diff -urN linux-2.4.30/net/ipv4/netfilter/Config.in linux-2.4.30.new/net/ipv4/netfilter/Config.in
---- linux-2.4.30/net/ipv4/netfilter/Config.in 2006-08-18 15:42:55.000000000 +0200
-+++ linux-2.4.30.new/net/ipv4/netfilter/Config.in 2006-08-18 15:44:51.000000000 +0200
+--- linux-2.4.30/net/ipv4/netfilter/Config.in 2006-08-18 17:57:40.000000000 +0200
++++ linux-2.4.30.new/net/ipv4/netfilter/Config.in 2006-08-18 17:58:03.000000000 +0200
@@ -48,6 +48,7 @@
if [ "$CONFIG_IP_NF_CONNTRACK_MARK" != "n" ]; then
dep_tristate ' Connection mark match support' CONFIG_IP_NF_MATCH_CONNMARK $CONFIG_IP_NF_IPTABLES
if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
dep_tristate ' Unclean match support (EXPERIMENTAL)' CONFIG_IP_NF_MATCH_UNCLEAN $CONFIG_IP_NF_IPTABLES
diff -urN linux-2.4.30/net/ipv4/netfilter/ip_conntrack_core.c linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_core.c
---- linux-2.4.30/net/ipv4/netfilter/ip_conntrack_core.c 2006-08-18 15:42:55.000000000 +0200
-+++ linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_core.c 2006-08-18 15:55:59.000000000 +0200
+--- linux-2.4.30/net/ipv4/netfilter/ip_conntrack_core.c 2006-08-18 17:57:40.000000000 +0200
++++ linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_core.c 2006-08-18 17:58:03.000000000 +0200
@@ -821,7 +821,15 @@
}
*set_reply = 0;
}
diff -urN linux-2.4.30/net/ipv4/netfilter/ip_conntrack_standalone.c linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_standalone.c
---- linux-2.4.30/net/ipv4/netfilter/ip_conntrack_standalone.c 2006-08-18 15:42:55.000000000 +0200
-+++ linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_standalone.c 2006-08-18 15:49:58.000000000 +0200
+--- linux-2.4.30/net/ipv4/netfilter/ip_conntrack_standalone.c 2006-08-18 17:57:40.000000000 +0200
++++ linux-2.4.30.new/net/ipv4/netfilter/ip_conntrack_standalone.c 2006-08-18 17:58:03.000000000 +0200
@@ -116,7 +116,9 @@
len += sprintf(buffer + len, "l7proto=%s ",
conntrack->layer7.app_proto);
return len;
diff -urN linux-2.4.30/net/ipv4/netfilter/ipt_connbytes.c linux-2.4.30.new/net/ipv4/netfilter/ipt_connbytes.c
--- linux-2.4.30/net/ipv4/netfilter/ipt_connbytes.c 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.4.30.new/net/ipv4/netfilter/ipt_connbytes.c 2006-08-18 16:23:40.000000000 +0200
++++ linux-2.4.30.new/net/ipv4/netfilter/ipt_connbytes.c 2006-08-18 17:58:03.000000000 +0200
@@ -0,0 +1,61 @@
+/* Kernel module to match connection tracking byte counter.
+ * GPL (C) 2002 Martin Devera (devik@cdi.cz).
+module_exit(fini);
+MODULE_LICENSE("GPL");
diff -urN linux-2.4.30/net/ipv4/netfilter/Makefile linux-2.4.30.new/net/ipv4/netfilter/Makefile
---- linux-2.4.30/net/ipv4/netfilter/Makefile 2006-08-18 15:42:55.000000000 +0200
-+++ linux-2.4.30.new/net/ipv4/netfilter/Makefile 2006-08-18 15:45:26.000000000 +0200
+--- linux-2.4.30/net/ipv4/netfilter/Makefile 2006-08-18 17:57:40.000000000 +0200
++++ linux-2.4.30.new/net/ipv4/netfilter/Makefile 2006-08-18 17:58:03.000000000 +0200
@@ -109,6 +109,7 @@
obj-$(CONFIG_IP_NF_MATCH_UNCLEAN) += ipt_unclean.o
obj-$(CONFIG_IP_NF_MATCH_TCPMSS) += ipt_tcpmss.o
obj-$(CONFIG_IP_NF_MATCH_PHYSDEV) += ipt_physdev.o
diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h
---- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h 2006-08-18 15:42:55.000000000 +0200
-+++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h 2006-08-18 15:52:29.000000000 +0200
+--- linux-2.4.30/include/linux/netfilter_ipv4/ip_conntrack.h 2006-08-18 17:57:40.000000000 +0200
++++ linux-2.4.30.new/include/linux/netfilter_ipv4/ip_conntrack.h 2006-08-18 17:58:03.000000000 +0200
@@ -205,7 +205,9 @@
struct nf_ct_info infos[IP_CT_NUMBER];
union ip_conntrack_help help;
diff -urN linux-2.4.30/include/linux/netfilter_ipv4/ipt_connbytes.h linux-2.4.30.new/include/linux/netfilter_ipv4/ipt_connbytes.h
--- linux-2.4.30/include/linux/netfilter_ipv4/ipt_connbytes.h 1970-01-01 01:00:00.000000000 +0100
-+++ linux-2.4.30.new/include/linux/netfilter_ipv4/ipt_connbytes.h 2006-08-18 15:56:43.000000000 +0200
-@@ -0,0 +1,10 @@
++++ linux-2.4.30.new/include/linux/netfilter_ipv4/ipt_connbytes.h 2006-08-18 17:58:34.000000000 +0200
+@@ -0,0 +1,28 @@
+#ifndef _IPT_CONNBYTES_H
+#define _IPT_CONNBYTES_H
+
++enum ipt_connbytes_what {
++ IPT_CONNBYTES_WHAT_PKTS,
++ IPT_CONNBYTES_WHAT_BYTES,
++ IPT_CONNBYTES_WHAT_AVGPKT,
++};
++
++enum ipt_connbytes_direction {
++ IPT_CONNBYTES_DIR_ORIGINAL,
++ IPT_CONNBYTES_DIR_REPLY,
++ IPT_CONNBYTES_DIR_BOTH,
++};
++
+struct ipt_connbytes_info
+{
+ /* if from<=to then it matches the range; if from>to then
+ inverse range is matched */
-+ unsigned long from,to;
++ unsigned long from,to;
++ struct {
++ u_int64_t from; /* count to be matched */
++ u_int64_t to; /* count to be matched */
++ } count;
++ u_int8_t what; /* ipt_connbytes_what */
++ u_int8_t direction; /* ipt_connbytes_direction */
+};
+#endif
projects / openwrt / svn-archive / openwrt.git / commitdiff