build: remove support for Linux 3.6 / switch xt_DNETMAP to nf_nat

diff --git a/INSTALL b/INSTALL
index bf30e96c84574bf5da612e8144fcf009cdd9082a..7418c57b4592e1c70c63e930a8fd015b19184d41 100644 (file)
--- a/INSTALL
+++ b/INSTALL
@@ -14,7 +14,7 @@ Supported configurations for this release
 
        * iptables >= 1.4.5
 
-       * kernel-devel >= 3.6
+       * kernel-devel >= 3.7
          with prepared build/output directory
          - CONFIG_NF_CONNTRACK or CONFIG_IP_NF_CONNTRACK
          - CONFIG_NF_CONNTRACK_MARK or CONFIG_IP_NF_CONNTRACK_MARK

diff --git a/configure.ac b/configure.ac
index df4e3d9f765acef3b9755c83dc64d6fdf26f1932..da303c289a1ce62536f14ca0624c22e400c81d29 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -63,9 +63,9 @@ if test -n "$kbuilddir"; then
                echo "WARNING: Version detection did not succeed. Continue at own luck.";
        else
                echo "$kmajor.$kminor.$kmicro.$kstable in $kbuilddir";
-               if test "$kmajor" -gt 3 -o "$kmajor" -eq 3 -a "$kminor" -gt 6; then
+               if test "$kmajor" -gt 3 -o "$kmajor" -eq 3 -a "$kminor" -gt 7; then
                        echo "WARNING: That kernel version is not officially supported.";
-               elif test "$kmajor" -eq 3 -a "$kminor" -ge 6; then
+               elif test "$kmajor" -eq 3 -a "$kminor" -ge 7; then
                        :;
                else
                        echo "WARNING: That kernel version is not officially supported.";

diff --git a/doc/changelog.txt b/doc/changelog.txt
index c2ec6294669c5ade51f4ed3a7de5796161dacc20..f4036a0a2ee99609350535c9193fe7a05fb47ac1 100644 (file)
--- a/doc/changelog.txt
+++ b/doc/changelog.txt
@@ -2,9 +2,11 @@
 HEAD
 ====
 Changes:
-- remove support for Linux 2.6.17–3.5
+- remove support for Linux 2.6.17–3.6
 - remove xt_TEE (this is available upstream since 2.6.35)
 - remove xt_CHECKSUM (this is available upstream since 2.6.36)
+Enhancements:
+- Support for Linux 3.7
 
 
 v1.47.1 (2010-10-15)

diff --git a/extensions/compat_xtables.h b/extensions/compat_xtables.h
index a4e29385b90747f57bd89b1cf7817d3863b0a901..4aa72b7190be0dba8eddc427c0a73722111097d4 100644 (file)
--- a/extensions/compat_xtables.h
+++ b/extensions/compat_xtables.h
@@ -8,8 +8,8 @@
 
 #define DEBUGP Use__pr_debug__instead
 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 6, 0)
-#      warning Kernels below 3.6 not supported.
+#if LINUX_VERSION_CODE < KERNEL_VERSION(3, 7, 0)
+#      warning Kernels below 3.7 not supported.
 #endif
 
 #if defined(CONFIG_NF_CONNTRACK) || defined(CONFIG_NF_CONNTRACK_MODULE)

diff --git a/extensions/libxt_DNETMAP.c b/extensions/libxt_DNETMAP.c
index 2183e5acbdeda245fabab609a79b596611b68a90..92c679b3f6e48a0a1d711af8e30bc588e73712fa 100644 (file)
--- a/extensions/libxt_DNETMAP.c
+++ b/extensions/libxt_DNETMAP.c
@@ -69,19 +69,8 @@ static int netmask2bits(u_int32_t netmask)
        return bits;
 }
 
-static void DNETMAP_init(struct xt_entry_target *t)
-{
-       struct xt_DNETMAP_tginfo *tginfo = (void *)&t->data;
-       struct nf_nat_ipv4_multi_range_compat *mr = &tginfo->prefix;
-
-       /* Actually, it's 0, but it's ignored at the moment. */
-       mr->rangesize = 1;
-       tginfo->ttl = 0;
-       tginfo->flags = 0;
-}
-
 /* Parses network address */
-static void parse_prefix(char *arg, struct nf_nat_ipv4_range *range)
+static void parse_prefix(char *arg, struct nf_nat_range *range)
 {
        char *slash;
        const struct in_addr *ip;
@@ -97,7 +86,7 @@ static void parse_prefix(char *arg, struct nf_nat_ipv4_range *range)
        if (ip == NULL)
                xtables_error(PARAMETER_PROBLEM, "Bad IP address \"%s\"\n",
                              arg);
-       range->min_ip = ip->s_addr;
+       range->min_addr.in = *ip;
        if (slash) {
                if (strchr(slash + 1, '.')) {
                        ip = xtables_numeric_to_ipmask(slash + 1);
@@ -123,20 +112,20 @@ static void parse_prefix(char *arg, struct nf_nat_ipv4_range *range)
        } else
                netmask = ~0;
 
-       if (range->min_ip & ~netmask) {
+       if (range->min_addr.ip & ~netmask) {
                if (slash)
                        *slash = '/';
                xtables_error(PARAMETER_PROBLEM, "Bad network address \"%s\"\n",
                              arg);
        }
-       range->max_ip = range->min_ip | ~netmask;
+       range->max_addr.ip = range->min_addr.ip | ~netmask;
 }
 
 static int DNETMAP_parse(int c, char **argv, int invert, unsigned int *flags,
                         const void *entry, struct xt_entry_target **target)
 {
        struct xt_DNETMAP_tginfo *tginfo = (void *)(*target)->data;
-       struct nf_nat_ipv4_multi_range_compat *mr = &tginfo->prefix;
+       struct nf_nat_range *mr = &tginfo->prefix;
        char *end;
 
        switch (c) {
@@ -147,7 +136,7 @@ static int DNETMAP_parse(int c, char **argv, int invert, unsigned int *flags,
                                  invert);
 
                /* TO-DO use xtables_ipparse_any instead? */
-               parse_prefix(optarg, &mr->range[0]);
+               parse_prefix(optarg, mr);
                *flags |= XT_DNETMAP_PREFIX;
                tginfo->flags |= XT_DNETMAP_PREFIX;
                return 1;
@@ -192,14 +181,13 @@ static void DNETMAP_print_addr(const void *ip,
                               int numeric)
 {
        struct xt_DNETMAP_tginfo *tginfo = (void *)&target->data;
-       const struct nf_nat_ipv4_multi_range_compat *mr = &tginfo->prefix;
-       const struct nf_nat_ipv4_range *r = &mr->range[0];
+       const struct nf_nat_range *r = &tginfo->prefix;
        struct in_addr a;
        int bits;
 
-       a.s_addr = r->min_ip;
+       a = r->min_addr.in;
        printf("%s", xtables_ipaddr_to_numeric(&a));
-       a.s_addr = ~(r->min_ip ^ r->max_ip);
+       a.s_addr = ~(r->min_addr.ip ^ r->max_addr.ip);
        bits = netmask2bits(a.s_addr);
        if (bits < 0)
                printf("/%s", xtables_ipaddr_to_numeric(&a));
@@ -265,7 +253,6 @@ static struct xtables_target dnetmap_tg_reg = {
        .size          = XT_ALIGN(sizeof(struct xt_DNETMAP_tginfo)),
        .userspacesize = XT_ALIGN(sizeof(struct xt_DNETMAP_tginfo)),
        .help          = DNETMAP_help,
-       .init          = DNETMAP_init,
        .parse         = DNETMAP_parse,
        .print         = DNETMAP_print,
        .save          = DNETMAP_save,

diff --git a/extensions/xt_DNETMAP.c b/extensions/xt_DNETMAP.c
index 989f7027c0f983d0ca81e4e9fa0e9d65067153dc..62ad9cd40394df0bec3990140f53e791dc35aac4 100644 (file)
--- a/extensions/xt_DNETMAP.c
+++ b/extensions/xt_DNETMAP.c
@@ -78,7 +78,7 @@ struct dnetmap_entry {
 };
 
 struct dnetmap_prefix {
-       struct nf_nat_ipv4_multi_range_compat prefix;
+       struct nf_nat_range prefix;
        char prefix_str[16];
 #ifdef CONFIG_PROC_FS
        char proc_str_data[20];
@@ -168,7 +168,7 @@ dnetmap_addr_in_prefix(struct dnetmap_net *dnetmap_net, const __be32 addr,
 
 static struct dnetmap_prefix *
 dnetmap_prefix_lookup(struct dnetmap_net *dnetmap_net,
-                     const struct nf_nat_ipv4_multi_range_compat *mr)
+                     const struct nf_nat_range *mr)
 {
        struct dnetmap_prefix *p;
 
@@ -247,7 +247,7 @@ static int dnetmap_tg_check(const struct xt_tgchk_param *par)
 {
        struct dnetmap_net *dnetmap_net = dnetmap_pernet(par->net);
        const struct xt_DNETMAP_tginfo *tginfo = par->targinfo;
-       const struct nf_nat_ipv4_multi_range_compat *mr = &tginfo->prefix;
+       const struct nf_nat_range *mr = &tginfo->prefix;
        struct dnetmap_prefix *p;
        struct dnetmap_entry *e;
 #ifdef CONFIG_PROC_FS
@@ -263,14 +263,10 @@ static int dnetmap_tg_check(const struct xt_tgchk_param *par)
                return ret;
        }
 
-       if (!(mr->range[0].flags & NF_NAT_RANGE_MAP_IPS)) {
+       if (!(mr->flags & NF_NAT_RANGE_MAP_IPS)) {
                pr_debug("DNETMAP:check: bad MAP_IPS.\n");
                return -EINVAL;
        }
-       if (mr->rangesize != 1) {
-               pr_debug("DNETMAP:check: bad rangesize %u.\n", mr->rangesize);
-               return -EINVAL;
-       }
 
        mutex_lock(&dnetmap_mutex);
        p = dnetmap_prefix_lookup(dnetmap_net, mr);
@@ -296,15 +292,15 @@ static int dnetmap_tg_check(const struct xt_tgchk_param *par)
        INIT_LIST_HEAD(&p->lru_list);
        INIT_LIST_HEAD(&p->elist);
 
-       ip_min = ntohl(mr->range[0].min_ip) + (whole_prefix == 0);
-       ip_max = ntohl(mr->range[0].max_ip) - (whole_prefix == 0);
+       ip_min = ntohl(mr->min_addr.ip) + (whole_prefix == 0);
+       ip_max = ntohl(mr->max_addr.ip) - (whole_prefix == 0);
 
-       sprintf(p->prefix_str, NIPQUAD_FMT "/%u", NIPQUAD(mr->range[0].min_ip),
+       sprintf(p->prefix_str, NIPQUAD_FMT "/%u", NIPQUAD(mr->min_addr.ip),
                33 - ffs(~(ip_min ^ ip_max)));
 #ifdef CONFIG_PROC_FS
-       sprintf(p->proc_str_data, NIPQUAD_FMT "_%u", NIPQUAD(mr->range[0].min_ip),
+       sprintf(p->proc_str_data, NIPQUAD_FMT "_%u", NIPQUAD(mr->min_addr.ip),
                33 - ffs(~(ip_min ^ ip_max)));
-       sprintf(p->proc_str_stat, NIPQUAD_FMT "_%u_stat", NIPQUAD(mr->range[0].min_ip),
+       sprintf(p->proc_str_stat, NIPQUAD_FMT "_%u_stat", NIPQUAD(mr->min_addr.ip),
                33 - ffs(~(ip_min ^ ip_max)));
 #endif
        printk(KERN_INFO KBUILD_MODNAME ": new prefix %s\n", p->prefix_str);
@@ -370,8 +366,8 @@ dnetmap_tg(struct sk_buff **pskb, const struct xt_action_param *par)
        enum ip_conntrack_info ctinfo;
        __be32 prenat_ip, postnat_ip, prenat_ip_prev;
        const struct xt_DNETMAP_tginfo *tginfo = par->targinfo;
-       const struct nf_nat_ipv4_multi_range_compat *mr = &tginfo->prefix;
-       struct nf_nat_ipv4_range newrange;
+       const struct nf_nat_range *mr = &tginfo->prefix;
+       struct nf_nat_range newrange;
        struct dnetmap_entry *e;
        struct dnetmap_prefix *p;
        __s32 jttl;
@@ -408,15 +404,14 @@ dnetmap_tg(struct sk_buff **pskb, const struct xt_action_param *par)
 
                spin_unlock_bh(&dnetmap_lock);
 
-               newrange = ((struct nf_nat_ipv4_range) {
-                           mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
-                           e->prenat_addr, e->prenat_addr,
-                           mr->range[0].min, mr->range[0].max});
-
-               /* Hand modified range to generic setup. */
+               memset(&newrange, 0, sizeof(newrange));
+               newrange.flags = mr->flags | NF_NAT_RANGE_MAP_IPS;
+               newrange.min_addr.ip = e->prenat_addr;
+               newrange.max_addr.ip = e->prenat_addr;
+               newrange.min_proto = mr->min_proto;
+               newrange.max_proto = mr->max_proto;
                return nf_nat_setup_info(ct, &newrange,
                                         HOOK2MANIP(par->hooknum));
-
        }
 
        prenat_ip = ip_hdr(skb)->saddr;
@@ -498,12 +493,12 @@ bind_new_prefix:
 
        spin_unlock_bh(&dnetmap_lock);
 
-       newrange = ((struct nf_nat_ipv4_range) {
-                   mr->range[0].flags | NF_NAT_RANGE_MAP_IPS,
-                   postnat_ip, postnat_ip,
-                   mr->range[0].min, mr->range[0].max});
-
-       /* Hand modified range to generic setup. */
+       memset(&newrange, 0, sizeof(newrange));
+       newrange.flags = mr->flags | NF_NAT_RANGE_MAP_IPS;
+       newrange.min_addr.ip = postnat_ip;
+       newrange.max_addr.ip = postnat_ip;
+       newrange.min_proto = mr->min_proto;
+       newrange.max_proto = mr->max_proto;
        return nf_nat_setup_info(ct, &newrange, HOOK2MANIP(par->hooknum));
 
 no_rev_map:
@@ -517,7 +512,7 @@ static void dnetmap_tg_destroy(const struct xt_tgdtor_param *par)
 {
        struct dnetmap_net *dnetmap_net = dnetmap_pernet(par->net);
        const struct xt_DNETMAP_tginfo *tginfo = par->targinfo;
-       const struct nf_nat_ipv4_multi_range_compat *mr = &tginfo->prefix;
+       const struct nf_nat_range *mr = &tginfo->prefix;
        struct dnetmap_prefix *p;
 
        if (!(tginfo->flags & XT_DNETMAP_PREFIX))

diff --git a/extensions/xt_DNETMAP.h b/extensions/xt_DNETMAP.h
index eef2a55e24a67700bbd4a1d12a2a6c5158c6cf2c..6b28fd5c9a295e36d67536e050a5cff1e01e8c26 100644 (file)
--- a/extensions/xt_DNETMAP.h
+++ b/extensions/xt_DNETMAP.h
@@ -13,7 +13,7 @@ enum {
 };
 
 struct xt_DNETMAP_tginfo {
-       struct nf_nat_ipv4_multi_range_compat prefix;
+       struct nf_nat_range prefix;
        __u8 flags;
        __s32 ttl;
 };

diff --git a/include/linux/netfilter/nf_nat.h b/include/linux/netfilter/nf_nat.h
index 8df2d13730b2b75fff7262c0cf144e3a13c5f84f..bf0cc373ffb6ae02487e74ba478c024c3be3b477 100644 (file)
--- a/include/linux/netfilter/nf_nat.h
+++ b/include/linux/netfilter/nf_nat.h
@@ -22,4 +22,12 @@ struct nf_nat_ipv4_multi_range_compat {
        struct nf_nat_ipv4_range        range[1];
 };
 
+struct nf_nat_range {
+       unsigned int                    flags;
+       union nf_inet_addr              min_addr;
+       union nf_inet_addr              max_addr;
+       union nf_conntrack_man_proto    min_proto;
+       union nf_conntrack_man_proto    max_proto;
+};
+
 #endif /* _NETFILTER_NF_NAT_H */

diff --git a/mconfig b/mconfig
index 6418bb4a0ca02af871e9cbd5f75a46ef920758c2..638649808e9678b201d27045c0042b090423ee5a 100644 (file)
--- a/mconfig
+++ b/mconfig
@@ -4,7 +4,7 @@ build_ACCOUNT=m
 build_CHAOS=m
 build_DELUDE=m
 build_DHCPMAC=m
-build_DNETMAP=m
+build_DNETMAP=
 build_ECHO=m
 build_IPMARK=m
 build_LOGMARK=m