__(struct ebt_replace)))); -+}; -+ -+// [gs]etsockopt numbers -+#define EBT_BASE_CTL 128 -+ -+#define EBT_SO_SET_ENTRIES (EBT_BASE_CTL) -+#define EBT_SO_SET_COUNTERS (EBT_SO_SET_ENTRIES+1) -+#define EBT_SO_SET_MAX (EBT_SO_SET_COUNTERS+1) -+ -+#define EBT_SO_GET_INFO (EBT_BASE_CTL) -+#define EBT_SO_GET_ENTRIES (EBT_SO_GET_INFO+1) -+#define EBT_SO_GET_INIT_INFO (EBT_SO_GET_ENTRIES+1) -+#define EBT_SO_GET_INIT_ENTRIES (EBT_SO_GET_INIT_INFO+1) -+#define EBT_SO_GET_MAX (EBT_SO_GET_INIT_ENTRIES+1) -+ -+#ifdef __KERNEL__ -+ -+// return values for match() functions -+#define EBT_MATCH 0 -+#define EBT_NOMATCH 1 -+ -+struct ebt_match -+{ -+ struct list_head list; -+ const char name[EBT_FUNCTION_MAXNAMELEN]; -+ // 0 == it matches -+ int (*match)(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *matchdata, -+ unsigned int datalen); -+ // 0 == let it in -+ int (*check)(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *matchdata, unsigned int datalen); -+ void (*destroy)(void *matchdata, unsigned int datalen); -+ struct module *me; -+}; -+ -+struct ebt_watcher -+{ -+ struct list_head list; -+ const char name[EBT_FUNCTION_MAXNAMELEN]; -+ void (*watcher)(const struct sk_buff *skb, const struct net_device *in, -+ const struct net_device *out, const void *watcherdata, -+ unsigned int datalen); -+ // 0 == let it in -+ int (*check)(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *watcherdata, unsigned int datalen); -+ void (*destroy)(void *watcherdata, unsigned int datalen); -+ struct module *me; -+}; -+ -+struct ebt_target -+{ -+ struct list_head list; -+ const char name[EBT_FUNCTION_MAXNAMELEN]; -+ // returns one of the standard verdicts -+ int (*target)(struct sk_buff **pskb, unsigned int hooknr, -+ const struct net_device *in, const struct net_device *out, -+ const void *targetdata, unsigned int datalen); -+ // 0 == let it in -+ int (*check)(const char *tablename, unsigned int hookmask, -+ const struct ebt_entry *e, void *targetdata, unsigned int datalen); -+ void (*destroy)(void *targetdata, unsigned int datalen); -+ struct module *me; -+}; -+ -+// used for jumping from and into user defined chains (udc) -+struct ebt_chainstack -+{ -+ struct ebt_entries *chaininfo; // pointer to chain data -+ struct ebt_entry *e; // pointer to entry data -+ unsigned int n; // n'th entry -+}; -+ -+struct ebt_table_info -+{ -+ // total size of the entries -+ unsigned int entries_size; -+ unsigned int nentries; -+ // pointers to the start of the chains -+ struct ebt_entries *hook_entry[NF_BR_NUMHOOKS]; -+ // room to maintain the stack used for jumping from and into udc -+ struct ebt_chainstack **chainstack; -+ char *entries; -+ struct ebt_counter counters[0] ____cacheline_aligned; -+}; -+ -+struct ebt_table -+{ -+ struct list_head list; -+ char name[EBT_TABLE_MAXNAMELEN]; -+ struct ebt_replace *table; -+ unsigned int valid_hooks; -+ rwlock_t lock; -+ // e.g. could be the table explicitly only allows certain -+ // matches, targets, ... 0 == let it in -+ int (*check)(const struct ebt_table_info *info, -+ unsigned int valid_hooks); -+ // the data used by the kernel -+ struct ebt_table_info *private; -+}; -+ -+#define EBT_ALIGN(s) (((s) + (__alignof__(struct ebt_replace)-1)) & \ -+ ~(__alignof__(struct ebt_replace)-1)) -+extern int ebt_register_table(struct ebt_table *table); -+extern void ebt_unregister_table(struct ebt_table *table); -+extern int ebt_register_match(struct ebt_match *match); -+extern void ebt_unregister_match(struct ebt_match *match); -+extern int ebt_register_watcher(struct ebt_watcher *watcher); -+extern void ebt_unregister_watcher(struct ebt_watcher *watcher); -+extern int ebt_register_target(struct ebt_target *target); -+extern void ebt_unregister_target(struct ebt_target *target); -+extern unsigned int ebt_do_table(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ struct ebt_table *table); -+ -+ // Used in the kernel match() functions -+#define FWINV(bool,invflg) ((bool) ^ !!(info->invflags & invflg)) -+// True if the hook mask denotes that the rule is in a base chain, -+// used in the check() functions -+#define BASE_CHAIN (hookmask & (1 << NF_BR_NUMHOOKS)) -+// Clear the bit in the hook mask that tells if the rule is on a base chain -+#define CLEAR_BASE_CHAIN_BIT (hookmask &= ~(1 << NF_BR_NUMHOOKS)) -+// True if the target is not a standard target -+#define INVALID_TARGET (info->target < -NUM_STANDARD_TARGETS || info->target >= 0) -+ -+#endif /* __KERNEL__ */ -+ -+// blatently stolen from ip_tables.h -+// fn returns 0 to continue iteration -+#define EBT_MATCH_ITERATE(e, fn, args...) \ -+({ \ -+ unsigned int __i; \ -+ int __ret = 0; \ -+ struct ebt_entry_match *__match; \ -+ \ -+ for (__i = sizeof(struct ebt_entry); \ -+ __i < (e)->watchers_offset; \ -+ __i += __match->match_size + \ -+ sizeof(struct ebt_entry_match)) { \ -+ __match = (void *)(e) + __i; \ -+ \ -+ __ret = fn(__match , ## args); \ -+ if (__ret != 0) \ -+ break; \ -+ } \ -+ if (__ret == 0) { \ -+ if (__i != (e)->watchers_offset) \ -+ __ret = -EINVAL; \ -+ } \ -+ __ret; \ -+}) -+ -+#define EBT_WATCHER_ITERATE(e, fn, args...) \ -+({ \ -+ unsigned int __i; \ -+ int __ret = 0; \ -+ struct ebt_entry_watcher *__watcher; \ -+ \ -+ for (__i = e->watchers_offset; \ -+ __i < (e)->target_offset; \ -+ __i += __watcher->watcher_size + \ -+ sizeof(struct ebt_entry_watcher)) { \ -+ __watcher = (void *)(e) + __i; \ -+ \ -+ __ret = fn(__watcher , ## args); \ -+ if (__ret != 0) \ -+ break; \ -+ } \ -+ if (__ret == 0) { \ -+ if (__i != (e)->target_offset) \ -+ __ret = -EINVAL; \ -+ } \ -+ __ret; \ -+}) -+ -+#define EBT_ENTRY_ITERATE(entries, size, fn, args...) \ -+({ \ -+ unsigned int __i; \ -+ int __ret = 0; \ -+ struct ebt_entry *__entry; \ -+ \ -+ for (__i = 0; __i < (size);) { \ -+ __entry = (void *)(entries) + __i; \ -+ __ret = fn(__entry , ## args); \ -+ if (__ret != 0) \ -+ break; \ -+ if (__entry->bitmask != 0) \ -+ __i += __entry->next_offset; \ -+ else \ -+ __i += sizeof(struct ebt_entries); \ -+ } \ -+ if (__ret == 0) { \ -+ if (__i != (size)) \ -+ __ret = -EINVAL; \ -+ } \ -+ __ret; \ -+}) -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_802_3.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,60 @@ -+#ifndef __LINUX_BRIDGE_EBT_802_3_H -+#define __LINUX_BRIDGE_EBT_802_3_H -+ -+#define EBT_802_3_SAP 0x01 -+#define EBT_802_3_TYPE 0x02 -+ -+#define EBT_802_3_MATCH "802_3" -+ -+/* -+ * If frame has DSAP/SSAP value 0xaa you must check the SNAP type -+ * to discover what kind of packet we're carrying. -+ */ -+#define CHECK_TYPE 0xaa -+ -+/* -+ * Control field may be one or two bytes. If the first byte has -+ * the value 0x03 then the entire length is one byte, otherwise it is two. -+ * One byte controls are used in Unnumbered Information frames. -+ * Two byte controls are used in Numbered Information frames. -+ */ -+#define IS_UI 0x03 -+ -+#define EBT_802_3_MASK (EBT_802_3_SAP | EBT_802_3_TYPE | EBT_802_3) -+ -+/* ui has one byte ctrl, ni has two */ -+struct hdr_ui { -+ uint8_t dsap; -+ uint8_t ssap; -+ uint8_t ctrl; -+ uint8_t orig[3]; -+ uint16_t type; -+}; -+ -+struct hdr_ni { -+ uint8_t dsap; -+ uint8_t ssap; -+ uint16_t ctrl; -+ uint8_t orig[3]; -+ uint16_t type; -+}; -+ -+struct ebt_802_3_hdr { -+ uint8_t daddr[6]; -+ uint8_t saddr[6]; -+ uint16_t len; -+ union { -+ struct hdr_ui ui; -+ struct hdr_ni ni; -+ } llc; -+}; -+ -+struct ebt_802_3_info -+{ -+ uint8_t sap; -+ uint16_t type; -+ uint8_t bitmask; -+ uint8_t invflags; -+}; -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_arp.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,32 @@ -+#ifndef __LINUX_BRIDGE_EBT_ARP_H -+#define __LINUX_BRIDGE_EBT_ARP_H -+ -+#define EBT_ARP_OPCODE 0x01 -+#define EBT_ARP_HTYPE 0x02 -+#define EBT_ARP_PTYPE 0x04 -+#define EBT_ARP_SRC_IP 0x08 -+#define EBT_ARP_DST_IP 0x10 -+#define EBT_ARP_SRC_MAC 0x20 -+#define EBT_ARP_DST_MAC 0x40 -+#define EBT_ARP_MASK (EBT_ARP_OPCODE | EBT_ARP_HTYPE | EBT_ARP_PTYPE | \ -+ EBT_ARP_SRC_IP | EBT_ARP_DST_IP | EBT_ARP_SRC_MAC | EBT_ARP_DST_MAC) -+#define EBT_ARP_MATCH "arp" -+ -+struct ebt_arp_info -+{ -+ uint16_t htype; -+ uint16_t ptype; -+ uint16_t opcode; -+ uint32_t saddr; -+ uint32_t smsk; -+ uint32_t daddr; -+ uint32_t dmsk; -+ unsigned char smaddr[ETH_ALEN]; -+ unsigned char smmsk[ETH_ALEN]; -+ unsigned char dmaddr[ETH_ALEN]; -+ unsigned char dmmsk[ETH_ALEN]; -+ uint8_t bitmask; -+ uint8_t invflags; -+}; -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_ip.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,43 @@ -+/* -+ * ebt_ip -+ * -+ * Authors: -+ * Bart De Schuymer <bart.de.schuymer@pandora.be> -+ * -+ * April, 2002 -+ * -+ * Changes: -+ * added ip-sport and ip-dport -+ * Innominate Security Technologies AG <mhopf@innominate.com> -+ * September, 2002 -+ */ -+ -+#ifndef __LINUX_BRIDGE_EBT_IP_H -+#define __LINUX_BRIDGE_EBT_IP_H -+ -+#define EBT_IP_SOURCE 0x01 -+#define EBT_IP_DEST 0x02 -+#define EBT_IP_TOS 0x04 -+#define EBT_IP_PROTO 0x08 -+#define EBT_IP_SPORT 0x10 -+#define EBT_IP_DPORT 0x20 -+#define EBT_IP_MASK (EBT_IP_SOURCE | EBT_IP_DEST | EBT_IP_TOS | EBT_IP_PROTO |\ -+ EBT_IP_SPORT | EBT_IP_DPORT ) -+#define EBT_IP_MATCH "ip" -+ -+// the same values are used for the invflags -+struct ebt_ip_info -+{ -+ uint32_t saddr; -+ uint32_t daddr; -+ uint32_t smsk; -+ uint32_t dmsk; -+ uint8_t tos; -+ uint8_t protocol; -+ uint8_t bitmask; -+ uint8_t invflags; -+ uint16_t sport[2]; -+ uint16_t dport[2]; -+}; -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_pkttype.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,11 @@ -+#ifndef __LINUX_BRIDGE_EBT_PKTTYPE_H -+#define __LINUX_BRIDGE_EBT_PKTTYPE_H -+ -+struct ebt_pkttype_info -+{ -+ uint8_t pkt_type; -+ uint8_t invert; -+}; -+#define EBT_PKTTYPE_MATCH "pkttype" -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_stp.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,46 @@ -+#ifndef __LINUX_BRIDGE_EBT_STP_H -+#define __LINUX_BRIDGE_EBT_STP_H -+ -+#define EBT_STP_TYPE 0x0001 -+ -+#define EBT_STP_FLAGS 0x0002 -+#define EBT_STP_ROOTPRIO 0x0004 -+#define EBT_STP_ROOTADDR 0x0008 -+#define EBT_STP_ROOTCOST 0x0010 -+#define EBT_STP_SENDERPRIO 0x0020 -+#define EBT_STP_SENDERADDR 0x0040 -+#define EBT_STP_PORT 0x0080 -+#define EBT_STP_MSGAGE 0x0100 -+#define EBT_STP_MAXAGE 0x0200 -+#define EBT_STP_HELLOTIME 0x0400 -+#define EBT_STP_FWDD 0x0800 -+ -+#define EBT_STP_MASK 0x0fff -+#define EBT_STP_CONFIG_MASK 0x0ffe -+ -+#define EBT_STP_MATCH "stp" -+ -+struct ebt_stp_config_info -+{ -+ uint8_t flags; -+ uint16_t root_priol, root_priou; -+ char root_addr[6], root_addrmsk[6]; -+ uint32_t root_costl, root_costu; -+ uint16_t sender_priol, sender_priou; -+ char sender_addr[6], sender_addrmsk[6]; -+ uint16_t portl, portu; -+ uint16_t msg_agel, msg_ageu; -+ uint16_t max_agel, max_ageu; -+ uint16_t hello_timel, hello_timeu; -+ uint16_t forward_delayl, forward_delayu; -+}; -+ -+struct ebt_stp_info -+{ -+ uint8_t type; -+ struct ebt_stp_config_info config; -+ uint16_t bitmask; -+ uint16_t invflags; -+}; -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_vlan.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,20 @@ -+#ifndef __LINUX_BRIDGE_EBT_VLAN_H -+#define __LINUX_BRIDGE_EBT_VLAN_H -+ -+#define EBT_VLAN_ID 0x01 -+#define EBT_VLAN_PRIO 0x02 -+#define EBT_VLAN_ENCAP 0x04 -+#define EBT_VLAN_MASK (EBT_VLAN_ID | EBT_VLAN_PRIO | EBT_VLAN_ENCAP) -+#define EBT_VLAN_MATCH "vlan" -+ -+struct ebt_vlan_info { -+ uint16_t id; /* VLAN ID {1-4095} */ -+ uint8_t prio; /* VLAN User Priority {0-7} */ -+ uint16_t encap; /* VLAN Encapsulated frame code {0-65535} */ -+ uint8_t bitmask; /* Args bitmask bit 1=1 - ID arg, -+ bit 2=1 User-Priority arg, bit 3=1 encap*/ -+ uint8_t invflags; /* Inverse bitmask bit 1=1 - inversed ID arg, -+ bit 2=1 - inversed Pirority arg */ -+}; -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_log.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,17 @@ -+#ifndef __LINUX_BRIDGE_EBT_LOG_H -+#define __LINUX_BRIDGE_EBT_LOG_H -+ -+#define EBT_LOG_IP 0x01 // if the frame is made by ip, log the ip information -+#define EBT_LOG_ARP 0x02 -+#define EBT_LOG_MASK (EBT_LOG_IP | EBT_LOG_ARP) -+#define EBT_LOG_PREFIX_SIZE 30 -+#define EBT_LOG_WATCHER "log" -+ -+struct ebt_log_info -+{ -+ uint8_t loglevel; -+ uint8_t prefix[EBT_LOG_PREFIX_SIZE]; -+ uint32_t bitmask; -+}; -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_nat.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,13 @@ -+#ifndef __LINUX_BRIDGE_EBT_NAT_H -+#define __LINUX_BRIDGE_EBT_NAT_H -+ -+struct ebt_nat_info -+{ -+ unsigned char mac[ETH_ALEN]; -+ // EBT_ACCEPT, EBT_DROP, EBT_CONTINUE or EBT_RETURN -+ int target; -+}; -+#define EBT_SNAT_TARGET "snat" -+#define EBT_DNAT_TARGET "dnat" -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_redirect.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,11 @@ -+#ifndef __LINUX_BRIDGE_EBT_REDIRECT_H -+#define __LINUX_BRIDGE_EBT_REDIRECT_H -+ -+struct ebt_redirect_info -+{ -+ // EBT_ACCEPT, EBT_DROP or EBT_CONTINUE or EBT_RETURN -+ int target; -+}; -+#define EBT_REDIRECT_TARGET "redirect" -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_mark_m.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,15 @@ -+#ifndef __LINUX_BRIDGE_EBT_MARK_M_H -+#define __LINUX_BRIDGE_EBT_MARK_M_H -+ -+#define EBT_MARK_AND 0x01 -+#define EBT_MARK_OR 0x02 -+#define EBT_MARK_MASK (EBT_MARK_AND | EBT_MARK_OR) -+struct ebt_mark_m_info -+{ -+ unsigned long mark, mask; -+ uint8_t invert; -+ uint8_t bitmask; -+}; -+#define EBT_MARK_MATCH "mark_m" -+ -+#endif ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_bridge/ebt_mark_t.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,12 @@ -+#ifndef __LINUX_BRIDGE_EBT_MARK_T_H -+#define __LINUX_BRIDGE_EBT_MARK_T_H -+ -+struct ebt_mark_t_info -+{ -+ unsigned long mark; -+ // EBT_ACCEPT, EBT_DROP or EBT_CONTINUE or EBT_RETURN -+ int target; -+}; -+#define EBT_MARK_TARGET "mark" -+ -+#endif ---- linux-2.4.21/include/linux/netfilter.h Thu Nov 22 20:47:48 2001 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter.h Fri Aug 8 01:09:06 2003 -@@ -117,28 +117,34 @@ extern struct list_head nf_hooks[NPROTO] - /* This is gross, but inline doesn't cut it for avoiding the function - call in fast path: gcc doesn't inline (needs value tracking?). --RR */ - #ifdef CONFIG_NETFILTER_DEBUG --#define NF_HOOK nf_hook_slow -+#define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \ -+nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN) -+#define NF_HOOK_THRESH nf_hook_slow - #else - #define NF_HOOK(pf, hook, skb, indev, outdev, okfn) \ - (list_empty(&nf_hooks[(pf)][(hook)]) \ - ? (okfn)(skb) \ -- : nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn))) -+ : nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), INT_MIN)) -+#define NF_HOOK_THRESH(pf, hook, skb, indev, outdev, okfn, thresh) \ -+(list_empty(&nf_hooks[(pf)][(hook)]) \ -+ ? (okfn)(skb) \ -+ : nf_hook_slow((pf), (hook), (skb), (indev), (outdev), (okfn), (thresh))) - #endif - - int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb, - struct net_device *indev, struct net_device *outdev, -- int (*okfn)(struct sk_buff *)); -+ int (*okfn)(struct sk_buff *), int thresh); - - /* Call setsockopt() */ --int nf_setsockopt(struct sock *sk, int pf, int optval, char *opt, -+int nf_setsockopt(struct sock *sk, int pf, int optval, char *opt, - int len); - int nf_getsockopt(struct sock *sk, int pf, int optval, char *opt, - int *len); - - /* Packet queuing */ --typedef int (*nf_queue_outfn_t)(struct sk_buff *skb, -+typedef int (*nf_queue_outfn_t)(struct sk_buff *skb, - struct nf_info *info, void *data); --extern int nf_register_queue_handler(int pf, -+extern int nf_register_queue_handler(int pf, - nf_queue_outfn_t outfn, void *data); - extern int nf_unregister_queue_handler(int pf); - extern void nf_reinject(struct sk_buff *skb, ---- linux-2.4.21/include/linux/netfilter_ipv4.h Mon Feb 25 20:38:13 2002 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_ipv4.h Fri Aug 8 01:09:06 2003 -@@ -52,8 +52,10 @@ - enum nf_ip_hook_priorities { - NF_IP_PRI_FIRST = INT_MIN, - NF_IP_PRI_CONNTRACK = -200, -+ NF_IP_PRI_BRIDGE_SABOTAGE_FORWARD = -175, - NF_IP_PRI_MANGLE = -150, - NF_IP_PRI_NAT_DST = -100, -+ NF_IP_PRI_BRIDGE_SABOTAGE_LOCAL_OUT = -50, - NF_IP_PRI_FILTER = 0, - NF_IP_PRI_NAT_SRC = 100, - NF_IP_PRI_LAST = INT_MAX, ---- linux-2.4.21/include/linux/skbuff.h Fri Jun 13 16:51:39 2003 -+++ linux-2.4.21-ebt-brnf-3/include/linux/skbuff.h Fri Aug 8 01:09:06 2003 -@@ -92,6 +92,17 @@ struct nf_conntrack { - struct nf_ct_info { - struct nf_conntrack *master; - }; -+ -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+struct nf_bridge_info { -+ atomic_t use; -+ struct net_device *physindev; -+ struct net_device *physoutdev; -+ unsigned int mask; -+ unsigned long hh[16 / sizeof(unsigned long)]; -+}; -+#endif -+ - #endif - - struct sk_buff_head { -@@ -204,6 +215,9 @@ struct sk_buff { - #ifdef CONFIG_NETFILTER_DEBUG - unsigned int nf_debug; - #endif -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ struct nf_bridge_info *nf_bridge; /* Saved data about a bridged frame - see br_netfilter.c */ -+#endif - #endif /*CONFIG_NETFILTER*/ - - #if defined(CONFIG_HIPPI) -@@ -278,7 +292,7 @@ static inline struct sk_buff *skb_get(st - * If users==1, we are the only owner and are can avoid redundant - * atomic change. - */ -- -+ - /** - * kfree_skb - free an sk_buff - * @skb: buffer to free -@@ -286,7 +300,7 @@ static inline struct sk_buff *skb_get(st - * Drop a reference to the buffer and free it if the usage count has - * hit zero. - */ -- -+ - static inline void kfree_skb(struct sk_buff *skb) - { - if (atomic_read(&skb->users) == 1 || atomic_dec_and_test(&skb->users)) -@@ -1165,6 +1179,20 @@ nf_conntrack_get(struct nf_ct_info *nfct - if (nfct) - atomic_inc(&nfct->master->use); - } -+ -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+static inline void nf_bridge_put(struct nf_bridge_info *nf_bridge) -+{ -+ if (nf_bridge && atomic_dec_and_test(&nf_bridge->use)) -+ kfree(nf_bridge); -+} -+static inline void nf_bridge_get(struct nf_bridge_info *nf_bridge) -+{ -+ if (nf_bridge) -+ atomic_inc(&nf_bridge->use); -+} -+#endif -+ - #endif - - #endif /* __KERNEL__ */ ---- linux-2.4.21/net/core/netfilter.c Sat Aug 3 02:39:46 2002 -+++ linux-2.4.21-ebt-brnf-3/net/core/netfilter.c Fri Aug 8 01:09:06 2003 -@@ -1,4 +1,4 @@ --/* netfilter.c: look after the filters for various protocols. -+/* netfilter.c: look after the filters for various protocols. - * Heavily influenced by the old firewall.c by David Bonn and Alan Cox. - * - * Thanks to Rob `CmdrTaco' Malda for not influencing this code in any -@@ -342,10 +342,15 @@ static unsigned int nf_iterate(struct li - const struct net_device *indev, - const struct net_device *outdev, - struct list_head **i, -- int (*okfn)(struct sk_buff *)) -+ int (*okfn)(struct sk_buff *), -+ int hook_thresh) - { - for (*i = (*i)->next; *i != head; *i = (*i)->next) { - struct nf_hook_ops *elem = (struct nf_hook_ops *)*i; -+ -+ if (hook_thresh > elem->priority) -+ continue; -+ - switch (elem->hook(hook, skb, indev, outdev, okfn)) { - case NF_QUEUE: - return NF_QUEUE; -@@ -365,7 +370,7 @@ static unsigned int nf_iterate(struct li - break; - - default: -- NFDEBUG("Evil return from %p(%u).\n", -+ NFDEBUG("Evil return from %p(%u).\n", - elem->hook, hook); - #endif - } -@@ -374,7 +379,7 @@ static unsigned int nf_iterate(struct li - } - - int nf_register_queue_handler(int pf, nf_queue_outfn_t outfn, void *data) --{ -+{ - int ret; - - br_write_lock_bh(BR_NETPROTO_LOCK); -@@ -400,12 +405,12 @@ int nf_unregister_queue_handler(int pf) - return 0; - } - --/* -- * Any packet that leaves via this function must come back -+/* -+ * Any packet that leaves via this function must come back - * through nf_reinject(). - */ --static void nf_queue(struct sk_buff *skb, -- struct list_head *elem, -+static void nf_queue(struct sk_buff *skb, -+ struct list_head *elem, - int pf, unsigned int hook, - struct net_device *indev, - struct net_device *outdev, -@@ -413,6 +418,10 @@ static void nf_queue(struct sk_buff *skb - { - int status; - struct nf_info *info; -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ struct net_device *physindev = NULL; -+ struct net_device *physoutdev = NULL; -+#endif - - if (!queue_handler[pf].outfn) { - kfree_skb(skb); -@@ -428,18 +437,31 @@ static void nf_queue(struct sk_buff *skb - return; - } - -- *info = (struct nf_info) { -+ *info = (struct nf_info) { - (struct nf_hook_ops *)elem, pf, hook, indev, outdev, okfn }; - - /* Bump dev refs so they don't vanish while packet is out */ - if (indev) dev_hold(indev); - if (outdev) dev_hold(outdev); - -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ if (skb->nf_bridge) { -+ physindev = skb->nf_bridge->physindev; -+ if (physindev) dev_hold(physindev); -+ physoutdev = skb->nf_bridge->physoutdev; -+ if (physoutdev) dev_hold(physoutdev); -+ } -+#endif -+ - status = queue_handler[pf].outfn(skb, info, queue_handler[pf].data); - if (status < 0) { - /* James M doesn't say fuck enough. */ - if (indev) dev_put(indev); - if (outdev) dev_put(outdev); -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ if (physindev) dev_put(physindev); -+ if (physoutdev) dev_put(physoutdev); -+#endif - kfree(info); - kfree_skb(skb); - return; -@@ -449,7 +471,8 @@ static void nf_queue(struct sk_buff *skb - int nf_hook_slow(int pf, unsigned int hook, struct sk_buff *skb, - struct net_device *indev, - struct net_device *outdev, -- int (*okfn)(struct sk_buff *)) -+ int (*okfn)(struct sk_buff *), -+ int hook_thresh) - { - struct list_head *elem; - unsigned int verdict; -@@ -481,7 +504,7 @@ int nf_hook_slow(int pf, unsigned int ho - - elem = &nf_hooks[pf][hook]; - verdict = nf_iterate(&nf_hooks[pf][hook], &skb, hook, indev, -- outdev, &elem, okfn); -+ outdev, &elem, okfn, hook_thresh); - if (verdict == NF_QUEUE) { - NFDEBUG("nf_hook: Verdict = QUEUE.\n"); - nf_queue(skb, elem, pf, hook, indev, outdev, okfn); -@@ -510,6 +533,14 @@ void nf_reinject(struct sk_buff *skb, st - - /* We don't have BR_NETPROTO_LOCK here */ - br_read_lock_bh(BR_NETPROTO_LOCK); -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ if (skb->nf_bridge) { -+ if (skb->nf_bridge->physindev) -+ dev_put(skb->nf_bridge->physindev); -+ if (skb->nf_bridge->physoutdev) -+ dev_put(skb->nf_bridge->physoutdev); -+ } -+#endif - for (i = nf_hooks[info->pf][info->hook].next; i != elem; i = i->next) { - if (i == &nf_hooks[info->pf][info->hook]) { - /* The module which sent it to userspace is gone. */ -@@ -528,9 +559,9 @@ void nf_reinject(struct sk_buff *skb, st - - if (verdict == NF_ACCEPT) { - verdict = nf_iterate(&nf_hooks[info->pf][info->hook], -- &skb, info->hook, -+ &skb, info->hook, - info->indev, info->outdev, &elem, -- info->okfn); -+ info->okfn, INT_MIN); - } - - switch (verdict) { -@@ -539,20 +570,19 @@ void nf_reinject(struct sk_buff *skb, st - break; - - case NF_QUEUE: -- nf_queue(skb, elem, info->pf, info->hook, -+ nf_queue(skb, elem, info->pf, info->hook, - info->indev, info->outdev, info->okfn); - break; -- -- case NF_DROP: -- kfree_skb(skb); -- break; - } - br_read_unlock_bh(BR_NETPROTO_LOCK); - - /* Release those devices we held, or Alexey will kill me. */ - if (info->indev) dev_put(info->indev); - if (info->outdev) dev_put(info->outdev); -- -+ -+ if (verdict == NF_DROP) -+ kfree_skb(skb); -+ - kfree(info); - return; - } ---- linux-2.4.21/net/core/skbuff.c Fri Jun 13 16:51:39 2003 -+++ linux-2.4.21-ebt-brnf-3/net/core/skbuff.c Fri Aug 8 01:09:06 2003 -@@ -245,6 +245,9 @@ static inline void skb_headerinit(void * - #ifdef CONFIG_NETFILTER_DEBUG - skb->nf_debug = 0; - #endif -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ skb->nf_bridge = NULL; -+#endif - #endif - #ifdef CONFIG_NET_SCHED - skb->tc_index = 0; -@@ -325,6 +328,9 @@ void __kfree_skb(struct sk_buff *skb) - } - #ifdef CONFIG_NETFILTER - nf_conntrack_put(skb->nfct); -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ nf_bridge_put(skb->nf_bridge); -+#endif - #endif - skb_headerinit(skb, NULL, 0); /* clean state */ - kfree_skbmem(skb); -@@ -391,6 +397,9 @@ struct sk_buff *skb_clone(struct sk_buff - #ifdef CONFIG_NETFILTER_DEBUG - C(nf_debug); - #endif -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ C(nf_bridge); -+#endif - #endif /*CONFIG_NETFILTER*/ - #if defined(CONFIG_HIPPI) - C(private); -@@ -403,6 +412,9 @@ struct sk_buff *skb_clone(struct sk_buff - skb->cloned = 1; - #ifdef CONFIG_NETFILTER - nf_conntrack_get(skb->nfct); -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ nf_bridge_get(skb->nf_bridge); -+#endif - #endif - return n; - } -@@ -436,6 +448,10 @@ static void copy_skb_header(struct sk_bu - nf_conntrack_get(new->nfct); - #ifdef CONFIG_NETFILTER_DEBUG - new->nf_debug=old->nf_debug; -+#endif -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ new->nf_bridge=old->nf_bridge; -+ nf_bridge_get(new->nf_bridge); - #endif - #endif - #ifdef CONFIG_NET_SCHED ---- linux-2.4.21/net/ipv4/netfilter/ip_tables.c Fri Jun 13 16:51:39 2003 -+++ linux-2.4.21-ebt-brnf-3/net/ipv4/netfilter/ip_tables.c Fri Aug 8 01:09:06 2003 -@@ -121,12 +121,19 @@ static LIST_HEAD(ipt_tables); - static inline int - ip_packet_match(const struct iphdr *ip, - const char *indev, -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ const char *physindev, -+#endif - const char *outdev, -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ const char *physoutdev, -+#endif - const struct ipt_ip *ipinfo, - int isfrag) - { - size_t i; - unsigned long ret; -+ unsigned long ret2 = 1; - - #define FWINV(bool,invflg) ((bool) ^ !!(ipinfo->invflags & invflg)) - -@@ -156,7 +163,15 @@ ip_packet_match(const struct iphdr *ip, - & ((const unsigned long *)ipinfo->iniface_mask)[i]; - } - -- if (FWINV(ret != 0, IPT_INV_VIA_IN)) { -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ for (i = 0, ret2 = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) { -+ ret2 |= (((const unsigned long *)physindev)[i] -+ ^ ((const unsigned long *)ipinfo->iniface)[i]) -+ & ((const unsigned long *)ipinfo->iniface_mask)[i]; -+ } -+#endif -+ -+ if (FWINV(ret != 0 && ret2 != 0, IPT_INV_VIA_IN)) { - dprintf("VIA in mismatch (%s vs %s).%s\n", - indev, ipinfo->iniface, - ipinfo->invflags&IPT_INV_VIA_IN ?" (INV)":""); -@@ -169,7 +184,15 @@ ip_packet_match(const struct iphdr *ip, - & ((const unsigned long *)ipinfo->outiface_mask)[i]; - } - -- if (FWINV(ret != 0, IPT_INV_VIA_OUT)) { -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ for (i = 0, ret2 = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) { -+ ret2 |= (((const unsigned long *)physoutdev)[i] -+ ^ ((const unsigned long *)ipinfo->outiface)[i]) -+ & ((const unsigned long *)ipinfo->outiface_mask)[i]; -+ } -+#endif -+ -+ if (FWINV(ret != 0 && ret2 != 0, IPT_INV_VIA_OUT)) { - dprintf("VIA out mismatch (%s vs %s).%s\n", - outdev, ipinfo->outiface, - ipinfo->invflags&IPT_INV_VIA_OUT ?" (INV)":""); -@@ -268,6 +291,9 @@ ipt_do_table(struct sk_buff **pskb, - /* Initializing verdict to NF_DROP keeps gcc happy. */ - unsigned int verdict = NF_DROP; - const char *indev, *outdev; -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ const char *physindev, *physoutdev; -+#endif - void *table_base; - struct ipt_entry *e, *back; - -@@ -277,6 +303,13 @@ ipt_do_table(struct sk_buff **pskb, - datalen = (*pskb)->len - ip->ihl * 4; - indev = in ? in->name : nulldevname; - outdev = out ? out->name : nulldevname; -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ physindev = ((*pskb)->nf_bridge && (*pskb)->nf_bridge->physindev) ? -+ (*pskb)->nf_bridge->physindev->name : nulldevname; -+ physoutdev = ((*pskb)->nf_bridge && (*pskb)->nf_bridge->physoutdev) ? -+ (*pskb)->nf_bridge->physoutdev->name : nulldevname; -+#endif -+ - /* We handle fragments by dealing with the first fragment as - * if it was a normal packet. All other fragments are treated - * normally, except that they will NEVER match rules that ask -@@ -312,7 +345,15 @@ ipt_do_table(struct sk_buff **pskb, - IP_NF_ASSERT(e); - IP_NF_ASSERT(back); - (*pskb)->nfcache |= e->nfcache; -- if (ip_packet_match(ip, indev, outdev, &e->ip, offset)) { -+ if (ip_packet_match(ip, indev, -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ physindev, -+#endif -+ outdev, -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ physoutdev, -+#endif -+ &e->ip, offset)) { - struct ipt_entry_target *t; - - if (IPT_MATCH_ITERATE(e, do_match, ---- linux-2.4.21/net/ipv4/ip_output.c Fri Nov 29 00:53:15 2002 -+++ linux-2.4.21-ebt-brnf-3/net/ipv4/ip_output.c Fri Aug 8 01:09:06 2003 -@@ -879,6 +879,10 @@ int ip_fragment(struct sk_buff *skb, int - /* Connection association is same as pre-frag packet */ - skb2->nfct = skb->nfct; - nf_conntrack_get(skb2->nfct); -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ skb2->nf_bridge = skb->nf_bridge; -+ nf_bridge_get(skb2->nf_bridge); -+#endif - #ifdef CONFIG_NETFILTER_DEBUG - skb2->nf_debug = skb->nf_debug; - #endif ---- linux-2.4.21/net/ipv4/netfilter/ipt_LOG.c Mon Feb 25 20:38:14 2002 -+++ linux-2.4.21-ebt-brnf-3/net/ipv4/netfilter/ipt_LOG.c Fri Aug 8 01:09:06 2003 -@@ -289,6 +289,18 @@ ipt_log_target(struct sk_buff **pskb, - loginfo->prefix, - in ? in->name : "", - out ? out->name : ""); -+#if defined(CONFIG_BRIDGE) || defined(CONFIG_BRIDGE_MODULE) -+ if ((*pskb)->nf_bridge) { -+ struct net_device *physindev = (*pskb)->nf_bridge->physindev; -+ struct net_device *physoutdev = (*pskb)->nf_bridge->physoutdev; -+ -+ if (physindev && in != physindev) -+ printk("PHYSIN=%s ", physindev->name); -+ if (physoutdev && out != physoutdev) -+ printk("PHYSOUT=%s ", physoutdev->name); -+ } -+#endif -+ - if (in && !out) { - /* MAC logging for input chain only. */ - printk("MAC="); ---- linux-2.4.21/net/ipv4/netfilter/Makefile Fri Jun 13 16:51:39 2003 -+++ linux-2.4.21-ebt-brnf-3/net/ipv4/netfilter/Makefile Fri Aug 8 01:09:06 2003 -@@ -84,6 +84,8 @@ obj-$(CONFIG_IP_NF_MATCH_CONNTRACK) += i - obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o - obj-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss.o - -+obj-$(CONFIG_IP_NF_MATCH_PHYSDEV) += ipt_physdev.o -+ - # targets - obj-$(CONFIG_IP_NF_TARGET_REJECT) += ipt_REJECT.o - obj-$(CONFIG_IP_NF_TARGET_MIRROR) += ipt_MIRROR.o ---- linux-2.4.21/net/ipv4/netfilter/Config.in Fri Jun 13 16:51:39 2003 -+++ linux-2.4.21-ebt-brnf-3/net/ipv4/netfilter/Config.in Fri Aug 8 01:09:06 2003 -@@ -43,6 +43,9 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; - dep_tristate ' Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES - dep_tristate ' Owner match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_OWNER $CONFIG_IP_NF_IPTABLES - fi -+ if [ "$CONFIG_BRIDGE" != "n" ]; then -+ dep_tristate ' Physdev match support' CONFIG_IP_NF_MATCH_PHYSDEV -+ fi - # The targets - dep_tristate ' Packet filtering' CONFIG_IP_NF_FILTER $CONFIG_IP_NF_IPTABLES - if [ "$CONFIG_IP_NF_FILTER" != "n" ]; then ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/bridge/br_netfilter.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,636 @@ -+/* -+ * Handle firewalling -+ * Linux ethernet bridge -+ * -+ * Authors: -+ * Lennert Buytenhek <buytenh@gnu.org> -+ * Bart De Schuymer <bdschuym@pandora.be> -+ * -+ * This program is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU General Public License -+ * as published by the Free Software Foundation; either version -+ * 2 of the License, or (at your option) any later version. -+ * -+ * Lennert dedicates this file to Kerstin Wurdinger. -+ */ -+ -+#include <linux/module.h> -+#include <linux/kernel.h> -+#include <linux/ip.h> -+#include <linux/netdevice.h> -+#include <linux/skbuff.h> -+#include <linux/if_ether.h> -+#include <linux/netfilter_bridge.h> -+#include <linux/netfilter_ipv4.h> -+#include <linux/in_route.h> -+#include <net/ip.h> -+#include <asm/uaccess.h> -+#include <asm/checksum.h> -+#include "br_private.h" -+ -+ -+#define skb_origaddr(skb) (((struct bridge_skb_cb *) \ -+ (skb->cb))->daddr.ipv4) -+#define store_orig_dstaddr(skb) (skb_origaddr(skb) = (skb)->nh.iph->daddr) -+#define dnat_took_place(skb) (skb_origaddr(skb) != (skb)->nh.iph->daddr) -+#define clear_cb(skb) (memset(&skb_origaddr(skb), 0, \ -+ sizeof(struct bridge_skb_cb))) -+ -+#define has_bridge_parent(device) ((device)->br_port != NULL) -+#define bridge_parent(device) (&((device)->br_port->br->dev)) -+ -+/* We need these fake structures to make netfilter happy -- -+ * lots of places assume that skb->dst != NULL, which isn't -+ * all that unreasonable. -+ * -+ * Currently, we fill in the PMTU entry because netfilter -+ * refragmentation needs it, and the rt_flags entry because -+ * ipt_REJECT needs it. Future netfilter modules might -+ * require us to fill additional fields. -+ */ -+static struct net_device __fake_net_device = { -+ .hard_header_len = ETH_HLEN -+}; -+ -+static struct rtable __fake_rtable = { -+ u: { -+ dst: { -+ __refcnt: ATOMIC_INIT(1), -+ dev: &__fake_net_device, -+ pmtu: 1500 -+ } -+ }, -+ -+ rt_flags: 0 -+}; -+ -+ -+/* PF_BRIDGE/PRE_ROUTING *********************************************/ -+static void __br_dnat_complain(void) -+{ -+ static unsigned long last_complaint = 0; -+ -+ if (jiffies - last_complaint >= 5 * HZ) { -+ printk(KERN_WARNING "Performing cross-bridge DNAT requires IP " -+ "forwarding to be enabled\n"); -+ last_complaint = jiffies; -+ } -+} -+ -+ -+/* This requires some explaining. If DNAT has taken place, -+ * we will need to fix up the destination Ethernet address, -+ * and this is a tricky process. -+ * -+ * There are two cases to consider: -+ * 1. The packet was DNAT'ed to a device in the same bridge -+ * port group as it was received on. We can still bridge -+ * the packet. -+ * 2. The packet was DNAT'ed to a different device, either -+ * a non-bridged device or another bridge port group. -+ * The packet will need to be routed. -+ * -+ * The correct way of distinguishing between these two cases is to -+ * call ip_route_input() and to look at skb->dst->dev, which is -+ * changed to the destination device if ip_route_input() succeeds. -+ * -+ * Let us first consider the case that ip_route_input() succeeds: -+ * -+ * If skb->dst->dev equals the logical bridge device the packet -+ * came in on, we can consider this bridging. We then call -+ * skb->dst->output() which will make the packet enter br_nf_local_out() -+ * not much later. In that function it is assured that the iptables -+ * FORWARD chain is traversed for the packet. -+ * -+ * Otherwise, the packet is considered to be routed and we just -+ * change the destination MAC address so that the packet will -+ * later be passed up to the IP stack to be routed. -+ * -+ * Let us now consider the case that ip_route_input() fails: -+ * -+ * After a "echo '0' > /proc/sys/net/ipv4/ip_forward" ip_route_input() -+ * will fail, while __ip_route_output_key() will return success. The source -+ * address for __ip_route_output_key() is set to zero, so __ip_route_output_key -+ * thinks we're handling a locally generated packet and won't care -+ * if IP forwarding is allowed. We send a warning message to the users's -+ * log telling her to put IP forwarding on. -+ * -+ * ip_route_input() will also fail if there is no route available. -+ * In that case we just drop the packet. -+ * -+ * --Lennert, 20020411 -+ * --Bart, 20020416 (updated) -+ * --Bart, 20021007 (updated) -+ */ -+ -+static int br_nf_pre_routing_finish_bridge(struct sk_buff *skb) -+{ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug |= (1 << NF_BR_PRE_ROUTING) | (1 << NF_BR_FORWARD); -+#endif -+ -+ if (skb->pkt_type == PACKET_OTHERHOST) { -+ skb->pkt_type = PACKET_HOST; -+ skb->nf_bridge->mask |= BRNF_PKT_TYPE; -+ } -+ -+ skb->dev = bridge_parent(skb->dev); -+ skb->dst->output(skb); -+ return 0; -+} -+ -+static int br_nf_pre_routing_finish(struct sk_buff *skb) -+{ -+ struct net_device *dev = skb->dev; -+ struct iphdr *iph = skb->nh.iph; -+ struct nf_bridge_info *nf_bridge = skb->nf_bridge; -+ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug ^= (1 << NF_BR_PRE_ROUTING); -+#endif -+ -+ if (nf_bridge->mask & BRNF_PKT_TYPE) { -+ skb->pkt_type = PACKET_OTHERHOST; -+ nf_bridge->mask ^= BRNF_PKT_TYPE; -+ } -+ -+ if (dnat_took_place(skb)) { -+ if (ip_route_input(skb, iph->daddr, iph->saddr, iph->tos, -+ dev)) { -+ struct rtable *rt; -+ -+ if (!ip_route_output(&rt, iph->daddr, 0, iph->tos, 0)) { -+ /* Bridged-and-DNAT'ed traffic doesn't -+ * require ip_forwarding. -+ */ -+ if (((struct dst_entry *)rt)->dev == dev) { -+ skb->dst = (struct dst_entry *)rt; -+ goto bridged_dnat; -+ } -+ __br_dnat_complain(); -+ dst_release((struct dst_entry *)rt); -+ } -+ kfree_skb(skb); -+ return 0; -+ } else { -+ if (skb->dst->dev == dev) { -+bridged_dnat: -+ /* Tell br_nf_local_out this is a -+ * bridged frame -+ */ -+ nf_bridge->mask |= BRNF_BRIDGED_DNAT; -+ skb->dev = nf_bridge->physindev; -+ clear_cb(skb); -+ NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, -+ skb, skb->dev, NULL, -+ br_nf_pre_routing_finish_bridge, -+ 1); -+ return 0; -+ } -+ memcpy(skb->mac.ethernet->h_dest, dev->dev_addr, -+ ETH_ALEN); -+ } -+ } else { -+ skb->dst = (struct dst_entry *)&__fake_rtable; -+ dst_hold(skb->dst); -+ } -+ -+ clear_cb(skb); -+ skb->dev = nf_bridge->physindev; -+ NF_HOOK_THRESH(PF_BRIDGE, NF_BR_PRE_ROUTING, skb, skb->dev, NULL, -+ br_handle_frame_finish, 1); -+ -+ return 0; -+} -+ -+/* Replicate the checks that IPv4 does on packet reception. -+ * Set skb->dev to the bridge device (i.e. parent of the -+ * receiving device) to make netfilter happy, the REDIRECT -+ * target in particular. Save the original destination IP -+ * address to be able to detect DNAT afterwards. -+ */ -+static unsigned int br_nf_pre_routing(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ struct iphdr *iph; -+ __u32 len; -+ struct sk_buff *skb; -+ struct nf_bridge_info *nf_bridge; -+ -+ if ((*pskb)->protocol != __constant_htons(ETH_P_IP)) -+ return NF_ACCEPT; -+ -+ if ((skb = skb_share_check(*pskb, GFP_ATOMIC)) == NULL) -+ goto out; -+ -+ if (!pskb_may_pull(skb, sizeof(struct iphdr))) -+ goto inhdr_error; -+ -+ iph = skb->nh.iph; -+ if (iph->ihl < 5 || iph->version != 4) -+ goto inhdr_error; -+ -+ if (!pskb_may_pull(skb, 4*iph->ihl)) -+ goto inhdr_error; -+ -+ iph = skb->nh.iph; -+ if (ip_fast_csum((__u8 *)iph, iph->ihl) != 0) -+ goto inhdr_error; -+ -+ len = ntohs(iph->tot_len); -+ if (skb->len < len || len < 4*iph->ihl) -+ goto inhdr_error; -+ -+ if (skb->len > len) { -+ __pskb_trim(skb, len); -+ if (skb->ip_summed == CHECKSUM_HW) -+ skb->ip_summed = CHECKSUM_NONE; -+ } -+ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug ^= (1 << NF_IP_PRE_ROUTING); -+#endif -+ if ((nf_bridge = nf_bridge_alloc(skb)) == NULL) -+ return NF_DROP; -+ -+ if (skb->pkt_type == PACKET_OTHERHOST) { -+ skb->pkt_type = PACKET_HOST; -+ nf_bridge->mask |= BRNF_PKT_TYPE; -+ } -+ -+ nf_bridge->physindev = skb->dev; -+ skb->dev = bridge_parent(skb->dev); -+ store_orig_dstaddr(skb); -+ -+ NF_HOOK(PF_INET, NF_IP_PRE_ROUTING, skb, skb->dev, NULL, -+ br_nf_pre_routing_finish); -+ -+ return NF_STOLEN; -+ -+inhdr_error: -+// IP_INC_STATS_BH(IpInHdrErrors); -+out: -+ return NF_DROP; -+} -+ -+ -+/* PF_BRIDGE/LOCAL_IN ************************************************/ -+/* The packet is locally destined, which requires a real -+ * dst_entry, so detach the fake one. On the way up, the -+ * packet would pass through PRE_ROUTING again (which already -+ * took place when the packet entered the bridge), but we -+ * register an IPv4 PRE_ROUTING 'sabotage' hook that will -+ * prevent this from happening. -+ */ -+static unsigned int br_nf_local_in(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ struct sk_buff *skb = *pskb; -+ -+ if (skb->protocol != __constant_htons(ETH_P_IP)) -+ return NF_ACCEPT; -+ -+ if (skb->dst == (struct dst_entry *)&__fake_rtable) { -+ dst_release(skb->dst); -+ skb->dst = NULL; -+ } -+ -+ return NF_ACCEPT; -+} -+ -+ -+/* PF_BRIDGE/FORWARD *************************************************/ -+static int br_nf_forward_finish(struct sk_buff *skb) -+{ -+ struct nf_bridge_info *nf_bridge = skb->nf_bridge; -+ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug ^= (1 << NF_BR_FORWARD); -+#endif -+ -+ if (nf_bridge->mask & BRNF_PKT_TYPE) { -+ skb->pkt_type = PACKET_OTHERHOST; -+ nf_bridge->mask ^= BRNF_PKT_TYPE; -+ } -+ -+ NF_HOOK_THRESH(PF_BRIDGE, NF_BR_FORWARD, skb, nf_bridge->physindev, -+ skb->dev, br_forward_finish, 1); -+ -+ return 0; -+} -+ -+/* This is the 'purely bridged' case. We pass the packet to -+ * netfilter with indev and outdev set to the bridge device, -+ * but we are still able to filter on the 'real' indev/outdev -+ * because of the ipt_physdev.c module. -+ */ -+static unsigned int br_nf_forward(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ struct sk_buff *skb = *pskb; -+ struct nf_bridge_info *nf_bridge; -+ -+ if (skb->protocol != __constant_htons(ETH_P_IP)) -+ return NF_ACCEPT; -+ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug ^= (1 << NF_BR_FORWARD); -+#endif -+ -+ nf_bridge = skb->nf_bridge; -+ if (skb->pkt_type == PACKET_OTHERHOST) { -+ skb->pkt_type = PACKET_HOST; -+ nf_bridge->mask |= BRNF_PKT_TYPE; -+ } -+ -+ nf_bridge->mask |= BRNF_BRIDGED; /* The physdev module checks on this */ -+ nf_bridge->physoutdev = skb->dev; -+ -+ NF_HOOK(PF_INET, NF_IP_FORWARD, skb, bridge_parent(nf_bridge->physindev), -+ bridge_parent(skb->dev), br_nf_forward_finish); -+ -+ return NF_STOLEN; -+} -+ -+ -+/* PF_BRIDGE/LOCAL_OUT ***********************************************/ -+static int br_nf_local_out_finish(struct sk_buff *skb) -+{ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug &= ~(1 << NF_BR_LOCAL_OUT); -+#endif -+ -+ NF_HOOK_THRESH(PF_BRIDGE, NF_BR_LOCAL_OUT, skb, NULL, skb->dev, -+ br_forward_finish, NF_BR_PRI_FIRST + 1); -+ -+ return 0; -+} -+ -+ -+/* This function sees both locally originated IP packets and forwarded -+ * IP packets (in both cases the destination device is a bridge -+ * device). It also sees bridged-and-DNAT'ed packets. -+ * To be able to filter on the physical bridge devices (with the ipt_physdev.c -+ * module), we steal packets destined to a bridge device away from the -+ * PF_INET/FORWARD and PF_INET/OUTPUT hook functions, and give them back later, -+ * when we have determined the real output device. This is done in here. -+ * -+ * If (nf_bridge->mask & BRNF_BRIDGED_DNAT) then the packet is bridged -+ * and we fake the PF_BRIDGE/FORWARD hook. The function br_nf_forward() -+ * will then fake the PF_INET/FORWARD hook. br_nf_local_out() has priority -+ * NF_BR_PRI_FIRST, so no relevant PF_BRIDGE/INPUT functions have been nor -+ * will be executed. -+ * Otherwise, if nf_bridge->physindev is NULL, the bridge-nf code never touched -+ * this packet before, and so the packet was locally originated. We fake -+ * the PF_INET/LOCAL_OUT hook. -+ * Finally, if nf_bridge->physindev isn't NULL, then the packet was IP routed, -+ * so we fake the PF_INET/FORWARD hook. ipv4_sabotage_out() makes sure -+ * even routed packets that didn't arrive on a bridge interface have their -+ * nf_bridge->physindev set. -+ */ -+ -+static unsigned int br_nf_local_out(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*_okfn)(struct sk_buff *)) -+{ -+ int (*okfn)(struct sk_buff *skb); -+ struct net_device *realindev; -+ struct sk_buff *skb = *pskb; -+ struct nf_bridge_info *nf_bridge; -+ -+ if (skb->protocol != __constant_htons(ETH_P_IP)) -+ return NF_ACCEPT; -+ -+ /* Sometimes we get packets with NULL ->dst here (for example, -+ * running a dhcp client daemon triggers this). -+ */ -+ if (skb->dst == NULL) -+ return NF_ACCEPT; -+ -+ nf_bridge = skb->nf_bridge; -+ nf_bridge->physoutdev = skb->dev; -+ -+ realindev = nf_bridge->physindev; -+ -+ /* Bridged, take PF_BRIDGE/FORWARD. -+ * (see big note in front of br_nf_pre_routing_finish) -+ */ -+ if (nf_bridge->mask & BRNF_BRIDGED_DNAT) { -+ okfn = br_forward_finish; -+ -+ if (nf_bridge->mask & BRNF_PKT_TYPE) { -+ skb->pkt_type = PACKET_OTHERHOST; -+ nf_bridge->mask ^= BRNF_PKT_TYPE; -+ } -+ -+ NF_HOOK(PF_BRIDGE, NF_BR_FORWARD, skb, realindev, -+ skb->dev, okfn); -+ } else { -+ okfn = br_nf_local_out_finish; -+ /* IP forwarded traffic has a physindev, locally -+ * generated traffic hasn't. -+ */ -+ if (realindev != NULL) { -+ if (((nf_bridge->mask & BRNF_DONT_TAKE_PARENT) == 0) && -+ has_bridge_parent(realindev)) -+ realindev = bridge_parent(realindev); -+ -+ NF_HOOK_THRESH(PF_INET, NF_IP_FORWARD, skb, realindev, -+ bridge_parent(skb->dev), okfn, -+ NF_IP_PRI_BRIDGE_SABOTAGE_FORWARD + 1); -+ } else { -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug ^= (1 << NF_IP_LOCAL_OUT); -+#endif -+ -+ NF_HOOK_THRESH(PF_INET, NF_IP_LOCAL_OUT, skb, realindev, -+ bridge_parent(skb->dev), okfn, -+ NF_IP_PRI_BRIDGE_SABOTAGE_LOCAL_OUT + 1); -+ } -+ } -+ -+ return NF_STOLEN; -+} -+ -+ -+/* PF_BRIDGE/POST_ROUTING ********************************************/ -+static unsigned int br_nf_post_routing(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ struct sk_buff *skb = *pskb; -+ struct nf_bridge_info *nf_bridge = (*pskb)->nf_bridge; -+ -+ /* Be very paranoid. Must be a device driver bug. */ -+ if (skb->mac.raw < skb->head || skb->mac.raw + ETH_HLEN > skb->data) { -+ printk(KERN_CRIT "br_netfilter: Argh!! br_nf_post_routing: " -+ "bad mac.raw pointer."); -+ if (skb->dev != NULL) { -+ printk("[%s]", skb->dev->name); -+ if (has_bridge_parent(skb->dev)) -+ printk("[%s]", bridge_parent(skb->dev)->name); -+ } -+ printk("\n"); -+ return NF_ACCEPT; -+ } -+ -+ if (skb->protocol != __constant_htons(ETH_P_IP)) -+ return NF_ACCEPT; -+ -+ /* Sometimes we get packets with NULL ->dst here (for example, -+ * running a dhcp client daemon triggers this). -+ */ -+ if (skb->dst == NULL) -+ return NF_ACCEPT; -+ -+#ifdef CONFIG_NETFILTER_DEBUG -+ skb->nf_debug ^= (1 << NF_IP_POST_ROUTING); -+#endif -+ -+ /* We assume any code from br_dev_queue_push_xmit onwards doesn't care -+ * about the value of skb->pkt_type. -+ */ -+ if (skb->pkt_type == PACKET_OTHERHOST) { -+ skb->pkt_type = PACKET_HOST; -+ nf_bridge->mask |= BRNF_PKT_TYPE; -+ } -+ -+ memcpy(nf_bridge->hh, skb->data - 16, 16); -+ -+ NF_HOOK(PF_INET, NF_IP_POST_ROUTING, skb, NULL, -+ bridge_parent(skb->dev), br_dev_queue_push_xmit); -+ -+ return NF_STOLEN; -+} -+ -+ -+/* IPv4/SABOTAGE *****************************************************/ -+ -+/* Don't hand locally destined packets to PF_INET/PRE_ROUTING -+ * for the second time. -+ */ -+static unsigned int ipv4_sabotage_in(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ if (in->hard_start_xmit == br_dev_xmit && -+ okfn != br_nf_pre_routing_finish) { -+ okfn(*pskb); -+ return NF_STOLEN; -+ } -+ -+ return NF_ACCEPT; -+} -+ -+/* Postpone execution of PF_INET/FORWARD, PF_INET/LOCAL_OUT -+ * and PF_INET/POST_ROUTING until we have done the forwarding -+ * decision in the bridge code and have determined skb->physoutdev. -+ */ -+static unsigned int ipv4_sabotage_out(unsigned int hook, struct sk_buff **pskb, -+ const struct net_device *in, const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ if (out->hard_start_xmit == br_dev_xmit && -+ okfn != br_nf_forward_finish && -+ okfn != br_nf_local_out_finish && -+ okfn != br_dev_queue_push_xmit) { -+ struct sk_buff *skb = *pskb; -+ struct nf_bridge_info *nf_bridge; -+ -+ if (!skb->nf_bridge && !nf_bridge_alloc(skb)) -+ return NF_DROP; -+ -+ nf_bridge = skb->nf_bridge; -+ -+ /* This frame will arrive on PF_BRIDGE/LOCAL_OUT and we -+ * will need the indev then. For a brouter, the real indev -+ * can be a bridge port, so we make sure br_nf_local_out() -+ * doesn't use the bridge parent of the indev by using -+ * the BRNF_DONT_TAKE_PARENT mask. -+ */ -+ if (hook == NF_IP_FORWARD && nf_bridge->physindev == NULL) { -+ nf_bridge->mask &= BRNF_DONT_TAKE_PARENT; -+ nf_bridge->physindev = (struct net_device *)in; -+ } -+ okfn(skb); -+ return NF_STOLEN; -+ } -+ -+ return NF_ACCEPT; -+} -+ -+/* For br_nf_local_out we need (prio = NF_BR_PRI_FIRST), to insure that innocent -+ * PF_BRIDGE/NF_BR_LOCAL_OUT functions don't get bridged traffic as input. -+ * For br_nf_post_routing, we need (prio = NF_BR_PRI_LAST), because -+ * ip_refrag() can return NF_STOLEN. -+ */ -+static struct nf_hook_ops br_nf_ops[] = { -+ { .hook = br_nf_pre_routing, -+ .pf = PF_BRIDGE, -+ .hooknum = NF_BR_PRE_ROUTING, -+ .priority = NF_BR_PRI_BRNF, }, -+ { .hook = br_nf_local_in, -+ .pf = PF_BRIDGE, -+ .hooknum = NF_BR_LOCAL_IN, -+ .priority = NF_BR_PRI_BRNF, }, -+ { .hook = br_nf_forward, -+ .pf = PF_BRIDGE, -+ .hooknum = NF_BR_FORWARD, -+ .priority = NF_BR_PRI_BRNF, }, -+ { .hook = br_nf_local_out, -+ .pf = PF_BRIDGE, -+ .hooknum = NF_BR_LOCAL_OUT, -+ .priority = NF_BR_PRI_FIRST, }, -+ { .hook = br_nf_post_routing, -+ .pf = PF_BRIDGE, -+ .hooknum = NF_BR_POST_ROUTING, -+ .priority = NF_BR_PRI_LAST, }, -+ { .hook = ipv4_sabotage_in, -+ .pf = PF_INET, -+ .hooknum = NF_IP_PRE_ROUTING, -+ .priority = NF_IP_PRI_FIRST, }, -+ { .hook = ipv4_sabotage_out, -+ .pf = PF_INET, -+ .hooknum = NF_IP_FORWARD, -+ .priority = NF_IP_PRI_BRIDGE_SABOTAGE_FORWARD, }, -+ { .hook = ipv4_sabotage_out, -+ .pf = PF_INET, -+ .hooknum = NF_IP_LOCAL_OUT, -+ .priority = NF_IP_PRI_BRIDGE_SABOTAGE_LOCAL_OUT, }, -+ { .hook = ipv4_sabotage_out, -+ .pf = PF_INET, -+ .hooknum = NF_IP_POST_ROUTING, -+ .priority = NF_IP_PRI_FIRST, }, -+}; -+ -+int br_netfilter_init(void) -+{ -+ int i; -+ -+ for (i = 0; i < ARRAY_SIZE(br_nf_ops); i++) { -+ int ret; -+ -+ if ((ret = nf_register_hook(&br_nf_ops[i])) >= 0) -+ continue; -+ -+ while (i--) -+ nf_unregister_hook(&br_nf_ops[i]); -+ -+ return ret; -+ } -+ -+ printk(KERN_NOTICE "Bridge firewalling registered\n"); -+ -+ return 0; -+} -+ -+void br_netfilter_fini(void) -+{ -+ int i; -+ -+ for (i = ARRAY_SIZE(br_nf_ops) - 1; i >= 0; i--) -+ nf_unregister_hook(&br_nf_ops[i]); -+} ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/net/ipv4/netfilter/ipt_physdev.c Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,127 @@ -+/* Kernel module to match the bridge port in and -+ * out device for IP packets coming into contact with a bridge. */ -+#include <linux/module.h> -+#include <linux/skbuff.h> -+#include <linux/netfilter_ipv4/ipt_physdev.h> -+#include <linux/netfilter_ipv4/ip_tables.h> -+#include <linux/netfilter_bridge.h> -+#include <linux/netdevice.h> -+#define MATCH 1 -+#define NOMATCH 0 -+ -+static int -+match(const struct sk_buff *skb, -+ const struct net_device *in, -+ const struct net_device *out, -+ const void *matchinfo, -+ int offset, -+ const void *hdr, -+ u_int16_t datalen, -+ int *hotdrop) -+{ -+ int i; -+ static const char nulldevname[IFNAMSIZ] = { 0 }; -+ const struct ipt_physdev_info *info = matchinfo; -+ unsigned long ret; -+ const char *indev, *outdev; -+ struct nf_bridge_info *nf_bridge; -+ -+ /* Not a bridged IP packet or no info available yet: -+ * LOCAL_OUT/mangle and LOCAL_OUT/nat don't know if -+ * the destination device will be a bridge. */ -+ if (!(nf_bridge = skb->nf_bridge)) { -+ /* Return MATCH if the invert flags of the used options are on */ -+ if ((info->bitmask & IPT_PHYSDEV_OP_BRIDGED) && -+ !(info->invert & IPT_PHYSDEV_OP_BRIDGED)) -+ return NOMATCH; -+ if ((info->bitmask & IPT_PHYSDEV_OP_ISIN) && -+ !(info->invert & IPT_PHYSDEV_OP_ISIN)) -+ return NOMATCH; -+ if ((info->bitmask & IPT_PHYSDEV_OP_ISOUT) && -+ !(info->invert & IPT_PHYSDEV_OP_ISOUT)) -+ return NOMATCH; -+ if ((info->bitmask & IPT_PHYSDEV_OP_IN) && -+ !(info->invert & IPT_PHYSDEV_OP_IN)) -+ return NOMATCH; -+ if ((info->bitmask & IPT_PHYSDEV_OP_OUT) && -+ !(info->invert & IPT_PHYSDEV_OP_OUT)) -+ return NOMATCH; -+ return MATCH; -+ } -+ -+ /* This only makes sense in the FORWARD and POSTROUTING chains */ -+ if ((info->bitmask & IPT_PHYSDEV_OP_BRIDGED) && -+ (!!(nf_bridge->mask & BRNF_BRIDGED) ^ -+ !(info->invert & IPT_PHYSDEV_OP_BRIDGED))) -+ return NOMATCH; -+ -+ if ((info->bitmask & IPT_PHYSDEV_OP_ISIN && -+ (!nf_bridge->physindev ^ !!(info->invert & IPT_PHYSDEV_OP_ISIN))) || -+ (info->bitmask & IPT_PHYSDEV_OP_ISOUT && -+ (!nf_bridge->physoutdev ^ !!(info->invert & IPT_PHYSDEV_OP_ISOUT)))) -+ return NOMATCH; -+ -+ if (!(info->bitmask & IPT_PHYSDEV_OP_IN)) -+ goto match_outdev; -+ indev = nf_bridge->physindev ? nf_bridge->physindev->name : nulldevname; -+ for (i = 0, ret = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) { -+ ret |= (((const unsigned long *)indev)[i] -+ ^ ((const unsigned long *)info->physindev)[i]) -+ & ((const unsigned long *)info->in_mask)[i]; -+ } -+ -+ if ((ret == 0) ^ !(info->invert & IPT_PHYSDEV_OP_IN)) -+ return NOMATCH; -+ -+match_outdev: -+ if (!(info->bitmask & IPT_PHYSDEV_OP_OUT)) -+ return MATCH; -+ outdev = nf_bridge->physoutdev ? -+ nf_bridge->physoutdev->name : nulldevname; -+ for (i = 0, ret = 0; i < IFNAMSIZ/sizeof(unsigned long); i++) { -+ ret |= (((const unsigned long *)outdev)[i] -+ ^ ((const unsigned long *)info->physoutdev)[i]) -+ & ((const unsigned long *)info->out_mask)[i]; -+ } -+ -+ return (ret != 0) ^ !(info->invert & IPT_PHYSDEV_OP_OUT); -+} -+ -+static int -+checkentry(const char *tablename, -+ const struct ipt_ip *ip, -+ void *matchinfo, -+ unsigned int matchsize, -+ unsigned int hook_mask) -+{ -+ const struct ipt_physdev_info *info = matchinfo; -+ -+ if (matchsize != IPT_ALIGN(sizeof(struct ipt_physdev_info))) -+ return 0; -+ if (!(info->bitmask & IPT_PHYSDEV_OP_MASK) || -+ info->bitmask & ~IPT_PHYSDEV_OP_MASK) -+ return 0; -+ return 1; -+} -+ -+static struct ipt_match physdev_match = { -+ .name = "physdev", -+ .match = &match, -+ .checkentry = &checkentry, -+ .me = THIS_MODULE, -+}; -+ -+static int __init init(void) -+{ -+ return ipt_register_match(&physdev_match); -+} -+ -+static void __exit fini(void) -+{ -+ ipt_unregister_match(&physdev_match); -+} -+ -+module_init(init); -+module_exit(fini); -+MODULE_LICENSE("GPL"); -+EXPORT_NO_SYMBOLS; ---- /dev/null Thu Aug 24 11:00:32 2000 -+++ linux-2.4.21-ebt-brnf-3/include/linux/netfilter_ipv4/ipt_physdev.h Fri Aug 8 01:09:06 2003 -@@ -0,0 +1,24 @@ -+#ifndef _IPT_PHYSDEV_H -+#define _IPT_PHYSDEV_H -+ -+#ifdef __KERNEL__ -+#include <linux/if.h> -+#endif -+ -+#define IPT_PHYSDEV_OP_IN 0x01 -+#define IPT_PHYSDEV_OP_OUT 0x02 -+#define IPT_PHYSDEV_OP_BRIDGED 0x04 -+#define IPT_PHYSDEV_OP_ISIN 0x08 -+#define IPT_PHYSDEV_OP_ISOUT 0x10 -+#define IPT_PHYSDEV_OP_MASK (0x20 - 1) -+ -+struct ipt_physdev_info { -+ u_int8_t invert; -+ u_int8_t bitmask; -+ char physindev[IFNAMSIZ]; -+ char in_mask[IFNAMSIZ]; -+ char physoutdev[IFNAMSIZ]; -+ char out_mask[IFNAMSIZ]; -+}; -+ -+#endif /*_IPT_PHYSDEV_H*/ diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/150-mppe-mppc-0.98.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/150-mppe-mppc-0.98.patch deleted file mode 100644 index 24fad5a..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/patches/150-mppe-mppc-0.98.patch +++ /dev/null @@ -1,1884 +0,0 @@ -diff -ruN linux-2.4.21.orig/drivers/net/Config.in linux-2.4.21/drivers/net/Config.in ---- linux-2.4.21.orig/drivers/net/Config.in 2003-06-13 16:51:34.000000000 +0200 -+++ linux-2.4.21/drivers/net/Config.in 2003-07-08 07:27:10.000000000 +0200 -@@ -301,6 +301,7 @@ - dep_tristate ' PPP support for sync tty ports' CONFIG_PPP_SYNC_TTY $CONFIG_PPP - dep_tristate ' PPP Deflate compression' CONFIG_PPP_DEFLATE $CONFIG_PPP - dep_tristate ' PPP BSD-Compress compression' CONFIG_PPP_BSDCOMP $CONFIG_PPP -+ dep_tristate ' Microsoft PPP compression/encryption (MPPC/MPPE)' CONFIG_PPP_MPPE $CONFIG_PPP - if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then - dep_tristate ' PPP over Ethernet (EXPERIMENTAL)' CONFIG_PPPOE $CONFIG_PPP - fi -diff -ruN linux-2.4.21.orig/drivers/net/Makefile linux-2.4.21/drivers/net/Makefile ---- linux-2.4.21.orig/drivers/net/Makefile 2003-06-13 16:51:34.000000000 +0200 -+++ linux-2.4.21/drivers/net/Makefile 2003-07-14 23:53:15.000000000 +0200 -@@ -18,8 +18,9 @@ - export-objs := 8390.o arlan.o aironet4500_core.o aironet4500_card.o \ - ppp_async.o ppp_generic.o slhc.o pppox.o auto_irq.o \ - net_init.o mii.o --list-multi := rcpci.o -+list-multi := rcpci.o ppp_mppe_mppc.o - rcpci-objs := rcpci45.o rclanmtl.o -+ppp_mppe_c-objs := ppp_mppe_mppc_comp.o ppp_mppe_crypto.o - - ifeq ($(CONFIG_TULIP),y) - obj-y += tulip/tulip.o -@@ -149,6 +150,15 @@ - obj-$(CONFIG_PPP_SYNC_TTY) += ppp_synctty.o - obj-$(CONFIG_PPP_DEFLATE) += ppp_deflate.o - obj-$(CONFIG_PPP_BSDCOMP) += bsd_comp.o -+ -+ifeq ($(CONFIG_PPP_MPPE),y) -+ obj-y += $(ppp_mppe_c-objs) -+else -+ ifeq ($(CONFIG_PPP_MPPE),m) -+ obj-m += ppp_mppe_mppc.o -+ endif -+endif -+ - obj-$(CONFIG_PPPOE) += pppox.o pppoe.o - - obj-$(CONFIG_SLIP) += slip.o -@@ -258,3 +268,5 @@ - rcpci.o: $(rcpci-objs) - $(LD) -r -o $@ $(rcpci-objs) - -+ppp_mppe_mppc.o: $(ppp_mppe_c-objs) -+ $(LD) -r -o $@ $(ppp_mppe_c-objs) -diff -ruN linux-2.4.21.orig/drivers/net/ppp_generic.c linux-2.4.21/drivers/net/ppp_generic.c ---- linux-2.4.21.orig/drivers/net/ppp_generic.c 2003-06-13 16:51:35.000000000 +0200 -+++ linux-2.4.21/drivers/net/ppp_generic.c 2003-07-12 04:39:03.000000000 +0200 -@@ -19,7 +19,7 @@ - * PPP driver, written by Michael Callahan and Al Longyear, and - * subsequently hacked by Paul Mackerras. - * -- * ==FILEVERSION 20020217== -+ * ==FILEVERSION 20030706== - */ - - #include <linux/config.h> -@@ -102,6 +102,7 @@ - spinlock_t rlock; /* lock for receive side 58 */ - spinlock_t wlock; /* lock for transmit side 5c */ - int mru; /* max receive unit 60 */ -+ int mru_alloc; /* MAX(1500,MRU) for dev_alloc_skb() */ - unsigned int flags; /* control bits 64 */ - unsigned int xstate; /* transmit state bits 68 */ - unsigned int rstate; /* receive state bits 6c */ -@@ -129,6 +130,7 @@ - struct sock_fprog pass_filter; /* filter for packets to pass */ - struct sock_fprog active_filter;/* filter for pkts to reset idle */ - #endif /* CONFIG_PPP_FILTER */ -+ int xpad; /* ECP or CCP (MPPE) transmit padding */ - }; - - /* -@@ -552,7 +554,9 @@ - case PPPIOCSMRU: - if (get_user(val, (int *) arg)) - break; -- ppp->mru = val; -+ ppp->mru_alloc = ppp->mru = val; -+ if (ppp->mru_alloc < PPP_MRU) -+ ppp->mru_alloc = PPP_MRU; /* increase for broken peers */ - err = 0; - break; - -@@ -1023,14 +1027,35 @@ - case PPP_CCP: - /* peek at outbound CCP frames */ - ppp_ccp_peek(ppp, skb, 0); -+ /* -+ * When LZS or MPPE/MPPC is negotiated we don't send -+ * CCP_RESETACK after receiving CCP_RESETREQ; in fact pppd -+ * sends such a packet but we silently discard it here -+ */ -+ if (CCP_CODE(skb->data+2) == CCP_RESETACK -+ && (ppp->xcomp->compress_proto == CI_MPPE -+ || ppp->xcomp->compress_proto == CI_LZS)) { -+ --ppp->stats.tx_packets; -+ ppp->stats.tx_bytes -= skb->len - 2; -+ kfree_skb(skb); -+ return; -+ } - break; - } - - /* try to do packet compression */ - if ((ppp->xstate & SC_COMP_RUN) && ppp->xc_state != 0 - && proto != PPP_LCP && proto != PPP_CCP) { -- new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len, -- GFP_ATOMIC); -+ int comp_ovhd = 0; -+ /* because of possible data expansion when MPPC or LZS -+ is used, allocate compressor's buffer about 12.5% bigger -+ than MTU */ -+ if (ppp->xcomp->compress_proto == CI_MPPE) -+ comp_ovhd = (((ppp->dev->mtu * 9) / 8) + 1); -+ else if (ppp->xcomp->compress_proto == CI_LZS) -+ comp_ovhd = (((ppp->dev->mtu * 9) / 8) + 1) + LZS_OVHD; -+ new_skb = alloc_skb(ppp->dev->mtu + ppp->dev->hard_header_len -+ + ppp->xpad + comp_ovhd, GFP_ATOMIC); - if (new_skb == 0) { - printk(KERN_ERR "PPP: no memory (comp pkt)\n"); - goto drop; -@@ -1042,15 +1067,28 @@ - /* compressor still expects A/C bytes in hdr */ - len = ppp->xcomp->compress(ppp->xc_state, skb->data - 2, - new_skb->data, skb->len + 2, -- ppp->dev->mtu + PPP_HDRLEN); -+ ppp->dev->mtu + ppp->xpad -+ + PPP_HDRLEN); - if (len > 0 && (ppp->flags & SC_CCP_UP)) { - kfree_skb(skb); - skb = new_skb; - skb_put(skb, len); - skb_pull(skb, 2); /* pull off A/C bytes */ -- } else { -+ } else if (len == 0) { - /* didn't compress, or CCP not up yet */ - kfree_skb(new_skb); -+ } else { -+ /* -+ * (len < 0) -+ * MPPE requires that we do not send unencrypted -+ * frames. The compressor will return -1 if we -+ * should drop the frame. We cannot simply test -+ * the compress_proto because MPPE and MPPC share -+ * the same number. -+ */ -+ printk(KERN_ERR "ppp: compressor dropped pkt\n"); -+ kfree_skb(new_skb); -+ goto drop; - } - } - -@@ -1538,14 +1576,15 @@ - int len; - - if (proto == PPP_COMP) { -- ns = dev_alloc_skb(ppp->mru + PPP_HDRLEN); -+ ns = dev_alloc_skb(ppp->mru_alloc + PPP_HDRLEN); - if (ns == 0) { - printk(KERN_ERR "ppp_decompress_frame: no memory\n"); - goto err; - } - /* the decompressor still expects the A/C bytes in the hdr */ - len = ppp->rcomp->decompress(ppp->rc_state, skb->data - 2, -- skb->len + 2, ns->data, ppp->mru + PPP_HDRLEN); -+ skb->len + 2, ns->data, -+ ppp->mru_alloc + PPP_HDRLEN); - if (len < 0) { - /* Pass the compressed frame to pppd as an - error indication. */ -@@ -1571,7 +1610,12 @@ - return skb; - - err: -- ppp->rstate |= SC_DC_ERROR; -+ if (ppp->rcomp->compress_proto != CI_MPPE -+ && ppp->rcomp->compress_proto != CI_LZS) { -+ /* If decompression protocol isn't MPPE/MPPC or LZS, we set -+ SC_DC_ERROR flag and wait for CCP_RESETACK */ -+ ppp->rstate |= SC_DC_ERROR; -+ } - ppp_receive_error(ppp); - return skb; - } -@@ -1980,6 +2024,20 @@ - ocomp->comp_free(ostate); - err = 0; - } -+ if (ccp_option[0] == CI_MPPE) -+ /* -+ * pppd (userland) has reduced the MTU by MPPE_PAD, -+ * to accomodate "compressor" growth. We must -+ * increase the space allocated for compressor -+ * output in ppp_send_frame() accordingly. Note -+ * that from a purist's view, it may be more correct -+ * to require multilink and fragment large packets, -+ * but that seems inefficient compared to this -+ * little trick. -+ */ -+ ppp->xpad = MPPE_PAD; -+ else -+ ppp->xpad = 0; - - } else { - state = cp->decomp_alloc(ccp_option, data.length); -@@ -2251,6 +2309,7 @@ - /* Initialize the new ppp unit */ - ppp->file.index = unit; - ppp->mru = PPP_MRU; -+ ppp->mru_alloc = PPP_MRU; - init_ppp_file(&ppp->file, INTERFACE); - ppp->file.hdrlen = PPP_HDRLEN - 2; /* don't count proto bytes */ - for (i = 0; i < NUM_NP; ++i) -diff -ruN linux-2.4.21.orig/drivers/net/ppp_mppe_crypto.c linux-2.4.21/drivers/net/ppp_mppe_crypto.c ---- linux-2.4.21.orig/drivers/net/ppp_mppe_crypto.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.21/drivers/net/ppp_mppe_crypto.c 2003-07-08 19:07:18.000000000 +0200 -@@ -0,0 +1,257 @@ -+/* -+ * ppp_mppe_crypto.c - cryptografic funtions for MPPE -+ * -+ * This code is Public Domain. Please see comments below. -+ * -+ * I have just put SHA1 and ARCFOUR implementations into one file -+ * in order to not pollute kernel namespace. -+ * -+ * Jan Dubiec <jdx@slackware.pl>, 2003-07-08 -+ */ -+ -+/* -+ * ftp://ftp.funet.fi/pub/crypt/hash/sha/sha1.c -+ * -+ * SHA-1 in C -+ * By Steve Reid <steve@edmweb.com> -+ * 100% Public Domain -+ * -+ * Test Vectors (from FIPS PUB 180-1) -+ * "abc" -+ * A9993E36 4706816A BA3E2571 7850C26C 9CD0D89D -+ * "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq" -+ * 84983E44 1C3BD26E BAAE4AA1 F95129E5 E54670F1 -+ * A million repetitions of "a" -+ * 34AA973C D4C4DAA4 F61EEB2B DBAD2731 6534016F -+ */ -+ -+/* #define SHA1HANDSOFF * Copies data before messing with it. */ -+ -+#if defined(__linux__) -+#include <asm/byteorder.h> -+#include <linux/string.h> -+#elif defined(__solaris__) -+#include <sys/isa_defs.h> -+#include <sys/ddi.h> -+#include <sys/sunddi.h> -+#define memcpy(d, s, c) bcopy(s, d, c) -+#define memset(d, b, c) bzero(d, c) -+#endif -+ -+#include "ppp_mppe_crypto.h" -+ -+static void SHA1_Transform(unsigned long[5], const unsigned char[64]); -+ -+#define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) -+ -+/* blk0() and blk() perform the initial expand. */ -+/* I got the idea of expanding during the round function from SSLeay */ -+#if defined(__LITTLE_ENDIAN) || defined(_LITTLE_ENDIAN) -+#define blk0(i) (block->l[i] = (rol(block->l[i],24)&0xFF00FF00) \ -+ |(rol(block->l[i],8)&0x00FF00FF)) -+#elif defined(__BIG_ENDIAN) || defined(_BIG_ENDIAN) -+#define blk0(i) block->l[i] -+#else -+#error Endianness not defined -+#endif -+#define blk(i) (block->l[i&15] = rol(block->l[(i+13)&15]^block->l[(i+8)&15] \ -+ ^block->l[(i+2)&15]^block->l[i&15],1)) -+ -+/* (R0+R1), R2, R3, R4 are the different operations used in SHA1 */ -+#define R0(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk0(i)+0x5A827999+rol(v,5);w=rol(w,30); -+#define R1(v,w,x,y,z,i) z+=((w&(x^y))^y)+blk(i)+0x5A827999+rol(v,5);w=rol(w,30); -+#define R2(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0x6ED9EBA1+rol(v,5);w=rol(w,30); -+#define R3(v,w,x,y,z,i) z+=(((w|x)&y)|(w&x))+blk(i)+0x8F1BBCDC+rol(v,5);w=rol(w,30); -+#define R4(v,w,x,y,z,i) z+=(w^x^y)+blk(i)+0xCA62C1D6+rol(v,5);w=rol(w,30); -+ -+/* Hash a single 512-bit block. This is the core of the algorithm. */ -+static void -+SHA1_Transform(unsigned long state[5], const unsigned char buffer[64]) -+{ -+ unsigned long a, b, c, d, e; -+ typedef union { -+ unsigned char c[64]; -+ unsigned long l[16]; -+ } CHAR64LONG16; -+ CHAR64LONG16 *block; -+ -+#ifdef SHA1HANDSOFF -+ static unsigned char workspace[64]; -+ block = (CHAR64LONG16 *) workspace; -+ memcpy(block, buffer, 64); -+#else -+ block = (CHAR64LONG16 *) buffer; -+#endif -+ /* Copy context->state[] to working vars */ -+ a = state[0]; -+ b = state[1]; -+ c = state[2]; -+ d = state[3]; -+ e = state[4]; -+ /* 4 rounds of 20 operations each. Loop unrolled. */ -+ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); -+ R0(b,c,d,e,a, 4); R0(a,b,c,d,e, 5); R0(e,a,b,c,d, 6); R0(d,e,a,b,c, 7); -+ R0(c,d,e,a,b, 8); R0(b,c,d,e,a, 9); R0(a,b,c,d,e,10); R0(e,a,b,c,d,11); -+ R0(d,e,a,b,c,12); R0(c,d,e,a,b,13); R0(b,c,d,e,a,14); R0(a,b,c,d,e,15); -+ R1(e,a,b,c,d,16); R1(d,e,a,b,c,17); R1(c,d,e,a,b,18); R1(b,c,d,e,a,19); -+ R2(a,b,c,d,e,20); R2(e,a,b,c,d,21); R2(d,e,a,b,c,22); R2(c,d,e,a,b,23); -+ R2(b,c,d,e,a,24); R2(a,b,c,d,e,25); R2(e,a,b,c,d,26); R2(d,e,a,b,c,27); -+ R2(c,d,e,a,b,28); R2(b,c,d,e,a,29); R2(a,b,c,d,e,30); R2(e,a,b,c,d,31); -+ R2(d,e,a,b,c,32); R2(c,d,e,a,b,33); R2(b,c,d,e,a,34); R2(a,b,c,d,e,35); -+ R2(e,a,b,c,d,36); R2(d,e,a,b,c,37); R2(c,d,e,a,b,38); R2(b,c,d,e,a,39); -+ R3(a,b,c,d,e,40); R3(e,a,b,c,d,41); R3(d,e,a,b,c,42); R3(c,d,e,a,b,43); -+ R3(b,c,d,e,a,44); R3(a,b,c,d,e,45); R3(e,a,b,c,d,46); R3(d,e,a,b,c,47); -+ R3(c,d,e,a,b,48); R3(b,c,d,e,a,49); R3(a,b,c,d,e,50); R3(e,a,b,c,d,51); -+ R3(d,e,a,b,c,52); R3(c,d,e,a,b,53); R3(b,c,d,e,a,54); R3(a,b,c,d,e,55); -+ R3(e,a,b,c,d,56); R3(d,e,a,b,c,57); R3(c,d,e,a,b,58); R3(b,c,d,e,a,59); -+ R4(a,b,c,d,e,60); R4(e,a,b,c,d,61); R4(d,e,a,b,c,62); R4(c,d,e,a,b,63); -+ R4(b,c,d,e,a,64); R4(a,b,c,d,e,65); R4(e,a,b,c,d,66); R4(d,e,a,b,c,67); -+ R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); -+ R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); -+ R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); -+ /* Add the working vars back into context.state[] */ -+ state[0] += a; -+ state[1] += b; -+ state[2] += c; -+ state[3] += d; -+ state[4] += e; -+ /* Wipe variables */ -+ a = b = c = d = e = 0; -+} -+ -+/* SHA1Init - Initialize new context */ -+void -+SHA1_Init(SHA1_CTX *context) -+{ -+ /* SHA1 initialization constants */ -+ context->state[0] = 0x67452301; -+ context->state[1] = 0xEFCDAB89; -+ context->state[2] = 0x98BADCFE; -+ context->state[3] = 0x10325476; -+ context->state[4] = 0xC3D2E1F0; -+ context->count[0] = context->count[1] = 0; -+} -+ -+/* Run your data through this. */ -+void -+SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len) -+{ -+ unsigned int i, j; -+ -+ j = (context->count[0] >> 3) & 63; -+ if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; -+ context->count[1] += (len >> 29); -+ if ((j + len) > 63) { -+ memcpy(&context->buffer[j], data, (i = 64-j)); -+ SHA1_Transform(context->state, context->buffer); -+ for ( ; i + 63 < len; i += 64) { -+ SHA1_Transform(context->state, &data[i]); -+ } -+ j = 0; -+ } -+ else -+ i = 0; -+ -+ memcpy(&context->buffer[j], &data[i], len - i); -+} -+ -+/* Add padding and return the message digest. */ -+void -+SHA1_Final(unsigned char digest[20], SHA1_CTX *context) -+{ -+ unsigned long i, j; -+ unsigned char finalcount[8]; -+ -+ for (i = 0; i < 8; i++) { -+ finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] -+ >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ -+ } -+ SHA1_Update(context, (unsigned char *) "\200", 1); -+ while ((context->count[0] & 504) != 448) { -+ SHA1_Update(context, (unsigned char *) "\0", 1); -+ } -+ SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ -+ for (i = 0; i < 20; i++) { -+ digest[i] = (unsigned char) -+ ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); -+ } -+ /* Wipe variables */ -+ i = j = 0; -+ memset(context->buffer, 0, 64); -+ memset(context->state, 0, 20); -+ memset(context->count, 0, 8); -+ memset(&finalcount, 0, 8); -+#ifdef SHA1HANDSOFF /* make SHA1Transform overwrite it's own static vars */ -+ SHA1Transform(context->state, context->buffer); -+#endif -+} -+ -+/* -+ * arcfour.c -+ * by Frank Cusack <frank@google.com> -+ * 100% public domain -+ * -+ * Implemented from the description in _Applied Cryptography_, 2nd ed. -+ * -+ * ** Distribution ** of this software is unlimited and unrestricted. -+ * -+ * ** Use ** of this software is almost certainly legal; however, refer -+ * to <http://theory.lcs.mit.edu/~rivest/faq.html>. -+ */ -+ -+#define swap(a, b) \ -+{ \ -+ unsigned char t = b; \ -+ b = a; \ -+ a = t; \ -+} -+ -+/* -+ * Initialize arcfour from a key. -+ */ -+void -+arcfour_setkey(arcfour_context *context, const unsigned char *key, -+ unsigned keylen) -+{ -+ unsigned i, j; -+ unsigned char K[256]; -+ -+ context->i = context->j = 0; -+ -+ for (i = 0; i < 256; i++) { -+ context->S[i] = i; -+ K[i] = key[i % keylen]; -+ } -+ -+ j = 0; -+ for (i = 0; i < 256; i++) { -+ j = (j + context->S[i] + K[i]) % 256; -+ swap(context->S[i], context->S[j]); -+ } -+ -+ memset(K, 0, sizeof(K)); -+} -+ -+/* -+ * plaintext -> ciphertext (or vice versa) -+ */ -+void -+arcfour_encrypt(arcfour_context *context, const unsigned char *in, unsigned len, -+ unsigned char *out) -+{ -+ unsigned i = context->i; -+ unsigned j = context->j; -+ unsigned char *S = context->S; -+ unsigned char K; -+ -+ while (len--) { -+ i = (i + 1) % 256; -+ j = (j + S[i]) % 256; -+ swap(S[i], S[j]); -+ K = S[(S[i] + S[j]) % 256]; -+ *out++ = *in++ ^ K; -+ } -+ -+ context->i = i; -+ context->j = j; -+} -diff -ruN linux-2.4.21.orig/drivers/net/ppp_mppe_crypto.h linux-2.4.21/drivers/net/ppp_mppe_crypto.h ---- linux-2.4.21.orig/drivers/net/ppp_mppe_crypto.h 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.21/drivers/net/ppp_mppe_crypto.h 2003-07-08 19:07:25.000000000 +0200 -@@ -0,0 +1,40 @@ -+/* -+ * ppp_mppe_crypto.h - cryptografic funtion prototypes for MPPE -+ * -+ * This code is Public Domain. Please see comments below. -+ * -+ * I have just put SHA1 and ARCFOUR declarations into one file -+ * in order to not pollute kernel namespace. -+ * -+ * Jan Dubiec <jdx@slackware.pl>, 2003-07-08 -+ */ -+ -+#ifndef _PPP_MPPE_CRYPTO_ -+#define _PPP_MPPE_CRYPTO_ -+ -+/* SHA1 definitions and prototypes */ -+typedef struct { -+ unsigned long state[5]; -+ unsigned long count[2]; -+ unsigned char buffer[64]; -+} SHA1_CTX; -+ -+#define SHA1_SIGNATURE_SIZE 20 -+ -+extern void SHA1_Init(SHA1_CTX *); -+extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int); -+extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *); -+ -+/* ARCFOUR (aka RC4) definitions and prototypes */ -+typedef struct { -+ unsigned i; -+ unsigned j; -+ unsigned char S[256]; -+} arcfour_context; -+ -+extern void arcfour_setkey(arcfour_context *, const unsigned char *, unsigned); -+extern void arcfour_encrypt(arcfour_context *, const unsigned char *, unsigned, -+ unsigned char *); -+#define arcfour_decrypt arcfour_encrypt -+ -+#endif /* _PPP_MPPE_CRYPTO_ */ -diff -ruN linux-2.4.21.orig/drivers/net/ppp_mppe_mppc_comp.c linux-2.4.21/drivers/net/ppp_mppe_mppc_comp.c ---- linux-2.4.21.orig/drivers/net/ppp_mppe_mppc_comp.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.21/drivers/net/ppp_mppe_mppc_comp.c 2003-08-07 22:36:59.000000000 +0200 -@@ -0,0 +1,1144 @@ -+/* -+ * ppp_mppe_mppc_comp.c - MPPC/MPPE "compressor/decompressor" module. -+ * -+ * Copyright (c) 1994 Árpád Magosányi <mag@bunuel.tii.matav.hu> -+ * Copyright (c) 1999 Tim Hockin, Cobalt Networks Inc. <thockin@cobaltnet.com> -+ * Copyright (c) 2002, 2003 Jan Dubiec <jdx@slackware.pl> -+ * -+ * Permission to use, copy, modify, and distribute this software and its -+ * documentation is hereby granted, provided that the above copyright -+ * notice appears in all copies. This software is provided without any -+ * warranty, express or implied. -+ * -+ * The code is based on MPPE kernel module written by Árpád Magosányi and -+ * Tim Hockin which can be found on http://planetmirror.com/pub/mppe/. -+ * I have added MPPC and 56 bit session keys support in MPPE. -+ * -+ * WARNING! Although this is open source code, its usage in some countries -+ * (in particular in the USA) may violate Stac Inc. patent for MPPC. -+ * -+ * Compile command: -+ * gcc -O2 -Wall -I/usr/src/linux/include -D__KERNEL__ -DMODULE -c ppp_mppe_mppc_comp.c -+ * -+ * ==FILEVERSION 20030807== -+ * -+ */ -+ -+#include <linux/module.h> -+#include <linux/slab.h> -+#include <linux/vmalloc.h> -+#include <linux/init.h> -+ -+#include <linux/ppp_defs.h> -+#include <linux/ppp-comp.h> -+ -+#include "ppp_mppe_crypto.h" -+ -+/* -+ * State for a mppc/mppe "(de)compressor". -+ */ -+struct ppp_mppe_state { -+ arcfour_context arcfour_context; -+ u8 master_key[MPPE_MAX_KEY_LEN]; -+ u8 session_key[MPPE_MAX_KEY_LEN]; -+ u8 mppc; /* do we use compression (MPPC)? */ -+ u8 mppe; /* do we use encryption (MPPE)? */ -+ u8 keylen; /* key length in bytes */ -+ u8 bitkeylen; /* key length in bits */ -+ u16 ccount; /* coherency counter */ -+ u16 bits; /* MPPC/MPPE control bits */ -+ u8 stateless; /* do we use stateless mode? */ -+ u8 nextflushed; /* set A bit in the next outgoing packet; -+ used only by compressor*/ -+ u8 flushexpected; /* drop packets until A bit is received; -+ used only by decompressor*/ -+ u8 *hist; /* MPPC history */ -+ u16 *hash; /* Hash table; used only by compressor */ -+ u16 histptr; /* history "cursor" */ -+ int unit; -+ int debug; -+ int mru; -+ struct compstat stats; -+}; -+ -+#define MPPE_OVHD 2 /* MPPE overhead */ -+#define MPPE_HIST_LEN 8192 /* MPPC history size */ -+#define MPPE_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ -+ -+#define MPPE_BIT_FLUSHED 0x80 /* bit A */ -+#define MPPE_BIT_RESET 0x40 /* bit B */ -+#define MPPE_BIT_COMP 0x20 /* bit C */ -+#define MPPE_BIT_ENCRYPTED 0x10 /* bit D */ -+ -+#define MPPE_SALT0 0xD1 /* values used in MPPE key derivation */ -+#define MPPE_SALT1 0x26 /* according to RFC3079 */ -+#define MPPE_SALT2 0x9E -+ -+#define MPPE_CCOUNT(x) ((((x)[4] & 0x0f) << 8) + (x)[5]) -+#define MPPE_BITS(x) ((x)[4] & 0xf0) -+#define MPPE_CTRLHI(x) ((((x)->ccount & 0xf00)>>8)|((x)->bits)) -+#define MPPE_CTRLLO(x) ((x)->ccount & 0xff) -+ -+/* -+ * Key Derivation, from RFC 3078, RFC 3079. -+ * Equivalent to Get_Key() for MS-CHAP as described in RFC 3079. -+ */ -+static void -+GetNewKeyFromSHA(unsigned char *MasterKey, unsigned char *SessionKey, -+ unsigned long SessionKeyLength, unsigned char *InterimKey) -+{ -+ /*Pads used in key derivation */ -+ static unsigned char SHAPad1[40] = -+ { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, -+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; -+ -+ static unsigned char SHAPad2[40] = -+ { 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, -+ 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, -+ 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, -+ 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2, 0xF2 }; -+ -+ SHA1_CTX Context; -+ unsigned char Digest[SHA1_SIGNATURE_SIZE]; -+ -+ SHA1_Init(&Context); -+ SHA1_Update(&Context, MasterKey, SessionKeyLength); -+ SHA1_Update(&Context, SHAPad1, sizeof(SHAPad1)); -+ SHA1_Update(&Context, SessionKey, SessionKeyLength); -+ SHA1_Update(&Context, SHAPad2, sizeof(SHAPad2)); -+ SHA1_Final(Digest,&Context); -+ memcpy(InterimKey, Digest, SessionKeyLength); -+} -+ -+static void -+mppe_change_key(struct ppp_mppe_state *state, int initialize) -+{ -+ unsigned char InterimKey[MPPE_MAX_KEY_LEN]; -+ -+ GetNewKeyFromSHA(state->master_key, state->session_key, -+ state->keylen, InterimKey); -+ if (initialize) { -+ memcpy(state->session_key, InterimKey, state->keylen); -+ } else { -+ arcfour_setkey(&state->arcfour_context, InterimKey, state->keylen); -+ arcfour_encrypt(&state->arcfour_context, InterimKey, state->keylen, -+ state->session_key); -+ } -+ if (state->keylen == 8) { -+ if (state->bitkeylen == 40) { -+ state->session_key[0] = MPPE_SALT0; -+ state->session_key[1] = MPPE_SALT1; -+ state->session_key[2] = MPPE_SALT2; -+ } else { -+ state->session_key[0] = MPPE_SALT0; -+ } -+ } -+ arcfour_setkey(&state->arcfour_context, state->session_key, state->keylen); -+} -+ -+/* increase 12-bit coherency counter */ -+static inline void -+mppe_increase_ccount(struct ppp_mppe_state *state) -+{ -+ state->ccount = (state->ccount + 1) & MPPE_MAX_CCOUNT; -+ if (state->mppe) { -+ if (state->stateless) { -+ mppe_change_key(state, 0); -+ state->nextflushed = 1; -+ } else { -+ if ((state->ccount & 0xff) == 0xff) { -+ mppe_change_key(state, 0); -+ state->nextflushed = 1; -+ } -+ } -+ } -+} -+ -+/* allocate space for a MPPE/MPPC (de)compressor. */ -+/* comp != 0 -> init compressor */ -+/* comp = 0 -> init decompressor */ -+static void * -+mppe_alloc(unsigned char *options, int opt_len, int comp) -+{ -+ struct ppp_mppe_state *state; -+ u8* fname; -+ -+ fname = comp ? "mppe_comp_alloc" : "mppe_decomp_alloc"; -+ -+ /* -+ Hack warning - additionally to the standard MPPC/MPPE configuration -+ options, pppd passes to the (de)copressor 8 or 16 byte session key. -+ Therefore options[1] contains MPPC/MPPE configuration option length -+ (CILEN_MPPE = 6), but the real options length, depending on the key -+ length, is 6+8 or 6+16. -+ */ -+ if (opt_len < CILEN_MPPE) { -+ printk(KERN_WARNING "%s: wrong options length: %u\n", fname, opt_len); -+ return NULL; -+ } -+ -+ if (options[0] != CI_MPPE || options[1] != CILEN_MPPE || -+ (options[2] & ~MPPE_STATELESS) != 0 || -+ options[3] != 0 || options[4] != 0 || -+ (options[5] & ~(MPPE_128BIT|MPPE_56BIT|MPPE_40BIT|MPPE_MPPC)) != 0 || -+ (options[5] & (MPPE_128BIT|MPPE_56BIT|MPPE_40BIT|MPPE_MPPC)) == 0) { -+ printk(KERN_WARNING "%s: options rejected: o[0]=%02x, o[1]=%02x, " -+ "o[2]=%02x, o[3]=%02x, o[4]=%02x, o[5]=%02x\n", fname, options[0], -+ options[1], options[2], options[3], options[4], options[5]); -+ return NULL; -+ } -+ -+ state = (struct ppp_mppe_state *)kmalloc(sizeof(*state), GFP_KERNEL); -+ if (state == NULL) { -+ printk(KERN_ERR "%s: cannot allocate space for %scompressor\n", fname, -+ comp ? "" : "de"); -+ return NULL; -+ } -+ memset(state, 0, sizeof(struct ppp_mppe_state)); -+ -+ state->mppc = options[5] & MPPE_MPPC; /* Do we use MPPC? */ -+ state->mppe = options[5] & (MPPE_128BIT | MPPE_56BIT | -+ MPPE_40BIT); /* Do we use MPPE? */ -+ -+ if (state->mppc) { -+ /* allocate MPPC history */ -+ state->hist = (u8*)vmalloc(2*MPPE_HIST_LEN*sizeof(u8)); -+ if (state->hist == NULL) { -+ kfree(state); -+ printk(KERN_ERR "%s: cannot allocate space for MPPC history\n", -+ fname); -+ return NULL; -+ } -+ -+ /* allocate hashtable for MPPC compressor */ -+ if (comp) { -+ state->hash = (u16*)vmalloc(MPPE_HIST_LEN*sizeof(u16)); -+ if (state->hash == NULL) { -+ vfree(state->hist); -+ kfree(state); -+ printk(KERN_ERR "%s: cannot allocate space for MPPC history\n", -+ fname); -+ return NULL; -+ } -+ } -+ } -+ -+ MOD_INC_USE_COUNT; -+ -+ if (state->mppe) { /* specific for MPPE */ -+ memcpy(state->master_key, options+CILEN_MPPE, MPPE_MAX_KEY_LEN); -+ memcpy(state->session_key, state->master_key, MPPE_MAX_KEY_LEN); -+ /* initial key generation is done in mppe_init() */ -+ } -+ -+ return (void *) state; -+} -+ -+static void * -+mppe_comp_alloc(unsigned char *options, int opt_len) -+{ -+ return mppe_alloc(options, opt_len, 1); -+} -+ -+static void * -+mppe_decomp_alloc(unsigned char *options, int opt_len) -+{ -+ return mppe_alloc(options, opt_len, 0); -+} -+ -+/* cleanup the (de)compressor */ -+static void -+mppe_comp_free(void *arg) -+{ -+ struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; -+ -+ if (state != NULL) { -+ if (state->hist != NULL) -+ vfree(state->hist); -+ if (state->hash != NULL) -+ vfree(state->hash); -+ kfree(state); -+ } -+ MOD_DEC_USE_COUNT; -+} -+ -+/* init MPPC/MPPE (de)compresor */ -+/* comp != 0 -> init compressor */ -+/* comp = 0 -> init decompressor */ -+static int -+mppe_init(void *arg, unsigned char *options, int opt_len, int unit, -+ int hdrlen, int mru, int debug, int comp) -+{ -+ struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; -+ u8* fname; -+ -+ fname = comp ? "mppe_comp_init" : "mppe_decomp_init"; -+ -+ if (opt_len < CILEN_MPPE) { -+ if (debug) -+ printk(KERN_WARNING "%s: wrong options length: %u\n", -+ fname, opt_len); -+ return 0; -+ } -+ -+ if (options[0] != CI_MPPE || options[1] != CILEN_MPPE || -+ (options[2] & ~MPPE_STATELESS) != 0 || -+ options[3] != 0 || options[4] != 0 || -+ (options[5] & ~(MPPE_56BIT|MPPE_128BIT|MPPE_40BIT|MPPE_MPPC)) != 0 || -+ (options[5] & (MPPE_56BIT|MPPE_128BIT|MPPE_40BIT|MPPE_MPPC)) == 0) { -+ if (debug) -+ printk(KERN_WARNING "%s: options rejected: o[0]=%02x, o[1]=%02x, " -+ "o[2]=%02x, o[3]=%02x, o[4]=%02x, o[5]=%02x\n", fname, -+ options[0], options[1], options[2], options[3], options[4], -+ options[5]); -+ return 0; -+ } -+ -+ if ((options[5] & ~MPPE_MPPC) != MPPE_128BIT && -+ (options[5] & ~MPPE_MPPC) != MPPE_56BIT && -+ (options[5] & ~MPPE_MPPC) != MPPE_40BIT && -+ (options[5] & MPPE_MPPC) != MPPE_MPPC) { -+ if (debug) -+ printk(KERN_WARNING "%s: don't know what to do: o[5]=%02x\n", -+ fname, options[5]); -+ return 0; -+ } -+ -+ state->mppc = options[5] & MPPE_MPPC; /* Do we use MPPC? */ -+ state->mppe = options[5] & (MPPE_128BIT | MPPE_56BIT | -+ MPPE_40BIT); /* Do we use MPPE? */ -+ state->stateless = options[2] & MPPE_STATELESS; /* Do we use stateless mode? */ -+ -+ switch (state->mppe) { -+ case MPPE_40BIT: /* 40 bit key */ -+ state->keylen = 8; -+ state->bitkeylen = 40; -+ break; -+ case MPPE_56BIT: /* 56 bit key */ -+ state->keylen = 8; -+ state->bitkeylen = 56; -+ break; -+ case MPPE_128BIT: /* 128 bit key */ -+ state->keylen = 16; -+ state->bitkeylen = 128; -+ break; -+ default: -+ state->keylen = 0; -+ state->bitkeylen = 0; -+ } -+ -+ state->ccount = MPPE_MAX_CCOUNT; -+ state->bits = 0; -+ state->unit = unit; -+ state->debug = debug; -+ state->histptr = MPPE_HIST_LEN; -+ if (state->mppc) { /* reset history if MPPC was negotiated */ -+ memset(state->hist, 0, 2*MPPE_HIST_LEN*sizeof(u8)); -+ } -+ -+ if (state->mppe) { /* generate initial session keys */ -+ mppe_change_key(state, 1); -+ } -+ -+ if (comp) { /* specific for compressor */ -+ state->nextflushed = 1; -+ } else { /* specific for decompressor */ -+ state->mru = mru; -+ state->flushexpected = 1; -+ } -+ -+ return 1; -+} -+ -+static int -+mppe_comp_init(void *arg, unsigned char *options, int opt_len, int unit, -+ int hdrlen, int debug) -+{ -+ return mppe_init(arg, options, opt_len, unit, hdrlen, 0, debug, 1); -+} -+ -+ -+static int -+mppe_decomp_init(void *arg, unsigned char *options, int opt_len, int unit, -+ int hdrlen, int mru, int debug) -+{ -+ return mppe_init(arg, options, opt_len, unit, hdrlen, mru, debug, 0); -+} -+ -+static void -+mppe_comp_reset(void *arg) -+{ -+ struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg; -+ -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: resetting MPPC/MPPE compressor\n", -+ __FUNCTION__, state->unit); -+ -+ state->nextflushed = 1; -+ if (state->mppe) -+ arcfour_setkey(&state->arcfour_context, state->session_key, -+ state->keylen); -+} -+ -+static void -+mppe_decomp_reset(void *arg) -+{ -+ /* When MPPC/MPPE is in use, we shouldn't receive any CCP Reset-Ack. -+ But when we receive such a packet, we just ignore it. */ -+ return; -+} -+ -+static void -+mppe_stats(void *arg, struct compstat *stats) -+{ -+ struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg; -+ -+ *stats = state->stats; -+} -+ -+/***************************/ -+/**** Compression stuff ****/ -+/***************************/ -+/* inserts 1 to max. 8 bits into the output buffer */ -+static inline void putbits8(u8 *buf, u32 val, const u32 n, u32 *i, u32 *l) -+{ -+ buf += *i; -+ if (*l >= n) { -+ *l = (*l) - n; -+ val <<= *l; -+ *buf = *buf | (val & 0xff); -+ if (*l == 0) { -+ *l = 8; -+ (*i)++; -+ *(++buf) = 0; -+ } -+ } else { -+ (*i)++; -+ *l = 8 - n + (*l); -+ val <<= *l; -+ *buf = *buf | ((val >> 8) & 0xff); -+ *(++buf) = val & 0xff; -+ } -+} -+ -+/* inserts 9 to max. 16 bits into the output buffer */ -+static inline void putbits16(u8 *buf, u32 val, const u32 n, u32 *i, u32 *l) -+{ -+ buf += *i; -+ if (*l >= n - 8) { -+ (*i)++; -+ *l = 8 - n + (*l); -+ val <<= *l; -+ *buf = *buf | ((val >> 8) & 0xff); -+ *(++buf) = val & 0xff; -+ if (*l == 0) { -+ *l = 8; -+ (*i)++; -+ *(++buf) = 0; -+ } -+ } else { -+ (*i)++; (*i)++; -+ *l = 16 - n + (*l); -+ val <<= *l; -+ *buf = *buf | ((val >> 16) & 0xff); -+ *(++buf) = (val >> 8) & 0xff; -+ *(++buf) = val & 0xff; -+ } -+} -+ -+/* inserts 17 to max. 24 bits into the output buffer */ -+static inline void putbits24(u8 *buf, u32 val, const u32 n, u32 *i, u32 *l) -+{ -+ buf += *i; -+ if (*l >= n - 16) { -+ (*i)++; (*i)++; -+ *l = 16 - n + (*l); -+ val <<= *l; -+ *buf = *buf | ((val >> 16) & 0xff); -+ *(++buf) = (val >> 8) & 0xff; -+ *(++buf) = val & 0xff; -+ if (*l == 0) { -+ *l = 8; -+ (*i)++; -+ *(++buf) = 0; -+ } -+ } else { -+ (*i)++; (*i)++; (*i)++; -+ *l = 24 - n + (*l); -+ val <<= *l; -+ *buf = *buf | ((val >> 24) & 0xff); -+ *(++buf) = (val >> 16) & 0xff; -+ *(++buf) = (val >> 8) & 0xff; -+ *(++buf) = val & 0xff; -+ } -+} -+ -+static int -+mppc_compress(struct ppp_mppe_state *state, unsigned char *ibuf, -+ unsigned char *obuf, int isize, int osize) -+{ -+ u32 olen, off, len, idx, i, l; -+ u8 *hist, *sbuf, *p, *q, *r, *s; -+ -+ /* -+ At this point, to avoid possible buffer overflow caused by packet -+ expansion during/after compression, we should make sure that -+ osize >= (((isize*9)/8)+1)+2, but we don't do that because in -+ ppp_generic.c we just allocate bigger obuf. -+ -+ Maximum MPPC packet expansion is 12.5%. This is the worst case when -+ all octets in the input buffer are >= 0x80 and we cannot find any -+ repeated tokens. Additionally we have to reserve 2 bytes for MPPE/MPPC -+ status bits and coherency counter. -+ */ -+ -+ hist = state->hist + MPPE_HIST_LEN; -+ /* check if there is enough room at the end of the history */ -+ if (state->histptr + isize >= 2*MPPE_HIST_LEN) { -+ state->bits |= MPPE_BIT_RESET; -+ state->histptr = MPPE_HIST_LEN; -+ memcpy(state->hist, hist, MPPE_HIST_LEN); -+ } -+ /* add packet to the history; isize must be <= MPPE_HIST_LEN */ -+ sbuf = state->hist + state->histptr; -+ memcpy(sbuf, ibuf, isize); -+ state->histptr += isize; -+ -+ /* compress data */ -+ r = sbuf + isize; -+ *obuf = olen = i = 0; -+ l = 8; -+ while (i < isize - 2) { -+ s = q = sbuf + i; -+ idx = ((40542*((((s[0]<<4)^s[1])<<4)^s[2]))>>4) & 0x1FFF; -+ p = hist + state->hash[idx]; -+ state->hash[idx] = (u16) (s - hist); -+ off = s - p; -+ if (off > 8191 || off < 1 || *p++ != *s++ || *p++ != *s++ || *p++ != *s++) -+ goto literal; -+ if (r - q >= 64) { -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || *p++ != *s++ || -+ *p++ != *s++; -+ if (s - q == 64) { -+ p--; s--; -+ while((*p++ == *s++) && (s < r)); -+ } -+ } else { -+ while((*p++ == *s++) && (s < r)); -+ } -+ len = s - q - 1; -+ i += len; -+ -+ /* at least 3 character match found; code data */ -+ /* encode offset */ -+ if (off < 64) { /* 10-bit offset; 0 <= offset < 64 */ -+ putbits16(obuf, 0x3c0|off, 10, &olen, &l); -+ } else if (off < 320) { /* 12-bit offset; 64 <= offset < 320 */ -+ putbits16(obuf, 0xe00|(off-64), 12, &olen, &l); -+ } else if (off < 8192) { /* 16-bit offset; 320 <= offset < 8192 */ -+ putbits16(obuf, 0xc000|(off-320), 16, &olen, &l); -+ } else { -+ /* This shouldn't happen; we return 0 what means "packet expands", -+ and we send packet uncompressed. */ -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: wrong offset value: %d\n", -+ __FUNCTION__, state->unit, off); -+ return 0; -+ } -+ /* encode length of match */ -+ if (len < 4) { /* length = 3 */ -+ putbits8(obuf, 0, 1, &olen, &l); -+ } else if (len < 8) { /* 4 <= length < 8 */ -+ putbits8(obuf, 0x08|(len&0x03), 4, &olen, &l); -+ } else if (len < 16) { /* 8 <= length < 16 */ -+ putbits8(obuf, 0x30|(len&0x07), 6, &olen, &l); -+ } else if (len < 32) { /* 16 <= length < 32 */ -+ putbits8(obuf, 0xe0|(len&0x0f), 8, &olen, &l); -+ } else if (len < 64) { /* 32 <= length < 64 */ -+ putbits16(obuf, 0x3c0|(len&0x1f), 10, &olen, &l); -+ } else if (len < 128) { /* 64 <= length < 128 */ -+ putbits16(obuf, 0xf80|(len&0x3f), 12, &olen, &l); -+ } else if (len < 256) { /* 128 <= length < 256 */ -+ putbits16(obuf, 0x3f00|(len&0x7f), 14, &olen, &l); -+ } else if (len < 512) { /* 256 <= length < 512 */ -+ putbits16(obuf, 0xfe00|(len&0xff), 16, &olen, &l); -+ } else if (len < 1024) { /* 512 <= length < 1024 */ -+ putbits24(obuf, 0x3fc00|(len&0x1ff), 18, &olen, &l); -+ } else if (len < 2048) { /* 1024 <= length < 2048 */ -+ putbits24(obuf, 0xff800|(len&0x3ff), 20, &olen, &l); -+ } else if (len < 4096) { /* 2048 <= length < 4096 */ -+ putbits24(obuf, 0x3ff000|(len&0x7ff), 22, &olen, &l); -+ } else if (len < 8192) { /* 4096 <= length < 8192 */ -+ putbits24(obuf, 0xffe000|(len&0xfff), 24, &olen, &l); -+ } else { -+ /* This shouldn't happen; we return 0 what means "packet expands", -+ and send packet uncompressed. */ -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: wrong length of match value: %d\n", -+ __FUNCTION__, state->unit, len); -+ return 0; -+ } -+ continue; -+ -+ literal: -+ /* no match found; encode literal byte */ -+ if (ibuf[i] < 0x80) { /* literal byte < 0x80 */ -+ putbits8(obuf, (u32) ibuf[i++], 8, &olen, &l); -+ } else { /* literal byte >= 0x80 */ -+ putbits16(obuf, (u32) (0x100|(ibuf[i++]&0x7f)), 9, &olen, &l); -+ } -+ } -+ -+ /* Add remaining octets to the output */ -+ while(isize - i > 0) { -+ if (ibuf[i] < 0x80) { /* literal byte < 0x80 */ -+ putbits8(obuf, (u32) ibuf[i++], 8, &olen, &l); -+ } else { /* literal byte >= 0x80 */ -+ putbits16(obuf, (u32) (0x100|(ibuf[i++]&0x7f)), 9, &olen, &l); -+ } -+ } -+ /* Reset unused bits of the last output octet */ -+ if ((l != 0) && (l != 8)) { -+ putbits8(obuf, 0, l, &olen, &l); -+ } -+ -+ return (int) olen; -+} -+ -+int -+mppe_compress(void *arg, unsigned char *ibuf, unsigned char *obuf, -+ int isize, int osize) -+{ -+ struct ppp_mppe_state *state = (struct ppp_mppe_state *) arg; -+ int proto, olen, complen; -+ unsigned char *wptr; -+ -+ /* Check that the protocol is in the range we handle. */ -+ proto = PPP_PROTOCOL(ibuf); -+ if (proto < 0x0021 || proto > 0x00fa) -+ return 0; -+ -+ wptr = obuf; -+ /* Copy over the PPP header */ -+ wptr[0] = PPP_ADDRESS(ibuf); -+ wptr[1] = PPP_CONTROL(ibuf); -+ wptr[2] = PPP_COMP >> 8; -+ wptr[3] = PPP_COMP; -+ wptr += PPP_HDRLEN + MPPE_OVHD; /* Leave two octets for MPPE/MPPC bits */ -+ -+ mppe_increase_ccount(state); -+ -+ if (state->nextflushed) { -+ if (!state->stateless) { -+ state->nextflushed = 0; -+ } -+ state->bits |= MPPE_BIT_FLUSHED; -+ if (state->mppc) { /* reset history */ -+ state->bits |= MPPE_BIT_RESET; -+ state->histptr = MPPE_HIST_LEN; -+ memset(state->hist + MPPE_HIST_LEN, 0, MPPE_HIST_LEN*sizeof(u8)); -+ } -+ } -+ -+ if (state->mppc && !state->mppe) { /* Do only compression */ -+ complen = mppc_compress(state, ibuf+2, wptr, isize-2, -+ osize-PPP_HDRLEN-MPPE_OVHD); -+ if ((complen > isize) || (complen == 0)) { -+ /* packet expands */ -+ state->nextflushed = 1; -+ memcpy(wptr, ibuf+2, isize-2); -+ olen = isize + (PPP_HDRLEN / 2) + MPPE_OVHD; -+ (state->stats).inc_bytes += olen; -+ (state->stats).inc_packets++; -+ } else { -+ state->bits |= MPPE_BIT_COMP; -+ olen = complen + PPP_HDRLEN + MPPE_OVHD; -+ (state->stats).comp_bytes += olen; -+ (state->stats).comp_packets++; -+ } -+ } else { -+ if (!state->mppc && state->mppe) { /* Do only encryption */ -+ /* read from ibuf, write to wptr, adjust for PPP_HDRLEN */ -+ arcfour_encrypt(&state->arcfour_context, ibuf+2, isize-2, wptr); -+ state->bits |= MPPE_BIT_ENCRYPTED; -+ olen = isize + (PPP_HDRLEN / 2) + MPPE_OVHD; -+ (state->stats).inc_bytes += olen; -+ (state->stats).inc_packets++; -+ } else { /* Do compression and then encryption - RFC3078 */ -+ complen = mppc_compress(state, ibuf+2, wptr, isize-2, -+ osize-PPP_HDRLEN-MPPE_OVHD); -+ if ((complen > isize) || (complen == 0)) { -+ /* packet expands */ -+ memcpy(wptr, ibuf+2, isize-2); -+ state->nextflushed = 1; -+ arcfour_encrypt(&state->arcfour_context, ibuf+2, isize-2, wptr); -+ olen = isize + (PPP_HDRLEN / 2) + MPPE_OVHD; -+ (state->stats).inc_bytes += olen; -+ (state->stats).inc_packets++; -+ } else { -+ state->bits |= MPPE_BIT_COMP; -+ /* Hack warning !!! RC4 implementation which we use does -+ encryption "in place" - it means that input and output -+ buffers can be *the same* memory area. Therefore we don't -+ need to use a temporary buffer. But be careful - other -+ implementations don't have to be so nice. -+ I used to use ibuf as temporary buffer here, but it led -+ packet sniffers into error. Thanks to Wilfried Weissmann -+ for pointing that. */ -+ arcfour_encrypt(&state->arcfour_context, wptr, complen, wptr); -+ olen = complen + PPP_HDRLEN + MPPE_OVHD; -+ (state->stats).comp_bytes += olen; -+ (state->stats).comp_packets++; -+ } -+ state->bits |= MPPE_BIT_ENCRYPTED; -+ } -+ } -+ -+ /* write status bits and coherency counter into the output buffer */ -+ wptr = obuf + PPP_HDRLEN; -+ wptr[0] = MPPE_CTRLHI(state); -+ wptr[1] = MPPE_CTRLLO(state); -+ -+ state->bits = 0; -+ -+ (state->stats).unc_bytes += isize; -+ (state->stats).unc_packets++; -+ -+ return olen; -+} -+ -+/***************************/ -+/*** Decompression stuff ***/ -+/***************************/ -+static inline u32 getbits(const u8 *buf, const u32 n, u32 *i, u32 *l) -+{ -+ static u32 m[] = {0x00, 0x01, 0x03, 0x07, 0x0f, 0x1f, 0x3f, 0x7f, 0xff}; -+ u32 res, ol; -+ -+ ol = *l; -+ if (*l >= n) { -+ *l = (*l) - n; -+ res = (buf[*i] & m[ol]) >> (*l); -+ if (*l == 0) { -+ *l = 8; -+ (*i)++; -+ } -+ } else { -+ *l = 8 - n + (*l); -+ res = (buf[(*i)++] & m[ol]) << 8; -+ res = (res | buf[*i]) >> (*l); -+ } -+ -+ return res; -+} -+ -+static inline u32 getbyte(const u8 *buf, const u32 i, const u32 l) -+{ -+ if (l == 8) { -+ return buf[i]; -+ } else { -+ return (((buf[i] << 8) | buf[i+1]) >> l) & 0xff; -+ } -+} -+ -+static inline void lamecopy(u8 *dst, u8 *src, u32 len) -+{ -+ while (len--) -+ *dst++ = *src++; -+} -+ -+static int -+mppc_decompress(struct ppp_mppe_state *state, unsigned char *ibuf, -+ unsigned char *obuf, int isize, int osize) -+{ -+ u32 olen, off, len, bits, val, sig, i, l; -+ u8 *history, *s; -+ -+ history = state->hist + state->histptr; -+ olen = len = i = 0; -+ l = 8; -+ bits = isize * 8; -+ while (bits >= 8) { -+ val = getbyte(ibuf, i++, l); -+ if (val < 0x80) { /* literal byte < 0x80 */ -+ if (state->histptr < 2*MPPE_HIST_LEN) { -+ /* copy uncompressed byte to the history */ -+ (state->hist)[(state->histptr)++] = (u8) val; -+ } else { -+ /* buffer overflow; drop packet */ -+ if (state->debug) -+ printk(KERN_ERR "%s%d: trying to write outside history " -+ "buffer\n", __FUNCTION__, state->unit); -+ return DECOMP_ERROR; -+ } -+ olen++; -+ bits -= 8; -+ continue; -+ } -+ -+ sig = val & 0xc0; -+ if (sig == 0x80) { /* literal byte >= 0x80 */ -+ if (state->histptr < 2*MPPE_HIST_LEN) { -+ /* copy uncompressed byte to the history */ -+ (state->hist)[(state->histptr)++] = -+ (u8) (0x80|((val&0x3f)<<1)|getbits(ibuf, 1 , &i ,&l)); -+ } else { -+ /* buffer overflow; drop packet */ -+ if (state->debug) -+ printk(KERN_ERR "%s%d: trying to write outside history " -+ "buffer\n", __FUNCTION__, state->unit); -+ return DECOMP_ERROR; -+ } -+ olen++; -+ bits -= 9; -+ continue; -+ } -+ -+ /* Not a literal byte so it must be an (offset,length) pair */ -+ /* decode offset */ -+ sig = val & 0xf0; -+ if (sig == 0xf0) { /* 10-bit offset; 0 <= offset < 64 */ -+ off = (((val&0x0f)<<2)|getbits(ibuf, 2 , &i ,&l)); -+ bits -= 10; -+ } else { -+ if (sig == 0xe0) { /* 12-bit offset; 64 <= offset < 320 */ -+ off = ((((val&0x0f)<<4)|getbits(ibuf, 4 , &i ,&l))+64); -+ bits -= 12; -+ } else { -+ if ((sig&0xe0) == 0xc0) {/* 16-bit offset; 320 <= offset < 8192 */ -+ off = ((((val&0x1f)<<8)|getbyte(ibuf, i++, l))+320); -+ bits -= 16; -+ if (off > MPPE_HIST_LEN - 1) { -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: too big offset value: %d\n", -+ __FUNCTION__, state->unit, off); -+ return DECOMP_ERROR; -+ } -+ } else { /* this shouldn't happen */ -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: cannot decode offset value\n", -+ __FUNCTION__, state->unit); -+ return DECOMP_ERROR; -+ } -+ } -+ } -+ /* decode length of match */ -+ val = getbyte(ibuf, i, l); -+ if ((val & 0x80) == 0x00) { /* len = 3 */ -+ len = 3; -+ bits--; -+ getbits(ibuf, 1 , &i ,&l); -+ } else if ((val & 0xc0) == 0x80) { /* 4 <= len < 8 */ -+ len = 0x04 | ((val>>4) & 0x03); -+ bits -= 4; -+ getbits(ibuf, 4 , &i ,&l); -+ } else if ((val & 0xe0) == 0xc0) { /* 8 <= len < 16 */ -+ len = 0x08 | ((val>>2) & 0x07); -+ bits -= 6; -+ getbits(ibuf, 6 , &i ,&l); -+ } else if ((val & 0xf0) == 0xe0) { /* 16 <= len < 32 */ -+ len = 0x10 | (val & 0x0f); -+ bits -= 8; -+ i++; -+ } else { -+ bits -= 8; -+ val = (val << 8) | getbyte(ibuf, ++i, l); -+ if ((val & 0xf800) == 0xf000) { /* 32 <= len < 64 */ -+ len = 0x0020 | ((val >> 6) & 0x001f); -+ bits -= 2; -+ getbits(ibuf, 2 , &i ,&l); -+ } else if ((val & 0xfc00) == 0xf800) { /* 64 <= len < 128 */ -+ len = 0x0040 | ((val >> 4) & 0x003f); -+ bits -= 4; -+ getbits(ibuf, 4 , &i ,&l); -+ } else if ((val & 0xfe00) == 0xfc00) { /* 128 <= len < 256 */ -+ len = 0x0080 | ((val >> 2) & 0x007f); -+ bits -= 6; -+ getbits(ibuf, 6 , &i ,&l); -+ } else if ((val & 0xff00) == 0xfe00) { /* 256 <= len < 512 */ -+ len = 0x0100 | (val & 0x00ff); -+ bits -= 8; -+ i++; -+ } else { -+ bits -= 8; -+ val = (val << 8) | getbyte(ibuf, ++i, l); -+ if ((val & 0xff8000) == 0xff0000) { /* 512 <= len < 1024 */ -+ len = 0x000200 | ((val >> 6) & 0x0001ff); -+ bits -= 2; -+ getbits(ibuf, 2 , &i ,&l); -+ } else if ((val & 0xffc000) == 0xff8000) {/* 1024 <= len < 2048 */ -+ len = 0x000400 | ((val >> 4) & 0x0003ff); -+ bits -= 4; -+ getbits(ibuf, 4 , &i ,&l); -+ } else if ((val & 0xffe000) == 0xffc000) {/* 2048 <= len < 4096 */ -+ len = 0x000800 | ((val >> 2) & 0x0007ff); -+ bits -= 6; -+ getbits(ibuf, 6 , &i ,&l); -+ } else if ((val & 0xfff000) == 0xffe000) {/* 4096 <= len < 8192 */ -+ len = 0x001000 | (val & 0x000fff); -+ bits -= 8; -+ i++; -+ } else { /* this shouldn't happen */ -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: wrong length code: 0x%X\n", -+ __FUNCTION__, state->unit, val); -+ return DECOMP_ERROR; -+ } -+ } -+ } -+ s = state->hist + state->histptr; -+ state->histptr += len; -+ olen += len; -+ if (state->histptr < 2*MPPE_HIST_LEN) { -+ /* copy uncompressed bytes to the history */ -+ -+ /* In some cases len may be greater than off. It means that memory -+ * areas pointed by s and s-off overlap. I used to use memmove() -+ * here, because I thought that it acts as libc's version. But -+ * I was wrong. I got strange errors sometimes. Wilfried suggested -+ * using of byte by byte copying here and strange errors disappeared. -+ */ -+ lamecopy(s, s-off, len); -+ } else { -+ /* buffer overflow; drop packet */ -+ if (state->debug) -+ printk(KERN_ERR "%s%d: trying to write outside history " -+ "buffer\n", __FUNCTION__, state->unit); -+ return DECOMP_ERROR; -+ } -+ } -+ -+ if (olen <= osize) { -+ /* copy uncompressed packet to the output buffer */ -+ memcpy(obuf, history, olen); -+ } else { -+ /* buffer overflow; drop packet */ -+ if (state->debug) -+ printk(KERN_ERR "%s%d: too big uncompressed packet: %d\n", -+ __FUNCTION__, state->unit, olen+(PPP_HDRLEN/2)); -+ return DECOMP_ERROR; -+ } -+ -+ return (int) olen; -+} -+ -+int -+mppe_decompress(void *arg, unsigned char *ibuf, int isize, -+ unsigned char *obuf, int osize) -+{ -+ struct ppp_mppe_state *state = (struct ppp_mppe_state *)arg; -+ int seq, bits, uncomplen; -+ -+ if (isize <= PPP_HDRLEN + MPPE_OVHD) { -+ if (state->debug) { -+ printk(KERN_DEBUG "%s%d: short packet (len=%d)\n", __FUNCTION__, -+ state->unit, isize); -+ } -+ return DECOMP_ERROR; -+ } -+ -+ /* Get coherency counter and control bits from input buffer */ -+ seq = MPPE_CCOUNT(ibuf); -+ bits = MPPE_BITS(ibuf); -+ -+ if (state->stateless) { -+ /* RFC 3078, sec 8.1. */ -+ mppe_increase_ccount(state); -+ if ((seq != state->ccount) && state->debug) -+ printk(KERN_DEBUG "%s%d: bad sequence number: %d, expected: %d\n", -+ __FUNCTION__, state->unit, seq, state->ccount); -+ while (seq != state->ccount) -+ mppe_increase_ccount(state); -+ } else { -+ /* RFC 3078, sec 8.2. */ -+ if (state->flushexpected) { /* discard state */ -+ if ((bits & MPPE_BIT_FLUSHED)) { /* we received expected FLUSH bit */ -+ while (seq != state->ccount) -+ mppe_increase_ccount(state); -+ state->flushexpected = 0; -+ } else /* drop packet*/ -+ return DECOMP_ERROR; -+ } else { /* normal state */ -+ mppe_increase_ccount(state); -+ if (seq != state->ccount) { -+ /* Packet loss detected, enter the discard state. */ -+ if (state->debug) -+ printk(KERN_DEBUG "%s%d: bad sequence number: %d, expected: %d\n", -+ __FUNCTION__, state->unit, seq, state->ccount); -+ state->flushexpected = 1; -+ return DECOMP_ERROR; -+ } -+ } -+ if (state->mppe && (bits & MPPE_BIT_FLUSHED)) { -+ arcfour_setkey(&state->arcfour_context, state->session_key, -+ state->keylen); -+ } -+ } -+ -+ if (state->mppc && (bits & (MPPE_BIT_FLUSHED | MPPE_BIT_RESET))) { -+ state->histptr = MPPE_HIST_LEN; -+ if ((bits & MPPE_BIT_FLUSHED)) { -+ memset(state->hist + MPPE_HIST_LEN, 0, MPPE_HIST_LEN*sizeof(u8)); -+ } else -+ if ((bits & MPPE_BIT_RESET)) { -+ memcpy(state->hist, state->hist+MPPE_HIST_LEN, MPPE_HIST_LEN); -+ } -+ } -+ -+ /* Fill in the first part of the PPP header. The protocol field -+ comes from the decompressed data. */ -+ obuf[0] = PPP_ADDRESS(ibuf); -+ obuf[1] = PPP_CONTROL(ibuf); -+ obuf += PPP_HDRLEN / 2; -+ -+ if (state->mppe) { /* process encrypted packet */ -+ if ((bits & MPPE_BIT_ENCRYPTED)) { -+ /* OK, packet encrypted, so decrypt it */ -+ if (state->mppc && (bits & MPPE_BIT_COMP)) { -+ /* Hack warning !!! RC4 implementation which we use does -+ decryption "in place" - it means that input and output -+ buffers can be *the same* memory area. Therefore we don't -+ need to use a temporary buffer. But be careful - other -+ implementations don't have to be so nice. */ -+ arcfour_decrypt(&state->arcfour_context, ibuf+PPP_HDRLEN+MPPE_OVHD, -+ isize-PPP_HDRLEN-MPPE_OVHD, ibuf+PPP_HDRLEN+MPPE_OVHD); -+ uncomplen = mppc_decompress(state, ibuf+PPP_HDRLEN+MPPE_OVHD, -+ obuf, isize-PPP_HDRLEN-MPPE_OVHD, -+ osize-(PPP_HDRLEN/2)); -+ if (uncomplen == DECOMP_ERROR) { -+ state->flushexpected = 1; -+ return DECOMP_ERROR; -+ } -+ uncomplen += PPP_HDRLEN / 2; -+ (state->stats).comp_bytes += isize; -+ (state->stats).comp_packets++; -+ } else { -+ arcfour_decrypt(&state->arcfour_context, ibuf+PPP_HDRLEN+MPPE_OVHD, -+ isize-PPP_HDRLEN-MPPE_OVHD, obuf); -+ uncomplen = isize - (PPP_HDRLEN / 2) - MPPE_OVHD; -+ (state->stats).inc_bytes += isize; -+ (state->stats).inc_packets++; -+ } -+ } else { /* this shouldn't happen */ -+ if (state->debug) -+ printk(KERN_ERR "%s%d: encryption negotiated but not an " -+ "encrypted packet received\n", __FUNCTION__, state->unit); -+ mppe_change_key(state, 0); -+ state->flushexpected = 1; -+ return DECOMP_ERROR; -+ } -+ } else { -+ if (state->mppc) { /* no MPPE, only MPPC */ -+ if ((bits & MPPE_BIT_COMP)) { -+ uncomplen = mppc_decompress(state, ibuf+PPP_HDRLEN+MPPE_OVHD, -+ obuf, isize-PPP_HDRLEN-MPPE_OVHD, -+ osize-(PPP_HDRLEN/2)); -+ if (uncomplen == DECOMP_ERROR) { -+ state->flushexpected = 1; -+ return DECOMP_ERROR; -+ } -+ uncomplen += PPP_HDRLEN / 2; -+ (state->stats).comp_bytes += isize; -+ (state->stats).comp_packets++; -+ } else { -+ memcpy(obuf, ibuf+PPP_HDRLEN+MPPE_OVHD, -+ isize-PPP_HDRLEN-MPPE_OVHD); -+ uncomplen = isize - (PPP_HDRLEN / 2) - MPPE_OVHD; -+ (state->stats).inc_bytes += isize; -+ (state->stats).inc_packets++; -+ } -+ } else { /* this shouldn't happen */ -+ if (state->debug) -+ printk(KERN_ERR "%s%d: error - no MPPC nor MPPE negotiated\n", -+ __FUNCTION__, state->unit); -+ state->flushexpected = 1; -+ return DECOMP_ERROR; -+ } -+ } -+ -+ (state->stats).unc_bytes += uncomplen; -+ (state->stats).unc_packets++; -+ -+ return uncomplen; -+} -+ -+ -+/************************************************************ -+ * Module interface table -+ ************************************************************/ -+ -+/* These are in ppp_generic.c */ -+extern int ppp_register_compressor (struct compressor *cp); -+extern void ppp_unregister_compressor (struct compressor *cp); -+ -+/* -+ * Functions exported to ppp_generic.c. -+ */ -+struct compressor ppp_mppe = { -+ CI_MPPE, /* compress_proto */ -+ mppe_comp_alloc, /* comp_alloc */ -+ mppe_comp_free, /* comp_free */ -+ mppe_comp_init, /* comp_init */ -+ mppe_comp_reset, /* comp_reset */ -+ mppe_compress, /* compress */ -+ mppe_stats, /* comp_stat */ -+ mppe_decomp_alloc, /* decomp_alloc */ -+ mppe_comp_free, /* decomp_free */ -+ mppe_decomp_init, /* decomp_init */ -+ mppe_decomp_reset, /* decomp_reset */ -+ mppe_decompress, /* decompress */ -+ NULL, /* incomp */ -+ mppe_stats, /* decomp_stat */ -+}; -+ -+/* -+ In case of MPPC/MPPE there is no need to process incompressible data -+ because such a data is sent in MPPC/MPPE frame. Therefore the (*incomp) -+ callback function isn't needed. -+*/ -+ -+/************************************************************ -+ * Module support routines -+ ************************************************************/ -+ -+int __init mppe_module_init(void) -+{ -+ int answer = ppp_register_compressor(&ppp_mppe); -+ if (answer == 0) { -+ printk(KERN_INFO "MPPE/MPPC encryption/compression module registered\n"); -+ } -+ return answer; -+} -+ -+void __exit mppe_module_cleanup(void) -+{ -+ if (MOD_IN_USE) { -+ printk (KERN_INFO "MPPE/MPPC module busy, removing delayed\n"); -+ } else { -+ ppp_unregister_compressor (&ppp_mppe); -+ printk(KERN_INFO "MPPE/MPPC encryption/compression module unregistered\n"); -+ } -+} -+ -+module_init(mppe_module_init); -+module_exit(mppe_module_cleanup); -+ -+MODULE_AUTHOR("Jan Dubiec <jdx@slackware.pl>"); -+MODULE_DESCRIPTION("MPPE/MPPC encryption/compression module for Linux"); -+MODULE_LICENSE("Dual BSD/GPL"); -diff -ruN linux-2.4.21.orig/include/linux/ppp-comp.h linux-2.4.21/include/linux/ppp-comp.h ---- linux-2.4.21.orig/include/linux/ppp-comp.h 1999-08-06 19:44:11.000000000 +0200 -+++ linux-2.4.21/include/linux/ppp-comp.h 2003-07-15 01:45:22.000000000 +0200 -@@ -1,34 +1,42 @@ - /* - * ppp-comp.h - Definitions for doing PPP packet compression. - * -- * Copyright (c) 1994 The Australian National University. -- * All rights reserved. -+ * Copyright (c) 1984 Paul Mackerras. All rights reserved. - * -- * Permission to use, copy, modify, and distribute this software and its -- * documentation is hereby granted, provided that the above copyright -- * notice appears in all copies. This software is provided without any -- * warranty, express or implied. The Australian National University -- * makes no representations about the suitability of this software for -- * any purpose. -- * -- * IN NO EVENT SHALL THE AUSTRALIAN NATIONAL UNIVERSITY BE LIABLE TO ANY -- * PARTY FOR DIRECT, INDIRECT, SPECIAL, INCIDENTAL, OR CONSEQUENTIAL DAMAGES -- * ARISING OUT OF THE USE OF THIS SOFTWARE AND ITS DOCUMENTATION, EVEN IF -- * THE AUSTRALIAN NATIONAL UNIVERSITY HAVE BEEN ADVISED OF THE POSSIBILITY -- * OF SUCH DAMAGE. -- * -- * THE AUSTRALIAN NATIONAL UNIVERSITY SPECIFICALLY DISCLAIMS ANY WARRANTIES, -- * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY -- * AND FITNESS FOR A PARTICULAR PURPOSE. THE SOFTWARE PROVIDED HEREUNDER IS -- * ON AN "AS IS" BASIS, AND THE AUSTRALIAN NATIONAL UNIVERSITY HAS NO -- * OBLIGATION TO PROVIDE MAINTENANCE, SUPPORT, UPDATES, ENHANCEMENTS, -- * OR MODIFICATIONS. -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: - * -- * $Id: ppp-comp.h,v 1.6 1997/11/27 06:04:44 paulus Exp $ -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. The name(s) of the authors of this software must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. -+ * -+ * 4. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by Paul Mackerras -+ * <paulus@samba.org>". -+ * -+ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO -+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -+ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY -+ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN -+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING -+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ * -+ * $Id: ppp-comp.h,v 1.10 2002/12/06 09:49:15 paulus Exp $ - */ - - /* -- * ==FILEVERSION 980319== -+ * ==FILEVERSION 20020715== - * - * NOTE TO MAINTAINERS: - * If you modify this file at all, please set the above date. -@@ -78,7 +86,7 @@ - - /* Compress a packet */ - int (*compress) (void *state, unsigned char *rptr, -- unsigned char *obuf, int isize, int osize); -+ unsigned char *obuf, int isize, int osize); - - /* Return compression statistics */ - void (*comp_stat) (void *state, struct compstat *stats); -@@ -99,7 +107,7 @@ - - /* Decompress a packet. */ - int (*decompress) (void *state, unsigned char *ibuf, int isize, -- unsigned char *obuf, int osize); -+ unsigned char *obuf, int osize); - - /* Update state for an incompressible packet received */ - void (*incomp) (void *state, unsigned char *ibuf, int icnt); -@@ -187,6 +195,127 @@ - #define DEFLATE_CHK_SEQUENCE 0 - - /* -+ * Definitions for MPPE. -+ */ -+ -+#define CI_MPPE 18 /* config option for MPPE */ -+#define CILEN_MPPE 6 /* length of config option */ -+ -+#define MPPE_PAD 4 /* MPPE growth per frame */ -+#define MPPE_MAX_KEY_LEN 16 /* largest key length (128-bit) */ -+ -+/* option bits for ccp_options.mppe */ -+#define MPPE_OPT_40 0x01 /* 40 bit */ -+#define MPPE_OPT_128 0x02 /* 128 bit */ -+#define MPPE_OPT_STATEFUL 0x04 /* stateful mode */ -+/* unsupported opts */ -+#define MPPE_OPT_56 0x08 /* 56 bit */ -+#define MPPE_OPT_MPPC 0x10 /* MPPC compression */ -+#define MPPE_OPT_D 0x20 /* Unknown */ -+#define MPPE_OPT_UNSUPPORTED (MPPE_OPT_56|MPPE_OPT_MPPC|MPPE_OPT_D) -+#define MPPE_OPT_UNKNOWN 0x40 /* Bits !defined in RFC 3078 were set */ -+ -+/* -+ * This is not nice ... the alternative is a bitfield struct though. -+ * And unfortunately, we cannot share the same bits for the option -+ * names above since C and H are the same bit. We could do a u_int32 -+ * but then we have to do a htonl() all the time and/or we still need -+ * to know which octet is which. -+ */ -+#define MPPE_C_BIT 0x01 /* MPPC */ -+#define MPPE_D_BIT 0x10 /* Obsolete, usage unknown */ -+#define MPPE_L_BIT 0x20 /* 40-bit */ -+#define MPPE_S_BIT 0x40 /* 128-bit */ -+#define MPPE_M_BIT 0x80 /* 56-bit, not supported */ -+#define MPPE_H_BIT 0x01 /* Stateless (in a different byte) */ -+ -+/* Does not include H bit; used for least significant octet only. */ -+#define MPPE_ALL_BITS (MPPE_D_BIT|MPPE_L_BIT|MPPE_S_BIT|MPPE_M_BIT|MPPE_H_BIT) -+ -+/* Build a CI from mppe opts (see RFC 3078) */ -+#define MPPE_OPTS_TO_CI(opts, ci) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ /* H bit */ \ -+ if (opts & MPPE_OPT_STATEFUL) \ -+ *ptr++ = 0x0; \ -+ else \ -+ *ptr++ = MPPE_H_BIT; \ -+ *ptr++ = 0; \ -+ *ptr++ = 0; \ -+ \ -+ /* S,L bits */ \ -+ *ptr = 0; \ -+ if (opts & MPPE_OPT_128) \ -+ *ptr |= MPPE_S_BIT; \ -+ if (opts & MPPE_OPT_40) \ -+ *ptr |= MPPE_L_BIT; \ -+ /* M,D,C bits not supported */ \ -+ } while (/* CONSTCOND */ 0) -+ -+/* The reverse of the above */ -+#define MPPE_CI_TO_OPTS(ci, opts) \ -+ do { \ -+ u_char *ptr = ci; /* u_char[4] */ \ -+ \ -+ opts = 0; \ -+ \ -+ /* H bit */ \ -+ if (!(ptr[0] & MPPE_H_BIT)) \ -+ opts |= MPPE_OPT_STATEFUL; \ -+ \ -+ /* S,L bits */ \ -+ if (ptr[3] & MPPE_S_BIT) \ -+ opts |= MPPE_OPT_128; \ -+ if (ptr[3] & MPPE_L_BIT) \ -+ opts |= MPPE_OPT_40; \ -+ \ -+ /* M,D,C bits */ \ -+ if (ptr[3] & MPPE_M_BIT) \ -+ opts |= MPPE_OPT_56; \ -+ if (ptr[3] & MPPE_D_BIT) \ -+ opts |= MPPE_OPT_D; \ -+ if (ptr[3] & MPPE_C_BIT) \ -+ opts |= MPPE_OPT_MPPC; \ -+ \ -+ /* Other bits */ \ -+ if (ptr[0] & ~MPPE_H_BIT) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[1] || ptr[2]) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ if (ptr[3] & ~MPPE_ALL_BITS) \ -+ opts |= MPPE_OPT_UNKNOWN; \ -+ } while (/* CONSTCOND */ 0) -+ -+/* MPPE/MPPC definitions by J.D.*/ -+#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */ -+#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */ -+#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */ -+#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */ -+#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */ -+ -+/* -+ * Definitions for Stac LZS. -+ */ -+ -+#define CI_LZS 17 /* config option for Stac LZS */ -+#define CILEN_LZS 5 /* length of config option */ -+ -+#define LZS_OVHD 4 /* max. LZS overhead */ -+#define LZS_HIST_LEN 2048 /* LZS history size */ -+#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ -+ -+#define LZS_MODE_NONE 0 -+#define LZS_MODE_LCB 1 -+#define LZS_MODE_CRC 2 -+#define LZS_MODE_SEQ 3 -+#define LZS_MODE_EXT 4 -+ -+#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */ -+#define LZS_EXT_BIT_COMP 0x20 /* bit C */ -+ -+/* - * Definitions for other, as yet unsupported, compression methods. - */ - diff --git a/obsolete-buildroot/sources/openwrt/kernel/patches/160-expr.patch b/obsolete-buildroot/sources/openwrt/kernel/patches/160-expr.patch deleted file mode 100644 index f19fe24..0000000 --- a/obsolete-buildroot/sources/openwrt/kernel/patches/160-expr.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- linux/Makefile 2004-08-16 21:31:21.850402752 -0400 -+++ linux/Makefile 2004-08-16 21:48:22.372259848 -0400 -@@ -357,7 +357,7 @@ - @rm -f .ver1 - - include/linux/version.h: ./Makefile -- @expr length "$(KERNELRELEASE)" \<= $(uts_len) > /dev/null || \ -+ @expr "$(KERNELRELEASE)" : '.*' \<= $(uts_len) > /dev/null || \ - (echo KERNELRELEASE \"$(KERNELRELEASE)\" exceeds $(uts_len) characters >&2; false) - @echo \#define UTS_RELEASE \"$(KERNELRELEASE)\" > .ver - @echo \#define LINUX_VERSION_CODE `expr $(VERSION) \\* 65536 + $(PATCHLEVEL) \\* 256 + $(SUBLEVEL)` >> .ver diff --git a/obsolete-buildroot/sources/openwrt/patches/libpcap/00_debian_libpcap0.8_0.8.3-4.diff b/obsolete-buildroot/sources/openwrt/patches/libpcap/00_debian_libpcap0.8_0.8.3-4.diff deleted file mode 100644 index 6b42218..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/libpcap/00_debian_libpcap0.8_0.8.3-4.diff +++ /dev/null @@ -1,838 +0,0 @@ ---- libpcap0.8-0.8.3.orig/debian/compat -+++ libpcap0.8-0.8.3/debian/compat -@@ -0,0 +1,2 @@ -+4 -+ ---- libpcap0.8-0.8.3.orig/debian/copyright -+++ libpcap0.8-0.8.3/debian/copyright -@@ -0,0 +1,115 @@ -+This package was debianized by Romain Francoise <rfrancoise@debian.org> -+on Fri, 16 Apr 2004 18:41:39 +0200, based on work by: -+ + Anand Kumria <wildfire@progsoc.org> -+ + Torsten Landschoff <torsten@debian.org> -+ -+It was downloaded from http://tcpdump.org/release/libpcap-0.8.3.tar.gz -+ -+Upstream Authors: tcpdump-workers@tcpdump.org -+ -+Licensed under the 3-clause BSD license: -+ -+ Redistribution and use in source and binary forms, with or without -+ modification, are permitted provided that the following conditions -+ are met: -+ -+ 1. Redistributions of source code must retain the above copyright -+ notice, this list of conditions and the following disclaimer. -+ 2. Redistributions in binary form must reproduce the above copyright -+ notice, this list of conditions and the following disclaimer in -+ the documentation and/or other materials provided with the -+ distribution. -+ 3. The names of the authors may not be used to endorse or promote -+ products derived from this software without specific prior -+ written permission. -+ -+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -+ IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -+ -+Current upstream maintainers: -+ Bill Fenner <fenner@research.att.com> -+ Fulvio Risso <risso@polito.it> -+ Guy Harris <guy@alum.mit.edu> -+ Hannes Gredler <hannes@juniper.net> -+ Jun-ichiro itojun Hagino <itojun@iijlab.net> -+ Michael Richardson <mcr@sandelman.ottawa.on.ca> -+ -+Additional people who have contributed patches: -+ -+ Alan Bawden <Alan@LCS.MIT.EDU> -+ Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> -+ Albert Chin <china@thewrittenword.com> -+ Andrew Brown <atatat@atatdot.net> -+ Antti Kantee <pooka@netbsd.org> -+ Arkadiusz Miskiewicz <misiek@pld.org.pl> -+ Armando L. Caro Jr. <acaro@mail.eecis.udel.edu> -+ Assar Westerlund <assar@sics.se> -+ Brian Ginsbach <ginsbach@cray.com> -+ Charles M. Hannum <mycroft@netbsd.org> -+ Chris G. Demetriou <cgd@netbsd.org> -+ Chris Pepper <pepper@mail.reppep.com> -+ Darren Reed <darrenr@reed.wattle.id.au> -+ David Kaelbling <drk@sgi.com> -+ David Young <dyoung@ojctech.com> -+ Don Ebright <Don.Ebright@compuware.com> -+ Eric Anderson <anderse@hpl.hp.com> -+ Franz Schaefer <schaefer@mond.at> -+ Gianluca Varenni <varenni@netgroup-serv.polito.it> -+ Gisle Vanem <giva@bgnett.no> -+ Graeme Hewson <ghewson@cix.compulink.co.uk> -+ Greg Stark <gsstark@mit.edu> -+ Greg Troxel <gdt@ir.bbn.com> -+ Guillaume Pelat <endymion_@users.sourceforge.net> -+ Hyung Sik Yoon <hsyn@kr.ibm.com> -+ Igor Khristophorov <igor@atdot.org> -+ Jan-Philip Velders <jpv@veldersjes.net> -+ Jason R. Thorpe <thorpej@netbsd.org> -+ Javier Achirica <achirica@ttd.net> -+ Jean Tourrilhes <jt@hpl.hp.com> -+ Jefferson Ogata <jogata@nodc.noaa.gov> -+ Jesper Peterson <jesper@endace.com> -+ John Bankier <jbankier@rainfinity.com> -+ Jon Lindgren <jonl@yubyub.net> -+ Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de> -+ Kazushi Sugyo <sugyo@pb.jp.nec.com> -+ Klaus Klein <kleink@netbsd.org> -+ Koryn Grant <koryn@endace.com> -+ Krzysztof Halasa <khc@pm.waw.pl> -+ Lorenzo Cavallaro <sullivan@sikurezza.org> -+ Loris Degioanni <loris@netgroup-serv.polito.it> -+ Love Hörnquist-Åstrand <lha@stacken.kth.se> -+ Maciej W. Rozycki <macro@ds2.pg.gda.pl> -+ Marcus Felipe Pereira <marcus@task.com.br> -+ Martin Husemann <martin@netbsd.org> -+ Mike Wiacek <mike@iroot.net> -+ Monroe Williams <monroe@pobox.com> -+ Octavian Cerna <tavy@ylabs.com> -+ Olaf Kirch <okir@caldera.de> -+ Onno van der Linden <onno@simplex.nl> -+ Paul Mundt <lethal@linux-sh.org> -+ Pavel Kankovsky <kan@dcit.cz> -+ Peter Fales <peter@fales-lorenz.net> -+ Peter Jeremy <peter.jeremy@alcatel.com.au> -+ Phil Wood <cpw@lanl.gov> -+ Rafal Maszkowski <rzm@icm.edu.pl> -+ Rick Jones <raj@cup.hp.com> -+ Scott Barron <sb125499@ohiou.edu> -+ Scott Gifford <sgifford@tir.com> -+ Sebastian Krahmer <krahmer@cs.uni-potsdam.de> -+ Shaun Clowes <delius@progsoc.uts.edu.au> -+ Solomon Peachy <pizza@shaftnet.org> -+ Stefan Hudson <hudson@mbay.net> -+ Takashi Yamamoto <yamt@mwd.biglobe.ne.jp> -+ Tony Li <tli@procket.com> -+ Torsten Landschoff <torsten@debian.org> -+ Uns Lider <unslider@miranda.org> -+ Uwe Girlich <Uwe.Girlich@philosys.de> -+ Xianjie Zhang <xzhang@cup.hp.com> -+ Yen Yen Lim -+ Yoann Vandoorselaere <yoann@prelude-ids.org> -+ -+The original LBL crew: -+ Steve McCanne -+ Craig Leres -+ Van Jacobson ---- libpcap0.8-0.8.3.orig/debian/control -+++ libpcap0.8-0.8.3/debian/control -@@ -0,0 +1,44 @@ -+Source: libpcap0.8 -+Section: devel -+Priority: optional -+Maintainer: Romain Francoise <rfrancoise@debian.org> -+Uploaders: Torsten Landschoff <torsten@debian.org> -+Build-Depends: debhelper (>= 4), flex, bison, dpatch, perl -+Standards-Version: 3.6.1.0 -+ -+Package: libpcap0.8-dev -+Section: libdevel -+Architecture: any -+Depends: libpcap0.8 (= ${Source-Version}), libc6-dev -+Conflicts: libpcap-dev, libpcap0.7-dev -+Description: Development library and header files for libpcap 0.8 -+ Headers, static libraries, and documentation for the libpcap library. -+ . -+ libpcap (Packet CAPture) provides a portable framework for low-level -+ network monitoring. Applications include network statistics -+ collection, security monitoring, network debugging, etc. -+ . -+ Since almost every system vendor provides a different interface for -+ packet capture, and since there are several tools that require this -+ functionality, we've created this system-independent API to ease in -+ porting and to alleviate the need for several system-dependent packet -+ capture modules in each application. -+ . -+ Further information is available at <URL: http://www.tcpdump.org/> -+ -+Package: libpcap0.8 -+Section: libs -+Architecture: any -+Depends: ${shlibs:Depends} -+Description: System interface for user-level packet capture -+ libpcap (Packet CAPture) provides a portable framework for low-level -+ network monitoring. Applications include network statistics collection, -+ security monitoring, network debugging, etc. -+ . -+ Since almost every system vendor provides a different interface for -+ packet capture, and since there are several tools that require this -+ functionality, we've created this system-independent API to ease in -+ porting and to alleviate the need for several system-dependent packet -+ capture modules in each application. -+ . -+ Further information is available at <URL: http://www.tcpdump.org/> ---- libpcap0.8-0.8.3.orig/debian/changelog -+++ libpcap0.8-0.8.3/debian/changelog -@@ -0,0 +1,236 @@ -+libpcap0.8 (0.8.3-4) unstable; urgency=low -+ -+ * debian/patches/30_man_fixes.dpatch: Explicitly mention `pcap_handler' -+ as routine type for pcap_loop() and pcap_dispatch() callbacks, -+ suggested by Florian Weimer <fw@deneb.enyo.de> (closes: #255267). -+ -+ -- Romain Francoise <rfrancoise@debian.org> Wed, 21 Jul 2004 19:46:07 +0200 -+ -+libpcap0.8 (0.8.3-3) unstable; urgency=low -+ -+ * debian/control: libpcap0.8-dev conflicts with libpcap0.7-dev. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Wed, 9 Jun 2004 11:44:50 +0200 -+ -+libpcap0.8 (0.8.3-2) unstable; urgency=low -+ -+ * debian/control: -+ + Put back URL markers in description. -+ + Switch Maintainer and Uploaders fields to match reality. -+ * debian/patches/30_man_fixes.dpatch: Patch to fix some inconsistencies -+ in the upstream man page (tcpdump is in section 8, not 1). -+ * debian/patches/00list: Add 30_man_fixes. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Fri, 14 May 2004 23:43:02 +0200 -+ -+libpcap0.8 (0.8.3-1) unstable; urgency=low -+ -+ * New upstream release (closes: #235155). -+ + bpf_filter.c now has config.h (closes: #171210). -+ + Does not ship CVS directories anymore (closes: #119750). -+ + Has improved "truncated file" messages (closes: #207535). -+ * New source package to ease the 0.7 -> 0.8 transition, each source -+ package builds corresponding libpcap0.x{,-dev} binary packages. The -+ libpcap-dev package is provided by libpcap0.7 for now. -+ * debian/copyright: Rewrite. Licensing information is now complete in -+ the upstream tarball. -+ * debian/control: -+ + Update source and binary package names. -+ + Build-Depend on dpatch, perl. -+ + Bump Standards-Version to 3.6.1.0. -+ * debian/rules: -+ + Clean up CFLAGS handling. -+ + Support DEB_BUILD_OPTIONS. -+ + Use dpatch for patch management. -+ + Compute major/minor versions from the changelog instead of -+ hardcoding them. -+ * debian/patches: New directory. -+ * debian/patches/10_shared_lib.dpatch: Patch split off the Debian diff -+ to build a shared library (upstream does not support it). -+ * debian/patches/20_mac_syntax.dpatch: Patch split off the Debian diff -+ to support more MAC address syntaxes (by Torsten Landschoff). -+ * debian/patches/00list: New file (patch list). -+ -+ -- Romain Francoise <rfrancoise@debian.org> Fri, 30 Apr 2004 16:14:10 +0200 -+ -+libpcap (0.7.2-5) unstable; urgency=low -+ -+ * debian/rules: Update version variables, this is version 0.7.2. -+ * Makefile.in: Fix version. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Tue, 11 Nov 2003 12:14:28 +0100 -+ -+libpcap (0.7.2-4) unstable; urgency=low -+ -+ * debian/libpcap-dev.preinst: New file. Remove old symlink from -+ /usr/share/doc/libpcap-dev to libpcap0 since we now have a real -+ libpcap-dev directory. Closes: #175742. -+ * debian/rules: Add -A flag to dh_installdocs so that it acts on all -+ binary packages. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Mon, 20 Oct 2003 18:49:22 +0200 -+ -+libpcap (0.7.2-3) unstable; urgency=low -+ -+ * debian/control: libpcap-dev is in section libdevel, not in section -+ devel. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Sun, 19 Oct 2003 19:22:12 +0200 -+ -+libpcap (0.7.2-2) unstable; urgency=low -+ -+ * debian/control: -+ + Adding myself as co-maintainer, with Torsten's blessing. -+ + Repeat extended description in libpcap-dev description -+ (closes: #209728) -+ + Remove Emacs-style <URL: ...> markers from the descriptions. -+ (closes: #196727). -+ + Remove full stops from synopsis as per Policy. -+ + Add versioned build-dependency on debhelper (>= 4). -+ * debian/copyright: Remove dh-make boilerplates. -+ * debian/compat: New file. -+ * debian/rules: Remove obsolete DH_COMPAT variable. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Sun, 19 Oct 2003 18:17:41 +0200 -+ -+libpcap (0.7.2-1) unstable; urgency=low -+ -+ * New upstream release. -+ -+ -- Torsten Landschoff <torsten@debian.org> Sat, 7 Jun 2003 22:57:55 +0200 -+ -+libpcap (0.7.1-1) unstable; urgency=low -+ -+ * New upstream release (closes: #145538). -+ * debian/rules: Build the library with _FILE_OFFSET_BITS set to 64 -+ to allow for files bigger than 2GB (closes: #129213). -+ * Rename the library package to libpcap0.7 and change the SONAME so that we -+ can account for interface changes (closes: #132359). -+ * Run ldconfig as appropriate (lintian). -+ * Remove watch.ex template and the silly symlink from libpcap-dev's -+ documentation to libpcap0 (lintian). -+ -+ -- Torsten Landschoff <torsten@debian.org> Sat, 3 Aug 2002 23:33:56 +0200 -+ -+libpcap (0.6.2-2) unstable; urgency=low -+ -+ * debian/control: Change section of libpcap0 from net to libs -+ (Debian installer message). -+ * aclocal.m4: Treat the ia64 as a cpu which can't handle unaligned -+ memory access (closes: #112152). Thanks for the report go to -+ John R. Daily. -+ -+ -- Torsten Landschoff <torsten@debian.org> Fri, 14 Sep 2001 10:15:52 +0200 -+ -+libpcap (0.6.2-1) unstable; urgency=medium -+ -+ * New upstream release. -+ * debian/control: Removed Build-Depends already satisfied by the -+ build-essential package. -+ * gencode.c (gen_scode): Add the missing default branch of the protocol -+ family switch (closes: 88688). -+ * debian/libpcap.post{rm,inst}: Run ldconfig (lintian). -+ * debian/copyright: Fix the "similiar" typo (lintian). -+ -+ -- Torsten Landschoff <torsten@debian.org> Tue, 6 Mar 2001 04:27:27 +0100 -+ -+libpcap (0.6.1-2) unstable; urgency=low -+ -+ * debian/rules: Changed the shlibs info so that only pcap 0.6 -+ is okay for packages linked against this version. -+ -+ -- Torsten Landschoff <torsten@debian.org> Thu, 18 Jan 2001 01:13:20 +0100 -+ -+libpcap (0.6.1-1) unstable; urgency=low -+ -+ * Taking back the package. Kudos to Anand for helping out. -+ * debian/rules: Pass --enable-ipv6 to configure (closes: #80223). -+ -+ -- Torsten Landschoff <torsten@debian.org> Tue, 16 Jan 2001 15:40:37 +0100 -+ -+libpcap (0.5.2-2) unstable; urgency=low -+ -+ * Update config.guess and config.sub (Closes #26031) -+ * Source builds would not always work. Fix that. -+ * Kernel interface problem is really a module not loaded problem. -+ Note this in README.Debian. (Closes #21356) -+ -+ -- Anand Kumria <wildfire@progsoc.org> Tue, 28 Nov 2000 02:03:25 +1100 -+ -+libpcap (0.5.2-1) unstable; urgency=low -+ -+ * New upstream release -+ * New maintainer -+ * Migrate to Debhelper and insert Build-Depends -+ -+ -- Anand Kumria <wildfire@progsoc.org> Sun, 12 Nov 2000 03:19:44 +1100 -+ -+libpcap (0.4a6-3) unstable; urgency=low -+ -+ * New maintainer. -+ * scanner.l: Allow a 12 digit hex number as ether address as well as -+ BB.BB.BB.BB.BB.BB (closes: #48735) -+ * nametoaddr.c (pcap_ether_aton): Adjust for change in scanner.l -+ -+ -- Torsten Landschoff <torsten@debian.org> Mon, 22 Nov 1999 02:39:45 +0100 -+ -+libpcap (0.4a6-2.1) unstable; urgency=low -+ -+ * Non maintainer upload. -+ config.{guess,sub} changed to recognize a Arm architecture. -+ -+ -- Turbo Fredriksson <turbo@debian.org> Thu, 20 Aug 1998 23:12:36 -0400 -+ -+libpcap (0.4a6-2) frozen unstable; urgency=low -+ -+ * renamed /usr/doc/libpcap to /usr/doc/libpcap0 (should fix several -+ lintian warnings) -+ * updated standards-version -+ * rebuild with latest debmake -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Mon, 30 Mar 1998 00:46:44 +0200 -+ -+ -+libpcap (0.4a6-1) unstable; urgency=low -+ -+ * upgraded to latest upstream version, fixes: Bug#17164 -+ * added patch from Michael Alan Dorman <mdorman@mdorman.law.miami.edu> -+ for building libpcap on alpha systems, fixes: Bug#15556 -+ * fixed aclocal.m4 script -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sat, 31 Jan 1998 23:19:42 +0100 -+ -+ -+libpcap (0.4a2-2) unstable; urgency=low -+ -+ * fixed detection of IFF_LOOPBACK for linux systems -+ * link shared library with -l -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Wed, 19 Nov 1997 23:44:34 +0100 -+ -+ -+libpcap (0.4a2-1) unstable; urgency=low -+ -+ * new maintainer -+ * latest upstream release -+ * libc6 version -+ * compiled with _REENTRANT -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Wed, 17 Sep 1997 20:40:01 +0200 -+ -+ -+libpcap (0.3.1a3-1) unstable; urgency=low -+ -+ * Latest upstream release. Fixes bug #6670. -+ -+ -- Karl Sackett <krs@debian.org> Wed, 2 Apr 1997 10:19:28 -0600 -+ -+ -+libpcap (0.3-1) unstable; urgency=low -+ -+ * First Debian release. -+ * Makefile.in: supports libpcap.so target. -+ -+ -- Karl Sackett <krs@debian.org> Wed, 8 Jan 1997 09:38:31 -0600 -+ -+ ---- libpcap0.8-0.8.3.orig/debian/rules -+++ libpcap0.8-0.8.3/debian/rules -@@ -0,0 +1,81 @@ -+#!/usr/bin/make -f -+ -+include /usr/share/dpatch/dpatch.make -+ -+version := $(shell head -1 debian/changelog | \ -+ perl -nle 'm/\S+\s+\((\S+)-\S+\)/ and print $$1') -+major := $(shell head -1 debian/changelog | perl -nle \ -+ 'm/\S+\s+\((\d\.\d)\.\d+-\S+\)/ and print $$1') -+ -+export CFLAGS=-D_FILE_OFFSET_BITS=64 -+ -+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) -+ CFLAGS += -O0 -+endif -+ -+build: patch build-stamp -+build-stamp: -+ dh_testdir -+ -+ ./configure --prefix=/usr \ -+ --mandir=\$${prefix}/share/man \ -+ --enable-ipv6 --infodir=\$${prefix}/share/info -+ $(MAKE) -+ -+ touch build-stamp -+ -+clean: clean-patched unpatch -+clean-patched: -+ dh_testdir -+ dh_testroot -+ rm -f build-stamp -+ -+ -$(MAKE) distclean -+ -+ rm -f net -+ -+ dh_clean -+ -+install: build -+ dh_testdir -+ dh_testroot -+ dh_clean -k -+ dh_installdirs -+ -+ $(MAKE) install prefix=`pwd`/debian/libpcap0.8-dev/usr -+ -+binary-indep: build install -+# We have nothing to do by default. -+ -+binary-arch: build install -+# dh_testversion -+ dh_testdir -+ dh_testroot -+ # -+ # build libpcap${major} package by moving files from libpcap0.8-dev -+ # -+ dh_movefiles -plibpcap$(major) --sourcedir=debian/libpcap0.8-dev \ -+ usr/lib/libpcap.so.$(major) \ -+ usr/lib/libpcap.so.$(version) -+ -+# dh_installdebconf -+ dh_installdocs -A debian/README.Debian -+ dh_installexamples -+ dh_installmenu -+ dh_installmanpages -plibpcap0.8-dev -+ dh_installinfo -+# dh_undocumented -+ dh_installchangelogs CHANGES -+ dh_link -plibpcap0.8-dev -+ dh_strip -+ dh_compress -+ dh_fixperms -+ dh_makeshlibs -+ dh_installdeb -+ dh_shlibdeps -+ dh_gencontrol -+ dh_md5sums -+ dh_builddeb -+ -+binary: binary-indep binary-arch -+.PHONY: build clean binary-indep binary-arch binary install ---- libpcap0.8-0.8.3.orig/debian/patches/10_shared_lib.dpatch -+++ libpcap0.8-0.8.3/debian/patches/10_shared_lib.dpatch -@@ -0,0 +1,144 @@ -+#! /bin/sh -e -+## 10_shared_lib.dpatch by Romain Francoise <rfrancoise@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Debian-specific modifications to the upstream Makefile.in to -+## DP: build a shared library. -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/libpcap/libpcap0.8/libpcap0.8-0.8.3/Makefile.in libpcap0.8-0.8.3/Makefile.in -+--- /home/romain/Work/Debian/libpcap/libpcap0.8/libpcap0.8-0.8.3/Makefile.in 2004-04-30 16:40:33.000000000 +0200 -++++ libpcap0.8-0.8.3/Makefile.in 2004-04-30 16:41:43.000000000 +0200 -+@@ -37,6 +37,15 @@ -+ srcdir = @srcdir@ -+ VPATH = @srcdir@ -+ -++# some defines for shared library compilation -++MAJ=$(shell head -1 debian/changelog | perl -nle 'm/\S+\s+\((\d\.\d)\.\d+-\S+\)/ and print $$1') -++MIN=$(shell head -1 debian/changelog | perl -nle 'm/\S+\s+\(\d\.\d\.(\d+)-\S+\)/ and print $$1') -++VERSION=$(MAJ).$(MIN) -++LIBNAME=pcap -++LIBRARY=lib$(LIBNAME).a -++SOLIBRARY=lib$(LIBNAME).so -++SHAREDLIB=$(SOLIBRARY).$(VERSION) -++ -+ # -+ # You shouldn't need to edit anything below. -+ # -+@@ -49,6 +58,7 @@ -+ -+ # Standard CFLAGS -+ CFLAGS = $(CCOPT) $(INCLS) $(DEFS) -++CFLAGS_SHARED = -shared -Wl,-soname,$(SOLIBRARY).$(MAJ) -+ -+ INSTALL = @INSTALL@ -+ INSTALL_PROGRAM = @INSTALL_PROGRAM@ -+@@ -68,7 +78,11 @@ -+ # problem if you don't own the file but can write to the directory. -+ .c.o: -+ @rm -f $@ -+- $(CC) $(CFLAGS) -c $(srcdir)/$*.c -++ $(CC) $(CFLAGS) -c -o $@ $(srcdir)/$*.c -++ -++%_pic.o: %.c -++ @rm -f $@ -++ $(CC) -fPIC $(CFLAGS) -c -o $@ $(srcdir)/$*.c -+ -+ PSRC = pcap-@V_PCAP@.c -+ FSRC = fad-@V_FINDALLDEVS@.c -+@@ -83,6 +97,7 @@ -+ # We would like to say "OBJ = $(SRC:.c=.o)" but Ultrix's make cannot -+ # hack the extra indirection -+ OBJ = $(PSRC:.c=.o) $(FSRC:.c=.o) $(CSRC:.c=.o) $(SSRC:.c=.o) $(GENSRC:.c=.o) $(LIBOBJS) -++OBJ_PIC = $(PSRC:.c=_pic.o) $(FSRC:.c=_pic.o) $(CSRC:.c=_pic.o) $(SSRC:.c=_pic.o) $(GENSRC:.c=_pic.o) -+ HDR = pcap.h pcap-int.h pcap-namedb.h pcap-nit.h pcap-pf.h \ -+ ethertype.h gencode.h gnuc.h -+ GENHDR = \ -+@@ -94,15 +109,22 @@ -+ TAGFILES = \ -+ $(SRC) $(HDR) $(TAGHDR) -+ -+-CLEANFILES = $(OBJ) libpcap.a $(GENSRC) $(GENHDR) lex.yy.c -++CLEANFILES = $(OBJ) $(OBJ_PIC) libpcap.a $(GENSRC) $(GENHDR) lex.yy.c libpcap.so* -+ -+-all: libpcap.a -++all: libpcap.a $(SHAREDLIB) -+ -+ libpcap.a: $(OBJ) -+ @rm -f $@ -+ ar rc $@ $(OBJ) $(LIBS) -+ $(RANLIB) $@ -+ -++$(SHAREDLIB): $(OBJ_PIC) -++ -@rm -f $@ -++ -@rm -f $(SOLIBRARY) $(SOLIBRARY).$(MAJ) -++ $(CC) $(CFLAGS_SHARED) -o $(SHAREDLIB) $(OBJ_PIC) -lc -++ ln -s $(SHAREDLIB) $(SOLIBRARY).$(MAJ) -++ ln -s $(SOLIBRARY).$(MAJ) $(SOLIBRARY) -++ -+ scanner.c: $(srcdir)/scanner.l -+ @rm -f $@ -+ $(LEX) -t $< > $$$$.$@; mv $$$$.$@ $@ -+@@ -110,6 +132,9 @@ -+ scanner.o: scanner.c tokdefs.h -+ $(CC) $(CFLAGS) -c scanner.c -+ -++scanner_pic.o: scanner.c tokdefs.h -++ $(CC) -fPIC $(CFLAGS) -o $@ -c scanner.c -++ -+ pcap.o: version.h -+ -+ tokdefs.h: grammar.c -+@@ -123,9 +148,17 @@ -+ @rm -f $@ -+ $(CC) $(CFLAGS) -Dyylval=pcap_lval -c grammar.c -+ -++grammar_pic.o: grammar.c -++ @rm -f $@ -++ $(CC) -fPIC $(CFLAGS) -Dyylval=pcap_lval -o $@ -c grammar.c -++ -+ version.o: version.c -+ $(CC) $(CFLAGS) -c version.c -+ -++version_pic.o: version.c -++ $(CC) -fPIC $(CFLAGS) -c version.c -o $@ -++ -++ -+ snprintf.o: $(srcdir)/missing/snprintf.c -+ $(CC) $(CFLAGS) -o $@ -c $(srcdir)/missing/snprintf.c -+ -+@@ -151,10 +184,16 @@ -+ bpf_filter.o: bpf_filter.c -+ $(CC) $(CFLAGS) -c bpf_filter.c -+ -++bpf_filter_pic.o: bpf_filter.c -++ $(CC) -fPIC $(CFLAGS) -c bpf_filter.c -o $@ -++ -+ install: -+ [ -d $(DESTDIR)$(libdir) ] || \ -+ (mkdir -p $(DESTDIR)$(libdir); chmod 755 $(DESTDIR)$(libdir)) -+ $(INSTALL_DATA) libpcap.a $(DESTDIR)$(libdir)/libpcap.a -++ $(INSTALL_DATA) $(SHAREDLIB) $(DESTDIR)$(libdir)/ -++ ln -sf $(SHAREDLIB) $(DESTDIR)$(libdir)/$(SOLIBRARY).$(MAJ) -++ ln -sf $(SOLIBRARY).$(MAJ) $(DESTDIR)$(libdir)/$(SOLIBRARY) -+ $(RANLIB) $(DESTDIR)$(libdir)/libpcap.a -+ [ -d $(DESTDIR)$(includedir) ] || \ -+ (mkdir -p $(DESTDIR)$(includedir); chmod 755 $(DESTDIR)$(includedir)) ---- libpcap0.8-0.8.3.orig/debian/patches/20_mac_syntax.dpatch -+++ libpcap0.8-0.8.3/debian/patches/20_mac_syntax.dpatch -@@ -0,0 +1,68 @@ -+#! /bin/sh -e -+## 20_mac_syntax.dpatch by Torsten Landschoff <torsten@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Adds more possible syntaxes to input MAC addresses: -+## DP: - the nn.nn.nn.nn.nn.nn syntax -+## DP: - the hexadecimal syntax -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/libpcap/libpcap0.8/libpcap0.8-0.8.3/nametoaddr.c libpcap0.8-0.8.3/nametoaddr.c -+--- /home/romain/Work/Debian/libpcap/libpcap0.8/libpcap0.8-0.8.3/nametoaddr.c 2004-04-30 15:45:14.000000000 +0200 -++++ libpcap0.8-0.8.3/nametoaddr.c 2004-04-30 15:57:54.000000000 +0200 -+@@ -333,7 +333,7 @@ -+ e = ep = (u_char *)malloc(6); -+ -+ while (*s) { -+- if (*s == ':') -++ if (*s == ':' || *s == '.') -+ s += 1; -+ d = xdtoi(*s++); -+ if (isxdigit((unsigned char)*s)) { -+diff -urNad /home/romain/Work/Debian/libpcap/libpcap0.8/libpcap0.8-0.8.3/scanner.l libpcap0.8-0.8.3/scanner.l -+--- /home/romain/Work/Debian/libpcap/libpcap0.8/libpcap0.8-0.8.3/scanner.l 2004-04-30 15:45:14.000000000 +0200 -++++ libpcap0.8-0.8.3/scanner.l 2004-04-30 15:57:54.000000000 +0200 -+@@ -80,6 +80,7 @@ -+ N ([0-9]+|(0X|0x)[0-9A-Fa-f]+) -+ B ([0-9A-Fa-f][0-9A-Fa-f]?) -+ W ([0-9A-Fa-f][0-9A-Fa-f]?[0-9A-Fa-f]?[0-9A-Fa-f]?) -++X [0-9A-Fa-f] -+ -+ %a 16000 -+ %o 19000 -+@@ -296,7 +297,7 @@ -+ {N} { yylval.i = stoi((char *)yytext); return NUM; } -+ ({N}\.{N})|({N}\.{N}\.{N})|({N}\.{N}\.{N}\.{N}) { -+ yylval.s = sdup((char *)yytext); return HID; } -+-{B}:{B}:{B}:{B}:{B}:{B} { yylval.e = pcap_ether_aton((char *)yytext); -++({B}:{B}:{B}:{B}:{B}:{B})|({B}\.{B}\.{B}\.{B}\.{B}\.{B}) { yylval.e = pcap_ether_aton((char *)yytext); -+ return EID; } -+ {V6} { -+ #ifdef INET6 -+@@ -314,6 +315,8 @@ -+ #endif /*INET6*/ -+ } -+ {B}:+({B}:+)+ { bpf_error("bogus ethernet address %s", yytext); } -++{X}{12} { yylval.e = pcap_ether_aton((char *)yytext); return EID;} -++ -+ icmptype { yylval.i = 0; return NUM; } -+ icmpcode { yylval.i = 1; return NUM; } -+ icmp-echoreply { yylval.i = 0; return NUM; } ---- libpcap0.8-0.8.3.orig/debian/patches/00list -+++ libpcap0.8-0.8.3/debian/patches/00list -@@ -0,0 +1,3 @@ -+10_shared_lib -+20_mac_syntax -+30_man_fixes ---- libpcap0.8-0.8.3.orig/debian/patches/30_man_fixes.dpatch -+++ libpcap0.8-0.8.3/debian/patches/30_man_fixes.dpatch -@@ -0,0 +1,57 @@ -+#! /bin/sh -e -+## 30_man_fixes.dpatch by Romain Francoise <rfrancoise@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Misc. fixes to the upstream man page. -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/libpcap0.8/libpcap0.8-0.8.3/pcap.3 libpcap0.8-0.8.3/pcap.3 -+--- /home/romain/Work/Debian/libpcap0.8/libpcap0.8-0.8.3/pcap.3 2004-07-21 19:41:53.000000000 +0200 -++++ libpcap0.8-0.8.3/pcap.3 2004-07-21 19:42:28.000000000 +0200 -+@@ -201,7 +201,7 @@ -+ .I fname -+ specifies the name of the file to open. The file has -+ the same format as those used by -+-.B tcpdump(1) -++.B tcpdump(8) -+ and -+ .BR tcpslice(1) . -+ The name "-" in a synonym for -+@@ -404,7 +404,9 @@ -+ live capture, or all the packets in the file when reading a -+ ``savefile''. -+ .I callback -+-specifies a routine to be called with three arguments: -++specifies a -++.I pcap_handler -++routine to be called with three arguments: -+ a -+ .I u_char -+ pointer which is passed in from -+@@ -1168,7 +1170,7 @@ -+ closes the ``savefile.'' -+ .PP -+ .SH SEE ALSO -+-tcpdump(1), tcpslice(1) -++tcpdump(8), tcpslice(1) -+ .SH AUTHORS -+ The original authors are: -+ .LP ---- libpcap0.8-0.8.3.orig/debian/README.Debian -+++ libpcap0.8-0.8.3/debian/README.Debian -@@ -0,0 +1,13 @@ -+libpcap for Debian -+------------------ -+ -+ If you receive messages telling you the packet type is not supported -+ or is deprecated check that CONFIG_PACKET is set to either `Y' or `M'. -+ -+ You should also check that /etc/modules.conf has the line -+ -+ alias net-pf-17 af_packet -+ -+ Feel free to report bugs. -+ -+ -- Anand Kumria <wildfire@progsoc.org>, Tue, 28 Nov 2000 02:04:28 EST ---- libpcap0.8-0.8.3.orig/debian/libpcap0.8-dev.preinst -+++ libpcap0.8-0.8.3/debian/libpcap0.8-dev.preinst -@@ -0,0 +1,9 @@ -+#!/bin/sh -+set -e -+ -+# Remove old symlink, if it exists -+if [ -L /usr/share/doc/libpcap-dev ]; then -+ rm -f /usr/share/doc/libpcap-dev ; -+fi -+ -+#DEBHELPER# ---- libpcap0.8-0.8.3.orig/debian/libpcap0.8.postinst -+++ libpcap0.8-0.8.3/debian/libpcap0.8.postinst -@@ -0,0 +1,8 @@ -+#! /bin/sh -+ -+if [ "$1" = "configure" ]; then -+ ldconfig -+fi -+ -+#DEBHELPER# -+ ---- libpcap0.8-0.8.3.orig/debian/libpcap0.8-dev.dirs -+++ libpcap0.8-0.8.3/debian/libpcap0.8-dev.dirs -@@ -0,0 +1,3 @@ -+usr/lib -+usr/include -+usr/share/man/man3 ---- libpcap0.8-0.8.3.orig/debian/libpcap0.8.docs -+++ libpcap0.8-0.8.3/debian/libpcap0.8.docs -@@ -0,0 +1,2 @@ -+README -+CREDITS ---- libpcap0.8-0.8.3.orig/debian/libpcap0.8.postrm -+++ libpcap0.8-0.8.3/debian/libpcap0.8.postrm -@@ -0,0 +1,8 @@ -+#! /bin/sh -+ -+if [ "$1" = "remove" ]; then -+ ldconfig -+fi -+ -+#DEBHELPER# -+ diff --git a/obsolete-buildroot/sources/openwrt/patches/matrixssl/matrixssl-1.1.2-openwrt.patch b/obsolete-buildroot/sources/openwrt/patches/matrixssl/matrixssl-1.1.2-openwrt.patch deleted file mode 100644 index dfd8b5d..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/matrixssl/matrixssl-1.1.2-openwrt.patch +++ /dev/null @@ -1,14 +0,0 @@ -diff -ruN matrixssl-1.1.2-old/src/Makefile matrixssl-1.1.2-new/src/Makefile ---- matrixssl-1.1.2-old/src/Makefile 2004-06-10 21:03:25.000000000 +0200 -+++ matrixssl-1.1.2-new/src/Makefile 2004-07-09 22:58:06.000000000 +0200 -@@ -46,8 +46,8 @@ - # Compile options - # - SHARED = -shared --CFLAGS = $(DFLAGS) -DLINUX --LDFLAGS = -nostdlib -lc -lpthread -+CFLAGS = $(DFLAGS) -DLINUX -fPIC -+LDFLAGS = -lc -lpthread -Wl,-soname,libmatrixssl.so.1.2 - - # - # Override variables for compilation on Mac OS X (Darwin) diff --git a/obsolete-buildroot/sources/openwrt/patches/matrixssl/matrixssl-1.2.1-examples_fix.patch b/obsolete-buildroot/sources/openwrt/patches/matrixssl/matrixssl-1.2.1-examples_fix.patch deleted file mode 100644 index e9980d6..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/matrixssl/matrixssl-1.2.1-examples_fix.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -ruN matrixssl-1.2.1-old/examples/Makefile matrixssl-1.2.1-new/examples/Makefile ---- matrixssl-1.2.1-old/examples/Makefile 2004-06-05 00:45:21.000000000 +0200 -+++ matrixssl-1.2.1-new/examples/Makefile 2004-08-19 04:01:29.000000000 +0200 -@@ -34,7 +34,7 @@ - # Compile options - # - CFLAGS = $(DFLAGS) -DLINUX --LDFLAGS = -lc -+LDFLAGS = -lc -lpthread - - # - # Override variables for compilation on Mac OS X (Darwin) diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/000_ppp-2.4.2-cvs-20040427.patch b/obsolete-buildroot/sources/openwrt/patches/ppp/000_ppp-2.4.2-cvs-20040427.patch deleted file mode 100644 index 7ccc1b4..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/000_ppp-2.4.2-cvs-20040427.patch +++ /dev/null @@ -1,3429 +0,0 @@ -diff -ruN ppp-2.4.2/TODO ppp-cvs-20040427/TODO ---- ppp-2.4.2/TODO 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/TODO 1999-03-22 07:38:09.000000000 +0100 -@@ -0,0 +1,16 @@ -+* Things to do * -+ -+- How should we handle the case where MTU > MRU? -+ Should we reduce the IP MTU to the link MRU (so TCP MSS is correct)? -+ -+- Provide ways to: -+ + set the IP address, possibly based on the peer's identity -+ + have external checking of PAP user/password, CHAP response -+ + supply the PAP user/password, CHAP secret -+ + decide which tty to use (locking, DTR issues) -+ -+- Integrate callback stuff? -+ -+- Implement link quality monitoring -+ -+- Implement other network control protocols -diff -ruN ppp-2.4.2/chat/chat.c ppp-cvs-20040427/chat/chat.c ---- ppp-2.4.2/chat/chat.c 2003-03-30 10:23:48.000000000 +0200 -+++ ppp-cvs-20040427/chat/chat.c 2004-01-17 06:50:11.000000000 +0100 -@@ -87,7 +87,7 @@ - #endif - - #ifndef lint --static const char rcsid[] = "$Id: chat.c,v 1.29 2003/03/04 06:17:21 fcusack Exp $"; -+static const char rcsid[] = "$Id: chat.c,v 1.30 2004/01/17 05:47:55 carlsonj Exp $"; - #endif - - #include <stdio.h> -@@ -213,7 +213,7 @@ - void *copy_of __P((char *s)); - char *grow __P((char *s, char **p, size_t len)); - void usage __P((void)); --void logf __P((const char *fmt, ...)); -+void msgf __P((const char *fmt, ...)); - void fatal __P((int code, const char *fmt, ...)); - SIGTYPE sigalrm __P((int signo)); - SIGTYPE sigint __P((int signo)); -@@ -495,7 +495,7 @@ - /* - * Send a message to syslog and/or stderr. - */ --void logf __V((const char *fmt, ...)) -+void msgf __V((const char *fmt, ...)) - { - va_list args; - -@@ -558,7 +558,7 @@ - fatal(2, "Can't set file mode flags on stdin: %m"); - - if (verbose) -- logf("alarm"); -+ msgf("alarm"); - } - - void unalarm() -@@ -1001,9 +1001,9 @@ - * The expectation did not occur. This is terminal. - */ - if (fail_reason) -- logf("Failed (%s)", fail_reason); -+ msgf("Failed (%s)", fail_reason); - else -- logf("Failed"); -+ msgf("Failed"); - terminate(exit_code); - } - -@@ -1079,7 +1079,7 @@ - abort_string[n_aborts++] = s1; - - if (verbose) -- logf("abort on (%v)", s); -+ msgf("abort on (%v)", s); - return; - } - -@@ -1105,7 +1105,7 @@ - pack++; - n_aborts--; - if (verbose) -- logf("clear abort on (%v)", s); -+ msgf("clear abort on (%v)", s); - } - } - free(s1); -@@ -1129,7 +1129,7 @@ - report_string[n_reports++] = s1; - - if (verbose) -- logf("report (%v)", s); -+ msgf("report (%v)", s); - return; - } - -@@ -1155,7 +1155,7 @@ - pack++; - n_reports--; - if (verbose) -- logf("clear report (%v)", s); -+ msgf("clear report (%v)", s); - } - } - free(s1); -@@ -1173,7 +1173,7 @@ - timeout = DEFAULT_CHAT_TIMEOUT; - - if (verbose) -- logf("timeout set to %d seconds", timeout); -+ msgf("timeout set to %d seconds", timeout); - - return; - } -@@ -1236,7 +1236,7 @@ - return ((int)c & 0x7F); - - default: -- logf("warning: read() on stdin returned %d", status); -+ msgf("warning: read() on stdin returned %d", status); - - case -1: - if ((status = fcntl(0, F_GETFL, 0)) == -1) -@@ -1264,7 +1264,7 @@ - return (0); - - default: -- logf("warning: write() on stdout returned %d", status); -+ msgf("warning: write() on stdout returned %d", status); - - case -1: - if ((status = fcntl(0, F_GETFL, 0)) == -1) -@@ -1286,9 +1286,9 @@ - - if (verbose) { - if (errno == EINTR || errno == EWOULDBLOCK) -- logf(" -- write timed out"); -+ msgf(" -- write timed out"); - else -- logf(" -- write failed: %m"); -+ msgf(" -- write failed: %m"); - } - return (0); - } -@@ -1303,9 +1303,9 @@ - - if (verbose) { - if (quiet) -- logf("send (??????)"); -+ msgf("send (??????)"); - else -- logf("send (%v)", s); -+ msgf("send (%v)", s); - } - - alarm(timeout); alarmed = 0; -@@ -1392,17 +1392,17 @@ - minlen = (len > sizeof(fail_buffer)? len: sizeof(fail_buffer)) - 1; - - if (verbose) -- logf("expect (%v)", string); -+ msgf("expect (%v)", string); - - if (len > STR_LEN) { -- logf("expect string is too long"); -+ msgf("expect string is too long"); - exit_code = 1; - return 0; - } - - if (len == 0) { - if (verbose) -- logf("got it"); -+ msgf("got it"); - return (1); - } - -@@ -1416,16 +1416,16 @@ - echo_stderr(c); - if (verbose && c == '\n') { - if (s == logged) -- logf(""); /* blank line */ -+ msgf(""); /* blank line */ - else -- logf("%0.*v", s - logged, logged); -+ msgf("%0.*v", s - logged, logged); - logged = s + 1; - } - - *s++ = c; - - if (verbose && s >= logged + 80) { -- logf("%0.*v", s - logged, logged); -+ msgf("%0.*v", s - logged, logged); - logged = s; - } - -@@ -1470,8 +1470,8 @@ - strncmp(s - len, string, len) == 0) { - if (verbose) { - if (s > logged) -- logf("%0.*v", s - logged, logged); -- logf(" -- got it\n"); -+ msgf("%0.*v", s - logged, logged); -+ msgf(" -- got it\n"); - } - - alarm(0); -@@ -1484,8 +1484,8 @@ - strncmp(s - abort_len, abort_string[n], abort_len) == 0) { - if (verbose) { - if (s > logged) -- logf("%0.*v", s - logged, logged); -- logf(" -- failed"); -+ msgf("%0.*v", s - logged, logged); -+ msgf(" -- failed"); - } - - alarm(0); -@@ -1499,7 +1499,7 @@ - if (s >= end) { - if (logged < s - minlen) { - if (verbose) -- logf("%0.*v", s - logged, logged); -+ msgf("%0.*v", s - logged, logged); - logged = s; - } - s -= minlen; -@@ -1509,16 +1509,16 @@ - } - - if (alarmed && verbose) -- logf("warning: alarm synchronization problem"); -+ msgf("warning: alarm synchronization problem"); - } - - alarm(0); - - if (verbose && printed) { - if (alarmed) -- logf(" -- read timed out"); -+ msgf(" -- read timed out"); - else -- logf(" -- read failed: %m"); -+ msgf(" -- read failed: %m"); - } - - exit_code = 3; -diff -ruN ppp-2.4.2/configure ppp-cvs-20040427/configure ---- ppp-2.4.2/configure 2002-11-09 12:24:41.000000000 +0100 -+++ ppp-cvs-20040427/configure 2004-01-17 06:50:11.000000000 +0100 -@@ -1,5 +1,5 @@ - #!/bin/sh --# $Id: configure,v 1.30 2002/11/02 19:48:12 carlsonj Exp $ -+# $Id: configure,v 1.31 2004/01/17 05:47:55 carlsonj Exp $ - - # if [ -d /NextApps ]; then - # system="NeXTStep" -@@ -27,7 +27,7 @@ - esac;; - 5.[1-6]*) state="known"; ksrc="solaris"; makext="sol2";; - esac -- if [ -x /opt/SUNWspro/bin/cc ] && -+ if [ -x /opt/SUNWspro/bin/cc -a "$1" != "gcc" ] && - /opt/SUNWspro/bin/cc -flags >/dev/null 2>&1; then - : # use Sun WorkShop compiler - elif gcc --version >/dev/null 2>&1; then -diff -ruN ppp-2.4.2/contrib/pppgetpass/Makefile.linux ppp-cvs-20040427/contrib/pppgetpass/Makefile.linux ---- ppp-2.4.2/contrib/pppgetpass/Makefile.linux 1999-11-15 05:08:24.000000000 +0100 -+++ ppp-cvs-20040427/contrib/pppgetpass/Makefile.linux 1970-01-01 01:00:00.000000000 +0100 -@@ -1,16 +0,0 @@ --all: pppgetpass.vt pppgetpass.gtk -- --pppgetpass.vt: pppgetpass.vt.o -- --pppgetpass.gtk: pppgetpass.gtk.o -- $(CC) $(LDFLAGS) pppgetpass.gtk.o `gtk-config --libs` -o pppgetpass.gtk --pppgetpass.gtk.o: pppgetpass.gtk.c -- $(CC) $(CFLAGS) -c pppgetpass.gtk.c `gtk-config --cflags` -- --install: all -- install -m 755 pppgetpass.sh /usr/bin/pppgetpass -- install -m 4755 -o root -g root pppgetpass.vt /usr/bin/ -- install -m 755 -o root -g root pppgetpass.gtk /usr/X11/bin/ -- --clean: -- rm -f *.o pppgetpass.gtk pppgetpass.vt core -diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.8 ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.8 ---- ppp-2.4.2/contrib/pppgetpass/pppgetpass.8 1999-11-15 05:08:24.000000000 +0100 -+++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.8 1970-01-01 01:00:00.000000000 +0100 -@@ -1,18 +0,0 @@ --.TH PPPGETPASS 8 "26 Sep 1999" --.SH NAME --pppgetpass \- prompt for PAP password --.SH SYNOPSIS --.B pppgetpass --.I client server fd --.SH DESCRIPTION --.B pppgetpass --the outer half of a plugin for PAP password prompting in pppd. --If the peer requires PAP, and the --.B passprompt.so --plugin is loaded into pppd, it will run --.B /usr/sbin/pppgetpass --(or another program specified by the --.B promptprog --option) to prompt the user for the password. --.SH SEE ALSO --pppd(8) -diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.gtk.c ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.gtk.c ---- ppp-2.4.2/contrib/pppgetpass/pppgetpass.gtk.c 1999-11-15 05:08:24.000000000 +0100 -+++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.gtk.c 1970-01-01 01:00:00.000000000 +0100 -@@ -1,92 +0,0 @@ --#include <glib.h> --#include <gdk/gdk.h> --#include <gtk/gtkwindow.h> --#include <gtk/gtkmain.h> --#include <gtk/gtkbutton.h> --#include <gtk/gtkvbox.h> --#include <gtk/gtklabel.h> --#include <gtk/gtkentry.h> --#include <gtk/gtksignal.h> -- --#include <stdio.h> --#include <string.h> --#include <stdlib.h> --#include <unistd.h> --#include <syslog.h> -- --int outfd; --int err; -- --static void okpressed(void *widget, void *clientdata) --{ -- GtkWidget *answer=clientdata; -- gchar *pass; -- int passlen; -- ssize_t wrote; -- (void)widget; -- -- pass=gtk_entry_get_text(GTK_ENTRY(answer)); -- -- passlen=strlen(pass); -- if(!passlen) -- return; -- -- if((wrote=write(outfd, pass, passlen))!=passlen) { -- if(wrote<0) -- syslog(LOG_ERR, "write error on outpipe: %m"); -- else -- syslog(LOG_ERR, "short write on outpipe"); -- err=1; -- } -- gtk_main_quit(); --} -- --int main(int argc, char **argv) --{ -- GtkWidget *mainwindow, *vbox, *question, *answer, *ok; -- char buf[1024]; -- gtk_init(&argc, &argv); -- -- openlog(argv[0], LOG_PID, LOG_DAEMON); -- if(argc!=4) { -- syslog(LOG_WARNING, "Usage error"); -- return 1; -- } -- outfd=atoi(argv[3]); -- mainwindow=gtk_window_new(GTK_WINDOW_TOPLEVEL); -- gtk_window_set_title(GTK_WINDOW(mainwindow), "pppgetpass"); -- gtk_signal_connect(GTK_OBJECT(mainwindow), "destroy", -- GTK_SIGNAL_FUNC(gtk_main_quit), 0); -- -- vbox=gtk_vbox_new(FALSE, 5); -- gtk_container_add(GTK_CONTAINER(mainwindow), vbox); -- gtk_widget_show(vbox); -- -- if(argv[1][0] && argv[2][0]) -- snprintf(buf, sizeof buf, "Password for PPP client %s on server %s: ", argv[1], argv[2]); -- else if(argv[1][0] && !argv[2][0]) -- snprintf(buf, sizeof buf, "Password for PPP client %s: ", argv[1]); -- else if(!argv[1][0] && argv[2][0]) -- snprintf(buf, sizeof buf, "Password for PPP on server %s: ", argv[2]); -- else -- snprintf(buf, sizeof buf, "Enter PPP password: "); -- question=gtk_label_new(buf); -- gtk_box_pack_start(GTK_BOX(vbox), question, FALSE, TRUE, 0); -- gtk_widget_show(question); -- -- answer=gtk_entry_new(); -- gtk_entry_set_visibility(GTK_ENTRY(answer), 0); -- gtk_box_pack_start(GTK_BOX(vbox), answer, FALSE, TRUE, 0); -- gtk_widget_show(answer); -- -- ok=gtk_button_new_with_label("OK"); -- gtk_box_pack_start(GTK_BOX(vbox), ok, FALSE, TRUE, 0); -- gtk_signal_connect(GTK_OBJECT(ok), "clicked", -- GTK_SIGNAL_FUNC(okpressed), answer); -- gtk_widget_show(ok); -- -- gtk_widget_show(mainwindow); -- gtk_main(); -- -- return err; --} -diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.sh ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.sh ---- ppp-2.4.2/contrib/pppgetpass/pppgetpass.sh 1999-11-15 05:08:24.000000000 +0100 -+++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.sh 1970-01-01 01:00:00.000000000 +0100 -@@ -1,7 +0,0 @@ --#!/bin/sh -- --if [ -z "$DISPLAY" ]; then -- exec pppgetpass.vt "$@" --else -- exec pppgetpass.gtk "$@" --fi -diff -ruN ppp-2.4.2/contrib/pppgetpass/pppgetpass.vt.c ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.vt.c ---- ppp-2.4.2/contrib/pppgetpass/pppgetpass.vt.c 1999-11-15 05:08:24.000000000 +0100 -+++ ppp-cvs-20040427/contrib/pppgetpass/pppgetpass.vt.c 1970-01-01 01:00:00.000000000 +0100 -@@ -1,218 +0,0 @@ --#include <stdio.h> --#include <string.h> --#include <stdlib.h> --#include <errno.h> --#include <unistd.h> --#include <fcntl.h> --#include <sys/stat.h> --#include <sys/ioctl.h> --#include <syslog.h> --#include <termios.h> --#include <sys/vt.h> -- --static int console_owner(uid_t, int); -- --int main(int argc, char **argv) --{ -- int console; -- uid_t uid; -- struct vt_stat origstate; -- int openvtnum; -- char openvtname[256]; -- int openvt; -- gid_t gid; -- int chowned; -- FILE *fp; -- struct termios t; -- char pass[256], *nl; -- int outfd, passlen; -- ssize_t wrote; -- console=open("/dev/console", O_RDWR); -- -- uid=getuid(); -- gid=getgid(); -- seteuid(uid); -- -- openlog(argv[0], LOG_PID, LOG_DAEMON); -- -- if(argc!=4) { -- syslog(LOG_WARNING, "Usage error"); -- return 1; -- } -- -- if(console<0) { -- syslog(LOG_ERR, "open(/dev/console): %m"); -- return 1; -- } -- -- if(ioctl(console, VT_GETSTATE, &origstate)<0) { -- syslog(LOG_ERR, "VT_GETSTATE: %m"); -- return 1; -- } -- -- if(uid) { -- if(!console_owner(uid, origstate.v_active)) { -- int i; -- for(i=0;i<64;++i) { -- if(i!=origstate.v_active && console_owner(uid, i)) -- break; -- } -- if(i==64) { -- syslog(LOG_WARNING, "run by uid %lu not at console", (unsigned long)uid); -- return 1; -- } -- } -- } -- -- if(ioctl(console, VT_OPENQRY, &openvtnum)<0) { -- syslog(LOG_ERR, "VT_OPENQRY: %m"); -- return 1; -- } -- if(openvtnum==-1) { -- syslog(LOG_ERR, "No free VTs"); -- return 1; -- } -- -- snprintf(openvtname, sizeof openvtname, "/dev/tty%d", openvtnum); -- seteuid(0); -- openvt=open(openvtname, O_RDWR); -- if(openvt<0) { -- seteuid(uid); -- syslog(LOG_ERR, "open(%s): %m", openvtname); -- return 1; -- } -- -- chowned=fchown(openvt, uid, gid); -- if(chowned<0) { -- seteuid(uid); -- syslog(LOG_ERR, "fchown(%s): %m", openvtname); -- return 1; -- } -- -- close(console); -- -- if(ioctl(openvt, VT_ACTIVATE, openvtnum)<0) { -- seteuid(uid); -- syslog(LOG_ERR, "VT_ACTIVATE(%d): %m", openvtnum); -- return 1; -- } -- -- while(ioctl(openvt, VT_WAITACTIVE, openvtnum)<0) { -- if(errno!=EINTR) { -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "VT_WAITACTIVE(%d): %m", openvtnum); -- return 1; -- } -- } -- -- seteuid(uid); -- fp=fdopen(openvt, "r+"); -- if(!fp) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "fdopen(%s): %m", openvtname); -- return 1; -- } -- -- if(tcgetattr(openvt, &t)<0) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "tcgetattr(%s): %m", openvtname); -- return 1; -- } -- t.c_lflag &= ~ECHO; -- if(tcsetattr(openvt, TCSANOW, &t)<0) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "tcsetattr(%s): %m", openvtname); -- return 1; -- } -- -- if(fprintf(fp, "\033[2J\033[H")<0) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "write error on %s: %m", openvtname); -- return 1; -- } -- if(argv[1][0] && argv[2][0]) { -- if(fprintf(fp, "Password for PPP client %s on server %s: ", argv[1], argv[2])<0) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "write error on %s: %m", openvtname); -- return 1; -- } -- } else if(argv[1][0] && !argv[2][0]) { -- if(fprintf(fp, "Password for PPP client %s: ", argv[1])<0) { -- syslog(LOG_ERR, "write error on %s: %m", openvtname); -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- return 1; -- } -- } else if(!argv[1][0] && argv[2][0]) { -- if(fprintf(fp, "Password for PPP on server %s: ", argv[2])<0) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "write error on %s: %m", openvtname); -- return 1; -- } -- } else { -- if(fprintf(fp, "Enter PPP password: ")<0) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- syslog(LOG_ERR, "write error on %s: %m", openvtname); -- return 1; -- } -- } -- -- if(!fgets(pass, sizeof pass, fp)) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- if(ferror(fp)) { -- syslog(LOG_ERR, "read error on %s: %m", openvtname); -- } -- return 1; -- } -- if((nl=strchr(pass, '\n'))) -- *nl=0; -- passlen=strlen(pass); -- -- outfd=atoi(argv[3]); -- if((wrote=write(outfd, pass, passlen))!=passlen) { -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- if(wrote<0) -- syslog(LOG_ERR, "write error on outpipe: %m"); -- else -- syslog(LOG_ERR, "short write on outpipe"); -- return 1; -- } -- -- seteuid(0); -- ioctl(openvt, VT_ACTIVATE, origstate.v_active); -- seteuid(uid); -- return 0; --} -- --static int console_owner(uid_t uid, int cons) --{ -- char name[256]; -- struct stat st; -- snprintf(name, sizeof name, "/dev/tty%d", cons); -- if(stat(name, &st)<0) { -- if(errno!=ENOENT) -- syslog(LOG_ERR, "stat(%s): %m", name); -- return 0; -- } -- return uid==st.st_uid; --} -diff -ruN ppp-2.4.2/include/linux/if_ether.h ppp-cvs-20040427/include/linux/if_ether.h ---- ppp-2.4.2/include/linux/if_ether.h 2001-05-21 05:31:50.000000000 +0200 -+++ ppp-cvs-20040427/include/linux/if_ether.h 1970-01-01 01:00:00.000000000 +0100 -@@ -1,99 +0,0 @@ --/* -- * INET An implementation of the TCP/IP protocol suite for the LINUX -- * operating system. INET is implemented using the BSD Socket -- * interface as the means of communication with the user level. -- * -- * Global definitions for the Ethernet IEEE 802.3 interface. -- * -- * Version: @(#)if_ether.h 1.0.1a 02/08/94 -- * -- * Author: Fred N. van Kempen, <waltje@uWalt.NL.Mugnet.ORG> -- * Donald Becker, <becker@super.org> -- * Alan Cox, <alan@redhat.com> -- * Steve Whitehouse, <gw7rrm@eeshack3.swan.ac.uk> -- * -- * This program is free software; you can redistribute it and/or -- * modify it under the terms of the GNU General Public License -- * as published by the Free Software Foundation; either version -- * 2 of the License, or (at your option) any later version. -- */ -- --#ifndef _LINUX_IF_ETHER_H --#define _LINUX_IF_ETHER_H -- --/* -- * IEEE 802.3 Ethernet magic constants. The frame sizes omit the preamble -- * and FCS/CRC (frame check sequence). -- */ -- --#define ETH_ALEN 6 /* Octets in one ethernet addr */ --#define ETH_HLEN 14 /* Total octets in header. */ --#define ETH_ZLEN 60 /* Min. octets in frame sans FCS */ --#define ETH_DATA_LEN 1500 /* Max. octets in payload */ --#define ETH_FRAME_LEN 1514 /* Max. octets in frame sans FCS */ -- --/* -- * These are the defined Ethernet Protocol ID's. -- */ -- --#define ETH_P_LOOP 0x0060 /* Ethernet Loopback packet */ --#define ETH_P_PUP 0x0200 /* Xerox PUP packet */ --#define ETH_P_PUPAT 0x0201 /* Xerox PUP Addr Trans packet */ --#define ETH_P_IP 0x0800 /* Internet Protocol packet */ --#define ETH_P_X25 0x0805 /* CCITT X.25 */ --#define ETH_P_ARP 0x0806 /* Address Resolution packet */ --#define ETH_P_BPQ 0x08FF /* G8BPQ AX.25 Ethernet Packet [ NOT AN OFFICIALLY REGISTERED ID ] */ --#define ETH_P_IEEEPUP 0x0a00 /* Xerox IEEE802.3 PUP packet */ --#define ETH_P_IEEEPUPAT 0x0a01 /* Xerox IEEE802.3 PUP Addr Trans packet */ --#define ETH_P_DEC 0x6000 /* DEC Assigned proto */ --#define ETH_P_DNA_DL 0x6001 /* DEC DNA Dump/Load */ --#define ETH_P_DNA_RC 0x6002 /* DEC DNA Remote Console */ --#define ETH_P_DNA_RT 0x6003 /* DEC DNA Routing */ --#define ETH_P_LAT 0x6004 /* DEC LAT */ --#define ETH_P_DIAG 0x6005 /* DEC Diagnostics */ --#define ETH_P_CUST 0x6006 /* DEC Customer use */ --#define ETH_P_SCA 0x6007 /* DEC Systems Comms Arch */ --#define ETH_P_RARP 0x8035 /* Reverse Addr Res packet */ --#define ETH_P_ATALK 0x809B /* Appletalk DDP */ --#define ETH_P_AARP 0x80F3 /* Appletalk AARP */ --#define ETH_P_IPX 0x8137 /* IPX over DIX */ --#define ETH_P_IPV6 0x86DD /* IPv6 over bluebook */ --#define ETH_P_PPP_DISC 0x8863 /* PPPoE discovery messages */ --#define ETH_P_PPP_SES 0x8864 /* PPPoE session messages */ --#define ETH_P_ATMMPOA 0x884c /* MultiProtocol Over ATM */ --#define ETH_P_ATMFATE 0x8884 /* Frame-based ATM Transport -- * over Ethernet -- */ -- --/* -- * Non DIX types. Won't clash for 1500 types. -- */ -- --#define ETH_P_802_3 0x0001 /* Dummy type for 802.3 frames */ --#define ETH_P_AX25 0x0002 /* Dummy protocol id for AX.25 */ --#define ETH_P_ALL 0x0003 /* Every packet (be careful!!!) */ --#define ETH_P_802_2 0x0004 /* 802.2 frames */ --#define ETH_P_SNAP 0x0005 /* Internal only */ --#define ETH_P_DDCMP 0x0006 /* DEC DDCMP: Internal only */ --#define ETH_P_WAN_PPP 0x0007 /* Dummy type for WAN PPP frames*/ --#define ETH_P_PPP_MP 0x0008 /* Dummy type for PPP MP frames */ --#define ETH_P_LOCALTALK 0x0009 /* Localtalk pseudo type */ --#define ETH_P_PPPTALK 0x0010 /* Dummy type for Atalk over PPP*/ --#define ETH_P_TR_802_2 0x0011 /* 802.2 frames */ --#define ETH_P_MOBITEX 0x0015 /* Mobitex (kaz@cafe.net) */ --#define ETH_P_CONTROL 0x0016 /* Card specific control frames */ --#define ETH_P_IRDA 0x0017 /* Linux-IrDA */ --#define ETH_P_ECONET 0x0018 /* Acorn Econet */ -- --/* -- * This is an Ethernet frame header. -- */ -- --struct ethhdr --{ -- unsigned char h_dest[ETH_ALEN]; /* destination eth addr */ -- unsigned char h_source[ETH_ALEN]; /* source ether addr */ -- unsigned short h_proto; /* packet type ID field */ --}; -- --#endif /* _LINUX_IF_ETHER_H */ -diff -ruN ppp-2.4.2/include/pcap-int.h ppp-cvs-20040427/include/pcap-int.h ---- ppp-2.4.2/include/pcap-int.h 2000-08-01 03:37:24.000000000 +0200 -+++ ppp-cvs-20040427/include/pcap-int.h 2000-08-01 03:37:24.000000000 +0200 -@@ -30,7 +30,7 @@ - * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF - * SUCH DAMAGE. - * -- * @(#) $Header: /data/cvs/ppp/include/pcap-int.h,v 1.1 2000/08/01 01:37:24 paulus Exp $ (LBL) -+ * @(#) $Header: /cvsroot/ppp/include/pcap-int.h,v 1.1 2000/08/01 01:37:24 paulus Exp $ (LBL) - */ - - #ifndef pcap_int_h -diff -ruN ppp-2.4.2/modules/bsd-comp.c ppp-cvs-20040427/modules/bsd-comp.c ---- ppp-2.4.2/modules/bsd-comp.c 1998-03-19 06:59:01.000000000 +0100 -+++ ppp-cvs-20040427/modules/bsd-comp.c 2004-01-17 06:50:11.000000000 +0100 -@@ -41,7 +41,7 @@ - * This version is for use with STREAMS under SunOS 4.x, - * Digital UNIX, AIX 4.x, and SVR4 systems including Solaris 2. - * -- * $Id: bsd-comp.c,v 1.20 1996/08/28 06:31:57 paulus Exp $ -+ * $Id: bsd-comp.c,v 1.21 2004/01/17 05:47:55 carlsonj Exp $ - */ - - #ifdef AIX4 -@@ -66,6 +66,10 @@ - #define BSD_LITTLE_ENDIAN - #endif - -+#ifdef SOL2 -+#include <sys/sunddi.h> -+#endif -+ - #define PACKETPTR mblk_t * - #include <net/ppp-comp.h> - -diff -ruN ppp-2.4.2/modules/deflate.c ppp-cvs-20040427/modules/deflate.c ---- ppp-2.4.2/modules/deflate.c 2002-12-06 10:49:15.000000000 +0100 -+++ ppp-cvs-20040427/modules/deflate.c 2004-01-17 06:50:11.000000000 +0100 -@@ -35,7 +35,7 @@ - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * -- * $Id: deflate.c,v 1.11 2002/12/06 09:49:15 paulus Exp $ -+ * $Id: deflate.c,v 1.12 2004/01/17 05:47:55 carlsonj Exp $ - */ - - #ifdef AIX4 -@@ -56,6 +56,10 @@ - #include "../common/zlib.h" - #endif - -+#ifdef SOL2 -+#include <sys/sunddi.h> -+#endif -+ - #if DO_DEFLATE - - #define DEFLATE_DEBUG 1 -diff -ruN ppp-2.4.2/modules/vjcompress.c ppp-cvs-20040427/modules/vjcompress.c ---- ppp-2.4.2/modules/vjcompress.c 1999-09-17 04:03:56.000000000 +0200 -+++ ppp-cvs-20040427/modules/vjcompress.c 2004-01-17 06:50:11.000000000 +0100 -@@ -29,7 +29,7 @@ - * This version is used under SunOS 4.x, Digital UNIX, AIX 4.x, - * and SVR4 systems including Solaris 2. - * -- * $Id: vjcompress.c,v 1.10 1999/09/15 23:49:06 masputra Exp $ -+ * $Id: vjcompress.c,v 1.11 2004/01/17 05:47:55 carlsonj Exp $ - */ - - #include <sys/types.h> -@@ -56,6 +56,10 @@ - #include <netinet/in_systm.h> - #endif - -+#ifdef SOL2 -+#include <sys/sunddi.h> -+#endif -+ - #include <netinet/ip.h> - #include <netinet/tcp.h> - -diff -ruN ppp-2.4.2/ppp.texi ppp-cvs-20040427/ppp.texi ---- ppp-2.4.2/ppp.texi 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/ppp.texi 1996-08-28 08:30:33.000000000 +0200 -@@ -0,0 +1,561 @@ -+\input texinfo @c -*-texinfo-*- -+@setfilename ppp.info -+@settitle PPP -+ -+@iftex -+@finalout -+@end iftex -+ -+@ifinfo -+@format -+START-INFO-DIR-ENTRY -+* PPP: (ppp). Point-to-Point Protocol. -+END-INFO-DIR-ENTRY -+@end format -+ -+@titlepage -+@title PPP-2.x Users' Guide -+@author by Paul Mackerras -+@end titlepage -+ -+@node Top, Introduction, (dir), (dir) -+ -+@ifinfo -+This file documents how to use the ppp-2.x package to set up network -+links over serial lines with the Point-to-Point Protocol. -+ -+@end ifinfo -+ -+@menu -+* Introduction:: Basic concepts of the Point-to-Point -+ Protocol and the ppp-2.x package. -+* Installation:: How to compile and install the software. -+* Configuration:: How to set up your system for -+ establishing a link to another system. -+* Security:: Avoid creating security holes. -+* Compression:: Using compression of various kinds -+ to improve throughput. -+@end menu -+ -+@node Introduction, Installation, Top, Top -+@chapter Introduction -+ -+The Point-to-Point Protocol (PPP) is the protocol of choice for -+establishing network links over serial lines. This package (ppp-2.x) -+provides an implementation of PPP which supports the Internet Protocols -+(TCP/IP, UDP/IP, etc.) and which runs on a range of Unix workstations. -+ -+A typical use of PPP is to provide a network connection, via a modem, -+between a workstation and an Internet Service Provider (ISP). When this -+connection is established, the workstation is connected to the internet, -+and applications running on the workstation can then make connections to -+other hosts anywhere on the internet. This package can be used at -+either or both ends of such a link. -+ -+Features of PPP include: -+@itemize @bullet -+@item -+Multi-protocol support. The PPP packet encapsulation includes a -+protocol field, allowing packets from many different protocols to be -+multiplexed across a single link. -+@item -+Negotiation of link characteristics. During link establishment, the two -+systems negotiate about the link configuration parameters, such as the -+IP addresses of each end of the link. -+@item -+Authentication. Optionally, each system can be configured to require the -+other system to authenticate itself. In this way, access can be -+restricted to authorized systems. -+@item -+Transparency. On asynchronous serial lines, PPP can be configured to -+transmit certain characters as a two-character escape sequence. -+@item -+Compression. PPP includes support for various kinds of compression to -+be applied to the packets before they are transmitted. -+@end itemize -+ -+The ppp-2.x software consists of two parts: -+ -+@itemize @bullet -+ -+@item -+Kernel code, which establishes a network interface and passes packets -+between the serial port, the kernel networking code and the PPP daemon -+(@file{pppd}). This code is implemented using STREAMS modules on -+Solaris 2, SunOS 4.x, AIX 4.1 and OSF/1, and as a tty line discipline -+under Ultrix, NextStep, NetBSD, FreeBSD, and Linux. -+ -+@item -+The PPP daemon (@file{pppd}), which negotiates with the peer to -+establish the link and sets up the ppp network interface. Pppd includes -+support for authentication. It can authenticate itself to the other -+system and/or require the other system to authenticate itself, so that -+you can control which other systems may make a PPP connection and what -+IP addresses they may use. -+@end itemize -+ -+@menu -+* PPP Concepts:: Basic concepts and terms used with PPP. -+* PPP packet format:: How data is packaged up for transmission. -+* LCP negotiation:: The parameters which are negotiated -+ using the Link Control Protocol. -+* IPCP negotiation:: The parameters which are negotiated -+ using the IP Control Protocol. -+@end menu -+ -+@node PPP Concepts, PPP packet format, Introduction, Introduction -+@section PPP Concepts -+ -+To use PPP to provide a network connection between two machines, there -+must be some way that a stream of bytes, or characters, can be passed -+from one to the other, in both directions independently. We refer to -+this as the ``serial link''. Very often the serial link involves -+asynchronous communications ports and modems, but other kinds of serial -+link are possible. -+ -+The serial link must transmit (at least) 8 bits per character; PPP -+cannot work over a serial link which transmits only 7 bits per -+character. However, it need not transmit all byte values transparently. -+PPP has a mechanism to avoid sending certain characters if it is known -+that the some element of the serial link interprets them specially. For -+example, the DC1 and DC3 ASCII characters (control-Q and control-S) may -+be trapped by a modem if it is set for ``software'' flow control. PPP -+can send these characters as a two-character ``escape'' sequence. The -+set of characters which are to be transmitted as an escape sequence is -+represented in an ``async control character map'' (ACCM). The ``async'' -+part refers to the fact that this facility is used for asynchronous -+serial links. For synchronous serial connections, the HDLC bit-stuffing -+procedure is used instead. -+ -+The two systems connected by the serial link are called ``peers''. When -+we are talking from the point of view of one of the systems, the other -+is often referred to as ``the peer''. Sometimes we may refer to one -+system as a ``client'' and the other as a ``server''. This distinction -+refers mainly to the way the serial link is set up; usually the client -+is the peer that initiates the connection, for example by dialling the -+server with its modem. -+ -+During the lifetime of a PPP connection, it proceeds through several -+phases: -+ -+@enumerate -+@item -+Serial link establishment. In this phase, the serial link is set up and -+PPP protocol software is attached to each end of the serial link. The -+precise steps involved in doing this vary greatly, depending on the -+nature of the serial link. For the common case of modems connected -+through the telephone network, this involves first sending commands to -+the modem to cause it to dial the remote system. When the remote system -+answers, the local system usually has to supply a username and password, -+and then issue a command to invoke PPP software on the remote system. -+The ``chat'' program supplied with ppp-2.x provides a way to automate a -+dialog with the modem and the remote system. This phase is not -+standardized; it is outside the scope of the PPP protocol -+specifications. -+ -+@item -+Link Control Protocol (LCP) negotiation. In this phase, the peers send -+LCP packets to each other to negotiate various parameters of the -+connection, such as the ACCM to be used in each direction, whether -+authentication is required, and whether or not to use various forms of -+compression. When the peers reach agreement on these parameters, LCP is -+said to be ``up''. -+ -+@item -+Authentication. If one (or both) of the peers requires the other -+peer to authenticate itself, that occurs next. If one of the peers -+cannot successfully authenticate itself, the other peer terminates the -+link. -+ -+@item -+Network Control Protocol (NCP) negotiation. PPP can potentially support -+several different network protocols, although IP is the only network -+protocol (NP) supported by the ppp-2.x package. Each NP has an -+associated NCP defined for it, which is used to negotiate the specific -+parameters which affect that NP. For example, the IP Control Protocol -+(IPCP) is used to negotiate the IP addresses for each end of the link, -+and whether the TCP header compression method described by Van Jacobsen -+in RFC 1144 (``VJ compression'') is to be used. -+ -+@item -+Network communication. When each NCP has successfully negotiated the -+parameters for its NP, that NCP is said to be ``up''. At that point, -+the PPP link is made available for data traffic from that NP. For -+example, when IPCP comes up, the PPP link is then available for carrying -+IP packets (which of course includes packets from those protocols which -+are layered above IP, such as TCP, UDP, etc.) -+ -+@item -+Termination. When the link is no longer required, it is terminated. -+Usually this involves an exchange of LCP packets so that one peer can -+notify the other that it is shutting down the link, enabling both peers -+to shut down in an orderly manner. But of course there are occasions -+when the link terminates because the serial link is interrupted, for -+example, when a modem loses carrier and hangs up. -+ -+@end enumerate -+ -+The protocols in the PPP family are produced by the Point-to-Point -+Working Group of the Internet Engineering Task Force, and are specified -+in RFC (Request for Comments) documents, available by anonymous FTP from -+several sites. -+ -+PPP is defined in several RFCs, in -+particular RFCs 1661, 1662, and 1334. IPCP is defined in RFC 1332. -+Other RFCs describe the control protocols for other network protocols -+(e.g., DECnet, OSI, Appletalk). RFCs are available by anonymous FTP -+from several sites including nic.ddn.mil, nnsc.nsf.net, nic.nordu.net, -+ftp.nisc.sri.com, and munnari.oz.au. -+ -+@node PPP packet format, LCP negotiation, PPP Concepts, Introduction -+@section PPP packet format -+ -+PPP transmits packets over the serial link using a simple encapsulation -+scheme. First, a two-byte PPP Protocol field is inserted before the -+data to be sent. The value in this field identifies -+which higher-level protocol (either a network protocol such as IP or a -+PPP control protocol such as LCP) should receive the data in the packet. -+By default, a one-byte Address field with the value 0xFF, and a one-byte -+Control field with the value 0x03, are inserted before the PPP Protocol -+field (apparently this is supposed to provide compatibility with HDLC, -+in case there is a synchronous to asynchronous converter in the serial -+link). -+ -+On slow serial links, these fields can be compressed down to one byte in -+most cases. The PPP Address and Control fields are compressed by simply -+omitting them (``address/control compression''). The PPP Protocol field -+values are chosen so that bit 0 (the least-significant bit) of the first -+(most significant) byte is always 0, and bit 0 of the second byte is -+always 1. The PPP Protocol field can be compressed by omitting the -+first byte, provided that it is 0 (``protocol compression''). The -+values for this field are assigned so that the first byte is zero for -+all of the commonly-used network protocols. For example, the PPP -+Protocol field value for IP is 0x21. -+ -+For asynchronous serial links, which do not provide any packet framing -+or transparency, a further encapsulation is used as follows. First a -+16-bit Frame Check Sequence (FCS) is computed over the packet to be -+sent, and appended as two bytes to the end of the packet. -+ -+Then each byte of the packet is examined, and if it contains one of the -+characters which are to be escaped, it is replaced by a two byte -+sequence: the 0x7d character '}', followed by the character with bit 5 -+inverted. For example, the control-C character (0x03) could be replaced -+by the two-byte sequence 0x7d, 0x23 ('}#'). The 0x7d and 0x7e ('~') -+characters are always escaped, and the 0x5e ('^') character may not be -+escaped. -+ -+Finally, a ``flag'' character (0x7e, '~') is inserted at the beginning -+and end of the packet to mark the packet boundaries. The initial flag -+may be omitted if this packet immediately follows another packet, as the -+ending flag for the previous packet can serve as the beginning flag of -+this packet. -+ -+@node LCP negotiation, IPCP negotiation, PPP packet format, Introduction -+@section LCP negotiation -+ -+The LCP negotiation process actually involves two sets of negotiations, -+one for each direction of the PPP connection. Thus A will send B -+packets (``Configure-Requests'') describing what characteristics A would -+like to have apply to the B -> A direction of the link, that is, to the -+packets that A will receive. Similarly B will send A packets describing -+the characteristics it would like to have apply to the packets it will -+be receiving. These characteristics need not necessarily be the same in -+both directions. -+ -+The parameters which are negotiated for each direction of the connection -+using LCP are: -+ -+@itemize @bullet -+@item -+Maximum Receive Unit (MRU): indicates the maximum packet size which we -+are prepared to receive (specifically the maximum size of the -+data portion of the packet). The default value is 1500, but on -+slow serial links, smaller values give better response. The choice of -+MRU is discussed below (see xxx). -+ -+@item -+Async Control Character Map (ACCM): indicates the set of control -+characters (characters with ASCII values in the range 0 - 31) which we -+wish to receive in escaped form. The default is that the sender should -+escape all characters in the range 0 - 31. -+ -+@item -+Authentication Protocol: indicates which protocol we would like the peer -+to use to authenticate itself. Common choices are the Password -+Authentication Protocol (PAP) and the Cryptographic Handshake -+Authentication Protocol (CHAP). -+ -+@item -+Quality Protocol: indicates which protocol which we would like the peer -+to use to send us link quality reports. The ppp-2.x package does not -+currently support link quality reports. -+ -+@item -+Magic Number: a randomly-chosen number, different from the peer's magic -+number. If we persistently receive our own magic number in the peer's -+configure-request packets, then we can conclude that the serial link is -+looped back. -+ -+@item -+Protocol Field Compression: indicates that we wish the peer to compress -+the PPP Protocol field to one byte, where possible, in the packets it -+sends. -+ -+@item -+Address/Control Field Compression: indicates that we wish the peer to -+compress the PPP Address/Control fields (by simply omitting them) in the -+packets it sends. -+@end itemize -+ -+@node IPCP negotiation, , LCP negotiation, Introduction -+@section IPCP negotiation -+ -+The IPCP negotiation process is very similar to the LCP negotiation -+process, except that of course different parameters are negotiated. -+The parameters which are negotiated using IPCP are: -+ -+@itemize @bullet -+@item -+IP Address: the IP address (32-bit host IP number) which we plan to use -+as the local address for our end of the link. -+ -+@item -+TCP header compression: indicates (a) that we wish the peer to compress -+the TCP/IP headers of TCP/IP packets that it sends, using the Van -+Jacobson algorithm as described in RFC1144; (b) the maximum slot ID that -+we wish the peer to use, and (c) whether we are prepared to accept -+packets with the slot ID field compressed (omitted). -+ -+With Van Jacobson (VJ) compression, the receiver and transmitter (for -+one direction of the connection) both keep a table, with a certain -+number of ``slots'', where each slot holds the TCP/IP header of the most -+recently transmitted packet for one TCP connection. If a packet is to -+be transmitted for a TCP connection which does not have a slot currently -+allocated, the VJ scheme will allocate one of the slots and send the -+entire TCP/IP header, together with the slot number. For many packets, -+there will be a slot already allocated for the TCP connection, and the -+VJ scheme will then often be able to replace the entire TCP/IP header -+with a much smaller compressed header (typically only 3 - 7 bytes) -+describing which fields of the TCP/IP header have changed, and by how -+much. If there are many more active connections than slots, the -+efficiency of the VJ scheme will drop, because it will not be able to -+send compressed headers as often. -+ -+Usually the compressed header includes a one-byte slot index, indicating -+which TCP connection the packet is for. It is possible to reduce the -+header size by omitting the slot index when the packet has the same slot -+index as the previous packet. However, this introduces a danger if the -+lower levels of the PPP software can sometimes drop damaged packets -+without informing the VJ decompressor, as it may then assume the wrong -+slot index for packets which have the slot index field omitted. With -+the ppp-2.x software, however, the probability of this happening is -+generally very small (see xxx). -+ -+@end itemize -+ -+@node Installation, Configuration, Introduction, Top -+@chapter Installation -+ -+Because ppp-2.x includes code which must be incorporated into the -+kernel, its installation process is necessarily quite heavily -+system-dependent. In addition, you will require super-user privileges -+(root access) to install the code. -+ -+Some systems provide a ``modload'' facility, which allows you to load -+new code into a running kernel without relinking the kernel or -+rebooting. Under Solaris 2, SunOS 4.x, Linux, OSF/1 and NextStep, this -+is the recommended (or only) way to install the kernel portion of the -+ppp-2.x package. -+ -+Under the remaining supported operating systems (NetBSD, FreeBSD, -+Ultrix), it is necessary to go through the process of creating a new -+kernel image and reboot. (Note that NetBSD and FreeBSD have a modload -+facility, but ppp-2.x is currently not configured to take advantage of -+it.) -+ -+Detailed installation instructions for each operating system are -+contained in the README files in the ppp-2.x distribution. In general, -+the process involves executing the commands @samp{./configure}, -+@samp{make} and (as root) @samp{make install} in the ppp-2.x -+distribution directory. (The Linux port requires the installation of -+some header files before compiling; see README.linux for details.) -+ -+@node Configuration, Security, Installation, Top -+@chapter Configuration -+ -+Once the ppp-2.x software is installed, you need to configure your -+system for the particular PPP connections you wish to allow. Typically, -+the elements you need to configure are: -+ -+@itemize @bullet -+@item -+How the serial link is established and how pppd gets invoked. -+@item -+Setting up syslog to log messages from pppd to the console and/or -+system log files. -+@item -+Pppd options to be used. -+@item -+Authentication secrets to use in authenticating us to the peer -+and/or the peer to us. -+@item -+The IP addresses for each end of the link. -+@end itemize -+ -+In most cases, the system you are configuring will either be a -+@dfn{client} system, actively initiating a PPP connection on user -+request, or it will be a @dfn{server} system, passively waiting for -+connections from client systems. Other arrangements are possible, but -+the instructions in this system assume that you are configuring either a -+client or a server. -+ -+These instructions also assume that the serial link involves a serial -+communications port (that is, a tty device), since pppd requires a -+serial port. -+ -+@menu -+* Client machines:: -+* Server machines:: -+* Setting up syslog:: -+* Pppd options:: -+* Authentication secrets files:: -+* IP Addresses:: -+@end menu -+ -+@node Client machines, Server machines, Configuration, Configuration -+@section Client machines -+ -+On a client machine, the way that the user requests that a connection be -+established is by running pppd, either directly or through a shell -+script. Pppd should be given the name of the serial port to use as an -+option. In this mode, pppd will fork and detach itself from its -+controlling terminal, so that the shell will return to its prompt. (If -+this behaviour is not desired, use the -detach option.) -+ -+Usually, the connect option should also be used. The connect option -+takes an argument which is a command to run to establish the serial link -+and invoke PPP software on the remote machine. This command is run with -+its standard input and standard output connected to the serial port. -+Giving the connect option to pppd also has the side-effect of causing -+pppd to open the serial port without waiting for the modem carrier -+detect signal. -+ -+The process of establishing the serial link often involves a dialog. If -+the serial port is connected to a modem, we first need to send some -+commands to the modem to configure it and dial the remote system. Often -+there is then a dialog with the remote system to supply a username and -+password. The @file{chat} program supplied with the ppp-2.x package is -+useful for automating such dialogs. Chat uses a @dfn{script} consisting -+of alternately strings to expect to receive on the serial port, and -+strings to send on the serial port. The script can also specify strings -+which indicate an error and abort the dialog. -+ -+@node Server machines, , Client machines, Configuration -+@section Server machines -+ -+There are generally three ways in which a server machine can be set up -+to allow client machines to establish a PPP link: -+ -+@enumerate -+@item -+Client machines log in as regular users (often via a serial port -+connected to a modem, but possibly through a telnet or rlogin session) -+and then run pppd as a shell command. -+@item -+Client machines log in using a username whose login shell is pppd -+or a script which runs pppd. -+@item -+Client machines connect to a serial port which has a pppd running -+permanently on it (instead of a "getty" or other program providing a -+login service). -+@end enumerate -+ -+Method 1 is very simple to set up, and is useful where existing users of -+a system have remote machines (for example at home) from which they want -+to establish a PPP connection from time to time. Methods 2 and 3 -+possibly have a security advantage in that they do not allow PPP client -+systems access to a shell. Method 2 allows regular logins and PPP -+connections on the same port, while with method 3, would-be crackers may -+well be frustrated (unless they speak fluent PPP). -+ -+With any of these methods, I strongly recommend that you configure PPP -+to require authentication from the client, by including the `auth' -+option in the /etc/ppp/options file. -+ -+@node Setting up syslog, , Server machines, Configuration -+@section Setting up syslog -+ -+Pppd uses the @file{syslog} facility to report information about the -+state of the connection, as does @file{chat}. It is useful to set up -+syslog to print some of these messages on the console, and to record -+most of them to a file. The messages from pppd are logged with facility -+@samp{daemon} and one of three levels: -+@itemize @bullet -+@item -+@samp{notice} for messages about important events such as the -+connection becoming available for IP traffic and the local and remote IP -+addresses in use. -+@item -+@samp{info} for messages about less important events, such as -+detecting a modem hangup. -+@item -+@samp{debug} for messages which are of use in working out why the -+connection is not working properly. -+@end itemize -+ -+The messages from chat are logged with facility @samp{local2} and level -+@samp{debug}. -+ -+Syslog is controlled by the syslog configuration file -+@file{/etc/syslog.conf}. Generally the standard configuration will log -+facility @samp{daemon} messages with level @samp{notice} and above to a -+system log file such as @file{/var/log/syslog} (the name may vary on -+different systems). I find it useful to have the notice level messages -+from pppd displayed on the console, and all messages from pppd and chat -+logged to a file such as @file{/etc/ppp/log}. To achieve this, -+find the line in /etc/syslog.conf which has /dev/console -+on the right-hand side, and add `daemon.notice' on the left. This -+line should end up something like this: -+ -+@example -+*.err;kern.debug;auth.notice;mail.crit;daemon.notice /dev/console -+@end example -+ -+And add a line like this: -+ -+@example -+daemon,local2.debug /etc/ppp/log -+@end example -+ -+The space between the left and right hand sides is one or more tabs, not -+spaces, and there are no tabs or spaces at the beginning of the line. -+ -+You will need to create an empty @file{/etc/ppp/log} file; syslogd will -+not create it. Once you have modified @file{/etc/syslog.conf}, you need -+to either reboot or notify syslogd to re-read the file. On most -+systems, you notify syslogd by sending it a SIGHUP signal. Syslogd's -+process ID is usually stored in a file such as @file{/etc/syslogd.pid} -+or @file{/var/run/syslog.pid}. Thus you can notify syslogd to re-read -+the file by executing a command such as: -+ -+@example -+kill -HUP `cat /etc/syslogd.pid` -+@end example -+ -+@node Pppd options, , Setting up syslog, Configuration -+@section Pppd options -+ -+@node Authentication secrets files, , Pppd options, Configuration -+@section Authentication secrets files -+ -+@node IP Addresses, , Authentication secrets files, Configuration -+@section IP Addresses -+ -+@node Security, Compression, Configuration, Top -+@chapter Security -+ -+@node Compression, , Security, Top -+@chapter Compression -+ -+@bye -diff -ruN ppp-2.4.2/pppd/Makefile.sol2 ppp-cvs-20040427/pppd/Makefile.sol2 ---- ppp-2.4.2/pppd/Makefile.sol2 2003-11-27 22:25:25.000000000 +0100 -+++ ppp-cvs-20040427/pppd/Makefile.sol2 2002-11-02 20:50:09.000000000 +0100 -@@ -1,6 +1,6 @@ - # - # Makefile for pppd under Solaris 2. --# $Id: Makefile.sol2,v 1.24 2003/11/27 21:25:25 paulus Exp $ -+# $Id: Makefile.sol2,v 1.23 2002/11/02 19:48:12 carlsonj Exp $ - # - - include ../Makedefs.com -@@ -8,8 +8,8 @@ - CFLAGS = -I../include -DSVR4 -DSOL2 $(COPTS) - LIBS = -lsocket -lnsl - --OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o eap.o md5.o \ -- tty.o ccp.o ecp.o auth.o options.o demand.o utils.o sys-solaris.o -+OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o eap.o md5.o tty.o \ -+ ccp.o ecp.o auth.o options.o demand.o utils.o sys-solaris.o - - # - # uncomment the following to enable plugins -diff -ruN ppp-2.4.2/pppd/Makefile.sunos4 ppp-cvs-20040427/pppd/Makefile.sunos4 ---- ppp-2.4.2/pppd/Makefile.sunos4 2003-11-27 22:25:25.000000000 +0100 -+++ ppp-cvs-20040427/pppd/Makefile.sunos4 2002-11-02 20:50:09.000000000 +0100 -@@ -1,6 +1,6 @@ - # - # Makefile for pppd under SunOS 4. --# $Id: Makefile.sunos4,v 1.14 2003/11/27 21:25:25 paulus Exp $ -+# $Id: Makefile.sunos4,v 1.13 2002/11/02 19:48:12 carlsonj Exp $ - # - - include ../sunos4/Makedefs -@@ -12,7 +12,7 @@ - - all: pppd - --OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap-new.o md5.o ccp.o ecp.o \ -+OBJS = main.o magic.o fsm.o lcp.o ipcp.o upap.o chap.o md5.o ccp.o ecp.o \ - auth.o options.o demand.o utils.o sys-sunos4.o tty.o eap.o - - pppd: $(OBJS) -diff -ruN ppp-2.4.2/pppd/chap-new.c ppp-cvs-20040427/pppd/chap-new.c ---- ppp-2.4.2/pppd/chap-new.c 2003-11-27 23:22:36.000000000 +0100 -+++ ppp-cvs-20040427/pppd/chap-new.c 2004-01-17 06:50:11.000000000 +0100 -@@ -33,7 +33,7 @@ - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - --#define RCSID "$Id: chap-new.c,v 1.3 2003/11/27 22:22:36 paulus Exp $" -+#define RCSID "$Id: chap-new.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $" - - #include <stdlib.h> - #include <string.h> -@@ -49,7 +49,7 @@ - int (*chap_verify_hook)(char *name, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, unsigned char *response, -- unsigned char *message, int message_space) = NULL; -+ char *message, int message_space) = NULL; - - /* - * Option variables. -@@ -119,7 +119,7 @@ - static int chap_verify_response(char *name, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, unsigned char *response, -- unsigned char *message, int message_space); -+ char *message, int message_space); - static void chap_respond(struct chap_client_state *cs, int id, - unsigned char *pkt, int len); - static void chap_handle_status(struct chap_client_state *cs, int code, int id, -@@ -306,11 +306,11 @@ - { - int response_len, ok, mlen; - unsigned char *response, *p; -- unsigned char *name = NULL; /* initialized to shut gcc up */ -+ char *name = NULL; /* initialized to shut gcc up */ - int (*verifier)(char *, char *, int, struct chap_digest_type *, -- unsigned char *, unsigned char *, unsigned char *, int); -+ unsigned char *, unsigned char *, char *, int); - char rname[MAXNAMELEN+1]; -- unsigned char message[256]; -+ char message[256]; - - if ((ss->flags & LOWERUP) == 0) - return; -@@ -322,7 +322,7 @@ - response = pkt; - GETCHAR(response_len, pkt); - len -= response_len + 1; /* length of name */ -- name = pkt + response_len; -+ name = (char *)pkt + response_len; - if (len < 0) - return; - -@@ -391,14 +391,14 @@ - chap_verify_response(char *name, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, unsigned char *response, -- unsigned char *message, int message_space) -+ char *message, int message_space) - { - int ok; -- char secret[MAXSECRETLEN]; -+ unsigned char secret[MAXSECRETLEN]; - int secret_len; - - /* Get the secret that the peer is supposed to know */ -- if (!get_secret(0, name, ourname, secret, &secret_len, 1)) { -+ if (!get_secret(0, name, ourname, (char *)secret, &secret_len, 1)) { - error("No CHAP secret found for authenticating %q", name); - return 0; - } -diff -ruN ppp-2.4.2/pppd/chap-new.h ppp-cvs-20040427/pppd/chap-new.h ---- ppp-2.4.2/pppd/chap-new.h 2003-06-11 14:47:31.000000000 +0200 -+++ ppp-cvs-20040427/pppd/chap-new.h 2004-01-17 06:50:12.000000000 +0100 -@@ -123,7 +123,7 @@ - extern int (*chap_verify_hook)(char *name, char *ourname, int id, - struct chap_digest_type *digest, - unsigned char *challenge, unsigned char *response, -- unsigned char *message, int message_space); -+ char *message, int message_space); - - /* Called by digest code to register a digest type */ - extern void chap_register_digest(struct chap_digest_type *); -diff -ruN ppp-2.4.2/pppd/chap_ms.c ppp-cvs-20040427/pppd/chap_ms.c ---- ppp-2.4.2/pppd/chap_ms.c 2003-11-18 11:42:56.000000000 +0100 -+++ ppp-cvs-20040427/pppd/chap_ms.c 2004-04-14 04:40:21.000000000 +0200 -@@ -74,7 +74,7 @@ - * - */ - --#define RCSID "$Id: chap_ms.c,v 1.30 2003/07/10 17:59:33 fcusack Exp $" -+#define RCSID "$Id: chap_ms.c,v 1.31 2004/04/14 02:39:39 carlsonj Exp $" - - #ifdef CHAPMS - -@@ -164,9 +164,11 @@ - chapms_generate_challenge(unsigned char *challenge) - { - *challenge++ = 8; -+#ifdef DEBUGMPPEKEY - if (mschap_challenge && strlen(mschap_challenge) == 8) - memcpy(challenge, mschap_challenge, 8); - else -+#endif - random_bytes(challenge, 8); - } - -@@ -174,9 +176,11 @@ - chapms2_generate_challenge(unsigned char *challenge) - { - *challenge++ = 16; -+#ifdef DEBUGMPPEKEY - if (mschap_challenge && strlen(mschap_challenge) == 16) - memcpy(challenge, mschap_challenge, 16); - else -+#endif - random_bytes(challenge, 16); - } - -@@ -207,7 +211,7 @@ - #endif - - /* Generate the expected response. */ -- ChapMS(challenge, secret, secret_len, &md); -+ ChapMS(challenge, (char *)secret, secret_len, &md); - - #ifdef MSLANMAN - /* Determine which part of response to verify against */ -@@ -250,8 +254,8 @@ - - /* Generate the expected response and our mutual auth. */ - ChapMS2(challenge, rmd->PeerChallenge, name, -- secret, secret_len, &md, -- saresponse, MS_CHAP2_AUTHENTICATOR); -+ (char *)secret, secret_len, &md, -+ (unsigned char *)saresponse, MS_CHAP2_AUTHENTICATOR); - - /* compare MDs and send the appropriate status */ - /* -@@ -326,8 +330,13 @@ - { - challenge++; /* skip length, should be 16 */ - *response++ = MS_CHAP2_RESPONSE_LEN; -- ChapMS2(challenge, mschap2_peer_challenge, our_name, -- secret, secret_len, -+ ChapMS2(challenge, -+#ifdef DEBUGMPPEKEY -+ mschap2_peer_challenge, -+#else -+ NULL, -+#endif -+ our_name, secret, secret_len, - (MS_Chap2Response *) response, private, - MS_CHAP2_AUTHENTICATEE); - } -@@ -335,7 +344,8 @@ - static int - chapms2_check_success(unsigned char *msg, int len, unsigned char *private) - { -- if ((len < MS_AUTH_RESPONSE_LENGTH + 2) || strncmp(msg, "S=", 2)) { -+ if ((len < MS_AUTH_RESPONSE_LENGTH + 2) || -+ strncmp((char *)msg, "S=", 2) != 0) { - /* Packet does not start with "S=" */ - error("MS-CHAPv2 Success packet is badly formed."); - return 0; -@@ -351,7 +361,7 @@ - /* Authenticator Response matches. */ - msg += MS_AUTH_RESPONSE_LENGTH; /* Eat it */ - len -= MS_AUTH_RESPONSE_LENGTH; -- if ((len >= 3) && !strncmp(msg, " M=", 3)) { -+ if ((len >= 3) && !strncmp((char *)msg, " M=", 3)) { - msg += 3; /* Eat the delimiter */ - } else if (len) { - /* Packet has extra text which does not begin " M=" */ -@@ -477,7 +487,7 @@ - SHA1_Init(&sha1Context); - SHA1_Update(&sha1Context, PeerChallenge, 16); - SHA1_Update(&sha1Context, rchallenge, 16); -- SHA1_Update(&sha1Context, user, strlen(user)); -+ SHA1_Update(&sha1Context, (unsigned char *)user, strlen(user)); - SHA1_Final(sha1Hash, &sha1Context); - - BCOPY(sha1Hash, Challenge, 8); -@@ -512,7 +522,7 @@ - MD4_CTX md4Context; - - MD4Init(&md4Context); -- MD4Update(&md4Context, secret, mdlen); -+ MD4Update(&md4Context, (unsigned char *)secret, mdlen); - MD4Final(hash, &md4Context); - - } -@@ -526,7 +536,7 @@ - - /* Hash the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); -- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); -+ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); - - ChallengeResponse(rchallenge, PasswordHash, NTResponse); - } -@@ -539,11 +549,12 @@ - u_char PasswordHash[MD4_SIGNATURE_SIZE]; - u_char Challenge[8]; - -- ChallengeHash(PeerChallenge, rchallenge, username, Challenge); -+ ChallengeHash(PeerChallenge, (unsigned char *)rchallenge, username, -+ Challenge); - - /* Hash the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); -- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); -+ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); - - ChallengeResponse(Challenge, PasswordHash, NTResponse); - } -@@ -603,8 +614,9 @@ - - /* Hash (x2) the Unicode version of the secret (== password). */ - ascii2unicode(secret, secret_len, unicodePassword); -- NTPasswordHash(unicodePassword, secret_len * 2, PasswordHash); -- NTPasswordHash(PasswordHash, sizeof(PasswordHash), PasswordHashHash); -+ NTPasswordHash((char *)unicodePassword, secret_len * 2, PasswordHash); -+ NTPasswordHash((char *)PasswordHash, sizeof(PasswordHash), -+ PasswordHashHash); - - SHA1_Init(&sha1Context); - SHA1_Update(&sha1Context, PasswordHashHash, sizeof(PasswordHashHash)); -@@ -622,7 +634,7 @@ - - /* Convert to ASCII hex string. */ - for (i = 0; i < MAX((MS_AUTH_RESPONSE_LENGTH / 2), sizeof(Digest)); i++) -- sprintf(&authResponse[i * 2], "%02X", Digest[i]); -+ sprintf((char *)&authResponse[i * 2], "%02X", Digest[i]); - } - - -@@ -825,7 +837,7 @@ - sizeof(response->PeerChallenge)); - - /* Generate the NT-Response */ -- ChapMS2_NT(rchallenge, response->PeerChallenge, user, -+ ChapMS2_NT((char *)rchallenge, response->PeerChallenge, user, - secret, secret_len, response->NTResp); - - /* Generate the Authenticator Response. */ -diff -ruN ppp-2.4.2/pppd/fsm.c ppp-cvs-20040427/pppd/fsm.c ---- ppp-2.4.2/pppd/fsm.c 2003-06-29 12:06:14.000000000 +0200 -+++ ppp-cvs-20040427/pppd/fsm.c 2004-02-02 05:00:11.000000000 +0100 -@@ -40,7 +40,7 @@ - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - --#define RCSID "$Id: fsm.c,v 1.20 2003/06/29 10:06:14 paulus Exp $" -+#define RCSID "$Id: fsm.c,v 1.22 2004/02/02 03:57:19 carlsonj Exp $" - - /* - * TODO: -@@ -201,6 +201,44 @@ - } - } - -+/* -+ * terminate_layer - Start process of shutting down the FSM -+ * -+ * Cancel any timeout running, notify upper layers we're done, and -+ * send a terminate-request message as configured. -+ */ -+static void -+terminate_layer(f, nextstate) -+ fsm *f; -+ int nextstate; -+{ -+ if( f->state != OPENED ) -+ UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ -+ else if( f->callbacks->down ) -+ (*f->callbacks->down)(f); /* Inform upper layers we're down */ -+ -+ /* Init restart counter and send Terminate-Request */ -+ f->retransmits = f->maxtermtransmits; -+ fsm_sdata(f, TERMREQ, f->reqid = ++f->id, -+ (u_char *) f->term_reason, f->term_reason_len); -+ -+ if (f->retransmits == 0) { -+ /* -+ * User asked for no terminate requests at all; just close it. -+ * We've already fired off one Terminate-Request just to be nice -+ * to the peer, but we're not going to wait for a reply. -+ */ -+ f->state = nextstate == CLOSING ? CLOSED : STOPPED; -+ if( f->callbacks->finished ) -+ (*f->callbacks->finished)(f); -+ return; -+ } -+ -+ TIMEOUT(fsm_timeout, f, f->timeouttime); -+ --f->retransmits; -+ -+ f->state = nextstate; -+} - - /* - * fsm_close - Start closing connection. -@@ -230,19 +268,7 @@ - case ACKRCVD: - case ACKSENT: - case OPENED: -- if( f->state != OPENED ) -- UNTIMEOUT(fsm_timeout, f); /* Cancel timeout */ -- else if( f->callbacks->down ) -- (*f->callbacks->down)(f); /* Inform upper layers we're down */ -- -- /* Init restart counter, send Terminate-Request */ -- f->retransmits = f->maxtermtransmits; -- fsm_sdata(f, TERMREQ, f->reqid = ++f->id, -- (u_char *) f->term_reason, f->term_reason_len); -- TIMEOUT(fsm_timeout, f, f->timeouttime); -- --f->retransmits; -- -- f->state = CLOSING; -+ terminate_layer(f, CLOSING); - break; - } - } -@@ -689,17 +715,7 @@ - break; - - case OPENED: -- if( f->callbacks->down ) -- (*f->callbacks->down)(f); -- -- /* Init restart counter, send Terminate-Request */ -- f->retransmits = f->maxtermtransmits; -- fsm_sdata(f, TERMREQ, f->reqid = ++f->id, -- (u_char *) f->term_reason, f->term_reason_len); -- TIMEOUT(fsm_timeout, f, f->timeouttime); -- --f->retransmits; -- -- f->state = STOPPING; -+ terminate_layer(f, STOPPING); - break; - - default: -diff -ruN ppp-2.4.2/pppd/main.c ppp-cvs-20040427/pppd/main.c ---- ppp-2.4.2/pppd/main.c 2004-01-13 05:00:34.000000000 +0100 -+++ ppp-cvs-20040427/pppd/main.c 2004-04-12 13:25:19.000000000 +0200 -@@ -40,7 +40,7 @@ - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - --#define RCSID "$Id: main.c,v 1.131 2004/01/13 04:00:34 paulus Exp $" -+#define RCSID "$Id: main.c,v 1.136 2004/04/12 11:20:19 paulus Exp $" - - #include <stdio.h> - #include <ctype.h> -@@ -150,6 +150,7 @@ - int got_sigterm; - int got_sighup; - -+static sigset_t signals_handled; - static int waiting; - static sigjmp_buf sigjmp; - -@@ -648,16 +649,15 @@ - handle_events() - { - struct timeval timo; -- sigset_t mask; - - kill_link = open_ccp_flag = 0; - if (sigsetjmp(sigjmp, 1) == 0) { -- sigprocmask(SIG_BLOCK, &mask, NULL); -+ sigprocmask(SIG_BLOCK, &signals_handled, NULL); - if (got_sighup || got_sigterm || got_sigusr2 || got_sigchld) { -- sigprocmask(SIG_UNBLOCK, &mask, NULL); -+ sigprocmask(SIG_UNBLOCK, &signals_handled, NULL); - } else { - waiting = 1; -- sigprocmask(SIG_UNBLOCK, &mask, NULL); -+ sigprocmask(SIG_UNBLOCK, &signals_handled, NULL); - wait_input(timeleft(&timo)); - } - } -@@ -692,19 +692,18 @@ - setup_signals() - { - struct sigaction sa; -- sigset_t mask; - - /* - * Compute mask of all interesting signals and install signal handlers - * for each. Only one signal handler may be active at a time. Therefore, - * all other signals should be masked when any handler is executing. - */ -- sigemptyset(&mask); -- sigaddset(&mask, SIGHUP); -- sigaddset(&mask, SIGINT); -- sigaddset(&mask, SIGTERM); -- sigaddset(&mask, SIGCHLD); -- sigaddset(&mask, SIGUSR2); -+ sigemptyset(&signals_handled); -+ sigaddset(&signals_handled, SIGHUP); -+ sigaddset(&signals_handled, SIGINT); -+ sigaddset(&signals_handled, SIGTERM); -+ sigaddset(&signals_handled, SIGCHLD); -+ sigaddset(&signals_handled, SIGUSR2); - - #define SIGNAL(s, handler) do { \ - sa.sa_handler = handler; \ -@@ -712,7 +711,7 @@ - fatal("Couldn't establish signal handler (%d): %m", s); \ - } while (0) - -- sa.sa_mask = mask; -+ sa.sa_mask = signals_handled; - sa.sa_flags = 0; - SIGNAL(SIGHUP, hup); /* Hangup */ - SIGNAL(SIGINT, term); /* Interrupt */ -@@ -1173,6 +1172,7 @@ - info("Connect time %d.%d minutes.", t/10, t%10); - info("Sent %u bytes, received %u bytes.", - link_stats.bytes_out, link_stats.bytes_in); -+ link_stats_valid = 0; - } - } - -@@ -1329,6 +1329,7 @@ - - /* - * kill_my_pg - send a signal to our process group, and ignore it ourselves. -+ * We assume that sig is currently blocked. - */ - static void - kill_my_pg(sig) -@@ -1336,10 +1337,22 @@ - { - struct sigaction act, oldact; - -+ sigemptyset(&act.sa_mask); /* unnecessary in fact */ - act.sa_handler = SIG_IGN; - act.sa_flags = 0; -- sigaction(sig, &act, &oldact); - kill(0, sig); -+ /* -+ * The kill() above made the signal pending for us, as well as -+ * the rest of our process group, but we don't want it delivered -+ * to us. It is blocked at the moment. Setting it to be ignored -+ * will cause the pending signal to be discarded. If we did the -+ * kill() after setting the signal to be ignored, it is unspecified -+ * (by POSIX) whether the signal is immediately discarded or left -+ * pending, and in fact Linux would leave it pending, and so it -+ * would be delivered after the current signal handler exits, -+ * leading to an infinite loop. -+ */ -+ sigaction(sig, &act, &oldact); - sigaction(sig, &oldact, NULL); - } - -diff -ruN ppp-2.4.2/pppd/plugins/Makefile ppp-cvs-20040427/pppd/plugins/Makefile ---- ppp-2.4.2/pppd/plugins/Makefile 2004-01-13 04:56:24.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/Makefile 1970-01-01 01:00:00.000000000 +0100 -@@ -1,38 +0,0 @@ --CC = gcc --COPTS = -O2 -g --CFLAGS = $(COPTS) -I.. -I../../include -fPIC --LDFLAGS = -shared --INSTALL = install -o root -- --SUBDIRS := rp-pppoe --# Uncomment the next line to include the radius authentication plugin --# SUBDIRS += radius --PLUGINS := minconn.so passprompt.so passwordfd.so -- --# include dependencies if present --ifeq (.depend,$(wildcard .depend)) --include .depend --endif -- --all: $(PLUGINS) -- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d all; done -- --%.so: %.c -- $(CC) -o $@ $(LDFLAGS) $(CFLAGS) $^ -- --VERSION = $(shell awk -F '"' '/VERSION/ { print $$2; }' ../patchlevel.h) --LIBDIR = $(DESTDIR)/usr/lib/pppd/$(VERSION) -- --install: $(PLUGINS) -- $(INSTALL) -d $(LIBDIR) -- $(INSTALL) $? $(LIBDIR) -- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d INSTALL=$(INSTALL) \ -- LIBDIR=$(LIBDIR) install; done -- --clean: -- rm -f *.o *.so *.a -- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d clean; done -- --depend: -- $(CPP) -M $(CFLAGS) *.c >.depend -- for d in $(SUBDIRS); do $(MAKE) $(MFLAGS) -C $$d depend; done -diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/CVS/Entries 2002-12-04 22:49:09.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,7 +0,0 @@ --/pppd-radattr.8/1.1/Tue Jan 22 16:03:00 2002// --/pppd-radius.8/1.4/Tue Apr 2 13:55:00 2002// --/radattr.c/1.1/Tue Jan 22 16:03:00 2002// --D/radiusclient//// --/Makefile.linux/1.5/Sat Nov 9 11:24:42 2002// --/radrealms.c/1.1/Sat Oct 5 04:35:24 2002// --/radius.c/1.18/Wed Dec 4 21:49:09 2002// -diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/CVS/Repository 2002-09-07 12:37:51.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius -diff -ruN ppp-2.4.2/pppd/plugins/radius/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/CVS/Root 2002-09-07 12:37:51.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/Makefile ppp-cvs-20040427/pppd/plugins/radius/Makefile ---- ppp-2.4.2/pppd/plugins/radius/Makefile 2002-11-09 12:24:42.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/radius/Makefile 1970-01-01 01:00:00.000000000 +0100 -@@ -1,74 +0,0 @@ --# Makefile for RADIUS plugin --# --# Copyright 2002 Roaring Penguin Software Inc. --# -- --MANDIR=/usr/man --PLUGIN=radius.so radattr.so radrealms.so --CFLAGS=-I../.. -I../../../include -Iradiusclient/include -O2 -- --# Uncomment the next line to include support for Microsoft's --# MS-CHAP authentication protocol. --CHAPMS=y --# Uncomment the next line to include support for MPPE. --MPPE=y --# Uncomment the next lint to include support for traffic limiting --MAXOCTETS=y -- --ifdef CHAPMS --CFLAGS += -DCHAPMS=1 --ifdef MPPE --CFLAGS += -DMPPE=1 --endif --endif --ifdef MAXOCTETS --CFLAGS += -DMAXOCTETS=1 --endif -- --all: $(PLUGIN) -- --install: all -- $(MAKE) $(MFLAGS) -C radiusclient install -- $(INSTALL) -d -m 755 $(LIBDIR) -- $(INSTALL) -s -c -m 755 radius.so $(LIBDIR) -- $(INSTALL) -s -c -m 755 radattr.so $(LIBDIR) -- $(INSTALL) -s -c -m 755 radrealms.so $(LIBDIR) -- $(INSTALL) -c -m 444 pppd-radius.8 $(MANDIR)/man8 -- $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)/man8 -- --radius.so: radiusclient/lib/.libs/libradiusclient.a radius.o -- gcc -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a -- --radattr.so: radattr.o -- gcc -o radattr.so -shared radattr.o -- --radrealms.so: radrealms.o -- gcc -o radrealms.so -shared radrealms.o -- --radius.o: radius.c -- gcc $(CFLAGS) -c -o radius.o -fPIC radius.c -- --radattr.o: radattr.c -- gcc $(CFLAGS) -c -o radattr.o -fPIC radattr.c -- --radrealms.o: radrealms.c -- gcc $(CFLAGS) -c -o radrealms.o -fPIC radrealms.c -- --radiusclient/lib/.libs/libradiusclient.a: -- test -r radiusclient/Makefile || \ -- (cd radiusclient; \ -- ./configure --prefix=/usr \ -- --sysconfdir=/etc \ -- --enable-shared \ -- --enable-static) -- $(MAKE) -C radiusclient -- --clean: -- $(MAKE) $(MFLAGS) -C radiusclient clean -- rm -f *.o *.so -- --distclean: -- rm -f *.o *.so -- $(MAKE) $(MFLAGS) -C radiusclient distclean -- --dist-clean: distclean -diff -ruN ppp-2.4.2/pppd/plugins/radius/pppd-radius.8 ppp-cvs-20040427/pppd/plugins/radius/pppd-radius.8 ---- ppp-2.4.2/pppd/plugins/radius/pppd-radius.8 2002-04-02 15:55:00.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/pppd-radius.8 2004-03-26 14:30:16.000000000 +0100 -@@ -1,5 +1,5 @@ - .\" manual page [] for RADIUS plugin for pppd 2.4 --.\" $Id: pppd-radius.8,v 1.4 2002/04/02 13:55:00 dfs Exp $ -+.\" $Id: pppd-radius.8,v 1.5 2004/03/26 13:27:17 kad Exp $ - .\" SH section heading - .\" SS subsection heading - .\" LP paragraph -@@ -40,6 +40,15 @@ - used, then the plugin uses - .I /etc/radiusclient/radiusclient.conf - as the configuration file. -+.TP -+.BI "avpair " attribute=value -+Adds an Attribute-Value pair to be passed on to the RADIUS server on each request. -+.TP -+.BI map-to-ifname -+Sets Radius NAS-Port attribute to number equal to interface name (Default) -+.TP -+.BI map-to-ttyname -+Sets Radius NAS-Port attribute value via libradiusclient library - - .SH USAGE - To use the plugin, simply supply the -diff -ruN ppp-2.4.2/pppd/plugins/radius/radius.c ppp-cvs-20040427/pppd/plugins/radius/radius.c ---- ppp-2.4.2/pppd/plugins/radius/radius.c 2004-01-13 03:26:11.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/radius/radius.c 2004-04-12 07:20:16.000000000 +0200 -@@ -24,7 +24,7 @@ - * - ***********************************************************************/ - static char const RCSID[] = --"$Id: radius.c,v 1.22 2004/01/11 08:01:30 paulus Exp $"; -+"$Id: radius.c,v 1.25 2004/04/12 05:16:37 kad Exp $"; - - #include "pppd.h" - #include "chap-new.h" -@@ -52,10 +52,15 @@ - char *vpstr; - struct avpopt *next; - } *avpopt = NULL; -+static bool portnummap = 0; - - static option_t Options[] = { - { "radius-config-file", o_string, &config_file }, - { "avpair", o_special, add_avp }, -+ { "map-to-ttyname", o_bool, &portnummap, -+ "Set Radius NAS-Port attribute value via libradiusclient library", OPT_PRIO | 1 }, -+ { "map-to-ifname", o_bool, &portnummap, -+ "Set Radius NAS-Port attribute to number as in interface name (Default)", OPT_PRIOSUB | 0 }, - { NULL } - }; - -@@ -264,7 +269,7 @@ - - /* Hack... the "port" is the ppp interface number. Should really be - the tty */ -- rstate.client_port = get_client_port(ifname); -+ rstate.client_port = get_client_port(portnummap ? devnam : ifname); - - av_type = PW_FRAMED; - rc_avpair_add(&send, PW_SERVICE_TYPE, &av_type, 0, VENDOR_NONE); -@@ -363,7 +368,7 @@ - /* Put user with potentially realm added in rstate.user */ - if (!rstate.done_chap_once) { - make_username_realm(user); -- rstate.client_port = get_client_port (ifname); -+ rstate.client_port = get_client_port (portnummap ? devnam : ifname); - if (radius_pre_auth_hook) { - radius_pre_auth_hook(rstate.user, - &rstate.authserver, -@@ -881,7 +886,7 @@ - rc_avpair_add(&send, PW_ACCT_AUTHENTIC, &av_type, 0, VENDOR_NONE); - - -- av_type = PW_ASYNC; -+ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); - rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); - - hisaddr = ho->hisaddr; -@@ -981,9 +986,56 @@ - remote_number, 0, VENDOR_NONE); - } - -- av_type = PW_ASYNC; -+ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); - rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); - -+ av_type = PW_NAS_ERROR; -+ switch( status ) { -+ case EXIT_OK: -+ case EXIT_USER_REQUEST: -+ av_type = PW_USER_REQUEST; -+ break; -+ -+ case EXIT_HANGUP: -+ case EXIT_PEER_DEAD: -+ case EXIT_CONNECT_FAILED: -+ av_type = PW_LOST_CARRIER; -+ break; -+ -+ case EXIT_INIT_FAILED: -+ case EXIT_OPEN_FAILED: -+ case EXIT_LOCK_FAILED: -+ case EXIT_PTYCMD_FAILED: -+ av_type = PW_PORT_ERROR; -+ break; -+ -+ case EXIT_PEER_AUTH_FAILED: -+ case EXIT_AUTH_TOPEER_FAILED: -+ case EXIT_NEGOTIATION_FAILED: -+ case EXIT_CNID_AUTH_FAILED: -+ av_type = PW_SERVICE_UNAVAILABLE; -+ break; -+ -+ case EXIT_IDLE_TIMEOUT: -+ av_type = PW_ACCT_IDLE_TIMEOUT; -+ break; -+ -+ case EXIT_CONNECT_TIME: -+ av_type = PW_ACCT_SESSION_TIMEOUT; -+ break; -+ -+#ifdef MAXOCTETS -+ case EXIT_TRAFFIC_LIMIT: -+ av_type = PW_NAS_REQUEST; -+ break; -+#endif -+ -+ default: -+ av_type = PW_NAS_ERROR; -+ break; -+ } -+ rc_avpair_add(&send, PW_ACCT_TERMINATE_CAUSE, &av_type, 0, VENDOR_NONE); -+ - hisaddr = ho->hisaddr; - av_type = htonl(hisaddr); - rc_avpair_add(&send, PW_FRAMED_IP_ADDRESS , &av_type , 0, VENDOR_NONE); -@@ -1077,7 +1129,7 @@ - remote_number, 0, VENDOR_NONE); - } - -- av_type = PW_ASYNC; -+ av_type = ( using_pty ? PW_VIRTUAL : ( sync_serial ? PW_SYNC : PW_ASYNC ) ); - rc_avpair_add(&send, PW_NAS_PORT_TYPE, &av_type, 0, VENDOR_NONE); - - hisaddr = ho->hisaddr; -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Entries 2002-09-07 12:37:54.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,28 +0,0 @@ --/BUGS/1.1/Tue Jan 22 16:03:00 2002// --/CHANGES/1.1/Tue Jan 22 16:03:00 2002// --/COPYRIGHT/1.1/Tue Jan 22 16:03:00 2002// --/Makefile.am/1.1/Tue Jan 22 16:03:00 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:00 2002// --/README/1.1/Tue Jan 22 16:03:00 2002// --/README.radexample/1.1/Tue Jan 22 16:03:00 2002// --/acconfig.h/1.1/Tue Jan 22 16:03:00 2002// --/aclocal.m4/1.2/Mon Jun 24 12:57:15 2002// --/config.guess/1.1/Tue Jan 22 16:03:00 2002// --/config.h.in/1.3/Thu Jul 25 16:29:16 2002// --/config.sub/1.1/Tue Jan 22 16:03:00 2002// --/configure/1.1/Tue Jan 22 16:03:00 2002// --/configure.in/1.1/Tue Jan 22 16:03:00 2002// --/install-sh/1.1/Tue Jan 22 16:03:00 2002// --/ltconfig/1.1/Tue Jan 22 16:03:00 2002// --/ltmain.sh/1.1/Tue Jan 22 16:03:00 2002// --/missing/1.1/Tue Jan 22 16:03:00 2002// --/mkinstalldirs/1.1/Tue Jan 22 16:03:00 2002// --/stamp-h.in/1.1/Tue Jan 22 16:03:00 2002// --D/doc//// --D/etc//// --D/include//// --D/lib//// --D/login.radius//// --D/man//// --D/patches//// --D/src//// -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Repository 2002-09-07 12:37:51.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/CVS/Root 2002-09-07 12:37:51.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Entries 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,4 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:01 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:01 2002// --/instop.html/1.1/Tue Jan 22 16:03:01 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Repository 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/doc -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/doc/CVS/Root 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/doc/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Entries 2002-11-09 12:24:42.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,13 +0,0 @@ --/dictionary.ascend/1.1/Tue Jan 22 16:03:01 2002// --/dictionary.compat/1.1/Tue Jan 22 16:03:01 2002// --/dictionary.merit/1.1/Tue Jan 22 16:03:01 2002// --/dictionary.microsoft/1.1/Wed Mar 6 13:23:09 2002// --/issue/1.1/Tue Jan 22 16:03:01 2002// --/port-id-map/1.1/Tue Jan 22 16:03:01 2002// --/servers/1.1/Tue Jan 22 16:03:01 2002// --/Makefile.am/1.4/Sat Nov 9 11:24:42 2002// --/Makefile.in/1.5/Sat Nov 9 11:24:42 2002// --/dictionary/1.9/Sat Nov 9 11:24:42 2002// --/radiusclient.conf.in/1.2/Sat Nov 9 11:24:42 2002// --/realms/1.1/Sat Oct 5 04:35:24 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Repository 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/etc -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/etc/CVS/Root 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/etc/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Entries 2002-12-04 22:49:09.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,7 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:01 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:01 2002// --/includes.h/1.2/Wed Feb 27 15:51:19 2002// --/messages.h/1.2/Wed Feb 27 15:51:19 2002// --/pathnames.h/1.2/Wed Feb 27 15:51:19 2002// --/radiusclient.h/1.9/Wed Dec 4 21:49:09 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Repository 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/include -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/include/CVS/Root 2002-09-07 12:37:52.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/include/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Entries 2002-12-04 22:49:09.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,20 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// --/Makefile.in/1.2/Wed Feb 20 02:22:35 2002// --/clientid.c/1.2/Wed Feb 27 15:51:20 2002// --/dict.c/1.2/Tue Mar 5 15:14:06 2002// --/env.c/1.2/Wed Feb 27 15:51:20 2002// --/ip_util.c/1.2/Wed Feb 27 15:51:20 2002// --/lock.c/1.2/Wed Feb 27 15:51:20 2002// --/log.c/1.2/Wed Feb 27 15:51:20 2002// --/md5.c/1.2/Wed Feb 27 15:51:20 2002// --/memcmp.c/1.2/Wed Feb 27 15:51:20 2002// --/sendserver.c/1.4/Tue Apr 2 14:09:35 2002// --/strcasecmp.c/1.2/Wed Feb 27 15:51:20 2002// --/strdup.c/1.2/Wed Feb 27 15:51:20 2002// --/strerror.c/1.2/Wed Feb 27 15:51:20 2002// --/util.c/1.2/Wed Feb 27 15:51:20 2002// --/buildreq.c/1.4/Sat Nov 9 11:24:43 2002// --/config.c/1.3/Sat Nov 9 11:24:43 2002// --/options.h/1.2/Sat Nov 9 11:24:43 2002// --/avpair.c/1.3/Wed Dec 4 21:49:09 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/lib -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/lib/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/lib/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries 2002-09-07 12:37:54.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,5 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:02 2002// --/README/1.1/Tue Jan 22 16:03:02 2002// --/login.radius/1.1/Tue Jan 22 16:03:02 2002// --D/migs//// -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/login.radius -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,7 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:02 2002// --/README/1.1/Tue Jan 22 16:03:02 2002// --/ip-down/1.1/Tue Jan 22 16:03:02 2002// --/ip-up/1.1/Tue Jan 22 16:03:02 2002// --/login.radius/1.1/Tue Jan 22 16:03:02 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/login.radius/migs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/login.radius/migs/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,3 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:02 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:02 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/man -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/man/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/man/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,7 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:03 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:03 2002// --/README/1.1/Tue Jan 22 16:03:03 2002// --/merit-2.4.21-CHAP.diff/1.1/Tue Jan 22 16:03:04 2002// --/radiusd-1.16.accounting.diff/1.1/Tue Jan 22 16:03:04 2002// --/radiusd-1.16.shadow.diff/1.1/Tue Jan 22 16:03:04 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/patches -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/patches/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/patches/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Entries ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Entries ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Entries 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,11 +0,0 @@ --/Makefile.am/1.1/Tue Jan 22 16:03:04 2002// --/Makefile.in/1.1/Tue Jan 22 16:03:04 2002// --/local.c/1.1/Tue Jan 22 16:03:04 2002// --/radacct.c/1.1/Tue Jan 22 16:03:04 2002// --/radexample-debug/1.1/Tue Jan 22 16:03:04 2002// --/radexample.c/1.2/Tue Apr 2 14:09:35 2002// --/radius.c/1.2/Tue Apr 2 14:09:35 2002// --/radlogin.c/1.1/Tue Jan 22 16:03:04 2002// --/radlogin.h/1.1/Tue Jan 22 16:03:05 2002// --/radstatus.c/1.1/Tue Jan 22 16:03:05 2002// --D -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Repository ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Repository ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/radius/radiusclient/src -diff -ruN ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Root ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Root ---- ppp-2.4.2/pppd/plugins/radius/radiusclient/src/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/radius/radiusclient/src/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Entries ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Entries ---- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Entries 2002-09-07 12:37:54.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Entries 1970-01-01 01:00:00.000000000 +0100 -@@ -1,9 +0,0 @@ --/Makefile.linux/1.1/Fri Dec 14 02:55:20 2001// --/common.c/1.1/Fri Dec 14 02:55:20 2001// --/config.h/1.1/Fri Dec 14 02:55:20 2001// --/debug.c/1.1/Fri Dec 14 02:55:20 2001// --/discovery.c/1.1/Fri Dec 14 02:55:20 2001// --/if.c/1.1/Fri Dec 14 02:55:20 2001// --/plugin.c/1.7/Tue Apr 2 13:11:00 2002// --/pppoe.h/1.1/Fri Dec 14 02:55:20 2001// --D -diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Repository ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Repository ---- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Repository 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Repository 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --ppp/pppd/plugins/rp-pppoe -diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Root ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Root ---- ppp-2.4.2/pppd/plugins/rp-pppoe/CVS/Root 2002-09-07 12:37:53.000000000 +0200 -+++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/CVS/Root 1970-01-01 01:00:00.000000000 +0100 -@@ -1 +0,0 @@ --samba.org:/data/cvs -diff -ruN ppp-2.4.2/pppd/plugins/rp-pppoe/Makefile ppp-cvs-20040427/pppd/plugins/rp-pppoe/Makefile ---- ppp-2.4.2/pppd/plugins/rp-pppoe/Makefile 2004-01-13 04:57:55.000000000 +0100 -+++ ppp-cvs-20040427/pppd/plugins/rp-pppoe/Makefile 1970-01-01 01:00:00.000000000 +0100 -@@ -1,50 +0,0 @@ --# Generated automatically from Makefile.in by configure. --#*********************************************************************** --# --# Makefile --# --# Makefile for Roaring Penguin's Linux PPPoE plugin. --# --# Copyright (C) 2001 Roaring Penguin Software Inc. --# --# This program may be distributed according to the terms of the GNU --# General Public License, version 2 or (at your option) any later version. --# --# $Id: Makefile.linux,v 1.2 2004/01/13 03:57:55 paulus Exp $ --#*********************************************************************** -- --# Version is set ONLY IN THE MAKEFILE! Don't delete this! --VERSION=3.3 -- --COPTS=-O2 -g --CFLAGS=$(COPTS) -I../../../include/linux --all: rp-pppoe.so -- --rp-pppoe.so: libplugin.a plugin.o -- gcc -o rp-pppoe.so -shared plugin.o libplugin.a -- --install: all -- $(INSTALL) -d -m 755 $(LIBDIR) -- $(INSTALL) -s -c -m 4550 rp-pppoe.so $(LIBDIR) -- --clean: -- rm -f *.o *.so -- --plugin.o: plugin.c -- gcc '-DRP_VERSION="$(VERSION)"' $(CFLAGS) -I../../.. -c -o plugin.o -fPIC plugin.c -- --libplugin.a: discovery.o if.o common.o debug.o -- ar -rc $@ $^ -- --discovery.o: discovery.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o discovery.o -fPIC discovery.c -- --if.o: if.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o if.o -fPIC if.c -- --debug.o: debug.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o debug.o -fPIC debug.c -- --common.o: common.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o common.o -fPIC common.c -- -diff -ruN ppp-2.4.2/pppd/pppd.8 ppp-cvs-20040427/pppd/pppd.8 ---- ppp-2.4.2/pppd/pppd.8 2004-01-15 06:09:00.000000000 +0100 -+++ ppp-cvs-20040427/pppd/pppd.8 2004-04-27 20:25:12.000000000 +0200 -@@ -1,5 +1,5 @@ - .\" manual page [] for pppd 2.4 --.\" $Id: pppd.8,v 1.76 2004/01/15 05:09:00 paulus Exp $ -+.\" $Id: pppd.8,v 1.77 2004/04/27 18:22:58 fcusack Exp $ - .\" SH section heading - .\" SS subsection heading - .\" LP paragraph -@@ -955,11 +955,11 @@ - Require the use of MPPE, with 128\-bit encryption. - .TP - .B require-mschap --Require the peer to authenticate itself using MS-CHAP [Microsft Challenge -+Require the peer to authenticate itself using MS-CHAP [Microsoft Challenge - Handshake Authentication Protocol] authentication. - .TP - .B require-mschap-v2 --Require the peer to authenticate itself using MS-CHAPv2 [Microsft Challenge -+Require the peer to authenticate itself using MS-CHAPv2 [Microsoft Challenge - Handshake Authentication Protocol, Version 2] authentication. - .TP - .B require-eap -diff -ruN ppp-2.4.2/pppd/tty.c ppp-cvs-20040427/pppd/tty.c ---- ppp-2.4.2/pppd/tty.c 2004-01-13 05:17:59.000000000 +0100 -+++ ppp-cvs-20040427/pppd/tty.c 2004-01-17 06:50:12.000000000 +0100 -@@ -73,7 +73,7 @@ - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - */ - --#define RCSID "$Id: tty.c,v 1.13 2004/01/13 04:17:59 paulus Exp $" -+#define RCSID "$Id: tty.c,v 1.14 2004/01/17 05:47:55 carlsonj Exp $" - - #include <stdio.h> - #include <ctype.h> -@@ -512,7 +512,9 @@ - { - char *connector; - int fdflags; -+#ifndef __linux__ - struct stat statbuf; -+#endif - char numbuf[16]; - - /* -diff -ruN ppp-2.4.2/pppdump/bsd-comp.c ppp-cvs-20040427/pppdump/bsd-comp.c ---- ppp-2.4.2/pppdump/bsd-comp.c 1999-04-16 13:34:42.000000000 +0200 -+++ ppp-cvs-20040427/pppdump/bsd-comp.c 2004-01-17 06:50:12.000000000 +0100 -@@ -38,12 +38,14 @@ - */ - - /* -- * $Id: bsd-comp.c,v 1.3 1999/04/16 11:35:59 paulus Exp $ -+ * $Id: bsd-comp.c,v 1.4 2004/01/17 05:47:55 carlsonj Exp $ - */ - - #include <sys/types.h> -+#include <stdio.h> - #include <stddef.h> - #include <stdlib.h> -+#include <string.h> - #include "ppp_defs.h" - #include "ppp-comp.h" - -diff -ruN ppp-2.4.2/pppdump/deflate.c ppp-cvs-20040427/pppdump/deflate.c ---- ppp-2.4.2/pppdump/deflate.c 2002-12-06 10:49:16.000000000 +0100 -+++ ppp-cvs-20040427/pppdump/deflate.c 2004-01-17 06:50:12.000000000 +0100 -@@ -33,12 +33,14 @@ - * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING - * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. - * -- * $Id: deflate.c,v 1.4 2002/12/06 09:49:16 paulus Exp $ -+ * $Id: deflate.c,v 1.5 2004/01/17 05:47:55 carlsonj Exp $ - */ - - #include <sys/types.h> -+#include <stdio.h> - #include <stddef.h> - #include <stdlib.h> -+#include <string.h> - #include "ppp_defs.h" - #include "ppp-comp.h" - #include "zlib.h" -diff -ruN ppp-2.4.2/pppdump/pppdump.c ppp-cvs-20040427/pppdump/pppdump.c ---- ppp-2.4.2/pppdump/pppdump.c 2002-12-06 10:17:02.000000000 +0100 -+++ ppp-cvs-20040427/pppdump/pppdump.c 2004-01-17 06:50:12.000000000 +0100 -@@ -35,6 +35,7 @@ - */ - #include <stdio.h> - #include <unistd.h> -+#include <stdlib.h> - #include <time.h> - #include <sys/types.h> - #include "ppp_defs.h" -@@ -53,6 +54,12 @@ - extern int optind; - extern char *optarg; - -+void dumplog(); -+void dumpppp(); -+void show_time(); -+void handle_ccp(); -+ -+int - main(ac, av) - int ac; - char **av; -@@ -105,6 +112,7 @@ - exit(0); - } - -+void - dumplog(f) - FILE *f; - { -@@ -244,6 +252,7 @@ - - unsigned char dbuf[8192]; - -+void - dumpppp(f) - FILE *f; - { -@@ -429,6 +438,7 @@ - NULL - }; - -+void - handle_ccp(cp, dp, len) - struct pkt *cp; - u_char *dp; -@@ -485,6 +495,7 @@ - } - } - -+void - show_time(f, c) - FILE *f; - int c; -diff -ruN ppp-2.4.2/scripts/callback ppp-cvs-20040427/scripts/callback ---- ppp-2.4.2/scripts/callback 1995-08-09 04:49:51.000000000 +0200 -+++ ppp-cvs-20040427/scripts/callback 2004-04-12 07:30:11.000000000 +0200 -@@ -33,7 +33,7 @@ - ABORT '\nNO ANSWER\r' \ - ABORT '\nRINGING\r\n\r\nRINGING\r' \ - '' AT \ -- 'OK-+++\c-OK' 'AT&C0&D2S0=0H0 \ -+ 'OK-+++\c-OK' 'AT&C0&D2S0=0H0' \ - TIMEOUT 30 \ - OK ATDT$TELEPHONE \ - CONNECT '' \ -diff -ruN ppp-2.4.2/scripts/ipv6-down.sample ppp-cvs-20040427/scripts/ipv6-down.sample ---- ppp-2.4.2/scripts/ipv6-down.sample 1999-08-23 08:07:07.000000000 +0200 -+++ ppp-cvs-20040427/scripts/ipv6-down.sample 2004-04-12 07:45:18.000000000 +0200 -@@ -8,24 +8,24 @@ - # Kill the router advertisement daemon on this interface. - # The killing procedure is copied from RedHat 6.0 initscripts. - --DEVICE=$1 -+DEVICE="$1" - --PIDFILE=/var/run/radvd-$DEVICE.pid -+PIDFILE="/var/run/radvd-$DEVICE.pid" - --[ -f $PIDFILE ] || exit 0 -+[ -f "$PIDFILE" ] || exit 0 - --PID=`cat $PIDFILE` -+PID="$(cat "$PIDFILE")" - if [ "$PID" != "" ]; then -- if ps h $PID >/dev/null 2>&1; then -- kill -TERM $PID -+ if ps h "$PID" >/dev/null 2>&1; then -+ kill -TERM "$PID" - usleep 10000 -- if ps h $PID >/dev/null 2>&1; then -+ if ps h "$PID" >/dev/null 2>&1; then - sleep 1 -- if ps h $PID >/dev/null 2>&1; then -- kill -KILL $PID -+ if ps h "$PID" >/dev/null 2>&1; then -+ kill -KILL "$PID" - fi - fi - fi - fi - --rm -f $PIDFILE -+rm -f "$PIDFILE" -diff -ruN ppp-2.4.2/scripts/ipv6-up.sample ppp-cvs-20040427/scripts/ipv6-up.sample ---- ppp-2.4.2/scripts/ipv6-up.sample 1999-08-23 08:07:07.000000000 +0200 -+++ ppp-cvs-20040427/scripts/ipv6-up.sample 2004-04-12 07:45:18.000000000 +0200 -@@ -8,26 +8,27 @@ - # Start router advertisements on this link. - # Based on radvd 0.5.0 behaviour - --DEVICE=$1 -+DEVICE="$1" - --CFGFILE=/usr/inet6/etc/radvd.conf-$DEVICE --PIDFILE=/var/run/radvd-$DEVICE.pid -+CFGFILE="/etc/radvd.conf-$DEVICE" -+PIDFILE="/var/run/radvd-$DEVICE.pid" -+EXEFILE="/usr/sbin/radvd" - --if [ -x /usr/inet6/sbin/radvd && -f $CFGFILE ]; then -- touch $PIDFILE -- if [ ! -f $PIDFILE ]; then -+if [ -x "$EXEFILE" -a -f "$CFGFILE" ]; then -+ touch "$PIDFILE" -+ if [ ! -f "$PIDFILE" ]; then - echo "error: $PIDFILE is not a regular file. Aborting" - exit 0 - fi - -- PID=`cat $PIDFILE` -- if [ "$PID" != "" ]; then -- ps h $PID >/dev/null 2>&1 && exit 0 -+ PID="$(cat "$PIDFILE")" -+ if [ -n "$PID" ]; then -+ ps h "$PID" >/dev/null 2>&1 && exit 0 - fi - - # radvd 0.5.0 doesn't write a pid-file so we do it here - # enabling debugging keeps radvd in foreground, putting it - # on background gives us the PID. -- /usr/inet6/sbin/radvd -d 1 -C $CFGFILE & -- echo $! >$PIDFILE -+ "$EXEFILE" -d 1 -C "$CFGFILE" & -+ echo $! >"$PIDFILE" - fi -diff -ruN ppp-2.4.2/scripts/pon ppp-cvs-20040427/scripts/pon ---- ppp-2.4.2/scripts/pon 2002-11-25 00:30:44.000000000 +0100 -+++ ppp-cvs-20040427/scripts/pon 2004-04-12 07:45:18.000000000 +0200 -@@ -1,10 +1,12 @@ - #!/bin/sh - -+PPP_ON_BOOT=/etc/ppp/ppp_on_boot -+ - case "$1" in - -*) echo " - Usage: pon [provider] [arguments] - --If pon is invoked without arguments, /etc/ppp/ppp_on_boot file will be -+If pon is invoked without arguments, $PPP_ON_BOOT file will be - run, presuming it exists and is executable. Otherwise, a PPP connection - will be started using settings from /etc/ppp/peers/provider. - If you specify one argument, a PPP connection will be started using -@@ -16,8 +18,8 @@ - ;; - esac - --if [ -z "$1" -a -x /etc/ppp/ppp_on_boot ]; then -- exec /etc/ppp/ppp_on_boot -+if [ -z "$1" -a -x "$PPP_ON_BOOT" ]; then -+ exec "$PPP_ON_BOOT" - fi - - if [ -z "$1" -a ! -f /etc/ppp/peers/provider ]; then -diff -ruN ppp-2.4.2/svr4/Makedefs ppp-cvs-20040427/svr4/Makedefs ---- ppp-2.4.2/svr4/Makedefs 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/Makedefs 2000-06-09 03:36:34.000000000 +0200 -@@ -0,0 +1,16 @@ -+# -+# defines common to several Makefiles -+# -+ -+INSTALL= /usr/sbin/install -+ -+BINDIR = /usr/local/bin -+MANDIR = /usr/local/man -+ETCDIR = /etc/ppp -+ -+COPTS = -O -Xa -+ -+# For compiling with gcc, comment out the COPTS definition above and -+# uncomment the next 2 definitions. -+#CC = gcc -+#COPTS = -O2 -diff -ruN ppp-2.4.2/svr4/Makedefs.sol2 ppp-cvs-20040427/svr4/Makedefs.sol2 ---- ppp-2.4.2/svr4/Makedefs.sol2 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/Makedefs.sol2 1999-09-21 22:50:31.000000000 +0200 -@@ -0,0 +1,59 @@ -+# -+# Generic make definitions for Solaris 2 -+# -+# $Id: Makedefs.sol2,v 1.3 1999/09/21 20:37:20 masputra Exp $ -+# -+ -+include ../svr4/Makedefs -+ -+CPPFLAGS = -D_KERNEL -DSVR4 -DSOL2 -DPRIOQ -DDEBUG -I../include -+CFLAGS = $(CPPFLAGS) $(COPTS) -+ -+# lint-specific variables -+LINT = lint -+LINT_OPT_32 = -+LINT_OPT_64 = -Xarch=v9 -errchk=longptr64 -+ -+LINT_32 = -+LINT_32 += -erroff=E_BAD_PTR_CAST_ALIGN -+LINT_32 += -erroff=E_SUPPRESSION_DIRECTIVE_UNUSED -+LINT_32 += -erroff=E_SUSPICIOUS_COMPARISON -+LINT_32 += -erroff=E_CAST_UINT_TO_SIGNED_INT -+LINT_32 += -erroff=E_PASS_UINT_TO_SIGNED_INT -+LINT_32 += -erroff=E_INVALID_ANNOTATION_NAME -+LINT_32 += -erroff=E_FUNC_ARG_UNUSED -+# This might be needed, but zlib.c and vjcompress.c will squawk -+# when not ignored -+LINT_32 += -erroff=E_CASE_FALLTHRU -+LINT_32 += -erroff=E_RET_INT_IMPLICITLY -+LINT_32 += -erroff=E_FUNC_NO_RET_VAL -+# Some STREAMS macros will be noisy too when this isn't ignored -+LINT_32 += -erroff=E_CONSTANT_CONDITION -+LINT_32 += -erroff=E_CONST_EXPR -+ -+# Extra noise suppressant for 64-bit -+EXTRA_OFF = -+EXTRA_OFF += -erroff=E_CAST_INT_TO_SMALL_INT -+EXTRA_OFF += -erroff=E_CAST_INT_CONST_TO_SMALL_INT -+EXTRA_OFF += -erroff=E_CAST_TO_PTR_FROM_INT -+EXTRA_OFF += -erroff=E_ASSIGN_INT_TO_SMALL_INT -+EXTRA_OFF += -erroff=E_ASSIGN_INT_FROM_BIG_CONST -+EXTRA_OFF += -erroff=E_CONST_PROMOTED_UNSIGNED_LL -+EXTRA_OFF += -erroff=E_CONST_PROMOTED_LONG_LONG -+EXTRA_OFF += -erroff=E_CONST_TRUNCATED_BY_ASSIGN -+EXTRA_OFF += -erroff=E_PASS_INT_FROM_BIG_CONST -+EXTRA_OFF += -erroff=E_COMP_INT_WITH_LARGE_INT -+EXTRA_OFF += -erroff=E_ASSIGN_UINT_TO_SIGNED_INT -+EXTRA_OFF += -erroff=E_ASSIGN_NARROW_CONV -+EXTRA_OFF += -erroff=E_PASS_INT_TO_SMALL_INT -+EXTRA_OFF += -erroff=E_PTR_CONV_LOSES_BITS -+ -+LINT_64 = $(LINT_32) -+LINT_64 += $(EXTRA_OFF) -+ -+LINTFLAGS64 = -Xa -nsxmuF -errtags=yes $(LINT_OPT_64) $(LINT_64) -+LINT64 = $(LINT) -c $(LINTFLAGS64) $(CPPFLAGS) -+ -+LINTFLAGS32 = -Xa -nsxmuF -errtags=yes $(LINT_OPT_32) $(LINT_32) -+LINT32 = $(LINT) -c $(LINTFLAGS32) $(CPPFLAGS) -+ -diff -ruN ppp-2.4.2/svr4/Makefile.sol2 ppp-cvs-20040427/svr4/Makefile.sol2 ---- ppp-2.4.2/svr4/Makefile.sol2 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/Makefile.sol2 1999-09-21 22:50:32.000000000 +0200 -@@ -0,0 +1,66 @@ -+# -+# Makefile for STREAMS modules for Solaris 2. -+# -+# $Id: Makefile.sol2,v 1.18 1999/09/21 20:37:20 masputra Exp $ -+# -+ -+include Makedefs.sol2 -+ -+COPTS += -xO2 -xspace -W0,-Lt -+ -+COMP_OBJS = ppp_comp.o bsd-comp.o deflate.o zlib.o vjcompress.o \ -+ ppp_comp_mod.o -+ -+all: ppp ppp_ahdl ppp_comp -+ -+ppp: ppp.o ppp_mod.o -+ ld -r -o $@ ppp.o ppp_mod.o -+ chmod +x $@ -+ -+ppp_ahdl: ppp_ahdlc.o ppp_ahdlc_mod.o -+ ld -r -o $@ ppp_ahdlc.o ppp_ahdlc_mod.o -+ chmod +x $@ -+ -+ppp_comp: $(COMP_OBJS) -+ ld -r -o $@ $(COMP_OBJS) -+ chmod +x $@ -+ -+bsd-comp.o: ../modules/bsd-comp.c -+ $(CC) $(CFLAGS) -c $? -+deflate.o: ../modules/deflate.c -+ $(CC) $(CFLAGS) -c $? -+ppp.o: ../modules/ppp.c -+ $(CC) $(CFLAGS) -c $? -+ppp_mod.o: ppp_mod.c -+ $(CC) $(CFLAGS) -c $? -+ppp_ahdlc_mod.o: ppp_ahdlc_mod.c -+ $(CC) $(CFLAGS) -c $? -+ppp_ahdlc.o: ../modules/ppp_ahdlc.c -+ $(CC) $(CFLAGS) -c $? -+ppp_comp.o: ../modules/ppp_comp.c -+ $(CC) $(CFLAGS) -c $? -+ppp_comp_mod.o: ppp_comp_mod.c -+ $(CC) $(CFLAGS) -c $? -+vjcompress.o: ../modules/vjcompress.c -+ $(CC) $(CFLAGS) -c $? -+zlib.o: ../common/zlib.c -+ $(CC) $(CFLAGS) -c $? -+ -+install: -+ cp ppp ppp.conf /kernel/drv -+ cp ppp_comp ppp_ahdl /kernel/strmod -+ if grep clone:ppp /etc/minor_perm; then :; else \ -+ echo clone:ppp 0644 root sys >>/etc/minor_perm; fi -+ /usr/sbin/rem_drv ppp 2>/dev/null || true -+ /usr/sbin/add_drv ppp -+ -+SRCS = ../modules/ppp.c ppp_mod.c ../modules/ppp_ahdlc.c ppp_ahdlc_mod.c \ -+ ../modules/ppp_comp.c ../modules/bsd-comp.c ../modules/deflate.c \ -+ ../common/zlib.c ../modules/vjcompress.c ppp_comp_mod.c -+ -+lint: -+ $(LINT32) $(SRCS) -+ -+clean: -+ rm -f ppp ppp_comp ppp_ahdl *.o *~ core -+ rm -f *.ln -diff -ruN ppp-2.4.2/svr4/Makefile.sol2-64 ppp-cvs-20040427/svr4/Makefile.sol2-64 ---- ppp-2.4.2/svr4/Makefile.sol2-64 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/Makefile.sol2-64 1999-09-21 22:50:33.000000000 +0200 -@@ -0,0 +1,85 @@ -+# -+# Makefile for 64-bit STREAMS modules for Solaris 2. -+# -+# $Id: Makefile.sol2-64,v 1.3 1999/09/21 20:37:20 masputra Exp $ -+# -+ -+include Makedefs.sol2 -+ -+# Sun's cc flag for LP64 compilation / linkage -+COPTS += -xchip=ultra -xarch=v9 -Wc,-xcode=abs32 -Wc,-Qiselect-regsym=0 -xO3 -xspace -W0,-Lt -+ -+# subdirectory where 64-bit objects / binaries will be placed -+LP64DIR = sparcv9 -+ -+# Name of legacy Makefile (for 32-bit binaries) -+STD_MAKE = Makefile.sol2 -+ -+COMP_OBJS = $(LP64DIR)/ppp_comp.o $(LP64DIR)/bsd-comp.o \ -+ $(LP64DIR)/deflate.o $(LP64DIR)/zlib.o $(LP64DIR)/vjcompress.o \ -+ $(LP64DIR)/ppp_comp_mod.o -+ -+all: std_objs $(LP64DIR) ppp ppp_ahdl ppp_comp -+ -+std_objs: -+ $(MAKE) -f $(STD_MAKE) all -+ -+ppp: $(LP64DIR)/ppp.o $(LP64DIR)/ppp_mod.o -+ ld -r -o $(LP64DIR)/$@ $(LP64DIR)/ppp.o $(LP64DIR)/ppp_mod.o -+ chmod +x $(LP64DIR)/$@ -+ -+ppp_ahdl: $(LP64DIR)/ppp_ahdlc.o $(LP64DIR)/ppp_ahdlc_mod.o -+ ld -r -o $(LP64DIR)/$@ $(LP64DIR)/ppp_ahdlc.o $(LP64DIR)/ppp_ahdlc_mod.o -+ chmod +x $(LP64DIR)/$@ -+ -+ppp_comp: $(COMP_OBJS) -+ ld -r -o $(LP64DIR)/$@ $(COMP_OBJS) -+ chmod +x $(LP64DIR)/$@ -+ -+$(LP64DIR)/bsd-comp.o: ../modules/bsd-comp.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/deflate.o: ../modules/deflate.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/ppp.o: ../modules/ppp.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/ppp_mod.o: ppp_mod.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/ppp_ahdlc_mod.o: ppp_ahdlc_mod.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/ppp_ahdlc.o: ../modules/ppp_ahdlc.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/ppp_comp.o: ../modules/ppp_comp.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/ppp_comp_mod.o: ppp_comp_mod.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/vjcompress.o: ../modules/vjcompress.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+$(LP64DIR)/zlib.o: ../common/zlib.c -+ $(CC) $(CFLAGS) -c $? -o $@ -+ -+$(LP64DIR): -+ mkdir -m 755 -p $@ -+ -+install: -+ cp ppp ppp.conf /kernel/drv -+ cp ppp_comp ppp_ahdl /kernel/strmod -+ cp $(LP64DIR)/ppp /kernel/drv/$(LP64DIR) -+ cp $(LP64DIR)/ppp_comp $(LP64DIR)/ppp_ahdl /kernel/strmod/$(LP64DIR) -+ if grep clone:ppp /etc/minor_perm; then :; else \ -+ echo clone:ppp 0644 root sys >>/etc/minor_perm; fi -+ /usr/sbin/rem_drv ppp 2>/dev/null || true -+ /usr/sbin/add_drv ppp -+ -+SRCS = ../modules/ppp.c ppp_mod.c ../modules/ppp_ahdlc.c ppp_ahdlc_mod.c \ -+ ../modules/ppp_comp.c ../modules/bsd-comp.c ../modules/deflate.c \ -+ ../common/zlib.c ../modules/vjcompress.c ppp_comp_mod.c -+ -+lint: -+ $(LINT64) $(SRCS) -+ -+lint-32: -+ $(LINT32) $(SRCS) -+ -+clean: -+ $(MAKE) -f $(STD_MAKE) clean -+ rm -f $(LP64DIR)/ppp $(LP64DIR)/ppp_comp $(LP64DIR)/ppp_ahdl $(LP64DIR)/*.o $(LP64DIR)/*~ $(LP64DIR)/core -diff -ruN ppp-2.4.2/svr4/Makefile.top ppp-cvs-20040427/svr4/Makefile.top ---- ppp-2.4.2/svr4/Makefile.top 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/Makefile.top 1999-04-01 14:37:44.000000000 +0200 -@@ -0,0 +1,50 @@ -+# -+# ppp top level makefile for SVR4 and Solaris 2 -+# -+# $Id: Makefile.top,v 1.8 1999/04/01 11:44:55 paulus Exp $ -+# -+ -+include svr4/Makedefs -+ -+all: -+ cd chat; $(MAKE) all -+ cd pppd; $(MAKE) all -+ cd pppstats; $(MAKE) all -+ cd pppdump; $(MAKE) all -+ cd svr4; $(MAKE) all -+ -+install: $(BINDIR) $(MANDIR)/man8 install-progs install-etcppp -+ -+install-progs: -+ cd chat; $(MAKE) install -+ cd pppd; $(MAKE) install -+ cd pppstats; $(MAKE) install -+ cd pppdump; $(MAKE) install -+ cd svr4; $(MAKE) install -+ -+install-etcppp: $(ETCDIR) $(ETCDIR)/options $(ETCDIR)/pap-secrets \ -+ $(ETCDIR)/chap-secrets -+ -+$(ETCDIR)/options: -+ cp etc.ppp/options $@ -+ chmod go-w $@ -+$(ETCDIR)/pap-secrets: -+ $(INSTALL) -f $(ETCDIR) -m 600 etc.ppp/pap-secrets -+$(ETCDIR)/chap-secrets: -+ $(INSTALL) -f $(ETCDIR) -m 600 etc.ppp/chap-secrets -+ -+$(BINDIR): -+ mkdir -m 755 -p $@ -+$(MANDIR)/man8: -+ mkdir -m 755 -p $@ -+$(ETCDIR): -+ mkdir -m 755 -p $@ -+ -+clean: -+ rm -f *~ -+ cd chat; $(MAKE) clean -+ cd pppd; $(MAKE) clean -+ cd pppstats; $(MAKE) clean -+ cd pppdump; $(MAKE) clean -+ cd svr4; $(MAKE) clean -+ -diff -ruN ppp-2.4.2/svr4/ppp.Master ppp-cvs-20040427/svr4/ppp.Master ---- ppp-2.4.2/svr4/ppp.Master 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp.Master 1995-10-27 04:58:28.000000000 +0100 -@@ -0,0 +1 @@ -+ppp - Sciof ppp 0 0 1 128 -1 -diff -ruN ppp-2.4.2/svr4/ppp.Node ppp-cvs-20040427/svr4/ppp.Node ---- ppp-2.4.2/svr4/ppp.Node 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp.Node 1995-10-27 04:58:36.000000000 +0100 -@@ -0,0 +1 @@ -+clone ppp c ppp -diff -ruN ppp-2.4.2/svr4/ppp.System ppp-cvs-20040427/svr4/ppp.System ---- ppp-2.4.2/svr4/ppp.System 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp.System 1995-10-27 04:58:37.000000000 +0100 -@@ -0,0 +1 @@ -+ppp Y 1 0 0 0 0 0 0 0 -diff -ruN ppp-2.4.2/svr4/ppp.conf ppp-cvs-20040427/svr4/ppp.conf ---- ppp-2.4.2/svr4/ppp.conf 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp.conf 1995-06-01 06:39:00.000000000 +0200 -@@ -0,0 +1 @@ -+name="ppp" parent="pseudo" instance=0; -diff -ruN ppp-2.4.2/svr4/ppp_ahdl.Master ppp-cvs-20040427/svr4/ppp_ahdl.Master ---- ppp-2.4.2/svr4/ppp_ahdl.Master 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_ahdl.Master 1995-10-27 04:58:32.000000000 +0100 -@@ -0,0 +1 @@ -+ppp_ahdl - iSf phdl 0 0 1 1 -1 -diff -ruN ppp-2.4.2/svr4/ppp_ahdl.System ppp-cvs-20040427/svr4/ppp_ahdl.System ---- ppp-2.4.2/svr4/ppp_ahdl.System 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_ahdl.System 1995-10-27 04:58:38.000000000 +0100 -@@ -0,0 +1 @@ -+ppp_ahdl Y 1 0 0 0 0 0 0 0 -diff -ruN ppp-2.4.2/svr4/ppp_ahdlc_mod.c ppp-cvs-20040427/svr4/ppp_ahdlc_mod.c ---- ppp-2.4.2/svr4/ppp_ahdlc_mod.c 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_ahdlc_mod.c 1995-12-11 06:21:02.000000000 +0100 -@@ -0,0 +1,49 @@ -+#include <sys/types.h> -+#include <sys/param.h> -+#include <sys/conf.h> -+#include <sys/modctl.h> -+#include <sys/sunddi.h> -+ -+extern struct streamtab ppp_ahdlcinfo; -+ -+static struct fmodsw fsw = { -+ "ppp_ahdl", -+ &ppp_ahdlcinfo, -+ D_NEW | D_MP | D_MTQPAIR -+}; -+ -+extern struct mod_ops mod_strmodops; -+ -+static struct modlstrmod modlstrmod = { -+ &mod_strmodops, -+ "PPP async HDLC module", -+ &fsw -+}; -+ -+static struct modlinkage modlinkage = { -+ MODREV_1, -+ (void *) &modlstrmod, -+ NULL -+}; -+ -+/* -+ * Entry points for modloading. -+ */ -+int -+_init(void) -+{ -+ return mod_install(&modlinkage); -+} -+ -+int -+_fini(void) -+{ -+ return mod_remove(&modlinkage); -+} -+ -+int -+_info(mip) -+ struct modinfo *mip; -+{ -+ return mod_info(&modlinkage, mip); -+} -diff -ruN ppp-2.4.2/svr4/ppp_comp.Master ppp-cvs-20040427/svr4/ppp_comp.Master ---- ppp-2.4.2/svr4/ppp_comp.Master 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_comp.Master 1995-10-27 04:58:34.000000000 +0100 -@@ -0,0 +1 @@ -+ppp_comp - iSf pcmp 0 0 1 1 -1 -diff -ruN ppp-2.4.2/svr4/ppp_comp.System ppp-cvs-20040427/svr4/ppp_comp.System ---- ppp-2.4.2/svr4/ppp_comp.System 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_comp.System 1995-10-27 04:58:40.000000000 +0100 -@@ -0,0 +1 @@ -+ppp_comp Y 1 0 0 0 0 0 0 0 -diff -ruN ppp-2.4.2/svr4/ppp_comp_mod.c ppp-cvs-20040427/svr4/ppp_comp_mod.c ---- ppp-2.4.2/svr4/ppp_comp_mod.c 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_comp_mod.c 2002-12-06 10:50:10.000000000 +0100 -@@ -0,0 +1,89 @@ -+/* -+ * ppp_comp_mod.c - modload support for PPP compression STREAMS module. -+ * -+ * Copyright (c) 1994 Paul Mackerras. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. The name(s) of the authors of this software must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. -+ * -+ * 4. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by Paul Mackerras -+ * <paulus@samba.org>". -+ * -+ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO -+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -+ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY -+ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN -+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING -+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ * -+ * $Id: ppp_comp_mod.c,v 1.3 2002/12/06 09:49:16 paulus Exp $ -+ */ -+ -+/* -+ * This file is used under Solaris 2. -+ */ -+#include <sys/types.h> -+#include <sys/param.h> -+#include <sys/conf.h> -+#include <sys/modctl.h> -+#include <sys/sunddi.h> -+ -+extern struct streamtab ppp_compinfo; -+ -+static struct fmodsw fsw = { -+ "ppp_comp", -+ &ppp_compinfo, -+ D_NEW | D_MP | D_MTQPAIR -+}; -+ -+extern struct mod_ops mod_strmodops; -+ -+static struct modlstrmod modlstrmod = { -+ &mod_strmodops, -+ "PPP compression module", -+ &fsw -+}; -+ -+static struct modlinkage modlinkage = { -+ MODREV_1, -+ (void *) &modlstrmod, -+ NULL -+}; -+ -+/* -+ * Entry points for modloading. -+ */ -+int -+_init(void) -+{ -+ return mod_install(&modlinkage); -+} -+ -+int -+_fini(void) -+{ -+ return mod_remove(&modlinkage); -+} -+ -+int -+_info(mip) -+ struct modinfo *mip; -+{ -+ return mod_info(&modlinkage, mip); -+} -diff -ruN ppp-2.4.2/svr4/ppp_mod.c ppp-cvs-20040427/svr4/ppp_mod.c ---- ppp-2.4.2/svr4/ppp_mod.c 1970-01-01 01:00:00.000000000 +0100 -+++ ppp-cvs-20040427/svr4/ppp_mod.c 2002-12-06 10:50:10.000000000 +0100 -@@ -0,0 +1,182 @@ -+/* -+ * ppp_mod.c - modload support for PPP pseudo-device driver. -+ * -+ * Copyright (c) 1994 Paul Mackerras. All rights reserved. -+ * -+ * Redistribution and use in source and binary forms, with or without -+ * modification, are permitted provided that the following conditions -+ * are met: -+ * -+ * 1. Redistributions of source code must retain the above copyright -+ * notice, this list of conditions and the following disclaimer. -+ * -+ * 2. Redistributions in binary form must reproduce the above copyright -+ * notice, this list of conditions and the following disclaimer in -+ * the documentation and/or other materials provided with the -+ * distribution. -+ * -+ * 3. The name(s) of the authors of this software must not be used to -+ * endorse or promote products derived from this software without -+ * prior written permission. -+ * -+ * 4. Redistributions of any form whatsoever must retain the following -+ * acknowledgment: -+ * "This product includes software developed by Paul Mackerras -+ * <paulus@samba.org>". -+ * -+ * THE AUTHORS OF THIS SOFTWARE DISCLAIM ALL WARRANTIES WITH REGARD TO -+ * THIS SOFTWARE, INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY -+ * AND FITNESS, IN NO EVENT SHALL THE AUTHORS BE LIABLE FOR ANY -+ * SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES -+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN -+ * AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING -+ * OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. -+ * -+ * $Id: ppp_mod.c,v 1.4 2002/12/06 09:49:16 paulus Exp $ -+ */ -+ -+/* -+ * This file is used under Solaris 2. -+ */ -+ -+#include <sys/types.h> -+#include <sys/param.h> -+#include <sys/stat.h> -+#include <sys/conf.h> -+#include <sys/modctl.h> -+#include <sys/sunddi.h> -+#include <sys/ksynch.h> -+ -+#ifdef __STDC__ -+#define __P(x) x -+#else -+#define __P(x) () -+#endif -+ -+static int ppp_identify __P((dev_info_t *)); -+static int ppp_attach __P((dev_info_t *, ddi_attach_cmd_t)); -+static int ppp_detach __P((dev_info_t *, ddi_detach_cmd_t)); -+static int ppp_devinfo __P((dev_info_t *, ddi_info_cmd_t, void *, void **)); -+ -+extern struct streamtab pppinfo; -+extern krwlock_t ppp_lower_lock; -+ -+static dev_info_t *ppp_dip; -+ -+static struct cb_ops cb_ppp_ops = { -+ nulldev, nulldev, nodev, nodev, /* cb_open, ... */ -+ nodev, nodev, nodev, nodev, /* cb_dump, ... */ -+ nodev, nodev, nodev, nochpoll, /* cb_devmap, ... */ -+ ddi_prop_op, /* cb_prop_op */ -+ &pppinfo, /* cb_stream */ -+ D_NEW|D_MP|D_MTQPAIR|D_MTOUTPERIM|D_MTOCEXCL /* cb_flag */ -+}; -+ -+static struct dev_ops ppp_ops = { -+ DEVO_REV, /* devo_rev */ -+ 0, /* devo_refcnt */ -+ ppp_devinfo, /* devo_getinfo */ -+ ppp_identify, /* devo_identify */ -+ nulldev, /* devo_probe */ -+ ppp_attach, /* devo_attach */ -+ ppp_detach, /* devo_detach */ -+ nodev, /* devo_reset */ -+ &cb_ppp_ops, /* devo_cb_ops */ -+ NULL /* devo_bus_ops */ -+}; -+ -+/* -+ * Module linkage information -+ */ -+ -+static struct modldrv modldrv = { -+ &mod_driverops, /* says this is a pseudo driver */ -+ "PPP-2.3 multiplexing driver", -+ &ppp_ops /* driver ops */ -+}; -+ -+static struct modlinkage modlinkage = { -+ MODREV_1, -+ (void *) &modldrv, -+ NULL -+}; -+ -+int -+_init(void) -+{ -+ return mod_install(&modlinkage); -+} -+ -+int -+_fini(void) -+{ -+ return mod_remove(&modlinkage); -+} -+ -+int -+_info(mip) -+ struct modinfo *mip; -+{ -+ return mod_info(&modlinkage, mip); -+} -+ -+static int -+ppp_identify(dip) -+ dev_info_t *dip; -+{ -+ return strcmp(ddi_get_name(dip), "ppp") == 0? DDI_IDENTIFIED: -+ DDI_NOT_IDENTIFIED; -+} -+ -+static int -+ppp_attach(dip, cmd) -+ dev_info_t *dip; -+ ddi_attach_cmd_t cmd; -+{ -+ -+ if (cmd != DDI_ATTACH) -+ return DDI_FAILURE; -+ if (ddi_create_minor_node(dip, "ppp", S_IFCHR, 0, DDI_PSEUDO, CLONE_DEV) -+ == DDI_FAILURE) { -+ ddi_remove_minor_node(dip, NULL); -+ return DDI_FAILURE; -+ } -+ rw_init(&ppp_lower_lock, NULL, RW_DRIVER, NULL); -+ return DDI_SUCCESS; -+} -+ -+static int -+ppp_detach(dip, cmd) -+ dev_info_t *dip; -+ ddi_detach_cmd_t cmd; -+{ -+ rw_destroy(&ppp_lower_lock); -+ ddi_remove_minor_node(dip, NULL); -+ return DDI_SUCCESS; -+} -+ -+static int -+ppp_devinfo(dip, cmd, arg, result) -+ dev_info_t *dip; -+ ddi_info_cmd_t cmd; -+ void *arg; -+ void **result; -+{ -+ int error; -+ -+ error = DDI_SUCCESS; -+ switch (cmd) { -+ case DDI_INFO_DEVT2DEVINFO: -+ if (ppp_dip == NULL) -+ error = DDI_FAILURE; -+ else -+ *result = (void *) ppp_dip; -+ break; -+ case DDI_INFO_DEVT2INSTANCE: -+ *result = NULL; -+ break; -+ default: -+ error = DDI_FAILURE; -+ } -+ return error; -+} diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/008_pathnames.h.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/008_pathnames.h.diff deleted file mode 100644 index dee0a8d..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/008_pathnames.h.diff +++ /dev/null @@ -1,11 +0,0 @@ ---- ppp-2.4.0b4.orig/pppd/pathnames.h -+++ ppp-2.4.0b4/pppd/pathnames.h -@@ -26,7 +26,7 @@ - #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" - #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" - #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." --#define _PATH_CONNERRS _ROOT_PATH "/etc/ppp/connect-errors" -+#define _PATH_CONNERRS _ROOT_PATH "/var/log/ppp-connect-errors" - #define _PATH_PEERFILES _ROOT_PATH "/etc/ppp/peers/" - #define _PATH_RESOLV _ROOT_PATH "/etc/ppp/resolv.conf" - diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/010_scripts_README.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/010_scripts_README.diff deleted file mode 100644 index 0ff2948..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/010_scripts_README.diff +++ /dev/null @@ -1,20 +0,0 @@ ---- ppp-2.4.0b4.orig/scripts/README -+++ ppp-2.4.0b4/scripts/README -@@ -141,3 +141,17 @@ - are escaped. This may need to be modified depending on the ssh (or - pseudo-tty) implementation which may differ across platforms, for further - optimizations. -+ -+------------------------------------------------------------------------ -+ -+12. pon, poff and ip-up -+ -+These are modified version of the pon/poff/ip-up scripts contributed by Yann -+Dirson <dirson@debian.org>. They allow you to call "pon quick" respectively -+"pon quick my-isp" to just call the provider for running you ip-up scripts in -+/etc/ppp/ip-up.d. This can be useful to check for incoming/flush outgoing -+mail, without the necessary delay before hangup introduced by diald or such. -+ -+These scripts break the possibility to connect to multiple ISPs at once, so -+they are included only here. -+ diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/011_scripts_redialer.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/011_scripts_redialer.diff deleted file mode 100644 index 657f566..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/011_scripts_redialer.diff +++ /dev/null @@ -1,152 +0,0 @@ ---- ppp-2.4.0b4.orig/scripts/redialer -+++ ppp-2.4.0b4/scripts/redialer -@@ -1,96 +1,69 @@ - #!/bin/sh --################################################################### - # --# These parameters control the attack dialing sequence. -+# A chatscript that will attempt to dial multiple numbers in sequence, until -+# you get connected. - # --# Maximum number of attempts to reach the telephone number(s) --MAX_ATTEMPTS=10 -- --# Delay between each of the attempts. This is a parameter to sleep --# so use "15s" for 15 seconds, "1m" for 1 minute, etc. --SLEEP_DELAY=15s -- --################################################################### -+# To use: edit /etc/peers/provider, and change the connect line to read: -+# connect "/usr/local/bin/redialer" - # --# This is a list of telephone numbers. Add new numbers if you wish --# and see the function 'callall' below for the dial process. --PHONE1=555-1212 --PHONE2=411 -+# See below for configuration. - --################################################################### -+# This is a list of chatscripts to use to get connected, and (optional) -+# telephone numbers to call for each of those chatscripts. - # --# If you use the ppp-on script, then these are passed to this routine --# automatically. There is no need to define them here. If not, then --# you will need to set the values. --# --ACCOUNT=my_account_name --PASSWORD=my_password -+# Note that in the chatscripts, you may use #NUMBER#, this will be replaced -+# with the number it is calling. You might want to use this to only have one -+# chatscript that is used for all numbers, or you might need multiple -+# chatscripts. - --################################################################### --# --# Function to initialize the modem and ensure that it is in command --# state. This may not be needed, but it doesn't hurt. --# --function initialize --{ -- chat -v TIMEOUT 3 '' AT 'OK-+++\c-OK' -- return --} -+PHONE1=123456789 -+CHAT1=/etc/chatscripts/provider - --################################################################### --# --# Script to dial a telephone --# --function callnumber --{ --chat -v \ -- ABORT '\nBUSY\r' \ -- ABORT '\nNO ANSWER\r' \ -- ABORT '\nRINGING\r\n\r\nRINGING\r' \ -- '' ATDT$1 \ -- CONNECT '' \ -- ogin:--ogin: $ACCOUNT \ -- assword: $PASSWORD --# --# If the connection was successful then end the whole script with a --# success. --# -- if [ "$?" = "0" ]; then -- exit 0 -- fi -+PHONE2=912345678 -+CHAT2=/etc/chatscripts/provider - -- return --} -+PHONE3=891234567 -+CHAT3=/etc/chatscripts/provider - --################################################################### --# --# Script to dial any telephone number --# --function callall --{ --# echo "dialing attempt number: $1" >/dev/console -- callnumber $PHONE1 --# callnumber $PHONE2 --} -+PHONE4=789123456 -+CHAT4=/etc/chatscripts/provider - --################################################################### --# --# Initialize the modem to ensure that it is in the command state --# --initialize --if [ ! "$?" = "0" ]; then -- exit 1 --fi -+PHONE5=001234567 -+CHAT5=/etc/chatscripts/provider - -+# How long to sleep between retries: - # --# Dial telephone numbers until one answers --# -+# Note that this is a parameter to sleep so use "15s" for 15 seconds, -+# "1m" for 1 minute, etc -+SLEEP_DELAY=1s -+ -+# The code below does the dialing. -+ - attempt=0 - while : ; do -- attempt=`expr $attempt + 1` -- callall $attempt -- if [ "$attempt" = "$MAX_ATTEMPTS" ]; then -- exit 1 -- fi -- sleep "$SLEEP_DELAY" -+ attempt=`expr $attempt + 1` -+ NUMBER=`eval echo '$PHONE'$attempt` -+ CHAT=`eval echo '$CHAT'$attempt` -+ if [ ! "$CHAT" ]; then -+ attempt=0 -+ else -+ logger "Dialing attempt number: $attempt" -+ sed s/#NUMBER#/$NUMBER/ $CHAT >/etc/chatscripts/tmpchat -+ /usr/sbin/chat -v -f /etc/chatscripts/tmpchat -+ rm -f /etc/chatscripts/tmpchat -+ case $? in -+ 0) logger Connection established ; exit 0;; -+ 1) logger chat: exit 1, see manpage for details. ; exit 1;; -+ 2) logger chat: exit 2, see manpage for details. ; exit 2;; -+ 3) logger chat: exit 3, see manpage for details. ;; -+ 4) logger Line busy. ;; -+ 5) logger No Carrier. ;; -+ 6) logger A call is coming. Exiting! ; exit 1;; -+ 7) logger No dialtone. ;; -+ 8) logger An error occured. Exiting! ; exit 1;; -+ *) logger chat: exit $?, see manpage for details. ;; -+ esac -+ logger "Waiting $SLEEP_DELAY seconds before next try." -+ sleep $SLEEP_DELAY -+ fi - done diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/018_ip-up_option.diff b/obsolete-buildroot/sources/openwrt/patches/ppp/018_ip-up_option.diff deleted file mode 100644 index 0dee924..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/018_ip-up_option.diff +++ /dev/null @@ -1,98 +0,0 @@ ---- ppp-2.4.1/pppd/ipcp.c Thu Mar 8 06:11:12 2001 -+++ ppp-2.4.1-new/pppd/ipcp.c Tue Jun 19 15:35:36 2001 -@@ -1734,7 +1734,7 @@ - */ - if (ipcp_script_state == s_down && ipcp_script_pid == 0) { - ipcp_script_state = s_up; -- ipcp_script(_PATH_IPUP); -+ ipcp_script(path_ipup); - } - } - -@@ -1777,7 +1777,7 @@ - /* Execute the ip-down script */ - if (ipcp_script_state == s_up && ipcp_script_pid == 0) { - ipcp_script_state = s_down; -- ipcp_script(_PATH_IPDOWN); -+ ipcp_script(path_ipdown); - } - } - -@@ -1828,13 +1828,13 @@ - case s_up: - if (ipcp_fsm[0].state != OPENED) { - ipcp_script_state = s_down; -- ipcp_script(_PATH_IPDOWN); -+ ipcp_script(path_ipdown); - } - break; - case s_down: - if (ipcp_fsm[0].state == OPENED) { - ipcp_script_state = s_up; -- ipcp_script(_PATH_IPUP); -+ ipcp_script(path_ipup); - } - break; - } - ---- ppp-2.4.1/pppd/main.c Tue Mar 13 06:56:19 2001 -+++ ppp-2.4.1-new/pppd/main.c Tue Jun 19 15:35:36 2001 -@@ -233,6 +233,9 @@ - struct protent *protp; - char numbuf[16]; - -+ strlcpy(path_ipup, "/etc/ppp/ip-up", sizeof(path_ipup)); -+ strlcpy(path_ipdown, "/etc/ppp/ip-down", sizeof(path_ipdown)); -+ - link_stats_valid = 0; - new_phase(PHASE_INITIALIZE); - - ---- ppp-2.4.1/pppd/options.c Tue Mar 13 06:56:19 2001 -+++ ppp-2.4.1-new/pppd/options.c Tue Jun 19 15:38:32 2001 -@@ -85,6 +85,8 @@ - bool dump_options; /* print out option values */ - bool dryrun; /* print out option values and exit */ - char *domain; /* domain name set by domain option */ -+char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ -+char path_ipdown[MAXPATHLEN];/* pathname of ip-down script */ - - extern option_t auth_options[]; - extern struct stat devstat; -@@ -231,6 +233,12 @@ - "Print out option values after parsing all options", 1 }, - { "dryrun", o_bool, &dryrun, - "Stop after parsing, printing, and checking options", 1 }, -+ { "ip-up-script", o_string, path_ipup, -+ "Set pathname of ip-up script", -+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN }, -+ { "ip-down-script", o_string, path_ipdown, -+ "Set pathname of ip-down script", -+ OPT_PRIV|OPT_STATIC, NULL, MAXPATHLEN }, - - #ifdef HAVE_MULTILINK - { "multilink", o_bool, &multilink, - ---- ppp-2.4.1/pppd/pathnames.h Thu Mar 8 06:15:37 2001 -+++ ppp-2.4.1-new/pppd/pathnames.h Tue Jun 19 15:35:36 2001 -@@ -21,8 +21,6 @@ - #define _PATH_UPAPFILE _ROOT_PATH "/etc/ppp/pap-secrets" - #define _PATH_CHAPFILE _ROOT_PATH "/etc/ppp/chap-secrets" - #define _PATH_SYSOPTIONS _ROOT_PATH "/etc/ppp/options" --#define _PATH_IPUP _ROOT_PATH "/etc/ppp/ip-up" --#define _PATH_IPDOWN _ROOT_PATH "/etc/ppp/ip-down" - #define _PATH_AUTHUP _ROOT_PATH "/etc/ppp/auth-up" - #define _PATH_AUTHDOWN _ROOT_PATH "/etc/ppp/auth-down" - #define _PATH_TTYOPT _ROOT_PATH "/etc/ppp/options." - ---- ppp-2.4.1/pppd/pppd.h Tue Mar 13 06:54:37 2001 -+++ ppp-2.4.1-new/pppd/pppd.h Tue Jun 19 15:39:39 2001 -@@ -272,6 +272,8 @@ - extern char *bundle_name; /* bundle name for multilink */ - extern bool dump_options; /* print out option values */ - extern bool dryrun; /* check everything, print options, exit */ -+extern char path_ipup[MAXPATHLEN]; /* pathname of ip-up script */ -+extern char path_ipdown[MAXPATHLEN]; /* pathname of ip-down script */ - - #ifdef PPP_FILTER - extern struct bpf_program pass_filter; /* Filter for pkts to pass */ diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/057_pppoe-interface-change b/obsolete-buildroot/sources/openwrt/patches/ppp/057_pppoe-interface-change deleted file mode 100644 index cca5a0e..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/057_pppoe-interface-change +++ /dev/null @@ -1,78 +0,0 @@ ---- ppp/pppd/plugins/rp-pppoe/plugin.c.orig 2003-04-07 02:09:05.000000000 +0200 -+++ ppp/pppd/plugins/rp-pppoe/plugin.c 2003-12-03 22:15:07.000000000 +0100 -@@ -114,6 +114,57 @@ - return 1; - } - -+/* from <linux/if.h> */ -+#define IFF_UP 0x1 -+#define IFF_RUNNING 0x40 -+ -+static short ifrflags_old; -+ -+static int interface_change(const char* ifname, int up) -+{ -+ int fd; -+ struct ifreq ifr; -+ -+ if (!up && ifrflags_old != 0) { -+ return 0; -+ } -+ -+ fd = socket(AF_INET, SOCK_DGRAM, 0); -+ if (fd < 0) { -+ warn("socket(AF_INET, SOCK_DGRAM, 0): %s", strerror(errno)); -+ return -1; -+ } -+ -+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ); -+ if (ioctl(fd, SIOCGIFFLAGS, &ifr) < 0) { -+ warn("%s: unknown interface: %s", ifname, strerror(errno)); -+ return -1; -+ } -+ strncpy(ifr.ifr_name, ifname, IFNAMSIZ); -+ if (up) { -+ ifrflags_old = ifr.ifr_flags & (IFF_UP | IFF_RUNNING); -+ ifr.ifr_flags |= (IFF_UP | IFF_RUNNING); -+ } else { -+ ifr.ifr_flags &= ~(IFF_UP | IFF_RUNNING); -+ } -+ if (ioctl(fd, SIOCSIFFLAGS, &ifr) < 0) { -+ warn("SIOCSIFFLAGS: %s", strerror(errno)); -+ return -1; -+ } -+ close(fd); -+ return 0; -+} -+ -+static int interface_up (const char *ifname) -+{ -+ return interface_change(ifname,1); -+} -+ -+static int interface_down (const char* ifname) -+{ -+ return interface_change(ifname,0); -+} -+ - /********************************************************************** - * %FUNCTION: PPPOEConnectDevice - * %ARGUMENTS: -@@ -142,6 +193,8 @@ - conn->peerEth[i] = (unsigned char) mac[i]; - } - } else { -+ if (interface_up(conn->ifName) < 0) -+ return -1; - discovery(conn); - if (conn->discoveryState != STATE_SESSION) { - fatal("Unable to complete PPPoE Discovery"); -@@ -243,6 +296,8 @@ - return; - } - close(conn->sessionSocket); -+ if (interface_down(conn->ifName) < 0) -+ warn("We brought %s up but failed to take it down",conn->ifName); - } - - static void diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault b/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault deleted file mode 100644 index 59007ef..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/auth_hook_segfault +++ /dev/null @@ -1,33 +0,0 @@ -To: md@linux.it, mjt@corpit.ru -Subject: pppd-auth-hook.patch -Message-Id: <20040604231517.3E9AD11DC4@paltus.tls.msk.ru> -Date: Sat, 5 Jun 2004 03:15:17 +0400 (MSD) -From: mjt@corpit.ru (Michael Tokarev) - -The patch below fixes pppd segfault when using auth_hook that sets -options for the user (use-after-free problem). - -/mjt - ---- ppp/pppd/auth.c.orig Mon Jun 23 18:12:04 2003 -+++ ppp/pppd/auth.c Sat Jun 5 03:11:36 2004 -@@ -1251,14 +1251,14 @@ - if (pap_auth_hook) { - ret = (*pap_auth_hook)(user, passwd, msg, &addrs, &opts); - if (ret >= 0) { -+ /* note: set_allowed_addrs() saves opts (but not addrs): don't free it! */ - if (ret) - set_allowed_addrs(unit, addrs, opts); -- BZERO(passwd, sizeof(passwd)); -+ else if (opts != 0) -+ free_wordlist(opts); - if (addrs != 0) - free_wordlist(addrs); -- if (opts != 0) { -- free_wordlist(opts); -- } -+ BZERO(passwd, sizeof(passwd)); - return ret? UPAP_AUTHACK: UPAP_AUTHNAK; - } - } - diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/cifdefroute.dif b/obsolete-buildroot/sources/openwrt/patches/ppp/cifdefroute.dif deleted file mode 100644 index 263b674..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/cifdefroute.dif +++ /dev/null @@ -1,283 +0,0 @@ ---- ppp/pppd/ipcp.c Wed May 31 17:20:41 2000 -+++ ppp/pppd/ipcp.c Wed May 31 17:27:19 2000 -@@ -145,7 +145,17 @@ - { "-defaultroute", o_bool, &ipcp_allowoptions[0].default_route, - "disable defaultroute option", OPT_A2COPY, - &ipcp_wantoptions[0].default_route }, - -+#ifdef __linux__ -+ { "replacedefaultroute", o_bool, -+ &ipcp_wantoptions[0].replace_default_route, -+ "Replace default route", 1 -+ }, -+ { "noreplacedefaultroute", o_bool, -+ &ipcp_allowoptions[0].replace_default_route, -+ "Never replace default route", OPT_A2COPY, -+ &ipcp_wantoptions[0].replace_default_route }, -+#endif - { "proxyarp", o_bool, &ipcp_wantoptions[0].proxy_arp, - "Add proxy ARP entry", OPT_ENABLE|1, &ipcp_allowoptions[0].proxy_arp }, - { "noproxyarp", o_bool, &ipcp_allowoptions[0].proxy_arp, -@@ -195,7 +205,7 @@ - ip_active_pkt - }; - --static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t)); -+static void ipcp_clear_addrs __P((int, u_int32_t, u_int32_t, bool)); - static void ipcp_script __P((char *)); /* Run an up/down script */ - static void ipcp_script_done __P((void *)); - -@@ -1344,7 +1354,12 @@ - if (!sifnpmode(u, PPP_IP, NPMODE_QUEUE)) - return 0; - if (wo->default_route) -+#ifndef __linux__ - if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr)) -+#else -+ if (sifdefaultroute(u, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[u] = 1; - if (wo->proxy_arp) - if (sifproxyarp(u, wo->hisaddr)) -@@ -1420,7 +1435,8 @@ - */ - if (demand) { - if (go->ouraddr != wo->ouraddr || ho->hisaddr != wo->hisaddr) { -- ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr); -+ ipcp_clear_addrs(f->unit, wo->ouraddr, wo->hisaddr, -+ wo->replace_default_route); - if (go->ouraddr != wo->ouraddr) { - warn("Local IP address changed to %I", go->ouraddr); - script_setenv("OLDIPLOCAL", ip_ntoa(wo->ouraddr)); -@@ -1445,7 +1461,12 @@ - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -+#ifndef __linux__ - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+#else -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -1492,7 +1513,12 @@ - - /* assign a default route through the interface if required */ - if (ipcp_wantoptions[f->unit].default_route) -+#ifndef __linux__ - if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr)) -+#else -+ if (sifdefaultroute(f->unit, go->ouraddr, ho->hisaddr, -+ wo->replace_default_route)) -+#endif - default_route_set[f->unit] = 1; - - /* Make a proxy ARP entry if requested. */ -@@ -1559,7 +1585,7 @@ - sifnpmode(f->unit, PPP_IP, NPMODE_DROP); - sifdown(f->unit); - ipcp_clear_addrs(f->unit, ipcp_gotoptions[f->unit].ouraddr, -- ipcp_hisoptions[f->unit].hisaddr); -+ ipcp_hisoptions[f->unit].hisaddr, 0); - } - - /* Execute the ip-down script */ -@@ -1575,16 +1601,25 @@ - * proxy arp entries, etc. - */ - static void --ipcp_clear_addrs(unit, ouraddr, hisaddr) -+ipcp_clear_addrs(unit, ouraddr, hisaddr, replacedefaultroute) - int unit; - u_int32_t ouraddr; /* local address */ - u_int32_t hisaddr; /* remote address */ -+ bool replacedefaultroute; - { - if (proxy_arp_set[unit]) { - cifproxyarp(unit, hisaddr); - proxy_arp_set[unit] = 0; - } -- if (default_route_set[unit]) { -+ /* If replacedefaultroute, sifdefaultroute will be called soon -+ * with replacedefaultroute set and that will overwrite the current -+ * default route. This is the case only when doing demand, otherwise -+ * during demand, this cifdefaultroute would restore the old default -+ * route which is not what we want in this case. In the non-demand -+ * case, we'll delete the default route and restore the old if there -+ * is one saved by an sifdefaultroute with replacedefaultroute. -+ */ -+ if (!replacedefaultroute && default_route_set[unit]) { - cifdefaultroute(unit, ouraddr, hisaddr); - default_route_set[unit] = 0; - } ---- ppp/pppd/ipcp.h Wed May 31 17:20:41 2000 -+++ ppp/pppd/ipcp.h Wed May 31 15:56:17 2000 -@@ -47,6 +47,7 @@ - bool old_addrs; /* Use old (IP-Addresses) option? */ - bool req_addr; /* Ask peer to send IP address? */ - bool default_route; /* Assign default route through interface? */ -+ bool replace_default_route; /* Replace default route through interface? */ - bool proxy_arp; /* Make proxy ARP entry for peer? */ - bool neg_vj; /* Van Jacobson Compression? */ - bool old_vj; /* use old (short) form of VJ option? */ ---- ppp/pppd/pppd.8 Wed May 31 17:20:41 2000 -+++ ppp/pppd/pppd.8 Wed May 31 15:56:17 2000 -@@ -99,6 +99,13 @@ - This entry is removed when the PPP connection is broken. This option - is privileged if the \fInodefaultroute\fR option has been specified. - .TP -+.B replacedefaultroute -+This option is a flag to the defaultroute option. If defaultroute is -+set and this flag is also set, pppd replaces an existing default route -+with the new default route. -+ -+ -+.TP - .B disconnect \fIscript - Run the executable or shell command specified by \fIscript\fR after - pppd has terminated the link. This script could, for example, issue -@@ -589,7 +596,12 @@ - .TP - .B nodefaultroute - Disable the \fIdefaultroute\fR option. The system administrator who --wishes to prevent users from creating default routes with pppd -+wishes to prevent users from adding a default route with pppd -+can do so by placing this option in the /etc/ppp/options file. -+.TP -+.B noreplacedefaultroute -+Disable the \fIreplacedefaultroute\fR option. The system administrator who -+wishes to prevent users from replacing a default route with pppd - can do so by placing this option in the /etc/ppp/options file. - .TP - .B nodeflate ---- ppp/pppd/pppd.h Wed May 31 17:20:41 2000 -+++ ppp/pppd/pppd.h Wed May 31 15:56:17 2000 -@@ -416,7 +416,11 @@ - int cif6addr __P((int, eui64_t, eui64_t)); - /* Remove an IPv6 address from i/f */ - #endif -+#ifndef __linux__ - int sifdefaultroute __P((int, u_int32_t, u_int32_t)); -+#else -+int sifdefaultroute __P((int, u_int32_t, u_int32_t, bool replace_default_rt)); -+#endif - /* Create default route through i/f */ - int cifdefaultroute __P((int, u_int32_t, u_int32_t)); - /* Delete default route through i/f */ ---- ppp/pppd/sys-linux.c Wed May 31 17:20:41 2000 -+++ ppp/pppd/sys-linux.c Wed May 31 17:37:23 2000 -@@ -143,6 +143,8 @@ - - static int if_is_up; /* Interface has been marked up */ - static u_int32_t default_route_gateway; /* Gateway for default route added */ -+static struct rtentry old_def_rt; /* Old default route */ -+static int default_rt_repl_rest; /* replace and restore old default rt */ - static u_int32_t proxy_arp_addr; /* Addr for proxy arp entry added */ - static char proxy_arp_dev[16]; /* Device for proxy arp entry */ - static u_int32_t our_old_addr; /* for detecting address changes */ -@@ -1209,6 +1211,9 @@ - p = NULL; - } - -+ SET_SA_FAMILY (rt->rt_dst, AF_INET); -+ SET_SA_FAMILY (rt->rt_gateway, AF_INET); -+ - SIN_ADDR(rt->rt_dst) = strtoul(cols[route_dest_col], NULL, 16); - SIN_ADDR(rt->rt_gateway) = strtoul(cols[route_gw_col], NULL, 16); - SIN_ADDR(rt->rt_genmask) = strtoul(cols[route_mask_col], NULL, 16); -@@ -1278,19 +1283,53 @@ - /******************************************************************** - * - * sifdefaultroute - assign a default route through the address given. -+ * -+ * If the global default_rt_repl_rest flag is set, then this function -+ * already replaced the original system defaultroute with some other -+ * route and it should just replace the current defaultroute with -+ * another one, without saving the current route. Use: demand mode, -+ * when pppd sets first a defaultroute it it's temporary ppp0 addresses -+ * and then changes the temporary addresses to the addresses for the real -+ * ppp connection when it has come up. - */ - --int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway) -+int sifdefaultroute (int unit, u_int32_t ouraddr, u_int32_t gateway, bool replace) - { -- struct rtentry rt; -- -- if (defaultroute_exists(&rt) && strcmp(rt.rt_dev, ifname) != 0) { -- u_int32_t old_gateway = SIN_ADDR(rt.rt_gateway); -+ struct rtentry rt, tmp_rt; -+ struct rtentry *del_rt = NULL; - -- if (old_gateway != gateway) -- error("not replacing existing default route to %s [%I]", -- rt.rt_dev, old_gateway); -- return 0; -+ -+ if (default_rt_repl_rest) { -+ /* We have already reclaced the original defaultroute, if we -+ * are called again, we will delete the current default route -+ * and set the new default route in this function. -+ * - this is normally only the case the doing demand: */ -+ if (defaultroute_exists( &tmp_rt )) -+ del_rt = &tmp_rt; -+ } else if ( defaultroute_exists( &old_def_rt ) && -+ strcmp( old_def_rt.rt_dev, ifname ) != 0) { -+ /* We did not yet replace an existing default route, let's -+ * check if we should save and replace a default route: -+ */ -+ u_int32_t old_gateway = SIN_ADDR(old_def_rt.rt_gateway); -+ -+ if (old_gateway != gateway) { -+ if (!replace) { -+ error("not replacing default route to %s [%I]", -+ old_def_rt.rt_dev, old_gateway); -+ return 0; -+ } else { -+ // we need to copy rt_dev because we need it permanent too: -+ char * tmp_dev = malloc(strlen(old_def_rt.rt_dev)+1); -+ strcpy(tmp_dev, old_def_rt.rt_dev); -+ old_def_rt.rt_dev = tmp_dev; -+ -+ notice("replacing old default route to %s [%I]", -+ old_def_rt.rt_dev, old_gateway); -+ default_rt_repl_rest = 1; -+ del_rt = &old_def_rt; -+ } -+ } - } - - memset (&rt, '\0', sizeof (rt)); -@@ -1310,6 +1349,12 @@ - error("default route ioctl(SIOCADDRT): %m(%d)", errno); - return 0; - } -+ if (default_rt_repl_rest && del_rt) -+ if (ioctl(sock_fd, SIOCDELRT, del_rt) < 0) { -+ if ( ! ok_error ( errno )) -+ error("del old default route ioctl(SIOCDELRT): %m(%d)", errno); -+ return 0; -+ } - - default_route_gateway = gateway; - return 1; -@@ -1344,6 +1389,16 @@ - error("default route ioctl(SIOCDELRT): %m (%d)", errno); - return 0; - } -+ } -+ if (default_rt_repl_rest) { -+ notice("restoring old default route to %s [%I]", -+ old_def_rt.rt_dev, SIN_ADDR(old_def_rt.rt_gateway)); -+ if (ioctl(sock_fd, SIOCADDRT, &old_def_rt) < 0) { -+ if ( ! ok_error ( errno )) -+ error("restore default route ioctl(SIOCADDRT): %m(%d)", errno); -+ return 0; -+ } -+ default_rt_repl_rest = 0; - } - - return 1; diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/close_devfd b/obsolete-buildroot/sources/openwrt/patches/ppp/close_devfd deleted file mode 100644 index 987d964..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/close_devfd +++ /dev/null @@ -1,17 +0,0 @@ -Ensure that the fd returned by the connect method is closed before -running external programs. - -http://article.gmane.org/gmane.linux.ppp/1371 - -diff -ruNp ppp.orig/pppd/main.c ppp/pppd/main.c ---- ppp.orig/pppd/main.c 2004-07-12 12:55:30.000000000 +0200 -+++ ppp/pppd/main.c 2004-07-12 12:55:25.000000000 +0200 -@@ -1662,6 +1662,8 @@ run_program(prog, args, must_exist, done - closelog(); - if (the_channel->close) - (*the_channel->close)(); -+ else -+ close(devfd); - - /* Don't pass handles to the PPP device, even by accident. */ - dup2(fd_devnull, 0); diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/fix_closed_fds b/obsolete-buildroot/sources/openwrt/patches/ppp/fix_closed_fds deleted file mode 100644 index 39208ab..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/fix_closed_fds +++ /dev/null @@ -1,34 +0,0 @@ -sys_init() will open a socket and keep it open for the whole like of the -process. If pppd is started without all standard fds open then the socket -will get one of their numbers, which will be clobbered later by the -/dev/null fd duplicated by main(). - -See Debian bug #235192. - -diff -ruN ppp.orig/pppd/main.c ppp/pppd/main.c ---- ppp.orig/pppd/main.c 2004-02-29 18:50:12.000000000 +0100 -+++ ppp/pppd/main.c 2004-02-29 18:48:56.000000000 +0100 -@@ -385,11 +385,6 @@ - if (dryrun) - die(0); - -- /* -- * Initialize system-dependent stuff. -- */ -- sys_init(); -- - /* Make sure fds 0, 1, 2 are open to somewhere. */ - fd_devnull = open(_PATH_DEVNULL, O_RDWR); - if (fd_devnull < 0) -@@ -401,6 +396,11 @@ - fd_devnull = i; - } - -+ /* -+ * Initialize system-dependent stuff. -+ */ -+ sys_init(); -+ - #ifdef USE_TDB - pppdb = tdb_open(_PATH_PPPDB, 0, 0, O_RDWR|O_CREAT, 0644); - if (pppdb != NULL) { diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/no_crypt_hack b/obsolete-buildroot/sources/openwrt/patches/ppp/no_crypt_hack deleted file mode 100644 index 501409e..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/no_crypt_hack +++ /dev/null @@ -1,45 +0,0 @@ -diff -ruN ppp.orig/pppd/auth.c ppp/pppd/auth.c ---- ppp.orig/pppd/auth.c 2003-06-12 02:01:21.000000000 +0200 -+++ ppp/pppd/auth.c 2003-12-02 14:48:40.000000000 +0100 -@@ -1292,8 +1292,10 @@ - } - if (secret[0] != 0 && !login_secret) { - /* password given in pap-secrets - must match */ -+#ifndef NO_CRYPT_HACK - if ((cryptpap || strcmp(passwd, secret) != 0) - && strcmp(crypt(passwd, secret), secret) != 0) -+#endif - ret = UPAP_AUTHNAK; - } - } -@@ -1495,8 +1497,10 @@ - /* - * If no passwd, don't let them login. - */ -+#ifndef NO_CRYPT_HACK - if (pw->pw_passwd == NULL || strlen(pw->pw_passwd) < 2 - || strcmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd) != 0) -+#endif - return (UPAP_AUTHNAK); - - #endif /* #ifdef USE_PAM */ -diff -ruN ppp.orig/pppd/Makefile.linux ppp/pppd/Makefile.linux ---- ppp.orig/pppd/Makefile.linux 2003-11-27 23:00:22.000000000 +0100 -+++ ppp/pppd/Makefile.linux 2003-12-02 14:47:53.000000000 +0100 -@@ -116,12 +116,16 @@ - #LIBS += -lshadow $(LIBS) - endif - -+ifdef NO_CRYPT_HACK -+CFLAGS += -DNO_CRYPT_HACK -+else - ifneq ($(wildcard /usr/include/crypt.h),) - CFLAGS += -DHAVE_CRYPT_H=1 - endif - ifneq ($(wildcard /usr/lib/libcrypt.*),) - LIBS += -lcrypt - endif -+endif - - ifdef NEEDDES - ifndef USE_CRYPT diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.3.11-oedod.dif b/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.3.11-oedod.dif deleted file mode 100644 index e024696..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.3.11-oedod.dif +++ /dev/null @@ -1,172 +0,0 @@ ---- ppp/pppd/demand.c -+++ ppp/pppd/demand.c 2000/06/28 14:54:04 -@@ -25,6 +25,8 @@ - #include <errno.h> - #include <fcntl.h> - #include <netdb.h> -+#include <unistd.h> -+#include <syslog.h> - #include <sys/param.h> - #include <sys/types.h> - #include <sys/wait.h> -@@ -32,6 +34,8 @@ - #include <sys/resource.h> - #include <sys/stat.h> - #include <sys/socket.h> -+#include <netinet/in.h> -+#include <arpa/inet.h> - #ifdef PPP_FILTER - #include <net/if.h> - #include <net/bpf.h> -@@ -210,6 +214,14 @@ - int c, rv; - - rv = 0; -+ -+/* check for synchronous connection... */ -+ -+ if ( (p[0] == 0xFF) && (p[1] == 0x03) ) { -+ rv = loop_frame(p,n); -+ return rv; -+ } -+ - for (; n > 0; --n) { - c = *p++; - if (c == PPP_FLAG) { -@@ -288,17 +300,102 @@ - * loopback, now that the real serial link is up. - */ - void --demand_rexmit(proto) -+demand_rexmit(proto, newip) - int proto; -+ u_int32_t newip; - { - struct packet *pkt, *prev, *nextpkt; -+ unsigned short checksum; -+ unsigned short pkt_checksum = 0; -+ unsigned iphdr; -+ struct timeval tv; -+ char cv = 0; -+ char ipstr[16]; - - prev = NULL; - pkt = pend_q; - pend_q = NULL; -+ tv.tv_sec = 1; -+ tv.tv_usec = 0; -+ select(0,NULL,NULL,NULL,&tv); /* Sleep for 1 Seconds */ - for (; pkt != NULL; pkt = nextpkt) { - nextpkt = pkt->next; - if (PPP_PROTOCOL(pkt->data) == proto) { -+ if ( (proto == PPP_IP) && newip ) { -+ /* Get old checksum */ -+ -+ iphdr = (pkt->data[4] & 15) << 2; -+ checksum = *((unsigned short *) (pkt->data+14)); -+ if (checksum == 0xFFFF) { -+ checksum = 0; -+ } -+ -+ -+ if (pkt->data[13] == 17) { -+ pkt_checksum = *((unsigned short *) (pkt->data+10+iphdr)); -+ if (pkt_checksum) { -+ cv = 1; -+ if (pkt_checksum == 0xFFFF) { -+ pkt_checksum = 0; -+ } -+ } -+ else { -+ cv = 0; -+ } -+ } -+ -+ if (pkt->data[13] == 6) { -+ pkt_checksum = *((unsigned short *) (pkt->data+20+iphdr)); -+ cv = 1; -+ if (pkt_checksum == 0xFFFF) { -+ pkt_checksum = 0; -+ } -+ } -+ -+ /* Delete old Source-IP-Address */ -+ checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; -+ checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; -+ -+ pkt_checksum -= *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; -+ pkt_checksum -= *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; -+ -+ /* Change Source-IP-Address */ -+ * ((u_int32_t *) (pkt->data + 16)) = newip; -+ -+ /* Add new Source-IP-Address */ -+ checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; -+ checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; -+ -+ pkt_checksum += *((unsigned short *) (pkt->data+16)) ^ 0xFFFF; -+ pkt_checksum += *((unsigned short *) (pkt->data+18)) ^ 0xFFFF; -+ -+ /* Write new checksum */ -+ if (!checksum) { -+ checksum = 0xFFFF; -+ } -+ *((unsigned short *) (pkt->data+14)) = checksum; -+ if (pkt->data[13] == 6) { -+ *((unsigned short *) (pkt->data+20+iphdr)) = pkt_checksum; -+ } -+ if (cv && (pkt->data[13] == 17) ) { -+ *((unsigned short *) (pkt->data+10+iphdr)) = pkt_checksum; -+ } -+ -+ /* Log Packet */ -+ strcpy(ipstr,inet_ntoa(*( (struct in_addr *) (pkt->data+16)))); -+ if (pkt->data[13] == 1) { -+ syslog(LOG_INFO,"Open ICMP %s -> %s\n", -+ ipstr, -+ inet_ntoa(*( (struct in_addr *) (pkt->data+20)))); -+ } else { -+ syslog(LOG_INFO,"Open %s %s:%d -> %s:%d\n", -+ pkt->data[13] == 6 ? "TCP" : "UDP", -+ ipstr, -+ ntohs(*( (short *) (pkt->data+iphdr+4))), -+ inet_ntoa(*( (struct in_addr *) (pkt->data+20))), -+ ntohs(*( (short *) (pkt->data+iphdr+6)))); -+ } -+ } - output(0, pkt->data, pkt->length); - free(pkt); - } else { ---- ppp/pppd/ipcp.c -+++ ppp/pppd/ipcp.c 2000/06/28 12:32:05 -@@ -1454,7 +1454,7 @@ - proxy_arp_set[f->unit] = 1; - - } -- demand_rexmit(PPP_IP); -+ demand_rexmit(PPP_IP,go->ouraddr); - sifnpmode(f->unit, PPP_IP, NPMODE_PASS); - - } else { ---- ppp/pppd/ipv6cp.c -+++ ppp/pppd/ipv6cp.c 2000/06/28 12:32:06 -@@ -1153,7 +1153,7 @@ - } - - } -- demand_rexmit(PPP_IPV6); -+ demand_rexmit(PPP_IPV6,0); - sifnpmode(f->unit, PPP_IPV6, NPMODE_PASS); - - } else { ---- ppp/pppd/pppd.h -+++ ppp/pppd/pppd.h 2000/06/28 12:32:06 -@@ -359,7 +359,7 @@ - void demand_block __P((void)); /* set all NPs to queue up packets */ - void demand_unblock __P((void)); /* set all NPs to pass packets */ - void demand_discard __P((void)); /* set all NPs to discard packets */ --void demand_rexmit __P((int)); /* retransmit saved frames for an NP */ -+void demand_rexmit __P((int, u_int32_t)); /* retransmit saved frames for an NP*/ - int loop_chars __P((unsigned char *, int)); /* process chars from loopback */ - int loop_frame __P((unsigned char *, int)); /* should we bring link up? */ - diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.4.2-stripMSdomain b/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.4.2-stripMSdomain deleted file mode 100644 index d52e386..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/ppp-2.4.2-stripMSdomain +++ /dev/null @@ -1,35 +0,0 @@ -diff -ruN ppp.orig/pppd/chap-new.c ppp/pppd/chap-new.c ---- ppp.orig/pppd/chap-new.c 2003-11-27 23:25:17.000000000 +0100 -+++ ppp/pppd/chap-new.c 2003-12-02 12:26:21.000000000 +0100 -@@ -57,6 +57,7 @@ - int chap_timeout_time = 3; - int chap_max_transmits = 10; - int chap_rechallenge_time = 0; -+int chapms_strip_domain = 0; - - /* - * Command-line options. -@@ -68,6 +69,8 @@ - "Set max #xmits for challenge", OPT_PRIO }, - { "chap-interval", o_int, &chap_rechallenge_time, - "Set interval for rechallenge", OPT_PRIO }, -+ { "chapms-strip-domain", o_bool, &chapms_strip_domain, -+ "Strip the domain prefix before the Username", 1 }, - { NULL } - }; - -@@ -338,6 +341,14 @@ - /* Null terminate and clean remote name. */ - slprintf(rname, sizeof(rname), "%.*v", len, name); - name = rname; -+ -+ /* strip the MS domain name */ -+ if (chapms_strip_domain && strrchr(rname, '\\')) { -+ char tmp[MAXNAMELEN+1]; -+ -+ strcpy(tmp, strrchr(rname, '\\') + 1); -+ strcpy(rname, tmp); -+ } - } - - if (chap_verify_hook) diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/pppdump-no-deflate b/obsolete-buildroot/sources/openwrt/patches/ppp/pppdump-no-deflate deleted file mode 100644 index b76b849..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/pppdump-no-deflate +++ /dev/null @@ -1,12 +0,0 @@ -diff -ruN ppp-2.4.1.uus.orig/pppdump/ppp-comp.h ppp-2.4.1.uus/pppdump/ppp-comp.h ---- ppp-2.4.1.uus.orig/pppdump/ppp-comp.h 1999-03-23 04:21:01.000000000 +0100 -+++ ppp-2.4.1.uus/pppdump/ppp-comp.h 2003-08-09 23:54:49.000000000 +0200 -@@ -37,6 +37,8 @@ - #ifndef DO_BSD_COMPRESS - #define DO_BSD_COMPRESS 1 /* by default, include BSD-Compress */ - #endif -+#undef DO_DEFLATE -+#define DO_DEFLATE 0 - #ifndef DO_DEFLATE - #define DO_DEFLATE 1 /* by default, include Deflate */ - #endif diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/setevn_call_file b/obsolete-buildroot/sources/openwrt/patches/ppp/setevn_call_file deleted file mode 100644 index 256b703..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/setevn_call_file +++ /dev/null @@ -1,24 +0,0 @@ -diff -ruN ppp.orig/pppd/options.c ppp/pppd/options.c ---- ppp.orig/pppd/options.c 2004-02-27 19:45:18.000000000 +0100 -+++ ppp/pppd/options.c 2004-02-27 19:44:48.000000000 +0100 -@@ -1448,6 +1448,7 @@ - if ((fname = (char *) malloc(l)) == NULL) - novm("call file name"); - slprintf(fname, l, "%s%s", _PATH_PEERFILES, arg); -+ script_setenv("CALL_FILE", arg, 0); - - ok = options_from_file(fname, 1, 1, 1); - -diff -ruN ppp.orig/pppd/pppd.8 ppp/pppd/pppd.8 ---- ppp.orig/pppd/pppd.8 2004-02-27 19:45:18.000000000 +0100 -+++ ppp/pppd/pppd.8 2004-02-27 19:45:13.000000000 +0100 -@@ -1569,6 +1569,9 @@ - .B LINKNAME - The logical name of the link, set with the \fIlinkname\fR option. - .TP -+.B CALL_FILE -+The value of the \fIcall\fR option. -+.TP - .B DNS1 - If the peer supplies DNS server addresses, this variable is set to the - first DNS server address supplied. diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/syslog_local2 b/obsolete-buildroot/sources/openwrt/patches/ppp/syslog_local2 deleted file mode 100644 index 32a8cea..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/syslog_local2 +++ /dev/null @@ -1,12 +0,0 @@ -diff -ruN ppp.orig/pppd/pppd.h ppp/pppd/pppd.h ---- ppp.orig/pppd/pppd.h 2003-11-28 00:30:27.000000000 +0100 -+++ ppp/pppd/pppd.h 2003-11-28 00:30:20.000000000 +0100 -@@ -812,7 +812,7 @@ - || defined(DEBUGCHAP) || defined(DEBUG) || defined(DEBUGIPV6CP) - #define LOG_PPP LOG_LOCAL2 - #else --#define LOG_PPP LOG_DAEMON -+#define LOG_PPP LOG_LOCAL2 - #endif - #endif /* LOG_PPP */ - diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/z01_ppp-2.4.2-openwrt.patch b/obsolete-buildroot/sources/openwrt/patches/ppp/z01_ppp-2.4.2-openwrt.patch deleted file mode 100644 index e77b004..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/z01_ppp-2.4.2-openwrt.patch +++ /dev/null @@ -1,225 +0,0 @@ -diff -ruN ppp-2.4.2-old/chat/Makefile.linux ppp-2.4.2-new/chat/Makefile.linux ---- ppp-2.4.2-old/chat/Makefile.linux 2004-01-13 04:57:55.000000000 +0100 -+++ ppp-2.4.2-new/chat/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 -@@ -6,8 +6,9 @@ - CDEF4= -DFNDELAY=O_NDELAY # Old name value - CDEFS= $(CDEF1) $(CDEF2) $(CDEF3) $(CDEF4) - --COPTS= -O2 -g -pipe $(CDEFS) --CFLAGS= $(COPTS) $(CDEFS) -+COPTS = -O2 -+COMPILE_FLAGS = $(CDEFS) -+CFLAGS = $(COPTS) $(COMPILE_FLAGS) - - INSTALL= install - -diff -ruN ppp-2.4.2-old/pppd/Makefile.linux ppp-2.4.2-new/pppd/Makefile.linux ---- ppp-2.4.2-old/pppd/Makefile.linux 2003-11-27 22:55:19.000000000 +0100 -+++ ppp-2.4.2-new/pppd/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 -@@ -47,19 +47,19 @@ - # Uncomment the next line to include support for PPP packet filtering. - # This requires that the libpcap library and headers be installed - # and that the kernel driver support PPP packet filtering. --FILTER=y -+#FILTER=y - - # Uncomment the next line to enable multilink PPP (enabled by default) - # Linux distributions: Please leave multilink ENABLED in your builds - # of pppd! --HAVE_MULTILINK=y -+#HAVE_MULTILINK=y - - # Uncomment the next line to enable the TDB database (enabled by default.) - # If you enable multilink, then TDB is automatically enabled also. - # Linux distributions: Please leave TDB ENABLED in your builds. --USE_TDB=y -+#USE_TDB=y - --HAS_SHADOW=y -+#HAS_SHADOW=y - #USE_PAM=y - #HAVE_INET6=y - -@@ -76,7 +76,7 @@ - - INCLUDE_DIRS= -I../include - --COMPILE_FLAGS= -DHAVE_PATHS_H -DIPX_CHANGE -DHAVE_MMAP -+COMPILE_FLAGS= -DHAVE_PATHS_H - - CFLAGS= $(COPTS) $(COMPILE_FLAGS) $(INCLUDE_DIRS) - -@@ -192,7 +192,7 @@ - CFLAGS += -DMAXOCTETS - endif - --INSTALL= install -o root -+INSTALL= install - - all: $(TARGETS) - -diff -ruN ppp-2.4.2-old/pppd/plugins/Makefile.linux ppp-2.4.2-new/pppd/plugins/Makefile.linux ---- ppp-2.4.2-old/pppd/plugins/Makefile.linux 2004-01-13 04:56:24.000000000 +0100 -+++ ppp-2.4.2-new/pppd/plugins/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 -@@ -1,12 +1,16 @@ --CC = gcc --COPTS = -O2 -g --CFLAGS = $(COPTS) -I.. -I../../include -fPIC --LDFLAGS = -shared --INSTALL = install -o root -+#CC = gcc -+COPTS = -O2 -+COMPILE_FLAGS = -I.. -I../../include -fPIC -+LIBS = -+ -+INSTALL = install -+ -+CFLAGS = $(COPTS) $(COMPILE_FLAGS) -+LDFLAGS = -shared - - SUBDIRS := rp-pppoe - # Uncomment the next line to include the radius authentication plugin --# SUBDIRS += radius -+SUBDIRS += radius - PLUGINS := minconn.so passprompt.so passwordfd.so - - # include dependencies if present -diff -ruN ppp-2.4.2-old/pppd/plugins/radius/Makefile.linux ppp-2.4.2-new/pppd/plugins/radius/Makefile.linux ---- ppp-2.4.2-old/pppd/plugins/radius/Makefile.linux 2002-11-09 12:24:42.000000000 +0100 -+++ ppp-2.4.2-new/pppd/plugins/radius/Makefile.linux 2004-08-23 12:57:38.000000000 +0200 -@@ -5,7 +5,12 @@ - - MANDIR=/usr/man - PLUGIN=radius.so radattr.so radrealms.so --CFLAGS=-I../.. -I../../../include -Iradiusclient/include -O2 -+COPTS = -O2 -+COMPILE_FLAGS = -I../.. -I../../../include -Iradiusclient/include -fPIC -+LIBS= -+ -+CFLAGS=$(COPTS) $(COMPILE_FLAGS) -+LDFLAGS=-lradiusclient - - # Uncomment the next line to include support for Microsoft's - # MS-CHAP authentication protocol. -@@ -37,29 +42,34 @@ - $(INSTALL) -c -m 444 pppd-radattr.8 $(MANDIR)/man8 - - radius.so: radiusclient/lib/.libs/libradiusclient.a radius.o -- gcc -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a -+ $(CC) -o radius.so -shared radius.o radiusclient/lib/.libs/libradiusclient.a - - radattr.so: radattr.o -- gcc -o radattr.so -shared radattr.o -+ $(CC) -o radattr.so -shared radattr.o - - radrealms.so: radrealms.o -- gcc -o radrealms.so -shared radrealms.o -+ $(CC) -o radrealms.so -shared radrealms.o - - radius.o: radius.c -- gcc $(CFLAGS) -c -o radius.o -fPIC radius.c -+ $(CC) -c $(CFLAGS) radius.c -o radius.o - - radattr.o: radattr.c -- gcc $(CFLAGS) -c -o radattr.o -fPIC radattr.c -+ $(CC) -c $(CFLAGS) radattr.c -o radattr.o - - radrealms.o: radrealms.c -- gcc $(CFLAGS) -c -o radrealms.o -fPIC radrealms.c -+ $(CC) -c $(CFLAGS) radrealms.c -o radrealms.o - - radiusclient/lib/.libs/libradiusclient.a: - test -r radiusclient/Makefile || \ - (cd radiusclient; \ -+ rm -f config.cache ; \ -+ aclocal ; \ -+ autoconf ; \ -+ ac_cv_func_setvbuf_reversed=no \ -+ ac_cv_func_uname=no \ - ./configure --prefix=/usr \ - --sysconfdir=/etc \ -- --enable-shared \ -+ --disable-shared \ - --enable-static) - $(MAKE) -C radiusclient - -diff -ruN ppp-2.4.2-old/pppd/plugins/rp-pppoe/Makefile.linux ppp-2.4.2-new/pppd/plugins/rp-pppoe/Makefile.linux ---- ppp-2.4.2-old/pppd/plugins/rp-pppoe/Makefile.linux 2004-01-13 04:57:55.000000000 +0100 -+++ ppp-2.4.2-new/pppd/plugins/rp-pppoe/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 -@@ -16,12 +16,16 @@ - # Version is set ONLY IN THE MAKEFILE! Don't delete this! - VERSION=3.3 - --COPTS=-O2 -g --CFLAGS=$(COPTS) -I../../../include/linux -+#CC = gcc -+COPTS = -O2 -+COMPILE_FLAGS = -I../../../include/linux -fPIC -+ -+CFLAGS = $(COPTS) $(COMPILE_FLAGS) -+ - all: rp-pppoe.so - - rp-pppoe.so: libplugin.a plugin.o -- gcc -o rp-pppoe.so -shared plugin.o libplugin.a -+ $(CC) -o rp-pppoe.so -shared plugin.o libplugin.a - - install: all - $(INSTALL) -d -m 755 $(LIBDIR) -@@ -31,20 +35,20 @@ - rm -f *.o *.so - - plugin.o: plugin.c -- gcc '-DRP_VERSION="$(VERSION)"' $(CFLAGS) -I../../.. -c -o plugin.o -fPIC plugin.c -+ $(CC) -c $(CFLAGS) plugin.c '-DRP_VERSION="$(VERSION)"' -I../../.. -o plugin.o - - libplugin.a: discovery.o if.o common.o debug.o -- ar -rc $@ $^ -+ $(AR) -rc $@ $^ - - discovery.o: discovery.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o discovery.o -fPIC discovery.c -+ $(CC) -c $(CFLAGS) discovery.c '-DVERSION="$(VERSION)"' -o discovery.o - - if.o: if.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o if.o -fPIC if.c -+ $(CC) -c $(CFLAGS) if.c '-DVERSION="$(VERSION)"' -o if.o - - debug.o: debug.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o debug.o -fPIC debug.c -+ $(CC) -c $(CFLAGS) debug.c '-DVERSION="$(VERSION)"' -o debug.o - - common.o: common.c -- gcc $(CFLAGS) '-DVERSION="$(VERSION)"' -c -o common.o -fPIC common.c -+ $(CC) -c $(CFLAGS) common.c '-DVERSION="$(VERSION)"' -o common.o - -diff -ruN ppp-2.4.2-old/pppdump/Makefile.linux ppp-2.4.2-new/pppdump/Makefile.linux ---- ppp-2.4.2-old/pppdump/Makefile.linux 1999-07-26 13:09:29.000000000 +0200 -+++ ppp-2.4.2-new/pppdump/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 -@@ -1,4 +1,8 @@ --CFLAGS= -O -I../include/net -+#CC = gcc -+COPTS = -O -+COMPILE_FLAGS = -I../include/net -+CFLAGS= $(COPTS) $(COMPILE_FLAGS) -+ - OBJS = pppdump.o bsd-comp.o deflate.o zlib.o - - INSTALL= install -diff -ruN ppp-2.4.2-old/pppstats/Makefile.linux ppp-2.4.2-new/pppstats/Makefile.linux ---- ppp-2.4.2-old/pppstats/Makefile.linux 2002-11-09 12:24:43.000000000 +0100 -+++ ppp-2.4.2-new/pppstats/Makefile.linux 2004-08-23 12:48:50.000000000 +0200 -@@ -7,11 +7,11 @@ - PPPSTATOBJS = pppstats.o - - #CC = gcc --COPTS = -O -+COPTS = -O2 - COMPILE_FLAGS = -I../include - LIBS = - --INSTALL= install -o root -g daemon -+INSTALL= install - - CFLAGS = $(COPTS) $(COMPILE_FLAGS) - diff --git a/obsolete-buildroot/sources/openwrt/patches/ppp/z02_ppp-2.4.2-stdopt-mppe-mppc-1.1.patch b/obsolete-buildroot/sources/openwrt/patches/ppp/z02_ppp-2.4.2-stdopt-mppe-mppc-1.1.patch deleted file mode 100644 index d230534..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/ppp/z02_ppp-2.4.2-stdopt-mppe-mppc-1.1.patch +++ /dev/null @@ -1,1608 +0,0 @@ -diff -ruN ppp-2.4.2.orig/include/linux/ppp-comp.h ppp-2.4.2-stdopt/include/linux/ppp-comp.h ---- ppp-2.4.2.orig/include/linux/ppp-comp.h 2002-12-06 10:49:15.000000000 +0100 -+++ ppp-2.4.2-stdopt/include/linux/ppp-comp.h 2004-01-21 06:51:09.000000000 +0100 -@@ -36,7 +36,7 @@ - */ - - /* -- * ==FILEVERSION 20020319== -+ * ==FILEVERSION 20020715== - * - * NOTE TO MAINTAINERS: - * If you modify this file at all, please set the above date. -@@ -86,7 +86,7 @@ - - /* Compress a packet */ - int (*compress) (void *state, unsigned char *rptr, -- unsigned char *obuf, int isize, int osize); -+ unsigned char *obuf, int isize, int osize); - - /* Return compression statistics */ - void (*comp_stat) (void *state, struct compstat *stats); -@@ -107,7 +107,7 @@ - - /* Decompress a packet. */ - int (*decompress) (void *state, unsigned char *ibuf, int isize, -- unsigned char *obuf, int osize); -+ unsigned char *obuf, int osize); - - /* Update state for an incompressible packet received */ - void (*incomp) (void *state, unsigned char *ibuf, int icnt); -@@ -288,6 +288,33 @@ - opts |= MPPE_OPT_UNKNOWN; \ - } while (/* CONSTCOND */ 0) - -+/* MPPE/MPPC definitions by J.D.*/ -+#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */ -+#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */ -+#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */ -+#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */ -+#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */ -+ -+/* -+ * Definitions for Stac LZS. -+ */ -+ -+#define CI_LZS 17 /* config option for Stac LZS */ -+#define CILEN_LZS 5 /* length of config option */ -+ -+#define LZS_OVHD 4 /* max. LZS overhead */ -+#define LZS_HIST_LEN 2048 /* LZS history size */ -+#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ -+ -+#define LZS_MODE_NONE 0 -+#define LZS_MODE_LCB 1 -+#define LZS_MODE_CRC 2 -+#define LZS_MODE_SEQ 3 -+#define LZS_MODE_EXT 4 -+ -+#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */ -+#define LZS_EXT_BIT_COMP 0x20 /* bit C */ -+ - /* - * Definitions for other, as yet unsupported, compression methods. - */ -diff -ruN ppp-2.4.2.orig/include/net/ppp-comp.h ppp-2.4.2-stdopt/include/net/ppp-comp.h ---- ppp-2.4.2.orig/include/net/ppp-comp.h 2002-12-06 10:49:15.000000000 +0100 -+++ ppp-2.4.2-stdopt/include/net/ppp-comp.h 2004-01-21 06:51:09.000000000 +0100 -@@ -255,6 +255,33 @@ - opts |= MPPE_OPT_UNKNOWN; \ - } while (/* CONSTCOND */ 0) - -+/* MPPE/MPPC definitions by J.D.*/ -+#define MPPE_STATELESS MPPE_H_BIT /* configuration bit H */ -+#define MPPE_40BIT MPPE_L_BIT /* configuration bit L */ -+#define MPPE_56BIT MPPE_M_BIT /* configuration bit M */ -+#define MPPE_128BIT MPPE_S_BIT /* configuration bit S */ -+#define MPPE_MPPC MPPE_C_BIT /* configuration bit C */ -+ -+/* -+ * Definitions for Stac LZS. -+ */ -+ -+#define CI_LZS 17 /* config option for Stac LZS */ -+#define CILEN_LZS 5 /* length of config option */ -+ -+#define LZS_OVHD 4 /* max. LZS overhead */ -+#define LZS_HIST_LEN 2048 /* LZS history size */ -+#define LZS_MAX_CCOUNT 0x0FFF /* max. coherency counter value */ -+ -+#define LZS_MODE_NONE 0 -+#define LZS_MODE_LCB 1 -+#define LZS_MODE_CRC 2 -+#define LZS_MODE_SEQ 3 -+#define LZS_MODE_EXT 4 -+ -+#define LZS_EXT_BIT_FLUSHED 0x80 /* bit A */ -+#define LZS_EXT_BIT_COMP 0x20 /* bit C */ -+ - /* - * Definitions for other, as yet unsupported, compression methods. - */ -diff -ruN ppp-2.4.2.orig/pppd/ccp.c ppp-2.4.2-stdopt/pppd/ccp.c ---- ppp-2.4.2.orig/pppd/ccp.c 2003-05-01 14:30:28.000000000 +0200 -+++ ppp-2.4.2-stdopt/pppd/ccp.c 2004-05-02 14:10:04.000000000 +0200 -@@ -67,13 +67,6 @@ - static char bsd_value[8]; - static char deflate_value[8]; - --/* -- * Option variables. -- */ --#ifdef MPPE --bool refuse_mppe_stateful = 1; /* Allow stateful mode? */ --#endif -- - static option_t ccp_option_list[] = { - { "noccp", o_bool, &ccp_protent.enabled_flag, - "Disable CCP negotiation" }, -@@ -113,54 +106,87 @@ - "don't allow Predictor-1", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, - &ccp_allowoptions[0].predictor_1 }, - -+ { "lzs", o_bool, &ccp_wantoptions[0].lzs, -+ "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_PRIO }, -+ { "+lzs", o_bool, &ccp_wantoptions[0].lzs, -+ "request Stac LZS", 1, &ccp_allowoptions[0].lzs, OPT_ALIAS | OPT_PRIO }, -+ { "nolzs", o_bool, &ccp_wantoptions[0].lzs, -+ "don't allow Stac LZS", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].lzs }, -+ { "-lzs", o_bool, &ccp_wantoptions[0].lzs, -+ "don't allow Stac LZS", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].lzs }, -+ - #ifdef MPPE -- /* MPPE options are symmetrical ... we only set wantoptions here */ -+ { "mppc", o_bool, &ccp_wantoptions[0].mppc, -+ "request MPPC compression", 1, &ccp_allowoptions[0].mppc, OPT_PRIO }, -+ { "+mppc", o_bool, &ccp_wantoptions[0].mppc, -+ "request MPPC compression", 1, &ccp_allowoptions[0].mppc, -+ OPT_ALIAS | OPT_PRIO }, -+ { "nomppc", o_bool, &ccp_wantoptions[0].mppc, -+ "don't allow MPPC compression", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppc }, -+ { "-mppc", o_bool, &ccp_wantoptions[0].mppc, -+ "don't allow MPPC compression", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppc }, -+ - { "require-mppe", o_bool, &ccp_wantoptions[0].mppe, -- "require MPPE encryption", -- OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, -+ "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, OPT_PRIO }, - { "+mppe", o_bool, &ccp_wantoptions[0].mppe, -- "require MPPE encryption", -- OPT_ALIAS | OPT_PRIO | MPPE_OPT_40 | MPPE_OPT_128 }, -+ "require MPPE encryption", 1, &ccp_allowoptions[0].mppe, -+ OPT_ALIAS | OPT_PRIO }, - { "nomppe", o_bool, &ccp_wantoptions[0].mppe, -- "don't allow MPPE encryption", OPT_PRIO }, -+ "don't allow MPPE encryption", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe }, - { "-mppe", o_bool, &ccp_wantoptions[0].mppe, -- "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIO }, -+ "don't allow MPPE encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe }, - -- /* We use ccp_allowoptions[0].mppe as a junk var ... it is reset later */ -- { "require-mppe-40", o_bool, &ccp_allowoptions[0].mppe, -- "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, -- &ccp_wantoptions[0].mppe }, -- { "+mppe-40", o_bool, &ccp_allowoptions[0].mppe, -- "require MPPE 40-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_40, -- &ccp_wantoptions[0].mppe }, -- { "nomppe-40", o_bool, &ccp_allowoptions[0].mppe, -- "don't allow MPPE 40-bit encryption", -- OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, &ccp_wantoptions[0].mppe }, -- { "-mppe-40", o_bool, &ccp_allowoptions[0].mppe, -- "don't allow MPPE 40-bit encryption", -- OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_40, -- &ccp_wantoptions[0].mppe }, -- -- { "require-mppe-128", o_bool, &ccp_allowoptions[0].mppe, -- "require MPPE 128-bit encryption", OPT_PRIO | OPT_A2OR | MPPE_OPT_128, -- &ccp_wantoptions[0].mppe }, -- { "+mppe-128", o_bool, &ccp_allowoptions[0].mppe, -- "require MPPE 128-bit encryption", -- OPT_ALIAS | OPT_PRIO | OPT_A2OR | MPPE_OPT_128, -- &ccp_wantoptions[0].mppe }, -- { "nomppe-128", o_bool, &ccp_allowoptions[0].mppe, -- "don't allow MPPE 128-bit encryption", -- OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, &ccp_wantoptions[0].mppe }, -- { "-mppe-128", o_bool, &ccp_allowoptions[0].mppe, -- "don't allow MPPE 128-bit encryption", -- OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLRB | MPPE_OPT_128, -- &ccp_wantoptions[0].mppe }, -- -- /* strange one; we always request stateless, but will we allow stateful? */ -- { "mppe-stateful", o_bool, &refuse_mppe_stateful, -- "allow MPPE stateful mode", OPT_PRIO }, -- { "nomppe-stateful", o_bool, &refuse_mppe_stateful, -- "disallow MPPE stateful mode", OPT_PRIO | 1 }, -+ { "require-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, -+ "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40, -+ OPT_PRIO }, -+ { "+mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, -+ "require MPPE 40-bit encryption", 1, &ccp_allowoptions[0].mppe_40, -+ OPT_ALIAS | OPT_PRIO }, -+ { "nomppe-40", o_bool, &ccp_wantoptions[0].mppe_40, -+ "don't allow MPPE 40-bit encryption", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_40 }, -+ { "-mppe-40", o_bool, &ccp_wantoptions[0].mppe_40, -+ "don't allow MPPE 40-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_40 }, -+ -+ { "require-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, -+ "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56, -+ OPT_PRIO }, -+ { "+mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, -+ "require MPPE 56-bit encryption", 1, &ccp_allowoptions[0].mppe_56, -+ OPT_ALIAS | OPT_PRIO }, -+ { "nomppe-56", o_bool, &ccp_wantoptions[0].mppe_56, -+ "don't allow MPPE 56-bit encryption", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_56 }, -+ { "-mppe-56", o_bool, &ccp_wantoptions[0].mppe_56, -+ "don't allow MPPE 56-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_56 }, -+ -+ { "require-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, -+ "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128, -+ OPT_PRIO }, -+ { "+mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, -+ "require MPPE 128-bit encryption", 1, &ccp_allowoptions[0].mppe_128, -+ OPT_ALIAS | OPT_PRIO }, -+ { "nomppe-128", o_bool, &ccp_wantoptions[0].mppe_40, -+ "don't allow MPPE 128-bit encryption", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_128 }, -+ { "-mppe-128", o_bool, &ccp_wantoptions[0].mppe_128, -+ "don't allow MPPE 128-bit encryption", OPT_ALIAS | OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_128 }, -+ -+ { "nomppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless, -+ "disallow MPPE stateful mode", 1, &ccp_allowoptions[0].mppe_stateless, -+ OPT_PRIO }, -+ { "mppe-stateful", o_bool, &ccp_wantoptions[0].mppe_stateless, -+ "allow MPPE stateful mode", OPT_PRIOSUB | OPT_A2CLR, -+ &ccp_allowoptions[0].mppe_stateless }, - #endif /* MPPE */ - - { NULL } -@@ -246,7 +272,7 @@ - */ - #define ANY_COMPRESS(opt) ((opt).deflate || (opt).bsd_compress \ - || (opt).predictor_1 || (opt).predictor_2 \ -- || (opt).mppe) -+ || (opt).lzs || (opt).mppc || (opt).mppe) - - /* - * Local state (mainly for handling reset-reqs and reset-acks). -@@ -383,6 +409,30 @@ - ccp_allowoptions[0].bsd_bits = BSD_MAX_BITS; - - ccp_allowoptions[0].predictor_1 = 1; -+ -+ ccp_wantoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */ -+ ccp_wantoptions[0].lzs_mode = LZS_MODE_SEQ; -+ ccp_wantoptions[0].lzs_hists = 1; -+ ccp_allowoptions[0].lzs = 0; /* Stac LZS - will be enabled in the future */ -+ ccp_allowoptions[0].lzs_mode = LZS_MODE_SEQ; -+ ccp_allowoptions[0].lzs_hists = 1; -+ -+#ifdef MPPE -+ /* by default allow and request MPPC... */ -+ ccp_wantoptions[0].mppc = ccp_allowoptions[0].mppc = 1; -+ -+ /* ... and allow but don't request MPPE */ -+ ccp_allowoptions[0].mppe = 1; -+ ccp_allowoptions[0].mppe_40 = 1; -+ ccp_allowoptions[0].mppe_56 = 1; -+ ccp_allowoptions[0].mppe_128 = 1; -+ ccp_allowoptions[0].mppe_stateless = 1; -+ ccp_wantoptions[0].mppe = 0; -+ ccp_wantoptions[0].mppe_40 = 0; -+ ccp_wantoptions[0].mppe_56 = 0; -+ ccp_wantoptions[0].mppe_128 = 0; -+ ccp_wantoptions[0].mppe_stateless = 0; -+#endif /* MPPE */ - } - - /* -@@ -460,11 +510,11 @@ - if (oldstate == OPENED && p[0] == TERMREQ && f->state != OPENED) { - notice("Compression disabled by peer."); - #ifdef MPPE -- if (ccp_gotoptions[unit].mppe) { -+ if (ccp_wantoptions[unit].mppe) { - error("MPPE disabled, closing LCP"); - lcp_close(unit, "MPPE disabled by peer"); - } --#endif -+#endif /* MPPE */ - } - - /* -@@ -492,6 +542,15 @@ - break; - /* send a reset-ack, which the transmitter will see and - reset its compression state. */ -+ -+ /* In case of MPPE/MPPC or LZS we shouldn't send CCP_RESETACK, -+ but we do it in order to reset compressor; CCP_RESETACK is -+ then silently discarded. See functions ppp_send_frame and -+ ppp_ccp_peek in ppp_generic.c (Linux only !!!). All the -+ confusion is caused by the fact that CCP code is splited -+ into two parts - one part is handled by pppd, the other one -+ is handled by kernel. */ -+ - fsm_sdata(f, CCP_RESETACK, id, NULL, 0); - break; - -@@ -520,12 +579,11 @@ - fsm_lowerdown(&ccp_fsm[unit]); - - #ifdef MPPE -- if (ccp_gotoptions[unit].mppe) { -+ if (ccp_wantoptions[unit].mppe) { - error("MPPE required but peer negotiation failed"); - lcp_close(unit, "MPPE required but peer negotiation failed"); - } --#endif -- -+#endif /* MPPE */ - } - - /* -@@ -542,7 +600,7 @@ - all_rejected[f->unit] = 0; - - #ifdef MPPE -- if (go->mppe) { -+ if (go->mppe || go->mppc) { - ccp_options *ao = &ccp_allowoptions[f->unit]; - int auth_mschap_bits = auth_done[f->unit]; - int numbits; -@@ -556,80 +614,109 @@ - * NB: If MPPE is required, all other compression opts are invalid. - * So, we return right away if we can't do it. - */ -+ if (ccp_wantoptions[f->unit].mppe) { -+ /* Leave only the mschap auth bits set */ -+ auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | -+ CHAP_MS2_WITHPEER | CHAP_MS2_PEER); -+ /* Count the mschap auths */ -+ auth_mschap_bits >>= CHAP_MS_SHIFT; -+ numbits = 0; -+ do { -+ numbits += auth_mschap_bits & 1; -+ auth_mschap_bits >>= 1; -+ } while (auth_mschap_bits); -+ if (numbits > 1) { -+ error("MPPE required, but auth done in both directions."); -+ lcp_close(f->unit, "MPPE required but not available"); -+ return; -+ } -+ if (!numbits) { -+ error("MPPE required, but MS-CHAP[v2] auth not performed."); -+ lcp_close(f->unit, "MPPE required but not available"); -+ return; -+ } - -- /* Leave only the mschap auth bits set */ -- auth_mschap_bits &= (CHAP_MS_WITHPEER | CHAP_MS_PEER | -- CHAP_MS2_WITHPEER | CHAP_MS2_PEER); -- /* Count the mschap auths */ -- auth_mschap_bits >>= CHAP_MS_SHIFT; -- numbits = 0; -- do { -- numbits += auth_mschap_bits & 1; -- auth_mschap_bits >>= 1; -- } while (auth_mschap_bits); -- if (numbits > 1) { -- error("MPPE required, but auth done in both directions."); -- lcp_close(f->unit, "MPPE required but not available"); -- return; -- } -- if (!numbits) { -- error("MPPE required, but MS-CHAP[v2] auth not performed."); -- lcp_close(f->unit, "MPPE required but not available"); -- return; -- } -- -- /* A plugin (eg radius) may not have obtained key material. */ -- if (!mppe_keys_set) { -- error("MPPE required, but keys are not available. " -- "Possible plugin problem?"); -- lcp_close(f->unit, "MPPE required but not available"); -- return; -- } -- -- /* LM auth not supported for MPPE */ -- if (auth_done[f->unit] & (CHAP_MS_WITHPEER | CHAP_MS_PEER)) { -- /* This might be noise */ -- if (go->mppe & MPPE_OPT_40) { -- notice("Disabling 40-bit MPPE; MS-CHAP LM not supported"); -- go->mppe &= ~MPPE_OPT_40; -- ccp_wantoptions[f->unit].mppe &= ~MPPE_OPT_40; -+ /* A plugin (eg radius) may not have obtained key material. */ -+ if (!mppe_keys_set) { -+ error("MPPE required, but keys are not available. " -+ "Possible plugin problem?"); -+ lcp_close(f->unit, "MPPE required but not available"); -+ return; - } - } - -- /* Last check: can we actually negotiate something? */ -- if (!(go->mppe & (MPPE_OPT_40 | MPPE_OPT_128))) { -- /* Could be misconfig, could be 40-bit disabled above. */ -- error("MPPE required, but both 40-bit and 128-bit disabled."); -- lcp_close(f->unit, "MPPE required but not available"); -- return; -+ /* -+ * Check whether the kernel knows about the various -+ * compression methods we might request. Key material -+ * unimportant here. -+ */ -+ if (go->mppc) { -+ opt_buf[0] = CI_MPPE; -+ opt_buf[1] = CILEN_MPPE; -+ opt_buf[2] = 0; -+ opt_buf[3] = 0; -+ opt_buf[4] = 0; -+ opt_buf[5] = MPPE_MPPC; -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 0) <= 0) -+ go->mppc = 0; -+ } -+ if (go->mppe_40) { -+ opt_buf[0] = CI_MPPE; -+ opt_buf[1] = CILEN_MPPE; -+ opt_buf[2] = MPPE_STATELESS; -+ opt_buf[3] = 0; -+ opt_buf[4] = 0; -+ opt_buf[5] = MPPE_40BIT; -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) -+ go->mppe_40 = 0; -+ } -+ if (go->mppe_56) { -+ opt_buf[0] = CI_MPPE; -+ opt_buf[1] = CILEN_MPPE; -+ opt_buf[2] = MPPE_STATELESS; -+ opt_buf[3] = 0; -+ opt_buf[4] = 0; -+ opt_buf[5] = MPPE_56BIT; -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) -+ go->mppe_56 = 0; -+ } -+ if (go->mppe_128) { -+ opt_buf[0] = CI_MPPE; -+ opt_buf[1] = CILEN_MPPE; -+ opt_buf[2] = MPPE_STATELESS; -+ opt_buf[3] = 0; -+ opt_buf[4] = 0; -+ opt_buf[5] = MPPE_128BIT; -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) -+ go->mppe_128 = 0; -+ } -+ if (!go->mppe_40 && !go->mppe_56 && !go->mppe_128) { -+ if (ccp_wantoptions[f->unit].mppe) { -+ error("MPPE required, but kernel has no support."); -+ lcp_close(f->unit, "MPPE required but not available"); -+ } -+ go->mppe = go->mppe_stateless = 0; -+ } else { -+ /* MPPE is not compatible with other compression types */ -+ if (ccp_wantoptions[f->unit].mppe) { -+ ao->bsd_compress = go->bsd_compress = 0; -+ ao->predictor_1 = go->predictor_1 = 0; -+ ao->predictor_2 = go->predictor_2 = 0; -+ ao->deflate = go->deflate = 0; -+ ao->lzs = go->lzs = 0; -+ } - } -- -- /* sync options */ -- ao->mppe = go->mppe; -- /* MPPE is not compatible with other compression types */ -- ao->bsd_compress = go->bsd_compress = 0; -- ao->predictor_1 = go->predictor_1 = 0; -- ao->predictor_2 = go->predictor_2 = 0; -- ao->deflate = go->deflate = 0; - } - #endif /* MPPE */ -- -- /* -- * Check whether the kernel knows about the various -- * compression methods we might request. -- */ --#ifdef MPPE -- if (go->mppe) { -- opt_buf[0] = CI_MPPE; -- opt_buf[1] = CILEN_MPPE; -- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); -- /* Key material unimportant here. */ -- if (ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0) <= 0) { -- error("MPPE required, but kernel has no support."); -- lcp_close(f->unit, "MPPE required but not available"); -- } -+ if (go->lzs) { -+ opt_buf[0] = CI_LZS; -+ opt_buf[1] = CILEN_LZS; -+ opt_buf[2] = go->lzs_hists >> 8; -+ opt_buf[3] = go->lzs_hists & 0xff; -+ opt_buf[4] = LZS_MODE_SEQ; -+ if (ccp_test(f->unit, opt_buf, CILEN_LZS, 0) <= 0) -+ go->lzs = 0; - } --#endif - if (go->bsd_compress) { - opt_buf[0] = CI_BSD_COMPRESS; - opt_buf[1] = CILEN_BSD_COMPRESS; -@@ -684,7 +771,8 @@ - + (go->deflate? CILEN_DEFLATE: 0) - + (go->predictor_1? CILEN_PREDICTOR_1: 0) - + (go->predictor_2? CILEN_PREDICTOR_2: 0) -- + (go->mppe? CILEN_MPPE: 0); -+ + (go->lzs? CILEN_LZS: 0) -+ + ((go->mppe || go->mppc)? CILEN_MPPE: 0); - } - - /* -@@ -698,6 +786,8 @@ - { - int res; - ccp_options *go = &ccp_gotoptions[f->unit]; -+ ccp_options *ao = &ccp_allowoptions[f->unit]; -+ ccp_options *wo = &ccp_wantoptions[f->unit]; - u_char *p0 = p; - - /* -@@ -706,22 +796,43 @@ - * in case it gets Acked. - */ - #ifdef MPPE -- if (go->mppe) { -+ if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) { - u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; - -- p[0] = opt_buf[0] = CI_MPPE; -- p[1] = opt_buf[1] = CILEN_MPPE; -- MPPE_OPTS_TO_CI(go->mppe, &p[2]); -- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); -+ p[0] = CI_MPPE; -+ p[1] = CILEN_MPPE; -+ p[2] = (go->mppe_stateless ? MPPE_STATELESS : 0); -+ p[3] = 0; -+ p[4] = 0; -+ p[5] = (go->mppe_40 ? MPPE_40BIT : 0) | (go->mppe_56 ? MPPE_56BIT : 0) | -+ (go->mppe_128 ? MPPE_128BIT : 0) | (go->mppc ? MPPE_MPPC : 0); -+ -+ BCOPY(p, opt_buf, CILEN_MPPE); - BCOPY(mppe_recv_key, &opt_buf[CILEN_MPPE], MPPE_MAX_KEY_LEN); - res = ccp_test(f->unit, opt_buf, CILEN_MPPE + MPPE_MAX_KEY_LEN, 0); -- if (res > 0) -+ if (res > 0) { - p += CILEN_MPPE; -- else -+ } else { - /* This shouldn't happen, we've already tested it! */ -- lcp_close(f->unit, "MPPE required but not available in kernel"); -+ go->mppe = go->mppe_40 = go->mppe_56 = go->mppe_128 = -+ go->mppe_stateless = go->mppc = 0; -+ if (ccp_wantoptions[f->unit].mppe) -+ lcp_close(f->unit, "MPPE required but not available in kernel"); -+ } -+ } -+#endif /* MPPE */ -+ if (go->lzs) { -+ p[0] = CI_LZS; -+ p[1] = CILEN_LZS; -+ p[2] = go->lzs_hists >> 8; -+ p[3] = go->lzs_hists & 0xff; -+ p[4] = LZS_MODE_SEQ; -+ res = ccp_test(f->unit, p, CILEN_LZS, 0); -+ if (res > 0) { -+ p += CILEN_LZS; -+ } else -+ go->lzs = 0; - } --#endif - if (go->deflate) { - p[0] = go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT; - p[1] = CILEN_DEFLATE; -@@ -807,7 +918,7 @@ - - /* - * ccp_ackci - process a received configure-ack, and return -- * 1 iff the packet was OK. -+ * 1 if the packet was OK. - */ - static int - ccp_ackci(f, p, len) -@@ -816,24 +927,44 @@ - int len; - { - ccp_options *go = &ccp_gotoptions[f->unit]; -+ ccp_options *ao = &ccp_allowoptions[f->unit]; -+ ccp_options *wo = &ccp_wantoptions[f->unit]; - u_char *p0 = p; - - #ifdef MPPE -- if (go->mppe) { -- u_char opt_buf[CILEN_MPPE]; -- -- opt_buf[0] = CI_MPPE; -- opt_buf[1] = CILEN_MPPE; -- MPPE_OPTS_TO_CI(go->mppe, &opt_buf[2]); -- if (len < CILEN_MPPE || memcmp(opt_buf, p, CILEN_MPPE)) -+ if (go->mppe || go->mppc || (!wo->mppe && ao->mppe)) { -+ if (len < CILEN_MPPE -+ || p[1] != CILEN_MPPE || p[0] != CI_MPPE -+ || p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) -+ || p[3] != 0 -+ || p[4] != 0 -+ || (p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) | -+ (go->mppc ? MPPE_MPPC : 0)) -+ && p[5] != ((go->mppe_56 ? MPPE_56BIT : 0) | -+ (go->mppc ? MPPE_MPPC : 0)) -+ && p[5] != ((go->mppe_128 ? MPPE_128BIT : 0) | -+ (go->mppc ? MPPE_MPPC : 0)))) - return 0; -+ if (go->mppe_40 || go->mppe_56 || go->mppe_128) -+ go->mppe = 1; - p += CILEN_MPPE; - len -= CILEN_MPPE; -+ /* Cope with first/fast ack */ -+ if (p == p0 && len == 0) -+ return 1; -+ } -+#endif /* MPPE */ -+ if (go->lzs) { -+ if (len < CILEN_LZS || p[0] != CI_LZS || p[1] != CILEN_LZS -+ || p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff) -+ || p[4] != LZS_MODE_SEQ) -+ return 0; -+ p += CILEN_LZS; -+ len -= CILEN_LZS; - /* XXX Cope with first/fast ack */ -- if (len == 0) -+ if (p == p0 && len == 0) - return 1; - } --#endif - if (go->deflate) { - if (len < CILEN_DEFLATE - || p[0] != (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) -@@ -896,7 +1027,7 @@ - - /* - * ccp_nakci - process received configure-nak. -- * Returns 1 iff the nak was OK. -+ * Returns 1 if the nak was OK. - */ - static int - ccp_nakci(f, p, len) -@@ -905,6 +1036,8 @@ - int len; - { - ccp_options *go = &ccp_gotoptions[f->unit]; -+ ccp_options *ao = &ccp_allowoptions[f->unit]; -+ ccp_options *wo = &ccp_wantoptions[f->unit]; - ccp_options no; /* options we've seen already */ - ccp_options try; /* options to ask for next time */ - -@@ -912,28 +1045,100 @@ - try = *go; - - #ifdef MPPE -- if (go->mppe && len >= CILEN_MPPE -- && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { -- no.mppe = 1; -- /* -- * Peer wants us to use a different strength or other setting. -- * Fail if we aren't willing to use his suggestion. -- */ -- MPPE_CI_TO_OPTS(&p[2], try.mppe); -- if ((try.mppe & MPPE_OPT_STATEFUL) && refuse_mppe_stateful) { -- error("Refusing MPPE stateful mode offered by peer"); -- try.mppe = 0; -- } else if (((go->mppe | MPPE_OPT_STATEFUL) & try.mppe) != try.mppe) { -- /* Peer must have set options we didn't request (suggest) */ -- try.mppe = 0; -- } -+ if ((go->mppe || go->mppc || (!wo->mppe && ao->mppe)) && -+ len >= CILEN_MPPE && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { - -- if (!try.mppe) { -- error("MPPE required but peer negotiation failed"); -- lcp_close(f->unit, "MPPE required but peer negotiation failed"); -+ if (go->mppc) { -+ no.mppc = 1; -+ if (!(p[5] & MPPE_MPPC)) -+ try.mppc = 0; -+ } -+ -+ if (go->mppe) -+ no.mppe = 1; -+ if (go->mppe_40) -+ no.mppe_40 = 1; -+ if (go->mppe_56) -+ no.mppe_56 = 1; -+ if (go->mppe_128) -+ no.mppe_128 = 1; -+ if (go->mppe_stateless) -+ no.mppe_stateless = 1; -+ -+ if (ao->mppe_40) { -+ if ((p[5] & MPPE_40BIT)) -+ try.mppe_40 = 1; -+ else -+ try.mppe_40 = (p[5] == 0) ? 1 : 0; -+ } -+ if (ao->mppe_56) { -+ if ((p[5] & MPPE_56BIT)) -+ try.mppe_56 = 1; -+ else -+ try.mppe_56 = (p[5] == 0) ? 1 : 0; -+ } -+ if (ao->mppe_128) { -+ if ((p[5] & MPPE_128BIT)) -+ try.mppe_128 = 1; -+ else -+ try.mppe_128 = (p[5] == 0) ? 1 : 0; -+ } -+ -+ if (ao->mppe_stateless) { -+ if ((p[2] & MPPE_STATELESS) || wo->mppe_stateless) -+ try.mppe_stateless = 1; -+ else -+ try.mppe_stateless = 0; -+ } -+ -+ if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) { -+ try.mppe = try.mppe_stateless = 0; -+ if (wo->mppe) { -+ /* we require encryption, but peer doesn't support it -+ so we close connection */ -+ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = -+ wo->mppe_56 = wo->mppe_128 = 0; -+ lcp_close(f->unit, "MPPE required but cannot negotiate MPPE " -+ "key length"); -+ } -+ } -+ if (wo->mppe && (wo->mppe_40 != try.mppe_40) && -+ (wo->mppe_56 != try.mppe_56) && (wo->mppe_128 != try.mppe_128)) { -+ /* cannot negotiate key length */ -+ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = -+ wo->mppe_56 = wo->mppe_128 = 0; -+ lcp_close(f->unit, "Cannot negotiate MPPE key length"); - } -+ if (try.mppe_40 && try.mppe_56 && try.mppe_128) -+ try.mppe_40 = try.mppe_56 = 0; -+ else -+ if (try.mppe_56 && try.mppe_128) -+ try.mppe_56 = 0; -+ else -+ if (try.mppe_40 && try.mppe_128) -+ try.mppe_40 = 0; -+ else -+ if (try.mppe_40 && try.mppe_56) -+ try.mppe_40 = 0; -+ -+ p += CILEN_MPPE; -+ len -= CILEN_MPPE; - } - #endif /* MPPE */ -+ -+ if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) { -+ no.lzs = 1; -+ if (((p[2]<<8)|p[3]) > 1 || (p[4] != LZS_MODE_SEQ && -+ p[4] != LZS_MODE_EXT)) -+ try.lzs = 0; -+ else { -+ try.lzs_mode = p[4]; -+ try.lzs_hists = (p[2] << 8) | p[3]; -+ } -+ p += CILEN_LZS; -+ len -= CILEN_LZS; -+ } -+ - if (go->deflate && len >= CILEN_DEFLATE - && p[0] == (go->deflate_correct? CI_DEFLATE: CI_DEFLATE_DRAFT) - && p[1] == CILEN_DEFLATE) { -@@ -1006,14 +1211,50 @@ - return -1; - - #ifdef MPPE -- if (go->mppe && len >= CILEN_MPPE -+ if ((go->mppe || go->mppc) && len >= CILEN_MPPE - && p[0] == CI_MPPE && p[1] == CILEN_MPPE) { -- error("MPPE required but peer refused"); -- lcp_close(f->unit, "MPPE required but peer refused"); -+ ccp_options *wo = &ccp_wantoptions[f->unit]; -+ if (p[2] != (go->mppe_stateless ? MPPE_STATELESS : 0) || -+ p[3] != 0 || -+ p[4] != 0 || -+ p[5] != ((go->mppe_40 ? MPPE_40BIT : 0) | -+ (go->mppe_56 ? MPPE_56BIT : 0) | -+ (go->mppe_128 ? MPPE_128BIT : 0) | -+ (go->mppc ? MPPE_MPPC : 0))) -+ return 0; -+ if (go->mppc) -+ try.mppc = 0; -+ if (go->mppe) { -+ try.mppe = 0; -+ if (go->mppe_40) -+ try.mppe_40 = 0; -+ if (go->mppe_56) -+ try.mppe_56 = 0; -+ if (go->mppe_128) -+ try.mppe_128 = 0; -+ if (go->mppe_stateless) -+ try.mppe_stateless = 0; -+ if (!try.mppe_56 && !try.mppe_40 && !try.mppe_128) -+ try.mppe = try.mppe_stateless = 0; -+ if (wo->mppe) { /* we want MPPE but cannot negotiate key length */ -+ wo->mppc = wo->mppe = wo->mppe_stateless = wo->mppe_40 = -+ wo->mppe_56 = wo->mppe_128 = 0; -+ lcp_close(f->unit, "MPPE required but cannot negotiate MPPE " -+ "key length"); -+ } -+ } - p += CILEN_MPPE; - len -= CILEN_MPPE; - } --#endif -+#endif /* MPPE */ -+ if (go->lzs && len >= CILEN_LZS && p[0] == CI_LZS && p[1] == CILEN_LZS) { -+ if (p[2] != go->lzs_hists>>8 || p[3] != (go->lzs_hists&0xff) -+ || p[4] != go->lzs_mode) -+ return 0; -+ try.lzs = 0; -+ p += CILEN_LZS; -+ len -= CILEN_LZS; -+ } - if (go->deflate_correct && len >= CILEN_DEFLATE - && p[0] == CI_DEFLATE && p[1] == CILEN_DEFLATE) { - if (p[2] != DEFLATE_MAKE_OPT(go->deflate_size) -@@ -1077,14 +1318,15 @@ - int dont_nak; - { - int ret, newret, res; -- u_char *p0, *retp; -+ u_char *p0, *retp, p2, p5; - int len, clen, type, nb; - ccp_options *ho = &ccp_hisoptions[f->unit]; - ccp_options *ao = &ccp_allowoptions[f->unit]; -+ ccp_options *wo = &ccp_wantoptions[f->unit]; - #ifdef MPPE -- bool rej_for_ci_mppe = 1; /* Are we rejecting based on a bad/missing */ -- /* CI_MPPE, or due to other options? */ --#endif -+ u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; -+/* int mtu; */ -+#endif /* MPPE */ - - ret = CONFACK; - retp = p0 = p; -@@ -1107,103 +1349,305 @@ - switch (type) { - #ifdef MPPE - case CI_MPPE: -- if (!ao->mppe || clen != CILEN_MPPE) { -+ if ((!ao->mppc && !ao->mppe) || clen != CILEN_MPPE) { - newret = CONFREJ; - break; - } -- MPPE_CI_TO_OPTS(&p[2], ho->mppe); - -- /* Nak if anything unsupported or unknown are set. */ -- if (ho->mppe & MPPE_OPT_UNSUPPORTED) { -- newret = CONFNAK; -- ho->mppe &= ~MPPE_OPT_UNSUPPORTED; -- } -- if (ho->mppe & MPPE_OPT_UNKNOWN) { -+ p2 = p[2]; -+ p5 = p[5]; -+ /* not sure what they want, tell 'em what we got */ -+ if (((p[2] & ~MPPE_STATELESS) != 0 || p[3] != 0 || p[4] != 0 || -+ (p[5] & ~(MPPE_40BIT | MPPE_56BIT | MPPE_128BIT | -+ MPPE_MPPC)) != 0 || p[5] == 0) || -+ (p[2] == 0 && p[3] == 0 && p[4] == 0 && p[5] == 0)) { - newret = CONFNAK; -- ho->mppe &= ~MPPE_OPT_UNKNOWN; -+ p[2] = (wo->mppe_stateless ? MPPE_STATELESS : 0); -+ p[3] = 0; -+ p[4] = 0; -+ p[5] = (wo->mppe_40 ? MPPE_40BIT : 0) | -+ (wo->mppe_56 ? MPPE_56BIT : 0) | -+ (wo->mppe_128 ? MPPE_128BIT : 0) | -+ (wo->mppc ? MPPE_MPPC : 0); -+ break; - } - -- /* Check state opt */ -- if (ho->mppe & MPPE_OPT_STATEFUL) { -- /* -- * We can Nak and request stateless, but it's a -- * lot easier to just assume the peer will request -- * it if he can do it; stateful mode is bad over -- * the Internet -- which is where we expect MPPE. -- */ -- if (refuse_mppe_stateful) { -- error("Refusing MPPE stateful mode offered by peer"); -+ if ((p[5] & MPPE_MPPC)) { -+ if (ao->mppc) { -+ ho->mppc = 1; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ opt_buf[2] = opt_buf[3] = opt_buf[4] = 0; -+ opt_buf[5] = MPPE_MPPC; -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE, 1) <= 0) { -+ ho->mppc = 0; -+ p[5] &= ~MPPE_MPPC; -+ newret = CONFNAK; -+ } -+ } else { - newret = CONFREJ; -- break; -+ if (wo->mppe || ao->mppe) { -+ p[5] &= ~MPPE_MPPC; -+ newret = CONFNAK; -+ } -+ } -+ } -+ -+ if (ao->mppe) -+ ho->mppe = 1; -+ -+ if ((p[2] & MPPE_STATELESS)) { -+ if (ao->mppe_stateless) { -+ if (wo->mppe_stateless) -+ ho->mppe_stateless = 1; -+ else { -+ newret = CONFNAK; -+ if (!dont_nak) -+ p[2] &= ~MPPE_STATELESS; -+ } -+ } else { -+ newret = CONFNAK; -+ if (!dont_nak) -+ p[2] &= ~MPPE_STATELESS; -+ } -+ } else { -+ if (wo->mppe_stateless && !dont_nak) { -+ wo->mppe_stateless = 0; -+ newret = CONFNAK; -+ p[2] |= MPPE_STATELESS; - } - } - -- /* Find out which of {S,L} are set. */ -- if ((ho->mppe & MPPE_OPT_128) -- && (ho->mppe & MPPE_OPT_40)) { -- /* Both are set, negotiate the strongest. */ -+ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT|MPPE_128BIT)) { - newret = CONFNAK; -- if (ao->mppe & MPPE_OPT_128) -- ho->mppe &= ~MPPE_OPT_40; -- else if (ao->mppe & MPPE_OPT_40) -- ho->mppe &= ~MPPE_OPT_128; -- else { -- newret = CONFREJ; -- break; -+ if (ao->mppe_128) { -+ ho->mppe_128 = 1; -+ p[5] &= ~(MPPE_40BIT|MPPE_56BIT); -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_128 = 0; -+ p[5] |= (MPPE_40BIT|MPPE_56BIT); -+ p[5] &= ~MPPE_128BIT; -+ goto check_mppe_56_40; -+ } -+ goto check_mppe; - } -- } else if (ho->mppe & MPPE_OPT_128) { -- if (!(ao->mppe & MPPE_OPT_128)) { -- newret = CONFREJ; -- break; -+ p[5] &= ~MPPE_128BIT; -+ goto check_mppe_56_40; -+ } -+ if ((p[5] & ~MPPE_MPPC) == (MPPE_56BIT|MPPE_128BIT)) { -+ newret = CONFNAK; -+ if (ao->mppe_128) { -+ ho->mppe_128 = 1; -+ p[5] &= ~MPPE_56BIT; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_128 = 0; -+ p[5] |= MPPE_56BIT; -+ p[5] &= ~MPPE_128BIT; -+ goto check_mppe_56; -+ } -+ goto check_mppe; - } -- } else if (ho->mppe & MPPE_OPT_40) { -- if (!(ao->mppe & MPPE_OPT_40)) { -- newret = CONFREJ; -- break; -+ p[5] &= ~MPPE_128BIT; -+ goto check_mppe_56; -+ } -+ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_128BIT)) { -+ newret = CONFNAK; -+ if (ao->mppe_128) { -+ ho->mppe_128 = 1; -+ p[5] &= ~MPPE_40BIT; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_128 = 0; -+ p[5] |= MPPE_40BIT; -+ p[5] &= ~MPPE_128BIT; -+ goto check_mppe_40; -+ } -+ goto check_mppe; -+ } -+ p[5] &= ~MPPE_128BIT; -+ goto check_mppe_40; -+ } -+ if ((p[5] & ~MPPE_MPPC) == MPPE_128BIT) { -+ if (ao->mppe_128) { -+ ho->mppe_128 = 1; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_128 = 0; -+ p[5] &= ~MPPE_128BIT; -+ newret = CONFNAK; -+ } -+ goto check_mppe; -+ } -+ p[5] &= ~MPPE_128BIT; -+ newret = CONFNAK; -+ goto check_mppe; -+ } -+ check_mppe_56_40: -+ if ((p[5] & ~MPPE_MPPC) == (MPPE_40BIT|MPPE_56BIT)) { -+ newret = CONFNAK; -+ if (ao->mppe_56) { -+ ho->mppe_56 = 1; -+ p[5] &= ~MPPE_40BIT; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_56 = 0; -+ p[5] |= MPPE_40BIT; -+ p[5] &= ~MPPE_56BIT; -+ newret = CONFNAK; -+ goto check_mppe_40; -+ } -+ goto check_mppe; -+ } -+ p[5] &= ~MPPE_56BIT; -+ goto check_mppe_40; -+ } -+ check_mppe_56: -+ if ((p[5] & ~MPPE_MPPC) == MPPE_56BIT) { -+ if (ao->mppe_56) { -+ ho->mppe_56 = 1; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_56 = 0; -+ p[5] &= ~MPPE_56BIT; -+ newret = CONFNAK; -+ } -+ goto check_mppe; -+ } -+ p[5] &= ~MPPE_56BIT; -+ newret = CONFNAK; -+ goto check_mppe; -+ } -+ check_mppe_40: -+ if ((p[5] & ~MPPE_MPPC) == MPPE_40BIT) { -+ if (ao->mppe_40) { -+ ho->mppe_40 = 1; -+ BCOPY(p, opt_buf, CILEN_MPPE); -+ BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -+ MPPE_MAX_KEY_LEN); -+ if (ccp_test(f->unit, opt_buf, CILEN_MPPE + -+ MPPE_MAX_KEY_LEN, 1) <= 0) { -+ ho->mppe_40 = 0; -+ p[5] &= ~MPPE_40BIT; -+ newret = CONFNAK; -+ } -+ goto check_mppe; -+ } -+ p[5] &= ~MPPE_40BIT; -+ } -+ -+ check_mppe: -+ if (!ho->mppe_40 && !ho->mppe_56 && !ho->mppe_128) { -+ if (wo->mppe_40 || wo->mppe_56 || wo->mppe_128) { -+ newret = CONFNAK; -+ p[2] |= (wo->mppe_stateless ? MPPE_STATELESS : 0); -+ p[5] |= (wo->mppe_40 ? MPPE_40BIT : 0) | -+ (wo->mppe_56 ? MPPE_56BIT : 0) | -+ (wo->mppe_128 ? MPPE_128BIT : 0) | -+ (wo->mppc ? MPPE_MPPC : 0); -+ } else { -+ ho->mppe = ho->mppe_stateless = 0; - } - } else { -- /* Neither are set. */ -+ /* MPPE is not compatible with other compression types */ -+ if (wo->mppe) { -+ ao->bsd_compress = 0; -+ ao->predictor_1 = 0; -+ ao->predictor_2 = 0; -+ ao->deflate = 0; -+ ao->lzs = 0; -+ } -+ } -+ if ((!ho->mppc || !ao->mppc) && !ho->mppe) { -+ p[2] = p2; -+ p[5] = p5; - newret = CONFREJ; - break; - } - -- /* rebuild the opts */ -- MPPE_OPTS_TO_CI(ho->mppe, &p[2]); -- if (newret == CONFACK) { -- u_char opt_buf[CILEN_MPPE + MPPE_MAX_KEY_LEN]; -- int mtu; -- -- BCOPY(p, opt_buf, CILEN_MPPE); -- BCOPY(mppe_send_key, &opt_buf[CILEN_MPPE], -- MPPE_MAX_KEY_LEN); -- if (ccp_test(f->unit, opt_buf, -- CILEN_MPPE + MPPE_MAX_KEY_LEN, 1) <= 0) { -- /* This shouldn't happen, we've already tested it! */ -- error("MPPE required, but kernel has no support."); -- lcp_close(f->unit, "MPPE required but not available"); -- newret = CONFREJ; -- break; -- } -- /* -- * We need to decrease the interface MTU by MPPE_PAD -- * because MPPE frames **grow**. The kernel [must] -- * allocate MPPE_PAD extra bytes in xmit buffers. -- */ -- mtu = netif_get_mtu(f->unit); -- if (mtu) -- netif_set_mtu(f->unit, mtu - MPPE_PAD); -- else -- newret = CONFREJ; -- } -+ /* -+ * I have commented the code below because according to RFC1547 -+ * MTU is only information for higher level protocols about -+ * "the maximum allowable length for a packet (q.v.) transmitted -+ * over a point-to-point link without incurring network layer -+ * fragmentation." Of course a PPP implementation should be able -+ * to handle overhead added by MPPE - in our case apropriate code -+ * is located in drivers/net/ppp_generic.c in the kernel sources. -+ * -+ * According to RFC1661: -+ * - when negotiated MRU is less than 1500 octets, a PPP -+ * implementation must still be able to receive at least 1500 -+ * octets, -+ * - when PFC is negotiated, a PPP implementation is still -+ * required to receive frames with uncompressed protocol field. -+ * -+ * So why not to handle MPPE overhead without changing MTU value? -+ * I am sure that RFC3078, unfortunately silently, assumes that. -+ */ - - /* -- * We have accepted MPPE or are willing to negotiate -- * MPPE parameters. A CONFREJ is due to subsequent -- * (non-MPPE) processing. -+ * We need to decrease the interface MTU by MPPE_PAD -+ * because MPPE frames **grow**. The kernel [must] -+ * allocate MPPE_PAD extra bytes in xmit buffers. - */ -- rej_for_ci_mppe = 0; -+/* -+ mtu = netif_get_mtu(f->unit); -+ if (mtu) { -+ netif_set_mtu(f->unit, mtu - MPPE_PAD); -+ } else { -+ newret = CONFREJ; -+ if (ccp_wantoptions[f->unit].mppe) { -+ error("Cannot adjust MTU needed by MPPE."); -+ lcp_close(f->unit, "Cannot adjust MTU needed by MPPE."); -+ } -+ } -+*/ - break; - #endif /* MPPE */ -+ -+ case CI_LZS: -+ if (!ao->lzs || clen != CILEN_LZS) { -+ newret = CONFREJ; -+ break; -+ } -+ -+ ho->lzs = 1; -+ ho->lzs_hists = (p[2] << 8) | p[3]; -+ ho->lzs_mode = p[4]; -+ if ((ho->lzs_hists != ao->lzs_hists) || -+ (ho->lzs_mode != ao->lzs_mode)) { -+ newret = CONFNAK; -+ if (!dont_nak) { -+ p[2] = ao->lzs_hists >> 8; -+ p[3] = ao->lzs_hists & 0xff; -+ p[4] = ao->lzs_mode; -+ } else -+ break; -+ } -+ -+ if (p == p0 && ccp_test(f->unit, p, CILEN_LZS, 1) <= 0) { -+ newret = CONFREJ; -+ } -+ break; -+ - case CI_DEFLATE: - case CI_DEFLATE_DRAFT: - if (!ao->deflate || clen != CILEN_DEFLATE -@@ -1345,12 +1789,6 @@ - else - *lenp = retp - p0; - } --#ifdef MPPE -- if (ret == CONFREJ && ao->mppe && rej_for_ci_mppe) { -- error("MPPE required but peer negotiation failed"); -- lcp_close(f->unit, "MPPE required but peer negotiation failed"); -- } --#endif - return ret; - } - -@@ -1372,24 +1810,35 @@ - char *p = result; - char *q = result + sizeof(result); /* 1 past result */ - -- slprintf(p, q - p, "MPPE "); -- p += 5; -- if (opt->mppe & MPPE_OPT_128) { -- slprintf(p, q - p, "128-bit "); -- p += 8; -- } -- if (opt->mppe & MPPE_OPT_40) { -- slprintf(p, q - p, "40-bit "); -- p += 7; -- } -- if (opt->mppe & MPPE_OPT_STATEFUL) -- slprintf(p, q - p, "stateful"); -- else -- slprintf(p, q - p, "stateless"); -- -+ if (opt->mppe) { -+ if (opt->mppc) { -+ slprintf(p, q - p, "MPPC/MPPE "); -+ p += 10; -+ } else { -+ slprintf(p, q - p, "MPPE "); -+ p += 5; -+ } -+ if (opt->mppe_128) { -+ slprintf(p, q - p, "128-bit "); -+ p += 8; -+ } else if (opt->mppe_56) { -+ slprintf(p, q - p, "56-bit "); -+ p += 7; -+ } else if (opt->mppe_40) { -+ slprintf(p, q - p, "40-bit "); -+ p += 7; -+ } -+ if (opt->mppe_stateless) -+ slprintf(p, q - p, "stateless"); -+ else -+ slprintf(p, q - p, "stateful"); -+ } else if (opt->mppc) -+ slprintf(p, q - p, "MPPC"); - break; - } --#endif -+#endif /* MPPE */ -+ case CI_LZS: -+ return "Stac LZS"; - case CI_DEFLATE: - case CI_DEFLATE_DRAFT: - if (opt2 != NULL && opt2->deflate_size != opt->deflate_size) -@@ -1445,12 +1894,12 @@ - } else if (ANY_COMPRESS(*ho)) - notice("%s transmit compression enabled", method_name(ho, NULL)); - #ifdef MPPE -- if (go->mppe) { -+ if (go->mppe || go->mppc) { - BZERO(mppe_recv_key, MPPE_MAX_KEY_LEN); - BZERO(mppe_send_key, MPPE_MAX_KEY_LEN); - continue_networks(f->unit); /* Bring up IP et al */ - } --#endif -+#endif /* MPPE */ - } - - /* -@@ -1473,7 +1922,7 @@ - lcp_close(f->unit, "MPPE disabled"); - } - } --#endif -+#endif /* MPPE */ - } - - /* -@@ -1533,24 +1982,28 @@ - #ifdef MPPE - case CI_MPPE: - if (optlen >= CILEN_MPPE) { -- u_char mppe_opts; -- -- MPPE_CI_TO_OPTS(&p[2], mppe_opts); -- printer(arg, "mppe %s %s %s %s %s %s%s", -- (p[2] & MPPE_H_BIT)? "+H": "-H", -- (p[5] & MPPE_M_BIT)? "+M": "-M", -- (p[5] & MPPE_S_BIT)? "+S": "-S", -- (p[5] & MPPE_L_BIT)? "+L": "-L", -+ printer(arg, "mppe %s %s %s %s %s %s", -+ (p[2] & MPPE_STATELESS)? "+H": "-H", -+ (p[5] & MPPE_56BIT)? "+M": "-M", -+ (p[5] & MPPE_128BIT)? "+S": "-S", -+ (p[5] & MPPE_40BIT)? "+L": "-L", - (p[5] & MPPE_D_BIT)? "+D": "-D", -- (p[5] & MPPE_C_BIT)? "+C": "-C", -- (mppe_opts & MPPE_OPT_UNKNOWN)? " +U": ""); -- if (mppe_opts & MPPE_OPT_UNKNOWN) -+ (p[5] & MPPE_MPPC)? "+C": "-C"); -+ if ((p[5] & ~(MPPE_56BIT | MPPE_128BIT | MPPE_40BIT | -+ MPPE_D_BIT | MPPE_MPPC)) || -+ (p[2] & ~MPPE_STATELESS)) - printer(arg, " (%.2x %.2x %.2x %.2x)", - p[2], p[3], p[4], p[5]); - p += CILEN_MPPE; - } - break; --#endif -+#endif /* MPPE */ -+ case CI_LZS: -+ if (optlen >= CILEN_LZS) { -+ printer(arg, "lzs %.2x %.2x %.2x", p[2], p[3], p[4]); -+ p += CILEN_LZS; -+ } -+ break; - case CI_DEFLATE: - case CI_DEFLATE_DRAFT: - if (optlen >= CILEN_DEFLATE) { -@@ -1636,6 +2089,7 @@ - error("Lost compression sync: disabling compression"); - ccp_close(unit, "Lost compression sync"); - #ifdef MPPE -+ /* My module dosn't need this. J.D., 2003-07-06 */ - /* - * If we were doing MPPE, we must also take the link down. - */ -@@ -1643,9 +2097,18 @@ - error("Too many MPPE errors, closing LCP"); - lcp_close(unit, "Too many MPPE errors"); - } --#endif -+#endif /* MPPE */ - } else { - /* -+ * When LZS or MPPE/MPPC is negotiated we just send CCP_RESETREQ -+ * and don't wait for CCP_RESETACK -+ */ -+ if ((ccp_gotoptions[f->unit].method == CI_LZS) || -+ (ccp_gotoptions[f->unit].method == CI_MPPE)) { -+ fsm_sdata(f, CCP_RESETREQ, f->reqid = ++f->id, NULL, 0); -+ return; -+ } -+ /* - * Send a reset-request to reset the peer's compressor. - * We don't do that if we are still waiting for an - * acknowledgement to a previous reset-request. -@@ -1676,4 +2139,3 @@ - } else - ccp_localstate[f->unit] &= ~RACK_PENDING; - } -- -diff -ruN ppp-2.4.2.orig/pppd/ccp.h ppp-2.4.2-stdopt/pppd/ccp.h ---- ppp-2.4.2.orig/pppd/ccp.h 2002-12-05 00:03:32.000000000 +0100 -+++ ppp-2.4.2-stdopt/pppd/ccp.h 2004-01-21 06:51:09.000000000 +0100 -@@ -42,9 +42,17 @@ - bool predictor_2; /* do Predictor-2? */ - bool deflate_correct; /* use correct code for deflate? */ - bool deflate_draft; /* use draft RFC code for deflate? */ -+ bool lzs; /* do Stac LZS? */ -+ bool mppc; /* do MPPC? */ - bool mppe; /* do MPPE? */ -+ bool mppe_40; /* allow 40 bit encryption? */ -+ bool mppe_56; /* allow 56 bit encryption? */ -+ bool mppe_128; /* allow 128 bit encryption? */ -+ bool mppe_stateless; /* allow stateless encryption */ - u_short bsd_bits; /* # bits/code for BSD Compress */ - u_short deflate_size; /* lg(window size) for Deflate */ -+ u_short lzs_mode; /* LZS check mode */ -+ u_short lzs_hists; /* number of LZS histories */ - short method; /* code for chosen compression method */ - } ccp_options; - -diff -ruN ppp-2.4.2.orig/pppd/chap_ms.c ppp-2.4.2-stdopt/pppd/chap_ms.c ---- ppp-2.4.2.orig/pppd/chap_ms.c 2003-11-18 11:42:56.000000000 +0100 -+++ ppp-2.4.2-stdopt/pppd/chap_ms.c 2004-01-21 06:51:09.000000000 +0100 -@@ -858,13 +858,17 @@ - /* - * Disable undesirable encryption types. Note that we don't ENABLE - * any encryption types, to avoid overriding manual configuration. -+ * -+ * It seems that 56 bit keys are unsupported in MS-RADIUS (see RFC 2548) - */ - switch(types) { - case MPPE_ENC_TYPES_RC4_40: -- ccp_wantoptions[0].mppe &= ~MPPE_OPT_128; /* disable 128-bit */ -+ ccp_wantoptions[0].mppe_128 = 0; /* disable 128-bit */ -+ ccp_wantoptions[0].mppe_56 = 0; /* disable 56-bit */ - break; - case MPPE_ENC_TYPES_RC4_128: -- ccp_wantoptions[0].mppe &= ~MPPE_OPT_40; /* disable 40-bit */ -+ ccp_wantoptions[0].mppe_56 = 0; /* disable 56-bit */ -+ ccp_wantoptions[0].mppe_40 = 0; /* disable 40-bit */ - break; - default: - break; -diff -ruN ppp-2.4.2.orig/pppd/pppd.8 ppp-2.4.2-stdopt/pppd/pppd.8 ---- ppp-2.4.2.orig/pppd/pppd.8 2004-01-15 06:09:00.000000000 +0100 -+++ ppp-2.4.2-stdopt/pppd/pppd.8 2004-01-21 06:51:09.000000000 +0100 -@@ -614,6 +614,9 @@ - Enables the use of PPP multilink; this is an alias for the `multilink' - option. This option is currently only available under Linux. - .TP -+.B mppc -+Enables MPPC (Microsoft Point to Point Compression). This is the default. -+.TP - .B mppe-stateful - Allow MPPE to use stateful mode. Stateless mode is still attempted first. - The default is to disallow stateful mode. -@@ -749,12 +752,18 @@ - Disables the use of PPP multilink. This option is currently only - available under Linux. - .TP -+.B nomppc -+Diasables MPPC (Microsoft Point to Point Compression). -+.TP - .B nomppe - Disables MPPE (Microsoft Point to Point Encryption). This is the default. - .TP - .B nomppe-40 - Disable 40\-bit encryption with MPPE. - .TP -+.B nomppe-56 -+Disable 56\-bit encryption with MPPE. -+.TP - .B nomppe-128 - Disable 128\-bit encryption with MPPE. - .TP -@@ -951,6 +960,9 @@ - .B require-mppe-40 - Require the use of MPPE, with 40\-bit encryption. - .TP -+.B require-mppe-56 -+Require the use of MPPE, with 56\-bit encryption. -+.TP - .B require-mppe-128 - Require the use of MPPE, with 128\-bit encryption. - .TP -diff -ruN ppp-2.4.2.orig/pppd/sha1.c ppp-2.4.2-stdopt/pppd/sha1.c ---- ppp-2.4.2.orig/pppd/sha1.c 2002-04-02 15:54:59.000000000 +0200 -+++ ppp-2.4.2-stdopt/pppd/sha1.c 2004-08-15 15:00:55.000000000 +0200 -@@ -21,7 +21,7 @@ - #include "sha1.h" - - static void --SHA1_Transform(unsigned long[5], const unsigned char[64]); -+SHA1_Transform(u_int32_t state[5], const u_int8_t buffer[64]); - - #define rol(value, bits) (((value) << (bits)) | ((value) >> (32 - (bits)))) - -@@ -42,17 +42,17 @@ - /* Hash a single 512-bit block. This is the core of the algorithm. */ - - static void --SHA1_Transform(unsigned long state[5], const unsigned char buffer[64]) -+SHA1_Transform(u_int32_t state[5], const u_int8_t buffer[64]) - { -- unsigned long a, b, c, d, e; -+ u_int32_t a, b, c, d, e; - typedef union { -- unsigned char c[64]; -- unsigned long l[16]; -+ u_int8_t c[64]; -+ u_int32_t l[16]; - } CHAR64LONG16; - CHAR64LONG16 *block; - - #ifdef SHA1HANDSOFF -- static unsigned char workspace[64]; -+ static u_int8_t workspace[64]; - block = (CHAR64LONG16 *) workspace; - memcpy(block, buffer, 64); - #else -@@ -114,9 +114,9 @@ - /* Run your data through this. */ - - void --SHA1_Update(SHA1_CTX *context, const unsigned char *data, unsigned int len) -+SHA1_Update(SHA1_CTX *context, const u_int8_t *data, u_int32_t len) - { -- unsigned int i, j; -+ u_int32_t i, j; - - j = (context->count[0] >> 3) & 63; - if ((context->count[0] += len << 3) < (len << 3)) context->count[1]++; -@@ -139,22 +139,24 @@ - /* Add padding and return the message digest. */ - - void --SHA1_Final(unsigned char digest[20], SHA1_CTX *context) -+SHA1_Final(u_int8_t digest[SHA1_SIGNATURE_SIZE], SHA1_CTX *context) - { -- unsigned long i, j; -- unsigned char finalcount[8]; -+ u_int32_t i, j; -+ u_int8_t finalcount[8]; - - for (i = 0; i < 8; i++) { -- finalcount[i] = (unsigned char)((context->count[(i >= 4 ? 0 : 1)] -+ finalcount[i] = (u_int8_t) ((context->count[(i >= 4 ? 0 : 1)] - >> ((3-(i & 3)) * 8) ) & 255); /* Endian independent */ - } -- SHA1_Update(context, (unsigned char *) "\200", 1); -+ SHA1_Update(context, (u_int8_t *) "\200", 1); - while ((context->count[0] & 504) != 448) { -- SHA1_Update(context, (unsigned char *) "\0", 1); -+ SHA1_Update(context, (u_int8_t *) "\0", 1); - } -+ - SHA1_Update(context, finalcount, 8); /* Should cause a SHA1Transform() */ -+ - for (i = 0; i < 20; i++) { -- digest[i] = (unsigned char) -+ digest[i] = (u_int8_t) - ((context->state[i>>2] >> ((3-(i & 3)) * 8) ) & 255); - } - /* Wipe variables */ -@@ -167,4 +169,3 @@ - SHA1Transform(context->state, context->buffer); - #endif - } -- -diff -ruN ppp-2.4.2.orig/pppd/sha1.h ppp-2.4.2-stdopt/pppd/sha1.h ---- ppp-2.4.2.orig/pppd/sha1.h 2002-11-09 12:24:42.000000000 +0100 -+++ ppp-2.4.2-stdopt/pppd/sha1.h 2004-08-15 15:00:55.000000000 +0200 -@@ -8,6 +8,8 @@ - - #ifndef __SHA1_INCLUDE_ - -+#include <sys/types.h> -+ - #ifndef SHA1_SIGNATURE_SIZE - #ifdef SHA_DIGESTSIZE - #define SHA1_SIGNATURE_SIZE SHA_DIGESTSIZE -@@ -17,14 +19,14 @@ - #endif - - typedef struct { -- unsigned long state[5]; -- unsigned long count[2]; -- unsigned char buffer[64]; -+ u_int32_t state[5]; -+ u_int32_t count[2]; -+ u_int8_t buffer[64]; - } SHA1_CTX; - - extern void SHA1_Init(SHA1_CTX *); --extern void SHA1_Update(SHA1_CTX *, const unsigned char *, unsigned int); --extern void SHA1_Final(unsigned char[SHA1_SIGNATURE_SIZE], SHA1_CTX *); -+extern void SHA1_Update(SHA1_CTX *, const u_int8_t *, u_int32_t); -+extern void SHA1_Final(u_int8_t[SHA1_SIGNATURE_SIZE], SHA1_CTX *); - - #define __SHA1_INCLUDE_ - #endif /* __SHA1_INCLUDE_ */ diff --git a/obsolete-buildroot/sources/openwrt/patches/pptp-server/poptop-1.1.3-20030409-CCOPTS.patch b/obsolete-buildroot/sources/openwrt/patches/pptp-server/poptop-1.1.3-20030409-CCOPTS.patch deleted file mode 100644 index 017d156..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/pptp-server/poptop-1.1.3-20030409-CCOPTS.patch +++ /dev/null @@ -1,15 +0,0 @@ -diff -ruN poptop-old/Makefile.in poptop-new/Makefile.in ---- poptop-old/Makefile.in 2003-02-06 17:39:45.000000000 +0100 -+++ poptop-new/Makefile.in 2004-04-04 15:50:17.000000000 +0200 -@@ -74,8 +74,9 @@ - AUTOMAKE_OPTIONS = no-dependencies foreign - - INCLUDES = -I. --CFLAGS = -O2 -fno-builtin -Wall -ansi -DSBINDIR='"$(sbindir)"' --#CFLAGS = -O2 -fno-builtin -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' -+CCOPTS = -O2 -fno-builtin -+CFLAGS = $(CCOPTS) -Wall -ansi -DSBINDIR='"$(sbindir)"' -+#CFLAGS = $(CCOPTS) -Wall -ansi -pedantic -Wmissing-prototypes -Werror -DSBINDIR='"$(sbindir)"' - - man_MANS = pptpctrl.8 pptpd.8 pptpd.conf.5 - diff --git a/obsolete-buildroot/sources/openwrt/patches/tcpdump/00_debian_tcpdump_3.8.3-3.diff b/obsolete-buildroot/sources/openwrt/patches/tcpdump/00_debian_tcpdump_3.8.3-3.diff deleted file mode 100644 index d15724f..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/tcpdump/00_debian_tcpdump_3.8.3-3.diff +++ /dev/null @@ -1,746 +0,0 @@ ---- tcpdump-3.8.3.orig/debian/copyright -+++ tcpdump-3.8.3/debian/copyright -@@ -0,0 +1,116 @@ -+This package was debianized by Anand Kumria <wildfire@progsoc.org> on -+Wed, 22 Nov 2000 13:19:33 +1100. -+It is now maintained by: -+ + Torsten Landschoff <torsten@debian.org> -+ + Romain Francoise <rfrancoise@debian.org> -+ -+It was downloaded from http://tcpdump.org/release/tcpdump-3.8.3.tar.gz -+ -+Upstream Authors: tcpdump-workers@tcpdump.org -+ -+Licensed under the 3-clause BSD license: -+ -+ Redistribution and use in source and binary forms, with or without -+ modification, are permitted provided that the following conditions -+ are met: -+ -+ 1. Redistributions of source code must retain the above copyright -+ notice, this list of conditions and the following disclaimer. -+ 2. Redistributions in binary form must reproduce the above copyright -+ notice, this list of conditions and the following disclaimer in -+ the documentation and/or other materials provided with the -+ distribution. -+ 3. The names of the authors may not be used to endorse or promote -+ products derived from this software without specific prior -+ written permission. -+ -+ THIS SOFTWARE IS PROVIDED ``AS IS'' AND WITHOUT ANY EXPRESS OR -+ IMPLIED WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED -+ WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -+ -+Current upstream maintainers: -+ Bill Fenner <fenner@research.att.com> -+ Fulvio Risso <risso@polito.it> -+ Guy Harris <guy@alum.mit.edu> -+ Hannes Gredler <hannes@juniper.net> -+ Jun-ichiro itojun Hagino <itojun@iijlab.net> -+ Michael Richardson <mcr@sandelman.ottawa.on.ca> -+ -+Additional people who have contributed patches: -+ -+ Alan Bawden <Alan@LCS.MIT.EDU> -+ Alexey Kuznetsov <kuznet@ms2.inr.ac.ru> -+ Albert Chin <china@thewrittenword.com> -+ Andrew Brown <atatat@atatdot.net> -+ Antti Kantee <pooka@netbsd.org> -+ Arkadiusz Miskiewicz <misiek@pld.org.pl> -+ Armando L. Caro Jr. <acaro@mail.eecis.udel.edu> -+ Assar Westerlund <assar@sics.se> -+ Brian Ginsbach <ginsbach@cray.com> -+ Charles M. Hannum <mycroft@netbsd.org> -+ Chris G. Demetriou <cgd@netbsd.org> -+ Chris Pepper <pepper@mail.reppep.com> -+ Darren Reed <darrenr@reed.wattle.id.au> -+ David Kaelbling <drk@sgi.com> -+ David Young <dyoung@ojctech.com> -+ Don Ebright <Don.Ebright@compuware.com> -+ Eric Anderson <anderse@hpl.hp.com> -+ Franz Schaefer <schaefer@mond.at> -+ Gianluca Varenni <varenni@netgroup-serv.polito.it> -+ Gisle Vanem <giva@bgnett.no> -+ Graeme Hewson <ghewson@cix.compulink.co.uk> -+ Greg Stark <gsstark@mit.edu> -+ Greg Troxel <gdt@ir.bbn.com> -+ Guillaume Pelat <endymion_@users.sourceforge.net> -+ Hyung Sik Yoon <hsyn@kr.ibm.com> -+ Igor Khristophorov <igor@atdot.org> -+ Jan-Philip Velders <jpv@veldersjes.net> -+ Jason R. Thorpe <thorpej@netbsd.org> -+ Javier Achirica <achirica@ttd.net> -+ Jean Tourrilhes <jt@hpl.hp.com> -+ Jefferson Ogata <jogata@nodc.noaa.gov> -+ Jesper Peterson <jesper@endace.com> -+ John Bankier <jbankier@rainfinity.com> -+ Jon Lindgren <jonl@yubyub.net> -+ Juergen Schoenwaelder <schoenw@ibr.cs.tu-bs.de> -+ Kazushi Sugyo <sugyo@pb.jp.nec.com> -+ Klaus Klein <kleink@netbsd.org> -+ Koryn Grant <koryn@endace.com> -+ Krzysztof Halasa <khc@pm.waw.pl> -+ Lorenzo Cavallaro <sullivan@sikurezza.org> -+ Loris Degioanni <loris@netgroup-serv.polito.it> -+ Love Hörnquist-Åstrand <lha@stacken.kth.se> -+ Maciej W. Rozycki <macro@ds2.pg.gda.pl> -+ Marcus Felipe Pereira <marcus@task.com.br> -+ Martin Husemann <martin@netbsd.org> -+ Mike Wiacek <mike@iroot.net> -+ Monroe Williams <monroe@pobox.com> -+ Octavian Cerna <tavy@ylabs.com> -+ Olaf Kirch <okir@caldera.de> -+ Onno van der Linden <onno@simplex.nl> -+ Paul Mundt <lethal@linux-sh.org> -+ Pavel Kankovsky <kan@dcit.cz> -+ Peter Fales <peter@fales-lorenz.net> -+ Peter Jeremy <peter.jeremy@alcatel.com.au> -+ Phil Wood <cpw@lanl.gov> -+ Rafal Maszkowski <rzm@icm.edu.pl> -+ Rick Jones <raj@cup.hp.com> -+ Scott Barron <sb125499@ohiou.edu> -+ Scott Gifford <sgifford@tir.com> -+ Sebastian Krahmer <krahmer@cs.uni-potsdam.de> -+ Shaun Clowes <delius@progsoc.uts.edu.au> -+ Solomon Peachy <pizza@shaftnet.org> -+ Stefan Hudson <hudson@mbay.net> -+ Takashi Yamamoto <yamt@mwd.biglobe.ne.jp> -+ Tony Li <tli@procket.com> -+ Torsten Landschoff <torsten@debian.org> -+ Uns Lider <unslider@miranda.org> -+ Uwe Girlich <Uwe.Girlich@philosys.de> -+ Xianjie Zhang <xzhang@cup.hp.com> -+ Yen Yen Lim -+ Yoann Vandoorselaere <yoann@prelude-ids.org> -+ -+The original LBL crew: -+ Steve McCanne -+ Craig Leres -+ Van Jacobson ---- tcpdump-3.8.3.orig/debian/tcpdump.docs -+++ tcpdump-3.8.3/debian/tcpdump.docs -@@ -0,0 +1 @@ -+README ---- tcpdump-3.8.3.orig/debian/changelog -+++ tcpdump-3.8.3/debian/changelog -@@ -0,0 +1,272 @@ -+tcpdump (3.8.3-3) unstable; urgency=low -+ -+ * debian/patches/40_ipv6cp.dpatch: New patch, do not try to print IPV6CP -+ ppp packets, the dissector doesn't support it (closes: #255179). -+ * debian/patches/00list: Add 40_ipv6cp. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Sat, 19 Jun 2004 15:01:27 +0200 -+ -+tcpdump (3.8.3-2) unstable; urgency=low -+ -+ * debian/rules: Enable crypto support (closes: #82581, #93428). -+ * debian/control: -+ + Build-Depend on libssl-dev. -+ + Put back URL markers in description. -+ + Switch Maintainer and Uploaders fields to match reality. -+ * debian/patches/30_openssl_des.dpatch: Patch to make upstream's -+ configure script check for DES_cbc_encrypt instead of des_cbc_encrypt, -+ (the function got renamed in OpenSSL 0.9.7), which saves us the hassle -+ of re-running autoconf. Temporary hack since upstream has fixed this -+ in CVS already. -+ * debian/patches/00list: Add 30_openssl_des. -+ -+ -- Romain Francoise <rfrancoise@debian.org> Fri, 14 May 2004 22:14:08 +0200 -+ -+tcpdump (3.8.3-1) unstable; urgency=low -+ -+ * New upstream release. -+ * debian/rules: -+ + Add -D_FILE_OFFSET_BITS=64 to default CFLAGS to match libpcap -+ (closes: #154762). -+ + Use dpatch for patch management. -+ + Clean up CFLAGS handling. -+ + Support DEB_BUILD_OPTIONS. -+ * debian/control: -+ + Build-Depend on libpcap0.8-dev, dpatch. -+ + Add versioned Build-Depends on debhelper. -+ + Remove Emacs-style URL markers from description. -+ * debian/compat: New file. -+ * debian/copyright: Update. -+ * debian/tcpdump.docs: Do not install upstream INSTALL file. -+ * debian/patches: New directory. -+ * debian/patches/10_man_install.dpatch: Patch split off the Debian diff -+ to change man install paths in upstream Makefile.in. -+ * debian/patches/20_man_fixes.dpatch: Patch split off the Debian diff to -+ fix some inconsistencies in the upstream man page. -+ * debian/patches/00list: New file (patch list). -+ -+ -- Romain Francoise <rfrancoise@debian.org> Tue, 11 May 2004 14:02:09 +0200 -+ -+tcpdump (3.7.2-4) unstable; urgency=high -+ -+ * Urgency high due to security fixes. -+ * Backport changes from upstream CVS to fix ISAKMP payload handling -+ denial-of-service vulnerabilities (CAN-2004-0183, CAN-2004-0184). -+ Detailed changes (with corresponding upstream revisions): -+ + Add length checks in isakmp_id_print() (print-isakmp.c, rev. 1.47) -+ + Add data checks all over the place, change rawprint() prototype and -+ add corresponding return value checks (print-isakmp.c, rev. 1.46) -+ + Add missing ntohs() and change length initialization in -+ isakmp_id_print(), not porting prototype changes (print-isakmp.c, -+ rev. 1.45) -+ -+ -- Romain Francoise <rfrancoise@debian.org> Tue, 6 Apr 2004 19:39:24 +0200 -+ -+tcpdump (3.7.2-3) unstable; urgency=low -+ -+ * Backport changes from upstream CVS to fix several vulnerabilities in -+ ISAKMP, L2TP and Radius parsing (closes: #227844, #227845, #227846). -+ -+ -- Romain Francoise <rfrancoise@debian.org> Sat, 17 Jan 2004 14:12:30 +0100 -+ -+tcpdump (3.7.2-2) unstable; urgency=low -+ -+ * Acknowledge NMU by Romain (closes: #208543). -+ * Apply man page fixes by Romain: -+ + networks(4) changed to networks(5) (closes: #194180). -+ + ethers(3N) changed to ethers(5) (closes: #197888). -+ * debian/control: Added Romain Francoise as co maintainer. Thanks for -+ your help, Romain! -+ -+ -- Torsten Landschoff <torsten@debian.org> Sun, 19 Oct 2003 04:12:31 +0200 -+ -+tcpdump (3.7.2-1.1) unstable; urgency=low -+ -+ * NMU -+ * Reverse order of #include directives in print-sctp.c so that -+ IPPROTO_SCTP is defined (closes: #208543). -+ -+ -- Romain Francoise <rfrancoise@debian.org> Sun, 12 Oct 2003 17:06:01 +0200 -+ -+tcpdump (3.7.2-1) unstable; urgency=low -+ -+ * New upstream release (closes: #195816). -+ -+ -- Torsten Landschoff <torsten@debian.org> Sun, 8 Jun 2003 00:14:44 +0200 -+ -+tcpdump (3.7.1-1.2) unstable; urgency=high -+ -+ * Non-maintainer upload -+ * Apply security fixes from 3.7.2 -+ - Fixed infinite loop when parsing malformed isakmp packets. -+ (CAN-2003-0108) -+ - Fixed infinite loop when parsing malformed BGP packets. -+ - Fixed buffer overflow with certain malformed NFS packets. -+ -+ -- Matt Zimmerman <mdz@debian.org> Thu, 27 Feb 2003 11:00:32 -0500 -+ -+tcpdump (3.7.1-1.1) unstable; urgency=low -+ -+ * NMU -+ * Simple rebuild to deal with libpcap0->libpcap0.7 transition. -+ Sourceful NMU so that every arch rebuilds it. -+ -+ -- LaMont Jones <lamont@debian.org> Wed, 14 Aug 2002 21:25:45 -0600 -+ -+tcpdump (3.7.1-1) unstable; urgency=low -+ -+ * New upstream release (closes: #138052). -+ -+ -- Torsten Landschoff <torsten@debian.org> Sat, 3 Aug 2002 23:54:04 +0200 -+ -+tcpdump (3.6.2-2) unstable; urgency=HIGH -+ -+ * print-rx.c: Take the version from current CVS fixing the remote -+ buffer overflow reported in FreeBSD Security Advisory SA-01:48 -+ yesterday. Thanks to Matt Zimmerman for forwarding the report, -+ I might have missed it. -+ * debian/control: Clean the Build-Depends from build-essential -+ packages. -+ -+ -- Torsten Landschoff <torsten@debian.org> Thu, 19 Jul 2001 15:03:48 +0200 -+ -+tcpdump (3.6.2-1) unstable; urgency=low -+ -+ * New upstream release. -+ -+ -- Torsten Landschoff <torsten@debian.org> Tue, 6 Mar 2001 04:18:16 +0100 -+ -+tcpdump (3.6.1-2) unstable; urgency=low -+ -+ * debian/rules: Force support for IPv6 (closes: #82665). -+ * print-icmp6.c: Removed duplicate definition also in icmp6.h to -+ get the package to compile with IPv6. -+ * Rebuild should fix the missing libpcap0-dependency (closes: #82666). -+ Additional info: The missing dependency was because the configure -+ script found my libpcap sources in the parent directory. Black magic -+ always works against you :( -+ -+ -- Torsten Landschoff <torsten@debian.org> Thu, 18 Jan 2001 00:44:01 +0100 -+ -+tcpdump (3.6.1-1) unstable; urgency=high -+ -+ * Taking back the package. Kudos to Anand for his help. -+ * New upstream release. This release fixes a security hole in print-rx.c. -+ * debian/rules: Disable crypto support (closes: #81969). -+ * Removed empty README.Debian (closes: #81966). -+ -+ -- Torsten Landschoff <torsten@debian.org> Tue, 16 Jan 2001 16:04:03 +0100 -+ -+tcpdump (3.5.2-3) unstable; urgency=low -+ -+ * Fixup dependancy stuff. Sheesh. (Closes: #78063, #78081, #78082) -+ -+ -- Anand Kumria <wildfire@progsoc.org> Tue, 28 Nov 2000 02:16:01 +1100 -+ -+tcpdump (3.5.2-2) unstable; urgency=low -+ -+ * Update both config.guess and config.sub (Closes: #36692, #53145) -+ * Opps, make the .diff available. -+ * We require a particular libpcap version to work (Closes: #77877) -+ -+ -- Anand Kumria <wildfire@progsoc.org> Mon, 27 Nov 2000 01:13:55 +1100 -+ -+tcpdump (3.5.2-1) unstable; urgency=low -+ -+ * New Maintainer -+ * New upstream release (Closes: #75889) -+ * Upstream added hex dump (-x) and ascii dump (-X) Closes: #23514, #29418) -+ * Acknowledge and incorporate security fixes (Closes: #63708, #77489) -+ * Appletalk / Ethertalk patches are in (Closes: #67642) -+ -+ -- Anand Kumria <wildfire@progsoc.org> Wed, 22 Nov 2000 13:19:33 +1100 -+ -+tcpdump (3.4a6-4.1) frozen unstable; urgency=high -+ -+ * Non-maintainer upload by security team -+ * Apply patch from tcpdump-workers mailinglist to fix DNS DoS attack -+ against tcpdump. Based on patch from Guy Harris <gharris@flashcom.net> as -+ found on http://www.tcpdump.org/lists/workers/1999/msg00607.html -+ * Fix Build-Depends entry in debian/control -+ -+ -- Wichert Akkerman <wakkerma@debian.org> Sun, 7 May 2000 15:17:33 +0200 -+ -+tcpdump (3.4a6-4) unstable; urgency=low -+ -+ * New maintainer. -+ * tcpdump.c (main): Reestablish priviliges before closing the device -+ (closes: #19959). -+ * It seems the problem with ppp came from the kernel - I can dump -+ packages on ppp0 just fine... (closes: #25757) -+ * print-tcp.c (tcp_print): Applied patch from David S. Miller submitted -+ by Andrea Arcangeli to fix tcpdump sack TCP option interpretation -+ (closes: #28530). -+ * print-bootp.c (rfc1048_print): Interpret timezone offset as signed -+ (closes: #40376). Fixed byte order problem in printing internet -+ addresses (closes: #40375). Thanks to Roderick Schertler for the patch. -+ * Several files: Applied SMB patch from samba.org (closes: #27653). -+ * print-ip.c (ip_print): Check for ip headers with less than 5 longs. -+ Patch taken from RedHat's source package. -+ * Redid debian/rules using debhelper. -+ * Makefile.in: Install the manpage into man8 instead of man1. -+ * tcpdump.1: Moved to section 8 (admin commands). -+ * print-smb.c (print_smb): Disabled anything but printing the command -+ info by default. Otherwise we would get flooded with smb information. -+ You can get all info using -vvv. Two -v's will give you the SMB headers. -+ * tcpdump.1: Documented the behaviour described above. -+ -+ -- Torsten Landschoff <torsten@debian.org> Mon, 22 Nov 1999 01:31:44 +0100 -+ -+tcpdump (3.4a6-3) frozen unstable; urgency=low -+ -+ * fixed permissions -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Mon, 30 Mar 1998 02:28:39 +0200 -+ -+ -+tcpdump (3.4a6-2) frozen unstable; urgency=low -+ -+ * rebuild with latest debmake, fixes #19415 -+ (should also fix the lintian warnings) -+ * updated standards-version -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Mon, 30 Mar 1998 00:28:39 +0200 -+ -+ -+tcpdump (3.4a6-1) unstable; urgency=low -+ -+ * updated to latest upstream version, fixes: Bug#17163 -+ * install changelog.Debian compressed, fixes: Bug#15417 -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sun, 1 Feb 1998 00:08:31 +0100 -+ -+ -+tcpdump (3.4a4-1) unstable; urgency=low -+ -+ * updated to latest upstream version -+ * libc6 version -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Wed, 17 Sep 1997 23:22:54 +0200 -+ -+ -+tcpdump (3.3.1a2-1) frozen stable unstable; urgency=medium -+ -+ * updated to latest upstream version (works with new libpcap now) -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sat, 24 May 1997 00:49:17 +0200 -+ -+ -+tcpdump (3.3-2) unstable; urgency=low -+ -+ * fixed SLIP support -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Sun, 16 Feb 1997 21:06:51 +0100 -+ -+ -+tcpdump (3.3-1) unstable; urgency=low -+ -+ * updated to latest upstream version -+ -+ -- Peter Tobias <tobias@et-inf.fho-emden.de> Thu, 16 Jan 1997 01:34:00 +0100 -+ -+ ---- tcpdump-3.8.3.orig/debian/control -+++ tcpdump-3.8.3/debian/control -@@ -0,0 +1,23 @@ -+Source: tcpdump -+Section: net -+Priority: optional -+Maintainer: Romain Francoise <rfrancoise@debian.org> -+Uploaders: Torsten Landschoff <torsten@debian.org> -+Build-Depends: debhelper (>= 4), libpcap0.8-dev, dpatch, libssl-dev -+Standards-Version: 3.6.1.0 -+ -+Package: tcpdump -+Architecture: any -+Depends: ${shlibs:Depends} -+Description: A powerful tool for network monitoring and data acquisition -+ This program allows you to dump the traffic on a network. tcpdump -+ is able to examine IPv4, ICMPv4, IPv6, ICMPv6, UDP, TCP, SNMP, AFS -+ BGP, RIP, PIM, DVMRP, IGMP, SMB, OSPF, NFS and many other packet -+ types. -+ . -+ It can be used to print out the headers of packets on a network -+ interface, filter packets that match a certain expression. You can -+ use this tool to track down network problems, to detect "ping attacks" -+ or to monitor network activities. -+ . -+ Further information is available at <URL: http://www.tcpdump.org/> ---- tcpdump-3.8.3.orig/debian/tcpdump.dirs -+++ tcpdump-3.8.3/debian/tcpdump.dirs -@@ -0,0 +1 @@ -+usr/sbin ---- tcpdump-3.8.3.orig/debian/tcpdump.examples -+++ tcpdump-3.8.3/debian/tcpdump.examples -@@ -0,0 +1,4 @@ -+atime.awk -+packetdat.awk -+send-ack.awk -+stime.awk ---- tcpdump-3.8.3.orig/debian/rules -+++ tcpdump-3.8.3/debian/rules -@@ -0,0 +1,70 @@ -+#!/usr/bin/make -f -+ -+include /usr/share/dpatch/dpatch.make -+ -+export DH_VERBOSE=1 -+ -+dstdir := $(shell pwd)/debian/tcpdump -+ -+export CFLAGS=-D_FILE_OFFSET_BITS=64 -+ -+ifneq (,$(findstring noopt,$(DEB_BUILD_OPTIONS))) -+ CFLAGS += -O0 -+endif -+ -+build: patch build-stamp -+build-stamp: -+ dh_testdir -+ -+ ./configure --prefix=/usr --mandir=\$${prefix}/share/man \ -+ --infodir=\$${prefix}/share/info --enable-ipv6 -+ $(MAKE) -+ -+ touch build-stamp -+ -+clean: clean-patched unpatch -+clean-patched: -+ dh_testdir -+ dh_testroot -+ rm -f build-stamp -+ -+ -$(MAKE) distclean -+ -+ dh_clean -+ -+install: build -+ dh_testdir -+ dh_testroot -+ dh_clean -k -+ dh_installdirs -+ -+ $(MAKE) install prefix=$(dstdir)/usr -+ -+ -+# Build architecture-independent files here. -+binary-indep: build install -+# We have nothing to do by default. -+ -+# Build architecture-dependent files here. -+binary-arch: build install -+# dh_testversion -+ dh_testdir -+ dh_testroot -+ dh_installdocs -+ dh_installexamples -+ dh_installinfo -+ dh_installchangelogs CHANGES -+ dh_link -+ dh_strip -+ dh_compress -+ dh_fixperms -+# dh_makeshlibs -+ dh_installdeb -+# dh_perl -+ dh_shlibdeps -+ dh_gencontrol -+ dh_md5sums -+ dh_builddeb -+ -+binary: binary-indep binary-arch -+.PHONY: build clean binary-indep binary-arch binary install ---- tcpdump-3.8.3.orig/debian/patches/10_man_install.dpatch -+++ tcpdump-3.8.3/debian/patches/10_man_install.dpatch -@@ -0,0 +1,46 @@ -+#! /bin/sh -e -+## 10_man_install.dpatch by Romain Francoise <rfrancoise@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Change man page install paths for Debian. -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/Makefile.in tcpdump-3.8.3/Makefile.in -+--- /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/Makefile.in 2004-05-08 09:12:28.000000000 +0200 -++++ tcpdump-3.8.3/Makefile.in 2004-05-08 09:13:23.000000000 +0200 -+@@ -157,13 +157,13 @@ -+ [ -d $(DESTDIR)$(sbindir) ] || \ -+ (mkdir -p $(DESTDIR)$(sbindir); chmod 755 $(DESTDIR)$(sbindir)) -+ $(INSTALL_PROGRAM) $(PROG) $(DESTDIR)$(sbindir)/$(PROG) -+- [ -d $(DESTDIR)$(mandir)/man1 ] || \ -+- (mkdir -p $(DESTDIR)$(mandir)/man1; chmod 755 $(DESTDIR)$(mandir)/man1) -+- $(INSTALL_DATA) $(srcdir)/$(PROG).1 $(DESTDIR)$(mandir)/man1/$(PROG).1 -++ [ -d $(DESTDIR)$(mandir)/man8 ] || \ -++ (mkdir -p $(DESTDIR)$(mandir)/man8; chmod 755 $(DESTDIR)$(mandir)/man8) -++ $(INSTALL_DATA) $(srcdir)/$(PROG).1 $(DESTDIR)$(mandir)/man8/$(PROG).8 -+ -+ uninstall: -+ rm -f $(DESTDIR)$(sbindir)/$(PROG) -+- rm -f $(DESTDIR)$(mandir)/man1/$(PROG).1 -++ rm -f $(DESTDIR)$(mandir)/man8/$(PROG).8 -+ -+ lint: $(GENSRC) -+ lint -hbxn $(SRC) | \ ---- tcpdump-3.8.3.orig/debian/patches/00list -+++ tcpdump-3.8.3/debian/patches/00list -@@ -0,0 +1,4 @@ -+10_man_install -+20_man_fixes -+30_openssl_des -+40_ipv6cp ---- tcpdump-3.8.3.orig/debian/patches/20_man_fixes.dpatch -+++ tcpdump-3.8.3/debian/patches/20_man_fixes.dpatch -@@ -0,0 +1,67 @@ -+#! /bin/sh -e -+## 20_man_fixes.dpatch by Romain Francoise <rfrancoise@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Misc. fixes to the upstream man page. -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/tcpdump.1 tcpdump-3.8.3/tcpdump.1 -+--- /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/tcpdump.1 2004-05-08 09:12:32.000000000 +0200 -++++ tcpdump-3.8.3/tcpdump.1 2004-05-08 09:18:27.000000000 +0200 -+@@ -22,7 +22,7 @@ -+ .\" WARRANTIES, INCLUDING, WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF -+ .\" MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. -+ .\" -+-.TH TCPDUMP 1 "7 January 2004" -++.TH TCPDUMP 8 "8 May 2004" -+ .SH NAME -+ tcpdump \- dump traffic on a network -+ .SH SYNOPSIS -+@@ -672,7 +672,7 @@ -+ True if the ethernet destination address is \fIehost\fP. -+ \fIEhost\fP -+ may be either a name from /etc/ethers or a number (see -+-.IR ethers (3N) -++.IR ethers (5) -+ for numeric format). -+ .IP "\fBether src \fIehost\fP -+ True if the ethernet source address is \fIehost\fP. -+@@ -699,7 +699,7 @@ -+ True if the IPv4/v6 destination address of the packet has a network -+ number of \fInet\fP. -+ \fINet\fP may be either a name from /etc/networks -+-or a network number (see \fInetworks(4)\fP for details). -++or a network number (see \fInetworks(5)\fP for details). -+ .IP "\fBsrc net \fInet\fR" -+ True if the IPv4/v6 source address of the packet has a network -+ number of \fInet\fP. -+@@ -718,9 +718,9 @@ -+ True if the packet is ip/tcp, ip/udp, ip6/tcp or ip6/udp and has a -+ destination port value of \fIport\fP. -+ The \fIport\fP can be a number or a name used in /etc/services (see -+-.IR tcp (4P) -++.IR tcp (7) -+ and -+-.IR udp (4P)). -++.IR udp (7)). -+ If a name is used, both the port -+ number and protocol are checked. -+ If a number or ambiguous name is used, ---- tcpdump-3.8.3.orig/debian/patches/30_openssl_des.dpatch -+++ tcpdump-3.8.3/debian/patches/30_openssl_des.dpatch -@@ -0,0 +1,57 @@ -+#! /bin/sh -e -+## 30_openssl_des.dpatch by Romain Francoise <rfrancoise@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Change "des_cbc_encrypt" check to "DES_cbc_encrypt" since it -+## DP: got renamed in OpenSSL 0.9.7. Super-ugly change to configure, -+## DP: but it's simpler this way (changing configure.in too while we're -+## DP: at it). -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/configure tcpdump-3.8.3/configure -+--- /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/configure 2004-03-28 23:06:09.000000000 +0200 -++++ tcpdump-3.8.3/configure 2004-05-14 21:58:56.000000000 +0200 -+@@ -9760,11 +9760,11 @@ -+ #endif -+ /* We use char because int might match the return type of a gcc2 -+ builtin and then its argument prototype would still apply. */ -+-char des_cbc_encrypt (); -++char DES_cbc_encrypt (); -+ int -+ main () -+ { -+-des_cbc_encrypt (); -++DES_cbc_encrypt (); -+ ; -+ return 0; -+ } -+diff -urNad /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/configure.in tcpdump-3.8.3/configure.in -+--- /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/configure.in 2004-03-28 23:04:48.000000000 +0200 -++++ tcpdump-3.8.3/configure.in 2004-05-14 21:58:11.000000000 +0200 -+@@ -732,7 +732,7 @@ -+ if test -f $ac_cv_ssleay_path/lib/librsaref.a; then -+ LIBS="$LIBS -lrsaref" -+ fi -+- AC_CHECK_LIB(crypto, des_cbc_encrypt) -++ AC_CHECK_LIB(crypto, DES_cbc_encrypt) -+ -+ CPPFLAGS="$CPPFLAGS $V_INCLS" -+ AC_CHECK_HEADERS(openssl/evp.h) ---- tcpdump-3.8.3.orig/debian/patches/40_ipv6cp.dpatch -+++ tcpdump-3.8.3/debian/patches/40_ipv6cp.dpatch -@@ -0,0 +1,45 @@ -+#! /bin/sh -e -+## 40_ipv6cp.dpatch by Romain Francoise <rfrancoise@debian.org> -+## -+## All lines beginning with `## DP:' are a description of the patch. -+## DP: Do not try to grok IPV6CP packets, the dissector doesn't -+## DP: support it. -+ -+if [ $# -lt 1 ]; then -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1 -+fi -+ -+[ -f debian/patches/00patch-opts ] && . debian/patches/00patch-opts -+patch_opts="${patch_opts:--f --no-backup-if-mismatch} ${2:+-d $2}" -+ -+case "$1" in -+ -patch) patch -p1 ${patch_opts} < $0;; -+ -unpatch) patch -R -p1 ${patch_opts} < $0;; -+ *) -+ echo "`basename $0`: script expects -patch|-unpatch as argument" >&2 -+ exit 1;; -+esac -+ -+exit 0 -+ -+@DPATCH@ -+diff -urNad /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/print-ppp.c tcpdump-3.8.3/print-ppp.c -+--- /home/romain/Work/Debian/tcpdump/tcpdump-3.8.3/print-ppp.c 2004-04-17 00:25:32.000000000 +0200 -++++ tcpdump-3.8.3/print-ppp.c 2004-06-19 14:54:40.000000000 +0200 -+@@ -1056,7 +1056,6 @@ -+ case PPP_IPCP: -+ case PPP_OSICP: -+ case PPP_MPLSCP: -+- case PPP_IPV6CP: -+ case PPP_CCP: -+ case PPP_BACP: -+ handle_ctrl_proto(proto, p, length); -+@@ -1077,6 +1076,7 @@ -+ #ifdef INET6 -+ case ETHERTYPE_IPV6: /*XXX*/ -+ case PPP_IPV6: -++ case PPP_IPV6CP: -+ ip6_print(p, length); -+ break; -+ #endif ---- tcpdump-3.8.3.orig/debian/compat -+++ tcpdump-3.8.3/debian/compat -@@ -0,0 +1 @@ -+4 diff --git a/obsolete-buildroot/sources/openwrt/patches/vsftpd/vsftpd-1.2.2-openwrt.patch b/obsolete-buildroot/sources/openwrt/patches/vsftpd/vsftpd-1.2.2-openwrt.patch deleted file mode 100644 index b458f41..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/vsftpd/vsftpd-1.2.2-openwrt.patch +++ /dev/null @@ -1,26 +0,0 @@ -diff -ruN vsftpd-1.2.2-old/Makefile vsftpd-1.2.2-new/Makefile ---- vsftpd-1.2.2-old/Makefile 2003-09-15 13:41:58.000000000 +0200 -+++ vsftpd-1.2.2-new/Makefile 2004-05-25 00:25:37.000000000 +0200 -@@ -5,8 +5,8 @@ - #CFLAGS = -g - CFLAGS = -O2 -Wall -W -Wshadow #-pedantic -Werror -Wconversion - --LIBS = `./vsf_findlibs.sh` --LINK = -Wl,-s -+LIBS = -lcrypt -lnsl -+LINK = - - OBJS = main.o utility.o prelogin.o ftpcmdio.o postlogin.o privsock.o \ - tunables.o ftpdataio.o secbuf.o ls.o \ -diff -ruN vsftpd-1.2.2-old/tunables.c vsftpd-1.2.2-new/tunables.c ---- vsftpd-1.2.2-old/tunables.c 2004-04-20 02:25:05.000000000 +0200 -+++ vsftpd-1.2.2-new/tunables.c 2004-05-25 00:07:19.000000000 +0200 -@@ -78,7 +78,7 @@ - unsigned int tunable_max_per_ip = 0; - unsigned int tunable_trans_chunk_size = 0; - --const char* tunable_secure_chroot_dir = "/usr/share/empty"; -+const char* tunable_secure_chroot_dir = "/var/run/vsftpd"; - const char* tunable_ftp_username = "ftp"; - const char* tunable_chown_username = "root"; - const char* tunable_xferlog_file = "/var/log/xferlog"; diff --git a/obsolete-buildroot/sources/openwrt/patches/wrt54g-router.patch b/obsolete-buildroot/sources/openwrt/patches/wrt54g-router.patch deleted file mode 100644 index 5a9b1ea..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/wrt54g-router.patch +++ /dev/null @@ -1,240 +0,0 @@ -diff -bBurN WRT54G/release/src/router/rc/Makefile-openwrt WRT54G.new/release/src/router/rc/Makefile-openwrt ---- WRT54G/release/src/router/rc/Makefile-openwrt 1969-12-31 18:00:00.000000000 -0600 -+++ WRT54G.new/release/src/router/rc/Makefile-openwrt 2004-03-03 16:23:40.000000000 -0600 -@@ -0,0 +1,44 @@ -+# Copyright 2001-2003, Broadcom Corporation -+# All Rights Reserved. -+# -+# -+# THIS SOFTWARE IS OFFERED "AS IS", AND BROADCOM GRANTS NO WARRANTIES OF ANY -+# KIND, EXPRESS OR IMPLIED, BY STATUTE, COMMUNICATION OR OTHERWISE. BROADCOM -+# SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS -+# FOR A SPECIFIC PURPOSE OR NONINFRINGEMENT CONCERNING THIS SOFTWARE -+# -+ -+# -+# Router Wireless Interface Configuration Utility Makefile -+# -+# Copyright 2003, Broadcom Corporation -+# All Rights Reserved. -+# -+# -+# $Id: Makefile,v 1.2 2004/01/13 00:55:58 mbm Exp $ -+# -+ -+CFLAGS += -I. -I$(TOP)/shared -I$(SRCBASE)/include -Wall -+#CFLAGS += -g -DDEBUG -+CFLAGS += -s -Os -+LDFLAGS += -L$(TOP)/shared -lshared -L$(TOP)/nvram -lnvram -+ -+OBJS := mtd.o crc.o #http.o -+ -+vpath %.c $(TOP)/shared $(SRCBASE)/rts/src -+ -+all: mtd -+ -+clean: -+ rm -f *.o mtd -+ -+install: all -+ install -d $(INSTALLDIR)/sbin -+ install mtd $(INSTALLDIR)/sbin -+ $(STRIP) $(INSTALLDIR)/sbin/mtd -+ -+mtd.o: mtd.c -+ $(CC) -c $^ $(CFLAGS) $(CPPFLAGS) -DOPENWRT_MTD #-DOPENWRT_MTD_HTTP_GET -+ -+mtd: $(OBJS) -+ $(CC) -o $@ $^ $(LDFLAGS) -diff -bBurN WRT54G/release/src/router/rc/mtd.c WRT54G.new/release/src/router/rc/mtd.c ---- WRT54G/release/src/router/rc/mtd.c 2004-01-19 20:34:50.000000000 -0600 -+++ WRT54G.new/release/src/router/rc/mtd.c 2004-03-03 16:24:42.000000000 -0600 -@@ -37,6 +37,86 @@ - #include <cy_conf.h> - #include <utils.h> - -+ -+#ifdef OPENWRT_MTD -+ -+extern int -+mtd_open(const char *mtd, int flags); -+extern int -+mtd_erase(const char *mtd); -+extern int -+mtd_write(const char *path, const char *mtd); -+ -+/* Slightly modified version of mtd_erase. */ -+int -+mtd_unlock(const char *mtd) -+{ -+ int mtd_fd; -+ mtd_info_t mtd_info; -+ erase_info_t erase_info; -+ -+ /* Open MTD device */ -+ if ((mtd_fd = mtd_open(mtd, O_RDWR)) < 0) { -+ perror(mtd); -+ return errno; -+ } -+ -+ /* Get sector size */ -+ if (ioctl(mtd_fd, MEMGETINFO, &mtd_info) != 0) { -+ perror(mtd); -+ close(mtd_fd); -+ return errno; -+ } -+ -+ erase_info.length = mtd_info.erasesize; -+ -+ for (erase_info.start = 0; -+ erase_info.start < mtd_info.size; -+ erase_info.start += mtd_info.erasesize) { -+ (void) ioctl(mtd_fd, MEMUNLOCK, &erase_info); -+/* if (ioctl(mtd_fd, MEMERASE, &erase_info) != 0) { */ -+/* perror(mtd); */ -+/* close(mtd_fd); */ -+/* return errno; */ -+/* } */ -+ } -+ -+ close(mtd_fd); -+ return 0; -+} -+ -+int main(int argc, char **argv) { -+ if(argc == 3 && strcasecmp(argv[1],"unlock")==0) { -+ printf("Unlocking %s\n",argv[2]); -+ return mtd_unlock(argv[2]); -+ } -+ if(argc == 3 && strcasecmp(argv[1],"erase")==0) { -+ printf("Erasing %s\n",argv[2]); -+ return mtd_erase(argv[2]); -+ } -+ if(argc == 4 && strcasecmp(argv[1],"write")==0) { -+ printf("writing %s to %s\n",argv[2],argv[3]); -+ return mtd_write(argv[2],argv[3]); -+ } -+ -+ printf("no valid command given\n"); -+ return -1; -+} -+ -+#ifndef OPENWRT_MTD_HTTP_GET -+/* Dummy routines when no http support. */ -+int -+http_get(const char *server, char *buf, size_t count, off_t offset) -+{ -+ printf("error opening %s\n",server); -+ exit(-1); -+} -+#endif -+ -+#define check_action() (fp ? ACT_IDLE : ACT_WEBS_UPGRADE) -+ -+#endif -+ - /* - * Open an MTD device - * @param mtd path to or partition name of MTD device -diff -bBurN WRT54G/release/src/router/shared/Makefile-openwrt WRT54G.new/release/src/router/shared/Makefile-openwrt ---- WRT54G/release/src/router/shared/Makefile-openwrt 1969-12-31 18:00:00.000000000 -0600 -+++ WRT54G.new/release/src/router/shared/Makefile-openwrt 2004-03-03 12:39:17.000000000 -0600 -@@ -0,0 +1,41 @@ -+# -+# Linux router shared code Makefile -+# -+# Copyright 2001-2003, Broadcom Corporation -+# All Rights Reserved. -+# -+# THIS SOFTWARE IS OFFERED "AS IS", AND BROADCOM GRANTS NO WARRANTIES OF ANY -+# KIND, EXPRESS OR IMPLIED, BY STATUTE, COMMUNICATION OR OTHERWISE. BROADCOM -+# SPECIFICALLY DISCLAIMS ANY IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS -+# FOR A SPECIFIC PURPOSE OR NONINFRINGEMENT CONCERNING THIS SOFTWARE. -+# -+# $Id: Makefile,v 1.3 2004/01/13 00:51:09 mbm Exp $ -+# -+ifneq ($(wildcard $(SRCBASE)/cy_conf.mak),) -+ include $(SRCBASE)/cy_conf.mak -+endif -+ -+CFLAGS += -I. -I$(SRCBASE)/include -Wall -I$(SRCBASE)/ -+#CFLAGS += -g -DDEBUG -+CFLAGS += -s -Os -+LDFLAGS += -L. -+ -+all: libshared.so -+ -+install: all -+ install -d $(INSTALLDIR)/usr/lib -+ install -m 755 libshared.so $(INSTALLDIR)/usr/lib -+ $(STRIP) $(INSTALLDIR)/usr/lib/libshared.so -+ -+clean: -+ rm -f *.o *.so -+ -+libshared.so: shutils.o wl.o wl_linux.o defaults.o linux_timer.o -+ $(LD) -shared -o $@ $^ -+ -+build_date.o: build_date.c -+ -+build_date: -+ echo "const char *builddate = \"`date`\";" > build_date.c -+ -+*.o: $(CY_DEPS) -diff -bBurN WRT54GS/release/src/router/nvram/nvram_linux.c-dist WRT54GS.new/release/src/router/nvram/nvram_linux.c ---- WRT54GS/release/src/router/nvram/nvram_linux.c-dist 2004-03-30 10:04:10.000000000 -0600 -+++ WRT54GS/release/src/router/nvram/nvram_linux.c 2004-03-30 10:10:09.000000000 -0600 -@@ -27,8 +27,10 @@ - #include <typedefs.h> - #include <bcmnvram.h> - #include <nvram_convert.h> -+#ifndef OPENWRT_NVRAM - #include <shutils.h> - #include <utils.h> -+#endif - - #define PATH_DEV_NVRAM "/dev/nvram" - -@@ -182,6 +184,20 @@ - { - int ret; - -+#ifdef OPENWRT_NVRAM -+ fprintf(stderr, "nvram_commit(): start\n"); -+ -+ if (nvram_fd < 0) -+ if ((ret = nvram_init(NULL))) -+ return ret; -+ -+ ret = ioctl(nvram_fd, NVRAM_MAGIC, NULL); -+ -+ if (ret < 0) -+ perror(PATH_DEV_NVRAM); -+ -+ fprintf(stderr, "nvram_commit(): end\n"); -+#else - cprintf("nvram_commit(): start\n"); - - if((check_action() == ACT_IDLE) || -@@ -200,6 +216,7 @@ - } - else - cprintf("nvram_commit(): nothing to do...\n"); -+#endif - - return ret; - } -@@ -272,6 +289,7 @@ - return j; - } - -+#ifndef OPENWRT_NVRAM - int - check_action(void) - { -@@ -318,3 +336,5 @@ - - return 0; - } -+ -+#endif diff --git a/obsolete-buildroot/sources/openwrt/patches/wrt54g-shared.patch b/obsolete-buildroot/sources/openwrt/patches/wrt54g-shared.patch deleted file mode 100644 index c9af620..0000000 --- a/obsolete-buildroot/sources/openwrt/patches/wrt54g-shared.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- WRT54G/release/src/shared/sbpci.c-dist 2004-03-15 13:13:37.000000000 -0600 -+++ WRT54G/release/src/shared/sbpci.c 2004-03-15 13:15:38.000000000 -0600 -@@ -269,7 +269,7 @@ - sb_core_reset(sbh, 0); - - /* In some board, */ -- if(nvram_match("boardtype", "bcm94710dev")) -+ if(nvram_match("boardtype", "bcm94710dev") || nvram_match("boardtype", "bcm94710ap") || nvram_match("boardtype", "bcm94710r4")) - CT4712_WR = 0; - else - CT4712_WR = 1; diff --git a/obsolete-buildroot/sources/openwrt/root/bin/firstboot b/obsolete-buildroot/sources/openwrt/root/bin/firstboot deleted file mode 100755 index 5076d1c..0000000 --- a/obsolete-buildroot/sources/openwrt/root/bin/firstboot +++ /dev/null @@ -1,54 +0,0 @@ -#!/bin/sh -# $Id$ - - -[ -f "/tmp/.firstboot" ] && { - echo "firstboot is already running" - return -} -touch /tmp/.firstboot - -jdev=$(mount | awk '/jffs2/ {print $3}') - -if [ -z "$jdev" ]; then - echo -n "Creating jffs2 partition... " - mtd erase OpenWrt >&- - mount -t jffs2 /dev/mtdblock/4 /jffs - echo "done" - cd /jffs -else - echo "firstboot has already been run" - echo "jffs2 partition is mounted, only resetting files" - cd $jdev -fi - -exec 2>/dev/null - -mount /dev/mtdblock/2 /rom -o ro - -echo -n "creating directories... " -{ - cd /rom - find . -type d - cd - -} | xargs mkdir -echo "done" - -echo -n "setting up symlinks... " -for file in $(cd /rom; find * -type f; find * -type l;) -do { - ln -sf /rom/$file $file -} done -echo "done" - -touch /tmp/resolv.conf -ln -s /tmp/resolv.conf /etc/resolv.conf - -umount /rom -mount none /jffs/proc -t proc -pivot_root /jffs /jffs/rom -mount none /dev -t devfs -mount none /tmp -t ramfs -umount /rom/proc -umount /rom/tmp -umount /rom/dev diff --git a/obsolete-buildroot/sources/openwrt/root/bin/ipkg b/obsolete-buildroot/sources/openwrt/root/bin/ipkg deleted file mode 100755 index bf275d8..0000000 --- a/obsolete-buildroot/sources/openwrt/root/bin/ipkg +++ /dev/null @@ -1,1185 +0,0 @@ -#!/bin/sh -# ipkg - the itsy package management system -# -# Copyright (C) 2001 Carl D. Worth -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -set -e - -# By default do not do globbing. Any command wanting globbing should -# explicitly enable it first and disable it afterwards. -set -o noglob - -ipkg_is_upgrade () { - local A B a b - A=$(echo $1 | sed "s/[0-9]*/ & /g") - B=$(echo $2 | sed "s/[0-9]*/ & /g") - while [ \! -z "$A" ] && [ \! -z "$B" ]; do { - set $A; a=$1; shift; A=$* - set $B; b=$1; shift; B=$* - { [ "$a" -gt "$b" ] 2>&- || [ "$a" ">" "$b" ]; } && { return 0; } - }; done - return 1; -} - -ipkg_srcs() { - local srcre="$1" - sed -ne "s/^src[[:space:]]\+$srcre[[:space:]]\+//p" < $IPKG_CONF -} - -ipkg_src_names() { - sed -ne "s/^src[[:space:]]\+\([^[:space:]]\+\).*/\1/p" < $IPKG_CONF -} - -ipkg_src_byname() { - local src="$1" - ipkg_srcs $src | head -1 -} - -ipkg_dests() { - local destre="`echo $1 | ipkg_protect_slashes`" - sed -ne "/^dest[[:space:]]\+$destre/{ -s/^dest[[:space:]]\+[^[:space:]]\+[[:space:]]\+// -s/^/`echo $IPKG_OFFLINE_ROOT | ipkg_protect_slashes`/ -p -}" < $IPKG_CONF -} - -ipkg_dest_names() { - sed -ne "s/^dest[[:space:]]\+\([^[:space:]]\+\).*/\1/p" < $IPKG_CONF -} - -ipkg_dests_all() { - ipkg_dests '.*' -} - -ipkg_state_dirs() { - ipkg_dests_all | sed "s|\$|/$IPKG_DIR_PREFIX|" -} - -ipkg_dest_default() { - ipkg_dests_all | head -1 -} - -ipkg_dest_default_name() { - ipkg_dest_names | head -1 -} - -ipkg_dest_byname() { - local dest="$1" - ipkg_dests $dest | head -1 -} - -ipkg_option() { - local option="$1" - sed -ne "s/^option[[:space:]]\+$option[[:space:]]\+//p" < $IPKG_CONF -} - -ipkg_load_configuration() { - if [ -z "$IPKG_CONF_DIR" ]; then - IPKG_CONF_DIR=/etc - fi - - IPKG_CONF="$IPKG_CONF_DIR/ipkg.conf" - - if [ -z "$IPKG_OFFLINE_ROOT" ]; then - IPKG_OFFLINE_ROOT="`ipkg_option offline_root`" - fi - # Export IPKG_OFFLINE_ROOT for use by update-alternatives - export IPKG_OFFLINE_ROOT - if [ -n "$DEST_NAME" ]; then - IPKG_ROOT="`ipkg_dest_byname $DEST_NAME`" - if [ -z "$IPKG_ROOT" ]; then - if [ -d "$IPKG_OFFLINE_ROOT$DEST_NAME" ]; then - IPKG_ROOT="$IPKG_OFFLINE_ROOT$DEST_NAME"; - else - echo "ipkg: invalid destination specification: $DEST_NAME -Valid destinations are directories or one of the dest names from $IPKG_CONF:" >&2 - ipkg_dest_names >&2 - return 1 - fi - fi - else - IPKG_ROOT="`ipkg_dest_default`" - fi - - # Global ipkg state directories - IPKG_DIR_PREFIX=usr/lib/ipkg - IPKG_LISTS_DIR=$IPKG_OFFLINE_ROOT/$IPKG_DIR_PREFIX/lists - IPKG_PENDING_DIR=$IPKG_OFFLINE_ROOT/$IPKG_DIR_PREFIX/pending - IPKG_TMP=$IPKG_ROOT/tmp/ipkg - - # Destination specific ipkg meta-data directory - IPKG_STATE_DIR=$IPKG_ROOT/$IPKG_DIR_PREFIX - - # Proxy Support - IPKG_PROXY_USERNAME="`ipkg_option proxy_username`" - IPKG_PROXY_PASSWORD="`ipkg_option proxy_password`" - IPKG_HTTP_PROXY="`ipkg_option http_proxy`" - IPKG_FTP_PROXY="`ipkg_option ftp_proxy`" - IPKG_NO_PROXY="`ipkg_option no_proxy`" - if [ -n "$IPKG_HTTP_PROXY" ]; then - export http_proxy="$IPKG_HTTP_PROXY" - fi - - if [ -n "$IPKG_FTP_PROXY" ]; then - export ftp_proxy="$IPKG_FTP_PROXY" - fi - - if [ -n "$IPKG_NO_PROXY" ]; then - export no_proxy="$IPKG_NO_PROXY" - fi - - IPKG_STATUS_FIELDS='\(Package\|Status\|Essential\|Version\|Conffiles\|Root\)' -} - -ipkg_usage() { - [ $# -gt 0 ] && echo "ipkg: $*" - echo " -usage: ipkg [options...] sub-command [arguments...] -where sub-command is one of: - -Package Manipulation: - update Update list of available packages - upgrade Upgrade all installed packages to latest version - install <pkg> Download and install <pkg> (and dependencies) - install <file.ipk> Install package <file.ipk> - install <file.deb> Install package <file.deb> - remove <pkg> Remove package <pkg> - -Informational Commands: - list List available packages and descriptions - files <pkg> List all files belonging to <pkg> - search <file> Search for a packaging providing <file> - info [pkg [<field>]] Display all/some info fields for <pkg> or all - status [pkg [<field>]] Display all/some status fields for <pkg> or all - depends <pkg> Print uninstalled package dependencies for <pkg> - -Options: - -d <dest_name> Use <dest_name> as the the root directory for - -dest <dest_name> package installation, removal, upgrading. - <dest_name> should be a defined dest name from the - configuration file, (but can also be a directory - name in a pinch). - -o <offline_root> Use <offline_root> as the root for offline installation. - -offline <offline_root> - -Force Options (use when ipkg is too smart for its own good): - -force-depends Make dependency checks warnings instead of errors - -force-defaults Use default options for questions asked by ipkg. - (no prompts). Note that this will not prevent - package installation scripts from prompting. -" >&2 - exit 1 -} - -ipkg_dir_part() { - local dir="`echo $1 | sed -ne 's/\(.*\/\).*/\1/p'`" - if [ -z "$dir" ]; then - dir="./" - fi - echo $dir -} - -ipkg_file_part() { - echo $1 | sed 's/.*\///' -} - -ipkg_protect_slashes() { - sed -e 's/\//\\\//g' -} - -ipkg_download() { - local src="$1" - local dest="$2" - - local src_file="`ipkg_file_part $src`" - local dest_dir="`ipkg_dir_part $dest`" - if [ -z "$dest_dir" ]; then - dest_dir="$IPKG_TMP" - fi - - local dest_file="`ipkg_file_part $dest`" - if [ -z "$dest_file" ]; then - dest_file="$src_file" - fi - - # Proxy support - local proxyuser="" - local proxypassword="" - local proxyoption="" - - if [ -n "$IPKG_PROXY_USERNAME" ]; then - proxyuser="--proxy-user=\"$IPKG_PROXY_USERNAME\"" - proxypassword="--proxy-passwd=\"$IPKG_PROXY_PASSWORD\"" - fi - - if [ -n "$IPKG_PROXY_HTTP" -o -n "$IPKG_PROXY_FTP" ]; then - proxyoption="--proxy=on" - fi - - echo "Downloading $src ..." - rm -f $IPKG_TMP/$src_file - case "$src" in - http://* | ftp://*) - if ! wget --passive-ftp $proxyoption $proxyuser $proxypassword -P $IPKG_TMP $src; then - echo "ipkg_download: ERROR: Failed to retrieve $src, returning $err" - return 1 - fi - mv $IPKG_TMP/$src_file $dest_dir/$dest_file 2>/dev/null - ;; - file:/* ) - ln -s `echo $src | sed 's/^file://'` $dest_dir/$dest_file 2>/dev/null - ;; - *) - echo "DEBUG: $src" - ;; - esac - - echo "Done." - return 0 -} - -ipkg_update() { - if [ ! -e "$IPKG_LISTS_DIR" ]; then - mkdir -p $IPKG_LISTS_DIR - fi - - local err= - for src_name in `ipkg_src_names`; do - local src="`ipkg_src_byname $src_name`" - if ! ipkg_download $src/Packages $IPKG_LISTS_DIR/$src_name; then - echo "ipkg_update: Error downloading $src/Packages to $IPKG_LISTS_DIR/$src_name" >&2 - err=t - else - echo "Updated list of available packages in $IPKG_LISTS_DIR/$src_name" - fi - done - - [ -n "$err" ] && return 1 - - return 0 -} - -ipkg_list() { - for src in `ipkg_src_names`; do - if ipkg_require_list $src; then -# black magic... -sed -ne " -/^Package:/{ -s/^Package:[[:space:]]*\<\([a-z0-9.+-]*$1[a-z0-9.+-]*\).*/\1/ -h -} -/^Description:/{ -s/^Description:[[:space:]]*\(.*\)/\1/ -H -g -s/\\ -/ - / -p -} -" $IPKG_LISTS_DIR/$src - fi - done -} - -ipkg_extract_paragraph() { - local pkg="$1" - sed -ne "/Package:[[:space:]]*$pkg[[:space:]]*\$/,/^\$/p" -} - -ipkg_extract_field() { - local field="$1" -# blacker magic... - sed -ne " -: TOP -/^$field:/{ -p -n -b FIELD -} -d -: FIELD -/^$/b TOP -/^[^[:space:]]/b TOP -p -n -b FIELD -" -} - -ipkg_extract_value() { - sed -e "s/^[^:]*:[[:space:]]*//" -} - -ipkg_require_list() { - [ $# -lt 1 ] && return 1 - local src="$1" - if [ ! -f "$IPKG_LISTS_DIR/$src" ]; then - echo "ERROR: File not found: $IPKG_LISTS_DIR/$src" >&2 - echo " You probably want to run \`ipkg update'" >&2 - return 1 - fi - return 0 -} - -ipkg_info() { - for src in `ipkg_src_names`; do - if ipkg_require_list $src; then - case $# in - 0) - cat $IPKG_LISTS_DIR/$src - ;; - 1) - ipkg_extract_paragraph $1 < $IPKG_LISTS_DIR/$src - ;; - *) - ipkg_extract_paragraph $1 < $IPKG_LISTS_DIR/$src | ipkg_extract_field $2 - ;; - esac - fi - done -} - -ipkg_status_sd() { - [ $# -lt 1 ] && return 0 - sd="$1" - shift - if [ -f $sd/status ]; then - case $# in - 0) - cat $sd/status - ;; - 1) - ipkg_extract_paragraph $1 < $sd/status - ;; - *) - ipkg_extract_paragraph $1 < $sd/status | ipkg_extract_field $2 - ;; - esac - fi - return 0 -} - -ipkg_status_all() { - for sd in `ipkg_state_dirs`; do - ipkg_status_sd $sd $* - done -} - -ipkg_status() { - if [ -n "$DEST_NAME" ]; then - ipkg_status_sd $IPKG_STATE_DIR $* - else - ipkg_status_all $* - fi -} - -ipkg_status_matching_sd() { - local sd="$1" - local re="$2" - if [ -f $sd/status ]; then - sed -ne " -: TOP -/^Package:/{ -s/^Package:[[:space:]]*// -s/[[:space:]]*$// -h -} -/$re/{ -g -p -b NEXT -} -d -: NEXT -/^$/b TOP -n -b NEXT -" < $sd/status - fi - return 0 -} - -ipkg_status_matching_all() { - for sd in `ipkg_state_dirs`; do - ipkg_status_matching_sd $sd $* - done -} - -ipkg_status_matching() { - if [ -n "$DEST_NAME" ]; then - ipkg_status_matching_sd $IPKG_STATE_DIR $* - else - ipkg_status_matching_all $* - fi -} - -ipkg_status_installed_sd() { - local sd="$1" - local pkg="$2" - ipkg_status_sd $sd $pkg Status | grep -q "Status: install ok installed" -} - -ipkg_status_installed_all() { - local ret=1 - for sd in `ipkg_state_dirs`; do - if `ipkg_status_installed_sd $sd $*`; then - ret=0 - fi - done - return $ret -} - -ipkg_status_mentioned_sd() { - local sd="$1" - local pkg="$2" - [ -n "`ipkg_status_sd $sd $pkg Status`" ] -} - -ipkg_files() { - local pkg="$1" - if [ -n "$DEST_NAME" ]; then - dests=$IPKG_ROOT - else - dests="`ipkg_dests_all`" - fi - for dest in $dests; do - if [ -f $dest/$IPKG_DIR_PREFIX/info/$pkg.list ]; then - dest_sed="`echo $dest | ipkg_protect_slashes`" - sed -e "s/^/$dest_sed/" < $dest/$IPKG_DIR_PREFIX/info/$pkg.list - fi - done -} - -ipkg_search() { - local pattern="$1" - - for dest_name in `ipkg_dest_names`; do - dest="`ipkg_dest_byname $dest_name`" - dest_sed="`echo $dest | ipkg_protect_slashes`" - - set +o noglob - local list_files="`ls -1 $dest/$IPKG_DIR_PREFIX/info/*.list 2>/dev/null`" - set -o noglob - for file in $list_files; do - if sed "s/^/$dest_sed/" $file | grep -q $pattern; then - local pkg="`echo $file | sed "s/^.*\/\(.*\)\.list/\1/"`" - [ "$dest_name" != `ipkg_dest_default_name` ] && pkg="$pkg ($dest_name)" - sed "s/^/$dest_sed/" $file | grep $pattern | sed "s/^/$pkg: /" - fi - done - done -} - -ipkg_status_remove_sd() { - local sd="$1" - local pkg="$2" - - if [ ! -f $sd/status ]; then - mkdir -p $sd - touch $sd/status - fi - sed -ne "/Package:[[:space:]]*$pkg[[:space:]]*\$/,/^\$/!p" < $sd/status > $sd/status.new - mv $sd/status.new $sd/status -} - -ipkg_status_remove_all() { - for sd in `ipkg_state_dirs`; do - ipkg_status_remove_sd $sd $* - done -} - -ipkg_status_remove() { - if [ -n "$DEST_NAME" ]; then - ipkg_status_remove_sd $IPKG_STATE_DIR $* - else - ipkg_status_remove_all $* - fi -} - -ipkg_status_update_sd() { - local sd="$1" - local pkg="$2" - - ipkg_status_remove_sd $sd $pkg - ipkg_extract_field "$IPKG_STATUS_FIELDS" >> $sd/status - echo "" >> $sd/status -} - -ipkg_status_update() { - ipkg_status_update_sd $IPKG_STATE_DIR $* -} - -ipkg_unsatisfied_dependences() { - local pkg=$1 - local deps="`ipkg_get_depends $pkg`" - local remaining_deps= - for dep in $deps; do - local installed="`ipkg_get_installed $dep`" - if [ "$installed" != "installed" ] ; then - remaining_deps="$remaining_deps $dep" - fi - done - ## echo "ipkg_unsatisfied_dependences pkg=$pkg $remaining_deps" > /dev/console - echo $remaining_deps -} - -ipkg_safe_pkg_name() { - local pkg=$1 - local spkg="`echo pkg_$pkg | sed -e y/-+./___/`" - echo $spkg -} - -ipkg_set_depends() { - local pkg=$1; shift - local new_deps="$*" - pkg="`ipkg_safe_pkg_name $pkg`" - ## setvar ${pkg}_depends "$new_deps" - echo $new_deps > /tmp/ipkg/${pkg}.depends -} - -ipkg_get_depends() { - local pkg=$1 - pkg="`ipkg_safe_pkg_name $pkg`" - cat /tmp/ipkg/${pkg}.depends - ## eval "echo \$${pkg}_depends" -} - -ipkg_set_installed() { - local pkg=$1 - pkg="`ipkg_safe_pkg_name $pkg`" - echo installed > /tmp/ipkg/${pkg}.installed - ## setvar ${pkg}_installed "installed" -} - -ipkg_set_uninstalled() { - local pkg=$1 - pkg="`ipkg_safe_pkg_name $pkg`" - ### echo ipkg_set_uninstalled $pkg > /dev/console - echo uninstalled > /tmp/ipkg/${pkg}.installed - ## setvar ${pkg}_installed "uninstalled" -} - -ipkg_get_installed() { - local pkg=$1 - pkg="`ipkg_safe_pkg_name $pkg`" - if [ -f /tmp/ipkg/${pkg}.installed ]; then - cat /tmp/ipkg/${pkg}.installed - fi - ## eval "echo \$${pkg}_installed" -} - -ipkg_depends() { - local new_pkgs="$*" - local all_deps= - local installed_pkgs="`ipkg_status_matching_all 'Status:.*[[:space:]]installed'`" - for pkg in $installed_pkgs; do - ipkg_set_installed $pkg - done - while [ -n "$new_pkgs" ]; do - all_deps="$all_deps $new_pkgs" - local new_deps= - for pkg in $new_pkgs; do - if echo $pkg | grep -q '[^a-z0-9.+-]'; then - echo "ipkg_depends: ERROR: Package name $pkg contains illegal characters (should be [a-z0-9.+-])" >&2 - return 1 - fi - # TODO: Fix this. For now I am ignoring versions and alternations in dependencies. - new_deps="$new_deps "`ipkg_info $pkg '\(Pre-\)\?Depends' | ipkg_extract_value | sed -e 's/([^)]*)//g -s/\(|[[:space:]]*[a-z0-9.+-]\+[[:space:]]*\)\+//g -s/,/ /g -s/ \+/ /g'` - ipkg_set_depends $pkg $new_deps - done - - new_deps=`echo $new_deps | sed -e 's/[[:space:]]\+/\\ -/g' | sort | uniq` - - local maybe_new_pkgs= - for pkg in $new_deps; do - if ! echo $installed_pkgs | grep -q "\<$pkg\>"; then - maybe_new_pkgs="$maybe_new_pkgs $pkg" - fi - done - - new_pkgs= - for pkg in $maybe_new_pkgs; do - if ! echo $all_deps | grep -q "\<$pkg\>"; then - if [ -z "`ipkg_info $pkg`" ]; then - echo "ipkg_depends: Warning: $pkg mentioned in dependency but no package found in $IPKG_LISTS_DIR" >&2 - ipkg_set_installed $pkg - else - new_pkgs="$new_pkgs $pkg" - ipkg_set_uninstalled $pkg - fi - else - ipkg_set_uninstalled $pkg - fi - done - done - - echo $all_deps -} - -ipkg_get_install_dest() { - local dest="$1" - shift - local sd=$dest/$IPKG_DIR_PREFIX - local info_dir=$sd/info - - local requested_pkgs="$*" - local pkgs="`ipkg_depends $*`" - - mkdir -p $info_dir - for pkg in $pkgs; do - if ! ipkg_status_mentioned_sd $sd $pkg; then - echo "Package: $pkg -Status: install ok not-installed" | ipkg_status_update_sd $sd $pkg - fi - done - ## mark the packages that we were directly requested to install as uninstalled - for pkg in $requested_pkgs; do ipkg_set_uninstalled $pkg; done - - local new_pkgs= - local pkgs_installed=0 - while [ -n "pkgs" ]; do - curcheck=0 - ## echo "pkgs to install: {$pkgs}" > /dev/console - for pkg in $pkgs; do - curcheck="`expr $curcheck + 1`" - local is_installed="`ipkg_get_installed $pkg`" - if [ "$is_installed" = "installed" ]; then - echo "$pkg is installed" > /dev/console - continue - fi - - local remaining_deps="`ipkg_unsatisfied_dependences $pkg`" - if [ -n "$remaining_deps" ]; then - new_pkgs="$new_pkgs $pkg" - ### echo "Dependences not satisfied for $pkg: $remaining_deps" - if [ $curcheck -ne `echo $pkgs|wc -w` ]; then - continue - fi - fi - - local filename= - for src in `ipkg_src_names`; do - if ipkg_require_list $src; then - filename="`ipkg_extract_paragraph $pkg < $IPKG_LISTS_DIR/$src | ipkg_extract_field Filename | ipkg_extract_value`" - [ -n "$filename" ] && break - fi - done - - if [ -z "$filename" ]; then - echo "ipkg_get_install: ERROR: Cannot find package $pkg in $IPKG_LISTS_DIR" - echo "ipkg_get_install: Check the spelling and maybe run \`ipkg update'." - ipkg_status_remove_sd $sd $pkg - return 1; - fi - - [ -e "$IPKG_TMP" ] || mkdir -p $IPKG_TMP - - echo "" - local tmp_pkg_file="$IPKG_TMP/"`ipkg_file_part $filename` - if ! ipkg_download `ipkg_src_byname $src`/$filename $tmp_pkg_file; then - echo "ipkg_get_install: Perhaps you need to run \`ipkg update'?" - return 1 - fi - - if ! ipkg_install_file_dest $dest $tmp_pkg_file; then - echo "ipkg_get_install: ERROR: Failed to install $tmp_pkg_file" - echo "ipkg_get_install: I'll leave it there for you to try a manual installation" - return 1 - fi - - ipkg_set_installed $pkg - pkgs_installed="`expr $pkgs_installed + 1`" - rm $tmp_pkg_file - done - ### echo "Installed $pkgs_installed package(s) this round" - if [ $pkgs_installed -eq 0 ]; then - if [ -z "$new_pkgs" ]; then - break - fi - fi - pkgs_installed=0 - pkgs="$new_pkgs" - new_pkgs= - curcheck=0 - done -} - -ipkg_get_install() { - ipkg_get_install_dest $IPKG_ROOT $* -} - -ipkg_install_file_dest() { - local dest="$1" - local filename="$2" - local sd=$dest/$IPKG_DIR_PREFIX - local info_dir=$sd/info - - if [ ! -f "$filename" ]; then - echo "ipkg_install_file: ERROR: File $filename not found" - return 1 - fi - - local pkg="`ipkg_file_part $filename | sed 's/\([a-z0-9.+-]\+\)_.*/\1/'`" - local ext="`echo $filename | sed 's/.*\.//'`" - local pkg_extract_stdout - if [ "$ext" = "ipk" ]; then - pkg_extract_stdout="tar -xzOf" - elif [ "$ext" = "deb" ]; then - pkg_extract_stdout="ar p" - else - echo "ipkg_install_file: ERROR: File $filename has unknown extension $ext (not .ipk or .deb)" - return 1 - fi - - # Check dependencies - local depends="`ipkg_depends $pkg | sed -e "s/\<$pkg\>//"`" - - # Don't worry about deps that are scheduled for installation - local missing_deps= - for dep in $depends; do - if ! ipkg_status_all $dep | grep -q 'Status:[[:space:]]install'; then - missing_deps="$missing_deps $dep" - fi - done - - if [ ! -z "$missing_deps" ]; then - if [ -n "$FORCE_DEPENDS" ]; then - echo "ipkg_install_file: Warning: $pkg depends on the following uninstalled programs: $missing_deps" - else - echo "ipkg_install_file: ERROR: $pkg depends on the following uninstalled programs: - $missing_deps" - echo "ipkg_install_file: You may want to use \`ipkg install' to install these." - return 1 - fi - fi - - mkdir -p $IPKG_TMP/$pkg/control - mkdir -p $IPKG_TMP/$pkg/data - mkdir -p $info_dir - - if ! $pkg_extract_stdout $filename ./control.tar.gz | (cd $IPKG_TMP/$pkg/control; tar -xzf - ) ; then - echo "ipkg_install_file: ERROR unpacking control.tar.gz from $filename" - return 1 - fi - - if [ -n "$IPKG_OFFLINE_ROOT" ]; then - if grep -q '^InstallsOffline:[[:space:]]*no' $IPKG_TMP/$pkg/control/control; then - echo "*** Warning: Package $pkg may not be installed in offline mode" - echo "*** Warning: Scheduling $filename for pending installation (installing into $IPKG_PENDING_DIR)" - echo "Package: $pkg -Status: install ok pending" | ipkg_status_update_sd $sd $pkg - mkdir -p $IPKG_PENDING_DIR - cp $filename $IPKG_PENDING_DIR - rm -r $IPKG_TMP/$pkg/control - rm -r $IPKG_TMP/$pkg/data - rmdir $IPKG_TMP/$pkg - return 0 - fi - fi - - - echo -n "Unpacking $pkg..." - set +o noglob - for file in $IPKG_TMP/$pkg/control/*; do - local base_file="`ipkg_file_part $file`" - mv $file $info_dir/$pkg.$base_file - done - set -o noglob - rm -r $IPKG_TMP/$pkg/control - - if ! $pkg_extract_stdout $filename ./data.tar.gz | (cd $IPKG_TMP/$pkg/data; tar -xzf - ) ; then - echo "ipkg_install_file: ERROR unpacking data.tar.gz from $filename" - return 1 - fi - echo "Done." - - echo -n "Configuring $pkg..." - export PKG_ROOT=$dest - if [ -x "$info_dir/$pkg.preinst" ]; then - if ! $info_dir/$pkg.preinst install; then - echo "$info_dir/$pkg.preinst failed. Aborting installation of $pkg" - rm -rf $IPKG_TMP/$pkg/data - rmdir $IPKG_TMP/$pkg - return 1 - fi - fi - - local old_conffiles="`ipkg_status_sd $sd $pkg Conffiles | ipkg_extract_value`" - local new_conffiles= - if [ -f "$info_dir/$pkg.conffiles" ]; then - for conffile in `cat $info_dir/$pkg.conffiles`; do - if [ -f "$dest/$conffile" ] && ! echo " $old_conffiles " | grep -q " $conffile "`md5sum $dest/$conffile | sed 's/ .*//'`; then - local use_maintainers_conffile= - if [ -z "$FORCE_DEFAULTS" ]; then - while true; do - echo -n "Configuration file \`$conffile' - ==> File on system created by you or by a script. - ==> File also in package provided by package maintainer. - What would you like to do about it ? Your options are: - Y or I : install the package maintainer's version - N or O : keep your currently-installed version - D : show the differences between the versions (if diff is installed) - The default action is to keep your current version. -*** `ipkg_file_part $conffile` (Y/I/N/O/D) [default=N] ? " - read response - case "$response" in - [YyIi] | [Yy][Ee][Ss]) - use_maintainers_conffile=t - break - ;; - [Dd]) - echo " -diff -u $dest/$conffile $IPKG_TMP/$pkg/data/$conffile" - diff -u $dest/$conffile $IPKG_TMP/$pkg/data/$conffile || true - echo "[Press ENTER to continue]" - read junk - ;; - *) - break - ;; - esac - done - fi - if [ -n "$use_maintainers_conffile" ]; then - local md5sum="`md5sum $IPKG_TMP/$pkg/data/$conffile | sed 's/ .*//'`" - new_conffiles="$new_conffiles $conffile $md5sum" - else - new_conffiles="$new_conffiles $conffile <custom>" - rm $IPKG_TMP/$pkg/data/$conffile - fi - else - md5sum="`md5sum $IPKG_TMP/$pkg/data/$conffile | sed 's/ .*//'`" - new_conffiles="$new_conffiles $conffile $md5sum" - fi - done - fi - - local owd="`pwd`" - (cd $IPKG_TMP/$pkg/data/; tar cf - . | (cd $owd; cd $dest; tar xf -)) - rm -rf $IPKG_TMP/$pkg/data - rmdir $IPKG_TMP/$pkg - $pkg_extract_stdout $filename ./data.tar.gz | tar tzf - | sed -e 's/^\.//' > $info_dir/$pkg.list - - if [ -x "$info_dir/$pkg.postinst" ]; then - $info_dir/$pkg.postinst configure - fi - - if [ -n "$new_conffiles" ]; then - new_conffiles='Conffiles: '`echo $new_conffiles | ipkg_protect_slashes` - fi - local sed_safe_root="`echo $dest | sed -e "s/^${IPKG_OFFLINE_ROOT}//" | ipkg_protect_slashes`" - sed -e "s/\(Package:.*\)/\1\\ -Status: install ok installed\\ -Root: ${sed_safe_root}\\ -${new_conffiles}/" $info_dir/$pkg.control | ipkg_status_update_sd $sd $pkg - - rm -f $info_dir/$pkg.control - rm -f $info_dir/$pkg.conffiles - rm -f $info_dir/$pkg.preinst - rm -f $info_dir/$pkg.postinst - - echo "Done." -} - -ipkg_install_file() { - ipkg_install_file_dest $IPKG_ROOT $* -} - -ipkg_install() { - - while [ $# -gt 0 ]; do - local pkg="$1" - shift - - case "$pkg" in - http://* | ftp://*) - local tmp_pkg_file="$IPKG_TMP/"`ipkg_file_part $pkg` - if ipkg_download $pkg $tmp_pkg_file; then - ipkg_install_file $tmp_pkg_file - rm $tmp_pkg_file - fi - ;; - file:/*.ipk | file://*.deb) - local ipkg_filename="`echo $pkg|sed 's/^file://'`" - ipkg_install_file $ipkg_filename - ;; - *.ipk | *.deb) - if [ -f "$pkg" ]; then - ipkg_install_file $pkg - else - echo "File not found $pkg" >&2 - fi - ;; - *) - ipkg_get_install $pkg || true - ;; - esac - done -} - -ipkg_install_pending() { - [ -n "$IPKG_OFFLINE_ROOT" ] && return 0 - - if [ -d "$IPKG_PENDING_DIR" ]; then - set +o noglob - local pending="`ls -1d $IPKG_PENDING_DIR/*.ipk 2> /dev/null`" || true - set -o noglob - if [ -n "$pending" ]; then - echo "The following packages in $IPKG_PENDING_DIR will now be installed:" - echo $pending - for filename in $pending; do - if ipkg_install_file $filename; then - rm $filename - fi - done - fi - fi - return 0 -} - -ipkg_install_wanted() { - local wanted="`ipkg_status_matching 'Status:[[:space:]]*install.*not-installed'`" - - if [ -n "$wanted" ]; then - echo "The following package were previously requested but have not been installed:" - echo $wanted - - if [ -n "$FORCE_DEFAULTS" ]; then - echo "Installing them now." - else - echo -n "Install them now [Y/n] ? " - read response - case "$response" in - [Nn] | [Nn][Oo]) - return 0 - ;; - esac - fi - - ipkg_install $wanted - fi - - return 0 -} - -ipkg_upgrade_pkg() { - local pkg="$1" - local avail_ver="`ipkg_info $pkg Version | ipkg_extract_value | head -1`" - - is_installed= - for dest_name in `ipkg_dest_names`; do - local dest="`ipkg_dest_byname $dest_name`" - local sd=$dest/$IPKG_DIR_PREFIX - local inst_ver="`ipkg_status_sd $sd $pkg Version | ipkg_extract_value`" - if [ -n "$inst_ver" ]; then - is_installed=t - - if [ -z "$avail_ver" ]; then - echo "Assuming locally installed package $pkg ($inst_ver) is up to date" - return 0 - fi - - if [ "$avail_ver" = "$inst_ver" ]; then - echo "Package $pkg ($inst_ver) installed in $dest_name is up to date" - elif ipkg_is_upgrade "$avail_ver" "$inst_ver"; then - echo "Upgrading $pkg ($dest_name) from $inst_ver to $avail_ver" - ipkg_get_install_dest $dest $pkg - else - echo "Not downgrading package $pkg from $inst_ver to $avail_ver" - fi - fi - done - - if [ -z "$is_installed" ]; then - echo "Package $pkg does not appear to be installed" - return 0 - fi - -} - -ipkg_upgrade() { - if [ $# -lt 1 ]; then - local pkgs="`ipkg_status_matching 'Status:.*[[:space:]]installed'`" - else - pkgs="$*" - fi - - for pkg in $pkgs; do - ipkg_upgrade_pkg $pkg - done -} - -ipkg_remove_pkg_dest() { - local dest="$1" - local pkg="$2" - local sd=$dest/$IPKG_DIR_PREFIX - local info_dir=$sd/info - - if ! ipkg_status_installed_sd $sd $pkg; then - echo "ipkg_remove: Package $pkg does not appear to be installed in $dest" - if ipkg_status_mentioned_sd $sd $pkg; then - echo "Purging mention of $pkg from the ipkg database" - ipkg_status_remove_sd $sd $pkg - fi - return 1 - fi - - echo "ipkg_remove: Removing $pkg... " - - local files="`cat $info_dir/$pkg.list`" - - export PKG_ROOT=$dest - if [ -x "$info_dir/$pkg.prerm" ]; then - $info_dir/$pkg.prerm remove - fi - - local conffiles="`ipkg_status_sd $sd $pkg Conffiles | ipkg_extract_value`" - - local dirs_to_remove= - for file in $files; do - if [ -d "$dest/$file" ]; then - dirs_to_remove="$dirs_to_remove $dest/$file" - else - if echo " $conffiles " | grep -q " $file "; then - if echo " $conffiles " | grep -q " $file "`md5sum $dest/$file | sed 's/ .*//'`; then - rm -f $dest/$file - fi - else - rm -f $dest/$file - fi - fi - done - - local removed_a_dir=t - while [ -n "$removed_a_dir" ]; do - removed_a_dir= - local new_dirs_to_remove= - for dir in $dirs_to_remove; do - if rmdir $dir >/dev/null 2>&1; then - removed_a_dir=t - else - new_dirs_to_remove="$new_dirs_to_remove $dir" - fi - done - dirs_to_remove="$new_dirs_to_remove" - done - - if [ -n "$dirs_to_remove" ]; then - echo "ipkg_remove: Warning: Not removing the following directories since they are not empty:" >&2 - echo "$dirs_to_remove" | sed -e 's/\/[/]\+/\//g' >&2 - fi - - if [ -x "$info_dir/$pkg.postrm" ]; then - $info_dir/$pkg.postrm remove - fi - - ipkg_status_remove_sd $sd $pkg - set +o noglob - rm -f $info_dir/$pkg.* - set -o noglob - - echo "Done." -} - -ipkg_remove_pkg() { - local pkg="$1" - for dest in `ipkg_dests_all`; do - local sd=$dest/$IPKG_DIR_PREFIX - if ipkg_status_mentioned_sd $sd $pkg; then - ipkg_remove_pkg_dest $dest $pkg - fi - done -} - -ipkg_remove() { - while [ $# -gt 0 ]; do - local pkg="$1" - shift - if [ -n "$DEST_NAME" ]; then - ipkg_remove_pkg_dest $IPKG_ROOT $pkg - else - ipkg_remove_pkg $pkg - fi - done -} - -########### -# ipkg main -########### - -# Parse options -while [ $# -gt 0 ]; do - arg="$1" - case $arg in - -d | -dest) - [ $# -gt 1 ] || ipkg_usage "option $arg requires an argument" - DEST_NAME="$2" - shift - ;; - -o | -offline) - [ $# -gt 1 ] || ipkg_usage "option $arg requires an argument" - IPKG_OFFLINE_ROOT="$2" - shift - ;; - -force-depends) - FORCE_DEPENDS=t - ;; - -force-defaults) - FORCE_DEFAULTS=t - ;; - -*) - ipkg_usage "unknown option $arg" - ;; - *) - break - ;; - esac - shift -done - -[ $# -lt 1 ] && ipkg_usage "ipkg must have one sub-command argument" -cmd="$1" -shift - -ipkg_load_configuration -mkdir -p /tmp/ipkg - -case "$cmd" in -update|upgrade|list|info|status|install_pending) - ;; -install|depends|remove|files|search) - [ $# -lt 1 ] && ipkg_usage "ERROR: the \`\`$cmd'' command requires an argument" - ;; -*) - echo "ERROR: unknown sub-command \`$cmd'" - ipkg_usage - ;; -esac - -# Only install pending if we have an interactive sub-command -case "$cmd" in -upgrade|install) - ipkg_install_pending - ipkg_install_wanted - ;; -esac - -ipkg_$cmd $* -for a in `ls $IPKG_TMP`; do - rm -rf $IPKG_TMP/$a -done diff --git a/obsolete-buildroot/sources/openwrt/root/bin/login b/obsolete-buildroot/sources/openwrt/root/bin/login deleted file mode 100755 index 7520824..0000000 --- a/obsolete-buildroot/sources/openwrt/root/bin/login +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -exec ash --login diff --git a/obsolete-buildroot/sources/openwrt/root/etc/banner b/obsolete-buildroot/sources/openwrt/root/etc/banner deleted file mode 100644 index 2b2b2c0..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/banner +++ /dev/null @@ -1,6 +0,0 @@ - _______ ________ __ - | |.-----.-----.-----.| | | |.----.| |_ - | - || _ | -__| || | | || _|| _| - |_______|| __|_____|__|__||________||__| |____| - |__| W I R E L E S S F R E E D O M - diff --git a/obsolete-buildroot/sources/openwrt/root/etc/dnsmasq.conf b/obsolete-buildroot/sources/openwrt/root/etc/dnsmasq.conf deleted file mode 100644 index 293edc6..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/dnsmasq.conf +++ /dev/null @@ -1,24 +0,0 @@ -# filter what we send upstream -domain-needed -bogus-priv -filterwin2k - -# allow /etc/hosts and dhcp lookups via *.lan -local=/lan/ -domain=lan - -# no dhcp / dns queries from the wan -except-interface=vlan1 - -# enable dhcp (start,end,netmask,leasetime) -dhcp-authoritative -dhcp-range=192.168.1.100,192.168.1.250,255.255.255.0,12h -dhcp-leasefile=/tmp/dhcp.leases - -# use /etc/ethers for static hosts; same format as --dhcp-host -# <hwaddr> [<hostname>] <ipaddr> -read-ethers - -# other useful options: -# default route(s): dhcp-option=3,192.168.1.1,192.168.1.2 -# dns server(s): dhcp-option=6,192.168.1.1,192.168.1.2 diff --git a/obsolete-buildroot/sources/openwrt/root/etc/functions.sh b/obsolete-buildroot/sources/openwrt/root/etc/functions.sh deleted file mode 100755 index 75500a2..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/functions.sh +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/ash - -alias debug=${DEBUG:-:} - -# allow env to override nvram -nvram () { - case $1 in - get) eval "echo \${NVRAM_$2:-\$(command nvram get $2)}";; - *) command nvram $*;; - esac -} -. /etc/nvram.overrides - -# valid interface? -if_valid () { - ifconfig "$1" >&- 2>&- || - [ "${1%%[0-9]}" = "br" ] || - { - [ "${1%%[0-9]}" = "vlan" ] && ( - i=${1#vlan} - hwname=$(nvram get vlan${i}hwname) - hwaddr=$(nvram get ${hwname}macaddr) - [ -z "$hwaddr" ] && return 1 - - vif=$(ifconfig -a | awk '/^eth.*'$hwaddr'/ {print $1; exit}' IGNORECASE=1) - debug "# vlan$i => $vif" - - $DEBUG ifconfig $vif up - $DEBUG vconfig add $vif $i 2>&- - ) - } || - { echo -e "# $1 ignored: can't find/create"; false; } -} diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S10boot b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S10boot deleted file mode 100755 index 81379be..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S10boot +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh -klogd -syslogd -C 16 -sysctl -p -echo "S" > /proc/jffs2_bbc - -mkdir -p /var/run - -[ "$(nvram get il0macaddr)" = "00:90:4c:5f:00:2a" ] && { - # if default wifi mac, set two higher than the lan mac - nvram set il0macaddr=$(nvram get et0macaddr| - awk '{OFS=FS=":";for(x=7,y=2;--x;){$x=sprintf("%02x",(y+="0x"$x)%256);y/=256}print}') -} - -insmod et -insmod wl - -ifconfig lo 127.0.0.1 up -ifconfig eth0 promisc - -HOSTNAME=$(nvram get wan_hostname) -HOSTNAME=${HOSTNAME%%.*} -echo ${HOSTNAME:=OpenWrt} > /proc/sys/kernel/hostname - -vconfig set_name_type VLAN_PLUS_VID_NO_PAD diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S40network b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S40network deleted file mode 100755 index a8144a8..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S40network +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/sh -. /etc/functions.sh -case "$1" in - start|restart) - ifup lan - ifup wan - ifup wifi - wifi up - - for route in $(nvram get static_route); do { - eval "set $(echo $route | sed 's/:/ /g')" - $DEBUG route add -net $1 netmask $2 gw $3 metric $4 dev $5 - } done - ;; -esac diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S45firewall b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S45firewall deleted file mode 100755 index 49b9df0..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S45firewall +++ /dev/null @@ -1,23 +0,0 @@ -#!/bin/sh -. /etc/functions.sh - -WAN=$(nvram get wan_ifname) - -IPT=/usr/sbin/iptables - -for T in filter nat mangle ; do - $IPT -t $T -F - $IPT -t $T -X -done - -$IPT -t filter -A INPUT -m state --state INVALID -j DROP -$IPT -t filter -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT -$IPT -t filter -A INPUT -p icmp -j ACCEPT -$IPT -t filter -A INPUT -i $WAN -p tcp -j REJECT --reject-with tcp-reset -$IPT -t filter -A INPUT -i $WAN -j REJECT --reject-with icmp-port-unreachable -$IPT -t filter -A FORWARD -m state --state INVALID -j DROP -$IPT -t filter -A FORWARD -m state --state RELATED,ESTABLISHED -j ACCEPT -$IPT -t filter -A FORWARD -i $WAN -m state --state NEW,INVALID -j DROP -$IPT -t filter -A FORWARD -o $WAN -p tcp --tcp-flags SYN,RST SYN -j TCPMSS --clamp-mss-to-pmtu - -$IPT -t nat -A POSTROUTING -o $WAN -j MASQUERADE diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50dnsmasq b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50dnsmasq deleted file mode 100755 index 995c1b6..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50dnsmasq +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -/usr/sbin/dnsmasq diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50httpd b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50httpd deleted file mode 100755 index fd66f80..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50httpd +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -/usr/sbin/httpd -p 80 -h /www -r WRT54G Router diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50telnet b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50telnet deleted file mode 100755 index 29af504..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S50telnet +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/sh -/usr/sbin/telnetd -l /bin/login diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S99done b/obsolete-buildroot/sources/openwrt/root/etc/init.d/S99done deleted file mode 100755 index 8811e99..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/S99done +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/sh -# automagically run firstboot -[ -z "$FAILSAFE" ] && { - { mount | grep jffs2 1>&-; } || firstboot -} -# set leds to normal state -echo "0x00" > /proc/sys/diag diff --git a/obsolete-buildroot/sources/openwrt/root/etc/init.d/rcS b/obsolete-buildroot/sources/openwrt/root/etc/init.d/rcS deleted file mode 100755 index 9510e94..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/init.d/rcS +++ /dev/null @@ -1,25 +0,0 @@ -#!/bin/sh - -# Start all init scripts in /etc/init.d -# executing them in numerical order. -# -for i in /etc/init.d/S??* ;do - - # Ignore dangling symlinks (if any). - [ ! -f "$i" ] && continue - - case "$i" in - *.sh) - # Source shell script for speed. - ( - trap - INT QUIT TSTP - set start - . $i - ) - ;; - *) - # No sh extension, so fork subprocess. - $i start - ;; - esac -done diff --git a/obsolete-buildroot/sources/openwrt/root/etc/inittab b/obsolete-buildroot/sources/openwrt/root/etc/inittab deleted file mode 100644 index 3b0c14e..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/inittab +++ /dev/null @@ -1,3 +0,0 @@ -::sysinit:/etc/init.d/rcS -::shutdown:/sbin/halt -tts/0::askfirst:/bin/login diff --git a/obsolete-buildroot/sources/openwrt/root/etc/ipkg.conf b/obsolete-buildroot/sources/openwrt/root/etc/ipkg.conf deleted file mode 100644 index 31a5fdf..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/ipkg.conf +++ /dev/null @@ -1,3 +0,0 @@ -src openwrt http://openwrt.org/ipkg -dest root / -dest ram /tmp diff --git a/obsolete-buildroot/sources/openwrt/root/etc/nvram.overrides b/obsolete-buildroot/sources/openwrt/root/etc/nvram.overrides deleted file mode 100644 index acbba30..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/nvram.overrides +++ /dev/null @@ -1,62 +0,0 @@ -# NVRAM overrides -# -# This file handles the NVRAM quirks of various hardware. -# THIS FILE IS NOT A REPLACEMENT FOR NVRAM - -# linksys bug; remove when not using static configuration for lan -NVRAM_lan_proto="static" - -# hacks for wrt54g 1.x hardware -[ "$(nvram get boardnum)" = "42" ] && \ -[ "$(nvram get boardtype)" = "bcm94710dev" ] && { - - # remap eth0 => vlan2, eth1 => vlan1 - # for all *_ifname(s) - - debug "### wrt54g 1.x hack ###" - NVRAM_vlan1hwname="et0" - NVRAM_vlan2hwname="et0" - FAILSAFE_ifnames="vlan1 vlan2 eth2" - - remap () { - eval NVRAM_$1=\"$(nvram get $1 | awk 'gsub("eth0","vlan2") gsub("eth1","vlan1")')\" - } - - for type in lan wifi wan pppoe - do - remap ${type}_ifname - remap ${type}_ifnames - done -} - -# hacks for wap54g hardware -[ "$(nvram get boardnum)" = "2" ] || \ -[ "$(nvram get boardnum)" = "1024" ] && { - debug "### wap54g hack ###" - NVRAM_wan_ifname="none" - FAILSAFE_ifnames="eth0 eth1" -} - -# defaults if lan_ifname is missing -[ -z "$(nvram get lan_ifname)" ] && { - NVRAM_lan_ifname="br0" - NVRAM_lan_ifnames="vlan0 vlan2 eth1 eth2 eth3" -} - -# defaults if wan_ifname is missing -[ -z "$(nvram get wan_ifname)" ] && { - NVRAM_wan_ifname="vlan1" - NVRAM_wan_proto="dhcp" -} - -# failsafe if reset is held -[ "$FAILSAFE" = "true" ] && { - echo "### YOU ARE IN FAILSAFE MODE ####" - NVRAM_lan_ifname="br0" - NVRAM_lan_ifnames=${FAILSAFE_ifnames:-"vlan0 vlan1 eth1"} - NVRAM_lan_ipaddr="192.168.1.1" - NVRAM_lan_netmask="255.255.255.0" - NVRAM_lan_hwaddr="00:0B:AD:0A:DD:00" - NVRAM_wan_ifname="none" - NVRAM_wifi_ifname="none" -} diff --git a/obsolete-buildroot/sources/openwrt/root/etc/preinit b/obsolete-buildroot/sources/openwrt/root/etc/preinit deleted file mode 100755 index 6e6a9c9..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/preinit +++ /dev/null @@ -1,20 +0,0 @@ -#!/bin/sh -# executed from squashfs before init to -# transfer root to the jffs2 partition -mount none /proc -t proc -insmod diag -echo 0x01 > /proc/sys/diag -sleep 1 -if [ $(cat /proc/sys/reset) = 1 ] ; then - export FAILSAFE=true - while :; do { echo $(((X=(X+1)%8)%2)) > /proc/sys/diag; sleep $((X==0)); } done & -else - mtd unlock mtd4 - mount -t jffs2 /dev/mtdblock/4 /jffs - pivot_root /jffs /jffs/rom - mount none /dev -t devfs - mount none /proc -t proc - umount rom/proc rom/dev -fi -mount none /tmp -t ramfs -exec /sbin/init diff --git a/obsolete-buildroot/sources/openwrt/root/etc/profile b/obsolete-buildroot/sources/openwrt/root/etc/profile deleted file mode 100644 index 29cd340..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/profile +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh -[ -f /etc/banner ] && cat /etc/banner - -export PATH=/bin:/sbin:/usr/bin:/usr/sbin -export PS1='\u@\h:\w\$ ' - -alias less=more -alias vim=vi -ldd() { LD_TRACE_LOADED_OBJECTS=1 $*; } diff --git a/obsolete-buildroot/sources/openwrt/root/etc/sysctl.conf b/obsolete-buildroot/sources/openwrt/root/etc/sysctl.conf deleted file mode 100644 index 8552a4b..0000000 --- a/obsolete-buildroot/sources/openwrt/root/etc/sysctl.conf +++ /dev/null @@ -1,7 +0,0 @@ -kernel.panic = 3 -net.ipv4.ip_forward = 1 -net.ipv4.icmp_echo_ignore_broadcasts = 1 -net.ipv4.icmp_ignore_bogus_error_responses = 1 -net.ipv4.tcp_fin_timeout = 30 -net.ipv4.tcp_keepalive_time = 120 -net.ipv4.tcp_timestamps = 0 diff --git a/obsolete-buildroot/sources/openwrt/root/rom/note b/obsolete-buildroot/sources/openwrt/root/rom/note deleted file mode 100644 index 4d9934e..0000000 --- a/obsolete-buildroot/sources/openwrt/root/rom/note +++ /dev/null @@ -1,2 +0,0 @@ -After firstboot has been run, /rom will contain the previous (squashfs) root -* except when booted failsafe -- echo $FAILSAFE diff --git a/obsolete-buildroot/sources/openwrt/root/sbin/halt b/obsolete-buildroot/sources/openwrt/root/sbin/halt deleted file mode 100755 index 2aee693..0000000 --- a/obsolete-buildroot/sources/openwrt/root/sbin/halt +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/sh -/usr/bin/killall5 -9 -umount -ar diff --git a/obsolete-buildroot/sources/openwrt/root/sbin/hotplug b/obsolete-buildroot/sources/openwrt/root/sbin/hotplug deleted file mode 100755 index 335ee8f..0000000 --- a/obsolete-buildroot/sources/openwrt/root/sbin/hotplug +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/ash -# $Id$ -[ "${INTERFACE%%[0-9]*}" = "wds" ] && { - [ -x "/usr/sbin/nas" ] && /usr/sbin/nas lan $INTERFACE up - ifconfig $INTERFACE 0.0.0.0 up - /usr/sbin/brctl addif br0 $INTERFACE -} diff --git a/obsolete-buildroot/sources/openwrt/root/sbin/ifdown b/obsolete-buildroot/sources/openwrt/root/sbin/ifdown deleted file mode 100755 index e59e057..0000000 --- a/obsolete-buildroot/sources/openwrt/root/sbin/ifdown +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/ash -. /etc/functions.sh - type=$1 - debug "### ifdown $type ###" - if=$(nvram get ${type}_ifname) - if_valid $if || return - kill $(cat /var/run/${if}.pid 2>&-) 2>&- - $DEBUG ifconfig $if down diff --git a/obsolete-buildroot/sources/openwrt/root/sbin/ifup b/obsolete-buildroot/sources/openwrt/root/sbin/ifup deleted file mode 100755 index 6b4a774..0000000 --- a/obsolete-buildroot/sources/openwrt/root/sbin/ifup +++ /dev/null @@ -1,71 +0,0 @@ -#!/bin/ash -. /etc/functions.sh - type=$1 - debug "### ifup $type ###" - - if=$(nvram get ${type}_ifname) - if [ "${if%%[0-9]}" = "ppp" ]; then - if=$(nvram get pppoe_ifname) - fi - - if_valid $if || return - - $DEBUG ifconfig $if down - if [ "${if%%[0-9]}" = "br" ]; then - stp=$(nvram get ${type}_stp) - $DEBUG brctl delbr $if - $DEBUG brctl addbr $if - $DEBUG brctl setfd $if 0 - $DEBUG brctl stp $if ${stp:-0} - for sif in $(nvram get ${type}_ifnames); do { - if_valid $sif || continue - $DEBUG ifconfig $sif 0.0.0.0 up - $DEBUG brctl addif $if $sif - } done - fi - - mac=$(nvram get ${type}_hwaddr) - ${mac:+$DEBUG ifconfig $if hw ether $mac} - - if_proto=$(nvram get ${type}_proto) - case "$if_proto" in - static) - ip=$(nvram get ${type}_ipaddr) - netmask=$(nvram get ${type}_netmask) - gateway=$(nvram get ${type}_gateway) - - $DEBUG ifconfig $if $ip ${netmask:+netmask $netmask} broadcast + up - ${gateway:+$DEBUG route add default gw $gateway} - - [ -f /etc/resolv.conf ] && return - - debug "# --- creating /etc/resolv.conf ---" - for dns in $(nvram get ${type}_dns); do { - echo "nameserver $dns" >> /etc/resolv.conf - } done - ;; - dhcp) - pidfile=/tmp/dhcp-${type}.pid - if [ -f $pidfile ]; then - $DEBUG kill $(cat $pidfile) - fi - ${DEBUG:-eval} "udhcpc -i $if -b -p $pidfile &" - ;; - pppoe) - username=$(nvram get ppp_username) - password=$(nvram get ppp_passwd) - redial=$(nvram get ppp_redialperiod) - idletime=$(nvram get ppp_idletime) - mtu=$(nvram get wan_mtu) - - $DEBUG ifconfig $if 0.0.0.0 up - - $DEBUG /sbin/pppoecd $if -u $username -p $password \ - -i 0 -I $redial -T $idletime -t $mtu -k - ;; - none) - ;; - *) - echo "### WARNING $if: $if_proto is not supported" - ;; - esac diff --git a/obsolete-buildroot/sources/openwrt/root/sbin/wifi b/obsolete-buildroot/sources/openwrt/root/sbin/wifi deleted file mode 100755 index 6360fff..0000000 --- a/obsolete-buildroot/sources/openwrt/root/sbin/wifi +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/ash -alias debug=${DEBUG:-:} -debug "### wifi $1 ###" -if=$(awk 'sub(":","") {print $1}' /proc/net/wireless) -$DEBUG wlconf $if $1 diff --git a/obsolete-buildroot/sources/openwrt/root/usr/share/udhcpc/default.script b/obsolete-buildroot/sources/openwrt/root/usr/share/udhcpc/default.script deleted file mode 100755 index 87be32d..0000000 --- a/obsolete-buildroot/sources/openwrt/root/usr/share/udhcpc/default.script +++ /dev/null @@ -1,38 +0,0 @@ -#!/bin/sh -# udhcpc script edited by Tim Riker <Tim@Rikers.org> -# (slightly modified) - -[ -z "$1" ] && echo "Error: should be run by udhcpc" && exit 1 - -RESOLV_CONF="/tmp/resolv.conf" - -case "$1" in - deconfig) - ifconfig $interface 0.0.0.0 - ;; - - renew|bound) - ifconfig $interface $ip \ - ${broadcast:+broadcast $broadcast} \ - ${subnet:+netmask $subnet} - - if [ -n "$router" ] ; then - echo "deleting routers" - while route del default gw 0.0.0.0 dev $interface ; do - : - done - - for i in $router ; do - route add default gw $i dev $interface - done - fi - - echo -n > $RESOLV_CONF - ${domain:+echo search $domain >> $RESOLV_CONF} - for i in $dns ; do - echo adding dns $i - echo nameserver $i >> $RESOLV_CONF - done - ;; -esac -exit 0 diff --git a/obsolete-buildroot/sources/openwrt/root/www/index.html b/obsolete-buildroot/sources/openwrt/root/www/index.html deleted file mode 100644 index 575d242..0000000 --- a/obsolete-buildroot/sources/openwrt/root/www/index.html +++ /dev/null @@ -1,7 +0,0 @@ -<HTML> -<HEAD><TITLE>OpenWrt</TITLE></HEAD> -<BODY> -No webpages currently available -<br>- perhaps you need to install a package? -</BODY> -</HTML> diff --git a/obsolete-buildroot/sources/openwrt/tools/addpattern.c b/obsolete-buildroot/sources/openwrt/tools/addpattern.c deleted file mode 100644 index b32ab9f..0000000 --- a/obsolete-buildroot/sources/openwrt/tools/addpattern.c +++ /dev/null @@ -1,202 +0,0 @@ -/* - * Copyright (C) 2004 Manuel Novoa III <mjn3@codepoet.org> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* July 29, 2004 - * - * This is a hacked replacement for the 'addpattern' utility used to - * create wrt54g .bin firmware files. It isn't pretty, but it does - * the job for me. - * - * Extensions: - * -v allows setting the version string on the command line. - * -{0|1} sets the (currently ignored) hw_ver flag in the header - * to 0 or 1 respectively. - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <time.h> -#include <unistd.h> -#include <sys/stat.h> - -/**********************************************************************/ - -#define CODE_ID "U2ND" /* from code_pattern.h */ -#define CODE_PATTERN "W54S" /* from code_pattern.h */ - -#define CYBERTAN_VERSION "v2.07.1" /* from cyutils.h */ -/* #define CYBERTAN_VERSION "v2.04.3" */ - -struct code_header { /* from cyutils.h */ - char magic[4]; - char res1[4]; /* for extra magic */ - char fwdate[3]; - char fwvern[3]; - char id[4]; /* U2ND */ -#if 0 - unsigned char res2[14]; -#else - char hw_ver; /* 0: for 4702, 1: for 4712 -- new in 2.04.3 */ - unsigned char res2[13]; -#endif -} ; - -/**********************************************************************/ - -void usage(void) __attribute__ (( __noreturn__ )); - -void usage(void) -{ - fprintf(stderr, "Usage: addpattern [-i trxfile] [-o binfile] [-p pattern] [-g] [-v v#.#.#] [-{0|1}]\n"); - exit(EXIT_FAILURE); -} - -int main(int argc, char **argv) -{ - char buf[1024]; /* keep this at 1k or adjust garbage calc below */ - struct code_header *hdr; - FILE *in = stdin; - FILE *out = stdout; - char *ifn = NULL; - char *ofn = NULL; - char *pattern = CODE_PATTERN; - char *version = CYBERTAN_VERSION; - int gflag = 0; - int c; - int v0, v1, v2; - size_t off, n; - time_t t; - struct tm *ptm; - - fprintf(stderr, "mjn3's addpattern replacement - v0.81\n"); - - hdr = (struct code_header *) buf; - - while ((c = getopt(argc, argv, "i:o:p:gv:01")) != -1) { - switch (c) { - case 'i': - ifn = optarg; - break; - case 'o': - ofn = optarg; - break; - case 'p': - pattern = optarg; - break; - case 'g': - gflag = 1; - break; - case 'v': /* extension to allow setting version */ - version = optarg; - break; - case '0': - hdr->hw_ver = 0; - break; - case '1': - hdr->hw_ver = 1; - break; - default: - usage(); - } - } - - if (optind != argc) { - fprintf(stderr, "illegal arg \"%s\"\n", argv[optind]); - usage(); - } - - if (strlen(pattern) != 4) { - fprintf(stderr, "illegal pattern \"%s\": length != 4\n", pattern); - usage(); - } - - if (ifn && !(in = fopen(ifn, "r"))) { - fprintf(stderr, "can not open \"%s\" for reading\n", ifn); - usage(); - } - - if (ofn && !(out = fopen(ofn, "w"))) { - fprintf(stderr, "can not open \"%s\" for writing\n", ofn); - usage(); - } - - if (time(&t) == (time_t)(-1)) { - fprintf(stderr, "time call failed\n"); - return EXIT_FAILURE; - } - - ptm = localtime(&t); - - if (3 != sscanf(version, "v%d.%d.%d", &v0, &v1, &v2)) { - fprintf(stderr, "bad version string \"%s\"\n", version); - return EXIT_FAILURE; - } - - memset(hdr, 0, sizeof(struct code_header)); - memcpy(&hdr->magic, pattern, 4); - hdr->fwdate[0] = ptm->tm_year % 100; - hdr->fwdate[1] = ptm->tm_mon + 1; - hdr->fwdate[2] = ptm->tm_mday; - hdr->fwvern[0] = v0; - hdr->fwvern[1] = v1; - hdr->fwvern[2] = v2; - memcpy(&hdr->id, CODE_ID, strlen(CODE_ID)); - - off = sizeof(struct code_header); - - fprintf(stderr, "writing firmware v%d.%d.%d on %d/%d/%d (y/m/d)\n", - v0, v1, v2, - hdr->fwdate[0], hdr->fwdate[1], hdr->fwdate[2]); - - - while ((n = fread(buf + off, 1, sizeof(buf)-off, in) + off) > 0) { - off = 0; - if (n < sizeof(buf)) { - if (ferror(in)) { - FREAD_ERROR: - fprintf(stderr, "fread error\n"); - return EXIT_FAILURE; - } - if (gflag) { - gflag = sizeof(buf) - n; - memset(buf + n, 0xff, gflag); - fprintf(stderr, "adding %d bytes of garbage\n", gflag); - n = sizeof(buf); - } - } - if (!fwrite(buf, n, 1, out)) { - FWRITE_ERROR: - fprintf(stderr, "fwrite error\n"); - return EXIT_FAILURE; - } - } - - if (ferror(in)) { - goto FREAD_ERROR; - } - - if (fflush(out)) { - goto FWRITE_ERROR; - } - - fclose(in); - fclose(out); - - return EXIT_SUCCESS; -} diff --git a/obsolete-buildroot/sources/openwrt/tools/sstrip.c b/obsolete-buildroot/sources/openwrt/tools/sstrip.c deleted file mode 100644 index e820a44..0000000 --- a/obsolete-buildroot/sources/openwrt/tools/sstrip.c +++ /dev/null @@ -1,483 +0,0 @@ -/* http://www.muppetlabs.com/~breadbox/software/elfkickers.html */ - -/* sstrip: Copyright (C) 1999-2001 by Brian Raiter, under the GNU - * General Public License. No warranty. See COPYING for details. - * - * Aug 23, 2004 Hacked by Manuel Novoa III <mjn3@codepoet.org> to - * handle targets of different endianness and/or elf class, making - * it more useful in a cross-devel environment. - */ - -/* ============== original README =================== - * - * sstrip is a small utility that removes the contents at the end of an - * ELF file that are not part of the program's memory image. - * - * Most ELF executables are built with both a program header table and a - * section header table. However, only the former is required in order - * for the OS to load, link and execute a program. sstrip attempts to - * extract the ELF header, the program header table, and its contents, - * leaving everything else in the bit bucket. It can only remove parts of - * the file that occur at the end, after the parts to be saved. However, - * this almost always includes the section header table, and occasionally - * a few random sections that are not used when running a program. - * - * It should be noted that the GNU bfd library is (understandably) - * dependent on the section header table as an index to the file's - * contents. Thus, an executable file that has no section header table - * cannot be used with gdb, objdump, or any other program based upon the - * bfd library, at all. In fact, the program will not even recognize the - * file as a valid executable. (This limitation is noted in the source - * code comments for bfd, and is marked "FIXME", so this may change at - * some future date. However, I would imagine that it is a pretty - * low-priority item, as executables without a section header table are - * rare in the extreme.) This probably also explains why strip doesn't - * offer the option to do this. - * - * Shared library files may also have their section header table removed. - * Such a library will still function; however, it will no longer be - * possible for a compiler to link a new program against it. - * - * As an added bonus, sstrip also tries to removes trailing zero bytes - * from the end of the file. (This normally cannot be done with an - * executable that has a section header table.) - * - * sstrip is a very simplistic program. It depends upon the common - * practice of putting the parts of the file that contribute to the - * memory image at the front, and the remaining material at the end. This - * permits it to discard the latter material without affecting file - * offsets and memory addresses in what remains. Of course, the ELF - * standard permits files to be organized in almost any order, so if a - * pathological linker decided to put its section headers at the top, - * sstrip would be useless on such executables. - */ - -#include <stdio.h> -#include <stdlib.h> -#include <string.h> -#include <errno.h> -#include <unistd.h> -#include <fcntl.h> -#include <elf.h> -#ifdef __FreeBSD__ -/** - * This seems to work on FreeBSD 5.3, should - * work on all newer versions as well. I have - * no idea if it will work on versions < 5.3 - * - * Joe Estock (guru) <jestock at nutextonline.com> - */ -#include <sys/endian.h> -#define bswap_64 __bswap64 -#define bswap_32 __bswap32 -#define bswap_16 __bswap16 -#else -#include <endian.h> -#include <byteswap.h> -#endif /* defined(__FreeBSD__) */ - - -#ifndef TRUE -#define TRUE 1 -#define FALSE 0 -#endif - -/* The name of the program. - */ -static char const *progname; - -/* The name of the current file. - */ -static char const *filename; - - -/* A simple error-handling function. FALSE is always returned for the - * convenience of the caller. - */ -static int err(char const *errmsg) -{ - fprintf(stderr, "%s: %s: %s\n", progname, filename, errmsg); - return FALSE; -} - -/* A flag to signal the need for endian reversal. - */ -static int do_reverse_endian; - -/* Get a value from the elf header, compensating for endianness. - */ -#define EGET(X) \ - (__extension__ ({ \ - uint64_t __res; \ - if (!do_reverse_endian) { \ - __res = (X); \ - } else if (sizeof(X) == 1) { \ - __res = (X); \ - } else if (sizeof(X) == 2) { \ - __res = bswap_16((X)); \ - } else if (sizeof(X) == 4) { \ - __res = bswap_32((X)); \ - } else if (sizeof(X) == 8) { \ - __res = bswap_64((X)); \ - } else { \ - fprintf(stderr, "%s: %s: EGET failed for size %d\n", \ - progname, filename, sizeof(X)); \ - exit(EXIT_FAILURE); \ - } \ - __res; \ - })) - -/* Set a value 'Y' in the elf header to 'X', compensating for endianness. - */ -#define ESET(Y,X) \ - do if (!do_reverse_endian) { \ - Y = (X); \ - } else if (sizeof(Y) == 1) { \ - Y = (X); \ - } else if (sizeof(Y) == 2) { \ - Y = bswap_16((uint16_t)(X)); \ - } else if (sizeof(Y) == 4) { \ - Y = bswap_32((uint32_t)(X)); \ - } else if (sizeof(Y) == 8) { \ - Y = bswap_64((uint64_t)(X)); \ - } else { \ - fprintf(stderr, "%s: %s: ESET failed for size %d\n", \ - progname, filename, sizeof(Y)); \ - exit(EXIT_FAILURE); \ - } while (0) - - -/* A macro for I/O errors: The given error message is used only when - * errno is not set. - */ -#define ferr(msg) (err(errno ? strerror(errno) : (msg))) - - - -#define HEADER_FUNCTIONS(CLASS) \ - \ -/* readelfheader() reads the ELF header into our global variable, and \ - * checks to make sure that this is in fact a file that we should be \ - * munging. \ - */ \ -static int readelfheader ## CLASS (int fd, Elf ## CLASS ## _Ehdr *ehdr) \ -{ \ - if (read(fd, ((char *)ehdr)+EI_NIDENT, sizeof(*ehdr) - EI_NIDENT) \ - != sizeof(*ehdr) - EI_NIDENT) \ - return ferr("missing or incomplete ELF header."); \ - \ - /* Verify the sizes of the ELF header and the program segment \ - * header table entries. \ - */ \ - if (EGET(ehdr->e_ehsize) != sizeof(Elf ## CLASS ## _Ehdr)) \ - return err("unrecognized ELF header size."); \ - if (EGET(ehdr->e_phentsize) != sizeof(Elf ## CLASS ## _Phdr)) \ - return err("unrecognized program segment header size."); \ - \ - /* Finally, check the file type. \ - */ \ - if (EGET(ehdr->e_type) != ET_EXEC && EGET(ehdr->e_type) != ET_DYN) \ - return err("not an executable or shared-object library."); \ - \ - return TRUE; \ -} \ - \ -/* readphdrtable() loads the program segment header table into memory. \ - */ \ -static int readphdrtable ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \ - Elf ## CLASS ## _Phdr **phdrs) \ -{ \ - size_t size; \ - \ - if (!EGET(ehdr->e_phoff) || !EGET(ehdr->e_phnum) \ -) return err("ELF file has no program header table."); \ - \ - size = EGET(ehdr->e_phnum) * sizeof **phdrs; \ - if (!(*phdrs = malloc(size))) \ - return err("Out of memory!"); \ - \ - errno = 0; \ - if (read(fd, *phdrs, size) != (ssize_t)size) \ - return ferr("missing or incomplete program segment header table."); \ - \ - return TRUE; \ -} \ - \ -/* getmemorysize() determines the offset of the last byte of the file \ - * that is referenced by an entry in the program segment header table. \ - * (Anything in the file after that point is not used when the program \ - * is executing, and thus can be safely discarded.) \ - */ \ -static int getmemorysize ## CLASS (Elf ## CLASS ## _Ehdr const *ehdr, \ - Elf ## CLASS ## _Phdr const *phdrs, \ - unsigned long *newsize) \ -{ \ - Elf ## CLASS ## _Phdr const *phdr; \ - unsigned long size, n; \ - int i; \ - \ - /* Start by setting the size to include the ELF header and the \ - * complete program segment header table. \ - */ \ - size = EGET(ehdr->e_phoff) + EGET(ehdr->e_phnum) * sizeof *phdrs; \ - if (size < sizeof *ehdr) \ - size = sizeof *ehdr; \ - \ - /* Then keep extending the size to include whatever data the \ - * program segment header table references. \ - */ \ - for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \ - if (EGET(phdr->p_type) != PT_NULL) { \ - n = EGET(phdr->p_offset) + EGET(phdr->p_filesz); \ - if (n > size) \ - size = n; \ - } \ - } \ - \ - *newsize = size; \ - return TRUE; \ -} \ - \ -/* modifyheaders() removes references to the section header table if \ - * it was stripped, and reduces program header table entries that \ - * included truncated bytes at the end of the file. \ - */ \ -static int modifyheaders ## CLASS (Elf ## CLASS ## _Ehdr *ehdr, \ - Elf ## CLASS ## _Phdr *phdrs, \ - unsigned long newsize) \ -{ \ - Elf ## CLASS ## _Phdr *phdr; \ - int i; \ - \ - /* If the section header table is gone, then remove all references \ - * to it in the ELF header. \ - */ \ - if (EGET(ehdr->e_shoff) >= newsize) { \ - ESET(ehdr->e_shoff,0); \ - ESET(ehdr->e_shnum,0); \ - ESET(ehdr->e_shentsize,0); \ - ESET(ehdr->e_shstrndx,0); \ - } \ - \ - /* The program adjusts the file size of any segment that was \ - * truncated. The case of a segment being completely stripped out \ - * is handled separately. \ - */ \ - for (i = 0, phdr = phdrs ; i < EGET(ehdr->e_phnum) ; ++i, ++phdr) { \ - if (EGET(phdr->p_offset) >= newsize) { \ - ESET(phdr->p_offset,newsize); \ - ESET(phdr->p_filesz,0); \ - } else if (EGET(phdr->p_offset) + EGET(phdr->p_filesz) > newsize) { \ - newsize -= EGET(phdr->p_offset); \ - ESET(phdr->p_filesz, newsize); \ - } \ - } \ - \ - return TRUE; \ -} \ - \ -/* commitchanges() writes the new headers back to the original file \ - * and sets the file to its new size. \ - */ \ -static int commitchanges ## CLASS (int fd, Elf ## CLASS ## _Ehdr const *ehdr, \ - Elf ## CLASS ## _Phdr *phdrs, \ - unsigned long newsize) \ -{ \ - size_t n; \ - \ - /* Save the changes to the ELF header, if any. \ - */ \ - if (lseek(fd, 0, SEEK_SET)) \ - return ferr("could not rewind file"); \ - errno = 0; \ - if (write(fd, ehdr, sizeof *ehdr) != sizeof *ehdr) \ - return err("could not modify file"); \ - \ - /* Save the changes to the program segment header table, if any. \ - */ \ - if (lseek(fd, EGET(ehdr->e_phoff), SEEK_SET) == (off_t)-1) { \ - err("could not seek in file."); \ - goto warning; \ - } \ - n = EGET(ehdr->e_phnum) * sizeof *phdrs; \ - if (write(fd, phdrs, n) != (ssize_t)n) { \ - err("could not write to file"); \ - goto warning; \ - } \ - \ - /* Eleventh-hour sanity check: don't truncate before the end of \ - * the program segment header table. \ - */ \ - if (newsize < EGET(ehdr->e_phoff) + n) \ - newsize = EGET(ehdr->e_phoff) + n; \ - \ - /* Chop off the end of the file. \ - */ \ - if (ftruncate(fd, newsize)) { \ - err("could not resize file"); \ - goto warning; \ - } \ - \ - return TRUE; \ - \ - warning: \ - return err("ELF file may have been corrupted!"); \ -} - - -/* First elements of Elf32_Ehdr and Elf64_Ehdr are common. - */ -static int readelfheaderident(int fd, Elf32_Ehdr *ehdr) -{ - errno = 0; - if (read(fd, ehdr, EI_NIDENT) != EI_NIDENT) - return ferr("missing or incomplete ELF header."); - - /* Check the ELF signature. - */ - if (!(ehdr->e_ident[EI_MAG0] == ELFMAG0 && - ehdr->e_ident[EI_MAG1] == ELFMAG1 && - ehdr->e_ident[EI_MAG2] == ELFMAG2 && - ehdr->e_ident[EI_MAG3] == ELFMAG3)) - { - err("missing ELF signature."); - return -1; - } - - /* Compare the file's class and endianness with the program's. - */ -#if __BYTE_ORDER == __LITTLE_ENDIAN - if (ehdr->e_ident[EI_DATA] == ELFDATA2LSB) { - do_reverse_endian = 0; - } else if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) { -/* fprintf(stderr, "ELF file has different endianness.\n"); */ - do_reverse_endian = 1; - } -#elif __BYTE_ORDER == __BIG_ENDIAN - if (ehdr->e_ident[EI_DATA] == ELFDATA2LSB) { -/* fprintf(stderr, "ELF file has different endianness.\n"); */ - do_reverse_endian = 1; - } else if (ehdr->e_ident[EI_DATA] == ELFDATA2MSB) { - do_reverse_endian = 0; - } -#else -#error unkown endianness -#endif - else { - err("Unsupported endianness"); - return -1; - } - - /* Check the target architecture. - */ -/* if (EGET(ehdr->e_machine) != ELF_ARCH) { */ -/* /\* return err("ELF file created for different architecture."); *\/ */ -/* fprintf(stderr, "ELF file created for different architecture.\n"); */ -/* } */ - return ehdr->e_ident[EI_CLASS]; -} - - -HEADER_FUNCTIONS(32) - -HEADER_FUNCTIONS(64) - -/* truncatezeros() examines the bytes at the end of the file's - * size-to-be, and reduces the size to exclude any trailing zero - * bytes. - */ -static int truncatezeros(int fd, unsigned long *newsize) -{ - unsigned char contents[1024]; - unsigned long size, n; - - size = *newsize; - do { - n = sizeof contents; - if (n > size) - n = size; - if (lseek(fd, size - n, SEEK_SET) == (off_t)-1) - return ferr("cannot seek in file."); - if (read(fd, contents, n) != (ssize_t)n) - return ferr("cannot read file contents"); - while (n && !contents[--n]) - --size; - } while (size && !n); - - /* Sanity check. - */ - if (!size) - return err("ELF file is completely blank!"); - - *newsize = size; - return TRUE; -} - -/* main() loops over the cmdline arguments, leaving all the real work - * to the other functions. - */ -int main(int argc, char *argv[]) -{ - int fd; - union { - Elf32_Ehdr ehdr32; - Elf64_Ehdr ehdr64; - } e; - union { - Elf32_Phdr *phdrs32; - Elf64_Phdr *phdrs64; - } p; - unsigned long newsize; - char **arg; - int failures = 0; - - if (argc < 2 || argv[1][0] == '-') { - printf("Usage: sstrip FILE...\n" - "sstrip discards all nonessential bytes from an executable.\n\n" - "Version 2.0-X Copyright (C) 2000,2001 Brian Raiter.\n" - "Cross-devel hacks Copyright (C) 2004 Manuel Novoa III.\n" - "This program is free software, licensed under the GNU\n" - "General Public License. There is absolutely no warranty.\n"); - return EXIT_SUCCESS; - } - - progname = argv[0]; - - for (arg = argv + 1 ; *arg != NULL ; ++arg) { - filename = *arg; - - fd = open(*arg, O_RDWR); - if (fd < 0) { - ferr("can't open"); - ++failures; - continue; - } - - switch (readelfheaderident(fd, &e.ehdr32)) { - case ELFCLASS32: - if (!(readelfheader32(fd, &e.ehdr32) && - readphdrtable32(fd, &e.ehdr32, &p.phdrs32) && - getmemorysize32(&e.ehdr32, p.phdrs32, &newsize) && - truncatezeros(fd, &newsize) && - modifyheaders32(&e.ehdr32, p.phdrs32, newsize) && - commitchanges32(fd, &e.ehdr32, p.phdrs32, newsize))) - ++failures; - break; - case ELFCLASS64: - if (!(readelfheader64(fd, &e.ehdr64) && - readphdrtable64(fd, &e.ehdr64, &p.phdrs64) && - getmemorysize64(&e.ehdr64, p.phdrs64, &newsize) && - truncatezeros(fd, &newsize) && - modifyheaders64(&e.ehdr64, p.phdrs64, newsize) && - commitchanges64(fd, &e.ehdr64, p.phdrs64, newsize))) - ++failures; - break; - default: - ++failures; - break; - } - close(fd); - } - - return failures ? EXIT_FAILURE : EXIT_SUCCESS; -} diff --git a/obsolete-buildroot/sources/openwrt/tools/trx.c b/obsolete-buildroot/sources/openwrt/tools/trx.c deleted file mode 100644 index f029dc5..0000000 --- a/obsolete-buildroot/sources/openwrt/tools/trx.c +++ /dev/null @@ -1,334 +0,0 @@ -/* - * Copyright (C) 2004 Manuel Novoa III <mjn3@codepoet.org> - * - * This program is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - * General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - */ - -/* July 29, 2004 - * - * This is a hacked replacement for the 'trx' utility used to create - * wrt54g .trx firmware files. It isn't pretty, but it does the job - * for me. - * - * As an extension, you can specify a larger maximum length for the - * .trx file using '-m'. It will be rounded up to be a multiple of 4K. - * NOTE: This space will be malloc()'d. - * - * August 16, 2004 - * - * Sigh... Make it endian-neutral. - * - * TODO: Support '-b' option to specify offsets for each file. - */ - -#include <stdio.h> -#include <stdlib.h> -#include <stddef.h> -#include <stdint.h> -#include <string.h> -#include <errno.h> -#include <unistd.h> -#include <endian.h> -#include <byteswap.h> - -#if __BYTE_ORDER == __BIG_ENDIAN -#define STORE32_LE(X) bswap_32(X) -#elif __BYTE_ORDER == __LITTLE_ENDIAN -#define STORE32_LE(X) (X) -#else -#error unkown endianness! -#endif - -uint32_t crc32buf(char *buf, size_t len); - -/**********************************************************************/ -/* from trxhdr.h */ - -#define TRX_MAGIC 0x30524448 /* "HDR0" */ -#define TRX_VERSION 1 -#define TRX_MAX_LEN 0x3A0000 -#define TRX_NO_HEADER 1 /* Do not write TRX header */ - -struct trx_header { - uint32_t magic; /* "HDR0" */ - uint32_t len; /* Length of file including header */ - uint32_t crc32; /* 32-bit CRC from flag_version to end of file */ - uint32_t flag_version; /* 0:15 flags, 16:31 version */ - uint32_t offsets[3]; /* Offsets of partitions from start of header */ -}; - -/**********************************************************************/ - -void usage(void) __attribute__ (( __noreturn__ )); - -void usage(void) -{ - fprintf(stderr, "Usage: trx [-o outfile] [-m maxlen] file [file [file]]\n"); - exit(EXIT_FAILURE); -} - -int main(int argc, char **argv) -{ - FILE *out = stdout; - FILE *in; - char *ofn = NULL; - char *buf; - char *e; - int c, i; - size_t n; - uint32_t cur_len; - unsigned long maxlen = TRX_MAX_LEN; - struct trx_header *p; - - fprintf(stderr, "mjn3's trx replacement - v0.81\n"); - - while ((c = getopt(argc, argv, "o:m:")) != -1) { - switch (c) { - case 'o': - ofn = optarg; - break; - case 'm': - errno = 0; - maxlen = strtoul(optarg, &e, 0); - if (errno || (e == optarg) || *e) { - fprintf(stderr, "illegal numeric string\n"); - usage(); - } -#undef ROUND -#define ROUND 0x1000 - if (maxlen & (ROUND-1)) { - maxlen += (ROUND - (maxlen & (ROUND-1))); - } - if (maxlen < ROUND) { - fprintf(stderr, "maxlen too small (or wrapped)\n"); - usage(); - } - break; - default: - usage(); - } - } - - if (ofn && !(out = fopen(ofn, "w"))) { - fprintf(stderr, "can not open \"%s\" for writing\n", ofn); - usage(); - } - - if (optind == argc) { - fprintf(stderr, "we require at least one arg\n"); - usage(); - } - - if (argc - optind > 3) { - fprintf(stderr, "too many args: %d > 3\n", argc - optind); - usage(); - } - - if (maxlen > TRX_MAX_LEN) { - fprintf(stderr, "WARNING: maxlen exceeds default maximum! Beware of overwriting nvram!\n"); - } - - if (!(buf = malloc(maxlen))) { - fprintf(stderr, "malloc failed\n"); - return EXIT_FAILURE; - } - - p = (struct trx_header *) buf; - - p->magic = STORE32_LE(TRX_MAGIC); - cur_len = sizeof(struct trx_header); - p->flag_version = STORE32_LE((TRX_VERSION << 16)); - - i = 0; - - while (optind < argc) { - p->offsets[i++] = STORE32_LE(cur_len); - - if (!(in = fopen(argv[optind], "r"))) { - fprintf(stderr, "can not open \"%s\" for reading\n", argv[optind]); - usage(); - } - - n = fread(buf + cur_len, 1, maxlen - cur_len, in); - if (!feof(in)) { - fprintf(stderr, "fread failure or file \"%s\" too large\n", - argv[optind]); - fclose(in); - return EXIT_FAILURE; - } - - fclose(in); - - ++optind; - - if (optind < argc) { -#undef ROUND -#define ROUND 4 - if (n & (ROUND-1)) { - memset(buf + cur_len + n, 0, ROUND - (n & (ROUND-1))); - n += ROUND - (n & (ROUND-1)); - } - } - - cur_len += n; - } - -#undef ROUND -#define ROUND 0x1000 - n = cur_len & (ROUND-1); - if (n) { - memset(buf + cur_len, 0, ROUND - n); - cur_len += ROUND - n; - } - - p->crc32 = crc32buf((char *) &p->flag_version, - cur_len - offsetof(struct trx_header, flag_version)); - p->crc32 = STORE32_LE(p->crc32); - - p->len = STORE32_LE(cur_len); - - if (!fwrite(buf, cur_len, 1, out) || fflush(out)) { - fprintf(stderr, "fwrite failed\n"); - return EXIT_FAILURE; - } - - fclose(out); - - return EXIT_SUCCESS; -} - -/**********************************************************************/ -/* The following was grabbed and tweaked from the old snippets collection - * of public domain C code. */ - -/**********************************************************************\ -|* Demonstration program to compute the 32-bit CRC used as the frame *| -|* check sequence in ADCCP (ANSI X3.66, also known as FIPS PUB 71 *| -|* and FED-STD-1003, the U.S. versions of CCITT's X.25 link-level *| -|* protocol). The 32-bit FCS was added via the Federal Register, *| -|* 1 June 1982, p.23798. I presume but don't know for certain that *| -|* this polynomial is or will be included in CCITT V.41, which *| -|* defines the 16-bit CRC (often called CRC-CCITT) polynomial. FIPS *| -|* PUB 78 says that the 32-bit FCS reduces otherwise undetected *| -|* errors by a factor of 10^-5 over 16-bit FCS. *| -\**********************************************************************/ - -/* Copyright (C) 1986 Gary S. Brown. You may use this program, or - code or tables extracted from it, as desired without restriction.*/ - -/* First, the polynomial itself and its table of feedback terms. The */ -/* polynomial is */ -/* X^32+X^26+X^23+X^22+X^16+X^12+X^11+X^10+X^8+X^7+X^5+X^4+X^2+X^1+X^0 */ -/* Note that we take it "backwards" and put the highest-order term in */ -/* the lowest-order bit. The X^32 term is "implied"; the LSB is the */ -/* X^31 term, etc. The X^0 term (usually shown as "+1") results in */ -/* the MSB being 1. */ - -/* Note that the usual hardware shift register implementation, which */ -/* is what we're using (we're merely optimizing it by doing eight-bit */ -/* chunks at a time) shifts bits into the lowest-order term. In our */ -/* implementation, that means shifting towards the right. Why do we */ -/* do it this way? Because the calculated CRC must be transmitted in */ -/* order from highest-order term to lowest-order term. UARTs transmit */ -/* characters in order from LSB to MSB. By storing the CRC this way, */ -/* we hand it to the UART in the order low-byte to high-byte; the UART */ -/* sends each low-bit to hight-bit; and the result is transmission bit */ -/* by bit from highest- to lowest-order term without requiring any bit */ -/* shuffling on our part. Reception works similarly. */ - -/* The feedback terms table consists of 256, 32-bit entries. Notes: */ -/* */ -/* 1. The table can be generated at runtime if desired; code to do so */ -/* is shown later. It might not be obvious, but the feedback */ -/* terms simply represent the results of eight shift/xor opera- */ -/* tions for all combinations of data and CRC register values. */ -/* */ -/* 2. The CRC accumulation logic is the same for all CRC polynomials, */ -/* be they sixteen or thirty-two bits wide. You simply choose the */ -/* appropriate table. Alternatively, because the table can be */ -/* generated at runtime, you can start by generating the table for */ -/* the polynomial in question and use exactly the same "updcrc", */ -/* if your application needn't simultaneously handle two CRC */ -/* polynomials. (Note, however, that XMODEM is strange.) */ -/* */ -/* 3. For 16-bit CRCs, the table entries need be only 16 bits wide; */ -/* of course, 32-bit entries work OK if the high 16 bits are zero. */ -/* */ -/* 4. The values must be right-shifted by eight bits by the "updcrc" */ -/* logic; the shift must be unsigned (bring in zeroes). On some */ -/* hardware you could probably optimize the shift in assembler by */ -/* using byte-swap instructions. */ - -static const uint32_t crc_32_tab[] = { /* CRC polynomial 0xedb88320 */ -0x00000000, 0x77073096, 0xee0e612c, 0x990951ba, 0x076dc419, 0x706af48f, -0xe963a535, 0x9e6495a3, 0x0edb8832, 0x79dcb8a4, 0xe0d5e91e, 0x97d2d988, -0x09b64c2b, 0x7eb17cbd, 0xe7b82d07, 0x90bf1d91, 0x1db71064, 0x6ab020f2, -0xf3b97148, 0x84be41de, 0x1adad47d, 0x6ddde4eb, 0xf4d4b551, 0x83d385c7, -0x136c9856, 0x646ba8c0, 0xfd62f97a, 0x8a65c9ec, 0x14015c4f, 0x63066cd9, -0xfa0f3d63, 0x8d080df5, 0x3b6e20c8, 0x4c69105e, 0xd56041e4, 0xa2677172, -0x3c03e4d1, 0x4b04d447, 0xd20d85fd, 0xa50ab56b, 0x35b5a8fa, 0x42b2986c, -0xdbbbc9d6, 0xacbcf940, 0x32d86ce3, 0x45df5c75, 0xdcd60dcf, 0xabd13d59, -0x26d930ac, 0x51de003a, 0xc8d75180, 0xbfd06116, 0x21b4f4b5, 0x56b3c423, -0xcfba9599, 0xb8bda50f, 0x2802b89e, 0x5f058808, 0xc60cd9b2, 0xb10be924, -0x2f6f7c87, 0x58684c11, 0xc1611dab, 0xb6662d3d, 0x76dc4190, 0x01db7106, -0x98d220bc, 0xefd5102a, 0x71b18589, 0x06b6b51f, 0x9fbfe4a5, 0xe8b8d433, -0x7807c9a2, 0x0f00f934, 0x9609a88e, 0xe10e9818, 0x7f6a0dbb, 0x086d3d2d, -0x91646c97, 0xe6635c01, 0x6b6b51f4, 0x1c6c6162, 0x856530d8, 0xf262004e, -0x6c0695ed, 0x1b01a57b, 0x8208f4c1, 0xf50fc457, 0x65b0d9c6, 0x12b7e950, -0x8bbeb8ea, 0xfcb9887c, 0x62dd1ddf, 0x15da2d49, 0x8cd37cf3, 0xfbd44c65, -0x4db26158, 0x3ab551ce, 0xa3bc0074, 0xd4bb30e2, 0x4adfa541, 0x3dd895d7, -0xa4d1c46d, 0xd3d6f4fb, 0x4369e96a, 0x346ed9fc, 0xad678846, 0xda60b8d0, -0x44042d73, 0x33031de5, 0xaa0a4c5f, 0xdd0d7cc9, 0x5005713c, 0x270241aa, -0xbe0b1010, 0xc90c2086, 0x5768b525, 0x206f85b3, 0xb966d409, 0xce61e49f, -0x5edef90e, 0x29d9c998, 0xb0d09822, 0xc7d7a8b4, 0x59b33d17, 0x2eb40d81, -0xb7bd5c3b, 0xc0ba6cad, 0xedb88320, 0x9abfb3b6, 0x03b6e20c, 0x74b1d29a, -0xead54739, 0x9dd277af, 0x04db2615, 0x73dc1683, 0xe3630b12, 0x94643b84, -0x0d6d6a3e, 0x7a6a5aa8, 0xe40ecf0b, 0x9309ff9d, 0x0a00ae27, 0x7d079eb1, -0xf00f9344, 0x8708a3d2, 0x1e01f268, 0x6906c2fe, 0xf762575d, 0x806567cb, -0x196c3671, 0x6e6b06e7, 0xfed41b76, 0x89d32be0, 0x10da7a5a, 0x67dd4acc, -0xf9b9df6f, 0x8ebeeff9, 0x17b7be43, 0x60b08ed5, 0xd6d6a3e8, 0xa1d1937e, -0x38d8c2c4, 0x4fdff252, 0xd1bb67f1, 0xa6bc5767, 0x3fb506dd, 0x48b2364b, -0xd80d2bda, 0xaf0a1b4c, 0x36034af6, 0x41047a60, 0xdf60efc3, 0xa867df55, -0x316e8eef, 0x4669be79, 0xcb61b38c, 0xbc66831a, 0x256fd2a0, 0x5268e236, -0xcc0c7795, 0xbb0b4703, 0x220216b9, 0x5505262f, 0xc5ba3bbe, 0xb2bd0b28, -0x2bb45a92, 0x5cb36a04, 0xc2d7ffa7, 0xb5d0cf31, 0x2cd99e8b, 0x5bdeae1d, -0x9b64c2b0, 0xec63f226, 0x756aa39c, 0x026d930a, 0x9c0906a9, 0xeb0e363f, -0x72076785, 0x05005713, 0x95bf4a82, 0xe2b87a14, 0x7bb12bae, 0x0cb61b38, -0x92d28e9b, 0xe5d5be0d, 0x7cdcefb7, 0x0bdbdf21, 0x86d3d2d4, 0xf1d4e242, -0x68ddb3f8, 0x1fda836e, 0x81be16cd, 0xf6b9265b, 0x6fb077e1, 0x18b74777, -0x88085ae6, 0xff0f6a70, 0x66063bca, 0x11010b5c, 0x8f659eff, 0xf862ae69, -0x616bffd3, 0x166ccf45, 0xa00ae278, 0xd70dd2ee, 0x4e048354, 0x3903b3c2, -0xa7672661, 0xd06016f7, 0x4969474d, 0x3e6e77db, 0xaed16a4a, 0xd9d65adc, -0x40df0b66, 0x37d83bf0, 0xa9bcae53, 0xdebb9ec5, 0x47b2cf7f, 0x30b5ffe9, -0xbdbdf21c, 0xcabac28a, 0x53b39330, 0x24b4a3a6, 0xbad03605, 0xcdd70693, -0x54de5729, 0x23d967bf, 0xb3667a2e, 0xc4614ab8, 0x5d681b02, 0x2a6f2b94, -0xb40bbe37, 0xc30c8ea1, 0x5a05df1b, 0x2d02ef8d -}; - -#define UPDC32(octet,crc) (crc_32_tab[((crc) ^ (octet)) & 0xff] ^ ((crc) >> 8)) - -uint32_t crc32buf(char *buf, size_t len) -{ - uint32_t crc; - - crc = 0xFFFFFFFF; - - for ( ; len; --len, ++buf) - { - crc = UPDC32(*buf, crc); - } - - return crc; -} |