This is an automated email from the git hooks/post-receive script. It was generated because a ref change was pushed to the repository containing the project "IPFire 3.x development tree".
The branch, master has been updated via 57aeb76fad153f8902cf4a5f098399ed85efe2f3 (commit) via 131b00597868bca1ca72e543fe8fd7cdabf54646 (commit) via e09c667ac6933257d80abe601a426d69520e25ed (commit) via 23704de3ed9b51a9f0a57817e3987ac441f1db6a (commit) from a91e42644cd1107f505c7abecfe963adb59721a1 (commit)
Those revisions listed above that are new to this repository have not appeared on any other notification email; so we list those revisions in full, below.
- Log ----------------------------------------------------------------- commit 57aeb76fad153f8902cf4a5f098399ed85efe2f3 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed May 25 15:23:08 2011 +0200
strongswan: Update to 4.5.2.
Closes #199.
commit 131b00597868bca1ca72e543fe8fd7cdabf54646 Author: Michael Tremer michael.tremer@ipfire.org Date: Wed May 25 15:21:44 2011 +0200
kernel: Remove defective routing patch.
This causes some trouble with the whole network..
commit e09c667ac6933257d80abe601a426d69520e25ed Author: Michael Tremer michael.tremer@ipfire.org Date: Wed May 25 11:57:29 2011 +0200
cpufrequtils: Fix empty package and create -devel package.
commit 23704de3ed9b51a9f0a57817e3987ac441f1db6a Author: Michael Tremer michael.tremer@ipfire.org Date: Wed May 25 11:52:17 2011 +0200
rstp: Apply some fixes from upstream.
-----------------------------------------------------------------------
Summary of changes: pkgs/cpufrequtils/cpufrequtils.nm | 6 +- pkgs/kernel/kernel.nm | 2 +- pkgs/kernel/patches/routes-2.6.38-16.diff | 1332 ---------------------- pkgs/rstp/patches/rstp-0.21-upstream-fixes.patch | 784 +++++++++++++ pkgs/rstp/rstp.nm | 6 +- pkgs/strongswan/strongswan.nm | 4 +- 6 files changed, 793 insertions(+), 1341 deletions(-) delete mode 100644 pkgs/kernel/patches/routes-2.6.38-16.diff create mode 100644 pkgs/rstp/patches/rstp-0.21-upstream-fixes.patch
Difference in files: diff --git a/pkgs/cpufrequtils/cpufrequtils.nm b/pkgs/cpufrequtils/cpufrequtils.nm index a1aca68..487dc45 100644 --- a/pkgs/cpufrequtils/cpufrequtils.nm +++ b/pkgs/cpufrequtils/cpufrequtils.nm @@ -26,7 +26,7 @@ include $(PKGROOT)/Include
PKG_NAME = cpufrequtils PKG_VER = 008 -PKG_REL = 2 +PKG_REL = 3
PKG_MAINTAINER = PKG_GROUPS = Base Applications/System @@ -42,10 +42,12 @@ endef
PKG_TARBALL = $(THISAPP).tar.gz
+PKG_PACKAGES += $(PKG_NAME)-devel + # Package doesn't provide a configure script define STAGE_BUILD cd $(DIR_APP) && make $(PARALELLISMFLAGS) endef
-STAGE_INSTALL_TARGETS = mandir=/usr/share/man +STAGE_INSTALL_TARGETS += mandir=/usr/share/man
diff --git a/pkgs/kernel/kernel.nm b/pkgs/kernel/kernel.nm index e529b36..e380f8a 100644 --- a/pkgs/kernel/kernel.nm +++ b/pkgs/kernel/kernel.nm @@ -26,7 +26,7 @@ include $(PKGROOT)/Include
PKG_NAME = linux PKG_VER = 2.6.38.4 -PKG_REL = 2 +PKG_REL = 3
PKG_MAINTAINER = Michael Tremer michael.tremer@ipfire.org PKG_GROUPS = System/Kernels diff --git a/pkgs/kernel/patches/routes-2.6.38-16.diff b/pkgs/kernel/patches/routes-2.6.38-16.diff deleted file mode 100644 index 35d371b..0000000 --- a/pkgs/kernel/patches/routes-2.6.38-16.diff +++ /dev/null @@ -1,1332 +0,0 @@ -diff -urp v2.6.38/linux/include/linux/rtnetlink.h linux/include/linux/rtnetlink.h ---- v2.6.38/linux/include/linux/rtnetlink.h 2011-03-20 12:05:41.000000000 +0200 -+++ linux/include/linux/rtnetlink.h 2011-03-20 12:12:11.107248055 +0200 -@@ -312,6 +312,8 @@ struct rtnexthop { - #define RTNH_F_DEAD 1 /* Nexthop is dead (used by multipath) */ - #define RTNH_F_PERVASIVE 2 /* Do recursive gateway lookup */ - #define RTNH_F_ONLINK 4 /* Gateway is forced on link */ -+#define RTNH_F_SUSPECT 8 /* We don't know the real state */ -+#define RTNH_F_BADSTATE (RTNH_F_DEAD | RTNH_F_SUSPECT) - - /* Macros to handle hexthops */ - -diff -urp v2.6.38/linux/include/net/flow.h linux/include/net/flow.h ---- v2.6.38/linux/include/net/flow.h 2011-03-20 12:01:11.000000000 +0200 -+++ linux/include/net/flow.h 2011-03-20 12:13:20.139247270 +0200 -@@ -19,6 +19,8 @@ struct flowi { - struct { - __be32 daddr; - __be32 saddr; -+ __be32 lsrc; -+ __be32 gw; - __u8 tos; - __u8 scope; - } ip4_u; -@@ -43,6 +45,8 @@ struct flowi { - #define fl6_flowlabel nl_u.ip6_u.flowlabel - #define fl4_dst nl_u.ip4_u.daddr - #define fl4_src nl_u.ip4_u.saddr -+#define fl4_lsrc nl_u.ip4_u.lsrc -+#define fl4_gw nl_u.ip4_u.gw - #define fl4_tos nl_u.ip4_u.tos - #define fl4_scope nl_u.ip4_u.scope - -diff -urp v2.6.38/linux/include/net/ip_fib.h linux/include/net/ip_fib.h ---- v2.6.38/linux/include/net/ip_fib.h 2011-03-20 12:05:50.000000000 +0200 -+++ linux/include/net/ip_fib.h 2011-03-20 12:12:11.107248055 +0200 -@@ -210,6 +210,8 @@ extern int fib_lookup(struct net *n, str - extern struct fib_table *fib_new_table(struct net *net, u32 id); - extern struct fib_table *fib_get_table(struct net *net, u32 id); - -+extern int fib_result_table(struct fib_result *res); -+ - #endif /* CONFIG_IP_MULTIPLE_TABLES */ - - /* Exported by fib_frontend.c */ -@@ -270,4 +272,6 @@ static inline void fib_proc_exit(struct - } - #endif - -+extern rwlock_t fib_nhflags_lock; -+ - #endif /* _NET_FIB_H */ -diff -urp v2.6.38/linux/include/net/netfilter/nf_nat.h linux/include/net/netfilter/nf_nat.h ---- v2.6.38/linux/include/net/netfilter/nf_nat.h 2011-03-20 12:01:11.000000000 +0200 -+++ linux/include/net/netfilter/nf_nat.h 2011-03-20 12:13:20.140246808 +0200 -@@ -73,6 +73,13 @@ struct nf_conn_nat { - #endif - }; - -+/* Call input routing for SNAT-ed traffic */ -+extern unsigned int ip_nat_route_input(unsigned int hooknum, -+ struct sk_buff *skb, -+ const struct net_device *in, -+ const struct net_device *out, -+ int (*okfn)(struct sk_buff *)); -+ - /* Set up the info structure to map into this range. */ - extern unsigned int nf_nat_setup_info(struct nf_conn *ct, - const struct nf_nat_range *range, -diff -urp v2.6.38/linux/include/net/route.h linux/include/net/route.h ---- v2.6.38/linux/include/net/route.h 2011-03-20 12:01:11.000000000 +0200 -+++ linux/include/net/route.h 2011-03-20 12:13:20.141248044 +0200 -@@ -134,6 +134,7 @@ static inline int ip_route_input_noref(s - return ip_route_input_common(skb, dst, src, tos, devin, true); - } - -+extern int ip_route_input_lookup(struct sk_buff*, __be32 dst, __be32 src, u8 tos, struct net_device *devin, __be32 lsrc); - extern unsigned short ip_rt_frag_needed(struct net *net, struct iphdr *iph, unsigned short new_mtu, struct net_device *dev); - extern void ip_rt_send_redirect(struct sk_buff *skb); - -diff -urp v2.6.38/linux/net/bridge/br_netfilter.c linux/net/bridge/br_netfilter.c ---- v2.6.38/linux/net/bridge/br_netfilter.c 2011-03-20 12:01:11.000000000 +0200 -+++ linux/net/bridge/br_netfilter.c 2011-03-20 12:13:20.142247890 +0200 -@@ -405,6 +405,9 @@ static int br_nf_pre_routing_finish(stru - struct rtable *rt; - int err; - -+ /* Old skb->dst is not expected, it is lost in all cases */ -+ skb_dst_drop(skb); -+ - if (nf_bridge->mask & BRNF_PKT_TYPE) { - skb->pkt_type = PACKET_OTHERHOST; - nf_bridge->mask ^= BRNF_PKT_TYPE; -diff -urp v2.6.38/linux/net/ipv4/fib_frontend.c linux/net/ipv4/fib_frontend.c ---- v2.6.38/linux/net/ipv4/fib_frontend.c 2011-03-20 12:05:50.000000000 +0200 -+++ linux/net/ipv4/fib_frontend.c 2011-03-20 12:12:11.109247911 +0200 -@@ -47,6 +47,8 @@ - - #ifndef CONFIG_IP_MULTIPLE_TABLES - -+#define FIB_RES_TABLE(r) (RT_TABLE_MAIN) -+ - static int __net_init fib4_rules_init(struct net *net) - { - struct fib_table *local_table, *main_table; -@@ -71,6 +73,8 @@ fail: - } - #else - -+#define FIB_RES_TABLE(r) (fib_result_table(r)) -+ - struct fib_table *fib_new_table(struct net *net, u32 id) - { - struct fib_table *tb; -@@ -125,7 +129,8 @@ void fib_select_default(struct net *net, - table = res->r->table; - #endif - tb = fib_get_table(net, table); -- if (FIB_RES_GW(*res) && FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK) -+ if ((FIB_RES_GW(*res) && FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK) || -+ FIB_RES_NH(*res).nh_scope == RT_SCOPE_HOST) - fib_table_select_default(tb, flp, res); - } - -@@ -256,6 +261,9 @@ int fib_validate_source(__be32 src, __be - .iif = oif - }; - struct fib_result res; -+ int table; -+ unsigned char prefixlen; -+ unsigned char scope; - int no_addr, rpf, accept_local; - bool dev_match; - int ret; -@@ -302,19 +310,26 @@ int fib_validate_source(__be32 src, __be - ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST; - return ret; - } -+ table = FIB_RES_TABLE(&res); -+ prefixlen = res.prefixlen; -+ scope = res.scope; - if (no_addr) - goto last_resort; -- if (rpf == 1) -- goto e_rpf; - fl.oif = dev->ifindex; - - ret = 0; - if (fib_lookup(net, &fl, &res) == 0) { -- if (res.type == RTN_UNICAST) { -+ if (res.type == RTN_UNICAST && -+ ((table == FIB_RES_TABLE(&res) && -+ res.prefixlen >= prefixlen && res.scope >= scope) || -+ !rpf)) { - *spec_dst = FIB_RES_PREFSRC(res); - ret = FIB_RES_NH(res).nh_scope >= RT_SCOPE_HOST; -+ return ret; - } - } -+ if (rpf == 1) -+ goto e_rpf; - return ret; - - last_resort: -@@ -942,9 +957,7 @@ static int fib_inetaddr_event(struct not - switch (event) { - case NETDEV_UP: - fib_add_ifaddr(ifa); --#ifdef CONFIG_IP_ROUTE_MULTIPATH - fib_sync_up(dev); --#endif - rt_cache_flush(dev_net(dev), -1); - break; - case NETDEV_DOWN: -@@ -980,9 +993,7 @@ static int fib_netdev_event(struct notif - for_ifa(in_dev) { - fib_add_ifaddr(ifa); - } endfor_ifa(in_dev); --#ifdef CONFIG_IP_ROUTE_MULTIPATH - fib_sync_up(dev); --#endif - rt_cache_flush(dev_net(dev), -1); - break; - case NETDEV_DOWN: -diff -urp v2.6.38/linux/net/ipv4/fib_hash.c linux/net/ipv4/fib_hash.c ---- v2.6.38/linux/net/ipv4/fib_hash.c 2011-03-20 12:05:41.000000000 +0200 -+++ linux/net/ipv4/fib_hash.c 2011-03-20 12:12:11.110247911 +0200 -@@ -305,27 +305,43 @@ out: - void fib_table_select_default(struct fib_table *tb, - const struct flowi *flp, struct fib_result *res) - { -- int order, last_idx; -+ int order, last_idx, last_dflt, last_nhsel, good; -+ struct fib_alias *first_fa; - struct hlist_node *node; - struct fib_node *f; -- struct fib_info *fi = NULL; -+ struct fib_info *fi; - struct fib_info *last_resort; - struct fn_hash *t = (struct fn_hash *)tb->tb_data; -- struct fn_zone *fz = t->fn_zones[0]; -+ struct fn_zone *fz = t->fn_zones[res->prefixlen]; - struct hlist_head *head; -+ __be32 k; -+ unsigned int seq; - - if (fz == NULL) - return; - -+ k = fz_key(flp->fl4_dst, fz); -+ -+ rcu_read_lock(); -+ -+retry: -+ last_dflt = -2; -+ last_nhsel = 0; - last_idx = -1; - last_resort = NULL; - order = -1; -+ fi = NULL; -+ first_fa = NULL; -+ good = 0; - -- rcu_read_lock(); -- head = rcu_dereference(fz->fz_hash); -+ seq = read_seqbegin(&fz->fz_lock); -+ head = rcu_dereference(fz->fz_hash) + fn_hash(k, fz); - hlist_for_each_entry_rcu(f, node, head, fn_hash) { - struct fib_alias *fa; - -+ if (f->fn_key != k) -+ continue; -+ - list_for_each_entry_rcu(fa, &f->fn_alias, fa_list) { - struct fib_info *next_fi = fa->fa_info; - -@@ -333,43 +349,66 @@ void fib_table_select_default(struct fib - fa->fa_type != RTN_UNICAST) - continue; - -+ if (fa->fa_tos && -+ fa->fa_tos != flp->fl4_tos) -+ continue; - if (next_fi->fib_priority > res->fi->fib_priority) - break; -- if (!next_fi->fib_nh[0].nh_gw || -- next_fi->fib_nh[0].nh_scope != RT_SCOPE_LINK) -- continue; - - fib_alias_accessed(fa); - -- if (fi == NULL) { -- if (next_fi != res->fi) -- break; -- } else if (!fib_detect_death(fi, order, &last_resort, -- &last_idx, tb->tb_default)) { -- fib_result_assign(res, fi); -- tb->tb_default = order; -- goto out; -+ if (!first_fa) { -+ last_dflt = fa->fa_last_dflt; -+ first_fa = fa; -+ } -+ if (fi && !fib_detect_death(fi, order, &last_resort, -+ &last_idx, &last_dflt, &last_nhsel, flp)) { -+ good = 1; -+ goto done1; - } - fi = next_fi; - order++; - } -+ break; -+ } -+ -+done1: -+ if (read_seqretry(&fz->fz_lock, seq)) -+ goto retry; -+ -+ if (good) { -+ fib_result_assign(res, fi); -+ first_fa->fa_last_dflt = order; -+ goto out; - } - - if (order <= 0 || fi == NULL) { -- tb->tb_default = -1; -+ if (fi && fi->fib_nhs > 1 && -+ fib_detect_death(fi, order, &last_resort, &last_idx, -+ &last_dflt, &last_nhsel, flp) && -+ last_resort == fi) { -+ read_lock_bh(&fib_nhflags_lock); -+ fi->fib_nh[last_nhsel].nh_flags &= ~RTNH_F_SUSPECT; -+ read_unlock_bh(&fib_nhflags_lock); -+ } -+ if (first_fa) first_fa->fa_last_dflt = -1; - goto out; - } - - if (!fib_detect_death(fi, order, &last_resort, &last_idx, -- tb->tb_default)) { -+ &last_dflt, &last_nhsel, flp)) { - fib_result_assign(res, fi); -- tb->tb_default = order; -+ first_fa->fa_last_dflt = order; - goto out; - } - -- if (last_idx >= 0) -+ if (last_idx >= 0) { - fib_result_assign(res, last_resort); -- tb->tb_default = last_idx; -+ read_lock_bh(&fib_nhflags_lock); -+ last_resort->fib_nh[last_nhsel].nh_flags &= ~RTNH_F_SUSPECT; -+ read_unlock_bh(&fib_nhflags_lock); -+ first_fa->fa_last_dflt = last_idx; -+ } - out: - rcu_read_unlock(); - } -@@ -507,6 +546,7 @@ int fib_table_insert(struct fib_table *t - - new_fa->fa_tos = fa->fa_tos; - new_fa->fa_info = fi; -+ new_fa->fa_last_dflt = -1; - new_fa->fa_type = cfg->fc_type; - new_fa->fa_scope = cfg->fc_scope; - state = fa->fa_state; -@@ -559,6 +599,7 @@ int fib_table_insert(struct fib_table *t - new_fa->fa_type = cfg->fc_type; - new_fa->fa_scope = cfg->fc_scope; - new_fa->fa_state = 0; -+ new_fa->fa_last_dflt = -1; - - /* - * Insert new entry to the list. -diff -urp v2.6.38/linux/net/ipv4/fib_lookup.h linux/net/ipv4/fib_lookup.h ---- v2.6.38/linux/net/ipv4/fib_lookup.h 2011-03-20 12:05:41.000000000 +0200 -+++ linux/net/ipv4/fib_lookup.h 2011-03-20 12:12:11.111246945 +0200 -@@ -8,6 +8,7 @@ - struct fib_alias { - struct list_head fa_list; - struct fib_info *fa_info; -+ int fa_last_dflt; - u8 fa_tos; - u8 fa_type; - u8 fa_scope; -@@ -42,7 +43,8 @@ extern struct fib_alias *fib_find_alias( - u8 tos, u32 prio); - extern int fib_detect_death(struct fib_info *fi, int order, - struct fib_info **last_resort, -- int *last_idx, int dflt); -+ int *last_idx, int *dflt, int *last_nhsel, -+ const struct flowi *flp); - - static inline void fib_result_assign(struct fib_result *res, - struct fib_info *fi) -diff -urp v2.6.38/linux/net/ipv4/fib_rules.c linux/net/ipv4/fib_rules.c ---- v2.6.38/linux/net/ipv4/fib_rules.c 2011-03-20 12:05:41.000000000 +0200 -+++ linux/net/ipv4/fib_rules.c 2011-03-20 12:12:11.111246945 +0200 -@@ -53,6 +53,11 @@ u32 fib_rules_tclass(struct fib_result * - } - #endif - -+int fib_result_table(struct fib_result *res) -+{ -+ return res->r->table; -+} -+ - int fib_lookup(struct net *net, struct flowi *flp, struct fib_result *res) - { - struct fib_lookup_arg arg = { -diff -urp v2.6.38/linux/net/ipv4/fib_semantics.c linux/net/ipv4/fib_semantics.c ---- v2.6.38/linux/net/ipv4/fib_semantics.c 2011-03-20 12:05:50.000000000 +0200 -+++ linux/net/ipv4/fib_semantics.c 2011-03-20 12:13:20.143248500 +0200 -@@ -51,6 +51,7 @@ static struct hlist_head *fib_info_hash; - static struct hlist_head *fib_info_laddrhash; - static unsigned int fib_hash_size; - static unsigned int fib_info_cnt; -+rwlock_t fib_nhflags_lock = RW_LOCK_UNLOCKED; - - #define DEVINDEX_HASHBITS 8 - #define DEVINDEX_HASHSIZE (1U << DEVINDEX_HASHBITS) -@@ -203,7 +204,7 @@ static inline int nh_comp(const struct f - #ifdef CONFIG_NET_CLS_ROUTE - nh->nh_tclassid != onh->nh_tclassid || - #endif -- ((nh->nh_flags ^ onh->nh_flags) & ~RTNH_F_DEAD)) -+ ((nh->nh_flags ^ onh->nh_flags) & ~RTNH_F_BADSTATE)) - return -1; - onh++; - } endfor_nexthops(fi); -@@ -254,7 +255,7 @@ static struct fib_info *fib_find_info(co - nfi->fib_priority == fi->fib_priority && - memcmp(nfi->fib_metrics, fi->fib_metrics, - sizeof(fi->fib_metrics)) == 0 && -- ((nfi->fib_flags ^ fi->fib_flags) & ~RTNH_F_DEAD) == 0 && -+ ((nfi->fib_flags ^ fi->fib_flags) & ~RTNH_F_BADSTATE) == 0 && - (nfi->fib_nhs == 0 || nh_comp(fi, nfi) == 0)) - return fi; - } -@@ -365,26 +366,70 @@ struct fib_alias *fib_find_alias(struct - } - - int fib_detect_death(struct fib_info *fi, int order, -- struct fib_info **last_resort, int *last_idx, int dflt) -+ struct fib_info **last_resort, int *last_idx, int *dflt, -+ int *last_nhsel, const struct flowi *flp) - { - struct neighbour *n; -- int state = NUD_NONE; -+ int nhsel; -+ int state; -+ struct fib_nh * nh; -+ __be32 dst; -+ int flag, dead = 1; -+ -+ /* change_nexthops(fi) { */ -+ for (nhsel = 0, nh = fi->fib_nh; nhsel < fi->fib_nhs; nh++, nhsel++) { -+ if (flp->oif && flp->oif != nh->nh_oif) -+ continue; -+ if (flp->fl4_gw && flp->fl4_gw != nh->nh_gw && nh->nh_gw && -+ nh->nh_scope == RT_SCOPE_LINK) -+ continue; -+ if (nh->nh_flags & RTNH_F_DEAD) -+ continue; - -- n = neigh_lookup(&arp_tbl, &fi->fib_nh[0].nh_gw, fi->fib_dev); -- if (n) { -- state = n->nud_state; -- neigh_release(n); -- } -- if (state == NUD_REACHABLE) -- return 0; -- if ((state & NUD_VALID) && order != dflt) -- return 0; -- if ((state & NUD_VALID) || -- (*last_idx < 0 && order > dflt)) { -- *last_resort = fi; -- *last_idx = order; -+ flag = 0; -+ if (nh->nh_dev->flags & IFF_NOARP) { -+ dead = 0; -+ goto setfl; -+ } -+ -+ dst = nh->nh_gw; -+ if (!nh->nh_gw || nh->nh_scope != RT_SCOPE_LINK) -+ dst = flp->fl4_dst; -+ -+ state = NUD_NONE; -+ n = neigh_lookup(&arp_tbl, &dst, nh->nh_dev); -+ if (n) { -+ state = n->nud_state; -+ neigh_release(n); -+ } -+ if (state == NUD_REACHABLE || -+ ((state & NUD_VALID) && order != *dflt)) { -+ dead = 0; -+ goto setfl; -+ } -+ if (!(state & NUD_VALID)) -+ flag = 1; -+ if (!dead) -+ goto setfl; -+ if ((state & NUD_VALID) || -+ (*last_idx < 0 && order >= *dflt)) { -+ *last_resort = fi; -+ *last_idx = order; -+ *last_nhsel = nhsel; -+ } -+ -+ setfl: -+ -+ read_lock_bh(&fib_nhflags_lock); -+ if (flag) -+ nh->nh_flags |= RTNH_F_SUSPECT; -+ else -+ nh->nh_flags &= ~RTNH_F_SUSPECT; -+ read_unlock_bh(&fib_nhflags_lock); - } -- return 1; -+ /* } endfor_nexthops(fi) */ -+ -+ return dead; - } - - #ifdef CONFIG_IP_ROUTE_MULTIPATH -@@ -553,8 +598,11 @@ static int fib_check_nh(struct fib_confi - dev = __dev_get_by_index(net, nh->nh_oif); - if (!dev) - return -ENODEV; -- if (!(dev->flags & IFF_UP)) -- return -ENETDOWN; -+ if (!(dev->flags & IFF_UP)) { -+ if (fi->fib_protocol != RTPROT_STATIC) -+ return -ENETDOWN; -+ nh->nh_flags |= RTNH_F_DEAD; -+ } - nh->nh_dev = dev; - dev_hold(dev); - nh->nh_scope = RT_SCOPE_LINK; -@@ -572,21 +620,41 @@ static int fib_check_nh(struct fib_confi - if (fl.fl4_scope < RT_SCOPE_LINK) - fl.fl4_scope = RT_SCOPE_LINK; - err = fib_lookup(net, &fl, &res); -- if (err) { -- rcu_read_unlock(); -- return err; -+ } -+ if (err) { -+ struct in_device *in_dev; -+ -+ if (err != -ENETUNREACH || -+ fi->fib_protocol != RTPROT_STATIC) -+ goto out; -+ -+ in_dev = inetdev_by_index(net, nh->nh_oif); -+ if (in_dev == NULL || -+ in_dev->dev->flags & IFF_UP) -+ goto out; -+ nh->nh_flags |= RTNH_F_DEAD; -+ nh->nh_scope = RT_SCOPE_LINK; -+ nh->nh_dev = in_dev->dev; -+ dev_hold(nh->nh_dev); -+ } else { -+ err = -EINVAL; -+ if (res.type != RTN_UNICAST && res.type != RTN_LOCAL) -+ goto out; -+ nh->nh_scope = res.scope; -+ nh->nh_oif = FIB_RES_OIF(res); -+ nh->nh_dev = dev = FIB_RES_DEV(res); -+ if (!dev) -+ goto out; -+ dev_hold(dev); -+ if (!(nh->nh_dev->flags & IFF_UP)) { -+ if (fi->fib_protocol != RTPROT_STATIC) { -+ err = -ENETDOWN; -+ goto out; -+ } -+ nh->nh_flags |= RTNH_F_DEAD; - } -+ err = 0; - } -- err = -EINVAL; -- if (res.type != RTN_UNICAST && res.type != RTN_LOCAL) -- goto out; -- nh->nh_scope = res.scope; -- nh->nh_oif = FIB_RES_OIF(res); -- nh->nh_dev = dev = FIB_RES_DEV(res); -- if (!dev) -- goto out; -- dev_hold(dev); -- err = (dev->flags & IFF_UP) ? 0 : -ENETDOWN; - } else { - struct in_device *in_dev; - -@@ -599,8 +667,11 @@ static int fib_check_nh(struct fib_confi - if (in_dev == NULL) - goto out; - err = -ENETDOWN; -- if (!(in_dev->dev->flags & IFF_UP)) -- goto out; -+ if (!(in_dev->dev->flags & IFF_UP)) { -+ if (fi->fib_protocol != RTPROT_STATIC) -+ goto out; -+ nh->nh_flags |= RTNH_F_DEAD; -+ } - nh->nh_dev = in_dev->dev; - dev_hold(nh->nh_dev); - nh->nh_scope = RT_SCOPE_HOST; -@@ -915,8 +986,12 @@ int fib_semantic_match(struct list_head - for_nexthops(fi) { - if (nh->nh_flags & RTNH_F_DEAD) - continue; -- if (!flp->oif || flp->oif == nh->nh_oif) -- break; -+ if (flp->oif && flp->oif != nh->nh_oif) -+ continue; -+ if (flp->fl4_gw && flp->fl4_gw != nh->nh_gw && -+ nh->nh_gw && nh->nh_scope == RT_SCOPE_LINK) -+ continue; -+ break; - } - #ifdef CONFIG_IP_ROUTE_MULTIPATH - if (nhsel < fi->fib_nhs) { -@@ -1096,18 +1171,29 @@ int fib_sync_down_dev(struct net_device - prev_fi = fi; - dead = 0; - change_nexthops(fi) { -- if (nexthop_nh->nh_flags & RTNH_F_DEAD) -- dead++; -- else if (nexthop_nh->nh_dev == dev && -- nexthop_nh->nh_scope != scope) { -- nexthop_nh->nh_flags |= RTNH_F_DEAD; -+ if (nexthop_nh->nh_flags & RTNH_F_DEAD) { -+ if (fi->fib_protocol != RTPROT_STATIC || -+ nexthop_nh->nh_dev == NULL || -+ __in_dev_get_rtnl(nexthop_nh->nh_dev) == NULL || -+ nexthop_nh->nh_dev->flags&IFF_UP) -+ dead++; -+ } else if (nexthop_nh->nh_dev == dev && -+ nexthop_nh->nh_scope != scope) { -+ write_lock_bh(&fib_nhflags_lock); - #ifdef CONFIG_IP_ROUTE_MULTIPATH -- spin_lock_bh(&fib_multipath_lock); -+ spin_lock(&fib_multipath_lock); -+ nexthop_nh->nh_flags |= RTNH_F_DEAD; - fi->fib_power -= nexthop_nh->nh_power; - nexthop_nh->nh_power = 0; -- spin_unlock_bh(&fib_multipath_lock); -+ spin_unlock(&fib_multipath_lock); -+#else -+ nexthop_nh->nh_flags |= RTNH_F_DEAD; - #endif -- dead++; -+ write_unlock_bh(&fib_nhflags_lock); -+ if (fi->fib_protocol!=RTPROT_STATIC || -+ force || -+ __in_dev_get_rtnl(dev) == NULL) -+ dead++; - } - #ifdef CONFIG_IP_ROUTE_MULTIPATH - if (force > 1 && nexthop_nh->nh_dev == dev) { -@@ -1125,11 +1211,8 @@ int fib_sync_down_dev(struct net_device - return ret; - } - --#ifdef CONFIG_IP_ROUTE_MULTIPATH -- - /* -- * Dead device goes up. We wake up dead nexthops. -- * It takes sense only on multipath routes. -++ Dead device goes up or new address is added. We wake up dead nexthops. - */ - int fib_sync_up(struct net_device *dev) - { -@@ -1138,8 +1221,10 @@ int fib_sync_up(struct net_device *dev) - struct hlist_head *head; - struct hlist_node *node; - struct fib_nh *nh; -- int ret; -+ struct fib_result res; -+ int ret, rep; - -+repeat: - if (!(dev->flags & IFF_UP)) - return 0; - -@@ -1147,6 +1232,7 @@ int fib_sync_up(struct net_device *dev) - hash = fib_devindex_hashfn(dev->ifindex); - head = &fib_info_devhash[hash]; - ret = 0; -+ rep = 0; - - hlist_for_each_entry(nh, node, head, nh_hash) { - struct fib_info *fi = nh->nh_parent; -@@ -1159,21 +1245,45 @@ int fib_sync_up(struct net_device *dev) - prev_fi = fi; - alive = 0; - change_nexthops(fi) { -- if (!(nexthop_nh->nh_flags & RTNH_F_DEAD)) { -- alive++; -+ if (!(nexthop_nh->nh_flags & RTNH_F_DEAD)) - continue; -- } - if (nexthop_nh->nh_dev == NULL || - !(nexthop_nh->nh_dev->flags & IFF_UP)) - continue; - if (nexthop_nh->nh_dev != dev || - !__in_dev_get_rtnl(dev)) - continue; -+ if (nexthop_nh->nh_gw && fi->fib_protocol == RTPROT_STATIC) { -+ struct flowi fl = { -+ .nl_u = { .ip4_u = -+ { .daddr = nexthop_nh->nh_gw, -+ .scope = nexthop_nh->nh_scope } }, -+ .oif = nexthop_nh->nh_oif, -+ }; -+ -+ rcu_read_lock(); -+ if (fib_lookup(dev_net(dev), &fl, &res) != 0) { -+ rcu_read_unlock(); -+ continue; -+ } -+ if (res.type != RTN_UNICAST && -+ res.type != RTN_LOCAL) { -+ rcu_read_unlock(); -+ continue; -+ } -+ nexthop_nh->nh_scope = res.scope; -+ rcu_read_unlock(); -+ rep = 1; -+ } - alive++; -+#ifdef CONFIG_IP_ROUTE_MULTIPATH - spin_lock_bh(&fib_multipath_lock); - nexthop_nh->nh_power = 0; -+#endif - nexthop_nh->nh_flags &= ~RTNH_F_DEAD; -+#ifdef CONFIG_IP_ROUTE_MULTIPATH - spin_unlock_bh(&fib_multipath_lock); -+#endif - } endfor_nexthops(fi) - - if (alive > 0) { -@@ -1181,10 +1291,14 @@ int fib_sync_up(struct net_device *dev) - ret++; - } - } -+ if (rep) -+ goto repeat; - - return ret; - } - -+#ifdef CONFIG_IP_ROUTE_MULTIPATH -+ - /* - * The algorithm is suboptimal, but it provides really - * fair weighted route distribution. -@@ -1192,24 +1306,46 @@ int fib_sync_up(struct net_device *dev) - void fib_select_multipath(const struct flowi *flp, struct fib_result *res) - { - struct fib_info *fi = res->fi; -- int w; -+ int w, alive; - - spin_lock_bh(&fib_multipath_lock); -+ if (flp->oif) { -+ int sel = -1; -+ w = -1; -+ change_nexthops(fi) { -+ if (flp->oif != nexthop_nh->nh_oif) -+ continue; -+ if (flp->fl4_gw && flp->fl4_gw != nexthop_nh->nh_gw && -+ nexthop_nh->nh_gw && -+ nexthop_nh->nh_scope == RT_SCOPE_LINK) -+ continue; -+ if (!(nexthop_nh->nh_flags & RTNH_F_BADSTATE)) { -+ if (nexthop_nh->nh_power > w) { -+ w = nexthop_nh->nh_power; -+ sel = nhsel; -+ } -+ } -+ } endfor_nexthops(fi); -+ if (sel >= 0) { -+ spin_unlock_bh(&fib_multipath_lock); -+ res->nh_sel = sel; -+ return; -+ } -+ goto last_resort; -+ } -+ -+repeat: - if (fi->fib_power <= 0) { - int power = 0; - change_nexthops(fi) { -- if (!(nexthop_nh->nh_flags & RTNH_F_DEAD)) { -+ if (!(nexthop_nh->nh_flags & RTNH_F_BADSTATE)) { - power += nexthop_nh->nh_weight; - nexthop_nh->nh_power = nexthop_nh->nh_weight; - } - } endfor_nexthops(fi); - fi->fib_power = power; -- if (power <= 0) { -- spin_unlock_bh(&fib_multipath_lock); -- /* Race condition: route has just become dead. */ -- res->nh_sel = 0; -- return; -- } -+ if (power <= 0) -+ goto last_resort; - } - - -@@ -1219,8 +1355,9 @@ void fib_select_multipath(const struct f - - w = jiffies % fi->fib_power; - -+ alive = 0; - change_nexthops(fi) { -- if (!(nexthop_nh->nh_flags & RTNH_F_DEAD) && -+ if (!(nexthop_nh->nh_flags & RTNH_F_BADSTATE) && - nexthop_nh->nh_power) { - w -= nexthop_nh->nh_power; - if (w <= 0) { -@@ -1230,11 +1367,29 @@ void fib_select_multipath(const struct f - spin_unlock_bh(&fib_multipath_lock); - return; - } -+ alive = 1; -+ } -+ } endfor_nexthops(fi); -+ if (alive) { -+ fi->fib_power = 0; -+ goto repeat; -+ } -+ -+last_resort: -+ for_nexthops(fi) { -+ if (!(nh->nh_flags & RTNH_F_DEAD)) { -+ if (flp->oif && flp->oif != nh->nh_oif) -+ continue; -+ if (flp->fl4_gw && flp->fl4_gw != nh->nh_gw && -+ nh->nh_gw && nh->nh_scope == RT_SCOPE_LINK) -+ continue; -+ spin_unlock_bh(&fib_multipath_lock); -+ res->nh_sel = nhsel; -+ return; - } - } endfor_nexthops(fi); - - /* Race condition: route has just become dead. */ -- res->nh_sel = 0; - spin_unlock_bh(&fib_multipath_lock); - } - #endif -diff -urp v2.6.38/linux/net/ipv4/fib_trie.c linux/net/ipv4/fib_trie.c ---- v2.6.38/linux/net/ipv4/fib_trie.c 2011-03-20 12:05:41.000000000 +0200 -+++ linux/net/ipv4/fib_trie.c 2011-03-20 12:12:11.115247884 +0200 -@@ -1270,6 +1270,7 @@ int fib_table_insert(struct fib_table *t - fi_drop = fa->fa_info; - new_fa->fa_tos = fa->fa_tos; - new_fa->fa_info = fi; -+ new_fa->fa_last_dflt = -1; - new_fa->fa_type = cfg->fc_type; - new_fa->fa_scope = cfg->fc_scope; - state = fa->fa_state; -@@ -1310,6 +1311,7 @@ int fib_table_insert(struct fib_table *t - new_fa->fa_type = cfg->fc_type; - new_fa->fa_scope = cfg->fc_scope; - new_fa->fa_state = 0; -+ new_fa->fa_last_dflt = -1; - /* - * Insert new entry to the list. - */ -@@ -1807,24 +1809,31 @@ void fib_table_select_default(struct fib - struct fib_result *res) - { - struct trie *t = (struct trie *) tb->tb_data; -- int order, last_idx; -+ int order, last_idx, last_dflt, last_nhsel; -+ struct fib_alias *first_fa = NULL; - struct fib_info *fi = NULL; - struct fib_info *last_resort; - struct fib_alias *fa = NULL; - struct list_head *fa_head; - struct leaf *l; -+ u32 key, mask; - -+ last_dflt = -2; -+ last_nhsel = 0; - last_idx = -1; - last_resort = NULL; - order = -1; - -+ mask = inet_make_mask(res->prefixlen); -+ key = ntohl(flp->fl4_dst & mask); -+ - rcu_read_lock(); - -- l = fib_find_node(t, 0); -+ l = fib_find_node(t, key); - if (!l) - goto out; - -- fa_head = get_fa_head(l, 0); -+ fa_head = get_fa_head(l, res->prefixlen); - if (!fa_head) - goto out; - -@@ -1838,40 +1847,53 @@ void fib_table_select_default(struct fib - fa->fa_type != RTN_UNICAST) - continue; - -+ if (fa->fa_tos && -+ fa->fa_tos != flp->fl4_tos) -+ continue; - if (next_fi->fib_priority > res->fi->fib_priority) - break; -- if (!next_fi->fib_nh[0].nh_gw || -- next_fi->fib_nh[0].nh_scope != RT_SCOPE_LINK) -- continue; - - fib_alias_accessed(fa); - -- if (fi == NULL) { -- if (next_fi != res->fi) -- break; -- } else if (!fib_detect_death(fi, order, &last_resort, -- &last_idx, tb->tb_default)) { -+ if (!first_fa) { -+ last_dflt = fa->fa_last_dflt; -+ first_fa = fa; -+ } -+ if (fi && !fib_detect_death(fi, order, &last_resort, -+ &last_idx, &last_dflt, &last_nhsel, flp)) { - fib_result_assign(res, fi); -- tb->tb_default = order; -+ first_fa->fa_last_dflt = order; - goto out; - } - fi = next_fi; - order++; - } - if (order <= 0 || fi == NULL) { -- tb->tb_default = -1; -+ if (fi && fi->fib_nhs > 1 && -+ fib_detect_death(fi, order, &last_resort, &last_idx, -+ &last_dflt, &last_nhsel, flp) && -+ last_resort == fi) { -+ read_lock_bh(&fib_nhflags_lock); -+ fi->fib_nh[last_nhsel].nh_flags &= ~RTNH_F_SUSPECT; -+ read_unlock_bh(&fib_nhflags_lock); -+ } -+ if (first_fa) first_fa->fa_last_dflt = -1; - goto out; - } - - if (!fib_detect_death(fi, order, &last_resort, &last_idx, -- tb->tb_default)) { -+ &last_dflt, &last_nhsel, flp)) { - fib_result_assign(res, fi); -- tb->tb_default = order; -+ first_fa->fa_last_dflt = order; - goto out; - } -- if (last_idx >= 0) -+ if (last_idx >= 0) { - fib_result_assign(res, last_resort); -- tb->tb_default = last_idx; -+ read_lock_bh(&fib_nhflags_lock); -+ last_resort->fib_nh[last_nhsel].nh_flags &= ~RTNH_F_SUSPECT; -+ read_unlock_bh(&fib_nhflags_lock); -+ first_fa->fa_last_dflt = last_idx; -+ } - out: - rcu_read_unlock(); - } -diff -urp v2.6.38/linux/net/ipv4/netfilter/ipt_MASQUERADE.c linux/net/ipv4/netfilter/ipt_MASQUERADE.c ---- v2.6.38/linux/net/ipv4/netfilter/ipt_MASQUERADE.c 2011-03-20 12:01:11.000000000 +0200 -+++ linux/net/ipv4/netfilter/ipt_MASQUERADE.c 2011-03-20 12:16:02.963248753 +0200 -@@ -51,7 +51,7 @@ masquerade_tg(struct sk_buff *skb, const - enum ip_conntrack_info ctinfo; - struct nf_nat_range newrange; - const struct nf_nat_multi_range_compat *mr; -- const struct rtable *rt; -+ struct rtable *rt; - __be32 newsrc; - - NF_CT_ASSERT(par->hooknum == NF_INET_POST_ROUTING); -@@ -69,13 +69,27 @@ masquerade_tg(struct sk_buff *skb, const - return NF_ACCEPT; - - mr = par->targinfo; -- rt = skb_rtable(skb); -- newsrc = inet_select_addr(par->out, rt->rt_gateway, RT_SCOPE_UNIVERSE); -- if (!newsrc) { -- pr_info("%s ate my IP address\n", par->out->name); -- return NF_DROP; -+ -+ { -+ struct flowi fl = { .fl4_dst = ip_hdr(skb)->daddr, -+ .fl4_tos = (RT_TOS(ip_hdr(skb)->tos) | -+ RTO_CONN), -+ .fl4_gw = skb_rtable(skb)->rt_gateway, -+ .mark = skb->mark, -+ .oif = par->out->ifindex }; -+ if (ip_route_output_key(dev_net(par->out), &rt, &fl) != 0) { -+ /* Funky routing can do this. */ -+ if (net_ratelimit()) -+ pr_info("%s:" -+ " No route: Rusty's brain broke!\n", -+ par->out->name); -+ return NF_DROP; -+ } - } - -+ newsrc = rt->rt_src; -+ ip_rt_put(rt); -+ - nat->masq_index = par->out->ifindex; - - /* Transfer from original range. */ -diff -urp v2.6.38/linux/net/ipv4/netfilter/nf_nat_core.c linux/net/ipv4/netfilter/nf_nat_core.c ---- v2.6.38/linux/net/ipv4/netfilter/nf_nat_core.c 2011-03-20 12:01:11.000000000 +0200 -+++ linux/net/ipv4/netfilter/nf_nat_core.c 2011-03-20 12:13:20.145247903 +0200 -@@ -711,6 +711,52 @@ static struct pernet_operations nf_nat_n - .exit = nf_nat_net_exit, - }; - -+unsigned int -+ip_nat_route_input(unsigned int hooknum, -+ struct sk_buff *skb, -+ const struct net_device *in, -+ const struct net_device *out, -+ int (*okfn)(struct sk_buff *)) -+{ -+ struct iphdr *iph; -+ struct nf_conn *conn; -+ enum ip_conntrack_info ctinfo; -+ enum ip_conntrack_dir dir; -+ unsigned long statusbit; -+ __be32 saddr; -+ -+ if (!(conn = nf_ct_get(skb, &ctinfo))) -+ return NF_ACCEPT; -+ -+ if (!(conn->status & IPS_NAT_DONE_MASK)) -+ return NF_ACCEPT; -+ dir = CTINFO2DIR(ctinfo); -+ statusbit = IPS_SRC_NAT; -+ if (dir == IP_CT_DIR_REPLY) -+ statusbit ^= IPS_NAT_MASK; -+ if (!(conn->status & statusbit)) -+ return NF_ACCEPT; -+ -+ if (skb_dst(skb)) -+ return NF_ACCEPT; -+ -+ if (skb->len < sizeof(struct iphdr)) -+ return NF_ACCEPT; -+ -+ /* use daddr in other direction as masquerade address (lsrc) */ -+ iph = ip_hdr(skb); -+ saddr = conn->tuplehash[!dir].tuple.dst.u3.ip; -+ if (saddr == iph->saddr) -+ return NF_ACCEPT; -+ -+ if (ip_route_input_lookup(skb, iph->daddr, iph->saddr, iph->tos, -+ skb->dev, saddr)) -+ return NF_DROP; -+ -+ return NF_ACCEPT; -+} -+EXPORT_SYMBOL_GPL(ip_nat_route_input); -+ - static int __init nf_nat_init(void) - { - size_t i; -diff -urp v2.6.38/linux/net/ipv4/netfilter/nf_nat_standalone.c linux/net/ipv4/netfilter/nf_nat_standalone.c ---- v2.6.38/linux/net/ipv4/netfilter/nf_nat_standalone.c 2011-03-20 12:01:11.000000000 +0200 -+++ linux/net/ipv4/netfilter/nf_nat_standalone.c 2011-03-20 12:13:20.145247903 +0200 -@@ -249,6 +249,14 @@ static struct nf_hook_ops nf_nat_ops[] _ - .hooknum = NF_INET_PRE_ROUTING, - .priority = NF_IP_PRI_NAT_DST, - }, -+ /* Before routing, route before mangling */ -+ { -+ .hook = ip_nat_route_input, -+ .owner = THIS_MODULE, -+ .pf = NFPROTO_IPV4, -+ .hooknum = NF_INET_PRE_ROUTING, -+ .priority = NF_IP_PRI_LAST-1, -+ }, - /* After packet filtering, change source */ - { - .hook = nf_nat_out, -diff -urp v2.6.38/linux/net/ipv4/route.c linux/net/ipv4/route.c ---- v2.6.38/linux/net/ipv4/route.c 2011-03-20 12:05:41.000000000 +0200 -+++ linux/net/ipv4/route.c 2011-03-20 12:19:36.366249014 +0200 -@@ -697,6 +697,8 @@ static inline int compare_keys(struct fl - return (((__force u32)fl1->fl4_dst ^ (__force u32)fl2->fl4_dst) | - ((__force u32)fl1->fl4_src ^ (__force u32)fl2->fl4_src) | - (fl1->mark ^ fl2->mark) | -+ ((__force u32)fl1->fl4_lsrc ^ (__force u32)fl2->fl4_lsrc) | -+ ((__force u32)fl1->fl4_gw ^ (__force u32)fl2->fl4_gw) | - (*(u16 *)&fl1->fl4_tos ^ *(u16 *)&fl2->fl4_tos) | - (fl1->oif ^ fl2->oif) | - (fl1->iif ^ fl2->iif)) == 0; -@@ -1435,6 +1437,7 @@ void ip_rt_redirect(__be32 old_gw, __be3 - - /* Gateway is different ... */ - rt->rt_gateway = new_gw; -+ if (rt->fl.fl4_gw) rt->fl.fl4_gw = new_gw; - - /* Redirect received -> path was valid */ - dst_confirm(&rth->dst); -@@ -1890,6 +1893,7 @@ static int ip_route_input_mc(struct sk_b - rth->fl.fl4_tos = tos; - rth->fl.mark = skb->mark; - rth->fl.fl4_src = saddr; -+ rth->fl.fl4_lsrc = 0; - rth->rt_src = saddr; - #ifdef CONFIG_NET_CLS_ROUTE - rth->dst.tclassid = itag; -@@ -1899,6 +1903,7 @@ static int ip_route_input_mc(struct sk_b - rth->dst.dev = init_net.loopback_dev; - dev_hold(rth->dst.dev); - rth->fl.oif = 0; -+ rth->fl.fl4_gw = 0; - rth->rt_gateway = daddr; - rth->rt_spec_dst= spec_dst; - rth->rt_genid = rt_genid(dev_net(dev)); -@@ -1962,7 +1967,7 @@ static int __mkroute_input(struct sk_buf - struct fib_result *res, - struct in_device *in_dev, - __be32 daddr, __be32 saddr, u32 tos, -- struct rtable **result) -+ __be32 lsrc, struct rtable **result) - { - struct rtable *rth; - int err; -@@ -1994,6 +1999,7 @@ static int __mkroute_input(struct sk_buf - flags |= RTCF_DIRECTSRC; - - if (out_dev == in_dev && err && -+ !lsrc && - (IN_DEV_SHARED_MEDIA(out_dev) || - inet_addr_onlink(out_dev, saddr, FIB_RES_GW(*res)))) - flags |= RTCF_DOREDIRECT; -@@ -2032,12 +2038,14 @@ static int __mkroute_input(struct sk_buf - rth->fl.mark = skb->mark; - rth->fl.fl4_src = saddr; - rth->rt_src = saddr; -+ rth->fl.fl4_lsrc = lsrc; - rth->rt_gateway = daddr; - rth->rt_iif = - rth->fl.iif = in_dev->dev->ifindex; - rth->dst.dev = (out_dev)->dev; - dev_hold(rth->dst.dev); - rth->fl.oif = 0; -+ rth->fl.fl4_gw = 0; - rth->rt_spec_dst= spec_dst; - - rth->dst.obsolete = -1; -@@ -2057,21 +2065,23 @@ static int __mkroute_input(struct sk_buf - - static int ip_mkroute_input(struct sk_buff *skb, - struct fib_result *res, -+ struct net *net, - const struct flowi *fl, - struct in_device *in_dev, -- __be32 daddr, __be32 saddr, u32 tos) -+ __be32 daddr, __be32 saddr, u32 tos, __be32 lsrc) - { - struct rtable* rth = NULL; - int err; - unsigned hash; - -+ fib_select_default(net, fl, res); - #ifdef CONFIG_IP_ROUTE_MULTIPATH -- if (res->fi && res->fi->fib_nhs > 1 && fl->oif == 0) -+ if (res->fi && res->fi->fib_nhs > 1) - fib_select_multipath(fl, res); - #endif - - /* create a routing cache entry */ -- err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, &rth); -+ err = __mkroute_input(skb, res, in_dev, daddr, saddr, tos, lsrc, &rth); - if (err) - return err; - -@@ -2093,16 +2103,18 @@ static int ip_mkroute_input(struct sk_bu - */ - - static int ip_route_input_slow(struct sk_buff *skb, __be32 daddr, __be32 saddr, -- u8 tos, struct net_device *dev) -+ u8 tos, struct net_device *dev, __be32 lsrc) - { - struct fib_result res; - struct in_device *in_dev = __in_dev_get_rcu(dev); - struct flowi fl = { .fl4_dst = daddr, -- .fl4_src = saddr, -+ .fl4_src = lsrc? : saddr, - .fl4_tos = tos, - .fl4_scope = RT_SCOPE_UNIVERSE, - .mark = skb->mark, -- .iif = dev->ifindex }; -+ .iif = lsrc? -+ dev_net(dev)->loopback_dev->ifindex : -+ dev->ifindex }; - unsigned flags = 0; - u32 itag = 0; - struct rtable * rth; -@@ -2136,6 +2148,12 @@ static int ip_route_input_slow(struct sk - if (ipv4_is_zeronet(daddr) || ipv4_is_loopback(daddr)) - goto martian_destination; - -+ if (lsrc) { -+ if (ipv4_is_multicast(lsrc) || ipv4_is_lbcast(lsrc) || -+ ipv4_is_zeronet(lsrc) || ipv4_is_loopback(lsrc)) -+ goto e_inval; -+ } -+ - /* - * Now we are ready to route packet. - */ -@@ -2145,6 +2163,8 @@ static int ip_route_input_slow(struct sk - goto e_hostunreach; - goto no_route; - } -+ fl.iif = dev->ifindex; -+ fl.fl4_src = saddr; - - RT_CACHE_STAT_INC(in_slow_tot); - -@@ -2168,12 +2188,14 @@ static int ip_route_input_slow(struct sk - if (res.type != RTN_UNICAST) - goto martian_destination; - -- err = ip_mkroute_input(skb, &res, &fl, in_dev, daddr, saddr, tos); -+ err = ip_mkroute_input(skb, &res, net, &fl, in_dev, daddr, saddr, tos, lsrc); - out: return err; - - brd_input: - if (skb->protocol != htons(ETH_P_IP)) - goto e_inval; -+ if (lsrc) -+ goto e_inval; - - if (ipv4_is_zeronet(saddr)) - spec_dst = inet_select_addr(dev, 0, RT_SCOPE_LINK); -@@ -2215,6 +2237,7 @@ local_input: - rth->fl.iif = dev->ifindex; - rth->dst.dev = net->loopback_dev; - dev_hold(rth->dst.dev); -+ rth->fl.fl4_gw = 0; - rth->rt_gateway = daddr; - rth->rt_spec_dst= spec_dst; - rth->dst.input= ip_local_deliver; -@@ -2267,8 +2290,9 @@ martian_source_keep_err: - goto out; - } - --int ip_route_input_common(struct sk_buff *skb, __be32 daddr, __be32 saddr, -- u8 tos, struct net_device *dev, bool noref) -+int ip_route_input_cached(struct sk_buff *skb, __be32 daddr, __be32 saddr, -+ u8 tos, struct net_device *dev, bool noref, -+ __be32 lsrc) - { - struct rtable * rth; - unsigned hash; -@@ -2291,6 +2315,7 @@ int ip_route_input_common(struct sk_buff - if ((((__force u32)rth->fl.fl4_dst ^ (__force u32)daddr) | - ((__force u32)rth->fl.fl4_src ^ (__force u32)saddr) | - (rth->fl.iif ^ iif) | -+ (rth->fl.fl4_lsrc ^ lsrc) | - rth->fl.oif | - (rth->fl.fl4_tos ^ tos)) == 0 && - rth->fl.mark == skb->mark && -@@ -2344,12 +2369,25 @@ skip_cache: - rcu_read_unlock(); - return -EINVAL; - } -- res = ip_route_input_slow(skb, daddr, saddr, tos, dev); -+ res = ip_route_input_slow(skb, daddr, saddr, tos, dev, lsrc); - rcu_read_unlock(); - return res; - } -+ -+int ip_route_input_common(struct sk_buff *skb, __be32 daddr, __be32 saddr, -+ u8 tos, struct net_device *dev, bool noref) -+{ -+ return ip_route_input_cached(skb, daddr, saddr, tos, dev, noref, 0); -+} - EXPORT_SYMBOL(ip_route_input_common); - -+int ip_route_input_lookup(struct sk_buff *skb, __be32 daddr, __be32 saddr, -+ u8 tos, struct net_device *dev, __be32 lsrc) -+{ -+ return ip_route_input_cached(skb, daddr, saddr, tos, dev, true, lsrc); -+} -+EXPORT_SYMBOL(ip_route_input_lookup); -+ - /* called with rcu_read_lock() */ - static int __mkroute_output(struct rtable **result, - struct fib_result *res, -@@ -2411,6 +2449,7 @@ static int __mkroute_output(struct rtabl - rth->fl.fl4_tos = tos; - rth->fl.fl4_src = oldflp->fl4_src; - rth->fl.oif = oldflp->oif; -+ rth->fl.fl4_gw = oldflp->fl4_gw; - rth->fl.mark = oldflp->mark; - rth->rt_dst = fl->fl4_dst; - rth->rt_src = fl->fl4_src; -@@ -2488,6 +2527,7 @@ static int ip_route_output_slow(struct n - u32 tos = RT_FL_TOS(oldflp); - struct flowi fl = { .fl4_dst = oldflp->fl4_dst, - .fl4_src = oldflp->fl4_src, -+ .fl4_gw = oldflp->fl4_gw, - .fl4_tos = tos & IPTOS_RT_MASK, - .fl4_scope = ((tos & RTO_ONLINK) ? - RT_SCOPE_LINK : RT_SCOPE_UNIVERSE), -@@ -2589,6 +2629,7 @@ static int ip_route_output_slow(struct n - fl.fl4_dst = fl.fl4_src = htonl(INADDR_LOOPBACK); - dev_out = net->loopback_dev; - fl.oif = net->loopback_dev->ifindex; -+ fl.fl4_gw = 0; - res.type = RTN_LOCAL; - flags |= RTCF_LOCAL; - goto make_route; -@@ -2596,7 +2637,7 @@ static int ip_route_output_slow(struct n - - if (fib_lookup(net, &fl, &res)) { - res.fi = NULL; -- if (oldflp->oif) { -+ if (oldflp->oif && dev_out->flags & IFF_UP) { - /* Apparently, routing tables are wrong. Assume, - that the destination is on link. - -@@ -2634,18 +2675,18 @@ static int ip_route_output_slow(struct n - } - dev_out = net->loopback_dev; - fl.oif = dev_out->ifindex; -+ fl.fl4_gw = 0; - res.fi = NULL; - flags |= RTCF_LOCAL; - goto make_route; - } - -+ if (res.type == RTN_UNICAST) -+ fib_select_default(net, &fl, &res); - #ifdef CONFIG_IP_ROUTE_MULTIPATH -- if (res.fi->fib_nhs > 1 && fl.oif == 0) -+ if (res.fi->fib_nhs > 1) - fib_select_multipath(&fl, &res); -- else - #endif -- if (!res.prefixlen && res.type == RTN_UNICAST && !fl.oif) -- fib_select_default(net, &fl, &res); - - if (!fl.fl4_src) - fl.fl4_src = FIB_RES_PREFSRC(res); -@@ -2679,6 +2720,7 @@ int __ip_route_output_key(struct net *ne - rth->fl.fl4_src == flp->fl4_src && - rt_is_output_route(rth) && - rth->fl.oif == flp->oif && -+ rth->fl.fl4_gw == flp->fl4_gw && - rth->fl.mark == flp->mark && - !((rth->fl.fl4_tos ^ flp->fl4_tos) & - (IPTOS_RT_MASK | RTO_ONLINK)) && diff --git a/pkgs/rstp/patches/rstp-0.21-upstream-fixes.patch b/pkgs/rstp/patches/rstp-0.21-upstream-fixes.patch new file mode 100644 index 0000000..c209e99 --- /dev/null +++ b/pkgs/rstp/patches/rstp-0.21-upstream-fixes.patch @@ -0,0 +1,784 @@ +diff --git a/Makefile b/Makefile +index c65dd39..f672a45 100644 +--- a/Makefile ++++ b/Makefile +@@ -9,7 +9,8 @@ CTLSOURCES = ctl_main.c ctl_cli_wrap.c ctl_socket_client.c + CTLOBJECTS = $(CTLSOURCES:.c=.o) + + CC=gcc +-CFLAGS = -Wall -Werror -O2 -g -D_REENTRANT -D__LINUX__ -DVERSION=$(version) -DBUILD=$(build) -I. -I./include ++CFLAGS = -Wall -Werror -fno-strict-aliasing -O2 -g -D_REENTRANT -D__LINUX__ \ ++ -DVERSION=$(version) -DBUILD=$(build) -I. -I./include -I./rstplib + + all: rstpd rstpctl + +diff --git a/bridge-stp b/bridge-stp +index 49d5a41..5e663a9 100755 +--- a/bridge-stp ++++ b/bridge-stp +@@ -53,9 +53,9 @@ start() { + case $2 in + start) + daemon +- exec /sbin/rstpctl $bridge on ;; ++ exec /sbin/rstpctl rstp $bridge on ;; + stop) +- exec /sbin/rstpctl $bridge off ;; ++ exec /sbin/rstpctl rstp $bridge off ;; + *) + echo "Unknown action:" $2 + echo "Usage: bridge-stp <bridge> {start|stop}" +diff --git a/bridge_track.c b/bridge_track.c +index c685935..f5efa3f 100644 +--- a/bridge_track.c ++++ b/bridge_track.c +@@ -449,7 +449,7 @@ void bridge_bpdu_rcv(int if_index, const unsigned char *data, int len) + struct ifdata *ifc = find_if(if_index); + + LOG("ifindex %d, len %d", if_index, len); +- if (!ifc) ++ if (!ifc || !ifc->master) + return; + + TST(ifc->up,); +diff --git a/brmon.c b/brmon.c +index d29e7f5..fd4dacd 100644 +--- a/brmon.c ++++ b/brmon.c +@@ -30,32 +30,10 @@ + + static const char SNAPSHOT[] = "v0.1"; + +- +-/* RFC 2863 operational status */ +-enum { +- IF_OPER_UNKNOWN, +- IF_OPER_NOTPRESENT, +- IF_OPER_DOWN, +- IF_OPER_LOWERLAYERDOWN, +- IF_OPER_TESTING, +- IF_OPER_DORMANT, +- IF_OPER_UP, +-}; +- +-/* link modes */ +-enum { +- IF_LINK_MODE_DEFAULT, +- IF_LINK_MODE_DORMANT, /* limit upward transition to dormant */ +-}; +- +-static const char *port_states[] = { +- [BR_STATE_DISABLED] = "disabled", +- [BR_STATE_LISTENING] = "listening", +- [BR_STATE_LEARNING] = "learning", +- [BR_STATE_FORWARDING] = "forwarding", +- [BR_STATE_BLOCKING] = "blocking", +-}; +- ++static int is_up(const struct ifinfomsg *ifi) ++{ ++ return (ifi->ifi_flags & IFF_UP) && (ifi->ifi_flags & IFF_RUNNING); ++} + + static int dump_msg(const struct sockaddr_nl *who, struct nlmsghdr *n, + void *arg) +@@ -64,25 +42,16 @@ static int dump_msg(const struct sockaddr_nl *who, struct nlmsghdr *n, + struct ifinfomsg *ifi = NLMSG_DATA(n); + struct rtattr * tb[IFLA_MAX+1]; + int len = n->nlmsg_len; ++ int master = -1; + char b1[IFNAMSIZ]; +- int af_family = ifi->ifi_family; + + if (n->nlmsg_type == NLMSG_DONE) + return 0; +- ++ + len -= NLMSG_LENGTH(sizeof(*ifi)); +- if (len < 0) { ++ if (len < 0) + return -1; +- } +- +-#if 0 +- +- if (filter.ifindex && ifi->ifi_index != filter.ifindex) +- return 0; + +- if (filter.up && !(ifi->ifi_flags&IFF_UP)) +- return 0; +-#endif + if (ifi->ifi_family != AF_BRIDGE && ifi->ifi_family != AF_UNSPEC) + return 0; + +@@ -93,73 +62,41 @@ static int dump_msg(const struct sockaddr_nl *who, struct nlmsghdr *n, + parse_rtattr(tb, IFLA_MAX, IFLA_RTA(ifi), len); + + /* Check if we got this from bonding */ +- if (tb[IFLA_MASTER] && af_family != AF_BRIDGE) +- return 0; ++ if (tb[IFLA_MASTER] && ifi->ifi_family != AF_BRIDGE) ++ return 0; ++ ++ /* Check if hearing our own state changes */ ++ if (n->nlmsg_type == RTM_NEWLINK && tb[IFLA_PROTINFO]) { ++ uint8_t state = *(uint8_t *)RTA_DATA(tb[IFLA_PROTINFO]); ++ ++ if (state != BR_STATE_DISABLED) ++ return 0; ++ } + + if (tb[IFLA_IFNAME] == NULL) { +- fprintf(stderr, "BUG: nil ifname\n"); +- return -1; ++ fprintf(stderr, "BUG: nil ifname\n"); ++ return -1; + } + + if (n->nlmsg_type == RTM_DELLINK) +- fprintf(fp, "Deleted "); ++ fprintf(fp, "Deleted "); + + fprintf(fp, "%d: %s ", ifi->ifi_index, +- tb[IFLA_IFNAME] ? (char*)RTA_DATA(tb[IFLA_IFNAME]) : "<nil>"); +- +- +- if (tb[IFLA_OPERSTATE]) { +- int state = *(int*)RTA_DATA(tb[IFLA_OPERSTATE]); +- switch (state) { +- case IF_OPER_UNKNOWN: +- fprintf(fp, "Unknown "); break; +- case IF_OPER_NOTPRESENT: +- fprintf(fp, "Not Present "); break; +- case IF_OPER_DOWN: +- fprintf(fp, "Down "); break; +- case IF_OPER_LOWERLAYERDOWN: +- fprintf(fp, "Lowerlayerdown "); break; +- case IF_OPER_TESTING: +- fprintf(fp, "Testing "); break; +- case IF_OPER_DORMANT: +- fprintf(fp, "Dormant "); break; +- case IF_OPER_UP: +- fprintf(fp, "Up "); break; +- default: +- fprintf(fp, "State(%d) ", state); +- } +- } +- +- if (tb[IFLA_MTU]) +- fprintf(fp, "mtu %u ", *(int*)RTA_DATA(tb[IFLA_MTU])); ++ (const char*)RTA_DATA(tb[IFLA_IFNAME])); + + if (tb[IFLA_MASTER]) { +- fprintf(fp, "master %s ", +- if_indextoname(*(int*)RTA_DATA(tb[IFLA_MASTER]), b1)); +- } +- +- if (tb[IFLA_PROTINFO]) { +- uint8_t state = *(uint8_t *)RTA_DATA(tb[IFLA_PROTINFO]); +- if (state <= BR_STATE_BLOCKING) +- fprintf(fp, "state %s", port_states[state]); +- else +- fprintf(fp, "state (%d)", state); ++ master = *(int*)RTA_DATA(tb[IFLA_MASTER]); ++ fprintf(fp, "master %s ", if_indextoname(master, b1)); + } + +- + fprintf(fp, "\n"); + fflush(fp); +- { +- int newlink = (n->nlmsg_type == RTM_NEWLINK); +- int up = 0; +- if (newlink && tb[IFLA_OPERSTATE]) { +- int state = *(int*)RTA_DATA(tb[IFLA_OPERSTATE]); +- up = (state == IF_OPER_UP) || (state == IF_OPER_UNKNOWN); +- } +- +- bridge_notify((tb[IFLA_MASTER]?*(int*)RTA_DATA(tb[IFLA_MASTER]):-1), +- ifi->ifi_index, newlink, up); +- } ++ ++ ++ bridge_notify(master, ifi->ifi_index, ++ (n->nlmsg_type == RTM_NEWLINK), ++ is_up(ifi)); ++ + return 0; + } + +@@ -252,7 +189,7 @@ int init_bridge_ops(void) + fprintf(stderr, "Couldn't open rtnl socket for monitoring\n"); + return -1; + } +- ++ + if (rtnl_open(&rth_state, 0) < 0) { + fprintf(stderr, "Couldn't open rtnl socket for setting state\n"); + return -1; +@@ -262,7 +199,7 @@ int init_bridge_ops(void) + fprintf(stderr, "Cannot send dump request: %m\n"); + return -1; + } +- ++ + if (rtnl_dump_filter(&rth, dump_msg, stdout, NULL, NULL) < 0) { + fprintf(stderr, "Dump terminated\n"); + return -1; +@@ -276,10 +213,10 @@ int init_bridge_ops(void) + br_handler.fd = rth.fd; + br_handler.arg = NULL; + br_handler.handler = br_ev_handler; +- ++ + if (add_epoll(&br_handler) < 0) + return -1; +- ++ + return 0; + } + +diff --git a/include/linux/llc.h b/include/linux/llc.h +index 09f2e6d..6bb32fe 100644 +--- a/include/linux/llc.h ++++ b/include/linux/llc.h +@@ -49,9 +49,9 @@ enum llc_sockopts { + + /* LLC SAP types. */ + #define LLC_SAP_NULL 0x00 /* NULL SAP. */ +-#define LLC_SAP_LLC 0x02 /* LLC Sublayer Managment. */ ++#define LLC_SAP_LLC 0x02 /* LLC Sublayer Management. */ + #define LLC_SAP_SNA 0x04 /* SNA Path Control. */ +-#define LLC_SAP_PNM 0x0E /* Proway Network Managment. */ ++#define LLC_SAP_PNM 0x0E /* Proway Network Management. */ + #define LLC_SAP_IP 0x06 /* TCP/IP. */ + #define LLC_SAP_BSPAN 0x42 /* Bridge Spanning Tree Proto */ + #define LLC_SAP_MMS 0x4E /* Manufacturing Message Srv. */ +@@ -70,11 +70,4 @@ enum llc_sockopts { + #define LLC_SAP_RM 0xD4 /* Resource Management */ + #define LLC_SAP_GLOBAL 0xFF /* Global SAP. */ + +-#ifdef __KERNEL__ +-#define LLC_SAP_DYN_START 0xC0 +-#define LLC_SAP_DYN_STOP 0xDE +-#define LLC_SAP_DYN_TRIES 4 +- +-#define llc_ui_skb_cb(__skb) ((struct sockaddr_llc *)&((__skb)->cb[0])) +-#endif /* __KERNEL__ */ + #endif /* __LINUX_LLC_H */ +diff --git a/include/linux/rtnetlink.h b/include/linux/rtnetlink.h +index 5e33a20..ba9e46c 100644 +--- a/include/linux/rtnetlink.h ++++ b/include/linux/rtnetlink.h +@@ -1,7 +1,11 @@ + #ifndef __LINUX_RTNETLINK_H + #define __LINUX_RTNETLINK_H + ++#include <linux/types.h> + #include <linux/netlink.h> ++#include <linux/if_link.h> ++#include <linux/if_addr.h> ++#include <linux/neighbour.h> + + /**** + * Routing/neighbour discovery messages. +@@ -80,8 +84,6 @@ enum { + + RTM_NEWPREFIX = 52, + #define RTM_NEWPREFIX RTM_NEWPREFIX +- RTM_GETPREFIX = 54, +-#define RTM_GETPREFIX RTM_GETPREFIX + + RTM_GETMULTICAST = 58, + #define RTM_GETMULTICAST RTM_GETMULTICAST +@@ -96,6 +98,21 @@ enum { + RTM_SETNEIGHTBL, + #define RTM_SETNEIGHTBL RTM_SETNEIGHTBL + ++ RTM_NEWNDUSEROPT = 68, ++#define RTM_NEWNDUSEROPT RTM_NEWNDUSEROPT ++ ++ RTM_NEWADDRLABEL = 72, ++#define RTM_NEWADDRLABEL RTM_NEWADDRLABEL ++ RTM_DELADDRLABEL, ++#define RTM_NEWADDRLABEL RTM_NEWADDRLABEL ++ RTM_GETADDRLABEL, ++#define RTM_GETADDRLABEL RTM_GETADDRLABEL ++ ++ RTM_GETDCB = 78, ++#define RTM_GETDCB RTM_GETDCB ++ RTM_SETDCB, ++#define RTM_SETDCB RTM_SETDCB ++ + __RTM_MAX, + #define RTM_MAX (((__RTM_MAX + 3) & ~3) - 1) + }; +@@ -235,13 +252,12 @@ enum rt_class_t + { + RT_TABLE_UNSPEC=0, + /* User defined values */ ++ RT_TABLE_COMPAT=252, + RT_TABLE_DEFAULT=253, + RT_TABLE_MAIN=254, + RT_TABLE_LOCAL=255, +- __RT_TABLE_MAX ++ RT_TABLE_MAX=0xFFFFFFFF + }; +-#define RT_TABLE_MAX (__RT_TABLE_MAX - 1) +- + + + /* Routing message attributes */ +@@ -258,11 +274,12 @@ enum rtattr_type_t + RTA_PREFSRC, + RTA_METRICS, + RTA_MULTIPATH, +- RTA_PROTOINFO, ++ RTA_PROTOINFO, /* no longer used */ + RTA_FLOW, + RTA_CACHEINFO, +- RTA_SESSION, +- RTA_MP_ALGO, ++ RTA_SESSION, /* no longer used */ ++ RTA_MP_ALGO, /* no longer used */ ++ RTA_TABLE, + __RTA_MAX + }; + +@@ -351,6 +368,8 @@ enum + #define RTAX_INITCWND RTAX_INITCWND + RTAX_FEATURES, + #define RTAX_FEATURES RTAX_FEATURES ++ RTAX_RTO_MIN, ++#define RTAX_RTO_MIN RTAX_RTO_MIN + __RTAX_MAX + }; + +@@ -383,226 +402,6 @@ struct rta_session + } u; + }; + +- +-/********************************************************* +- * Interface address. +- ****/ +- +-struct ifaddrmsg +-{ +- unsigned char ifa_family; +- unsigned char ifa_prefixlen; /* The prefix length */ +- unsigned char ifa_flags; /* Flags */ +- unsigned char ifa_scope; /* See above */ +- int ifa_index; /* Link index */ +-}; +- +-enum +-{ +- IFA_UNSPEC, +- IFA_ADDRESS, +- IFA_LOCAL, +- IFA_LABEL, +- IFA_BROADCAST, +- IFA_ANYCAST, +- IFA_CACHEINFO, +- IFA_MULTICAST, +- __IFA_MAX +-}; +- +-#define IFA_MAX (__IFA_MAX - 1) +- +-/* ifa_flags */ +- +-#define IFA_F_SECONDARY 0x01 +-#define IFA_F_TEMPORARY IFA_F_SECONDARY +- +-#define IFA_F_DEPRECATED 0x20 +-#define IFA_F_TENTATIVE 0x40 +-#define IFA_F_PERMANENT 0x80 +- +-struct ifa_cacheinfo +-{ +- __u32 ifa_prefered; +- __u32 ifa_valid; +- __u32 cstamp; /* created timestamp, hundredths of seconds */ +- __u32 tstamp; /* updated timestamp, hundredths of seconds */ +-}; +- +- +-#define IFA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifaddrmsg)))) +-#define IFA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifaddrmsg)) +- +-/* +- Important comment: +- IFA_ADDRESS is prefix address, rather than local interface address. +- It makes no difference for normally configured broadcast interfaces, +- but for point-to-point IFA_ADDRESS is DESTINATION address, +- local address is supplied in IFA_LOCAL attribute. +- */ +- +-/************************************************************** +- * Neighbour discovery. +- ****/ +- +-struct ndmsg +-{ +- unsigned char ndm_family; +- unsigned char ndm_pad1; +- unsigned short ndm_pad2; +- int ndm_ifindex; /* Link index */ +- __u16 ndm_state; +- __u8 ndm_flags; +- __u8 ndm_type; +-}; +- +-enum +-{ +- NDA_UNSPEC, +- NDA_DST, +- NDA_LLADDR, +- NDA_CACHEINFO, +- NDA_PROBES, +- __NDA_MAX +-}; +- +-#define NDA_MAX (__NDA_MAX - 1) +- +-#define NDA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ndmsg)))) +-#define NDA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ndmsg)) +- +-/* +- * Neighbor Cache Entry Flags +- */ +- +-#define NTF_PROXY 0x08 /* == ATF_PUBL */ +-#define NTF_ROUTER 0x80 +- +-/* +- * Neighbor Cache Entry States. +- */ +- +-#define NUD_INCOMPLETE 0x01 +-#define NUD_REACHABLE 0x02 +-#define NUD_STALE 0x04 +-#define NUD_DELAY 0x08 +-#define NUD_PROBE 0x10 +-#define NUD_FAILED 0x20 +- +-/* Dummy states */ +-#define NUD_NOARP 0x40 +-#define NUD_PERMANENT 0x80 +-#define NUD_NONE 0x00 +- +- +-struct nda_cacheinfo +-{ +- __u32 ndm_confirmed; +- __u32 ndm_used; +- __u32 ndm_updated; +- __u32 ndm_refcnt; +-}; +- +- +-/***************************************************************** +- * Neighbour tables specific messages. +- * +- * To retrieve the neighbour tables send RTM_GETNEIGHTBL with the +- * NLM_F_DUMP flag set. Every neighbour table configuration is +- * spread over multiple messages to avoid running into message +- * size limits on systems with many interfaces. The first message +- * in the sequence transports all not device specific data such as +- * statistics, configuration, and the default parameter set. +- * This message is followed by 0..n messages carrying device +- * specific parameter sets. +- * Although the ordering should be sufficient, NDTA_NAME can be +- * used to identify sequences. The initial message can be identified +- * by checking for NDTA_CONFIG. The device specific messages do +- * not contain this TLV but have NDTPA_IFINDEX set to the +- * corresponding interface index. +- * +- * To change neighbour table attributes, send RTM_SETNEIGHTBL +- * with NDTA_NAME set. Changeable attribute include NDTA_THRESH[1-3], +- * NDTA_GC_INTERVAL, and all TLVs in NDTA_PARMS unless marked +- * otherwise. Device specific parameter sets can be changed by +- * setting NDTPA_IFINDEX to the interface index of the corresponding +- * device. +- ****/ +- +-struct ndt_stats +-{ +- __u64 ndts_allocs; +- __u64 ndts_destroys; +- __u64 ndts_hash_grows; +- __u64 ndts_res_failed; +- __u64 ndts_lookups; +- __u64 ndts_hits; +- __u64 ndts_rcv_probes_mcast; +- __u64 ndts_rcv_probes_ucast; +- __u64 ndts_periodic_gc_runs; +- __u64 ndts_forced_gc_runs; +-}; +- +-enum { +- NDTPA_UNSPEC, +- NDTPA_IFINDEX, /* u32, unchangeable */ +- NDTPA_REFCNT, /* u32, read-only */ +- NDTPA_REACHABLE_TIME, /* u64, read-only, msecs */ +- NDTPA_BASE_REACHABLE_TIME, /* u64, msecs */ +- NDTPA_RETRANS_TIME, /* u64, msecs */ +- NDTPA_GC_STALETIME, /* u64, msecs */ +- NDTPA_DELAY_PROBE_TIME, /* u64, msecs */ +- NDTPA_QUEUE_LEN, /* u32 */ +- NDTPA_APP_PROBES, /* u32 */ +- NDTPA_UCAST_PROBES, /* u32 */ +- NDTPA_MCAST_PROBES, /* u32 */ +- NDTPA_ANYCAST_DELAY, /* u64, msecs */ +- NDTPA_PROXY_DELAY, /* u64, msecs */ +- NDTPA_PROXY_QLEN, /* u32 */ +- NDTPA_LOCKTIME, /* u64, msecs */ +- __NDTPA_MAX +-}; +-#define NDTPA_MAX (__NDTPA_MAX - 1) +- +-struct ndtmsg +-{ +- __u8 ndtm_family; +- __u8 ndtm_pad1; +- __u16 ndtm_pad2; +-}; +- +-struct ndt_config +-{ +- __u16 ndtc_key_len; +- __u16 ndtc_entry_size; +- __u32 ndtc_entries; +- __u32 ndtc_last_flush; /* delta to now in msecs */ +- __u32 ndtc_last_rand; /* delta to now in msecs */ +- __u32 ndtc_hash_rnd; +- __u32 ndtc_hash_mask; +- __u32 ndtc_hash_chain_gc; +- __u32 ndtc_proxy_qlen; +-}; +- +-enum { +- NDTA_UNSPEC, +- NDTA_NAME, /* char *, unchangeable */ +- NDTA_THRESH1, /* u32 */ +- NDTA_THRESH2, /* u32 */ +- NDTA_THRESH3, /* u32 */ +- NDTA_CONFIG, /* struct ndt_config, read-only */ +- NDTA_PARMS, /* nested TLV NDTPA_* */ +- NDTA_STATS, /* struct ndt_stats, read-only */ +- NDTA_GC_INTERVAL, /* u64, msecs */ +- __NDTA_MAX +-}; +-#define NDTA_MAX (__NDTA_MAX - 1) +- +-#define NDTA_RTA(r) ((struct rtattr*)(((char*)(r)) + \ +- NLMSG_ALIGN(sizeof(struct ndtmsg)))) +-#define NDTA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ndtmsg)) +- +- + /**** + * General form of address family dependent message. + ****/ +@@ -663,138 +462,6 @@ struct prefix_cacheinfo + __u32 valid_time; + }; + +-/* The struct should be in sync with struct net_device_stats */ +-struct rtnl_link_stats +-{ +- __u32 rx_packets; /* total packets received */ +- __u32 tx_packets; /* total packets transmitted */ +- __u32 rx_bytes; /* total bytes received */ +- __u32 tx_bytes; /* total bytes transmitted */ +- __u32 rx_errors; /* bad packets received */ +- __u32 tx_errors; /* packet transmit problems */ +- __u32 rx_dropped; /* no space in linux buffers */ +- __u32 tx_dropped; /* no space available in linux */ +- __u32 multicast; /* multicast packets received */ +- __u32 collisions; +- +- /* detailed rx_errors: */ +- __u32 rx_length_errors; +- __u32 rx_over_errors; /* receiver ring buff overflow */ +- __u32 rx_crc_errors; /* recved pkt with crc error */ +- __u32 rx_frame_errors; /* recv'd frame alignment error */ +- __u32 rx_fifo_errors; /* recv'r fifo overrun */ +- __u32 rx_missed_errors; /* receiver missed packet */ +- +- /* detailed tx_errors */ +- __u32 tx_aborted_errors; +- __u32 tx_carrier_errors; +- __u32 tx_fifo_errors; +- __u32 tx_heartbeat_errors; +- __u32 tx_window_errors; +- +- /* for cslip etc */ +- __u32 rx_compressed; +- __u32 tx_compressed; +-}; +- +-/* The struct should be in sync with struct ifmap */ +-struct rtnl_link_ifmap +-{ +- __u64 mem_start; +- __u64 mem_end; +- __u64 base_addr; +- __u16 irq; +- __u8 dma; +- __u8 port; +-}; +- +-enum +-{ +- IFLA_UNSPEC, +- IFLA_ADDRESS, +- IFLA_BROADCAST, +- IFLA_IFNAME, +- IFLA_MTU, +- IFLA_LINK, +- IFLA_QDISC, +- IFLA_STATS, +- IFLA_COST, +-#define IFLA_COST IFLA_COST +- IFLA_PRIORITY, +-#define IFLA_PRIORITY IFLA_PRIORITY +- IFLA_MASTER, +-#define IFLA_MASTER IFLA_MASTER +- IFLA_WIRELESS, /* Wireless Extension event - see wireless.h */ +-#define IFLA_WIRELESS IFLA_WIRELESS +- IFLA_PROTINFO, /* Protocol specific information for a link */ +-#define IFLA_PROTINFO IFLA_PROTINFO +- IFLA_TXQLEN, +-#define IFLA_TXQLEN IFLA_TXQLEN +- IFLA_MAP, +-#define IFLA_MAP IFLA_MAP +- IFLA_WEIGHT, +-#define IFLA_WEIGHT IFLA_WEIGHT +- IFLA_OPERSTATE, +- IFLA_LINKMODE, +- __IFLA_MAX +-}; +- +- +-#define IFLA_MAX (__IFLA_MAX - 1) +- +-#define IFLA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct ifinfomsg)))) +-#define IFLA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct ifinfomsg)) +- +-/* ifi_flags. +- +- IFF_* flags. +- +- The only change is: +- IFF_LOOPBACK, IFF_BROADCAST and IFF_POINTOPOINT are +- more not changeable by user. They describe link media +- characteristics and set by device driver. +- +- Comments: +- - Combination IFF_BROADCAST|IFF_POINTOPOINT is invalid +- - If neither of these three flags are set; +- the interface is NBMA. +- +- - IFF_MULTICAST does not mean anything special: +- multicasts can be used on all not-NBMA links. +- IFF_MULTICAST means that this media uses special encapsulation +- for multicast frames. Apparently, all IFF_POINTOPOINT and +- IFF_BROADCAST devices are able to use multicasts too. +- */ +- +-/* IFLA_LINK. +- For usual devices it is equal ifi_index. +- If it is a "virtual interface" (f.e. tunnel), ifi_link +- can point to real physical interface (f.e. for bandwidth calculations), +- or maybe 0, what means, that real media is unknown (usual +- for IPIP tunnels, when route to endpoint is allowed to change) +- */ +- +-/* Subtype attributes for IFLA_PROTINFO */ +-enum +-{ +- IFLA_INET6_UNSPEC, +- IFLA_INET6_FLAGS, /* link flags */ +- IFLA_INET6_CONF, /* sysctl parameters */ +- IFLA_INET6_STATS, /* statistics */ +- IFLA_INET6_MCAST, /* MC things. What of them? */ +- IFLA_INET6_CACHEINFO, /* time values and max reasm size */ +- __IFLA_INET6_MAX +-}; +- +-#define IFLA_INET6_MAX (__IFLA_INET6_MAX - 1) +- +-struct ifla_cacheinfo +-{ +- __u32 max_reasm_len; +- __u32 tstamp; /* ipv6InterfaceTable updated timestamp */ +- __u32 reachable_time; +- __u32 retrans_time; +-}; + + /***************************************************************** + * Traffic control messages. +@@ -821,6 +488,7 @@ enum + TCA_RATE, + TCA_FCNT, + TCA_STATS2, ++ TCA_STAB, + __TCA_MAX + }; + +@@ -829,6 +497,32 @@ enum + #define TCA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct tcmsg)))) + #define TCA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct tcmsg)) + ++/******************************************************************** ++ * Neighbor Discovery userland options ++ ****/ ++ ++struct nduseroptmsg ++{ ++ unsigned char nduseropt_family; ++ unsigned char nduseropt_pad1; ++ unsigned short nduseropt_opts_len; /* Total length of options */ ++ int nduseropt_ifindex; ++ __u8 nduseropt_icmp_type; ++ __u8 nduseropt_icmp_code; ++ unsigned short nduseropt_pad2; ++ unsigned int nduseropt_pad3; ++ /* Followed by one or more ND options */ ++}; ++ ++enum ++{ ++ NDUSEROPT_UNSPEC, ++ NDUSEROPT_SRCADDR, ++ __NDUSEROPT_MAX ++}; ++ ++#define NDUSEROPT_MAX (__NDUSEROPT_MAX - 1) ++ + /* RTnetlink multicast groups - backwards compatibility for userspace */ + #define RTMGRP_LINK 1 + #define RTMGRP_NOTIFY 2 +@@ -883,10 +577,19 @@ enum rtnetlink_groups { + RTNLGRP_NOP2, + RTNLGRP_DECnet_ROUTE, + #define RTNLGRP_DECnet_ROUTE RTNLGRP_DECnet_ROUTE +- RTNLGRP_NOP3, ++ RTNLGRP_DECnet_RULE, ++#define RTNLGRP_DECnet_RULE RTNLGRP_DECnet_RULE + RTNLGRP_NOP4, + RTNLGRP_IPV6_PREFIX, + #define RTNLGRP_IPV6_PREFIX RTNLGRP_IPV6_PREFIX ++ RTNLGRP_IPV6_RULE, ++#define RTNLGRP_IPV6_RULE RTNLGRP_IPV6_RULE ++ RTNLGRP_ND_USEROPT, ++#define RTNLGRP_ND_USEROPT RTNLGRP_ND_USEROPT ++ RTNLGRP_PHONET_IFADDR, ++#define RTNLGRP_PHONET_IFADDR RTNLGRP_PHONET_IFADDR ++ RTNLGRP_PHONET_ROUTE, ++#define RTNLGRP_PHONET_ROUTE RTNLGRP_PHONET_ROUTE + __RTNLGRP_MAX + }; + #define RTNLGRP_MAX (__RTNLGRP_MAX - 1) diff --git a/pkgs/rstp/rstp.nm b/pkgs/rstp/rstp.nm index b663990..bb28a46 100644 --- a/pkgs/rstp/rstp.nm +++ b/pkgs/rstp/rstp.nm @@ -26,7 +26,7 @@ include $(PKGROOT)/Include
PKG_NAME = rstp PKG_VER = 0.21 -PKG_REL = 2 +PKG_REL = 3
PKG_MAINTAINER = PKG_GROUPS = Networking/Tools @@ -40,12 +40,10 @@ endef
PKG_TARBALL = $(THISAPP).tar.gz
-CFLAGS += -fno-strict-aliasing - define STAGE_PREPARE_CMDS cd $(DIR_APP) && sed -i Makefile \ -e "s/-Werror//" \ - -e "s/^CFLAGS = .*/& $(CFLAGS)/g" + -e "s/^CFLAGS =/CFLAGS = $(CFLAGS)/g" endef
define STAGE_BUILD diff --git a/pkgs/strongswan/strongswan.nm b/pkgs/strongswan/strongswan.nm index 497703b..bdfd89a 100644 --- a/pkgs/strongswan/strongswan.nm +++ b/pkgs/strongswan/strongswan.nm @@ -25,8 +25,8 @@ include $(PKGROOT)/Include
PKG_NAME = strongswan -PKG_VER = 4.5.0 -PKG_REL = 0 +PKG_VER = 4.5.2 +PKG_REL = 2
PKG_MAINTAINER = PKG_GROUPS = Networking/VPN
hooks/post-receive -- IPFire 3.x development tree