newnat-suite

Note!
The patches work on kernel release 2.4.13.
I'm working on new patches for newer kernel releases, but please don't ask me when I'll be ready.

From kadlec@blackhole.kfki.hu Wed Oct 31 14:10:23 2001
Date: Wed, 31 Oct 2001 13:29:00 +0100 (CET)
From: Jozsef Kadlecsik 
To: netfilter-devel@lists.samba.org
Subject: [PATCH] newnat/H.323 bugfix, IRC/talk support, p-o-m suites

Hello,

This is a big release, which contains patches and changes in p-o-m as
well.

The patches contain the following fixes/modifications:

- Safety checking at partial retransmissions added back
  to ip_nat_ftp.c (newnat5.tgz)
- DNAT/redirection support fixed, safety checking at partial
  retransmissions added to ip_nat_h323.c (h323-conntrack-nat.tgz)
- IRC helper modules ported to newnat (irc-conntrack-nat.tgz)
- talk helper modules ported to newnat (talk-conntrack-nat.tgz)
- iplimit patch made compatible with newnat changes (iplimit.tgz)

As I suggested previously, multiple protocol helpers can be supported by
patch-o-matic if modifications in ip{6}_conntrack.h are handled the same
way as in the case of the files Configure.help/Makefile/Config.in.

Also, as newnat evolves, it is hard to support it in the present p-o-m
structure: there sould be two versions stored for the protocol helper and
other patches in the same directory, which I believe is confusing.
Therefore I modified p-o-m, so it can support suites/bundles independent
of each other (but they can overlap at the same time!). Each suite is in
its own directory. There is a DESCRIPTION and a SUITE file listing
which directories hold the whole suite. If a patch can be found in
multiple directories, the first one is offered up for the user only.

The current structure is

patch-o-matic/
patch-o-matic/NEWPATCHES	patched description on new patches
patch-o-matic/runme		patched runme script
patch-o-matic/pending/		pending patches, not a suite
patch-o-matic/base/		MOSTOFPOM_PATCHES. The suite is
				definied as 'pending base'
patch-o-matic/extra/		all the original patches except pending
				and base. The suite is definied as
				'pending base extra'
patch-o-matic/newnat/		The newnat-related patches. The suite is
				'pending newnat base extra'

To sum up, now there are two ways to use the newnat patches:

a. traditional p-o-m:

	- download the patch-o-matic-patch and apply it in the
	  patch-o-matic directory
	- download newnat5.tgz and apply the patch manually
	  against the kernel
	- download any other patches and overwrite/replace the old
	  versions in the patch-o-matic directory
	- run runme :-), etc.

b. new p-o-m with suites:

	- download the following files into the patch-o-matic
	  directory
		convert
		converted-patch-o-matic-patch
		newnat5.tgz
		any other patches
	- run './convert', which creates the new structure,
	  untar the downloaded files, etc.
	- run './runme' then './runme newnat' :-)

Because of the fairly large number of files, I think this time better to
give an URL to download from than to attach all of them. So all the
mentioned patches and scripts can be downloaded from
http://www.kfki.hu/~kadlec/sw/netfilter/newnat-suite/
convert
converted-patch-o-matic-patch
newnat5.tgz
h323-conntrack-nat.tgz
irc-conntrack-nat.tgz
talk-conntrack-nat.tgz
iplimit.tgz
patch-o-matic-patch