summaryrefslogtreecommitdiff
path: root/recipes/iptables/files
diff options
context:
space:
mode:
Diffstat (limited to 'recipes/iptables/files')
-rw-r--r--recipes/iptables/files/compile.patch17
-rw-r--r--recipes/iptables/files/getsockopt-failed.patch28
-rw-r--r--recipes/iptables/files/iptables-use-s6_addr32.patch32
3 files changed, 77 insertions, 0 deletions
diff --git a/recipes/iptables/files/compile.patch b/recipes/iptables/files/compile.patch
new file mode 100644
index 0000000000..76662d9748
--- /dev/null
+++ b/recipes/iptables/files/compile.patch
@@ -0,0 +1,17 @@
+Index: iptables-1.3.3/extensions/Makefile
+===================================================================
+--- iptables-1.3.3.orig/extensions/Makefile
++++ iptables-1.3.3/extensions/Makefile
+@@ -67,10 +67,10 @@ endif
+
+ ifdef NO_SHARED_LIBS
+ extensions/libext.a: $(EXT_OBJS)
+- rm -f $@; ar crv $@ $(EXT_OBJS)
++ rm -f $@; $(AR) crv $@ $(EXT_OBJS)
+
+ extensions/libext6.a: $(EXT6_OBJS)
+- rm -f $@; ar crv $@ $(EXT6_OBJS)
++ rm -f $@; $(AR) crv $@ $(EXT6_OBJS)
+
+ extensions/initext.o: extensions/initext.c
+ extensions/initext6.o: extensions/initext6.c
diff --git a/recipes/iptables/files/getsockopt-failed.patch b/recipes/iptables/files/getsockopt-failed.patch
new file mode 100644
index 0000000000..bba9bdaafb
--- /dev/null
+++ b/recipes/iptables/files/getsockopt-failed.patch
@@ -0,0 +1,28 @@
+This patch fixes an issue where iptables throws the following error:
+"getsockopt failed strangely". This patch is taken from the netfilter
+svn (and it's included in iptable 1.4.0rc1):
+
+http://svn.netfilter.org/cgi-bin/viewcvs.cgi?rev=6890&view=rev
+
+--- iptables/iptables.c 2007/04/30 00:01:39 6815
++++ iptables/iptables.c 2007/06/26 15:29:45 6890
+@@ -1158,7 +1158,7 @@
+ max_rev = getsockopt(sockfd, IPPROTO_IP, opt, &rev, &s);
+ if (max_rev < 0) {
+ /* Definitely don't support this? */
+- if (errno == EPROTONOSUPPORT) {
++ if (errno == ENOENT || errno == EPROTONOSUPPORT) {
+ close(sockfd);
+ return 0;
+ } else if (errno == ENOPROTOOPT) {
+--- iptables/ip6tables.c 2007/06/25 14:55:18 6889
++++ iptables/ip6tables.c 2007/06/26 15:29:45 6890
+@@ -1130,7 +1130,7 @@
+ max_rev = getsockopt(sockfd, IPPROTO_IPV6, opt, &rev, &s);
+ if (max_rev < 0) {
+ /* Definitely don't support this? */
+- if (errno == EPROTONOSUPPORT) {
++ if (errno == ENOENT || errno == EPROTONOSUPPORT) {
+ close(sockfd);
+ return 0;
+ } else if (errno == ENOPROTOOPT) {
diff --git a/recipes/iptables/files/iptables-use-s6_addr32.patch b/recipes/iptables/files/iptables-use-s6_addr32.patch
new file mode 100644
index 0000000000..d3d215ba58
--- /dev/null
+++ b/recipes/iptables/files/iptables-use-s6_addr32.patch
@@ -0,0 +1,32 @@
+This patch fixes a compile error which is demonstrated with glibc/eglibc cvs
+the union ip6_u has been renamed inside glibc header in.h here
+http://sourceware.org/cgi-bin/cvsweb.cgi/libc/inet/netinet/in.h.diff?r1=1.55&r2=1.56&cvsroot=glibc
+We should be really using
+the defines that are provided in inet/netinet/in.h to access the members instead.
+
+Index: iptables-1.3.8/ip6tables.c
+===================================================================
+--- iptables-1.3.8.orig/ip6tables.c
++++ iptables-1.3.8/ip6tables.c
+@@ -730,7 +730,7 @@ parse_hostnetworkmask(const char *name,
+ for (i = 0, j = 0; i < n; i++) {
+ int k;
+ for (k = 0; k < 4; k++)
+- addrp[j].in6_u.u6_addr32[k] &= maskp->in6_u.u6_addr32[k];
++ addrp[j].s6_addr32[k] &= maskp->s6_addr32[k];
+ j++;
+ for (k = 0; k < j - 1; k++) {
+ if (IN6_ARE_ADDR_EQUAL(&addrp[k], &addrp[j - 1])) {
+Index: iptables-1.3.8/libiptc/libip6tc.c
+===================================================================
+--- iptables-1.3.8.orig/libiptc/libip6tc.c
++++ iptables-1.3.8/libiptc/libip6tc.c
+@@ -113,7 +113,7 @@ typedef unsigned int socklen_t;
+ #include "libiptc.c"
+
+ #define BIT6(a, l) \
+- ((ntohl(a->in6_u.u6_addr32[(l) / 32]) >> (31 - ((l) & 31))) & 1)
++ ((ntohl(a->s6_addr32[(l) / 32]) >> (31 - ((l) & 31))) & 1)
+
+ int
+ ipv6_prefix_length(const struct in6_addr *a)