make compilation of libip6t_LOG, libipt_length, libip6t_length and

libip6t_owner mandatory

diff --git a/extensions/.LOG-test6 b/extensions/.LOG-test6
deleted file mode 100755 (executable)
index 0dcbdf3..0000000
--- a/extensions/.LOG-test6
+++ /dev/null
@@ -1,2 +0,0 @@
-#!/bin/sh
-[ -f $KERNEL_DIR/net/ipv6/netfilter/ip6t_LOG.c ] && echo LOG

diff --git a/extensions/.length-test b/extensions/.length-test
deleted file mode 100755 (executable)
index 52fd62f..0000000
--- a/extensions/.length-test
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-# True if length match patch is applied.
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_length.h ] && echo length

diff --git a/extensions/.length-test6 b/extensions/.length-test6
deleted file mode 100755 (executable)
index 1d58971..0000000
--- a/extensions/.length-test6
+++ /dev/null
@@ -1,3 +0,0 @@
-#!/bin/sh
-# True if length match patch is applied.
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv6/ip6t_length.h ] && echo length

diff --git a/extensions/.owner-test6 b/extensions/.owner-test6
deleted file mode 100755 (executable)
index 9d46e2b..0000000
--- a/extensions/.owner-test6
+++ /dev/null
@@ -1,2 +0,0 @@
-#! /bin/sh
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv6/ip6t_owner.h ] && echo owner limit mac multiport

diff --git a/extensions/Makefile b/extensions/Makefile
index e420aeb70c28c75c60569f3896a88cf349e883e8..dc03f53c837203fea9eee292678f6e0c5aaff65b 100644 (file)
--- a/extensions/Makefile
+++ b/extensions/Makefile
@@ -1,10 +1,10 @@
 #! /usr/bin/make
 
-PF_EXT_SLIB:=tcp udp icmp mac limit standard REJECT LOG unclean state multiport tos TOS mark MARK owner SNAT DNAT MASQUERADE REDIRECT MIRROR SAME
-PF6_EXT_SLIB:=tcp udp icmpv6 standard MARK mark
+PF_EXT_SLIB:=ah esp icmp limit mac mark multiport owner standard state tcp tcpmss tos ttl udp unclean DNAT DSCP ECN LOG MARK MASQUERADE MIRROR REDIRECT REJECT SAME SNAT TCPMSS TOS ULOG
+PF6_EXT_SLIB:=icmpv6 mark tcp udp standard MARK
 
 # The following may not be present, but compile them anyway.
-PF_EXT_SLIB+=FTOS TCPMSS TTL ULOG ah esp iplimit tcpmss ttl
+PF_EXT_SLIB+=TTL iplimit
 
 # Optionals
 PF_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T)))

diff --git a/include/linux/netfilter_ipv4/ipt_length.h b/include/linux/netfilter_ipv4/ipt_length.h
new file mode 100644 (file)
index 0000000..6e08852
--- /dev/null
+++ b/include/linux/netfilter_ipv4/ipt_length.h
@@ -0,0 +1,9 @@
+#ifndef _IPT_LENGTH_H
+#define _IPT_LENGTH_H
+
+struct ipt_length_info {
+    u_int16_t  min, max;
+    u_int8_t   invert;
+};
+
+#endif /*_IPT_LENGTH_H*/

diff --git a/include/linux/netfilter_ipv6/ip6t_length.h b/include/linux/netfilter_ipv6/ip6t_length.h
new file mode 100644 (file)
index 0000000..7fc09f9
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_length.h
@@ -0,0 +1,10 @@
+#ifndef _IP6T_LENGTH_H
+#define _IP6T_LENGTH_H
+
+struct ip6t_length_info {
+       u_int16_t  min, max;
+       u_int8_t   invert;
+};
+
+#endif /*_IP6T_LENGTH_H*/
+       

diff --git a/include/linux/netfilter_ipv6/ip6t_owner.h b/include/linux/netfilter_ipv6/ip6t_owner.h
new file mode 100644 (file)
index 0000000..19937da
--- /dev/null
+++ b/include/linux/netfilter_ipv6/ip6t_owner.h
@@ -0,0 +1,18 @@
+#ifndef _IP6T_OWNER_H
+#define _IP6T_OWNER_H
+
+/* match and invert flags */
+#define IP6T_OWNER_UID 0x01
+#define IP6T_OWNER_GID 0x02
+#define IP6T_OWNER_PID 0x04
+#define IP6T_OWNER_SID 0x08
+
+struct ip6t_owner_info {
+    uid_t uid;
+    gid_t gid;
+    pid_t pid;
+    pid_t sid;
+    u_int8_t match, invert;    /* flags */
+};
+
+#endif /*_IPT_OWNER_H*/