“The Reason For Holding Off 1.4.0”
Converts the iptables build infrastructure to autotools.
Many important changes. Should read INSTALL as a start.
- iptables-static will be a multi binary. I doubt you want split
binaries on embedded anyway (diskspace constraints).
- A new binary, iptables-mtss is built (semi-static, with glibc but
without plugins).
I do not think iptables-static makes any sense (neither now nor
before this move to autotools), because ld rightly tells me that
building with -static will cause loading of glibc parts /anyway/
because of getserv*() in xt_dccp and so on.
- Can build both (full, semi-)static and dynamic at the same time
- not so happy with .*-test yet, but I really wanted to get rid of
the fixed module list in extensions/Makefile because it's just a
.rej PITA.
- any reason not to always build ipv6 unconditionally?
- I think we should move all manuals to libxt_*.man or perhaps
even *.man, would reduce Makefile LOC.
Signed-off-by: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Patch instructions:
delete Makefile
delete extensions/Makefile
delete libiptc/Makefile
create autogen.sh with mode 0755
rename libipt_dscp_helper.c to dscp_helper.c (delete hunks before applying)
---
INSTALL | 46 ++++----
Makefile.am | 106 ++++++++++++++++++++
autogen.sh | 4
configure.ac | 51 +++++++++
extensions/.condition-test | 5
extensions/.condition-test6 | 5
extensions/.set-test | 4
extensions/GNUmakefile.in | 207 ++++++++++++++++++++++++++++++++++++++++
extensions/dscp_helper.c | 81 +++++++++++++++
extensions/libipt_dscp_helper.c | 81 ---------------
extensions/libxt_DSCP.c | 2
extensions/libxt_dscp.c | 2
include/xtables.h | 13 +-
13 files changed, 491 insertions(+), 116 deletions(-)
Index: iptables/INSTALL
===================================================================
--- iptables.orig/INSTALL
+++ iptables/INSTALL
@@ -5,15 +5,21 @@ FOLLOW THESE STEPS:
in a seperate package, called patch-o-matic. It is available from
ftp://ftp.netfilter.org/pub/patch-o-matic/
-1) Next, make the package.
- % make KERNEL_DIR=<<where-you-built-your-kernel>>
+1) Next, make the package. If you use a standard distribution kernel,
+ just run ./configure.
-2) Finally, you need to to install the shared libraries, and the binary:
- # make install KERNEL_DIR=<<where-you-built-your-kernel>>
+ If you want to build against an own kernel tree:
-If you are a developer, you can install the headers, development libraries
-and associated development man pages, with:
- # make install-devel
+ $ ./configure --with-kernel=/home/jengelh/mykernel
+
+ or whereever you put it. If you are using a dedicated kernel build
+ directory, you use:
+
+ $ ./configure --with-kbuild=<<where-built>> --with-ksource=<<source>>
+
+2) Finally, you need to install the binaries and shared libraries:
+
+ # make install
That's it!
================================================================
@@ -21,27 +27,23 @@ PROBLEMS YOU MAY ENCOUNTER:
1) This package requires a 2.4.4 kernel, or above.
-2) If you get the kernel directory wrong, you may see a message like:
- Please try `make KERNEL_DIR=path-to-correct-kernel'
+2) If you get the kernel directory wrong, you may get compile failures.
3) If you want to specify alternate directories for installation
(instead of /usr/local/ bin lib man), do this:
- % make BINDIR=/usr/bin LIBDIR=/usr/lib MANDIR=/usr/man
- # make BINDIR=/usr/bin LIBDIR=/usr/lib MANDIR=/usr/man install
+ $ ./configure --prefix=/usr
+ $ make
+ # make install
-4) If you want to build a statically linked version of the iptables binary,
+4) The make process will automatically build a multipurpose binary under the
+ names iptables-multi and ip6tables-multi.
+
+5) If you want to build a statically linked version of the iptables binary,
without the need for loading the plugins at runtime (e.g. for an embedded
device or router-on-a-disk), please use
- % make NO_SHARED_LIBS=1
-
-5) If you want to build a single BusyBox style multipurpose binary instead of
- the individual iptables, iptables-save and iptables-restore binaries, then
- please use
-
- % make DO_MULTI=1
+ $ ./configure --enable-static
-NOTE: make sure you build with at least the correct LIBDIR=
-specification, otherwise iptables(8) won't know where to find the
-dynamic objects.
+ which will build both a semi-static multi binary (iptables-mtss, uses
+ libc but not plugins) and a fully static multi binary (iptables-static).
Index: iptables/Makefile.am
===================================================================
--- /dev/null
+++ iptables/Makefile.am
@@ -0,0 +1,106 @@
+# -*- Makefile -*-
+
+AUTOMAKE_OPTIONS = foreign subdir-objects
+AM_CFLAGS = ${regular_CFLAGS} -I${top_srcdir}/include
+SUBDIRS = extensions
+
+if DO_IPV6
+libip6tc_SOURCES = libiptc/libip6tc.c
+endif
+libiptc_libiptc_a_SOURCES = libiptc/libip4tc.c ${libip6tc_SOURCES}
+
+# iptables, dynamic
+iptables_SOURCES = iptables-standalone.c iptables.c xtables.c
+iptables_LDFLAGS = -rdynamic
+iptables_LDADD = -ldl libiptc/libiptc.a extensions/libext4.a
+
+iptables_multi_SOURCES = iptables-multi.c iptables-save.c \
+ iptables-restore.c iptables-xml.c \
+ iptables-standalone.c iptables.c xtables.c
+iptables_multi_CFLAGS = ${AM_CFLAGS} -DIPTABLES_MULTI
+iptables_multi_LDFLAGS = ${iptables_LDFLAGS}
+iptables_multi_LDADD = ${iptables_LDADD}
+
+iptables_restore_SOURCES = iptables-restore.c iptables.c xtables.c
+iptables_restore_LDFLAGS = ${iptables_LDFLAGS}
+iptables_restore_LDADD = ${iptables_LDADD}
+
+iptables_save_SOURCES = iptables-save.c iptables.c xtables.c
+iptables_save_LDFLAGS = ${iptables_LDFLAGS}
+iptables_save_LDADD = ${iptables_LDADD}
+
+# iptables-multi, semi-static
+iptables_mtss_SOURCES = ${iptables_multi_SOURCES}
+iptables_mtss_CFLAGS = ${iptables_multi_CFLAGS} -DNO_SHARED_LIBS=1
+iptables_mtss_LDADD = libiptc/libiptc.a extensions/libext4.a
+
+# iptables-multi, fully static
+iptables_static_SOURCES = ${iptables_mtss_SOURCES}
+iptables_static_CFLAGS = ${iptables_mtss_CFLAGS}
+iptables_static_LDFLAGS = -Xcompiler -static
+iptables_static_LDADD = libiptc/libiptc.a extensions/libext4.a
+
+iptables_xml_SOURCES = iptables-xml.c
+
+# ip6tables, dynamic
+ip6tables_SOURCES = ip6tables-standalone.c ip6tables.c xtables.c
+ip6tables_LDFLAGS = -rdynamic
+ip6tables_LDADD = -ldl libiptc/libiptc.a extensions/libext6.a
+
+ip6tables_multi_SOURCES = ip6tables-multi.c ip6tables-save.c \
+ ip6tables-restore.c ip6tables-standalone.c \
+ ip6tables.c xtables.c
+ip6tables_multi_CFLAGS = ${AM_CFLAGS} -DIPTABLES_MULTI
+ip6tables_multi_LDFLAGS = ${ip6tables_LDFLAGS}
+ip6tables_multi_LDADD = ${ip6tables_LDADD}
+
+ip6tables_restore_SOURCES = ip6tables-restore.c ip6tables.c xtables.c
+ip6tables_restore_LDFLAGS = ${ip6tables_LDFLAGS}
+ip6tables_restore_LDADD = ${ip6tables_LDADD}
+
+ip6tables_save_SOURCES = ip6tables-save.c ip6tables.c xtables.c
+ip6tables_save_LDFLAGS = ${ip6tables_LDFLAGS}
+ip6tables_save_LDADD = ${ip6tables_LDADD}
+
+# iptables-multi, semi-static
+ip6tables_mtss_SOURCES = ${ip6tables_multi_SOURCES}
+ip6tables_mtss_CFLAGS = ${ip6tables_multi_CFLAGS} -DNO_SHARED_LIBS=1
+ip6tables_mtss_LDADD = libiptc/libiptc.a extensions/libext6.a
+
+# iptables-multi, fully static
+ip6tables_static_SOURCES = ${iptables_mtss_SOURCES}
+ip6tables_static_CFLAGS = ${iptables_mtss_CFLAGS}
+ip6tables_static_LDFLAGS = -Xcompiler -static
+ip6tables_static_LDADD = libiptc/libiptc.a extensions/libext4.a
+
+noinst_LIBRARIES := libiptc/libiptc.a
+bin_PROGRAMS := iptables-xml
+sbin_PROGRAMS :=
+noinst_PROGRAMS :=
+man_MANS := iptables.8 iptables-restore.8 iptables-save.8 iptables-xml.8
+
+if ENABLE_STATIC
+noinst_PROGRAMS += iptables-mtss iptables-static
+endif
+if ENABLE_SHARED
+sbin_PROGRAMS += iptables iptables-multi iptables-restore iptables-save
+endif
+
+if DO_IPV6
+man_MANS += ip6tables.8 ip6tables-restore.8 ip6tables-save.8
+if ENABLE_STATIC
+noinst_PROGRAMS += ip6tables-mtss ip6tables-static
+endif
+if ENABLE_SHARED
+sbin_PROGRAMS += ip6tables ip6tables-multi ip6tables-restore ip6tables-save
+endif
+endif
+
+iptables.8: ${srcdir}/iptables.8.in extensions/matches4.man extensions/targets4.man
+ ${AM_VERBOSE_GEN} sed -e '/@MATCH@/ r extensions/matches4.man' -e '/@TARGET@/ r extensions/targets4.man' $< >$@;
+
+ip6tables.8: ${srcdir}/ip6tables.8.in extensions/matches6.man extensions/targets6.man
+ ${AM_VERBOSE_GEN} sed -e '/@MATCH@/ r extensions/matches6.man' -e '/@TARGET@/ r extensions/targets6.man' $< >$@;
+
+extensions/%:
+ ${MAKE} ${AM_MAKEFLAGS} -C $(@D) $(@F)
Index: iptables/autogen.sh
===================================================================
--- /dev/null
+++ iptables/autogen.sh
@@ -0,0 +1,4 @@
+#!/bin/bash
+
+autoreconf -fi;
+rm -Rf autom4te*.cache;
Index: iptables/configure.ac
===================================================================
--- /dev/null
+++ iptables/configure.ac
@@ -0,0 +1,51 @@
+
+AC_INIT(iptables, 1.4.0rc1)
+AC_CONFIG_HEADERS(config.h)
+AC_PROG_INSTALL
+AM_INIT_AUTOMAKE
+AC_PROG_CC
+AM_PROG_CC_C_O
+AC_DISABLE_STATIC
+AC_PROG_LIBTOOL
+
+AC_ARG_WITH([kernel],
+ AS_HELP_STRING([--with-kernel=PATH],
+ [Path to kernel source/build directory]),
+ [kbuilddir="$withval"; ksourcedir="$withval";])
+AC_ARG_WITH([kbuild],
+ AS_HELP_STRING([--with-kbuild=PATH],
+ [Path to kernel build directory [[/lib/modules/CURRENT/build]]]),
+ [kbuilddir="$withval"],
+ [kbuilddir="/lib/modules/$(uname -r)/build"])
+AC_ARG_WITH([ksource],
+ AS_HELP_STRING([--with-ksource=PATH],
+ [Path to kernel source directory [[/lib/modules/CURRENT/source]]]),
+ [ksourcedir="$withval"],
+ [ksourcedir="/lib/modules/$(uname -r)/source"])
+AC_ARG_WITH([iptdir],
+ AS_HELP_STRING([--with-iptdir=PATH],
+ [Path to iptables modules [[LIBEXECDIR/iptables]]]),
+ [iptdir="$withval"],
+ [iptdir="${libexecdir}/iptables"])
+
+AC_CHECK_HEADER([netinet/ip6.h], [do_ipv6=yes], [do_ipv6=no])
+AM_CONDITIONAL([DO_IPV6], [test "$do_ipv6" == "yes"])
+AM_CONDITIONAL([ENABLE_STATIC], [test "$enable_static" == "yes"])
+AM_CONDITIONAL([ENABLE_SHARED], [test "$enable_shared" == "yes"])
+
+regular_CFLAGS="-D_LARGEFILE_SOURCE=1 -D_LARGE_FILES -D_FILE_OFFSET_BITS=64 \
+ -D_REENTRANT -Wall -Waggregate-return -Wmissing-declarations \
+ -Wmissing-prototypes -Wredundant-decls -Wshadow -Wstrict-prototypes \
+ -Winline -pipe -DIPTABLES_VERSION=\\\"$PACKAGE_VERSION\\\" \
+ -I\"$kbuilddir/include\" -I\"$ksourcedir/include\""
+
+# Remove workarounds soon
+regular_CFLAGS="$regular_CFLAGS -Wno-aggregate-return \
+ -Wno-missing-declarations -Wno-missing-prototypes \
+ -Wno-redundant-decls -Wno-shadow -Wno-strict-prototypes -Wno-inline"
+
+AC_SUBST([regular_CFLAGS])
+AC_SUBST([kbuilddir])
+AC_SUBST([ksourcedir])
+AC_SUBST([iptdir])
+AC_OUTPUT([Makefile extensions/GNUmakefile])
Index: iptables/extensions/.condition-test
===================================================================
--- iptables.orig/extensions/.condition-test
+++ iptables/extensions/.condition-test
@@ -1,3 +1,4 @@
#!/bin/sh
-# True if condition is applied.
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ipt_condition.h ] && echo condition
+[ "$1" == "provides" -o \
+-f "$KERNEL_DIR/include/linux/netfilter_ipv4/ipt_condition.h" ] && \
+echo "condition";
Index: iptables/extensions/.condition-test6
===================================================================
--- iptables.orig/extensions/.condition-test6
+++ iptables/extensions/.condition-test6
@@ -1,3 +1,4 @@
#!/bin/sh
-# True if condition6 is applied.
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv6/ip6t_condition.h ] && echo condition
+[ "$1" == "provides" -o \
+-f "$KERNEL_DIR/include/linux/netfilter_ipv6/ip6t_condition.h" ] && \
+echo "condition";
Index: iptables/extensions/.set-test
===================================================================
--- iptables.orig/extensions/.set-test
+++ iptables/extensions/.set-test
@@ -1,2 +1,4 @@
#! /bin/sh
-[ -f $KERNEL_DIR/include/linux/netfilter_ipv4/ip_set.h ] && echo set SET
+[ "$1" == "provides" -o \
+-f "$KERNEL_DIR/include/linux/netfilter_ipv4/ip_set.h" ] && \
+echo "set SET";
Index: iptables/extensions/GNUmakefile.in
===================================================================
--- /dev/null
+++ iptables/extensions/GNUmakefile.in
@@ -0,0 +1,207 @@
+# -*- Makefile -*-
+
+top_srcdir := @top_srcdir@
+srcdir := @srcdir@
+ksourcedir := @ksourcedir@
+prefix := @prefix@
+exec_prefix := @exec_prefix@
+libdir := @libdir@
+libexecdir := @libexecdir@
+iptdir := @iptdir@
+
+CC := @CC@
+CCLD := ${CC}
+CFLAGS := @CFLAGS@
+LDFLAGS := @LDFLAGS@
+regular_CFLAGS := @regular_CFLAGS@
+
+AM_CFLAGS := ${regular_CFLAGS} -I${top_srcdir}/include
+AM_DEPFLAGS = -Wp,-MMD,$(@D)/.$(@F).d,-MT,$@
+
+ifeq (${V},)
+AM_LIBTOOL_SILENT = --silent
+AM_VERBOSE_CC = @echo " CC " $@;
+AM_VERBOSE_CCLD = @echo " CCLD " $@;
+AM_VERBOSE_CXX = @echo " CXX " $@;
+AM_VERBOSE_CXXLD = @echo " CXXLD " $@;
+AM_VERBOSE_AR = @echo " AR " $@;
+AM_VERBOSE_GEN = @echo " GEN " $@;
+endif
+
+#
+# Wildcard module list
+#
+pfx_all_mod := $(patsubst ${srcdir}/libxt_%.c,%,$(wildcard ${srcdir}/libxt_*.c))
+pf4_all_mod := $(patsubst ${srcdir}/libipt_%.c,%,$(wildcard ${srcdir}/libipt_*.c))
+pf6_all_mod := $(patsubst ${srcdir}/libip6t_%.c,%,$(wildcard ${srcdir}/libip6t_*.c))
+
+#
+# Conditional module list
+#
+pfx_cond_mod := $(foreach i,$(wildcard ${srcdir}/.*-testx),$(shell KERNEL_DIR=${ksourcedir} ${i} provides))
+pf4_cond_mod := $(foreach i,$(wildcard ${srcdir}/.*-test),$(shell KERNEL_DIR=${ksourcedir} ${i} provides))
+pf6_cond_mod := $(foreach i,$(wildcard ${srcdir}/.*-test6),$(shell KERNEL_DIR=${ksourcedir} ${i} provides))
+
+#
+# Conditional modules to build
+#
+pfx_bc_mod := $(foreach i,$(wildcard ${srcdir}/.*-testx),$(shell KERNEL_DIR=${ksourcedir} ${i}))
+pf4_bc_mod := $(foreach i,$(wildcard ${srcdir}/.*-test),$(shell KERNEL_DIR=${ksourcedir} ${i}))
+pf6_bc_mod := $(foreach i,$(wildcard ${srcdir}/.*-test6),$(shell KERNEL_DIR=${ksourcedir} ${i}))
+
+#
+# Total list of modules to build
+#
+pfx_build_mod := $(filter-out ${pfx_cond_mod},${pfx_all_mod}) ${pfx_bc_mod}
+pf4_build_mod := $(filter-out ${pf4_cond_mod},${pf4_all_mod}) ${pf4_bc_mod}
+pf6_build_mod := $(filter-out ${pf6_cond_mod},${pf6_all_mod}) ${pf6_bc_mod}
+pfx_objs := $(patsubst %,libxt_%.o,${pfx_build_mod})
+pf4_objs := $(patsubst %,libipt_%.o,${pf4_build_mod})
+pf6_objs := $(patsubst %,libip6t_%.o,${pf6_build_mod})
+pfx_solibs := $(patsubst %,libxt_%.so,${pfx_build_mod})
+pf4_solibs := $(patsubst %,libipt_%.so,${pf4_build_mod})
+pf6_solibs := $(patsubst %,libip6t_%.so,${pf6_build_mod})
+
+
+#
+# Building blocks
+#
+targets := libext4.a libext6.a matches4.man matches6.man \
+ targets4.man targets6.man
+targets_install :=
+@ENABLE_SHARED_TRUE@ targets += ${pfx_solibs} ${pf4_solibs}
+@ENABLE_SHARED_TRUE@ targets_install += ${pfx_solibs} ${pf4_solibs}
+@ENABLE_SHARED_TRUE@@DO_IPV6_TRUE@ targets += ${pf6_solibs}
+@ENABLE_SHARED_TRUE@@DO_IPV6_TRUE@ targets_install += ${pf6_solibs}
+
+@ENABLE_STATIC_TRUE@ libext4_objs := ${pfx_objs} ${pf4_objs}
+@ENABLE_STATIC_TRUE@@DO_IPV6_TRUE@ libext6_objs := ${pfx_objs} ${pf6_objs}
+
+.SECONDARY:
+
+.PHONY: all install clean distclean
+
+all: ${targets}
+
+install: ${targets_install}
+ @mkdir -p "${DESTDIR}${iptdir}";
+ install -pm0755 $^ "${DESTDIR}${iptdir}/";
+
+clean:
+ rm -f *.o *.oo *.so *.a *.man initext4.c initext6.c;
+
+distclean: clean
+ rm -f .*.d .*.dd;
+
+%.o: %.c
+ ${AM_VERBOSE_CC} ${CC} ${AM_DEPFLAGS} ${AM_CFLAGS} ${CFLAGS} -o $@ -c $<;
+
+-include .*.d
+
+
+#
+# Shared libraries
+#
+lib%.so: lib%.oo
+ ${AM_VERBOSE_CCLD} ${CCLD} ${AM_LDFLAGS} -shared ${LDFLAGS} -o $@ $<;
+
+lib%.oo: ${srcdir}/lib%.c
+ ${AM_VERBOSE_CC} ${CC} ${AM_DEPFLAGS} ${AM_CFLAGS} -D_INIT=$*_init -DPIC -fPIC ${CFLAGS} -o $@ -c $<;
+
+
+#
+# Static bits
+#
+# If static building is disabled, libext*.a will still be generated,
+# but will be empty. This is good since we can do with less case
+# handling code in the Makefiles.
+#
+lib%.o: ${srcdir}/lib%.c
+ ${AM_VERBOSE_CC} ${CC} ${AM_DEPFLAGS} ${AM_CFLAGS} -DNO_SHARED_LIBS=1 -D_INIT=$*_init ${CFLAGS} -o $@ -c $<;
+
+libext4.a: initext4.o ${libext4_objs}
+ ${AM_VERBOSE_AR} ${AR} crs $@ $^;
+
+libext6.a: initext6.o ${libext6_objs}
+ ${AM_VERBOSE_AR} ${AR} crs $@ $^;
+
+initext_func := $(addprefix xt_,${pfx_build_mod}) $(addprefix ipt_,${pf4_build_mod})
+initext6_func := $(addprefix xt_,${pfx_build_mod}) $(addprefix ip6t_,${pf6_build_mod})
+
+.initext4.dd:
+ @echo "${initext_func}" >$@.tmp; \
+ cmp -s $@ $@.tmp || mv $@.tmp $@; \
+ rm -f $@.tmp;
+
+.initext6.dd:
+ @echo "${initext6_func}" >$@.tmp; \
+ cmp -s $@ $@.tmp || mv $@.tmp $@; \
+ rm -f $@.tmp;
+
+initext4.c: .initext4.dd
+ ${AM_VERBOSE_GEN}
+ @( \
+ echo "" >$@; \
+ for i in ${initext_func}; do \
+ echo "extern void $${i}_init(void);" >>$@; \
+ done; \
+ echo -en "void init_extensions(void)\n""{\n" >>$@; \
+ for i in ${initext_func}; do \
+ echo -e "\t""$${i}_init();" >>$@; \
+ done; \
+ echo "}" >>$@; \
+ );
+
+initext6.c: .initext6.dd
+ ${AM_VERBOSE_GEN}
+ @( \
+ echo "" >$@; \
+ for i in ${initext6_func}; do \
+ echo "extern void $${i}_init(void);" >>$@; \
+ done; \
+ echo -en "void init_extensions(void)\n""{\n" >>$@; \
+ for i in ${initext6_func}; do \
+ echo -e "\t""$${i}_init();" >>$@; \
+ done; \
+ echo "}" >>$@; \
+ );
+
+#
+# Manual pages
+#
+ex_matches = $(sort $(shell echo $(1) | grep -Eo '\b[a-z0-9]+\b'))
+ex_targets = $(sort $(shell echo $(1) | grep -Eo '\b[A-Z0-9]+\b'))
+man_run = \
+ ${AM_VERBOSE_GEN} \
+ for ext in $(1); do \
+ f="${srcdir}/libxt_$$ext.man"; \
+ if [ -f "$$f" ]; then \
+ echo ".SS $$ext"; \
+ cat "$$f"; \
+ continue; \
+ fi; \
+ f="${srcdir}/libipt_$$ext.man"; \
+ if [ -f "$$f" ]; then \
+ echo ".SS $$ext"; \
+ cat "$$f"; \
+ continue; \
+ fi; \
+ f="${srcdir}/libip6t_$$ext.man"; \
+ if [ -f "$$f" ]; then \
+ echo ".SS $$ext"; \
+ cat "$$f"; \
+ continue; \
+ fi; \
+ done >$@;
+
+matches4.man: .initext4.dd
+ $(call man_run,$(call ex_matches,${pfx_build_mod} ${pf4_build_mod}))
+
+matches6.man: .initext6.dd
+ $(call man_run,$(call ex_matches,${pfx_build_mod} ${pf6_build_mod}))
+
+targets4.man: .initext4.dd
+ $(call man_run,$(call ex_targets,${pfx_build_mod} ${pf4_build_mod}))
+
+targets6.man: .initext6.dd
+ $(call man_run,$(call ex_targets,${pfx_build_mod} ${pf6_build_mod}))
Index: iptables/extensions/dscp_helper.c
===================================================================
--- /dev/null
+++ iptables/extensions/dscp_helper.c
@@ -0,0 +1,81 @@
+/*
+ * DiffServ classname <-> DiffServ codepoint mapping functions.
+ *
+ * The latest list of the mappings can be found at:
+ * <http://www.iana.org/assignments/dscp-registry>
+ *
+ * This code is released under the GNU GPL v2, 1991
+ *
+ * Author: Iain Barnes
+ */
+
+#include <stdio.h>
+#include <string.h>
+#include <xtables.h>
+
+
+static const struct ds_class
+{
+ const char *name;
+ unsigned int dscp;
+} ds_classes[] =
+{
+ { "CS0", 0x00 },
+ { "CS1", 0x08 },
+ { "CS2", 0x10 },
+ { "CS3", 0x18 },
+ { "CS4", 0x20 },
+ { "CS5", 0x28 },
+ { "CS6", 0x30 },
+ { "CS7", 0x38 },
+ { "BE", 0x00 },
+ { "AF11", 0x0a },
+ { "AF12", 0x0c },
+ { "AF13", 0x0e },
+ { "AF21", 0x12 },
+ { "AF22", 0x14 },
+ { "AF23", 0x16 },
+ { "AF31", 0x1a },
+ { "AF32", 0x1c },
+ { "AF33", 0x1e },
+ { "AF41", 0x22 },
+ { "AF42", 0x24 },
+ { "AF43", 0x26 },
+ { "EF", 0x2e }
+};
+
+
+
+static unsigned int
+class_to_dscp(const char *name)
+{
+ int i;
+
+ for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
+ if (!strncasecmp(name, ds_classes[i].name,
+ strlen(ds_classes[i].name)))
+ return ds_classes[i].dscp;
+ }
+
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid DSCP value `%s'\n", name);
+}
+
+
+#if 0
+static const char *
+dscp_to_name(unsigned int dscp)
+{
+ int i;
+
+ for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
+ if (dscp == ds_classes[i].dscp)
+ return ds_classes[i].name;
+ }
+
+
+ exit_error(PARAMETER_PROBLEM,
+ "Invalid DSCP value `%d'\n", dscp);
+}
+#endif
+
Index: iptables/extensions/libipt_dscp_helper.c
===================================================================
--- iptables.orig/extensions/libipt_dscp_helper.c
+++ /dev/null
@@ -1,81 +0,0 @@
-/*
- * DiffServ classname <-> DiffServ codepoint mapping functions.
- *
- * The latest list of the mappings can be found at:
- * <http://www.iana.org/assignments/dscp-registry>
- *
- * This code is released under the GNU GPL v2, 1991
- *
- * Author: Iain Barnes
- */
-
-#include <stdio.h>
-#include <string.h>
-#include <xtables.h>
-
-
-static const struct ds_class
-{
- const char *name;
- unsigned int dscp;
-} ds_classes[] =
-{
- { "CS0", 0x00 },
- { "CS1", 0x08 },
- { "CS2", 0x10 },
- { "CS3", 0x18 },
- { "CS4", 0x20 },
- { "CS5", 0x28 },
- { "CS6", 0x30 },
- { "CS7", 0x38 },
- { "BE", 0x00 },
- { "AF11", 0x0a },
- { "AF12", 0x0c },
- { "AF13", 0x0e },
- { "AF21", 0x12 },
- { "AF22", 0x14 },
- { "AF23", 0x16 },
- { "AF31", 0x1a },
- { "AF32", 0x1c },
- { "AF33", 0x1e },
- { "AF41", 0x22 },
- { "AF42", 0x24 },
- { "AF43", 0x26 },
- { "EF", 0x2e }
-};
-
-
-
-static unsigned int
-class_to_dscp(const char *name)
-{
- int i;
-
- for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
- if (!strncasecmp(name, ds_classes[i].name,
- strlen(ds_classes[i].name)))
- return ds_classes[i].dscp;
- }
-
- exit_error(PARAMETER_PROBLEM,
- "Invalid DSCP value `%s'\n", name);
-}
-
-
-#if 0
-static const char *
-dscp_to_name(unsigned int dscp)
-{
- int i;
-
- for (i = 0; i < sizeof(ds_classes) / sizeof(struct ds_class); i++) {
- if (dscp == ds_classes[i].dscp)
- return ds_classes[i].name;
- }
-
-
- exit_error(PARAMETER_PROBLEM,
- "Invalid DSCP value `%d'\n", dscp);
-}
-#endif
-
Index: iptables/extensions/libxt_DSCP.c
===================================================================
--- iptables.orig/extensions/libxt_DSCP.c
+++ iptables/extensions/libxt_DSCP.c
@@ -19,7 +19,7 @@
#include <linux/netfilter/xt_DSCP.h>
/* This is evil, but it's my code - HW*/
-#include "libipt_dscp_helper.c"
+#include "dscp_helper.c"
static void DSCP_help(void)
{
Index: iptables/extensions/libxt_dscp.c
===================================================================
--- iptables.orig/extensions/libxt_dscp.c
+++ iptables/extensions/libxt_dscp.c
@@ -22,7 +22,7 @@
#include <linux/netfilter/xt_dscp.h>
/* This is evil, but it's my code - HW*/
-#include "libipt_dscp_helper.c"
+#include "dscp_helper.c"
static void dscp_help(void)
{
Index: iptables/include/xtables.h
===================================================================
--- iptables.orig/include/xtables.h
+++ iptables/include/xtables.h
@@ -225,13 +225,14 @@ void exit_error(enum exittype, const cha
format(printf,2,3)));
extern const char *program_name, *program_version;
-#define _init __attribute__((constructor)) my_init
#ifdef NO_SHARED_LIBS
-# ifdef _INIT
-# undef _init
-# define _init _INIT
-# endif
- extern void init_extensions(void);
+# ifdef _INIT
+# undef _init
+# define _init _INIT
+# endif
+ extern void init_extensions(void);
+#else
+# define _init __attribute__((constructor)) _INIT
#endif
#define __be32 u_int32_t
-
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
