1 files changed, 0 insertions, 309 deletions
diff --git a/target/linux/generic-2.4/patches/621-netfilter_random.patch b/target/linux/generic-2.4/patches/621-netfilter_random.patch
deleted file mode 100644
index fbc648b1bc..0000000000
--- a/target/linux/generic-2.4/patches/621-netfilter_random.patch
+++ /dev/null
@@ -1,309 +0,0 @@
---- a/Documentation/Configure.help
-+++ b/Documentation/Configure.help
-@@ -2914,6 +2914,15 @@ CONFIG_IP_NF_MATCH_MAC
-   If you want to compile it as a module, say M here and read
-   <file:Documentation/modules.txt>.  If unsure, say `N'.
- 
-+Random match support
-+CONFIG_IP_NF_MATCH_RANDOM
-+  This option adds a `random' match,
-+  which allow you to match packets randomly
-+  following a given probability.
-+ 
-+  If you want to compile it as a module, say M here and read
-+  Documentation/modules.txt.  If unsure, say `N'.
-+
- Netfilter MARK match support
- CONFIG_IP_NF_MATCH_MARK
-   Netfilter mark matching allows you to match packets based on the
-@@ -3229,6 +3238,7 @@ CONFIG_IP_NF_MATCH_HELPER
-   If you want to compile it as a module, say M here and read
-   Documentation/modules.txt.  If unsure, say `Y'.
- 
-+
- TCPMSS match support
- CONFIG_IP_NF_MATCH_TCPMSS
-   This option adds a `tcpmss' match, which allows you to examine the
-@@ -3318,6 +3328,14 @@ CONFIG_IP6_NF_MATCH_MAC
-   If you want to compile it as a module, say M here and read
-   <file:Documentation/modules.txt>.  If unsure, say `N'.
- 
-+CONFIG_IP6_NF_MATCH_RANDOM
-+  This option adds a `random' match,
-+  which allow you to match packets randomly
-+  following a given probability.
-+ 
-+  If you want to compile it as a module, say M here and read
-+  Documentation/modules.txt.  If unsure, say `N'.
-+
- length match support
- CONFIG_IP6_NF_MATCH_LENGTH
-   This option allows you to match the length of a packet against a
---- /dev/null
-+++ b/include/linux/netfilter_ipv4/ipt_random.h
-@@ -0,0 +1,11 @@
-+#ifndef _IPT_RAND_H
-+#define _IPT_RAND_H
-+
-+#include <linux/param.h>
-+#include <linux/types.h>
-+
-+struct ipt_rand_info {
-+	u_int8_t average;
-+};
-+
-+#endif /*_IPT_RAND_H*/
---- /dev/null
-+++ b/include/linux/netfilter_ipv6/ip6t_random.h
-@@ -0,0 +1,11 @@
-+#ifndef _IP6T_RAND_H
-+#define _IP6T_RAND_H
-+
-+#include <linux/param.h>
-+#include <linux/types.h>
-+
-+struct ip6t_rand_info {
-+	u_int8_t average;
-+};
-+
-+#endif /*_IP6T_RAND_H*/
---- a/net/ipv4/netfilter/Config.in
-+++ b/net/ipv4/netfilter/Config.in
-@@ -32,6 +32,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; 
-   dep_tristate '  netfilter MARK match support' CONFIG_IP_NF_MATCH_MARK $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  Multiple port match support' CONFIG_IP_NF_MATCH_MULTIPORT $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  TOS match support' CONFIG_IP_NF_MATCH_TOS $CONFIG_IP_NF_IPTABLES
-+  dep_tristate '  random match support' CONFIG_IP_NF_MATCH_RANDOM $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  condition match support' CONFIG_IP_NF_MATCH_CONDITION $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  recent match support' CONFIG_IP_NF_MATCH_RECENT $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  ECN match support' CONFIG_IP_NF_MATCH_ECN $CONFIG_IP_NF_IPTABLES
---- /dev/null
-+++ b/net/ipv4/netfilter/ipt_random.c
-@@ -0,0 +1,96 @@
-+/*
-+  This is a module which is used for a "random" match support.
-+  This file is distributed under the terms of the GNU General Public
-+  License (GPL). Copies of the GPL can be obtained from:
-+     ftp://prep.ai.mit.edu/pub/gnu/GPL
-+
-+  2001-10-14 Fabrice MARIE <fabrice@netfilter.org> : initial implementation.
-+*/
-+
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/ip.h>
-+#include <linux/random.h>
-+#include <net/tcp.h>
-+#include <linux/spinlock.h>
-+#include <linux/netfilter_ipv4/ip_tables.h>
-+#include <linux/netfilter_ipv4/ipt_random.h>
-+
-+MODULE_LICENSE("GPL");
-+
-+static int
-+ipt_rand_match(const struct sk_buff *pskb,
-+	       const struct net_device *in,
-+	       const struct net_device *out,
-+	       const void *matchinfo,
-+	       int offset,
-+	       const void *hdr,
-+	       u_int16_t datalen,
-+	       int *hotdrop)
-+{
-+	/* Parameters from userspace */
-+	const struct ipt_rand_info *info = matchinfo;
-+	u_int8_t random_number;
-+
-+	/* get 1 random number from the kernel random number generation routine */
-+	get_random_bytes((void *)(&random_number), 1);
-+
-+	/* Do we match ? */
-+	if (random_number <= info->average)
-+		return 1;
-+	else
-+		return 0;
-+}
-+
-+static int
-+ipt_rand_checkentry(const char *tablename,
-+		   const struct ipt_ip *e,
-+		   void *matchinfo,
-+		   unsigned int matchsize,
-+		   unsigned int hook_mask)
-+{
-+	/* Parameters from userspace */
-+	const struct ipt_rand_info *info = matchinfo;
-+
-+	if (matchsize != IPT_ALIGN(sizeof(struct ipt_rand_info))) {
-+		printk("ipt_random: matchsize %u != %u\n", matchsize,
-+		       IPT_ALIGN(sizeof(struct ipt_rand_info)));
-+		return 0;
-+	}
-+
-+	/* must be  1 <= average % <= 99 */
-+	/* 1  x 2.55 = 2   */
-+	/* 99 x 2.55 = 252 */
-+	if ((info->average < 2) || (info->average > 252)) {
-+		printk("ipt_random:  invalid average %u\n", info->average);
-+		return 0;
-+	}
-+
-+	return 1;
-+}
-+
-+static struct ipt_match ipt_rand_reg = { 
-+	{NULL, NULL},
-+	"random",
-+	ipt_rand_match,
-+	ipt_rand_checkentry,
-+	NULL,
-+	THIS_MODULE };
-+
-+static int __init init(void)
-+{
-+	if (ipt_register_match(&ipt_rand_reg))
-+		return -EINVAL;
-+
-+	printk("ipt_random match loaded\n");
-+	return 0;
-+}
-+
-+static void __exit fini(void)
-+{
-+	ipt_unregister_match(&ipt_rand_reg);
-+	printk("ipt_random match unloaded\n");
-+}
-+
-+module_init(init);
-+module_exit(fini);
---- a/net/ipv4/netfilter/Makefile
-+++ b/net/ipv4/netfilter/Makefile
-@@ -93,6 +93,8 @@ obj-$(CONFIG_IP_NF_MATCH_OWNER) += ipt_o
- obj-$(CONFIG_IP_NF_MATCH_TOS) += ipt_tos.o
- obj-$(CONFIG_IP_NF_MATCH_CONDITION) += ipt_condition.o
- 
-+obj-$(CONFIG_IP_NF_MATCH_RANDOM) += ipt_random.o
-+
- obj-$(CONFIG_IP_NF_MATCH_RECENT) += ipt_recent.o
- 
- obj-$(CONFIG_IP_NF_MATCH_ECN) += ipt_ecn.o
---- a/net/ipv6/netfilter/Config.in
-+++ b/net/ipv6/netfilter/Config.in
-@@ -19,6 +19,7 @@ if [ "$CONFIG_IP6_NF_IPTABLES" != "n" ];
-   dep_tristate '  limit match support' CONFIG_IP6_NF_MATCH_LIMIT $CONFIG_IP6_NF_IPTABLES
-   dep_tristate '  condition match support' CONFIG_IP6_NF_MATCH_CONDITION $CONFIG_IP6_NF_IPTABLES
-   dep_tristate '  MAC address match support' CONFIG_IP6_NF_MATCH_MAC $CONFIG_IP6_NF_IPTABLES
-+  dep_tristate '  Random match support' CONFIG_IP6_NF_MATCH_RANDOM $CONFIG_IP6_NF_IPTABLES
-   if [ "$CONFIG_EXPERIMENTAL" = "y" ]; then
-     dep_tristate '  Routing header match support (EXPERIMENTAL)' CONFIG_IP6_NF_MATCH_RT $CONFIG_IP6_NF_IPTABLES
-   fi
---- /dev/null
-+++ b/net/ipv6/netfilter/ip6t_random.c
-@@ -0,0 +1,97 @@
-+/*
-+  This is a module which is used for a "random" match support.
-+  This file is distributed under the terms of the GNU General Public
-+  License (GPL). Copies of the GPL can be obtained from:
-+     ftp://prep.ai.mit.edu/pub/gnu/GPL
-+
-+  2001-10-14 Fabrice MARIE <fabrice@netfilter.org> : initial implementation.
-+  2003-04-30 Maciej Soltysiak <solt@dns.toxicfilms.tv> : IPv6 Port
-+*/
-+
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/ip.h>
-+#include <linux/random.h>
-+#include <net/tcp.h>
-+#include <linux/spinlock.h>
-+#include <linux/netfilter_ipv6/ip6_tables.h>
-+#include <linux/netfilter_ipv6/ip6t_random.h>
-+
-+MODULE_LICENSE("GPL");
-+
-+static int
-+ip6t_rand_match(const struct sk_buff *pskb,
-+	       const struct net_device *in,
-+	       const struct net_device *out,
-+	       const void *matchinfo,
-+	       int offset,
-+	       const void *hdr,
-+	       u_int16_t datalen,
-+	       int *hotdrop)
-+{
-+	/* Parameters from userspace */
-+	const struct ip6t_rand_info *info = matchinfo;
-+	u_int8_t random_number;
-+
-+	/* get 1 random number from the kernel random number generation routine */
-+	get_random_bytes((void *)(&random_number), 1);
-+
-+	/* Do we match ? */
-+	if (random_number <= info->average)
-+		return 1;
-+	else
-+		return 0;
-+}
-+
-+static int
-+ip6t_rand_checkentry(const char *tablename,
-+		   const struct ip6t_ip6 *e,
-+		   void *matchinfo,
-+		   unsigned int matchsize,
-+		   unsigned int hook_mask)
-+{
-+	/* Parameters from userspace */
-+	const struct ip6t_rand_info *info = matchinfo;
-+
-+	if (matchsize != IP6T_ALIGN(sizeof(struct ip6t_rand_info))) {
-+		printk("ip6t_random: matchsize %u != %u\n", matchsize,
-+		       IP6T_ALIGN(sizeof(struct ip6t_rand_info)));
-+		return 0;
-+	}
-+
-+	/* must be  1 <= average % <= 99 */
-+	/* 1  x 2.55 = 2   */
-+	/* 99 x 2.55 = 252 */
-+	if ((info->average < 2) || (info->average > 252)) {
-+		printk("ip6t_random:  invalid average %u\n", info->average);
-+		return 0;
-+	}
-+
-+	return 1;
-+}
-+
-+static struct ip6t_match ip6t_rand_reg = { 
-+	{NULL, NULL},
-+	"random",
-+	ip6t_rand_match,
-+	ip6t_rand_checkentry,
-+	NULL,
-+	THIS_MODULE };
-+
-+static int __init init(void)
-+{
-+	if (ip6t_register_match(&ip6t_rand_reg))
-+		return -EINVAL;
-+
-+	printk("ip6t_random match loaded\n");
-+	return 0;
-+}
-+
-+static void __exit fini(void)
-+{
-+	ip6t_unregister_match(&ip6t_rand_reg);
-+	printk("ip6t_random match unloaded\n");
-+}
-+
-+module_init(init);
-+module_exit(fini);
---- a/net/ipv6/netfilter/Makefile
-+++ b/net/ipv6/netfilter/Makefile
-@@ -32,6 +32,7 @@ obj-$(CONFIG_IP6_NF_TARGET_MARK) += ip6t
- obj-$(CONFIG_IP6_NF_TARGET_IMQ) += ip6t_IMQ.o
- obj-$(CONFIG_IP6_NF_QUEUE) += ip6_queue.o
- obj-$(CONFIG_IP6_NF_TARGET_LOG) += ip6t_LOG.o
-+obj-$(CONFIG_IP6_NF_MATCH_RANDOM) += ip6t_random.o
- obj-$(CONFIG_IP6_NF_MATCH_HL) += ip6t_hl.o
- 
- include $(TOPDIR)/Rules.make