diff options
Diffstat (limited to 'package/network/utils/iproute2/patches/135-sync-iptables-header.patch')
-rw-r--r-- | package/network/utils/iproute2/patches/135-sync-iptables-header.patch | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/package/network/utils/iproute2/patches/135-sync-iptables-header.patch b/package/network/utils/iproute2/patches/135-sync-iptables-header.patch new file mode 100644 index 0000000000..a04d8ac742 --- /dev/null +++ b/package/network/utils/iproute2/patches/135-sync-iptables-header.patch @@ -0,0 +1,101 @@ +Description: Sync header from iptables + The current versions in several suites have the same content: + - 1.6.1-2 (unstable) +Bug: https://bugs.debian.org/868059 +Forwarded: not-needed +Author: Cyril Brulebois <cyril@debamax.com> +Last-Update: 2017-11-22 +--- a/include/xtables.h ++++ b/include/xtables.h +@@ -205,9 +205,24 @@ enum xtables_ext_flags { + XTABLES_EXT_ALIAS = 1 << 0, + }; + ++struct xt_xlate; ++ ++struct xt_xlate_mt_params { ++ const void *ip; ++ const struct xt_entry_match *match; ++ int numeric; ++ bool escape_quotes; ++}; ++ ++struct xt_xlate_tg_params { ++ const void *ip; ++ const struct xt_entry_target *target; ++ int numeric; ++ bool escape_quotes; ++}; ++ + /* Include file for additions: new matches and targets. */ +-struct xtables_match +-{ ++struct xtables_match { + /* + * ABI/API version this module requires. Must be first member, + * as the rest of this struct may be subject to ABI changes. +@@ -269,6 +284,10 @@ struct xtables_match + void (*x6_fcheck)(struct xt_fcheck_call *); + const struct xt_option_entry *x6_options; + ++ /* Translate iptables to nft */ ++ int (*xlate)(struct xt_xlate *xl, ++ const struct xt_xlate_mt_params *params); ++ + /* Size of per-extension instance extra "global" scratch space */ + size_t udata_size; + +@@ -280,8 +299,7 @@ struct xtables_match + unsigned int loaded; /* simulate loading so options are merged properly */ + }; + +-struct xtables_target +-{ ++struct xtables_target { + /* + * ABI/API version this module requires. Must be first member, + * as the rest of this struct may be subject to ABI changes. +@@ -346,6 +364,10 @@ struct xtables_target + void (*x6_fcheck)(struct xt_fcheck_call *); + const struct xt_option_entry *x6_options; + ++ /* Translate iptables to nft */ ++ int (*xlate)(struct xt_xlate *xl, ++ const struct xt_xlate_tg_params *params); ++ + size_t udata_size; + + /* Ignore these men behind the curtain: */ +@@ -406,6 +428,17 @@ struct xtables_globals + + #define XT_GETOPT_TABLEEND {.name = NULL, .has_arg = false} + ++/* ++ * enum op- ++ * ++ * For writing clean nftables translations code ++ */ ++enum xt_op { ++ XT_OP_EQ, ++ XT_OP_NEQ, ++ XT_OP_MAX, ++}; ++ + #ifdef __cplusplus + extern "C" { + #endif +@@ -548,6 +581,14 @@ extern void xtables_lmap_free(struct xta + extern int xtables_lmap_name2id(const struct xtables_lmap *, const char *); + extern const char *xtables_lmap_id2name(const struct xtables_lmap *, int); + ++/* xlate infrastructure */ ++struct xt_xlate *xt_xlate_alloc(int size); ++void xt_xlate_free(struct xt_xlate *xl); ++void xt_xlate_add(struct xt_xlate *xl, const char *fmt, ...); ++void xt_xlate_add_comment(struct xt_xlate *xl, const char *comment); ++const char *xt_xlate_get_comment(struct xt_xlate *xl); ++const char *xt_xlate_get(struct xt_xlate *xl); ++ + #ifdef XTABLES_INTERNAL + + /* Shipped modules rely on this... */ |