diff -urN patch-o-matic.orig/NEWPATCHES patch-o-matic/NEWPATCHES --- patch-o-matic.orig/NEWPATCHES Wed Apr 18 07:09:09 2001 +++ patch-o-matic/NEWPATCHES Tue Jul 10 11:54:05 2001 @@ -41,6 +41,19 @@ You can have more than one of these files, to make multiple entries in different places, by calling successive ones foo.patch.makefile*. +5) If you want to edit ip{6}_conntrack.h in include/linux/netfilter_ipv{4|6}, + eliminate that from the patch above, and create a file called + `foo.patch.ip{6}_conntrack.h'. The format of this file is as follows: + + EXACT LINE TO MATCH + + + There are already well defined "entry points" in these header files. + + You can have more than one of these files, to make multiple entries + in different places, by calling successive ones + foo.patch.ip{6}_conntrack.h*. + Finally, if you want to have a libipt_foo built, add it to the Makefile. If you only want it built when the patch is applied, add a test for your extension in the iptables userspace distribution, called diff -urN patch-o-matic.orig/runme patch-o-matic/runme --- patch-o-matic.orig/runme Mon Apr 30 23:56:30 2001 +++ patch-o-matic/runme Tue Jul 10 11:48:33 2001 @@ -133,6 +133,32 @@ return 0 } +# Args: ip{6}_conntrack.h "patch" file, netfilter_ipv{4|6} include dir, +# ip{6}_conntrack.h filename. +apply_conntrack_h_change() +{ + PRIOR="`head -1 $1`" + END="`tail +2 $1 | head -1`" + LINE=`fgrep -x -n "$PRIOR" $2/$3 | cut -d: -f1` + if [ -z "$LINE" ] || [ "$LINE" -eq 0 ] + then + echo Could not find place to slot in $3 entry >&2 + return 1 + fi + + rm -f $2/${3}.tmp + if (head -$LINE $2/$3 && tail +2 $1 && tail +`expr $LINE + 1` $2/$3) > $2/${3}.tmp + then + mv $2/${3}.tmp $2/$3 + else + echo Could not slot in $3 entry >&2 + rm -f $2/${3}.tmp + return 1 + fi + echo " Placed new $3 entry $1" + return 0 +} + # Don't like to use GLOBIGNORE stuff; can't use shopt (bash v1). expand_no_backups() { @@ -183,6 +209,29 @@ return $ret } +apply_conntrack_h_changes() +{ + ret=0 + case $2 in + *ipv4) + conntrack_h=ip_conntrack.h + ;; + *ipv6) + conntrack_h=ip6_conntrack.h + ;; + *) + return $ret + ;; + esac + + for x in `expand_no_backups "$1.${conntrack_h}*"` + do + apply_conntrack_h_change $x $2 $conntrack_h || ret=1 + done + + return $ret +} + # I'm paranoid. Test patch first. # Args: patch filename, protocol. test_patch() @@ -202,7 +251,8 @@ if apply_config_in_changes $1 $KTMPDIR/net/$2/netfilter && apply_config_help_changes $1 $KTMPDIR/Documentation && - apply_makefile_changes $1 $KTMPDIR/net/$2/netfilter + apply_makefile_changes $1 $KTMPDIR/net/$2/netfilter && + apply_conntrack_h_changes $1 $KTMPDIR/include/linux/netfilter_$2 then : else rm -rf $KTMPDIR @@ -254,6 +304,7 @@ apply_config_in_changes $1 $KERNEL_DIR/net/$2/netfilter/ apply_config_help_changes $1 $KERNEL_DIR/Documentation/ apply_makefile_changes $1 $KERNEL_DIR/net/$2/netfilter/ + apply_conntrack_h_changes $1 $KERNEL_DIR/include/linux/netfilter_$2 } APPLIED=""