diff options
Diffstat (limited to 'target/linux/linux-2.4/patches/generic/111-netfilter_NETMAP.patch')
-rw-r--r-- | target/linux/linux-2.4/patches/generic/111-netfilter_NETMAP.patch | 159 |
1 files changed, 0 insertions, 159 deletions
diff --git a/target/linux/linux-2.4/patches/generic/111-netfilter_NETMAP.patch b/target/linux/linux-2.4/patches/generic/111-netfilter_NETMAP.patch deleted file mode 100644 index ccd639181e..0000000000 --- a/target/linux/linux-2.4/patches/generic/111-netfilter_NETMAP.patch +++ /dev/null @@ -1,159 +0,0 @@ -diff -urN linux-2.4.30.orig/Documentation/Configure.help linux-2.4.30/Documentation/Configure.help ---- linux-2.4.30.orig/Documentation/Configure.help 2005-07-01 02:06:36.000000000 +0200 -+++ linux-2.4.30/Documentation/Configure.help 2005-07-01 00:41:09.000000000 +0200 -@@ -3086,6 +3086,17 @@ - If you want to compile it as a module, say M here and read - <file:Documentation/modules.txt>. If unsure, say `N'. - -+NETMAP target support -+CONFIG_IP_NF_TARGET_NETMAP -+ NETMAP is an implementation of static 1:1 NAT mapping of network -+ addresses. It maps the network address part, while keeping the -+ host address part intact. It is similar to Fast NAT, except that -+ Netfilter's connection tracking doesn't work well with Fast NAT. -+ -+ If you want to compile it as a module, say M here and read -+ Documentation/modules.txt. The module will be called -+ ipt_NETMAP.o. If unsure, say `N'. -+ - Packet mangling - CONFIG_IP_NF_MANGLE - This option adds a `mangle' table to iptables: see the man page for -diff -urN linux-2.4.30.orig/net/ipv4/netfilter/Config.in linux-2.4.30/net/ipv4/netfilter/Config.in ---- linux-2.4.30.orig/net/ipv4/netfilter/Config.in 2005-07-01 02:06:35.000000000 +0200 -+++ linux-2.4.30/net/ipv4/netfilter/Config.in 2005-07-01 00:41:09.000000000 +0200 -@@ -69,6 +69,7 @@ - define_bool CONFIG_IP_NF_NAT_NEEDED y - dep_tristate ' MASQUERADE target support' CONFIG_IP_NF_TARGET_MASQUERADE $CONFIG_IP_NF_NAT - dep_tristate ' REDIRECT target support' CONFIG_IP_NF_TARGET_REDIRECT $CONFIG_IP_NF_NAT -+ dep_tristate ' NETMAP target support' CONFIG_IP_NF_TARGET_NETMAP $CONFIG_IP_NF_NAT - if [ "$CONFIG_IP_NF_PPTP" = "m" ]; then - define_tristate CONFIG_IP_NF_NAT_PPTP m - else -diff -urN linux-2.4.30.orig/net/ipv4/netfilter/ipt_NETMAP.c linux-2.4.30/net/ipv4/netfilter/ipt_NETMAP.c ---- linux-2.4.30.orig/net/ipv4/netfilter/ipt_NETMAP.c 1970-01-01 01:00:00.000000000 +0100 -+++ linux-2.4.30/net/ipv4/netfilter/ipt_NETMAP.c 2005-07-01 00:41:09.000000000 +0200 -@@ -0,0 +1,112 @@ -+/* NETMAP - static NAT mapping of IP network addresses (1:1). -+ The mapping can be applied to source (POSTROUTING), -+ destination (PREROUTING), or both (with separate rules). -+ -+ Author: Svenning Soerensen <svenning@post5.tele.dk> -+*/ -+ -+#include <linux/config.h> -+#include <linux/ip.h> -+#include <linux/module.h> -+#include <linux/netdevice.h> -+#include <linux/netfilter.h> -+#include <linux/netfilter_ipv4.h> -+#include <linux/netfilter_ipv4/ip_nat_rule.h> -+ -+#define MODULENAME "NETMAP" -+MODULE_LICENSE("GPL"); -+MODULE_AUTHOR("Svenning Soerensen <svenning@post5.tele.dk>"); -+MODULE_DESCRIPTION("iptables 1:1 NAT mapping of IP networks target"); -+ -+#if 0 -+#define DEBUGP printk -+#else -+#define DEBUGP(format, args...) -+#endif -+ -+static int -+check(const char *tablename, -+ const struct ipt_entry *e, -+ void *targinfo, -+ unsigned int targinfosize, -+ unsigned int hook_mask) -+{ -+ const struct ip_nat_multi_range *mr = targinfo; -+ -+ if (strcmp(tablename, "nat") != 0) { -+ DEBUGP(MODULENAME":check: bad table `%s'.\n", tablename); -+ return 0; -+ } -+ if (targinfosize != IPT_ALIGN(sizeof(*mr))) { -+ DEBUGP(MODULENAME":check: size %u.\n", targinfosize); -+ return 0; -+ } -+ if (hook_mask & ~((1 << NF_IP_PRE_ROUTING) | (1 << NF_IP_POST_ROUTING))) { -+ DEBUGP(MODULENAME":check: bad hooks %x.\n", hook_mask); -+ return 0; -+ } -+ if (!(mr->range[0].flags & IP_NAT_RANGE_MAP_IPS)) { -+ DEBUGP(MODULENAME":check: bad MAP_IPS.\n"); -+ return 0; -+ } -+ if (mr->rangesize != 1) { -+ DEBUGP(MODULENAME":check: bad rangesize %u.\n", mr->rangesize); -+ return 0; -+ } -+ return 1; -+} -+ -+static unsigned int -+target(struct sk_buff **pskb, -+ unsigned int hooknum, -+ const struct net_device *in, -+ const struct net_device *out, -+ const void *targinfo, -+ void *userinfo) -+{ -+ struct ip_conntrack *ct; -+ enum ip_conntrack_info ctinfo; -+ u_int32_t new_ip, netmask; -+ const struct ip_nat_multi_range *mr = targinfo; -+ struct ip_nat_multi_range newrange; -+ -+ IP_NF_ASSERT(hooknum == NF_IP_PRE_ROUTING -+ || hooknum == NF_IP_POST_ROUTING); -+ ct = ip_conntrack_get(*pskb, &ctinfo); -+ -+ netmask = ~(mr->range[0].min_ip ^ mr->range[0].max_ip); -+ -+ if (hooknum == NF_IP_PRE_ROUTING) -+ new_ip = (*pskb)->nh.iph->daddr & ~netmask; -+ else -+ new_ip = (*pskb)->nh.iph->saddr & ~netmask; -+ new_ip |= mr->range[0].min_ip & netmask; -+ -+ newrange = ((struct ip_nat_multi_range) -+ { 1, { { mr->range[0].flags | IP_NAT_RANGE_MAP_IPS, -+ new_ip, new_ip, -+ mr->range[0].min, mr->range[0].max } } }); -+ -+ /* Hand modified range to generic setup. */ -+ return ip_nat_setup_info(ct, &newrange, hooknum); -+} -+ -+static struct ipt_target target_module = { -+ .name = MODULENAME, -+ .target = target, -+ .checkentry = check, -+ .me = THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ return ipt_register_target(&target_module); -+} -+ -+static void __exit fini(void) -+{ -+ ipt_unregister_target(&target_module); -+} -+ -+module_init(init); -+module_exit(fini); -diff -urN linux-2.4.30.orig/net/ipv4/netfilter/Makefile linux-2.4.30/net/ipv4/netfilter/Makefile ---- linux-2.4.30.orig/net/ipv4/netfilter/Makefile 2005-07-01 02:06:35.000000000 +0200 -+++ linux-2.4.30/net/ipv4/netfilter/Makefile 2005-07-01 00:41:09.000000000 +0200 -@@ -110,6 +110,7 @@ - obj-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK.o - obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o - obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o -+obj-$(CONFIG_IP_NF_TARGET_NETMAP) += ipt_NETMAP.o - obj-$(CONFIG_IP_NF_NAT_SNMP_BASIC) += ip_nat_snmp_basic.o - obj-$(CONFIG_IP_NF_TARGET_LOG) += ipt_LOG.o - obj-$(CONFIG_IP_NF_TARGET_TTL) += ipt_TTL.o |