Home Explore Help
Register Sign In
FreifunkHochstift
/
gluon
6
0
Fork 0
Files Issues 0 Pull Requests 0
Browse Source

Add an iptables package fix and a dnsmasq patch

Matthias Schiffer 9 years ago
parent
e831099efb
commit
783c3072c2
2 changed files with 132 additions and 0 deletions
Split View Show Diff Stats
  1. 19 0
      patches/openwrt/0030-iptables-avoid-file-conflicts-due-to-unneeded-libip6t_-.so-in-ip6tables-package.patch
  2. 113 0
      patches/openwrt/0031-dnsmasq-add-patch-to-allow-setting-the-default-packet-mark.patch

+ 19 - 0
patches/openwrt/0030-iptables-avoid-file-conflicts-due-to-unneeded-libip6t_-.so-in-ip6tables-package.patch
View File 

@@ -0,0 +1,19 @@
 
+From: Matthias Schiffer <mschiffer@universe-factory.net>
 
+Date: Sat, 5 Jul 2014 22:30:34 +0200
 
+Subject: iptables: avoid file conflicts due to unneeded libip6t_*.so in ip6tables package
 
+
 
+diff --git a/package/iptables/Makefile b/package/iptables/Makefile
 
+index e36a093..0c7a380 100644
 
+--- a/package/iptables/Makefile
 
++++ b/package/iptables/Makefile
 
+@@ -406,10 +406,6 @@ define Package/ip6tables/install
 
+ 	$(INSTALL_BIN) $(PKG_INSTALL_DIR)/usr/sbin/ip6tables $(1)/usr/sbin/
 
+ 	$(LN) ip6tables $(1)/usr/sbin/ip6tables-save
 
+ 	$(LN) ip6tables $(1)/usr/sbin/ip6tables-restore
 
+-	$(INSTALL_DIR) $(1)/usr/lib/iptables
 
+-	(cd $(PKG_INSTALL_DIR)/usr/lib/iptables ; \
 
+-		$(CP) libip6t_*.so $(1)/usr/lib/iptables/ \
 
+-	)
 
+ endef
 
+ 
+ define Package/libiptc/install

+ 113 - 0
patches/openwrt/0031-dnsmasq-add-patch-to-allow-setting-the-default-packet-mark.patch
View File 

@@ -0,0 +1,113 @@
 
+From: Matthias Schiffer <mschiffer@universe-factory.net>
 
+Date: Sun, 6 Jul 2014 08:12:35 +0200
 
+Subject: dnsmasq: add patch to allow setting the default packet mark
 
+
 
+diff --git a/package/dnsmasq/patches/901-packet-mark.patch b/package/dnsmasq/patches/901-packet-mark.patch
 
+new file mode 100644
 
+index 0000000..286af3a
 
+--- /dev/null
 
++++ b/package/dnsmasq/patches/901-packet-mark.patch
 
+@@ -0,0 +1,103 @@
 
++--- a/src/dnsmasq.h
 
+++++ b/src/dnsmasq.h
 
++@@ -802,6 +802,7 @@ extern struct daemon {
 
++   int cachesize, ftabsize;
 
++   int port, query_port, min_port;
 
++   unsigned long local_ttl, neg_ttl, max_ttl, max_cache_ttl, auth_ttl;
 
+++  unsigned int packet_mark;
 
++   struct hostsfile *addn_hosts;
 
++   struct dhcp_context *dhcp, *dhcp6;
 
++   struct dhcp_config *dhcp_conf;
 
++--- a/src/forward.c
 
+++++ b/src/forward.c
 
++@@ -366,17 +366,17 @@ static int forward_query(int udpfd, unio
 
++ 		      daemon->rfd_save = forward->rfd4;
 
++ 		      fd = forward->rfd4->fd;
 
++ 		    }
 
+++		}
 
+++
 
+++	      unsigned int mark = daemon->packet_mark;
 
++ 
++ #ifdef HAVE_CONNTRACK
 
++-		  /* Copy connection mark of incoming query to outgoing connection. */
 
++-		  if (option_bool(OPT_CONNTRACK))
 
++-		    {
 
++-		      unsigned int mark;
 
++-		      if (get_incoming_mark(udpaddr, dst_addr, 0, &mark))
 
++-			setsockopt(fd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
 
++-		    }
 
+++	      /* Copy connection mark of incoming query to outgoing connection. */
 
+++	      if (option_bool(OPT_CONNTRACK))
 
+++		get_incoming_mark(udpaddr, dst_addr, 0, &mark);
 
++ #endif
 
++-		}
 
+++
 
+++	      setsockopt(fd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
 
++ 	      
++ 	      if (sendto(fd, (char *)header, plen, 0,
 
++ 			 &start->addr.sa,
 
++@@ -1001,11 +1001,11 @@ unsigned char *tcp_request(int confd, ti
 
++ 			      continue;
 
++ 			    }
 
++ 			  
+++			  unsigned int mark = daemon->packet_mark;
 
++ #ifdef HAVE_CONNTRACK
 
++ 			  /* Copy connection mark of incoming query to outgoing connection. */
 
++ 			  if (option_bool(OPT_CONNTRACK))
 
++ 			    {
 
++-			      unsigned int mark;
 
++ 			      struct all_addr local;
 
++ #ifdef HAVE_IPV6		      
++ 			      if (local_addr->sa.sa_family == AF_INET6)
 
++@@ -1014,10 +1014,11 @@ unsigned char *tcp_request(int confd, ti
 
++ #endif
 
++ 				local.addr.addr4 = local_addr->in.sin_addr;
 
++ 			      
++-			      if (get_incoming_mark(&peer_addr, &local, 1, &mark))
 
++-				setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
 
+++			      get_incoming_mark(&peer_addr, &local, 1, &mark);
 
++ 			    }
 
++ #endif	
+++
 
+++			  setsockopt(last_server->tcpfd, SOL_SOCKET, SO_MARK, &mark, sizeof(unsigned int));
 
++ 			}
 
++ 		      
++ 		      c1 = size >> 8;
 
++--- a/src/option.c
 
+++++ b/src/option.c
 
++@@ -131,6 +131,7 @@ struct myoption {
 
++ #ifdef OPTION6_PREFIX_CLASS 
++ #define LOPT_PREF_CLSS 320
 
++ #endif
 
+++#define LOPT_PACKET_MARK 9001
 
++ 
++ #ifdef HAVE_GETOPT_LONG
 
++ static const struct option opts[] =  
++@@ -267,6 +268,7 @@ static const struct myoption opts[] =
 
++ #ifdef OPTION6_PREFIX_CLASS 
++     { "dhcp-prefix-class", 1, 0, LOPT_PREF_CLSS },
 
++ #endif
 
+++    { "packet-mark", 1, 0, LOPT_PACKET_MARK },
 
++     { NULL, 0, 0, 0 }
 
++   };
 
++ 
++@@ -409,6 +411,7 @@ static struct {
 
++ #ifdef OPTION6_PREFIX_CLASS 
++   { LOPT_PREF_CLSS, ARG_DUP, "set:tag,<class>", gettext_noop("Specify DHCPv6 prefix class"), NULL },
 
++ #endif
 
+++  { LOPT_PACKET_MARK, ARG_ONE, "<integer>", gettext_noop("Specify default packet mark for DNS queries."), NULL },
 
++   { 0, 0, NULL, NULL, NULL }
 
++ }; 
++ 
++@@ -2189,6 +2192,11 @@ static int one_opt(int option, char *arg
 
++ 	break;
 
++       }
 
++       
+++    case LOPT_PACKET_MARK: /* --packet-mark */
 
+++      if (!atoi_check(arg, (int*)&daemon->packet_mark))
 
+++	ret_err(gen_err);
 
+++      break;
 
+++
 
++ #ifdef HAVE_DHCP
 
++     case 'X': /* --dhcp-lease-max */
 
++       if (!atoi_check(arg, &daemon->dhcp_max))