diff options
author | Imre Kaloz <kaloz@openwrt.org> | 2015-03-26 09:42:59 +0000 |
---|---|---|
committer | Imre Kaloz <kaloz@openwrt.org> | 2015-03-26 09:42:59 +0000 |
commit | af69bf56b6810419879f1aecad8160697877a8c6 (patch) | |
tree | 3904731ce5bfb9f3c9f44ef4aa3350114ee4a46e /target/linux/generic/patches-3.19/604-netfilter_conntrack_flush.patch | |
parent | 6c0d6a3cb32b0b366b6c28aa7735f00a44226edd (diff) | |
download | upstream-af69bf56b6810419879f1aecad8160697877a8c6.tar.gz upstream-af69bf56b6810419879f1aecad8160697877a8c6.tar.bz2 upstream-af69bf56b6810419879f1aecad8160697877a8c6.zip |
drop 3.19 support
Signed-off-by: Imre Kaloz <kaloz@openwrt.org>
SVN-Revision: 45002
Diffstat (limited to 'target/linux/generic/patches-3.19/604-netfilter_conntrack_flush.patch')
-rw-r--r-- | target/linux/generic/patches-3.19/604-netfilter_conntrack_flush.patch | 86 |
1 files changed, 0 insertions, 86 deletions
diff --git a/target/linux/generic/patches-3.19/604-netfilter_conntrack_flush.patch b/target/linux/generic/patches-3.19/604-netfilter_conntrack_flush.patch deleted file mode 100644 index 6d58189786..0000000000 --- a/target/linux/generic/patches-3.19/604-netfilter_conntrack_flush.patch +++ /dev/null @@ -1,86 +0,0 @@ ---- a/net/netfilter/nf_conntrack_standalone.c -+++ b/net/netfilter/nf_conntrack_standalone.c -@@ -17,6 +17,7 @@ - #include <linux/percpu.h> - #include <linux/netdevice.h> - #include <linux/security.h> -+#include <linux/inet.h> - #include <net/net_namespace.h> - #ifdef CONFIG_SYSCTL - #include <linux/sysctl.h> -@@ -265,10 +266,66 @@ static int ct_open(struct inode *inode, - sizeof(struct ct_iter_state)); - } - -+struct kill_request { -+ u16 family; -+ union nf_inet_addr addr; -+}; -+ -+static int kill_matching(struct nf_conn *i, void *data) -+{ -+ struct kill_request *kr = data; -+ struct nf_conntrack_tuple *t1 = &i->tuplehash[IP_CT_DIR_ORIGINAL].tuple; -+ struct nf_conntrack_tuple *t2 = &i->tuplehash[IP_CT_DIR_REPLY].tuple; -+ -+ if (!kr->family) -+ return 1; -+ -+ if (t1->src.l3num != kr->family) -+ return 0; -+ -+ return (nf_inet_addr_cmp(&kr->addr, &t1->src.u3) || -+ nf_inet_addr_cmp(&kr->addr, &t1->dst.u3) || -+ nf_inet_addr_cmp(&kr->addr, &t2->src.u3) || -+ nf_inet_addr_cmp(&kr->addr, &t2->dst.u3)); -+} -+ -+static ssize_t ct_file_write(struct file *file, const char __user *buf, -+ size_t count, loff_t *ppos) -+{ -+ struct seq_file *seq = file->private_data; -+ struct net *net = seq_file_net(seq); -+ struct kill_request kr = { }; -+ char req[INET6_ADDRSTRLEN] = { }; -+ -+ if (count == 0) -+ return 0; -+ -+ if (count >= INET6_ADDRSTRLEN) -+ count = INET6_ADDRSTRLEN - 1; -+ -+ if (copy_from_user(req, buf, count)) -+ return -EFAULT; -+ -+ if (strnchr(req, count, ':')) { -+ kr.family = AF_INET6; -+ if (!in6_pton(req, count, (void *)&kr.addr, '\n', NULL)) -+ return -EINVAL; -+ } else if (strnchr(req, count, '.')) { -+ kr.family = AF_INET; -+ if (!in4_pton(req, count, (void *)&kr.addr, '\n', NULL)) -+ return -EINVAL; -+ } -+ -+ nf_ct_iterate_cleanup(net, kill_matching, &kr, 0, 0); -+ -+ return count; -+} -+ - static const struct file_operations ct_file_ops = { - .owner = THIS_MODULE, - .open = ct_open, - .read = seq_read, -+ .write = ct_file_write, - .llseek = seq_lseek, - .release = seq_release_net, - }; -@@ -370,7 +427,7 @@ static int nf_conntrack_standalone_init_ - { - struct proc_dir_entry *pde; - -- pde = proc_create("nf_conntrack", 0440, net->proc_net, &ct_file_ops); -+ pde = proc_create("nf_conntrack", 0660, net->proc_net, &ct_file_ops); - if (!pde) - goto out_nf_conntrack; - |