hsist
/
freifunkist-firmware
6
1
Fork 0
Code Issues Pull Requests Releases Wiki Activity

netfilter: fix RTSP on 2.6.24

Browse Source 
SVN-Revision: 10319
master
Gabor Juhos 17 years ago
parent 131dfed3d7
commit 3dae29dc4a
1 changed files with 26 additions and 26 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 52
      target/linux/generic-2.6/patches-2.6.24/190-netfilter_rtsp.patch

52
target/linux/generic-2.6/patches-2.6.24/190-netfilter_rtsp.patch
Unescape View File

@ -53,7 +53,7 @@ Index: linux-2.6.23-rc9/include/linux/netfilter/nf_conntrack_rtsp.h
+#endif
+};
+
+extern unsigned int (*nf_nat_rtsp_hook)(struct sk_buff **pskb,
+extern unsigned int (*nf_nat_rtsp_hook)(struct sk_buff *skb,
+ enum ip_conntrack_info ctinfo,
+ unsigned int matchoff, unsigned int matchlen,
+ struct ip_ct_rtsp_expect *prtspexp,
@ -441,7 +441,7 @@ Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
+static char *rtsp_buffer;
+static DEFINE_SPINLOCK(rtsp_buffer_lock);
+
+unsigned int (*nf_nat_rtsp_hook)(struct sk_buff **pskb,
+unsigned int (*nf_nat_rtsp_hook)(struct sk_buff *skb,
+ enum ip_conntrack_info ctinfo,
+ unsigned int matchoff, unsigned int matchlen,struct ip_ct_rtsp_expect* prtspexp,
+ struct nf_conntrack_expect *exp);
@ -635,7 +635,7 @@ Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
+/* outbound packet: client->server */
+
+static inline int
+help_out(struct sk_buff **pskb, unsigned char *rb_ptr, unsigned int datalen,
+help_out(struct sk_buff *skb, unsigned char *rb_ptr, unsigned int datalen,
+ struct nf_conn *ct, enum ip_conntrack_info ctinfo)
+{
+ struct ip_ct_rtsp_expect expinfo;
@ -717,7 +717,7 @@ Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
+
+ if (nf_nat_rtsp_hook)
+ /* pass the request off to the nat helper */
+ ret = nf_nat_rtsp_hook(pskb, ctinfo, hdrsoff, hdrslen, &expinfo, exp);
+ ret = nf_nat_rtsp_hook(skb, ctinfo, hdrsoff, hdrslen, &expinfo, exp);
+ else if (nf_ct_expect_related(exp) != 0) {
+ INFOP("nf_ct_expect_related failed\n");
+ ret = NF_DROP;
@ -732,13 +732,13 @@ Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
+
+
+static inline int
+help_in(struct sk_buff **pskb, size_t pktlen,
+help_in(struct sk_buff *skb, size_t pktlen,
+ struct nf_conn* ct, enum ip_conntrack_info ctinfo)
+{
+ return NF_ACCEPT;
+}
+
+static int help(struct sk_buff **pskb, unsigned int protoff,
+static int help(struct sk_buff *skb, unsigned int protoff,
+ struct nf_conn *ct, enum ip_conntrack_info ctinfo)
+{
+ struct tcphdr _tcph, *th;
@ -754,20 +754,20 @@ Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
+ }
+
+ /* Not whole TCP header? */
+ th = skb_header_pointer(*pskb,protoff, sizeof(_tcph), &_tcph);
+ th = skb_header_pointer(skb, protoff, sizeof(_tcph), &_tcph);
+
+ if (!th)
+ return NF_ACCEPT;
+
+ /* No data ? */
+ dataoff = protoff + th->doff*4;
+ datalen = (*pskb)->len - dataoff;
+ if (dataoff >= (*pskb)->len)
+ datalen = skb->len - dataoff;
+ if (dataoff >= skb->len)
+ return NF_ACCEPT;
+
+ spin_lock_bh(&rtsp_buffer_lock);
+ rb_ptr = skb_header_pointer(*pskb, dataoff,
+ (*pskb)->len - dataoff, rtsp_buffer);
+ rb_ptr = skb_header_pointer(skb, dataoff,
+ skb->len - dataoff, rtsp_buffer);
+ BUG_ON(rb_ptr == NULL);
+
+#if 0
@ -784,7 +784,7 @@ Index: linux-2.6.23-rc9/net/netfilter/nf_conntrack_rtsp.c
+
+ switch (CTINFO2DIR(ctinfo)) {
+ case IP_CT_DIR_ORIGINAL:
+ ret = help_out(pskb, rb_ptr, datalen, ct, ctinfo);
+ ret = help_out(skb, rb_ptr, datalen, ct, ctinfo);
+ break;
+ case IP_CT_DIR_REPLY:
+ DEBUGP("IP_CT_DIR_REPLY\n");
@ -978,7 +978,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ *
+ * In:
+ * ct, ctinfo = conntrack context
+ * pskb = packet
+ * skb = packet
+ * tranoff = Transport header offset from TCP data
+ * tranlen = Transport header length (incl. CRLF)
+ * rport_lo = replacement low port (host endian)
@ -992,7 +992,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+rtsp_mangle_tran(enum ip_conntrack_info ctinfo,
+ struct nf_conntrack_expect* exp,
+ struct ip_ct_rtsp_expect* prtspexp,
+ struct sk_buff** pskb, uint tranoff, uint tranlen)
+ struct sk_buff* skb, uint tranoff, uint tranlen)
+{
+ char* ptcp;
+ uint tcplen;
@ -1013,7 +1013,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ uint extaddrlen;
+ int is_stun;
+
+ get_skb_tcpdata(*pskb, &ptcp, &tcplen);
+ get_skb_tcpdata(skb, &ptcp, &tcplen);
+ ptran = ptcp+tranoff;
+
+ if (tranoff+tranlen > tcplen || tcplen-tranoff < tranlen ||
@ -1145,14 +1145,14 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ if (dstact == DSTACT_STRIP || (dstact == DSTACT_AUTO && !is_stun))
+ {
+ diff = nextfieldoff-off;
+ if (!nf_nat_mangle_tcp_packet(pskb, ct, ctinfo,
+ if (!nf_nat_mangle_tcp_packet(skb, ct, ctinfo,
+ off, diff, NULL, 0))
+ {
+ /* mangle failed, all we can do is bail */
+ nf_ct_unexpect_related(exp);
+ return 0;
+ }
+ get_skb_tcpdata(*pskb, &ptcp, &tcplen);
+ get_skb_tcpdata(skb, &ptcp, &tcplen);
+ ptran = ptcp+tranoff;
+ tranlen -= diff;
+ nextparamoff -= diff;
@ -1215,14 +1215,14 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ * parameter 4 below is offset from start of tcp data.
+ */
+ diff = origlen-rbuflen;
+ if (!nf_nat_mangle_tcp_packet(pskb, ct, ctinfo,
+ if (!nf_nat_mangle_tcp_packet(skb, ct, ctinfo,
+ origoff, origlen, rbuf, rbuflen))
+ {
+ /* mangle failed, all we can do is bail */
+ nf_ct_unexpect_related(exp);
+ return 0;
+ }
+ get_skb_tcpdata(*pskb, &ptcp, &tcplen);
+ get_skb_tcpdata(skb, &ptcp, &tcplen);
+ ptran = ptcp+tranoff;
+ tranlen -= diff;
+ nextparamoff -= diff;
@ -1240,7 +1240,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+}
+
+static uint
+help_out(struct sk_buff **pskb, enum ip_conntrack_info ctinfo,
+help_out(struct sk_buff *skb, enum ip_conntrack_info ctinfo,
+ unsigned int matchoff, unsigned int matchlen, struct ip_ct_rtsp_expect* prtspexp,
+ struct nf_conntrack_expect* exp)
+{
@ -1252,10 +1252,10 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ uint linelen;
+ uint off;
+
+ //struct iphdr* iph = (struct iphdr*)(*pskb)->nh.iph;
+ //struct iphdr* iph = (struct iphdr*)skb->nh.iph;
+ //struct tcphdr* tcph = (struct tcphdr*)((void*)iph + iph->ihl*4);
+
+ get_skb_tcpdata(*pskb, &ptcp, &tcplen);
+ get_skb_tcpdata(skb, &ptcp, &tcplen);
+ hdrsoff = matchoff;//exp->seq - ntohl(tcph->seq);
+ hdrslen = matchlen;
+ off = hdrsoff;
@ -1278,12 +1278,12 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ {
+ uint oldtcplen = tcplen;
+ DEBUGP("hdr: Transport\n");
+ if (!rtsp_mangle_tran(ctinfo, exp, prtspexp, pskb, lineoff, linelen))
+ if (!rtsp_mangle_tran(ctinfo, exp, prtspexp, skb, lineoff, linelen))
+ {
+ DEBUGP("hdr: Transport mangle failed");
+ break;
+ }
+ get_skb_tcpdata(*pskb, &ptcp, &tcplen);
+ get_skb_tcpdata(skb, &ptcp, &tcplen);
+ hdrslen -= (oldtcplen-tcplen);
+ off -= (oldtcplen-tcplen);
+ lineoff -= (oldtcplen-tcplen);
@ -1296,7 +1296,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+}
+
+static unsigned int
+help(struct sk_buff **pskb, enum ip_conntrack_info ctinfo,
+help(struct sk_buff *skb, enum ip_conntrack_info ctinfo,
+ unsigned int matchoff, unsigned int matchlen, struct ip_ct_rtsp_expect* prtspexp,
+ struct nf_conntrack_expect* exp)
+{
@ -1306,7 +1306,7 @@ Index: linux-2.6.23-rc9/net/ipv4/netfilter/nf_nat_rtsp.c
+ switch (dir)
+ {
+ case IP_CT_DIR_ORIGINAL:
+ rc = help_out(pskb, ctinfo, matchoff, matchlen, prtspexp, exp);
+ rc = help_out(skb, ctinfo, matchoff, matchlen, prtspexp, exp);
+ break;
+ case IP_CT_DIR_REPLY:
+ DEBUGP("unmangle ! %u\n", ctinfo);

Write Preview
Loading…
Cancel
Save