On Wednesday 2009-01-28 15:58, Pablo Neira Ayuso wrote:
>This patch adds the PKTTYPE target which can be used to mangle the
>skbuff packet type field. This target is useful in conjunction with
>the arptables mcmangle target to TCP working again when a
>multicast hardware address is used. An example of its use:
>
>iptables -I PREROUTING ! -s 224.0.0.0/4 -t mangle \
> -j PKTTYPE --to-pkt-type unicast
Are not packets not destined for 224/4 - assuming standard route setups -
unicast anyway?
>@@ -489,6 +489,24 @@ config NETFILTER_XT_TARGET_TCPOPTSTRIP
> This option adds a "TCPOPTSTRIP" target, which allows you to strip
> TCP options from TCP packets.
>
>+config NETFILTER_XT_TARGET_PKTTYPE
Please adhere to alphabetical ordering. (Andrew Morton mentioned it
time and again that it causes the least merge conflicts where
conflicts would happen if multiple people always add to the last
item.) Also, searching for "PKTTYPE"/("cluster") in `make menuconfig`
in the otherwise-sorted Kconfig/Makefile list could provide confusing
if it was out-of-order.
>+ If you want to compile it as a module, say M here and read
>+ <file:Documentation/kbuild/modules.txt>. If unsure, say `N'.
A lovely paragraph, but I think it has lost its purpose given that
NETFILTER_ADVANCED can now be general-tagged "if unsure, pick N" and
the rest will be automagic.
>+++ b/net/netfilter/Makefile
>@@ -55,6 +55,7 @@ obj-$(CONFIG_NETFILTER_XT_TARGET_TPROXY) += xt_TPROXY.o
> obj-$(CONFIG_NETFILTER_XT_TARGET_TCPMSS) += xt_TCPMSS.o
> obj-$(CONFIG_NETFILTER_XT_TARGET_TCPOPTSTRIP) += xt_TCPOPTSTRIP.o
> obj-$(CONFIG_NETFILTER_XT_TARGET_TRACE) += xt_TRACE.o
>+obj-$(CONFIG_NETFILTER_XT_TARGET_PKTTYPE) += xt_PKTTYPE.o
>
>+static struct xt_target xt_pkttype_target[] __read_mostly = {
>+ {
>+ .family = AF_INET,
>+ .name = "PKTTYPE",
>+ .table = "mangle",
>+ .target = xt_pkttype_tg,
>+ .targetsize = sizeof(struct xt_pkttype_target_info),
>+ .me = THIS_MODULE,
>+ },
>+ {
>+ .family = AF_INET6,
>+ .name = "PKTTYPE",
>+ .table = "mangle",
>+ .target = xt_pkttype_tg,
>+ .targetsize = sizeof(struct xt_pkttype_target_info),
>+ .me = THIS_MODULE,
>+ },
>+};
Combine to NFPROTO_UNSPEC.
>+MODULE_AUTHOR("Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx>");
>+MODULE_LICENSE("GPL");
>+MODULE_DESCRIPTION("Xtables: xt_PKTTYPE target");
I propose
MODULE_DESCRIPTION("Xtables: set skbuff packet type");
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
