summaryrefslogtreecommitdiffstats
path: root/kernel/patches/incremental-patches/ebtables-v2.0_vs_2.4.18.pre7.001.diff
diff options
context:
space:
mode:
Diffstat (limited to 'kernel/patches/incremental-patches/ebtables-v2.0_vs_2.4.18.pre7.001.diff')
-rw-r--r--kernel/patches/incremental-patches/ebtables-v2.0_vs_2.4.18.pre7.001.diff172
1 files changed, 172 insertions, 0 deletions
diff --git a/kernel/patches/incremental-patches/ebtables-v2.0_vs_2.4.18.pre7.001.diff b/kernel/patches/incremental-patches/ebtables-v2.0_vs_2.4.18.pre7.001.diff
new file mode 100644
index 0000000..edfe983
--- /dev/null
+++ b/kernel/patches/incremental-patches/ebtables-v2.0_vs_2.4.18.pre7.001.diff
@@ -0,0 +1,172 @@
+diff -Naur linux-2.4.18-br-nf-ebt/include/linux/netfilter_bridge/ebt_vlan.h linux/include/linux/netfilter_bridge/ebt_vlan.h
+--- linux-2.4.18-br-nf-ebt/include/linux/netfilter_bridge/ebt_vlan.h Thu Jan 1 03:00:00 1970
++++ linux/include/linux/netfilter_bridge/ebt_vlan.h Tue May 21 21:04:15 2002
+@@ -0,0 +1,18 @@
++#ifndef __LINUX_BRIDGE_EBT_VLAN_H
++#define __LINUX_BRIDGE_EBT_VLAN_H
++
++#define EBT_VLAN_ID 0x01
++#define EBT_VLAN_PRIO 0x02
++#define EBT_VLAN_MASK (EBT_VLAN_ID | EBT_VLAN_PRIO)
++#define EBT_VLAN_MATCH "vlan"
++
++struct ebt_vlan_info {
++ __u16 id; /* VLAN ID {1-4095} */
++ __u16 prio; /* VLAN Priority {0-7} */
++ __u8 bitmask; /* Args bitmask bit 1=1 - ID arg,
++ bit 2=1 - Pirority arg */
++ __u8 invflags; /* Inverse bitmask bit 1=1 - inversed ID arg,
++ bit 2=1 - inversed Pirority arg */
++};
++
++#endif
+diff -Naur linux-2.4.18-br-nf-ebt/net/bridge/netfilter/Config.in linux/net/bridge/netfilter/Config.in
+--- linux-2.4.18-br-nf-ebt/net/bridge/netfilter/Config.in Tue May 28 19:20:41 2002
++++ linux/net/bridge/netfilter/Config.in Tue May 28 19:22:22 2002
+@@ -8,6 +8,7 @@
+ dep_tristate ' ebt: LOG support' CONFIG_BRIDGE_EBT_LOG $CONFIG_BRIDGE_EBT
+ dep_tristate ' ebt: IP filter support' CONFIG_BRIDGE_EBT_IPF $CONFIG_BRIDGE_EBT
+ dep_tristate ' ebt: ARP filter support' CONFIG_BRIDGE_EBT_ARPF $CONFIG_BRIDGE_EBT
++dep_tristate ' ebt: 802.1Q VLAN filter support (EXPERIMENTAL)' CONFIG_BRIDGE_EBT_VLANF $CONFIG_BRIDGE_EBT
+ dep_tristate ' ebt: nat target support' CONFIG_BRIDGE_EBT_NAT $CONFIG_BRIDGE_EBT
+ dep_tristate ' ebt: redirect target support' CONFIG_BRIDGE_EBT_REDIRECT $CONFIG_BRIDGE_EBT
+ dep_tristate ' Bridge: ethernet database' CONFIG_BRIDGE_DB $CONFIG_BRIDGE
+diff -Naur linux-2.4.18-br-nf-ebt/net/bridge/netfilter/Makefile linux/net/bridge/netfilter/Makefile
+--- linux-2.4.18-br-nf-ebt/net/bridge/netfilter/Makefile Tue May 28 19:20:41 2002
++++ linux/net/bridge/netfilter/Makefile Thu May 30 11:21:10 2002
+@@ -18,6 +18,7 @@
+ obj-$(CONFIG_BRIDGE_DB) += br_db.o
+ obj-$(CONFIG_BRIDGE_EBT_IPF) += ebt_ip.o
+ obj-$(CONFIG_BRIDGE_EBT_ARPF) += ebt_arp.o
++obj-$(CONFIG_BRIDGE_EBT_VLANF) += ebt_vlan.o
+ obj-$(CONFIG_BRIDGE_EBT_LOG) += ebt_log.o
+ obj-$(CONFIG_BRIDGE_EBT_NAT) += ebt_nat.o
+ obj-$(CONFIG_BRIDGE_EBT_REDIRECT) += ebt_redirect.o
+diff -Naur linux-2.4.18-br-nf-ebt/net/bridge/netfilter/ebt_vlan.c linux/net/bridge/netfilter/ebt_vlan.c
+--- linux-2.4.18-br-nf-ebt/net/bridge/netfilter/ebt_vlan.c Thu Jan 1 03:00:00 1970
++++ linux/net/bridge/netfilter/ebt_vlan.c Wed May 29 11:48:38 2002
+@@ -0,0 +1,124 @@
++/*
++ * ebt_vlan kernelspace
++ *
++ * Authors:
++ * Bart De Schuymer <bart.de.schuymer@pandora.be>
++ * Nick Fedchik <nick@fedchik.org.ua>
++ *
++ * May, 2002
++ */
++
++#include <linux/netfilter_bridge/ebtables.h>
++#include <linux/netfilter_bridge/ebt_vlan.h>
++#include <linux/if_vlan.h>
++#include <linux/if_ether.h>
++#include <linux/module.h>
++
++static unsigned char debug;
++MODULE_PARM (debug, "0-1b");
++MODULE_PARM_DESC (debug, "debug=1 is turn on debug messages");
++
++static int ebt_filter_vlan (const struct sk_buff *skb,
++ const struct net_device *in,
++ const struct net_device *out,
++ const void *data,
++ unsigned int datalen,
++ const struct ebt_counter *c)
++{
++ struct ebt_vlan_info *infostuff = (struct ebt_vlan_info *) data;
++ struct vlan_ethhdr *vlanethhdr =
++ (struct vlan_ethhdr *) skb->mac.raw;
++ unsigned short v_id;
++ unsigned short v_prio;
++
++ /*
++ * Calculate 802.1Q VLAN ID and Priority
++ * Reserved one bit (13) for CFI
++ */
++ v_id = ntohs ((unsigned short) vlanethhdr->h_vlan_TCI) & 0xFFF;
++ v_prio = ntohs ((unsigned short) vlanethhdr->h_vlan_TCI) >> 13;
++
++ /*
++ * Checking VLANs
++ */
++ if (infostuff->bitmask & EBT_VLAN_ID) { /* Is VLAN ID parsed? */
++ if (!((infostuff->id == v_id)
++ ^ !!(infostuff->invflags & EBT_VLAN_ID)))
++ return 1;
++ if (debug)
++ printk (KERN_DEBUG
++ "ebt_vlan: matched ID=%s%d (mask=%X)\n",
++ (infostuff->invflags & EBT_VLAN_ID) ? "!" : "",
++ infostuff->id,
++ (unsigned char) infostuff->bitmask);
++ }
++ /*
++ * Checking Priority
++ */
++ if (infostuff->bitmask & EBT_VLAN_PRIO) { /* Is VLAN Prio parsed? */
++ if (!( (infostuff->prio == v_prio)
++ ^ !!(infostuff->invflags & EBT_VLAN_PRIO)))
++ return 1; /* missed */
++ if (debug)
++ printk (KERN_DEBUG
++ "ebt_vlan: matched Prio=%s%d (mask=%X)\n",
++ (infostuff->invflags & EBT_VLAN_PRIO) ? "!" : "",
++ infostuff->prio,
++ (unsigned char) infostuff->bitmask);
++ }
++ /*
++ * rule matched
++ */
++ return 0;
++}
++
++/*
++ * ebt_vlan_check() is called when userspace delivers the table to the kernel,
++ * * it is called to check that userspace doesn't give a bad table.
++ */
++static int ebt_vlan_check (const char *tablename, unsigned int hooknr,
++ const struct ebt_entry *e, void *data,
++ unsigned int datalen)
++{
++ struct ebt_vlan_info *infostuff = (struct ebt_vlan_info *) data;
++
++ if (datalen != sizeof (struct ebt_vlan_info))
++ return -EINVAL;
++
++ if (e->ethproto != __constant_htons (ETH_P_8021Q))
++ return -EINVAL;
++
++ if (infostuff->bitmask & ~EBT_VLAN_MASK) {
++ return -EINVAL;
++ }
++
++ return 0;
++}
++
++static struct ebt_match filter_vlan = {
++ {NULL, NULL}, EBT_VLAN_MATCH, ebt_filter_vlan, ebt_vlan_check,
++ NULL,
++ THIS_MODULE
++};
++
++static int __init init (void)
++{
++ printk (KERN_INFO
++ "ebt_vlan: 802.1Q VLAN matching module for EBTables\n");
++ if (debug)
++ printk (KERN_DEBUG
++ "ebt_vlan: 802.1Q matching debug is on\n");
++ return ebt_register_match (&filter_vlan);
++}
++
++static void __exit fini (void)
++{
++ ebt_unregister_match (&filter_vlan);
++}
++
++module_init (init);
++module_exit (fini);
++EXPORT_NO_SYMBOLS;
++MODULE_AUTHOR ("Nick Fedchik <nick@fedchik.org.ua>");
++MODULE_DESCRIPTION ("802.1Q VLAN matching module for ebtables, v0.1");
++MODULE_LICENSE ("GPL");