/[gentoo-x86]/net-misc/l7-filter-userspace/files/l7-filter-userspace-0.11-libnetfilter_conntrack-0.0.100.patch
Gentoo

Contents of /net-misc/l7-filter-userspace/files/l7-filter-userspace-0.11-libnetfilter_conntrack-0.0.100.patch

Parent Directory Parent Directory | Revision Log Revision Log


Revision 1.1 - (show annotations) (download)
Sun Jul 18 02:47:57 2010 UTC (4 years, 9 months ago) by dragonheart
Branch: MAIN
CVS Tags: HEAD
build fix as per bug #280747 thanks to niv. Patch thanks to Debian
(Portage version: 2.2_rc67/cvs/Linux x86_64)

1 diff -Naur l7-filter-userspace-0.11-orig/l7-conntrack.cpp l7-filter-userspace-0.11-ptch/l7-conntrack.cpp
2 --- l7-filter-userspace-0.11-orig/l7-conntrack.cpp 2009-02-26 21:40:28.000000000 +0000
3 +++ l7-filter-userspace-0.11-ptch/l7-conntrack.cpp 2009-10-19 17:40:42.000000000 +0000
4 @@ -121,25 +121,10 @@
5 return (char *)buffer;
6 }
7
8 -static int sprintf_conntrack_key(char *buf, struct nfct_conntrack *ct,
9 - unsigned int flags)
10 -{
11 - int size = 0;
12 -
13 - size += nfct_sprintf_protocol(buf, ct);
14 - size += nfct_sprintf_address(buf+size, &ct->tuple[NFCT_DIR_ORIGINAL]);
15 - size += nfct_sprintf_proto(buf+size, &ct->tuple[NFCT_DIR_ORIGINAL]);
16 -
17 - /* Delete the last blank space */
18 - buf[size-1] = '\0';
19 -
20 - return size;
21 -}
22 -
23 -static string make_key(nfct_conntrack* ct, int flags)
24 +static string make_key(nfct_conntrack* ct, int flags, int type)
25 {
26 char key[512];
27 - int keysize = sprintf_conntrack_key(key, ct, flags);
28 + int keysize = nfct_snprintf(key, sizeof(key), (const nf_conntrack *)ct, type, NFCT_O_DEFAULT, flags);
29 if(keysize >= 512){
30 cerr << "Yike! Overflowed key!\n";
31 exit(1);
32 @@ -148,28 +133,28 @@
33 return key;
34 }
35
36 -static int l7_handle_conntrack_event(void *arg, unsigned int flags, int type,
37 +static int l7_handle_conntrack_event(enum nf_conntrack_msg_type type, struct nf_conntrack* arg,
38 void *data)
39 {
40 l7_conntrack * l7_conntrack_handler = (l7_conntrack *) data;
41
42 nfct_conntrack* ct = (nfct_conntrack*)arg;
43 + u_int8_t protonum = *(u_int8_t *)nfct_get_attr((const nf_conntrack *)ct, ATTR_ORIG_L4PROTO);
44
45 // I don't think there is any demand for ICMP. These are enough work for now.
46 - if(ct->tuple[0].protonum != IPPROTO_TCP &&
47 - ct->tuple[0].protonum != IPPROTO_UDP) return 0;
48 + if(protonum != IPPROTO_TCP && protonum != IPPROTO_UDP) return 0;
49
50 - if(type == NFCT_MSG_DESTROY) l7printf(3, "Got event: NFCT_MSG_DESTROY\n");
51 - if(type == NFCT_MSG_NEW) l7printf(3, "Got event: NFCT_MSG_NEW\n");
52 - if(type == NFCT_MSG_UPDATE) l7printf(3, "Got event: NFCT_MSG_UPDATE\n");
53 - if(type == NFCT_MSG_UNKNOWN) l7printf(3, "Got event: NFCT_MSG_UNKNOWN\n");
54 + if(type == NFCT_T_DESTROY) l7printf(3, "Got event: NFCT_T_DESTROY\n");
55 + if(type == NFCT_T_NEW) l7printf(3, "Got event: NFCT_T_NEW\n");
56 + if(type == NFCT_T_UPDATE) l7printf(3, "Got event: NFCT_T_UPDATE\n");
57 + if(type == NFCT_T_UNKNOWN) l7printf(3, "Got event: NFCT_T_UNKNOWN\n");
58
59 // On the first packet, create the connection buffer, etc.
60 - if(type == NFCT_MSG_NEW){
61 - string key = make_key(ct, flags);
62 + if(type == NFCT_T_NEW){
63 + string key = make_key(ct, 0, NFCT_T_NEW);
64 if (l7_conntrack_handler->get_l7_connection(key)){
65 // this happens sometimes
66 - cerr << "Received NFCT_MSG_NEW but already have a connection. Packets = "
67 + cerr << "Received NFCT_T_NEW but already have a connection. Packets = "
68 << l7_conntrack_handler->get_l7_connection(key)->get_num_packets()
69 << endl;
70 l7_conntrack_handler->remove_l7_connection(key);
71 @@ -179,9 +164,9 @@
72 l7_conntrack_handler->add_l7_connection(thisconnection, key);
73 thisconnection->key = key;
74 }
75 - else if(type == NFCT_MSG_DESTROY){
76 + else if(type == NFCT_T_DESTROY){
77 // clean up the connection buffer, etc.
78 - string key = make_key(ct, flags);
79 + string key = make_key(ct, 0, NFCT_T_DESTROY);
80 if(l7_conntrack_handler->get_l7_connection(key)){
81 l7_conntrack_handler->remove_l7_connection(key);
82 }
83 @@ -193,7 +178,7 @@
84
85 l7_conntrack::~l7_conntrack()
86 {
87 - nfct_conntrack_free(ct);
88 + free(ct);
89 nfct_close(cth);
90 }
91
92 @@ -230,9 +215,9 @@
93 {
94 int ret;
95
96 - nfct_register_callback(cth, l7_handle_conntrack_event, (void *)this);
97 - ret = nfct_event_conntrack(cth); // this is the main loop
98 + nfct_callback_register(cth, NFCT_T_NEW, l7_handle_conntrack_event, (void *)this);
99 + ret = nfct_catch(cth); // this is the main loop
100
101 nfct_close(cth);
102 - nfct_conntrack_free(ct);
103 + free(ct);
104 }

  ViewVC Help
Powered by ViewVC 1.1.20