summaryrefslogtreecommitdiff
path: root/repo/iptables
diff options
context:
space:
mode:
authordavidovski <david@davidovski.xyz>2023-02-02 14:10:02 +0000
committerdavidovski <david@davidovski.xyz>2023-02-02 14:10:02 +0000
commitf29d569cd33a73da5ad675f43a34ad53c5cc9bc6 (patch)
tree76fe6267f8307e7630fc6f53ff99a9767ad40de0 /repo/iptables
parent05d004dfe0c9a9d898fac8a4a0292ca2a74ca391 (diff)
Work
Diffstat (limited to 'repo/iptables')
-rw-r--r--repo/iptables/fix-u_int16_t.patch163
-rw-r--r--repo/iptables/fix-xtables.patch10
-rw-r--r--repo/iptables/iptables.xibuild3
3 files changed, 176 insertions, 0 deletions
diff --git a/repo/iptables/fix-u_int16_t.patch b/repo/iptables/fix-u_int16_t.patch
new file mode 100644
index 0000000..37b3950
--- /dev/null
+++ b/repo/iptables/fix-u_int16_t.patch
@@ -0,0 +1,163 @@
+From f319389525b066b7dc6d389c88f16a0df3b8f189 Mon Sep 17 00:00:00 2001
+From: Nick Hainke <vincent@systemli.org>
+Date: Mon, 16 May 2022 18:16:41 +0200
+Subject: treewide: use uint* instead of u_int*
+
+Gcc complains about missing types. Some commits introduced u_int* instead
+of uint*. Use uint treewide.
+
+Fixes errors in the form of:
+In file included from xtables-legacy-multi.c:5:
+xshared.h:83:56: error: unknown type name 'u_int16_t'; did you mean 'uint16_t'?
+ 83 | set_option(unsigned int *options, unsigned int option, u_int16_t *invflg,
+ | ^~~~~~~~~
+ | uint16_t
+make[6]: *** [Makefile:712: xtables_legacy_multi-xtables-legacy-multi.o] Error 1
+
+Avoid libipq API breakage by adjusting libipq.h include accordingly. For
+arpt_mangle.h kernel uAPI header, apply same change as in kernel commit
+e91ded8db5747 ("uapi: netfilter_arp: use __u8 instead of u_int8_t").
+
+Signed-off-by: Nick Hainke <vincent@systemli.org>
+Signed-off-by: Phil Sutter <phil@nwl.cc>
+---
+ extensions/libxt_conntrack.c | 2 +-
+ include/libipq/libipq.h | 8 ++++----
+ include/libiptc/libxtc.h | 2 +-
+ include/linux/netfilter_arp/arpt_mangle.h | 2 +-
+ iptables/xshared.c | 2 +-
+ iptables/xshared.h | 2 +-
+ libipq/ipq_create_handle.3 | 2 +-
+ libipq/ipq_set_mode.3 | 2 +-
+ 8 files changed, 11 insertions(+), 11 deletions(-)
+
+diff --git a/extensions/libxt_conntrack.c b/extensions/libxt_conntrack.c
+index 64018ce1..234085c5 100644
+--- a/extensions/libxt_conntrack.c
++++ b/extensions/libxt_conntrack.c
+@@ -778,7 +778,7 @@ matchinfo_print(const void *ip, const struct xt_entry_match *match, int numeric,
+
+ static void
+ conntrack_dump_ports(const char *prefix, const char *opt,
+- u_int16_t port_low, u_int16_t port_high)
++ uint16_t port_low, uint16_t port_high)
+ {
+ if (port_high == 0 || port_low == port_high)
+ printf(" %s%s %u", prefix, opt, port_low);
+diff --git a/include/libipq/libipq.h b/include/libipq/libipq.h
+index 3cd13292..dd0cb205 100644
+--- a/include/libipq/libipq.h
++++ b/include/libipq/libipq.h
+@@ -24,7 +24,7 @@
+ #include <errno.h>
+ #include <unistd.h>
+ #include <fcntl.h>
+-#include <sys/types.h>
++#include <stdint.h>
+ #include <sys/socket.h>
+ #include <sys/uio.h>
+ #include <asm/types.h>
+@@ -48,19 +48,19 @@ typedef unsigned long ipq_id_t;
+ struct ipq_handle
+ {
+ int fd;
+- u_int8_t blocking;
++ uint8_t blocking;
+ struct sockaddr_nl local;
+ struct sockaddr_nl peer;
+ };
+
+-struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol);
++struct ipq_handle *ipq_create_handle(uint32_t flags, uint32_t protocol);
+
+ int ipq_destroy_handle(struct ipq_handle *h);
+
+ ssize_t ipq_read(const struct ipq_handle *h,
+ unsigned char *buf, size_t len, int timeout);
+
+-int ipq_set_mode(const struct ipq_handle *h, u_int8_t mode, size_t len);
++int ipq_set_mode(const struct ipq_handle *h, uint8_t mode, size_t len);
+
+ ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf);
+
+diff --git a/include/libiptc/libxtc.h b/include/libiptc/libxtc.h
+index 37010188..a1d16ef9 100644
+--- a/include/libiptc/libxtc.h
++++ b/include/libiptc/libxtc.h
+@@ -10,7 +10,7 @@ extern "C" {
+ #endif
+
+ #ifndef XT_MIN_ALIGN
+-/* xt_entry has pointers and u_int64_t's in it, so if you align to
++/* xt_entry has pointers and uint64_t's in it, so if you align to
+ it, you'll also align to any crazy matches and targets someone
+ might write */
+ #define XT_MIN_ALIGN (__alignof__(struct xt_entry))
+diff --git a/include/linux/netfilter_arp/arpt_mangle.h b/include/linux/netfilter_arp/arpt_mangle.h
+index 250f5029..8c2b16a1 100644
+--- a/include/linux/netfilter_arp/arpt_mangle.h
++++ b/include/linux/netfilter_arp/arpt_mangle.h
+@@ -13,7 +13,7 @@ struct arpt_mangle
+ union {
+ struct in_addr tgt_ip;
+ } u_t;
+- u_int8_t flags;
++ __u8 flags;
+ int target;
+ };
+
+diff --git a/iptables/xshared.c b/iptables/xshared.c
+index a8512d38..9b5e5b5b 100644
+--- a/iptables/xshared.c
++++ b/iptables/xshared.c
+@@ -1025,7 +1025,7 @@ static const int inverse_for_options[NUMBER_OF_OPT] =
+ };
+
+ void
+-set_option(unsigned int *options, unsigned int option, u_int16_t *invflg,
++set_option(unsigned int *options, unsigned int option, uint16_t *invflg,
+ bool invert)
+ {
+ if (*options & option)
+diff --git a/iptables/xshared.h b/iptables/xshared.h
+index 14568bb0..f8212988 100644
+--- a/iptables/xshared.h
++++ b/iptables/xshared.h
+@@ -80,7 +80,7 @@ struct xtables_target;
+ #define IPT_INV_ARPHRD 0x0800
+
+ void
+-set_option(unsigned int *options, unsigned int option, u_int16_t *invflg,
++set_option(unsigned int *options, unsigned int option, uint16_t *invflg,
+ bool invert);
+
+ /**
+diff --git a/libipq/ipq_create_handle.3 b/libipq/ipq_create_handle.3
+index 11ef95c4..ebe46daa 100644
+--- a/libipq/ipq_create_handle.3
++++ b/libipq/ipq_create_handle.3
+@@ -24,7 +24,7 @@ ipq_create_handle, ipq_destroy_handle \(em create and destroy libipq handles.
+ .br
+ .B #include <libipq.h>
+ .sp
+-.BI "struct ipq_handle *ipq_create_handle(u_int32_t " flags ", u_int32_t " protocol ");"
++.BI "struct ipq_handle *ipq_create_handle(uint32_t " flags ", uint32_t " protocol ");"
+ .br
+ .BI "int ipq_destroy_handle(struct ipq_handle *" h );
+ .SH DESCRIPTION
+diff --git a/libipq/ipq_set_mode.3 b/libipq/ipq_set_mode.3
+index 0edd3c00..e206886c 100644
+--- a/libipq/ipq_set_mode.3
++++ b/libipq/ipq_set_mode.3
+@@ -24,7 +24,7 @@ ipq_set_mode \(em set the ip_queue queuing mode
+ .br
+ .B #include <libipq.h>
+ .sp
+-.BI "int ipq_set_mode(const struct ipq_handle *" h ", u_int8_t " mode ", size_t " range );
++.BI "int ipq_set_mode(const struct ipq_handle *" h ", uint8_t " mode ", size_t " range );
+ .SH DESCRIPTION
+ The
+ .B ipq_set_mode
+--
+cgit v1.2.3
+
diff --git a/repo/iptables/fix-xtables.patch b/repo/iptables/fix-xtables.patch
new file mode 100644
index 0000000..657c821
--- /dev/null
+++ b/repo/iptables/fix-xtables.patch
@@ -0,0 +1,10 @@
+--- a/libxtables/xtables.c 2022-05-13 13:26:26.000000000 +0000
++++ b/libxtables/xtables.c 2022-05-17 08:56:52.670556393 +0000
+@@ -45,7 +45,6 @@
+
+ #include <xtables.h>
+ #include <limits.h> /* INT_MAX in ip_tables.h/ip6_tables.h */
+-#include <linux/if_ether.h> /* ETH_ALEN */
+ #include <linux/netfilter_ipv4/ip_tables.h>
+ #include <linux/netfilter_ipv6/ip6_tables.h>
+ #include <libiptc/libxtc.h>
diff --git a/repo/iptables/iptables.xibuild b/repo/iptables/iptables.xibuild
index 0758c95..324a446 100644
--- a/repo/iptables/iptables.xibuild
+++ b/repo/iptables/iptables.xibuild
@@ -11,6 +11,8 @@ SOURCE="https://www.netfilter.org/projects/iptables/files/iptables-$PKG_VER.tar.
ADDITIONAL="
ebtables.confd
ebtables.initd
+fix-u_int16_t.patch
+fix-xtables.patch
ip6tables.confd
iptables.confd
iptables.initd
@@ -57,3 +59,4 @@ package() {
install -D -m755 "$BUILD_ROOT"/ebtables.initd "$PKG_DEST"/etc/init.d/ebtables
install -D -m644 "$BUILD_ROOT"/ebtables.confd "$PKG_DEST"/etc/conf.d/ebtables
}
+