From c29ba0d55d6a51a7105e65df5ac7ecf7247ce149 Mon Sep 17 00:00:00 2001 From: "Ycarus (Yannick Chabanois)" Date: Mon, 30 Sep 2024 09:07:58 +0200 Subject: [PATCH] Update xtables-addons --- xtables-addons/Makefile | 24 +-- .../patches/200-add-lua-packetscript.patch | 60 ++++--- .../patches/201-fix-lua-packetscript.patch | 157 ++---------------- .../patches/210-freebsd-build-fix.patch | 11 -- .../patches/300-fix-path-Makefile.extra.patch | 11 ++ .../301-fix-build-with-linux-6.11.patch | 15 ++ .../patches/900-remove-checksumh.patch | 33 ---- 7 files changed, 78 insertions(+), 233 deletions(-) delete mode 100644 xtables-addons/patches/210-freebsd-build-fix.patch create mode 100644 xtables-addons/patches/300-fix-path-Makefile.extra.patch create mode 100644 xtables-addons/patches/301-fix-build-with-linux-6.11.patch delete mode 100644 xtables-addons/patches/900-remove-checksumh.patch diff --git a/xtables-addons/Makefile b/xtables-addons/Makefile index 57cfef3a6..5c248634a 100644 --- a/xtables-addons/Makefile +++ b/xtables-addons/Makefile @@ -7,9 +7,9 @@ include $(TOPDIR)/rules.mk include $(INCLUDE_DIR)/kernel.mk PKG_NAME:=xtables-addons -PKG_VERSION:=3.24 +PKG_VERSION:=3.26 PKG_RELEASE:=1 -PKG_HASH:=3e823f71720519ced31c4c7d2bfaf7120d9c01c59a0843dfcbe93c95c64d81c1 +PKG_HASH:=0b52df2117bacf2e32d1d3f98d09dbf88b274390733d3955699b108acaf9f2a6 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=https://inai.de/files/xtables-addons/ @@ -41,15 +41,6 @@ CONFIGURE_ARGS+= \ --with-kbuild="$(LINUX_DIR)" \ --with-xtlibdir="/usr/lib/iptables" -ifdef CONFIG_EXTERNAL_TOOLCHAIN -MAKE_FLAGS:= \ - $(patsubst ARCH=%,ARCH=$(LINUX_KARCH),$(MAKE_FLAGS)) \ - DEPMOD="/bin/true" - -MAKE_INSTALL_FLAGS:= \ - $(patsubst ARCH=%,ARCH=$(LINUX_KARCH),$(MAKE_FLAGS)) \ - DEPMOD="/bin/true" -else define Build/Compile +$(MAKE) $(PKG_JOBS) -C $(PKG_BUILD_DIR) \ $(KERNEL_MAKE_FLAGS) \ @@ -65,7 +56,6 @@ define Build/Install DEPMOD="/bin/true" \ install endef -endif # 1: extension/module suffix used in package name # 2: extension/module display name used in package title/description @@ -80,7 +70,7 @@ define BuildTemplate $$(call Package/xtables-addons) CATEGORY:=Network TITLE:=$(2) iptables extension - DEPENDS:=iptables $(if $(4),+kmod-ipt-$(1)) @!LINUX_6_10 @!LINUX_6_11 + DEPENDS:=iptables $(if $(4),+kmod-ipt-$(1)) endef define Package/iptables-mod-$(1)/install @@ -99,7 +89,7 @@ define BuildTemplate define KernelPackage/ipt-$(1) SUBMENU:=Netfilter Extensions TITLE:=$(2) netfilter module - DEPENDS:=+kmod-ipt-core $(5) @!LINUX_6_10 @!LINUX_6_11 + DEPENDS:=+kmod-ipt-core $(5) FILES:=$(foreach mod,$(4),$(PKG_BUILD_DIR)/extensions/$(mod).$(LINUX_KMOD_SUFFIX)) AUTOLOAD:=$(call AutoProbe,$(notdir $(4))) endef @@ -114,7 +104,7 @@ define Package/iptaccount $(call Package/xtables-addons) CATEGORY:=Network TITLE:=iptables-mod-account control utility - DEPENDS:=iptables +iptables-mod-account @!LINUX_6_10 @!LINUX_6_11 + DEPENDS:=iptables +iptables-mod-account endef define Package/iptaccount/install @@ -136,7 +126,7 @@ define Package/iptasn DEPENDS:=iptables +iptables-mod-asn \ +perl +perlbase-getopt +perlbase-io +perl-text-csv_xs \ +perl-net-cidr-lite \ - +wget-ssl +!BUSYBOX_CONFIG_ZCAT:gzip @!LINUX_6_10 @!LINUX_6_11 + +wget-ssl +!BUSYBOX_CONFIG_ZCAT:gzip endef define Package/iptasn/config @@ -172,7 +162,7 @@ define Package/iptgeoip DEPENDS:=iptables +iptables-mod-geoip \ +perl +perlbase-getopt +perlbase-io +perl-text-csv_xs \ +perl-net-cidr-lite \ - +wget-ssl +!BUSYBOX_CONFIG_ZCAT:gzip @!LINUX_6_10 @!LINUX_6_11 + +wget-ssl +!BUSYBOX_CONFIG_ZCAT:gzip endef define Package/iptgeoip/config diff --git a/xtables-addons/patches/200-add-lua-packetscript.patch b/xtables-addons/patches/200-add-lua-packetscript.patch index 2a97f54d7..c49014e49 100644 --- a/xtables-addons/patches/200-add-lua-packetscript.patch +++ b/xtables-addons/patches/200-add-lua-packetscript.patch @@ -1038,7 +1038,7 @@ +#endif /* CONTROLLER_H_ */ --- /dev/null +++ b/extensions/LUA/Kbuild -@@ -0,0 +1,49 @@ +@@ -0,0 +1,51 @@ +# -*- Makefile -*- + +# Adding debug options @@ -1063,6 +1063,8 @@ + prot_buf_dynamic.o \ + + ++# Enable ++EXTRA_CFLAGS += -isystem $(shell $(CC) -print-file-name=include) +# Adding Lua Support +EXTRA_CFLAGS += -I$(src)/lua -I$(src)/lua/include +xt_LUA-y += lua/lapi.o \ @@ -1361,16 +1363,13 @@ +#include --- /dev/null +++ b/extensions/LUA/lua/lapi.c -@@ -0,0 +1,1086 @@ +@@ -0,0 +1,1083 @@ +/* +** $Id: lapi.c,v 2.55.1.5 2008/07/04 18:41:18 roberto Exp $ +** Lua API +** See Copyright Notice in lua.h +*/ + -+#include -+#include -+#include +#include + +#define lapi_c @@ -7825,7 +7824,7 @@ +} --- /dev/null +++ b/extensions/LUA/lua/llex.h -@@ -0,0 +1,81 @@ +@@ -0,0 +1,83 @@ +/* +** $Id: llex.h,v 1.58.1.1 2007/12/27 13:02:25 roberto Exp $ +** Lexical Analyzer @@ -7838,6 +7837,8 @@ +#include "lobject.h" +#include "lzio.h" + ++/* prevent conflict with definition from asm/current.h */ ++#undef current + +#define FIRST_RESERVED 257 + @@ -7909,7 +7910,7 @@ +#endif --- /dev/null +++ b/extensions/LUA/lua/llimits.h -@@ -0,0 +1,125 @@ +@@ -0,0 +1,124 @@ +/* +** $Id: llimits.h,v 1.69.1.1 2007/12/27 13:02:25 roberto Exp $ +** Limits, basic types, and some other `installation-dependent' definitions @@ -7920,7 +7921,6 @@ +#define llimits_h + +#include -+#include + +#include "lua.h" + @@ -12003,7 +12003,7 @@ +} --- /dev/null +++ b/extensions/LUA/lua/ltable.c -@@ -0,0 +1,588 @@ +@@ -0,0 +1,587 @@ +/* +** $Id: ltable.c,v 2.32.1.2 2007/12/28 15:32:23 roberto Exp $ +** Lua tables (hash) @@ -12024,7 +12024,6 @@ +** Hence even when the load factor reaches 100%, performance remains good. +*/ + -+#include +#include + +#define ltable_c @@ -13062,7 +13061,7 @@ +#endif --- /dev/null +++ b/extensions/LUA/lua/luaconf.h -@@ -0,0 +1,797 @@ +@@ -0,0 +1,803 @@ +/* +** $Id: luaconf.h,v 1.82.1.7 2008/02/11 16:25:08 roberto Exp $ +** Configuration file for Lua @@ -13078,8 +13077,12 @@ +#if !defined(__KERNEL__) +#include +#else ++#include ++ ++#undef UCHAR_MAX ++#undef BUFSIZ ++#undef NO_FPU +#define UCHAR_MAX 255 -+#define SHRT_MAX 32767 +#define BUFSIZ 8192 +#define NO_FPU +#endif @@ -13702,6 +13705,8 @@ +*/ +#if defined(__KERNEL__) +#undef LUA_USE_ULONGJMP ++#define setjmp __builtin_setjmp ++#define longjmp __builtin_longjmp +#endif + +#if defined(__cplusplus) @@ -15649,7 +15654,7 @@ +RANLIB = ranlib +SED = /bin/sed +SET_MAKE = -+SHELL = /bin/bash ++SHELL = /bin/sh +STRIP = strip +VERSION = 1.21 +abs_builddir = /home/andre/Dropbox/xtables-addons/extensions/LUA @@ -17221,7 +17226,7 @@ + --- /dev/null +++ b/extensions/LUA/prot_buf_ip.c -@@ -0,0 +1,209 @@ +@@ -0,0 +1,210 @@ +/* + * Copyright (C) 2010 University of Basel + * by Andre Graf @@ -17241,6 +17246,7 @@ + */ + +#if defined(__KERNEL__) ++ #include + #include + #include +#endif @@ -17479,7 +17485,7 @@ +} --- /dev/null +++ b/extensions/LUA/prot_buf_tcp.c -@@ -0,0 +1,188 @@ +@@ -0,0 +1,189 @@ +/* + * Copyright (C) 2010 University of Basel + * by Andre Graf @@ -17499,6 +17505,7 @@ + */ + +#if defined(__KERNEL__) ++ #include + #include + #include +#endif @@ -17760,7 +17767,7 @@ +} --- /dev/null +++ b/extensions/LUA/prot_buf_udp.c -@@ -0,0 +1,53 @@ +@@ -0,0 +1,54 @@ +/* + * Copyright (C) 2010 University of Basel + * by Andre Graf @@ -17780,6 +17787,7 @@ + */ + +#if defined(__KERNEL__) ++ #include + #include +#endif + @@ -17877,7 +17885,7 @@ +#include +#include +#include -+#include ++#include +#include +#include +#include "xt_LUA.h" @@ -17922,10 +17930,10 @@ + * XT_CONTINUE inside the *register_lua_packet_lib* function. + */ + -+spinlock_t lock = SPIN_LOCK_UNLOCKED; ++DEFINE_SPINLOCK(lock); + +static uint32_t -+lua_tg(struct sk_buff *pskb, const struct xt_target_param *par) ++lua_tg(struct sk_buff *pskb, const struct xt_action_param *par) +{ + uint32_t verdict; + lua_packet_segment *p; @@ -17937,7 +17945,7 @@ + + L = lua_envs[info->state_id]->L; + -+ if (!skb_make_writable(pskb, pskb->len)) ++ if (skb_ensure_writable(pskb, pskb->len)) + return NF_DROP; + + /* call the function provided by --function parameter or the default 'process_packet' defined in Lua */ @@ -17946,11 +17954,11 @@ + /* push the lua_packet_segment as a parameter */ + p = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment)); + if (pskb->mac_header) -+ p->start = pskb->mac_header; ++ p->start = skb_mac_header(pskb); + else if (pskb->network_header) -+ p->start = pskb->network_header; ++ p->start = skb_network_header(pskb); + else if (pskb->transport_header) -+ p->start = pskb->transport_header; ++ p->start = skb_transport_header(pskb); + p->offset = 0; + p->length = (unsigned long)pskb->tail - (unsigned long)p->start; + p->changes = NULL; @@ -18066,16 +18074,16 @@ + * some workqueue initialization. So far this is done each time this function + * is called, subject to change. + */ -+static bool ++static int +lua_tg_checkentry(const struct xt_tgchk_param *par) +{ + const struct xt_lua_tginfo *info = par->targinfo; + + if (load_script_into_state(info->state_id, info->script_size, (char *)info->buf)) { + lua_state_refs[info->state_id]++; -+ return true; ++ return 0; + } -+ return false; ++ return -EINVAL; +} + +/*::* diff --git a/xtables-addons/patches/201-fix-lua-packetscript.patch b/xtables-addons/patches/201-fix-lua-packetscript.patch index 64130121c..fad2693fa 100644 --- a/xtables-addons/patches/201-fix-lua-packetscript.patch +++ b/xtables-addons/patches/201-fix-lua-packetscript.patch @@ -1,147 +1,12 @@ ---- a/extensions/LUA/Kbuild -+++ b/extensions/LUA/Kbuild -@@ -22,6 +22,8 @@ xt_LUA-y += nf_lua.o \ - prot_buf_dynamic.o \ - - -+# Enable -+EXTRA_CFLAGS += -isystem $(shell $(CC) -print-file-name=include) - # Adding Lua Support - EXTRA_CFLAGS += -I$(src)/lua -I$(src)/lua/include - xt_LUA-y += lua/lapi.o \ ---- a/extensions/LUA/xt_LUA_target.c -+++ b/extensions/LUA/xt_LUA_target.c -@@ -19,7 +19,7 @@ - #include - #include - #include --#include -+#include - #include - #include - #include "xt_LUA.h" -@@ -64,10 +64,10 @@ uint32_t lua_state_refs[LUA_STATE_ARRAY - * XT_CONTINUE inside the *register_lua_packet_lib* function. - */ - --spinlock_t lock = SPIN_LOCK_UNLOCKED; -+DEFINE_SPINLOCK(lock); - - static uint32_t --lua_tg(struct sk_buff *pskb, const struct xt_target_param *par) -+lua_tg(struct sk_buff *pskb, const struct xt_action_param *par) - { - uint32_t verdict; - lua_packet_segment *p; -@@ -79,7 +79,7 @@ lua_tg(struct sk_buff *pskb, const struc - - L = lua_envs[info->state_id]->L; - -- if (!skb_make_writable(pskb, pskb->len)) -+ if (skb_ensure_writable(pskb, pskb->len)) - return NF_DROP; - - /* call the function provided by --function parameter or the default 'process_packet' defined in Lua */ -@@ -88,11 +88,11 @@ lua_tg(struct sk_buff *pskb, const struc - /* push the lua_packet_segment as a parameter */ - p = (lua_packet_segment *)lua_newuserdata(L, sizeof(lua_packet_segment)); - if (pskb->mac_header) -- p->start = pskb->mac_header; -+ p->start = skb_mac_header(pskb); - else if (pskb->network_header) -- p->start = pskb->network_header; -+ p->start = skb_network_header(pskb); - else if (pskb->transport_header) -- p->start = pskb->transport_header; -+ p->start = skb_transport_header(pskb); - p->offset = 0; - p->length = (unsigned long)pskb->tail - (unsigned long)p->start; - p->changes = NULL; -@@ -208,16 +208,16 @@ static bool load_script_into_state(uint3 - * some workqueue initialization. So far this is done each time this function - * is called, subject to change. - */ --static bool -+static int - lua_tg_checkentry(const struct xt_tgchk_param *par) - { - const struct xt_lua_tginfo *info = par->targinfo; - - if (load_script_into_state(info->state_id, info->script_size, (char *)info->buf)) { - lua_state_refs[info->state_id]++; -- return true; -+ return 0; - } -- return false; -+ return -EINVAL; - } - - /*::* ---- a/extensions/LUA/lua/llimits.h -+++ b/extensions/LUA/lua/llimits.h -@@ -8,7 +8,6 @@ - #define llimits_h - - #include --#include - - #include "lua.h" - ---- a/extensions/LUA/lua/lapi.c -+++ b/extensions/LUA/lua/lapi.c -@@ -4,9 +4,6 @@ - ** See Copyright Notice in lua.h - */ - --#include --#include --#include - #include - - #define lapi_c ---- a/extensions/LUA/lua/ltable.c -+++ b/extensions/LUA/lua/ltable.c -@@ -18,7 +18,6 @@ - ** Hence even when the load factor reaches 100%, performance remains good. - */ - --#include - #include - - #define ltable_c ---- a/extensions/LUA/lua/luaconf.h -+++ b/extensions/LUA/lua/luaconf.h -@@ -13,8 +13,12 @@ - #if !defined(__KERNEL__) - #include - #else -+#include -+ -+#undef UCHAR_MAX -+#undef BUFSIZ -+#undef NO_FPU - #define UCHAR_MAX 255 --#define SHRT_MAX 32767 - #define BUFSIZ 8192 - #define NO_FPU - #endif -@@ -637,6 +641,8 @@ union luai_Cast { double l_d; long l_l; - */ - #if defined(__KERNEL__) - #undef LUA_USE_ULONGJMP -+#define setjmp __builtin_setjmp -+#define longjmp __builtin_longjmp - #endif - - #if defined(__cplusplus) ---- a/extensions/LUA/lua/llex.h -+++ b/extensions/LUA/lua/llex.h -@@ -10,6 +10,8 @@ - #include "lobject.h" - #include "lzio.h" - -+/* prevent conflict with definition from asm/current.h */ -+#undef current - - #define FIRST_RESERVED 257 +--- a/extensions/LUA/controller.h 2024-09-26 16:49:17.099012595 +0200 ++++ b/extensions/LUA/controller.h 2024-09-26 16:49:39.098706793 +0200 +@@ -244,6 +244,9 @@ + int get_string_generic(lua_State *L); + int get_byte_generic_str(lua_State *L); + struct field_changes * get_allocated_field_changes(lua_State *L, int nr_of_fields); ++int32_t get_header_size(struct protocol_buf * prot_buf); ++struct field_changes * tftp_get_field_changes(lua_State *L, lua_packet_segment * seg); ++void free_dynamic_prot_buf(struct protocol_buf * prot_buf); + /* only used by the dynamic prot buf subsystem */ + #define MAX_NR_OF_DYN_PROT_BUFS 16 diff --git a/xtables-addons/patches/210-freebsd-build-fix.patch b/xtables-addons/patches/210-freebsd-build-fix.patch deleted file mode 100644 index 4f05d60eb..000000000 --- a/xtables-addons/patches/210-freebsd-build-fix.patch +++ /dev/null @@ -1,11 +0,0 @@ ---- a/extensions/LUA/Makefile -+++ b/extensions/LUA/Makefile -@@ -110,7 +110,7 @@ PKG_CONFIG = /usr/bin/pkg-config - RANLIB = ranlib - SED = /bin/sed - SET_MAKE = --SHELL = /bin/bash -+SHELL = /bin/sh - STRIP = strip - VERSION = 1.21 - abs_builddir = /home/andre/Dropbox/xtables-addons/extensions/LUA diff --git a/xtables-addons/patches/300-fix-path-Makefile.extra.patch b/xtables-addons/patches/300-fix-path-Makefile.extra.patch new file mode 100644 index 000000000..34791746c --- /dev/null +++ b/xtables-addons/patches/300-fix-path-Makefile.extra.patch @@ -0,0 +1,11 @@ +--- a/extensions/ACCOUNT/Makefile.am ++++ b/extensions/ACCOUNT/Makefile.am +@@ -3,7 +3,7 @@ + AM_CPPFLAGS = ${regular_CPPFLAGS} -I${abs_top_srcdir}/extensions + AM_CFLAGS = ${regular_CFLAGS} ${libxtables_CFLAGS} + +-include ${top_srcdir}/Makefile.extra ++include ../../Makefile.extra + + sbin_PROGRAMS = iptaccount + iptaccount_LDADD = libxt_ACCOUNT_cl.la diff --git a/xtables-addons/patches/301-fix-build-with-linux-6.11.patch b/xtables-addons/patches/301-fix-build-with-linux-6.11.patch new file mode 100644 index 000000000..15ebf12a4 --- /dev/null +++ b/xtables-addons/patches/301-fix-build-with-linux-6.11.patch @@ -0,0 +1,15 @@ +--- a/extensions/rtsp/nf_conntrack_rtsp.c ++++ b/extensions/rtsp/nf_conntrack_rtsp.c +@@ -735,8 +735,12 @@ init(void) + } + + #if LINUX_VERSION_CODE >= KERNEL_VERSION(3,6,0) ++#if LINUX_VERSION_CODE < KERNEL_VERSION(6, 11, 0) + strlcpy(hlpr->name, tmpname, sizeof(hlpr->name)); + #else ++ strscpy(hlpr->name, tmpname, sizeof(hlpr->name)); ++#endif ++#else + hlpr->name = tmpname; + #endif + pr_debug("port #%d: %d\n", i, ports[i]); diff --git a/xtables-addons/patches/900-remove-checksumh.patch b/xtables-addons/patches/900-remove-checksumh.patch deleted file mode 100644 index 4af1688f5..000000000 --- a/xtables-addons/patches/900-remove-checksumh.patch +++ /dev/null @@ -1,33 +0,0 @@ ---- a/extensions/LUA/prot_buf_ip.c 2023-10-20 16:55:00.658340536 +0200 -+++ b/extensions/LUA/prot_buf_ip.c 2023-10-20 16:55:11.030165998 +0200 -@@ -17,7 +17,6 @@ - */ - - #if defined(__KERNEL__) -- #include - #include - #endif - ---- a/extensions/LUA/prot_buf_tcp.c 2023-10-20 17:05:44.507457150 +0200 -+++ v/extensions/LUA/prot_buf_tcp.c 2023-10-20 17:06:08.907041173 +0200 -@@ -17,7 +17,6 @@ - */ - - #if defined(__KERNEL__) -- #include - #include - #endif - #include "controller.h" ---- a/extensions/LUA/prot_buf_udp.c 2023-10-20 17:05:54.411288304 +0200 -+++ b/extensions/LUA/prot_buf_udp.c 2023-10-20 17:06:15.758924360 +0200 -@@ -16,10 +16,9 @@ - * along with this program; if not, see . - */ - - #if defined(__KERNEL__) -- #include - #endif - - #include "controller.h" - -