diff options
author | Andy Boyett <agb@openwrt.org> | 2009-09-10 10:06:26 +0000 |
---|---|---|
committer | Andy Boyett <agb@openwrt.org> | 2009-09-10 10:06:26 +0000 |
commit | 579617f85b516e003d9c91ac163d38591bca89f0 (patch) | |
tree | 6b7f0f0bafd70891ce528374ecf529f333bdaea1 /target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch | |
parent | 01f3c0975e27b8001ec095577b4c8011f9417224 (diff) | |
download | upstream-579617f85b516e003d9c91ac163d38591bca89f0.tar.gz upstream-579617f85b516e003d9c91ac163d38591bca89f0.tar.bz2 upstream-579617f85b516e003d9c91ac163d38591bca89f0.zip |
[generic-2.4] remove nat pptp conntracking patch
Patch 603-netfilter_nat_pptp.patch appears to be the cause of the
longstanding brcm-2.4 dnat off-by-one port forwarding bug. Months of
testing builds with this patch removed have not been able to reproduce
the issue.
The 603 patch is rather large and we (the OpenWrt developers) have not
been able to isolate the cause of the bug within the patch. The number
of people have actually use pptp nat conntracking is far less than
number of people that use port forwarding and as a result we must drop
this patch to ensure proper behavior for the majority of users.
git-svn-id: svn://svn.openwrt.org/openwrt/trunk@17552 3c298f89-4303-0410-b956-a3cf2f4a3e73
Diffstat (limited to 'target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch')
-rw-r--r-- | target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch | 34 |
1 files changed, 21 insertions, 13 deletions
diff --git a/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch b/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch index 0dc2fba394..064f74f928 100644 --- a/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch +++ b/target/linux/generic-2.4/patches/606-netfilter_NETMAP.patch @@ -1,6 +1,8 @@ ---- a/Documentation/Configure.help -+++ b/Documentation/Configure.help -@@ -3086,6 +3086,17 @@ CONFIG_IP_NF_TARGET_REDIRECT +Index: linux-2.4.37.5/Documentation/Configure.help +=================================================================== +--- linux-2.4.37.5.orig/Documentation/Configure.help 2009-09-03 00:09:38.000000000 -0700 ++++ linux-2.4.37.5/Documentation/Configure.help 2009-09-03 00:12:30.000000000 -0700 +@@ -3086,6 +3086,17 @@ If you want to compile it as a module, say M here and read <file:Documentation/modules.txt>. If unsure, say `N'. @@ -18,18 +20,22 @@ Packet mangling CONFIG_IP_NF_MANGLE This option adds a `mangle' table to iptables: see the man page for ---- a/net/ipv4/netfilter/Config.in -+++ b/net/ipv4/netfilter/Config.in -@@ -65,6 +65,7 @@ if [ "$CONFIG_IP_NF_IPTABLES" != "n" ]; +Index: linux-2.4.37.5/net/ipv4/netfilter/Config.in +=================================================================== +--- linux-2.4.37.5.orig/net/ipv4/netfilter/Config.in 2009-09-03 00:09:38.000000000 -0700 ++++ linux-2.4.37.5/net/ipv4/netfilter/Config.in 2009-09-03 00:14:38.000000000 -0700 +@@ -63,6 +63,7 @@ define_bool CONFIG_IP_NF_NAT_NEEDED y dep_tristate ' MASQUERADE target support' CONFIG_IP_NF_TARGET_MASQUERADE $CONFIG_IP_NF_NAT dep_tristate ' REDIRECT target support' CONFIG_IP_NF_TARGET_REDIRECT $CONFIG_IP_NF_NAT + dep_tristate ' NETMAP target support' CONFIG_IP_NF_TARGET_NETMAP $CONFIG_IP_NF_NAT - if [ "$CONFIG_IP_NF_PPTP" = "m" ]; then - define_tristate CONFIG_IP_NF_NAT_PPTP m + if [ "$CONFIG_IP_NF_AMANDA" = "m" ]; then + define_tristate CONFIG_IP_NF_NAT_AMANDA m else ---- /dev/null -+++ b/net/ipv4/netfilter/ipt_NETMAP.c +Index: linux-2.4.37.5/net/ipv4/netfilter/ipt_NETMAP.c +=================================================================== +--- /dev/null 1970-01-01 00:00:00.000000000 +0000 ++++ linux-2.4.37.5/net/ipv4/netfilter/ipt_NETMAP.c 2009-09-03 00:12:30.000000000 -0700 @@ -0,0 +1,112 @@ +/* NETMAP - static NAT mapping of IP network addresses (1:1). + The mapping can be applied to source (POSTROUTING), @@ -143,9 +149,11 @@ + +module_init(init); +module_exit(fini); ---- a/net/ipv4/netfilter/Makefile -+++ b/net/ipv4/netfilter/Makefile -@@ -108,6 +108,7 @@ obj-$(CONFIG_IP_NF_TARGET_DSCP) += ipt_D +Index: linux-2.4.37.5/net/ipv4/netfilter/Makefile +=================================================================== +--- linux-2.4.37.5.orig/net/ipv4/netfilter/Makefile 2009-09-03 00:09:38.000000000 -0700 ++++ linux-2.4.37.5/net/ipv4/netfilter/Makefile 2009-09-03 00:12:30.000000000 -0700 +@@ -99,6 +99,7 @@ obj-$(CONFIG_IP_NF_TARGET_MARK) += ipt_MARK.o obj-$(CONFIG_IP_NF_TARGET_MASQUERADE) += ipt_MASQUERADE.o obj-$(CONFIG_IP_NF_TARGET_REDIRECT) += ipt_REDIRECT.o |