diff options
Diffstat (limited to 'plain-2.4.0-to-ulog2.diff')
| -rw-r--r-- | plain-2.4.0-to-ulog2.diff | 263 |
1 files changed, 0 insertions, 263 deletions
diff --git a/plain-2.4.0-to-ulog2.diff b/plain-2.4.0-to-ulog2.diff deleted file mode 100644 index ab858ea..0000000 --- a/plain-2.4.0-to-ulog2.diff +++ /dev/null @@ -1,263 +0,0 @@ -diff -Nru linux-2.4.0-test4-plain/Documentation/Configure.help linux-2.4.0-test4-work/Documentation/Configure.help ---- linux-2.4.0-test4-plain/Documentation/Configure.help Thu Jul 13 18:42:51 2000 -+++ linux-2.4.0-test4-work/Documentation/Configure.help Mon Jul 31 17:23:30 2000 -@@ -2010,6 +2010,16 @@ - If you want to compile it as a module, say M here and read - Documentation/modules.txt. If unsure, say `N'. - -+ULOG target support -+CONFIG_IP_NF_TARGET_ULOG -+ This option adds a `ULOG' target, which allows you to create rules in -+ any iptables table. The packet is passed to a userspace logging -+ daemon using netlink multicast sockets; unlike the LOG target -+ which can only be viewed through syslog. -+ -+ If you want to compile it as a module, say M here and read -+ Documentation/modules.txt. If unsure, say `N'. -+ - ipchains (2.2-style) support - CONFIG_IP_NF_COMPAT_IPCHAINS - This option places ipchains (with masquerading and redirection -diff -Nru linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h ---- linux-2.4.0-test4-plain/include/linux/netfilter_ipv4/ipt_ULOG.h Thu Jan 1 01:00:00 1970 -+++ linux-2.4.0-test4-work/include/linux/netfilter_ipv4/ipt_ULOG.h Mon Jul 31 17:23:31 2000 -@@ -0,0 +1,29 @@ -+#ifndef _IPT_ULOG_H -+#define _IPT_ULOG_H -+ -+#define ULOG_MAC_LEN 80 -+#define ULOG_PREFIX_LEN 32 -+ -+struct ipt_ulog_info -+{ -+ unsigned int nl_group; -+ size_t copy_range; -+ char prefix[ULOG_PREFIX_LEN]; -+}; -+ -+typedef struct ulog_packet_msg -+{ -+ unsigned long mark; -+ long timestamp_sec; -+ long timestamp_usec; -+ unsigned int hook; -+ char indev_name[IFNAMSIZ]; -+ char outdev_name[IFNAMSIZ]; -+ size_t data_len; -+ char prefix[ULOG_PREFIX_LEN]; -+ unsigned char mac_len; -+ unsigned char mac[ULOG_MAC_LEN]; -+ unsigned char payload[0]; -+} ulog_packet_msg_t; -+ -+#endif /*_IPT_ULOG_H*/ -diff -Nru linux-2.4.0-test4-plain/include/linux/netlink.h linux-2.4.0-test4-work/include/linux/netlink.h ---- linux-2.4.0-test4-plain/include/linux/netlink.h Fri Aug 28 04:33:08 1998 -+++ linux-2.4.0-test4-work/include/linux/netlink.h Mon Jul 31 17:23:30 2000 -@@ -5,6 +5,7 @@ - #define NETLINK_SKIP 1 /* Reserved for ENskip */ - #define NETLINK_USERSOCK 2 /* Reserved for user mode socket protocols */ - #define NETLINK_FIREWALL 3 /* Firewalling hook */ -+#define NETLINK_NFLOG 4 /* Firewall logging */ - #define NETLINK_ARPD 8 - #define NETLINK_ROUTE6 11 /* af_inet6 route comm channel */ - #define NETLINK_IP6_FW 13 -diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in ---- linux-2.4.0-test4-plain/net/ipv4/netfilter/Config.in Mon Mar 27 20:35:56 2000 -+++ linux-2.4.0-test4-work/net/ipv4/netfilter/Config.in Mon Jul 31 17:23:30 2000 -@@ -51,6 +51,7 @@ - dep_tristate ' MARK target support' CONFIG_IP_NF_TARGET_MARK $CONFIG_IP_NF_MANGLE - fi - dep_tristate ' LOG target support' CONFIG_IP_NF_TARGET_LOG $CONFIG_IP_NF_IPTABLES -+ dep_tristate ' ULOG target support' CONFIG_IP_NF_TARGET_ULOG $CONFIG_IP_NF_IPTABLES - fi - - # Backwards compatibility modules: only if you don't build in the others. -diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile ---- linux-2.4.0-test4-plain/net/ipv4/netfilter/Makefile Mon Mar 27 20:35:56 2000 -+++ linux-2.4.0-test4-work/net/ipv4/netfilter/Makefile Mon Jul 31 17:23:30 2000 -@@ -197,6 +197,14 @@ - endif - endif - -+ifeq ($(CONFIG_IP_NF_TARGET_ULOG),y) -+O_OBJS += ipt_ULOG.o -+else -+ ifeq ($(CONFIG_IP_NF_TARGET_ULOG),m) -+ M_OBJS += ipt_ULOG.o -+ endif -+endif -+ - ifeq ($(CONFIG_IP_NF_COMPAT_IPCHAINS),y) - O_OBJS += ipchains_core.o $(IP_NF_COMPAT_LAYER) - else -diff -Nru linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c ---- linux-2.4.0-test4-plain/net/ipv4/netfilter/ipt_ULOG.c Thu Jan 1 01:00:00 1970 -+++ linux-2.4.0-test4-work/net/ipv4/netfilter/ipt_ULOG.c Mon Jul 31 17:23:31 2000 -@@ -0,0 +1,166 @@ -+/* -+ * netfilter module for userspace packet logging daemons -+ * -+ * (C) 2000 by Harald Welte <laforge@sunbeam.franken.de> -+ * -+ * Released under the terms of the GPL -+ * -+ * ipt_ULOG.c,v 1.4 2000/07/31 11:41:06 laforge Exp -+ */ -+ -+#include <linux/module.h> -+#include <linux/version.h> -+#include <linux/config.h> -+#include <linux/socket.h> -+#include <linux/skbuff.h> -+#include <linux/kernel.h> -+#include <linux/netlink.h> -+#include <linux/netdevice.h> -+#include <linux/mm.h> -+#include <linux/socket.h> -+#include <linux/netfilter_ipv4/ip_tables.h> -+#include <linux/netfilter_ipv4/ipt_ULOG.h> -+#include <net/sock.h> -+ -+#define ULOG_NL_EVENT 111 /* Harald's favorite number */ -+ -+#if 0 -+#define DEBUGP printk -+#else -+#define DEBUGP(format, args...) -+#endif -+ -+static struct sock *nflognl; -+ -+static void nflog_rcv(struct sock *sk, int len) -+{ -+ printk("nflog_rcv: did receive netlink message ?!?\n"); -+} -+ -+static unsigned int ipt_ulog_target(struct sk_buff **pskb, -+ unsigned int hooknum, -+ const struct net_device *in, -+ const struct net_device *out, -+ const void *targinfo, void *userinfo) -+{ -+ ulog_packet_msg_t *pm; -+ size_t size, copy_len; -+ struct sk_buff *nlskb; -+ unsigned char *old_tail; -+ struct nlmsghdr *nlh; -+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; -+ -+ /* calculate the size of the skb needed */ -+ if ((loginfo->copy_range == 0) || -+ (loginfo->copy_range > (*pskb)->len)) { -+ copy_len = (*pskb)->len; -+ } else { -+ copy_len = loginfo->copy_range; -+ } -+ size = NLMSG_SPACE(sizeof(*pm) + copy_len); -+ nlskb = alloc_skb(size, GFP_ATOMIC); -+ if (!nlskb) -+ goto nlmsg_failure; -+ -+ old_tail = nlskb->tail; -+ nlh = NLMSG_PUT(nlskb, 0, 0, ULOG_NL_EVENT, size - sizeof(*nlh)); -+ pm = NLMSG_DATA(nlh); -+ -+ /* copy hook, prefix, timestamp, payload, etc. */ -+ -+ pm->data_len = copy_len; -+ pm->timestamp_sec = (*pskb)->stamp.tv_sec; -+ pm->timestamp_usec = (*pskb)->stamp.tv_usec; -+ pm->mark = (*pskb)->nfmark; -+ pm->hook = hooknum; -+ if (loginfo->prefix) -+ strcpy(pm->prefix, loginfo->prefix); -+ -+ if (in && in->hard_header_len > 0 -+ && (*pskb)->mac.raw != (void *) (*pskb)->nh.iph -+ && in->hard_header_len <= ULOG_MAC_LEN) { -+ memcpy(pm->mac, (*pskb)->mac.raw, in->hard_header_len); -+ pm->mac_len = in->hard_header_len; -+ } -+ -+ if (in) -+ strcpy(pm->indev_name, in->name); -+ else -+ pm->indev_name[0] = '\0'; -+ -+ if (out) -+ strcpy(pm->outdev_name, out->name); -+ else -+ pm->outdev_name[0] = '\0'; -+ -+ if (copy_len) -+ memcpy(pm->payload, (*pskb)->data, copy_len); -+ nlh->nlmsg_len = nlskb->tail - old_tail; -+ NETLINK_CB(nlskb).dst_groups = loginfo->nl_group; -+ DEBUGP -+ ("ipt_ULOG: going to throw a packet to netlink groupmask %u\n", -+ loginfo->nl_group); -+ netlink_broadcast(nflognl, nlskb, 0, loginfo->nl_group, -+ GFP_ATOMIC); -+ -+ return IPT_CONTINUE; -+ -+ nlmsg_failure: -+ if (nlskb) -+ kfree(nlskb); -+ printk("ipt_ULOG: Error building netlink message\n"); -+ return IPT_CONTINUE; -+} -+ -+static int ipt_ulog_checkentry(const char *tablename, -+ const struct ipt_entry *e, -+ void *targinfo, -+ unsigned int targinfosize, -+ unsigned int hookmask) -+{ -+ struct ipt_ulog_info *loginfo = (struct ipt_ulog_info *) targinfo; -+ -+ if (targinfosize != IPT_ALIGN(sizeof(struct ipt_ulog_info))) { -+ DEBUGP("ULOG: targinfosize %u != 0\n", targinfosize); -+ return 0; -+ } -+ -+ if (loginfo->prefix[sizeof(loginfo->prefix) - 1] != '\0') { -+ DEBUGP("ULOG: prefix term %i\n", -+ loginfo->prefix[sizeof(loginfo->prefix) - 1]); -+ return 0; -+ } -+ -+ return 1; -+} -+ -+static struct ipt_target ipt_ulog_reg = -+ { {NULL, NULL}, "ULOG", ipt_ulog_target, ipt_ulog_checkentry, NULL, -+THIS_MODULE -+}; -+ -+static int __init init(void) -+{ -+ DEBUGP("ipt_ULOG: init module\n"); -+ nflognl = netlink_kernel_create(NETLINK_NFLOG, nflog_rcv); -+ if (!nflognl) -+ return -ENOMEM; -+ -+ if (ipt_register_target(&ipt_ulog_reg) != 0) { -+ sock_release(nflognl->socket); -+ return -EINVAL; -+ } -+ -+ return 0; -+} -+ -+static void __exit fini(void) -+{ -+ DEBUGP("ipt_ULOG: cleanup_module\n"); -+ -+ ipt_unregister_target(&ipt_ulog_reg); -+ sock_release(nflognl->socket); -+} -+ -+module_init(init); -+module_exit(fini); |