[arch-commits] Commit in netfilter-fullconenat/repos (3 files)

Tue, 08 Feb 2022 13:59:58 -0800 

    Date: Tuesday, February 8, 2022 @ 21:59:00
  Author: heftig
Revision: 1129393

archrelease: copy trunk to community-testing-x86_64

Added:
  netfilter-fullconenat/repos/community-testing-x86_64/
  netfilter-fullconenat/repos/community-testing-x86_64/PKGBUILD
    (from rev 1129390, netfilter-fullconenat/trunk/PKGBUILD)
  netfilter-fullconenat/repos/community-testing-x86_64/linux-5.15.patch
    (from rev 1129390, netfilter-fullconenat/trunk/linux-5.15.patch)

------------------+
 PKGBUILD         |   46 +++++++++++++++++++++++++++++++++++
 linux-5.15.patch |   68 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 114 insertions(+)

Copied: netfilter-fullconenat/repos/community-testing-x86_64/PKGBUILD (from rev 
1129390, netfilter-fullconenat/trunk/PKGBUILD)
===================================================================
--- community-testing-x86_64/PKGBUILD                           (rev 0)
+++ community-testing-x86_64/PKGBUILD   2022-02-08 21:59:00 UTC (rev 1129393)
@@ -0,0 +1,46 @@
+# Maintainer: Felix Yan <felixonm...@archlinux.org>
+# Contributor: Edward Pacman <edw...@edward-p.xyz>
+
+pkgname=netfilter-fullconenat
+pkgver=r73.0cf3b48
+pkgrel=181
+pkgdesc="A kernel module that turns MASQUERADE into full cone SNAT"
+arch=('x86_64')
+url="https://github.com/Chion82/netfilter-full-cone-nat";
+license=('GPL2')
+depends=("linux")
+makedepends=('linux-headers' 'git')
+_commit=0cf3b48fd7d2fa81d0297d1fff12bbd0580fc435  # master
+source=("${pkgname}::git+https://github.com/Chion82/netfilter-full-cone-nat#commit=${_commit}";
+        linux-5.15.patch)
+sha256sums=('SKIP'
+            'd785622e80ed3348be133270ac974dd372e0d6d770f0da554edbcbf20e94d6a6')
+
+pkgver() {
+  cd ${pkgname}
+  ( set -o pipefail
+    git describe --long 2>/dev/null | sed 's/\([^-]*-g\)/r\1/;s/-/./g' ||
+    printf "r%s.%s" "$(git rev-list --count HEAD)" "$(git rev-parse --short 
HEAD)"
+  )
+}
+
+prepare() {
+  cd ${pkgname}
+  echo "obj-m = xt_FULLCONENAT.o" > Kbuild
+  patch -p1 -i ../linux-5.15.patch
+}
+
+build() {
+  cd ${pkgname}
+  make -C /usr/src/linux M=$PWD modules
+}
+
+package() {
+  local extradir=/usr/lib/modules/$(</usr/src/linux/version)/extramodules
+  install -Dt "${pkgdir}${extradir}" -m644 ${pkgname}/*.ko
+  find "${pkgdir}" -name '*.ko' -exec strip --strip-debug {} +
+  find "${pkgdir}" -name '*.ko' -exec xz {} +
+
+  echo "xt_FULLCONENAT" | \
+    install -Dm644 /dev/stdin 
"${pkgdir}/usr/lib/modules-load.d/${pkgname}.conf"
+}

Copied: netfilter-fullconenat/repos/community-testing-x86_64/linux-5.15.patch 
(from rev 1129390, netfilter-fullconenat/trunk/linux-5.15.patch)
===================================================================
--- community-testing-x86_64/linux-5.15.patch                           (rev 0)
+++ community-testing-x86_64/linux-5.15.patch   2022-02-08 21:59:00 UTC (rev 
1129393)
@@ -0,0 +1,68 @@
+diff --git a/xt_FULLCONENAT.c b/xt_FULLCONENAT.c
+index 9bb8660..c061b98 100644
+--- a/xt_FULLCONENAT.c
++++ b/xt_FULLCONENAT.c
+@@ -123,7 +123,9 @@ struct notifier_block ct_event_notifier;
+ struct nf_ct_event_notifier ct_event_notifier;
+ #endif
+ int tg_refer_count = 0;
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ int ct_event_notifier_registered = 0;
++#endif
+ 
+ static DEFINE_MUTEX(nf_ct_net_event_lock);
+ 
+@@ -894,8 +896,10 @@ static void gc_worker(struct work_struct *work) {
+ #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
+ static int ct_event_cb(struct notifier_block *this, unsigned long events, 
void *ptr) {
+   struct nf_ct_event *item = ptr;
+-#else
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+ static int ct_event_cb(unsigned int events, struct nf_ct_event *item) {
++#else
++static int ct_event_cb(unsigned int events, const struct nf_ct_event *item) {
+ #endif
+   struct nf_conn *ct;
+   struct nf_conntrack_tuple *ct_tuple_reply, *ct_tuple_original;
+@@ -1242,9 +1246,8 @@ static int fullconenat_tg_check(const struct 
xt_tgchk_param *par)
+   if (tg_refer_count == 1) {
+ #ifdef CONFIG_NF_CONNTRACK_CHAIN_EVENTS
+     ct_event_notifier.notifier_call = ct_event_cb;
+-#else
++#elif LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+     ct_event_notifier.fcn = ct_event_cb;
+-#endif
+ 
+     if (nf_conntrack_register_notifier(par->net, &ct_event_notifier) == 0) {
+       ct_event_notifier_registered = 1;
+@@ -1252,6 +1255,11 @@ static int fullconenat_tg_check(const struct 
xt_tgchk_param *par)
+     } else {
+       printk("xt_FULLCONENAT: warning: failed to register a conntrack 
notifier. Disable active GC for mappings.\n");
+     }
++#else
++    ct_event_notifier.ct_event = ct_event_cb;
++    nf_conntrack_register_notifier(par->net, &ct_event_notifier);
++    pr_debug("xt_FULLCONENAT: fullconenat_tg_check(): ct_event_notifier 
registered\n");
++#endif
+ 
+   }
+ 
+@@ -1269,6 +1277,7 @@ static void fullconenat_tg_destroy(const struct 
xt_tgdtor_param *par)
+   pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): tg_refer_count is now 
%d\n", tg_refer_count);
+ 
+   if (tg_refer_count == 0) {
++#if LINUX_VERSION_CODE < KERNEL_VERSION(5,15,0)
+     if (ct_event_notifier_registered) {
+       nf_conntrack_unregister_notifier(par->net, &ct_event_notifier);
+       ct_event_notifier_registered = 0;
+@@ -1276,6 +1285,10 @@ static void fullconenat_tg_destroy(const struct 
xt_tgdtor_param *par)
+       pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier 
unregistered\n");
+ 
+     }
++#else
++    nf_conntrack_unregister_notifier(par->net);
++    pr_debug("xt_FULLCONENAT: fullconenat_tg_destroy(): ct_event_notifier 
unregistered\n");
++#endif
+     nf_ct_netns_put(par->net, par->family);
+   }
+

Reply via email to