[arch-commits] Commit in netfilter-fullconenat/repos (3 files)
Jan Steffens
heftig at gemini.archlinux.org
Wed Jan 5 18:00:22 UTC 2022
Date: Wednesday, January 5, 2022 @ 18:00:22
Author: heftig
Revision: 1093319
archrelease: copy trunk to community-testing-x86_64
Added:
netfilter-fullconenat/repos/community-testing-x86_64/
netfilter-fullconenat/repos/community-testing-x86_64/PKGBUILD
(from rev 1093315, netfilter-fullconenat/trunk/PKGBUILD)
netfilter-fullconenat/repos/community-testing-x86_64/linux-5.15.patch
(from rev 1093316, netfilter-fullconenat/trunk/linux-5.15.patch)
------------------+
PKGBUILD | 46 +++++++++++++++++++++++++++++++++++
linux-5.15.patch | 68 +++++++++++++++++++++++++++++++++++++++++++++++++++++
2 files changed, 114 insertions(+)
Copied: netfilter-fullconenat/repos/community-testing-x86_64/PKGBUILD (from rev 1093315, netfilter-fullconenat/trunk/PKGBUILD)
===================================================================
--- community-testing-x86_64/PKGBUILD (rev 0)
+++ community-testing-x86_64/PKGBUILD 2022-01-05 18:00:22 UTC (rev 1093319)
@@ -0,0 +1,46 @@
+# Maintainer: Felix Yan <felixonmars at archlinux.org>
+# Contributor: Edward Pacman <edward at edward-p.xyz>
+
+pkgname=netfilter-fullconenat
+pkgver=r73.0cf3b48
+pkgrel=173
+pkgdesc="A kernel module that turns MASQUERADE into full cone SNAT"
+arch=('x86_64')
+url="https://github.com/Chion82/netfilter-full-cone-nat"
+license=('GPL2')
+depends=("linux")
+makedepends=('linux-headers' 'git')
+_commit=0cf3b48fd7d2fa81d0297d1fff12bbd0580fc435 # master
+source=("${pkgname}::git+https://github.com/Chion82/netfilter-full-cone-nat#commit=${_commit}"
+ linux-5.15.patch)
+sha256sums=('SKIP'
+ 'd785622e80ed3348be133270ac974dd372e0d6d770f0da554edbcbf20e94d6a6')
+
+pkgver() {
+ cd ${pkgname}
+ ( set -o pipefail
+ git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' ||
+ printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short HEAD)"
+ )
+}
+
+prepare() {
+ cd ${pkgname}
+ echo "obj-m = xt_FULLCONENAT.o" > Kbuild
+ patch -p1 -i ../linux-5.15.patch
+}
+
+build() {
+ cd ${pkgname}
+ make -C /usr/src/linux M=$PWD modules
+}
+
+package() {
+ local extradir=/usr/lib/modules/$(</usr/src/linux/version)/extramodules
+ install -Dt "${pkgdir}${extradir}" -m644 ${pkgname}/*.ko
+ find "${pkgdir}" -name '*.ko' -exec strip --strip-debug {} +
+ find "${pkgdir}" -name '*.ko' -exec xz {} +
+
+ echo "xt_FULLCONENAT" | \
+ install -Dm644 /dev/stdin "${pkgdir}/usr/lib/modules-load.d/${pkgname}.conf"
+}
Copied: netfilter-fullconenat/repos/community-testing-x86_64/linux-5.15.patch (from rev 1093316, netfilter-fullconenat/trunk/linux-5.15.patch)
===================================================================
--- community-testing-x86_64/linux-5.15.patch (rev 0)
+++ community-testing-x86_64/linux-5.15.patch 2022-01-05 18:00:22 UTC (rev 1093319)
@@ -0,0 +1,68 @@
+diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
+index 9bb8660..c061b98 100644
+--- a/xt_FULLCONENAT.c
++++ b/xt_FULLCONENAT.c
+@@ -123,7 +123,9 @@ struct notifier_block ct_event_notifier;
+ struct nf_ct_event_notifier ct_event_notifier;
+ #endif
+ int tg_refer_count = 0;
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ int ct_event_notifier_registered = 0;
++#endif
+
+ static DEFINE_MUTEX(nf_ct_net_event_lock);
+
+@@ -894,8 +896,10 @@ static void gc_worker(struct work_struct *work) {
+ #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
+ static int ct_event_cb(struct notifier_block *this, unsigned long events, void *ptr) {
+ struct nf_ct_event *item = ptr;
+-#else
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ static int ct_event_cb(unsigned int events, struct nf_ct_event *item) {
++#else
++static int ct_event_cb(unsigned int events, const struct nf_ct_event *item) {
+ #endif
+ struct nf_conn *ct;
+ struct nf_conntrack_tuple *ct_tuple_reply, *ct_tuple_original;
+@@ -1242,9 +1246,8 @@ static int fullconenat_tg_check(const struct xt_tgchk_param *par)
+ if (tg_refer_count == 1) {
+ #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
+ ct_event_notifier.notifier_call = ct_event_cb;
+-#else
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ ct_event_notifier.fcn = ct_event_cb;
+-#endif
+
+ if (nf_conntrack_register_notifier(par->net, &ct_event_notifier) == 0) {
+ ct_event_notifier_registered = 1;
+@@ -1252,6 +1255,11 @@ static int fullconenat_tg_check(const struct xt_tgchk_param *par)
+ } else {
+ printk("xt_FULLCONENAT: warning: failed to register a conntrack notifier. Disable active GC for mappings.\n");
+ }
++#else
++ ct_event_notifier.ct_event = ct_event_cb;
++ nf_conntrack_register_notifier(par->net, &ct_event_notifier);
++ pr_debug("xt_FULLCONENAT: fullconenat_tg_check(): ct_event_notifier registered\n");
++#endif
+
+ }
+
+@@ -1269,6 +1277,7 @@ static void fullconenat_tg_destroy(const struct xt_tgdtor_param *par)
+ pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): tg_refer_count is now %d\n", tg_refer_count);
+
+ if (tg_refer_count == 0) {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ if (ct_event_notifier_registered) {
+ nf_conntrack_unregister_notifier(par->net, &ct_event_notifier);
+ ct_event_notifier_registered = 0;
+@@ -1276,6 +1285,10 @@ static void fullconenat_tg_destroy(const struct xt_tgdtor_param *par)
+ pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier unregistered\n");
+
+ }
++#else
++ nf_conntrack_unregister_notifier(par->net);
++ pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier unregistered\n");
++#endif
+ nf_ct_netns_put(par->net, par->family);
+ }
+
More information about the arch-commits
mailing list