From 716ca530e1c4515d8683c9d5be3d56b301758b66 Mon Sep 17 00:00:00 2001
From: James <>
Date: Wed, 4 Nov 2015 11:49:21 +0000
Subject: trunk-47381

---
 .../utils/iproute2/patches/001-config.patch        |   7 +
 .../utils/iproute2/patches/004-darwin_fixes.patch  |  59 +++
 .../utils/iproute2/patches/006-no_sctp.patch       |  18 +
 .../utils/iproute2/patches/007-no_arpd.patch       |  11 +
 .../utils/iproute2/patches/008-no_netem.patch      |  11 +
 .../utils/iproute2/patches/010-type_fixes.patch    | 396 +++++++++++++++++++++
 .../iproute2/patches/100-allow_pfifo_fast.patch    |   9 +
 .../utils/iproute2/patches/110-extra-ccopts.patch  |  11 +
 .../iproute2/patches/120-libnetlink-pic.patch      |  11 +
 .../iproute2/patches/130-missing_include.patch     |  10 +
 .../utils/iproute2/patches/200-add-tc_esfq.patch   | 249 +++++++++++++
 .../iproute2/patches/210-add-act_connmark.patch    |  87 +++++
 .../utils/iproute2/patches/300-ip_tiny.patch       | 101 ++++++
 .../iproute2/patches/900-drop_FAILED_POLICY.patch  |  54 +++
 .../patches/910-sanitize_headers_for_musl.patch    |  10 +
 15 files changed, 1044 insertions(+)
 create mode 100644 package/network/utils/iproute2/patches/001-config.patch
 create mode 100644 package/network/utils/iproute2/patches/004-darwin_fixes.patch
 create mode 100644 package/network/utils/iproute2/patches/006-no_sctp.patch
 create mode 100644 package/network/utils/iproute2/patches/007-no_arpd.patch
 create mode 100644 package/network/utils/iproute2/patches/008-no_netem.patch
 create mode 100644 package/network/utils/iproute2/patches/010-type_fixes.patch
 create mode 100644 package/network/utils/iproute2/patches/100-allow_pfifo_fast.patch
 create mode 100644 package/network/utils/iproute2/patches/110-extra-ccopts.patch
 create mode 100644 package/network/utils/iproute2/patches/120-libnetlink-pic.patch
 create mode 100644 package/network/utils/iproute2/patches/130-missing_include.patch
 create mode 100644 package/network/utils/iproute2/patches/200-add-tc_esfq.patch
 create mode 100644 package/network/utils/iproute2/patches/210-add-act_connmark.patch
 create mode 100644 package/network/utils/iproute2/patches/300-ip_tiny.patch
 create mode 100644 package/network/utils/iproute2/patches/900-drop_FAILED_POLICY.patch
 create mode 100644 package/network/utils/iproute2/patches/910-sanitize_headers_for_musl.patch

(limited to 'package/network/utils/iproute2/patches')

diff --git a/package/network/utils/iproute2/patches/001-config.patch b/package/network/utils/iproute2/patches/001-config.patch
new file mode 100644
index 0000000..ece8652
--- /dev/null
+++ b/package/network/utils/iproute2/patches/001-config.patch
@@ -0,0 +1,7 @@
+--- /dev/null
++++ b/Config
+@@ -0,0 +1,4 @@
++# Fixed config to disable ATM support even if present on host system
++TC_CONFIG_ATM:=n
++TC_CONFIG_ACTION_GACT=y
++TC_CONFIG_ACTION_PROB=y
diff --git a/package/network/utils/iproute2/patches/004-darwin_fixes.patch b/package/network/utils/iproute2/patches/004-darwin_fixes.patch
new file mode 100644
index 0000000..e1a5e97
--- /dev/null
+++ b/package/network/utils/iproute2/patches/004-darwin_fixes.patch
@@ -0,0 +1,59 @@
+--- a/netem/maketable.c
++++ b/netem/maketable.c
+@@ -10,7 +10,9 @@
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <math.h>
++#if !defined(__APPLE__) && !defined(__FreeBSD__)
+ #include <malloc.h>
++#endif
+ #include <string.h>
+ #include <sys/types.h>
+ #include <sys/stat.h>
+--- a/netem/normal.c
++++ b/netem/normal.c
+@@ -8,8 +8,12 @@
+ #include <string.h>
+ #include <limits.h>
+ 
++#if !defined(__APPLE__) && !defined(__FreeBSD__)
+ #include <linux/types.h>
+ #include <linux/pkt_sched.h>
++#else
++#define NETEM_DIST_SCALE        8192
++#endif
+ 
+ #define TABLESIZE 16384
+ #define TABLEFACTOR NETEM_DIST_SCALE
+--- a/netem/pareto.c
++++ b/netem/pareto.c
+@@ -7,8 +7,12 @@
+ #include <math.h>
+ #include <limits.h>
+ 
++#if !defined(__APPLE__) && !defined(__FreeBSD__)
+ #include <linux/types.h>
+ #include <linux/pkt_sched.h>
++#else
++#define NETEM_DIST_SCALE        8192
++#endif
+ 
+ static const double a=3.0;
+ #define TABLESIZE	16384
+--- a/netem/paretonormal.c
++++ b/netem/paretonormal.c
+@@ -15,10 +15,13 @@
+ #include <string.h>
+ #include <math.h>
+ #include <limits.h>
++#if !defined(__APPLE__) && !defined(__FreeBSD__)
+ #include <malloc.h>
+-
+ #include <linux/types.h>
+ #include <linux/pkt_sched.h>
++#else
++#define NETEM_DIST_SCALE        8192
++#endif
+ 
+ #define TABLESIZE	16384
+ #define TABLEFACTOR	NETEM_DIST_SCALE
diff --git a/package/network/utils/iproute2/patches/006-no_sctp.patch b/package/network/utils/iproute2/patches/006-no_sctp.patch
new file mode 100644
index 0000000..4aa9884
--- /dev/null
+++ b/package/network/utils/iproute2/patches/006-no_sctp.patch
@@ -0,0 +1,18 @@
+--- a/ip/ipxfrm.c
++++ b/ip/ipxfrm.c
+@@ -467,7 +467,6 @@ void xfrm_selector_print(struct xfrm_sel
+ 	switch (sel->proto) {
+ 	case IPPROTO_TCP:
+ 	case IPPROTO_UDP:
+-	case IPPROTO_SCTP:
+ 	case IPPROTO_DCCP:
+ 	default: /* XXX */
+ 		if (sel->sport_mask)
+@@ -1337,7 +1336,6 @@ static int xfrm_selector_upspec_parse(st
+ 		switch (sel->proto) {
+ 		case IPPROTO_TCP:
+ 		case IPPROTO_UDP:
+-		case IPPROTO_SCTP:
+ 		case IPPROTO_DCCP:
+ 			break;
+ 		default:
diff --git a/package/network/utils/iproute2/patches/007-no_arpd.patch b/package/network/utils/iproute2/patches/007-no_arpd.patch
new file mode 100644
index 0000000..6a7e24e
--- /dev/null
+++ b/package/network/utils/iproute2/patches/007-no_arpd.patch
@@ -0,0 +1,11 @@
+--- a/misc/Makefile
++++ b/misc/Makefile
+@@ -1,7 +1,7 @@
+ SSOBJ=ss.o ssfilter.o
+ LNSTATOBJ=lnstat.o lnstat_util.o
+ 
+-TARGETS=ss nstat ifstat rtacct arpd lnstat
++TARGETS=ss nstat ifstat rtacct lnstat
+ 
+ include ../Config
+ 
diff --git a/package/network/utils/iproute2/patches/008-no_netem.patch b/package/network/utils/iproute2/patches/008-no_netem.patch
new file mode 100644
index 0000000..165ce0c
--- /dev/null
+++ b/package/network/utils/iproute2/patches/008-no_netem.patch
@@ -0,0 +1,11 @@
+--- a/Makefile
++++ b/Makefile
+@@ -36,7 +36,7 @@ WFLAGS += -Wmissing-declarations -Wold-s
+ CFLAGS = $(WFLAGS) $(CCOPTS) -I../include $(DEFINES)
+ YACCFLAGS = -d -t -v
+ 
+-SUBDIRS=lib ip tc bridge misc netem genl man
++SUBDIRS=lib ip tc bridge misc genl man
+ 
+ LIBNETLINK=../lib/libnetlink.a ../lib/libutil.a
+ LDLIBS += $(LIBNETLINK)
diff --git a/package/network/utils/iproute2/patches/010-type_fixes.patch b/package/network/utils/iproute2/patches/010-type_fixes.patch
new file mode 100644
index 0000000..e0055fc
--- /dev/null
+++ b/package/network/utils/iproute2/patches/010-type_fixes.patch
@@ -0,0 +1,396 @@
+--- a/include/iptables_common.h
++++ b/include/iptables_common.h
+@@ -2,6 +2,8 @@
+ #define _IPTABLES_COMMON_H
+ /* Shared definitions between ipv4 and ipv6. */
+ 
++#include <stdint.h>
++
+ enum exittype {
+ 	OTHER_PROBLEM = 1,
+ 	PARAMETER_PROBLEM,
+@@ -43,9 +45,9 @@ extern char *lib_dir;
+   extern void init_extensions(void);
+ #endif
+ 
+-#define __be32	u_int32_t
+-#define __le32	u_int32_t
+-#define __be16	u_int16_t
+-#define __le16	u_int16_t
++#define __be32	uint32_t
++#define __le32	uint32_t
++#define __be16	uint16_t
++#define __le16	uint16_t
+ 
+ #endif /*_IPTABLES_COMMON_H*/
+--- a/include/netinet/tcp.h
++++ /dev/null
+@@ -1,231 +0,0 @@
+-/*
+- * Copyright (c) 1982, 1986, 1993
+- *	The Regents of the University of California.  All rights reserved.
+- *
+- * Redistribution and use in source and binary forms, with or without
+- * modification, are permitted provided that the following conditions
+- * are met:
+- * 1. Redistributions of source code must retain the above copyright
+- *    notice, this list of conditions and the following disclaimer.
+- * 2. Redistributions in binary form must reproduce the above copyright
+- *    notice, this list of conditions and the following disclaimer in the
+- *    documentation and/or other materials provided with the distribution.
+- * 4. Neither the name of the University nor the names of its contributors
+- *    may be used to endorse or promote products derived from this software
+- *    without specific prior written permission.
+- *
+- * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+- * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+- * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+- * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+- * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+- * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+- * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+- * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+- * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+- * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+- * SUCH DAMAGE.
+- *
+- *	@(#)tcp.h	8.1 (Berkeley) 6/10/93
+- */
+-
+-#ifndef _NETINET_TCP_H
+-#define _NETINET_TCP_H	1
+-
+-#include <features.h>
+-
+-/*
+- * User-settable options (used with setsockopt).
+- */
+-#define	TCP_NODELAY	 1	/* Don't delay send to coalesce packets  */
+-#define	TCP_MAXSEG	 2	/* Set maximum segment size  */
+-#define TCP_CORK	 3	/* Control sending of partial frames  */
+-#define TCP_KEEPIDLE	 4	/* Start keeplives after this period */
+-#define TCP_KEEPINTVL	 5	/* Interval between keepalives */
+-#define TCP_KEEPCNT	 6	/* Number of keepalives before death */
+-#define TCP_SYNCNT	 7	/* Number of SYN retransmits */
+-#define TCP_LINGER2	 8	/* Life time of orphaned FIN-WAIT-2 state */
+-#define TCP_DEFER_ACCEPT 9	/* Wake up listener only when data arrive */
+-#define TCP_WINDOW_CLAMP 10	/* Bound advertised window */
+-#define TCP_INFO	 11	/* Information about this connection. */
+-#define	TCP_QUICKACK	 12	/* Bock/reenable quick ACKs.  */
+-#define TCP_CONGESTION	 13	/* Congestion control algorithm.  */
+-
+-#ifdef __USE_MISC
+-# include <sys/types.h>
+-
+-# ifdef __FAVOR_BSD
+-typedef	u_int32_t tcp_seq;
+-/*
+- * TCP header.
+- * Per RFC 793, September, 1981.
+- */
+-struct tcphdr
+-  {
+-    u_int16_t th_sport;		/* source port */
+-    u_int16_t th_dport;		/* destination port */
+-    tcp_seq th_seq;		/* sequence number */
+-    tcp_seq th_ack;		/* acknowledgement number */
+-#  if __BYTE_ORDER == __LITTLE_ENDIAN
+-    u_int8_t th_x2:4;		/* (unused) */
+-    u_int8_t th_off:4;		/* data offset */
+-#  endif
+-#  if __BYTE_ORDER == __BIG_ENDIAN
+-    u_int8_t th_off:4;		/* data offset */
+-    u_int8_t th_x2:4;		/* (unused) */
+-#  endif
+-    u_int8_t th_flags;
+-#  define TH_FIN	0x01
+-#  define TH_SYN	0x02
+-#  define TH_RST	0x04
+-#  define TH_PUSH	0x08
+-#  define TH_ACK	0x10
+-#  define TH_URG	0x20
+-    u_int16_t th_win;		/* window */
+-    u_int16_t th_sum;		/* checksum */
+-    u_int16_t th_urp;		/* urgent pointer */
+-};
+-
+-# else /* !__FAVOR_BSD */
+-struct tcphdr
+-  {
+-    u_int16_t source;
+-    u_int16_t dest;
+-    u_int32_t seq;
+-    u_int32_t ack_seq;
+-#  if __BYTE_ORDER == __LITTLE_ENDIAN
+-    u_int16_t res1:4;
+-    u_int16_t doff:4;
+-    u_int16_t fin:1;
+-    u_int16_t syn:1;
+-    u_int16_t rst:1;
+-    u_int16_t psh:1;
+-    u_int16_t ack:1;
+-    u_int16_t urg:1;
+-    u_int16_t res2:2;
+-#  elif __BYTE_ORDER == __BIG_ENDIAN
+-    u_int16_t doff:4;
+-    u_int16_t res1:4;
+-    u_int16_t res2:2;
+-    u_int16_t urg:1;
+-    u_int16_t ack:1;
+-    u_int16_t psh:1;
+-    u_int16_t rst:1;
+-    u_int16_t syn:1;
+-    u_int16_t fin:1;
+-#  else
+-#   error "Adjust your <bits/endian.h> defines"
+-#  endif
+-    u_int16_t window;
+-    u_int16_t check;
+-    u_int16_t urg_ptr;
+-};
+-# endif /* __FAVOR_BSD */
+-
+-enum
+-{
+-  TCP_ESTABLISHED = 1,
+-  TCP_SYN_SENT,
+-  TCP_SYN_RECV,
+-  TCP_FIN_WAIT1,
+-  TCP_FIN_WAIT2,
+-  TCP_TIME_WAIT,
+-  TCP_CLOSE,
+-  TCP_CLOSE_WAIT,
+-  TCP_LAST_ACK,
+-  TCP_LISTEN,
+-  TCP_CLOSING   /* now a valid state */
+-};
+-
+-# define TCPOPT_EOL		0
+-# define TCPOPT_NOP		1
+-# define TCPOPT_MAXSEG		2
+-# define TCPOLEN_MAXSEG		4
+-# define TCPOPT_WINDOW		3
+-# define TCPOLEN_WINDOW		3
+-# define TCPOPT_SACK_PERMITTED	4		/* Experimental */
+-# define TCPOLEN_SACK_PERMITTED	2
+-# define TCPOPT_SACK		5		/* Experimental */
+-# define TCPOPT_TIMESTAMP	8
+-# define TCPOLEN_TIMESTAMP	10
+-# define TCPOLEN_TSTAMP_APPA	(TCPOLEN_TIMESTAMP+2) /* appendix A */
+-
+-# define TCPOPT_TSTAMP_HDR	\
+-    (TCPOPT_NOP<<24|TCPOPT_NOP<<16|TCPOPT_TIMESTAMP<<8|TCPOLEN_TIMESTAMP)
+-
+-/*
+- * Default maximum segment size for TCP.
+- * With an IP MSS of 576, this is 536,
+- * but 512 is probably more convenient.
+- * This should be defined as MIN(512, IP_MSS - sizeof (struct tcpiphdr)).
+- */
+-# define TCP_MSS	512
+-
+-# define TCP_MAXWIN	65535	/* largest value for (unscaled) window */
+-
+-# define TCP_MAX_WINSHIFT	14	/* maximum window shift */
+-
+-# define SOL_TCP		6	/* TCP level */
+-
+-
+-# define TCPI_OPT_TIMESTAMPS	1
+-# define TCPI_OPT_SACK		2
+-# define TCPI_OPT_WSCALE	4
+-# define TCPI_OPT_ECN		8
+-# define TCPI_OPT_ECN_SEEN	16
+-
+-/* Values for tcpi_state.  */
+-enum tcp_ca_state
+-{
+-  TCP_CA_Open = 0,
+-  TCP_CA_Disorder = 1,
+-  TCP_CA_CWR = 2,
+-  TCP_CA_Recovery = 3,
+-  TCP_CA_Loss = 4
+-};
+-
+-struct tcp_info
+-{
+-  u_int8_t	tcpi_state;
+-  u_int8_t	tcpi_ca_state;
+-  u_int8_t	tcpi_retransmits;
+-  u_int8_t	tcpi_probes;
+-  u_int8_t	tcpi_backoff;
+-  u_int8_t	tcpi_options;
+-  u_int8_t	tcpi_snd_wscale : 4, tcpi_rcv_wscale : 4;
+-
+-  u_int32_t	tcpi_rto;
+-  u_int32_t	tcpi_ato;
+-  u_int32_t	tcpi_snd_mss;
+-  u_int32_t	tcpi_rcv_mss;
+-
+-  u_int32_t	tcpi_unacked;
+-  u_int32_t	tcpi_sacked;
+-  u_int32_t	tcpi_lost;
+-  u_int32_t	tcpi_retrans;
+-  u_int32_t	tcpi_fackets;
+-
+-  /* Times. */
+-  u_int32_t	tcpi_last_data_sent;
+-  u_int32_t	tcpi_last_ack_sent;	/* Not remembered, sorry.  */
+-  u_int32_t	tcpi_last_data_recv;
+-  u_int32_t	tcpi_last_ack_recv;
+-
+-  /* Metrics. */
+-  u_int32_t	tcpi_pmtu;
+-  u_int32_t	tcpi_rcv_ssthresh;
+-  u_int32_t	tcpi_rtt;
+-  u_int32_t	tcpi_rttvar;
+-  u_int32_t	tcpi_snd_ssthresh;
+-  u_int32_t	tcpi_snd_cwnd;
+-  u_int32_t	tcpi_advmss;
+-  u_int32_t	tcpi_reordering;
+-  u_int32_t	tcpi_rcv_rtt;
+-  u_int32_t	tcpi_rcv_space;
+-  u_int32_t	tcpi_total_retrans;
+-
+-};
+-
+-#endif /* Misc.  */
+-
+-#endif /* netinet/tcp.h */
+--- a/include/iptables.h
++++ b/include/iptables.h
+@@ -20,7 +20,7 @@ struct ipt_get_revision
+ {
+ 	char name[IPT_FUNCTION_MAXNAMELEN-1];
+ 
+-	u_int8_t revision;
++	uint8_t revision;
+ };
+ #endif /* IPT_SO_GET_REVISION_MATCH   Old kernel source */
+ 
+@@ -39,7 +39,7 @@ struct iptables_match
+ 	ipt_chainlabel name;
+ 
+ 	/* Revision of match (0 by default). */
+-	u_int8_t revision;
++	uint8_t revision;
+ 
+ 	const char *version;
+ 
+@@ -92,7 +92,7 @@ struct iptables_target
+ 	ipt_chainlabel name;
+ 
+ 	/* Revision of target (0 by default). */
+-	u_int8_t revision;
++	uint8_t revision;
+ 
+ 	const char *version;
+ 
+@@ -153,7 +153,7 @@ extern char *mask_to_dotted(const struct
+ 
+ extern void parse_hostnetworkmask(const char *name, struct in_addr **addrpp,
+                       struct in_addr *maskp, unsigned int *naddrs);
+-extern u_int16_t parse_protocol(const char *s);
++extern uint16_t parse_protocol(const char *s);
+ 
+ extern int do_command(int argc, char *argv[], char **table,
+ 		      iptc_handle_t *handle);
+--- a/lib/dnet_ntop.c
++++ b/lib/dnet_ntop.c
+@@ -1,24 +1,25 @@
+ #include <errno.h>
+ #include <string.h>
++#include <stdint.h>
+ #include <sys/types.h>
+ #include <netinet/in.h>
+ 
+ #include "utils.h"
+ 
+-static __inline__ u_int16_t dn_ntohs(u_int16_t addr)
++static __inline__ uint16_t dn_ntohs(uint16_t addr)
+ {
+ 	union {
+-		u_int8_t byte[2];
+-		u_int16_t word;
++		uint8_t byte[2];
++		uint16_t word;
+ 	} u;
+ 
+ 	u.word = addr;
+-	return ((u_int16_t)u.byte[0]) | (((u_int16_t)u.byte[1]) << 8);
++	return ((uint16_t)u.byte[0]) | (((uint16_t)u.byte[1]) << 8);
+ }
+ 
+-static __inline__ int do_digit(char *str, u_int16_t *addr, u_int16_t scale, size_t *pos, size_t len, int *started)
++static __inline__ int do_digit(char *str, uint16_t *addr, uint16_t scale, size_t *pos, size_t len, int *started)
+ {
+-	u_int16_t tmp = *addr / scale;
++	uint16_t tmp = *addr / scale;
+ 
+ 	if (*pos == len)
+ 		return 1;
+@@ -36,7 +37,7 @@ static __inline__ int do_digit(char *str
+ 
+ static const char *dnet_ntop1(const struct dn_naddr *dna, char *str, size_t len)
+ {
+-	u_int16_t addr, area;
++	uint16_t addr, area;
+ 	size_t pos = 0;
+ 	int started = 0;
+ 
+--- a/lib/dnet_pton.c
++++ b/lib/dnet_pton.c
+@@ -1,23 +1,24 @@
+ #include <errno.h>
+ #include <string.h>
++#include <stdint.h>
+ #include <sys/types.h>
+ #include <netinet/in.h>
+ 
+ #include "utils.h"
+ 
+-static __inline__ u_int16_t dn_htons(u_int16_t addr)
++static __inline__ uint16_t dn_htons(uint16_t addr)
+ {
+         union {
+-                u_int8_t byte[2];
+-                u_int16_t word;
++                uint8_t byte[2];
++                uint16_t word;
+         } u;
+ 
+         u.word = addr;
+-        return ((u_int16_t)u.byte[0]) | (((u_int16_t)u.byte[1]) << 8);
++        return ((uint16_t)u.byte[0]) | (((uint16_t)u.byte[1]) << 8);
+ }
+ 
+ 
+-static int dnet_num(const char *src, u_int16_t * dst)
++static int dnet_num(const char *src, uint16_t * dst)
+ {
+ 	int rv = 0;
+ 	int tmp;
+@@ -38,9 +39,9 @@ static int dnet_num(const char *src, u_i
+ 
+ static int dnet_pton1(const char *src, struct dn_naddr *dna)
+ {
+-	u_int16_t addr;
+-	u_int16_t area = 0;
+-	u_int16_t node = 0;
++	uint16_t addr;
++	uint16_t area = 0;
++	uint16_t node = 0;
+ 	int pos;
+ 
+ 	pos = dnet_num(src, &area);
+--- a/include/libiptc/ipt_kernel_headers.h
++++ b/include/libiptc/ipt_kernel_headers.h
+@@ -5,7 +5,7 @@
+ 
+ #include <limits.h>
+ 
+-#if defined(__GLIBC__) && __GLIBC__ == 2
++#if 1
+ #include <netinet/ip.h>
+ #include <netinet/in.h>
+ #include <netinet/ip_icmp.h>
diff --git a/package/network/utils/iproute2/patches/100-allow_pfifo_fast.patch b/package/network/utils/iproute2/patches/100-allow_pfifo_fast.patch
new file mode 100644
index 0000000..ce958a9
--- /dev/null
+++ b/package/network/utils/iproute2/patches/100-allow_pfifo_fast.patch
@@ -0,0 +1,9 @@
+--- a/tc/q_fifo.c
++++ b/tc/q_fifo.c
+@@ -98,5 +98,6 @@ struct qdisc_util pfifo_head_drop_qdisc_
+ extern int prio_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt);
+ struct qdisc_util pfifo_fast_qdisc_util = {
+ 	.id = "pfifo_fast",
++	.parse_qopt = fifo_parse_opt,
+ 	.print_qopt = prio_print_opt,
+ };
diff --git a/package/network/utils/iproute2/patches/110-extra-ccopts.patch b/package/network/utils/iproute2/patches/110-extra-ccopts.patch
new file mode 100644
index 0000000..0e36230
--- /dev/null
+++ b/package/network/utils/iproute2/patches/110-extra-ccopts.patch
@@ -0,0 +1,11 @@
+--- a/Makefile
++++ b/Makefile
+@@ -29,7 +29,7 @@ ADDLIB+=ipx_ntop.o ipx_pton.o
+ CC = gcc
+ HOSTCC = gcc
+ DEFINES += -D_GNU_SOURCE
+-CCOPTS = -O2
++CCOPTS = -O2 $(EXTRA_CCOPTS)
+ WFLAGS := -Wall -Wstrict-prototypes  -Wmissing-prototypes
+ WFLAGS += -Wmissing-declarations -Wold-style-definition -Wformat=2
+ 
diff --git a/package/network/utils/iproute2/patches/120-libnetlink-pic.patch b/package/network/utils/iproute2/patches/120-libnetlink-pic.patch
new file mode 100644
index 0000000..19ccd1a
--- /dev/null
+++ b/package/network/utils/iproute2/patches/120-libnetlink-pic.patch
@@ -0,0 +1,11 @@
+--- a/lib/Makefile
++++ b/lib/Makefile
+@@ -4,7 +4,7 @@ ifeq ($(IP_CONFIG_SETNS),y)
+	CFLAGS += -DHAVE_SETNS
+ endif
+ 
+-CFLAGS += -fPIC
++CFLAGS += $(FPIC)
+ 
+ UTILOBJ=utils.o rt_names.o ll_types.o ll_proto.o ll_addr.o inet_proto.o namespace.o \
+	names.o
diff --git a/package/network/utils/iproute2/patches/130-missing_include.patch b/package/network/utils/iproute2/patches/130-missing_include.patch
new file mode 100644
index 0000000..8856963
--- /dev/null
+++ b/package/network/utils/iproute2/patches/130-missing_include.patch
@@ -0,0 +1,10 @@
+--- a/lib/namespace.c
++++ b/lib/namespace.c
+@@ -9,6 +9,7 @@
+ 
+ #include <fcntl.h>
+ #include <dirent.h>
++#include <sys/param.h>
+ 
+ #include "utils.h"
+ #include "namespace.h"
diff --git a/package/network/utils/iproute2/patches/200-add-tc_esfq.patch b/package/network/utils/iproute2/patches/200-add-tc_esfq.patch
new file mode 100644
index 0000000..6c148ea
--- /dev/null
+++ b/package/network/utils/iproute2/patches/200-add-tc_esfq.patch
@@ -0,0 +1,249 @@
+--- a/tc/Makefile
++++ b/tc/Makefile
+@@ -13,6 +13,7 @@ SHARED_LIBS ?= y
+ TCMODULES :=
+ TCMODULES += q_fifo.o
+ TCMODULES += q_sfq.o
++TCMODULES += q_esfq.o
+ TCMODULES += q_red.o
+ TCMODULES += q_prio.o
+ TCMODULES += q_tbf.o
+--- a/include/linux/pkt_sched.h
++++ b/include/linux/pkt_sched.h
+@@ -226,6 +226,33 @@ struct tc_sfq_xstats {
+ 	__s32		allot;
+ };
+ 
++/* ESFQ section */
++
++enum
++{
++        /* traditional */
++	TCA_SFQ_HASH_CLASSIC,
++	TCA_SFQ_HASH_DST,
++	TCA_SFQ_HASH_SRC,
++	TCA_SFQ_HASH_FWMARK,
++	/* conntrack */
++	TCA_SFQ_HASH_CTORIGDST,
++	TCA_SFQ_HASH_CTORIGSRC,
++	TCA_SFQ_HASH_CTREPLDST,
++	TCA_SFQ_HASH_CTREPLSRC,
++	TCA_SFQ_HASH_CTNATCHG,
++};
++
++struct tc_esfq_qopt
++{
++	unsigned	quantum;	/* Bytes per round allocated to flow */
++	int		perturb_period;	/* Period of hash perturbation */
++	__u32		limit;		/* Maximal packets in queue */
++	unsigned	divisor;	/* Hash divisor  */
++	unsigned	flows;		/* Maximal number of flows  */
++	unsigned	hash_kind;	/* Hash function to use for flow identification */
++};
++
+ /* RED section */
+ 
+ enum {
+--- /dev/null
++++ b/tc/q_esfq.c
+@@ -0,0 +1,200 @@
++/*
++ * q_esfq.c		ESFQ.
++ *
++ *		This program is free software; you can redistribute it and/or
++ *		modify it under the terms of the GNU General Public License
++ *		as published by the Free Software Foundation; either version
++ *		2 of the License, or (at your option) any later version.
++ *
++ * Authors:	Alexey Kuznetsov, <kuznet@ms2.inr.ac.ru>
++ *
++ * Changes:	Alexander Atanasov, <alex@ssi.bg>
++ *		Alexander Clouter, <alex@digriz.org.uk>
++ *		Corey Hickey, <bugfood-c@fatooh.org>
++ *
++ */
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <unistd.h>
++#include <syslog.h>
++#include <fcntl.h>
++#include <math.h>
++#include <sys/socket.h>
++#include <netinet/in.h>
++#include <arpa/inet.h>
++#include <string.h>
++
++#include "utils.h"
++#include "tc_util.h"
++
++static void explain(void)
++{
++	fprintf(stderr, "Usage: ... esfq [ perturb SECS ] [ quantum BYTES ] [ depth FLOWS ]\n\t[ divisor HASHBITS ] [ limit PKTS ] [ hash HASHTYPE]\n");
++	fprintf(stderr,"Where: \n");
++	fprintf(stderr,"HASHTYPE := { classic | src | dst | ctorigdst | ctorigsrc | ctrepldst | ctreplsrc | ctnatchg }\n");
++}
++
++#define usage() return(-1)
++
++static int esfq_parse_opt(struct qdisc_util *qu, int argc, char **argv, struct nlmsghdr *n)
++{
++	int ok=0;
++	struct tc_esfq_qopt opt;
++
++	memset(&opt, 0, sizeof(opt));
++
++	opt.hash_kind= TCA_SFQ_HASH_CLASSIC;
++
++	while (argc > 0) {
++		if (strcmp(*argv, "quantum") == 0) {
++			NEXT_ARG();
++			if (get_size(&opt.quantum, *argv)) {
++				fprintf(stderr, "Illegal \"quantum\"\n");
++				return -1;
++			}
++			ok++;
++		} else if (strcmp(*argv, "perturb") == 0) {
++			NEXT_ARG();
++			if (get_integer(&opt.perturb_period, *argv, 0)) {
++				fprintf(stderr, "Illegal \"perturb\"\n");
++				return -1;
++			}
++			ok++;
++		} else if (strcmp(*argv, "depth") == 0) {
++			NEXT_ARG();
++			if (get_integer((int *) &opt.flows, *argv, 0)) {
++				fprintf(stderr, "Illegal \"depth\"\n");
++				return -1;
++			}
++			ok++;
++		} else if (strcmp(*argv, "divisor") == 0) {
++			NEXT_ARG();
++			if (get_integer((int *) &opt.divisor, *argv, 0)) {
++				fprintf(stderr, "Illegal \"divisor\"\n");
++				return -1;
++			}
++			if(opt.divisor >= 14) {
++				fprintf(stderr, "Illegal \"divisor\": must be < 14\n");
++				return -1;
++			}
++			opt.divisor=pow(2,opt.divisor);
++			ok++;
++		} else if (strcmp(*argv, "limit") == 0) {
++			NEXT_ARG();
++			if (get_integer((int *) &opt.limit, *argv, 0)) {
++				fprintf(stderr, "Illegal \"limit\"\n");
++				return -1;
++			}
++			ok++;
++		} else if (strcmp(*argv, "hash") == 0) {
++			NEXT_ARG();
++			if(strcmp(*argv, "classic") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_CLASSIC;
++			} else
++			if(strcmp(*argv, "dst") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_DST;
++			} else
++			if(strcmp(*argv, "src") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_SRC;
++			} else
++			if(strcmp(*argv, "ctorigsrc") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_CTORIGSRC;
++			} else
++			if(strcmp(*argv, "ctorigdst") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_CTORIGDST;
++			} else
++			if(strcmp(*argv, "ctreplsrc") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_CTREPLSRC;
++			} else
++			if(strcmp(*argv, "ctrepldst") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_CTREPLDST;
++			} else
++			if(strcmp(*argv, "ctnatchg") == 0) {
++				opt.hash_kind= TCA_SFQ_HASH_CTNATCHG;
++			} else {
++				fprintf(stderr, "Illegal \"hash\"\n");
++				explain();
++				return -1;
++			}
++			ok++;
++		} else if (strcmp(*argv, "help") == 0) {
++			explain();
++			return -1;
++		} else {
++			fprintf(stderr, "What is \"%s\"?\n", *argv);
++			explain();
++			return -1;
++		}
++		argc--; argv++;
++	}
++
++	if (ok)
++		addattr_l(n, 1024, TCA_OPTIONS, &opt, sizeof(opt));
++	return 0;
++}
++
++static int esfq_print_opt(struct qdisc_util *qu, FILE *f, struct rtattr *opt)
++{
++	struct tc_esfq_qopt *qopt;
++	SPRINT_BUF(b1);
++
++	if (opt == NULL)
++		return 0;
++
++	if (RTA_PAYLOAD(opt)  < sizeof(*qopt))
++		return -1;
++	qopt = RTA_DATA(opt);
++	fprintf(f, "quantum %s ", sprint_size(qopt->quantum, b1));
++	if (show_details) {
++		fprintf(f, "limit %up flows %u/%u ",
++			qopt->limit, qopt->flows, qopt->divisor);
++	}
++	if (qopt->perturb_period)
++		fprintf(f, "perturb %dsec ", qopt->perturb_period);
++
++		fprintf(f,"hash: ");
++	switch(qopt->hash_kind)
++	{
++	case TCA_SFQ_HASH_CLASSIC:
++		fprintf(f,"classic");
++		break;
++	case TCA_SFQ_HASH_DST:
++		fprintf(f,"dst");
++		break;
++	case TCA_SFQ_HASH_SRC:
++		fprintf(f,"src");
++		break;
++	case TCA_SFQ_HASH_CTORIGSRC:
++		fprintf(f,"ctorigsrc");
++		break;
++	case TCA_SFQ_HASH_CTORIGDST:
++		fprintf(f,"ctorigdst");
++		break;
++	case TCA_SFQ_HASH_CTREPLSRC:
++		fprintf(f,"ctreplsrc");
++		break;
++	case TCA_SFQ_HASH_CTREPLDST:
++		fprintf(f,"ctrepldst");
++		break;
++	case TCA_SFQ_HASH_CTNATCHG:
++		fprintf(f,"ctnatchg");
++		break;
++	default:
++		fprintf(f,"Unknown");
++	}
++	return 0;
++}
++
++static int esfq_print_xstats(struct qdisc_util *qu, FILE *f, struct rtattr *xstats)
++{
++	return 0;
++}
++
++
++struct qdisc_util esfq_qdisc_util = {
++	.id = "esfq",
++	.parse_qopt = esfq_parse_opt,
++	.print_qopt = esfq_print_opt,
++	.print_xstats = esfq_print_xstats,
++};
diff --git a/package/network/utils/iproute2/patches/210-add-act_connmark.patch b/package/network/utils/iproute2/patches/210-add-act_connmark.patch
new file mode 100644
index 0000000..10167ae
--- /dev/null
+++ b/package/network/utils/iproute2/patches/210-add-act_connmark.patch
@@ -0,0 +1,87 @@
+--- a/tc/Makefile
++++ b/tc/Makefile
+@@ -44,6 +44,7 @@ TCMODULES += m_mirred.o
+ TCMODULES += m_nat.o
+ TCMODULES += m_pedit.o
+ TCMODULES += m_skbedit.o
++TCMODULES += m_connmark.o
+ TCMODULES += m_csum.o
+ TCMODULES += m_simple.o
+ TCMODULES += m_vlan.o
+--- /dev/null
++++ b/tc/m_connmark.c
+@@ -0,0 +1,74 @@
++/*
++ * m_connmark.c		Connection tracking marking import
++ *
++ * Copyright (c) 2011 Felix Fietkau <nbd@openwrt.org>
++ *
++ * This program is free software; you can redistribute it and/or modify it
++ * under the terms and conditions of the GNU General Public License,
++ * version 2, as published by the Free Software Foundation.
++ *
++ * This program is distributed in the hope it will be useful, but WITHOUT
++ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
++ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
++ * more details.
++ *
++ * You should have received a copy of the GNU General Public License along with
++ * this program; if not, write to the Free Software Foundation, Inc., 59 Temple
++ * Place - Suite 330, Boston, MA 02111-1307 USA.
++ */
++
++#include <stdio.h>
++#include <stdlib.h>
++#include <unistd.h>
++#include <string.h>
++#include "utils.h"
++#include "tc_util.h"
++
++static void
++explain(void)
++{
++	fprintf(stderr, "Usage: ... connmark\n");
++}
++
++static void
++usage(void)
++{
++	explain();
++	exit(-1);
++}
++
++static int
++parse_connmark(struct action_util *a, int *argc_p, char ***argv_p, int tca_id,
++	      struct nlmsghdr *n)
++{
++	int argc = *argc_p;
++	char **argv = *argv_p;
++
++	if (matches(*argv, "connmark") != 0)
++		return -1;
++
++	NEXT_ARG();
++
++	if (matches(*argv, "help") == 0)
++		usage();
++
++	*argc_p = argc;
++	*argv_p = argv;
++	return 0;
++}
++
++static int print_connmark(struct action_util *au, FILE *f, struct rtattr *arg)
++{
++	if (arg == NULL)
++		return -1;
++
++	fprintf(f, " connmark");
++
++	return 0;
++}
++
++struct action_util connmark_action_util = {
++	.id = "connmark",
++	.parse_aopt = parse_connmark,
++	.print_aopt = print_connmark,
++};
diff --git a/package/network/utils/iproute2/patches/300-ip_tiny.patch b/package/network/utils/iproute2/patches/300-ip_tiny.patch
new file mode 100644
index 0000000..14518dc
--- /dev/null
+++ b/package/network/utils/iproute2/patches/300-ip_tiny.patch
@@ -0,0 +1,101 @@
+--- a/ip/Makefile
++++ b/ip/Makefile
+@@ -16,6 +16,13 @@ ifeq ($(IP_CONFIG_SETNS),y)
+ 	CFLAGS += -DHAVE_SETNS
+ endif
+ 
++STATIC_SYM_FILTER:=
++ifeq ($(IP_CONFIG_TINY),y)
++  STATIC_SYM_FILTER:=iplink_can.c iplink_ipoib.c iplink_vxlan.c
++  CFLAGS += -DIPROUTE2_TINY
++endif
++STATIC_SYM_SOURCES:=$(filter-out $(STATIC_SYM_FILTER),$(wildcard *.c))
++
+ ALLOBJ=$(IPOBJ) $(RTMONOBJ)
+ SCRIPTS=ifcfg rtpr routel routef
+ TARGETS=ip rtmon
+@@ -43,7 +50,7 @@ else
+ 
+ ip: static-syms.o
+ static-syms.o: static-syms.h
+-static-syms.h: $(wildcard *.c)
++static-syms.h: $(STATIC_SYM_SOURCES)
+ 	files="$^" ; \
+ 	for s in `grep -B 3 '\<dlsym' $$files | sed -n '/snprintf/{s:.*"\([^"]*\)".*:\1:;s:%s::;p}'` ; do \
+ 		sed -n '/'$$s'[^ ]* =/{s:.* \([^ ]*'$$s'[^ ]*\) .*:extern char \1[] __attribute__((weak)); if (!strcmp(sym, "\1")) return \1;:;p}' $$files ; \
+--- a/ip/ip.c
++++ b/ip/ip.c
+@@ -71,30 +71,42 @@ static const struct cmd {
+ 	int (*func)(int argc, char **argv);
+ } cmds[] = {
+ 	{ "address",	do_ipaddr },
++#ifndef IPROUTE2_TINY
+ 	{ "addrlabel",	do_ipaddrlabel },
++#endif
+ 	{ "maddress",	do_multiaddr },
+ 	{ "route",	do_iproute },
+ 	{ "rule",	do_iprule },
+ 	{ "neighbor",	do_ipneigh },
+ 	{ "neighbour",	do_ipneigh },
++#ifndef IPROUTE2_TINY
+ 	{ "ntable",	do_ipntable },
+ 	{ "ntbl",	do_ipntable },
++#endif
+ 	{ "link",	do_iplink },
++#ifndef IPROUTE2_TINY
+ 	{ "l2tp",	do_ipl2tp },
+	{ "fou",	do_ipfou },
++#endif
+ 	{ "tunnel",	do_iptunnel },
+ 	{ "tunl",	do_iptunnel },
++#ifndef IPROUTE2_TINY
+ 	{ "tuntap",	do_iptuntap },
+ 	{ "tap",	do_iptuntap },
+ 	{ "token",	do_iptoken },
+ 	{ "tcpmetrics",	do_tcp_metrics },
+ 	{ "tcp_metrics",do_tcp_metrics },
++#endif
+ 	{ "monitor",	do_ipmonitor },
++#ifndef IPROUTE2_TINY
+ 	{ "xfrm",	do_xfrm },
++#endif
+ 	{ "mroute",	do_multiroute },
+ 	{ "mrule",	do_multirule },
+ 	{ "netns",	do_netns },
++#ifndef IPROUTE2_TINY
+ 	{ "netconf",	do_ipnetconf },
++#endif
+ 	{ "help",	do_help },
+ 	{ 0 }
+ };
+--- a/lib/utils.c
++++ b/lib/utils.c
+@@ -642,6 +642,7 @@ const char *rt_addr_n2a(int af, const vo
+ 	case AF_INET:
+ 	case AF_INET6:
+ 		return inet_ntop(af, addr, buf, buflen);
++#ifndef IPROUTE2_TINY
+ 	case AF_IPX:
+ 		return ipx_ntop(af, addr, buf, buflen);
+ 	case AF_DECnet:
+@@ -650,6 +651,7 @@ const char *rt_addr_n2a(int af, const vo
+ 		memcpy(dna.a_addr, addr, 2);
+ 		return dnet_ntop(af, &dna, buf, buflen);
+ 	}
++#endif
+ 	default:
+ 		return "???";
+ 	}
+--- a/lib/Makefile
++++ b/lib/Makefile
+@@ -4,6 +4,10 @@ ifeq ($(IP_CONFIG_SETNS),y)
+	CFLAGS += -DHAVE_SETNS
+ endif
+ 
++ifeq ($(IP_CONFIG_TINY),y)
++  CFLAGS += -DIPROUTE2_TINY
++endif
++
+ CFLAGS += $(FPIC)
+ 
+ UTILOBJ=utils.o rt_names.o ll_types.o ll_proto.o ll_addr.o inet_proto.o namespace.o \
diff --git a/package/network/utils/iproute2/patches/900-drop_FAILED_POLICY.patch b/package/network/utils/iproute2/patches/900-drop_FAILED_POLICY.patch
new file mode 100644
index 0000000..f5d2dfe
--- /dev/null
+++ b/package/network/utils/iproute2/patches/900-drop_FAILED_POLICY.patch
@@ -0,0 +1,54 @@
+From 4e7dbf76227e8c7be7897dc81def3011f637864d Mon Sep 17 00:00:00 2001
+From: Jonas Gorski <jogo@openwrt.org>
+Date: Thu, 30 May 2013 11:54:04 +0200
+Subject: [PATCH] add support for dropping with FAILED_POLICY
+
+---
+ include/linux/fib_rules.h |    4 ++++
+ include/linux/rtnetlink.h |    1 +
+ ip/rtm_map.c              |    4 ++++
+ 3 files changed, 9 insertions(+)
+
+--- a/include/linux/fib_rules.h
++++ b/include/linux/fib_rules.h
+@@ -64,6 +64,10 @@ enum {
+ 	FR_ACT_BLACKHOLE,	/* Drop without notification */
+ 	FR_ACT_UNREACHABLE,	/* Drop with ENETUNREACH */
+ 	FR_ACT_PROHIBIT,	/* Drop with EACCES */
++	FR_ACT_RES8,
++	FR_ACT_RES9,
++	FR_ACT_RES10,
++	FR_ACT_FAILED_POLICY,	/* Drop with EPERM */
+ 	__FR_ACT_MAX,
+ };
+ 
+--- a/include/linux/rtnetlink.h
++++ b/include/linux/rtnetlink.h
+@@ -208,6 +208,7 @@ enum {
+ 	RTN_THROW,		/* Not in this table		*/
+ 	RTN_NAT,		/* Translate this address	*/
+ 	RTN_XRESOLVE,		/* Use external resolver	*/
++	RTN_FAILED_POLICY,	/* Source address failed policy */
+ 	__RTN_MAX
+ };
+ 
+--- a/ip/rtm_map.c
++++ b/ip/rtm_map.c
+@@ -49,6 +49,8 @@ char *rtnl_rtntype_n2a(int id, char *buf
+ 		return "nat";
+ 	case RTN_XRESOLVE:
+ 		return "xresolve";
++	case RTN_FAILED_POLICY:
++		return "failed_policy";
+ 	default:
+ 		snprintf(buf, len, "%d", id);
+ 		return buf;
+@@ -84,6 +86,8 @@ int rtnl_rtntype_a2n(int *id, char *arg)
+ 		res = RTN_UNICAST;
+ 	else if (strcmp(arg, "throw") == 0)
+ 		res = RTN_THROW;
++	else if (strcmp(arg, "failed_policy") == 0)
++		res = RTN_FAILED_POLICY;
+ 	else {
+ 		res = strtoul(arg, &end, 0);
+ 		if (!end || end == arg || *end || res > 255)
diff --git a/package/network/utils/iproute2/patches/910-sanitize_headers_for_musl.patch b/package/network/utils/iproute2/patches/910-sanitize_headers_for_musl.patch
new file mode 100644
index 0000000..ca1125d
--- /dev/null
+++ b/package/network/utils/iproute2/patches/910-sanitize_headers_for_musl.patch
@@ -0,0 +1,10 @@
+--- a/include/linux/if_bridge.h
++++ b/include/linux/if_bridge.h
+@@ -15,7 +15,6 @@
+ 
+ #include <linux/types.h>
+ #include <linux/if_ether.h>
+-#include <linux/in6.h>
+ 
+ #define SYSFS_BRIDGE_ATTR	"bridge"
+ #define SYSFS_BRIDGE_FDB	"brforward"
-- 
cgit v1.2.3