From bdb3ada9ccaf35075bd8405845893cd35e07c291 Mon Sep 17 00:00:00 2001
From: Felix Fietkau <nbd@openwrt.org>
Date: Sat, 26 Jun 2010 20:42:18 +0000
Subject: remove generic linux 2.4 support

git-svn-id: svn://svn.openwrt.org/openwrt/trunk@21948 3c298f89-4303-0410-b956-a3cf2f4a3e73
---
 .../patches/620-netfilter_iprange.patch            | 167 ---------------------
 1 file changed, 167 deletions(-)
 delete mode 100644 target/linux/generic-2.4/patches/620-netfilter_iprange.patch

(limited to 'target/linux/generic-2.4/patches/620-netfilter_iprange.patch')

diff --git a/target/linux/generic-2.4/patches/620-netfilter_iprange.patch b/target/linux/generic-2.4/patches/620-netfilter_iprange.patch
deleted file mode 100644
index 50241974c6..0000000000
--- a/target/linux/generic-2.4/patches/620-netfilter_iprange.patch
+++ /dev/null
@@ -1,167 +0,0 @@
---- a/Documentation/Configure.help
-+++ b/Documentation/Configure.help
-@@ -2986,6 +2986,14 @@ CONFIG_IP_NF_MATCH_TOS
-   If you want to compile it as a module, say M here and read
-   <file:Documentation/modules.txt>.  If unsure, say `N'.
- 
-+iprange match support
-+CONFIG_IP_NF_MATCH_IPRANGE
-+  This option makes possible to match IP addresses against
-+  IP address ranges.
-+
-+  If you want to compile it as a module, say M here and read
-+  <file:Documentation/modules.txt>.  If unsure, say `N'.
-+
- Condition variable match support
- CONFIG_IP_NF_MATCH_CONDITION
-   This option allows you to match firewall rules against condition
---- /dev/null
-+++ b/include/linux/netfilter_ipv4/ipt_iprange.h
-@@ -0,0 +1,23 @@
-+#ifndef _IPT_IPRANGE_H
-+#define _IPT_IPRANGE_H
-+
-+#define IPRANGE_SRC		0x01	/* Match source IP address */
-+#define IPRANGE_DST		0x02	/* Match destination IP address */
-+#define IPRANGE_SRC_INV		0x10	/* Negate the condition */
-+#define IPRANGE_DST_INV		0x20	/* Negate the condition */
-+
-+struct ipt_iprange {
-+	/* Inclusive: network order. */
-+	u_int32_t min_ip, max_ip;
-+};
-+
-+struct ipt_iprange_info
-+{
-+	struct ipt_iprange src;
-+	struct ipt_iprange dst;
-+
-+	/* Flags from above */
-+	u_int8_t flags;
-+};
-+
-+#endif /* _IPT_IPRANGE_H */
---- a/net/ipv4/netfilter/Config.in
-+++ b/net/ipv4/netfilter/Config.in
-@@ -25,6 +25,7 @@ tristate 'IP tables support (required fo
- if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; then
- # The simple matches.
-   dep_tristate '  limit match support' CONFIG_IP_NF_MATCH_LIMIT $CONFIG_IP_NF_IPTABLES
-+  dep_tristate '  IP range match support' CONFIG_IP_NF_MATCH_IPRANGE $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  quota match support' CONFIG_IP_NF_MATCH_QUOTA $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  MAC address match support' CONFIG_IP_NF_MATCH_MAC $CONFIG_IP_NF_IPTABLES
-   dep_tristate '  Packet type match support' CONFIG_IP_NF_MATCH_PKTTYPE $CONFIG_IP_NF_IPTABLES
---- /dev/null
-+++ b/net/ipv4/netfilter/ipt_iprange.c
-@@ -0,0 +1,101 @@
-+/*
-+ * iptables module to match IP address ranges
-+ *   (c) 2003 Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>
-+ *
-+ * Released under the terms of GNU GPLv2.
-+ *
-+ */
-+#include <linux/module.h>
-+#include <linux/skbuff.h>
-+#include <linux/ip.h>
-+#include <linux/netfilter_ipv4/ip_tables.h>
-+#include <linux/netfilter_ipv4/ipt_iprange.h>
-+
-+MODULE_LICENSE("GPL");
-+MODULE_AUTHOR("Jozsef Kadlecsik <kadlec@blackhole.kfki.hu>");
-+MODULE_DESCRIPTION("iptables arbitrary IP range match module");
-+
-+#if 0
-+#define DEBUGP printk
-+#else
-+#define DEBUGP(format, args...)
-+#endif
-+
-+static int
-+match(const struct sk_buff *skb,
-+      const struct net_device *in,
-+      const struct net_device *out,
-+      const void *matchinfo,
-+      int offset,
-+      const void *hdr,
-+      u_int16_t datalen,
-+      int *hotdrop)
-+{
-+	const struct ipt_iprange_info *info = matchinfo;
-+	const struct iphdr *iph = skb->nh.iph;
-+	
-+
-+	if (info->flags & IPRANGE_SRC) {
-+		if (((ntohl(iph->saddr) < ntohl(info->src.min_ip))
-+			  || (ntohl(iph->saddr) > ntohl(info->src.max_ip)))
-+			 ^ !!(info->flags & IPRANGE_SRC_INV)) {
-+			DEBUGP("src IP %u.%u.%u.%u NOT in range %s"
-+			       "%u.%u.%u.%u-%u.%u.%u.%u\n",
-+				NIPQUAD(iph->saddr),
-+			        info->flags & IPRANGE_SRC_INV ? "(INV) " : "",
-+				NIPQUAD(info->src.min_ip),
-+				NIPQUAD(info->src.max_ip));
-+			return 0;
-+		}
-+	}
-+	if (info->flags & IPRANGE_DST) {
-+		if (((ntohl(iph->daddr) < ntohl(info->dst.min_ip))
-+			  || (ntohl(iph->daddr) > ntohl(info->dst.max_ip)))
-+			 ^ !!(info->flags & IPRANGE_DST_INV)) {
-+			DEBUGP("dst IP %u.%u.%u.%u NOT in range %s"
-+			       "%u.%u.%u.%u-%u.%u.%u.%u\n",
-+				NIPQUAD(iph->daddr),
-+			        info->flags & IPRANGE_DST_INV ? "(INV) " : "",
-+				NIPQUAD(info->dst.min_ip),
-+				NIPQUAD(info->dst.max_ip));
-+			return 0;
-+		}
-+	}
-+	return 1;
-+}
-+
-+static int check(const char *tablename,
-+		 const struct ipt_ip *ip,
-+		 void *matchinfo,
-+		 unsigned int matchsize,
-+		 unsigned int hook_mask)
-+{
-+	/* verify size */
-+	if (matchsize != IPT_ALIGN(sizeof(struct ipt_iprange_info)))
-+		return 0;
-+
-+	return 1;
-+}
-+
-+static struct ipt_match iprange_match = 
-+{ 
-+	.list = { NULL, NULL }, 
-+	.name = "iprange", 
-+	.match = &match, 
-+	.checkentry = &check, 
-+	.destroy = NULL, 
-+	.me = THIS_MODULE
-+};
-+
-+static int __init init(void)
-+{
-+	return ipt_register_match(&iprange_match);
-+}
-+
-+static void __exit fini(void)
-+{
-+	ipt_unregister_match(&iprange_match);
-+}
-+
-+module_init(init);
-+module_exit(fini);
---- a/net/ipv4/netfilter/Makefile
-+++ b/net/ipv4/netfilter/Makefile
-@@ -81,6 +81,7 @@ obj-$(CONFIG_IP_NF_NAT) += iptable_nat.o
- # matches
- obj-$(CONFIG_IP_NF_MATCH_HELPER) += ipt_helper.o
- obj-$(CONFIG_IP_NF_MATCH_LIMIT) += ipt_limit.o
-+obj-$(CONFIG_IP_NF_MATCH_IPRANGE) += ipt_iprange.o
- obj-$(CONFIG_IP_NF_MATCH_QUOTA) += ipt_quota.o
- obj-$(CONFIG_IP_NF_MATCH_MARK) += ipt_mark.o
- obj-$(CONFIG_IP_NF_MATCH_MAC) += ipt_mac.o
-- 
cgit v1.2.3