diff options
Diffstat (limited to 'recipes/iptables/files')
-rw-r--r-- | recipes/iptables/files/compile.patch | 17 | ||||
-rw-r--r-- | recipes/iptables/files/getsockopt-failed.patch | 28 | ||||
-rw-r--r-- | recipes/iptables/files/iptables-use-s6_addr32.patch | 32 |
3 files changed, 77 insertions, 0 deletions
diff --git a/recipes/iptables/files/compile.patch b/recipes/iptables/files/compile.patch new file mode 100644 index 0000000000..76662d9748 --- /dev/null +++ b/recipes/iptables/files/compile.patch @@ -0,0 +1,17 @@ +Index: iptables-1.3.3/extensions/Makefile +=================================================================== +--- iptables-1.3.3.orig/extensions/Makefile ++++ iptables-1.3.3/extensions/Makefile +@@ -67,10 +67,10 @@ endif + + ifdef NO_SHARED_LIBS + extensions/libext.a: $(EXT_OBJS) +- rm -f $@; ar crv $@ $(EXT_OBJS) ++ rm -f $@; $(AR) crv $@ $(EXT_OBJS) + + extensions/libext6.a: $(EXT6_OBJS) +- rm -f $@; ar crv $@ $(EXT6_OBJS) ++ rm -f $@; $(AR) crv $@ $(EXT6_OBJS) + + extensions/initext.o: extensions/initext.c + extensions/initext6.o: extensions/initext6.c diff --git a/recipes/iptables/files/getsockopt-failed.patch b/recipes/iptables/files/getsockopt-failed.patch new file mode 100644 index 0000000000..bba9bdaafb --- /dev/null +++ b/recipes/iptables/files/getsockopt-failed.patch @@ -0,0 +1,28 @@ +This patch fixes an issue where iptables throws the following error: +"getsockopt failed strangely". This patch is taken from the netfilter +svn (and it's included in iptable 1.4.0rc1): + +http://svn.netfilter.org/cgi-bin/viewcvs.cgi?rev=6890&view=rev + +--- iptables/iptables.c 2007/04/30 00:01:39 6815 ++++ iptables/iptables.c 2007/06/26 15:29:45 6890 +@@ -1158,7 +1158,7 @@ + max_rev = getsockopt(sockfd, IPPROTO_IP, opt, &rev, &s); + if (max_rev < 0) { + /* Definitely don't support this? */ +- if (errno == EPROTONOSUPPORT) { ++ if (errno == ENOENT || errno == EPROTONOSUPPORT) { + close(sockfd); + return 0; + } else if (errno == ENOPROTOOPT) { +--- iptables/ip6tables.c 2007/06/25 14:55:18 6889 ++++ iptables/ip6tables.c 2007/06/26 15:29:45 6890 +@@ -1130,7 +1130,7 @@ + max_rev = getsockopt(sockfd, IPPROTO_IPV6, opt, &rev, &s); + if (max_rev < 0) { + /* Definitely don't support this? */ +- if (errno == EPROTONOSUPPORT) { ++ if (errno == ENOENT || errno == EPROTONOSUPPORT) { + close(sockfd); + return 0; + } else if (errno == ENOPROTOOPT) { diff --git a/recipes/iptables/files/iptables-use-s6_addr32.patch b/recipes/iptables/files/iptables-use-s6_addr32.patch new file mode 100644 index 0000000000..d3d215ba58 --- /dev/null +++ b/recipes/iptables/files/iptables-use-s6_addr32.patch @@ -0,0 +1,32 @@ +This patch fixes a compile error which is demonstrated with glibc/eglibc cvs +the union ip6_u has been renamed inside glibc header in.h here +http://sourceware.org/cgi-bin/cvsweb.cgi/libc/inet/netinet/in.h.diff?r1=1.55&r2=1.56&cvsroot=glibc +We should be really using +the defines that are provided in inet/netinet/in.h to access the members instead. + +Index: iptables-1.3.8/ip6tables.c +=================================================================== +--- iptables-1.3.8.orig/ip6tables.c ++++ iptables-1.3.8/ip6tables.c +@@ -730,7 +730,7 @@ parse_hostnetworkmask(const char *name, + for (i = 0, j = 0; i < n; i++) { + int k; + for (k = 0; k < 4; k++) +- addrp[j].in6_u.u6_addr32[k] &= maskp->in6_u.u6_addr32[k]; ++ addrp[j].s6_addr32[k] &= maskp->s6_addr32[k]; + j++; + for (k = 0; k < j - 1; k++) { + if (IN6_ARE_ADDR_EQUAL(&addrp[k], &addrp[j - 1])) { +Index: iptables-1.3.8/libiptc/libip6tc.c +=================================================================== +--- iptables-1.3.8.orig/libiptc/libip6tc.c ++++ iptables-1.3.8/libiptc/libip6tc.c +@@ -113,7 +113,7 @@ typedef unsigned int socklen_t; + #include "libiptc.c" + + #define BIT6(a, l) \ +- ((ntohl(a->in6_u.u6_addr32[(l) / 32]) >> (31 - ((l) & 31))) & 1) ++ ((ntohl(a->s6_addr32[(l) / 32]) >> (31 - ((l) & 31))) & 1) + + int + ipv6_prefix_length(const struct in6_addr *a) |