-Index: iptables-1.3.7/extensions/Makefile
+Index: iptables-1.3.8/extensions/Makefile
===================================================================
---- iptables-1.3.7.orig/extensions/Makefile 2007-06-04 13:21:43.398379112 +0200
-+++ iptables-1.3.7/extensions/Makefile 2007-06-04 13:21:43.484366040 +0200
+--- iptables-1.3.8.orig/extensions/Makefile 2007-07-31 15:27:55.000000000 -0500
++++ iptables-1.3.8/extensions/Makefile 2007-07-31 15:27:55.000000000 -0500
@@ -13,6 +13,10 @@
PF6_EXT_SE_SLIB:=SECMARK CONNSECMARK
endif
# Optionals
PF_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T)))
PF6_EXT_SLIB_OPTS:=$(foreach T,$(wildcard extensions/.*-test6),$(shell KERNEL_DIR=$(KERNEL_DIR) $(T)))
-Index: iptables-1.3.7/extensions/libipt_ipp2p.c
+Index: iptables-1.3.8/extensions/libipt_ipp2p.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_ipp2p.c 2007-06-04 13:21:43.485365888 +0200
++++ iptables-1.3.8/extensions/libipt_ipp2p.c 2007-07-31 15:27:55.000000000 -0500
@@ -0,0 +1,401 @@
+
+#include <stdio.h>
+ register_match(&ipp2p);
+}
+
-Index: iptables-1.3.7/include/linux/netfilter_ipv4/ipt_ipp2p.h
+Index: iptables-1.3.8/include/linux/netfilter_ipv4/ipt_ipp2p.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/include/linux/netfilter_ipv4/ipt_ipp2p.h 2007-06-04 13:21:43.485365888 +0200
++++ iptables-1.3.8/include/linux/netfilter_ipv4/ipt_ipp2p.h 2007-07-31 15:27:55.000000000 -0500
@@ -0,0 +1,31 @@
+#ifndef __IPT_IPP2P_H
+#define __IPT_IPP2P_H
-Index: iptables-1.3.7/extensions/.layer7-test
+Index: iptables-1.3.8/extensions/.layer7-test
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/.layer7-test 2007-06-04 13:21:43.708331992 +0200
++++ iptables-1.3.8/extensions/.layer7-test 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,2 @@
+#! /bin/sh
+[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_layer7.h ] && echo layer7
-Index: iptables-1.3.7/extensions/ipt_layer7.h
+Index: iptables-1.3.8/extensions/ipt_layer7.h
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/ipt_layer7.h 2007-06-04 13:21:43.708331992 +0200
++++ iptables-1.3.8/extensions/ipt_layer7.h 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,27 @@
+/*
+ By Matthew Strait <quadong@users.sf.net>, Dec 2003.
+};
+
+#endif /* _IPT_LAYER7_H */
-Index: iptables-1.3.7/extensions/libipt_layer7.c
+Index: iptables-1.3.8/extensions/libipt_layer7.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_layer7.c 2007-06-04 13:21:43.709331840 +0200
++++ iptables-1.3.8/extensions/libipt_layer7.c 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,358 @@
+/*
+ Shared library add-on to iptables to add layer 7 matching support.
+{
+ register_match(&layer7);
+}
-Index: iptables-1.3.7/extensions/libipt_layer7.man
+Index: iptables-1.3.8/extensions/libipt_layer7.man
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_layer7.man 2007-06-04 13:21:43.709331840 +0200
++++ iptables-1.3.8/extensions/libipt_layer7.man 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,13 @@
+This module matches packets based on the application layer data of
+their connections. It uses regular expression matching to compare
-Index: iptables-1.3.7/extensions/libipt_multiport.c
+Index: iptables-1.3.8/extensions/libipt_multiport.c
===================================================================
---- iptables-1.3.7.orig/extensions/libipt_multiport.c 2007-06-04 13:21:43.344387320 +0200
-+++ iptables-1.3.7/extensions/libipt_multiport.c 2007-06-04 13:21:43.932297944 +0200
+--- iptables-1.3.8.orig/extensions/libipt_multiport.c 2007-07-31 15:27:55.000000000 -0500
++++ iptables-1.3.8/extensions/libipt_multiport.c 2007-07-31 15:27:56.000000000 -0500
@@ -8,24 +8,6 @@
/* To ensure that iptables compiles with an old kernel */
#include "../include/linux/netfilter_ipv4/ipt_multiport.h"
static void
help_v1(void)
{
-@@ -68,26 +50,6 @@
+@@ -70,26 +52,6 @@
}
}
static void
parse_multi_ports_v1(const char *portstring,
struct ipt_multiport_v1 *multiinfo,
-@@ -153,58 +115,6 @@
- "multiport only works with TCP, UDP, SCTP and DCCP");
+@@ -156,58 +118,6 @@
+ "multiport only works with TCP, UDP, UDPLITE, SCTP and DCCP");
}
-/* Function which parses command options; returns true if it
static int
parse_v1(int c, char **argv, int invert, unsigned int *flags,
const struct ipt_entry *entry,
-@@ -281,43 +191,6 @@
+@@ -284,43 +194,6 @@
printf("%s", service);
}
static void
print_v1(const struct ipt_ip *ip,
const struct ipt_entry_match *match,
-@@ -361,34 +234,6 @@
+@@ -364,34 +237,6 @@
printf(" ");
}
static void save_v1(const struct ipt_ip *ip,
const struct ipt_entry_match *match)
{
-@@ -424,19 +269,20 @@
+@@ -427,19 +272,20 @@
printf(" ");
}
-Index: iptables-1.3.7/extensions/.IMQ-test6
+Index: iptables-1.3.8/extensions/.IMQ-test6
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/.IMQ-test6 2007-06-04 13:21:44.124268760 +0200
++++ iptables-1.3.8/extensions/.IMQ-test6 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,3 @@
+#!/bin/sh
+# True if IMQ target patch is applied.
+[ -f $KERNEL_DIR/net/ipv6/netfilter/ip6t_IMQ.c ] && echo IMQ
-Index: iptables-1.3.7/extensions/libip6t_IMQ.c
+Index: iptables-1.3.8/extensions/libip6t_IMQ.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libip6t_IMQ.c 2007-06-04 13:21:44.125268608 +0200
++++ iptables-1.3.8/extensions/libip6t_IMQ.c 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,101 @@
+/* Shared library add-on to iptables to add IMQ target support. */
+#include <stdio.h>
+{
+ register_target6(&imq);
+}
-Index: iptables-1.3.7/extensions/.IMQ-test
+Index: iptables-1.3.8/extensions/.IMQ-test
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/.IMQ-test 2007-06-04 13:21:44.125268608 +0200
++++ iptables-1.3.8/extensions/.IMQ-test 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,3 @@
+#!/bin/sh
+# True if IMQ target patch is applied.
+[ -f $KERNEL_DIR/net/ipv4/netfilter/ipt_IMQ.c ] && echo IMQ
-Index: iptables-1.3.7/extensions/libipt_IMQ.c
+Index: iptables-1.3.8/extensions/libipt_IMQ.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_IMQ.c 2007-06-04 13:21:44.125268608 +0200
++++ iptables-1.3.8/extensions/libipt_IMQ.c 2007-07-31 15:27:56.000000000 -0500
@@ -0,0 +1,101 @@
+/* Shared library add-on to iptables to add IMQ target support. */
+#include <stdio.h>
-Index: iptables-1.3.7/extensions/libipt_iprange.c
+Index: iptables-1.3.8/extensions/libipt_iprange.c
===================================================================
---- iptables-1.3.7.orig/extensions/libipt_iprange.c 2007-06-04 13:21:43.288395832 +0200
-+++ iptables-1.3.7/extensions/libipt_iprange.c 2007-06-04 13:21:44.343235472 +0200
+--- iptables-1.3.8.orig/extensions/libipt_iprange.c 2007-07-31 15:27:55.000000000 -0500
++++ iptables-1.3.8/extensions/libipt_iprange.c 2007-07-31 15:27:56.000000000 -0500
@@ -6,6 +6,7 @@
#include <getopt.h>
-Index: iptables-1.3.7/extensions/.CHAOS-test
+Index: iptables-1.3.8/extensions/.CHAOS-test
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/.CHAOS-test 2007-06-04 13:21:44.537205984 +0200
++++ iptables-1.3.8/extensions/.CHAOS-test 2007-07-31 15:27:57.000000000 -0500
@@ -0,0 +1,2 @@
+#!/bin/sh
+[ -f "$KERNEL_DIR/include/linux/netfilter/xt_CHAOS.h" ] && echo "CHAOS";
-Index: iptables-1.3.7/extensions/.DELUDE-test
+Index: iptables-1.3.8/extensions/.DELUDE-test
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/.DELUDE-test 2007-06-04 13:21:44.537205984 +0200
++++ iptables-1.3.8/extensions/.DELUDE-test 2007-07-31 15:27:57.000000000 -0500
@@ -0,0 +1,2 @@
+#!/bin/sh
+echo "DELUDE";
-Index: iptables-1.3.7/extensions/libipt_CHAOS.c
+Index: iptables-1.3.8/extensions/libipt_CHAOS.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_CHAOS.c 2007-06-04 13:21:44.537205984 +0200
++++ iptables-1.3.8/extensions/libipt_CHAOS.c 2007-07-31 15:27:57.000000000 -0500
@@ -0,0 +1,111 @@
+/*
+ CHAOS target for iptables
+ register_target(&libipt_chaos_info);
+ return;
+}
-Index: iptables-1.3.7/extensions/libipt_DELUDE.c
+Index: iptables-1.3.8/extensions/libipt_DELUDE.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_DELUDE.c 2007-06-04 13:21:44.537205984 +0200
++++ iptables-1.3.8/extensions/libipt_DELUDE.c 2007-07-31 15:27:57.000000000 -0500
@@ -0,0 +1,66 @@
+/*
+ DELUDE target for iptables
+ register_target(&libipt_delude_info);
+ return;
+}
-Index: iptables-1.3.7/extensions/libipt_portscan.c
+Index: iptables-1.3.8/extensions/libipt_portscan.c
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/libipt_portscan.c 2007-06-04 13:21:44.538205832 +0200
++++ iptables-1.3.8/extensions/libipt_portscan.c 2007-07-31 15:27:57.000000000 -0500
@@ -0,0 +1,129 @@
+/*
+ portscan match for iptables
+ register_match(&libipt_portscan_info);
+ return;
+}
-Index: iptables-1.3.7/extensions/.portscan-test
+Index: iptables-1.3.8/extensions/.portscan-test
===================================================================
--- /dev/null 1970-01-01 00:00:00.000000000 +0000
-+++ iptables-1.3.7/extensions/.portscan-test 2007-06-04 13:21:44.538205832 +0200
++++ iptables-1.3.8/extensions/.portscan-test 2007-07-31 15:27:57.000000000 -0500
@@ -0,0 +1,2 @@
+#!/bin/sh
+[ -f "$KERNEL_DIR/include/linux/netfilter/xt_portscan.h" ] && echo "portscan";