rpms / ebtables

Clone
Source Code
GIT

Files

el4 el5 epel9 f10 f11 f12 f13 f14 f15 f16 f17 f18 f19 f20 f21 f22 f23 f24 f25 f26 f27 f28 f29 f30 f31 f32 f33 f34 f35 f36 f37 f38 f39 f40 f7 f8 f9 fc6 main rawhide
  1.   rawhide
  2.   0007-Add-kernel-headers-needed-from-v3.16.patch
Blob Blame History Raw 
From a29aa9b111e00fcf6dd8268a2a18314df0ea0d4b Mon Sep 17 00:00:00 2001
From: Pedro Alvarez <pedro.alvarez@codethink.co.uk>
Date: Fri, 27 Feb 2015 11:54:10 +0000
Subject: [PATCH] Add kernel headers needed from v3.16

Ebtables fails to compile with versions of the linux headers greater
than v3.16 with this error:

  extensions/ebt_ulog.c:17:45: fatal error: linux/netfilter_bridge/ebt_ulog.h: No such file or directory
   #include <linux/netfilter_bridge/ebt_ulog.h>

This patch adds netfilter_bridge headers for every supported
extension, including filter.h and types.h, to avoid this problem and
future problems with changes in the kernel headers.

Signed-off-by: Pablo Neira Ayuso <pablo@netfilter.org>
Signed-off-by: Phil Sutter <psutter@redhat.com>
---
 include/linux/netfilter_bridge.h           |  2 +-
 include/linux/netfilter_bridge/ebt_802_3.h |  7 ++-
 include/linux/netfilter_bridge/ebtables.h  | 70 ++++++++++------------
 include/linux/types.h                      |  2 +-
 4 files changed, 37 insertions(+), 44 deletions(-)

diff --git a/include/linux/netfilter_bridge.h b/include/linux/netfilter_bridge.h
index 5094ecca9c1b3..c4dbfd91a17b9 100644
--- a/include/linux/netfilter_bridge.h
+++ b/include/linux/netfilter_bridge.h
@@ -24,4 +24,4 @@
 #define NF_BR_BROUTING		5
 #define NF_BR_NUMHOOKS		6
 
-#endif
+#endif /* __LINUX_BRIDGE_NETFILTER_H */
diff --git a/include/linux/netfilter_bridge/ebt_802_3.h b/include/linux/netfilter_bridge/ebt_802_3.h
index 76687d51f0eb8..70028c1523164 100644
--- a/include/linux/netfilter_bridge/ebt_802_3.h
+++ b/include/linux/netfilter_bridge/ebt_802_3.h
@@ -2,6 +2,7 @@
 #define __LINUX_BRIDGE_EBT_802_3_H
 
 #include <linux/types.h>
+#include <linux/if_ether.h>
 
 #define EBT_802_3_SAP 0x01
 #define EBT_802_3_TYPE 0x02
@@ -42,8 +43,8 @@ struct hdr_ni {
 };
 
 struct ebt_802_3_hdr {
-	__u8  daddr[6];
-	__u8  saddr[6];
+	__u8  daddr[ETH_ALEN];
+	__u8  saddr[ETH_ALEN];
 	__be16 len;
 	union {
 		struct hdr_ui ui;
@@ -59,4 +60,4 @@ struct ebt_802_3_info {
 	__u8  invflags;
 };
 
-#endif
+#endif /* __LINUX_BRIDGE_EBT_802_3_H */
diff --git a/include/linux/netfilter_bridge/ebtables.h b/include/linux/netfilter_bridge/ebtables.h
index 8f520c600b356..19a64448c648e 100644
--- a/include/linux/netfilter_bridge/ebtables.h
+++ b/include/linux/netfilter_bridge/ebtables.h
@@ -10,7 +10,6 @@
  *  Copyright (C) 1999 Paul `Rusty' Russell & Michael J. Neuling
  */
 
-/* Local copy of the kernel file, needed for Sparc64 support */
 #ifndef __LINUX_BRIDGE_EFF_H
 #define __LINUX_BRIDGE_EFF_H
 #include <linux/if.h>
@@ -32,14 +31,31 @@
  * The 4 lsb are more than enough to store the verdict. */
 #define EBT_VERDICT_BITS 0x0000000F
 
-struct ebt_counter
-{
+struct xt_match;
+struct xt_target;
+
+struct ebt_counter {
 	uint64_t pcnt;
 	uint64_t bcnt;
 };
 
-struct ebt_replace
-{
+struct ebt_replace {
+	char name[EBT_TABLE_MAXNAMELEN];
+	unsigned int valid_hooks;
+	/* nr of rules in the table */
+	unsigned int nentries;
+	/* total size of the entries */
+	unsigned int entries_size;
+	/* start of the chains */
+	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
+	/* nr of counters userspace expects back */
+	unsigned int num_counters;
+	/* where the kernel will put the old counters */
+	struct ebt_counter *counters;
+	char *entries;
+};
+
+struct ebt_replace_kernel {
 	char name[EBT_TABLE_MAXNAMELEN];
 	unsigned int valid_hooks;
 	/* nr of rules in the table */
@@ -47,21 +63,12 @@ struct ebt_replace
 	/* total size of the entries */
 	unsigned int entries_size;
 	/* start of the chains */
-#ifdef KERNEL_64_USERSPACE_32
-	uint64_t hook_entry[NF_BR_NUMHOOKS];
-#else
 	struct ebt_entries *hook_entry[NF_BR_NUMHOOKS];
-#endif
 	/* nr of counters userspace expects back */
 	unsigned int num_counters;
 	/* where the kernel will put the old counters */
-#ifdef KERNEL_64_USERSPACE_32
-	uint64_t counters;
-	uint64_t entries;
-#else
 	struct ebt_counter *counters;
 	char *entries;
-#endif
 };
 
 struct ebt_entries {
@@ -85,7 +92,7 @@ struct ebt_entries {
 
 /* This is a hack to make a difference between an ebt_entry struct and an
  * ebt_entries struct when traversing the entries from start to end.
- * Using this simplifies the code alot, while still being able to use
+ * Using this simplifies the code a lot, while still being able to use
  * ebt_entries.
  * Contrary, iptables doesn't use something like ebt_entries and therefore uses
  * different techniques for naming the policy and such. So, iptables doesn't
@@ -110,56 +117,40 @@ struct ebt_entries {
 #define EBT_INV_MASK (EBT_IPROTO | EBT_IIN | EBT_IOUT | EBT_ILOGICALIN \
    | EBT_ILOGICALOUT | EBT_ISOURCE | EBT_IDEST)
 
-struct ebt_entry_match
-{
+struct ebt_entry_match {
 	union {
 		char name[EBT_FUNCTION_MAXNAMELEN];
-		struct ebt_match *match;
+		struct xt_match *match;
 	} u;
 	/* size of data */
 	unsigned int match_size;
-#ifdef KERNEL_64_USERSPACE_32
-	unsigned int pad;
-#endif
 	unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
-struct ebt_entry_watcher
-{
+struct ebt_entry_watcher {
 	union {
 		char name[EBT_FUNCTION_MAXNAMELEN];
-		struct ebt_watcher *watcher;
+		struct xt_target *watcher;
 	} u;
 	/* size of data */
 	unsigned int watcher_size;
-#ifdef KERNEL_64_USERSPACE_32
-	unsigned int pad;
-#endif
 	unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
-struct ebt_entry_target
-{
+struct ebt_entry_target {
 	union {
 		char name[EBT_FUNCTION_MAXNAMELEN];
-		struct ebt_target *target;
+		struct xt_target *target;
 	} u;
 	/* size of data */
 	unsigned int target_size;
-#ifdef KERNEL_64_USERSPACE_32
-	unsigned int pad;
-#endif
 	unsigned char data[0] __attribute__ ((aligned (__alignof__(struct ebt_replace))));
 };
 
 #define EBT_STANDARD_TARGET "standard"
-struct ebt_standard_target
-{
+struct ebt_standard_target {
 	struct ebt_entry_target target;
 	int verdict;
-#ifdef KERNEL_64_USERSPACE_32
-	unsigned int pad;
-#endif
 };
 
 /* one entry */
@@ -167,7 +158,7 @@ struct ebt_entry {
 	/* this needs to be the first field */
 	unsigned int bitmask;
 	unsigned int invflags;
-	uint16_t ethproto;
+	__be16 ethproto;
 	/* the physical in-dev */
 	char in[IFNAMSIZ];
 	/* the logical in-dev */
@@ -202,6 +193,7 @@ struct ebt_entry {
 #define EBT_SO_GET_INIT_ENTRIES (EBT_SO_GET_INIT_INFO+1)
 #define EBT_SO_GET_MAX          (EBT_SO_GET_INIT_ENTRIES+1)
 
+
 /* blatently stolen from ip_tables.h
  * fn returns 0 to continue iteration */
 #define EBT_MATCH_ITERATE(e, fn, args...)                   \
diff --git a/include/linux/types.h b/include/linux/types.h
index 630cd3bb01f0a..23ea78fd1847a 100644
--- a/include/linux/types.h
+++ b/include/linux/types.h
@@ -38,7 +38,7 @@ typedef __u32 __bitwise __wsum;
  * aligned_u64 should be used in defining kernel<->userspace ABIs to avoid
  * common 32/64-bit compat problems.
  * 64-bit values align to 4-byte boundaries on x86_32 (and possibly other
- * architectures) and to 8-byte boundaries on 64-bit architetures.  The new
+ * architectures) and to 8-byte boundaries on 64-bit architectures.  The new
  * aligned_64 type enforces 8-byte alignment so that structs containing
  * aligned_64 values have the same alignment on 32-bit and 64-bit architectures.
  * No conversions are necessary between 32-bit user-space and a 64-bit kernel.
-- 
2.21.0
Powered by Pagure 5.14.1
DocumentationFile an IssueAbout this InstanceSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.