[Runnix-commits] SF.net SVN: runnix: [50] trunk
Status: Alpha
Brought to you by:
krisk84
Menu
▾
▴
[Runnix-commits] SF.net SVN: runnix: [50] trunk
|
From: <kr...@us...> - 2007-04-27 20:28:07
|
Revision: 50
http://svn.sourceforge.net/runnix/?rev=50&view=rev
Author: krisk84
Date: 2007-04-27 13:28:05 -0700 (Fri, 27 Apr 2007)
Log Message:
-----------
I'd like to officially welcome runnix to the year 2007
This is the first major update to runnix in almost a
year. Updates include:
- remove kernel-headers hacks
- update to linux kernel 2.6.20
- include squashfs, unionfs for 2.6.20
- update to new astlinux-like device support
- sync packages against astlinux
Modified Paths:
--------------
trunk/Makefile
trunk/package/Config.in
trunk/package/dropbear/dropbear.mk
trunk/target/Config.in
trunk/target/Makefile.in
trunk/toolchain/Config.in
Added Paths:
-----------
trunk/target/device/
trunk/target/device/Config.in
trunk/target/device/Makefile.in
trunk/target/device/geni386/
trunk/target/device/geni386/Config.in
trunk/target/device/geni386/Makefile.in
trunk/target/device/geni386/busybox.config
trunk/target/device/geni386/kernel-patches/
trunk/target/device/geni386/kernel-patches/linux-multi-routes-2.6.20.patch
trunk/target/device/geni386/kernel-patches/linux-squashfs3.2-r2.patch
trunk/target/device/geni386/kernel-patches/linux-unionfs.patch
trunk/target/device/geni386/linux.config
trunk/target/device/geni386/linux.mk
trunk/target/device/geni386/target_skeleton/
trunk/target/device/geni386/target_skeleton-serial/
trunk/target/device/geni386/uClibc.config
Removed Paths:
-------------
trunk/package/linux/
trunk/toolchain/kernel-headers/
Modified: trunk/Makefile
===================================================================
--- trunk/Makefile 2007-04-27 19:41:46 UTC (rev 49)
+++ trunk/Makefile 2007-04-27 20:28:05 UTC (rev 50)
@@ -111,6 +111,10 @@
if [ -d "$(TARGET_SKEL_DIR)" ] ; then \
cp -a $(TARGET_SKEL_DIR)/* $(TARGET_DIR)/; \
fi;
+ if [ -d "$(TARGET_SKEL2_DIR)" ] ; then \
+ cp -af $(TARGET_SKEL2_DIR)/* $(TARGET_DIR)/; \
+ fi;
+
touch $(STAGING_DIR)/fakeroot.env
-find $(TARGET_DIR) -type d -name CVS | xargs rm -rf
-find $(TARGET_DIR) -type d -name .svn | xargs rm -rf
Modified: trunk/package/Config.in
===================================================================
--- trunk/package/Config.in 2007-04-27 19:41:46 UTC (rev 49)
+++ trunk/package/Config.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -3,7 +3,6 @@
comment "The default minimal system"
source "package/busybox/Config.in"
-source "package/linux/Config.in"
comment "Other stuff"
source "package/acpid/Config.in"
Modified: trunk/package/dropbear/dropbear.mk
===================================================================
--- trunk/package/dropbear/dropbear.mk 2007-04-27 19:41:46 UTC (rev 49)
+++ trunk/package/dropbear/dropbear.mk 2007-04-27 20:28:05 UTC (rev 50)
@@ -70,8 +70,8 @@
ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/dbclient
ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/dropbearkey
ln -snf ../sbin/dropbear $(TARGET_DIR)/usr/bin/dropbearconvert
- cp $(DROPBEAR_DIR)/S50dropbear $(TARGET_DIR)/etc/init.d/
- chmod a+x $(TARGET_DIR)/etc/init.d/S50dropbear
+ # cp $(DROPBEAR_DIR)/S50dropbear $(TARGET_DIR)/etc/init.d/
+ # chmod a+x $(TARGET_DIR)/etc/init.d/S50dropbear
dropbear: uclibc zlib $(TARGET_DIR)/$(DROPBEAR_TARGET_BINARY)
Modified: trunk/target/Config.in
===================================================================
--- trunk/target/Config.in 2007-04-27 19:41:46 UTC (rev 49)
+++ trunk/target/Config.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -17,4 +17,4 @@
endmenu
-# source "target/device/Config.in"
+source "target/device/Config.in"
Modified: trunk/target/Makefile.in
===================================================================
--- trunk/target/Makefile.in 2007-04-27 19:41:46 UTC (rev 49)
+++ trunk/target/Makefile.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -1,5 +1,5 @@
include target/generic/Makefile.in
-# include target/device/Makefile.in
+include target/device/Makefile.in
include target/x86/Makefile.in
include target/arm/Makefile.in
include target/powerpc/Makefile.in
Added: trunk/target/device/Config.in
===================================================================
--- trunk/target/device/Config.in (rev 0)
+++ trunk/target/device/Config.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -0,0 +1,15 @@
+menu "Runnix Target Device"
+choice
+ prompt "Runnix Target Device"
+ default BR2_TARGET_GENI386
+ help
+ If you have a specific device, check it here
+
+config BR2_TARGET_GENI386
+ bool "Generic i386"
+ depends BR2_i386
+ select BR2_PACKAGE_LINUX
+
+endchoice
+source target/device/geni386/Config.in
+endmenu
Added: trunk/target/device/Makefile.in
===================================================================
--- trunk/target/device/Makefile.in (rev 0)
+++ trunk/target/device/Makefile.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -0,0 +1 @@
+-include target/device/*/Makefile.in
Added: trunk/target/device/geni386/Config.in
===================================================================
--- trunk/target/device/geni386/Config.in (rev 0)
+++ trunk/target/device/geni386/Config.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -0,0 +1,13 @@
+config BR2_TARGET_GENI386_SERIAL
+ bool "i386 Serial Console"
+ depends BR2_TARGET_GENI386
+ default n
+ help
+ Serial console with your i386 - 19200 8n1
+
+config BR2_PACKAGE_LINUX
+ bool "linux"
+ depends on BR2_TARGET_GENI386
+ default n
+ help
+ The Linux kernel.
Added: trunk/target/device/geni386/Makefile.in
===================================================================
--- trunk/target/device/geni386/Makefile.in (rev 0)
+++ trunk/target/device/geni386/Makefile.in 2007-04-27 20:28:05 UTC (rev 50)
@@ -0,0 +1,20 @@
+# Override the default linux configuration
+GENI386_PATH=target/device/geni386
+
+ifeq ($(strip $(BR2_TARGET_GENI386)),y)
+DEV_PATH=$(GENI386_PATH)
+BR2_PACKAGE_LINUX_CONFIG=$(GENI386_PATH)/linux.config
+UCLIBC_CONFIG_FILE=$(GENI386_PATH)/uClibc.config
+TARGET_SKEL2_DIR=$(GENI386_PATH)/target_skeleton
+BR2_PACKAGE_BUSYBOX_CONFIG:=$(GENI386_PATH)/busybox.config
+
+ifeq ($(strip $(BR2_TARGET_GENI386_SERIAL)),y)
+TARGET_SKEL2_DIR=$(GENI386_PATH)/target_skeleton-serial
+endif
+
+ifeq ($(strip $(BR2_PACKAGE_LINUX)),y)
+TARGETS+=linux
+include $(GENI386_PATH)/linux.mk
+endif
+
+endif
Added: trunk/target/device/geni386/busybox.config
===================================================================
--- trunk/target/device/geni386/busybox.config (rev 0)
+++ trunk/target/device/geni386/busybox.config 2007-04-27 20:28:05 UTC (rev 50)
@@ -0,0 +1,593 @@
+#
+# Automatically generated make config: don't edit
+#
+HAVE_DOT_CONFIG=y
+
+#
+# General Configuration
+#
+# CONFIG_FEATURE_BUFFERS_USE_MALLOC is not set
+# CONFIG_FEATURE_BUFFERS_GO_ON_STACK is not set
+CONFIG_FEATURE_BUFFERS_GO_IN_BSS=y
+CONFIG_FEATURE_VERBOSE_USAGE=y
+# CONFIG_FEATURE_INSTALLER is not set
+# CONFIG_LOCALE_SUPPORT is not set
+# CONFIG_FEATURE_DEVFS is not set
+# CONFIG_FEATURE_DEVPTS is not set
+# CONFIG_FEATURE_CLEAN_UP is not set
+CONFIG_FEATURE_SUID=y
+# CONFIG_FEATURE_SUID_CONFIG is not set
+# CONFIG_FEATURE_SUID_CONFIG_QUIET is not set
+# CONFIG_SELINUX is not set
+
+#
+# Build Options
+#
+# CONFIG_STATIC is not set
+CONFIG_LFS=y
+# USING_CROSS_COMPILER is not set
+CROSS_COMPILER_PREFIX=""
+EXTRA_CFLAGS_OPTIONS=""
+CONFIG_FEATURE_SUSv2=y
+CONFIG_FEATURE_SUSv2_OBSOLETE=y
+
+#
+# Installation Options
+#
+# CONFIG_INSTALL_NO_USR is not set
+CONFIG_INSTALL_APPLET_SYMLINKS=y
+# CONFIG_INSTALL_APPLET_HARDLINKS is not set
+# CONFIG_INSTALL_APPLET_DONT is not set
+PREFIX="./_install"
+
+#
+# Archival Utilities
+#
+# CONFIG_AR is not set
+# CONFIG_FEATURE_AR_LONG_FILENAMES is not set
+CONFIG_BUNZIP2=y
+# CONFIG_CPIO is not set
+# CONFIG_DPKG is not set
+# CONFIG_DPKG_DEB is not set
+# CONFIG_FEATURE_DPKG_DEB_EXTRACT_ONLY is not set
+CONFIG_GUNZIP=y
+# CONFIG_FEATURE_GUNZIP_UNCOMPRESS is not set
+CONFIG_GZIP=y
+# CONFIG_RPM2CPIO is not set
+# CONFIG_RPM is not set
+CONFIG_TAR=y
+CONFIG_FEATURE_TAR_CREATE=y
+CONFIG_FEATURE_TAR_BZIP2=y
+# CONFIG_FEATURE_TAR_FROM is not set
+CONFIG_FEATURE_TAR_GZIP=y
+# CONFIG_FEATURE_TAR_COMPRESS is not set
+# CONFIG_FEATURE_TAR_OLDGNU_COMPATABILITY is not set
+CONFIG_FEATURE_TAR_GNU_EXTENSIONS=y
+# CONFIG_FEATURE_TAR_LONG_OPTIONS is not set
+# CONFIG_UNCOMPRESS is not set
+CONFIG_UNZIP=y
+
+#
+# Common options for cpio and tar
+#
+# CONFIG_FEATURE_UNARCHIVE_TAPE is not set
+# CONFIG_FEATURE_DEB_TAR_GZ is not set
+# CONFIG_FEATURE_DEB_TAR_BZ2 is not set
+
+#
+# Coreutils
+#
+CONFIG_BASENAME=y
+# CONFIG_CAL is not set
+CONFIG_CAT=y
+CONFIG_CHGRP=y
+CONFIG_CHMOD=y
+CONFIG_CHOWN=y
+CONFIG_CHROOT=y
+CONFIG_CMP=y
+# CONFIG_COMM is not set
+CONFIG_CP=y
+CONFIG_CUT=y
+CONFIG_DATE=y
+
+#
+# date (forced enabled for use with watch)
+#
+CONFIG_FEATURE_DATE_ISOFMT=y
+CONFIG_DD=y
+CONFIG_DF=y
+CONFIG_DIRNAME=y
+CONFIG_DOS2UNIX=y
+CONFIG_UNIX2DOS=y
+CONFIG_DU=y
+CONFIG_FEATURE_DU_DEFALT_BLOCKSIZE_1K=y
+CONFIG_ECHO=y
+CONFIG_FEATURE_FANCY_ECHO=y
+CONFIG_ENV=y
+CONFIG_EXPR=y
+CONFIG_FALSE=y
+# CONFIG_FOLD is not set
+CONFIG_HEAD=y
+# CONFIG_FEATURE_FANCY_HEAD is not set
+CONFIG_HOSTID=y
+CONFIG_ID=y
+CONFIG_INSTALL=y
+# CONFIG_LENGTH is not set
+CONFIG_LN=y
+CONFIG_LOGNAME=y
+CONFIG_LS=y
+CONFIG_FEATURE_LS_FILETYPES=y
+CONFIG_FEATURE_LS_FOLLOWLINKS=y
+CONFIG_FEATURE_LS_RECURSIVE=y
+CONFIG_FEATURE_LS_SORTFILES=y
+CONFIG_FEATURE_LS_TIMESTAMPS=y
+CONFIG_FEATURE_LS_USERNAME=y
+CONFIG_FEATURE_LS_COLOR=y
+# CONFIG_FEATURE_LS_COLOR_IS_DEFAULT is not set
+CONFIG_MD5SUM=y
+CONFIG_MKDIR=y
+# CONFIG_MKFIFO is not set
+CONFIG_MKNOD=y
+CONFIG_MV=y
+CONFIG_NICE=y
+CONFIG_NOHUP=y
+# CONFIG_OD is not set
+# CONFIG_PRINTENV is not set
+# CONFIG_PRINTF is not set
+CONFIG_PWD=y
+CONFIG_REALPATH=y
+CONFIG_RM=y
+CONFIG_RMDIR=y
+CONFIG_SEQ=y
+CONFIG_SHA1SUM=y
+CONFIG_SLEEP=y
+# CONFIG_FEATURE_FANCY_SLEEP is not set
+CONFIG_SORT=y
+CONFIG_FEATURE_SORT_BIG=y
+CONFIG_STAT=y
+# CONFIG_FEATURE_STAT_FORMAT is not set
+CONFIG_STTY=y
+# CONFIG_SUM is not set
+CONFIG_SYNC=y
+CONFIG_TAIL=y
+CONFIG_FEATURE_FANCY_TAIL=y
+CONFIG_TEE=y
+CONFIG_FEATURE_TEE_USE_BLOCK_IO=y
+CONFIG_TEST=y
+
+#
+# test (forced enabled for use with shell)
+#
+CONFIG_FEATURE_TEST_64=y
+CONFIG_TOUCH=y
+CONFIG_TR=y
+# CONFIG_FEATURE_TR_CLASSES is not set
+# CONFIG_FEATURE_TR_EQUIV is not set
+CONFIG_TRUE=y
+CONFIG_TTY=y
+CONFIG_UNAME=y
+CONFIG_UNIQ=y
+CONFIG_USLEEP=y
+CONFIG_UUDECODE=y
+CONFIG_UUENCODE=y
+CONFIG_WATCH=y
+CONFIG_WC=y
+CONFIG_WHO=y
+CONFIG_WHOAMI=y
+CONFIG_YES=y
+
+#
+# Common options for cp and mv
+#
+CONFIG_FEATURE_PRESERVE_HARDLINKS=y
+
+#
+# Common options for ls and more
+#
+CONFIG_FEATURE_AUTOWIDTH=y
+
+#
+# Common options for df, du, ls
+#
+CONFIG_FEATURE_HUMAN_READABLE=y
+
+#
+# Common options for md5sum, sha1sum
+#
+CONFIG_FEATURE_MD5_SHA1_SUM_CHECK=y
+
+#
+# Console Utilities
+#
+CONFIG_CHVT=y
+CONFIG_CLEAR=y
+CONFIG_DEALLOCVT=y
+# CONFIG_DUMPKMAP is not set
+# CONFIG_LOADFONT is not set
+# CONFIG_LOADKMAP is not set
+CONFIG_OPENVT=y
+CONFIG_RESET=y
+# CONFIG_SETCONSOLE is not set
+# CONFIG_SETKEYCODES is not set
+
+#
+# Debian Utilities
+#
+CONFIG_MKTEMP=y
+# CONFIG_PIPE_PROGRESS is not set
+CONFIG_READLINK=y
+# CONFIG_FEATURE_READLINK_FOLLOW is not set
+CONFIG_RUN_PARTS=y
+# CONFIG_START_STOP_DAEMON is not set
+CONFIG_WHICH=y
+
+#
+# Linux Ext2 FS Progs
+#
+# CONFIG_CHATTR is not set
+CONFIG_E2FSCK=y
+CONFIG_FSCK=y
+CONFIG_LSATTR=y
+CONFIG_MKE2FS=y
+CONFIG_TUNE2FS=y
+CONFIG_E2LABEL=y
+CONFIG_FINDFS=y
+
+#
+# Editors
+#
+CONFIG_AWK=y
+CONFIG_FEATURE_AWK_MATH=y
+CONFIG_PATCH=y
+CONFIG_SED=y
+CONFIG_VI=y
+CONFIG_FEATURE_VI_COLON=y
+CONFIG_FEATURE_VI_YANKMARK=y
+CONFIG_FEATURE_VI_SEARCH=y
+CONFIG_FEATURE_VI_USE_SIGNALS=y
+CONFIG_FEATURE_VI_DOT_CMD=y
+CONFIG_FEATURE_VI_READONLY=y
+CONFIG_FEATURE_VI_SETOPTS=y
+CONFIG_FEATURE_VI_SET=y
+CONFIG_FEATURE_VI_WIN_RESIZE=y
+CONFIG_FEATURE_VI_OPTIMIZE_CURSOR=y
+
+#
+# Finding Utilities
+#
+CONFIG_FIND=y
+CONFIG_FEATURE_FIND_MTIME=y
+CONFIG_FEATURE_FIND_PERM=y
+CONFIG_FEATURE_FIND_TYPE=y
+CONFIG_FEATURE_FIND_XDEV=y
+# CONFIG_FEATURE_FIND_NEWER is not set
+# CONFIG_FEATURE_FIND_INUM is not set
+CONFIG_FEATURE_FIND_EXEC=y
+CONFIG_GREP=y
+CONFIG_FEATURE_GREP_EGREP_ALIAS=y
+CONFIG_FEATURE_GREP_FGREP_ALIAS=y
+CONFIG_FEATURE_GREP_CONTEXT=y
+CONFIG_XARGS=y
+# CONFIG_FEATURE_XARGS_SUPPORT_CONFIRMATION is not set
+CONFIG_FEATURE_XARGS_SUPPORT_QUOTES=y
+CONFIG_FEATURE_XARGS_SUPPORT_TERMOPT=y
+CONFIG_FEATURE_XARGS_SUPPORT_ZERO_TERM=y
+
+#
+# Init Utilities
+#
+CONFIG_INIT=y
+CONFIG_FEATURE_USE_INITTAB=y
+CONFIG_FEATURE_INITRD=y
+# CONFIG_FEATURE_INIT_COREDUMPS is not set
+# CONFIG_FEATURE_INIT_SCTTY is not set
+# CONFIG_FEATURE_EXTRA_QUIET is not set
+CONFIG_HALT=y
+# CONFIG_MESG is not set
+CONFIG_POWEROFF=y
+CONFIG_REBOOT=y
+
+#
+# Login/Password Management Utilities
+#
+CONFIG_FEATURE_SHADOWPASSWDS=y
+# CONFIG_USE_BB_SHADOW is not set
+# CONFIG_USE_BB_PWD_GRP is not set
+CONFIG_ADDGROUP=y
+CONFIG_DELGROUP=y
+CONFIG_ADDUSER=y
+CONFIG_DELUSER=y
+CONFIG_GETTY=y
+CONFIG_FEATURE_UTMP=y
+CONFIG_FEATURE_WTMP=y
+CONFIG_LOGIN=y
+# CONFIG_FEATURE_SECURETTY is not set
+CONFIG_PASSWD=y
+CONFIG_SU=y
+CONFIG_SULOGIN=y
+CONFIG_VLOCK=y
+
+#
+# Miscellaneous Utilities
+#
+# CONFIG_ADJTIMEX is not set
+CONFIG_BBCONFIG=y
+CONFIG_CROND=y
+CONFIG_FEATURE_CROND_CALL_SENDMAIL=y
+CONFIG_CRONTAB=y
+CONFIG_DC=y
+# CONFIG_DEVFSD is not set
+# CONFIG_DEVFSD_MODLOAD is not set
+# CONFIG_DEVFSD_FG_NP is not set
+# CONFIG_DEVFSD_VERBOSE is not set
+# CONFIG_EJECT is not set
+CONFIG_LAST=y
+CONFIG_LESS=y
+CONFIG_FEATURE_LESS_BRACKETS=y
+CONFIG_FEATURE_LESS_FLAGS=y
+# CONFIG_FEATURE_LESS_FLAGCS is not set
+# CONFIG_FEATURE_LESS_MARKS is not set
+# CONFIG_FEATURE_LESS_REGEXP is not set
+CONFIG_HDPARM=y
+CONFIG_FEATURE_HDPARM_GET_IDENTITY=y
+CONFIG_FEATURE_HDPARM_HDIO_SCAN_HWIF=y
+CONFIG_FEATURE_HDPARM_HDIO_UNREGISTER_HWIF=y
+# CONFIG_FEATURE_HDPARM_HDIO_DRIVE_RESET is not set
+# CONFIG_FEATURE_HDPARM_HDIO_TRISTATE_HWIF is not set
+CONFIG_FEATURE_HDPARM_HDIO_GETSET_DMA=y
+CONFIG_MAKEDEVS=y
+# CONFIG_FEATURE_MAKEDEVS_LEAF is not set
+CONFIG_FEATURE_MAKEDEVS_TABLE=y
+# CONFIG_MOUNTPOINT is not set
+CONFIG_MT=y
+# BB_APPLET_RUNLEVEL is not set
+# CONFIG_RX is not set
+CONFIG_STRINGS=y
+# CONFIG_SETSID is not set
+CONFIG_TIME=y
+CONFIG_WATCHDOG=y
+
+#
+# Linux Module Utilities
+#
+CONFIG_INSMOD=y
+# CONFIG_FEATURE_INSMOD_VERSION_CHECKING is not set
+# CONFIG_FEATURE_INSMOD_KSYMOOPS_SYMBOLS is not set
+# CONFIG_FEATURE_INSMOD_LOADINKMEM is not set
+# CONFIG_FEATURE_INSMOD_LOAD_MAP is not set
+# CONFIG_FEATURE_INSMOD_LOAD_MAP_FULL is not set
+CONFIG_RMMOD=y
+CONFIG_LSMOD=y
+CONFIG_FEATURE_LSMOD_PRETTY_2_6_OUTPUT=y
+CONFIG_MODPROBE=y
+CONFIG_FEATURE_MODPROBE_MULTIPLE_OPTIONS=y
+
+#
+# Options common to multiple modutils
+#
+CONFIG_FEATURE_CHECK_TAINTED_MODULE=y
+# CONFIG_FEATURE_2_4_MODULES is not set
+CONFIG_FEATURE_2_6_MODULES=y
+# CONFIG_FEATURE_QUERY_MODULE_INTERFACE is not set
+
+#
+# Networking Utilities
+#
+# CONFIG_FEATURE_IPV6 is not set
+CONFIG_ARPING=y
+CONFIG_ETHER_WAKE=y
+CONFIG_FAKEIDENTD=y
+CONFIG_FTPGET=y
+CONFIG_FTPPUT=y
+CONFIG_HOSTNAME=y
+# CONFIG_HTTPD is not set
+# CONFIG_FEATURE_HTTPD_USAGE_FROM_INETD_ONLY is not set
+# CONFIG_FEATURE_HTTPD_BASIC_AUTH is not set
+# CONFIG_FEATURE_HTTPD_AUTH_MD5 is not set
+# CONFIG_FEATURE_HTTPD_RELOAD_CONFIG_SIGHUP is not set
+# CONFIG_FEATURE_HTTPD_SETUID is not set
+# CONFIG_FEATURE_HTTPD_CONFIG_WITH_MIME_TYPES is not set
+# CONFIG_FEATURE_HTTPD_CGI is not set
+# CONFIG_FEATURE_HTTPD_SET_REMOTE_PORT_TO_ENV is not set
+# CONFIG_FEATURE_HTTPD_ENCODE_URL_STR is not set
+CONFIG_IFCONFIG=y
+CONFIG_FEATURE_IFCONFIG_STATUS=y
+# CONFIG_FEATURE_IFCONFIG_SLIP is not set
+CONFIG_FEATURE_IFCONFIG_MEMSTART_IOADDR_IRQ=y
+CONFIG_FEATURE_IFCONFIG_HW=y
+CONFIG_FEATURE_IFCONFIG_BROADCAST_PLUS=y
+CONFIG_IFUPDOWN=y
+# CONFIG_FEATURE_IFUPDOWN_IP is not set
+CONFIG_FEATURE_IFUPDOWN_IP_BUILTIN=y
+CONFIG_FEATURE_IFUPDOWN_IPV4=y
+# CONFIG_FEATURE_IFUPDOWN_IPV6 is not set
+# CONFIG_FEATURE_IFUPDOWN_IPX is not set
+# CONFIG_FEATURE_IFUPDOWN_MAPPING is not set
+CONFIG_INETD=y
+# CONFIG_FEATURE_INETD_SUPPORT_BILTIN_ECHO is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BILTIN_DISCARD is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BILTIN_TIME is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BILTIN_DAYTIME is not set
+# CONFIG_FEATURE_INETD_SUPPORT_BILTIN_CHARGEN is not set
+# CONFIG_FEATURE_INETD_RPC is not set
+# CONFIG_IP is not set
+# CONFIG_FEATURE_IP_ADDRESS is not set
+# CONFIG_FEATURE_IP_LINK is not set
+# CONFIG_FEATURE_IP_ROUTE is not set
+# CONFIG_FEATURE_IP_TUNNEL is not set
+# CONFIG_IPCALC is not set
+# CONFIG_FEATURE_IPCALC_FANCY is not set
+# CONFIG_IPADDR is not set
+# CONFIG_IPLINK is not set
+# CONFIG_IPROUTE is not set
+# CONFIG_IPTUNNEL is not set
+# CONFIG_NAMEIF is not set
+CONFIG_NC=y
+# CONFIG_NC_GAPING_SECURITY_HOLE is not set
+CONFIG_NETSTAT=y
+CONFIG_NSLOOKUP=y
+CONFIG_PING=y
+CONFIG_FEATURE_FANCY_PING=y
+# CONFIG_PING6 is not set
+# CONFIG_FEATURE_FANCY_PING6 is not set
+CONFIG_ROUTE=y
+CONFIG_TELNET=y
+CONFIG_FEATURE_TELNET_TTYPE=y
+# CONFIG_FEATURE_TELNET_AUTOLOGIN is not set
+CONFIG_TELNETD=y
+# CONFIG_FEATURE_TELNETD_INETD is not set
+CONFIG_TFTP=y
+CONFIG_FEATURE_TFTP_GET=y
+CONFIG_FEATURE_TFTP_PUT=y
+CONFIG_FEATURE_TFTP_BLOCKSIZE=y
+CONFIG_FEATURE_TFTP_DEBUG=y
+CONFIG_TRACEROUTE=y
+CONFIG_FEATURE_TRACEROUTE_VERBOSE=y
+# CONFIG_FEATURE_TRACEROUTE_SOURCE_ROUTE is not set
+# CONFIG_FEATURE_TRACEROUTE_USE_ICMP is not set
+CONFIG_VCONFIG=y
+CONFIG_WGET=y
+CONFIG_FEATURE_WGET_STATUSBAR=y
+CONFIG_FEATURE_WGET_AUTHENTICATION=y
+# CONFIG_FEATURE_WGET_IP6_LITERAL is not set
+
+#
+# udhcp Server/Client
+#
+# CONFIG_UDHCPD is not set
+CONFIG_UDHCPC=y
+# CONFIG_DUMPLEASES is not set
+CONFIG_FEATURE_UDHCP_SYSLOG=y
+# CONFIG_FEATURE_UDHCP_DEBUG is not set
+# CONFIG_ZCIP is not set
+
+#
+# Process Utilities
+#
+CONFIG_FREE=y
+CONFIG_FUSER=y
+CONFIG_KILL=y
+CONFIG_KILLALL=y
+CONFIG_PIDOF=y
+# CONFIG_FEATURE_PIDOF_SINGLE is not set
+# CONFIG_FEATURE_PIDOF_OMIT is not set
+CONFIG_PS=y
+CONFIG_FEATURE_PS_WIDE=y
+CONFIG_RENICE=y
+CONFIG_BB_SYSCTL=y
+CONFIG_TOP=y
+CONFIG_FEATURE_TOP_CPU_USAGE_PERCENTAGE=y
+CONFIG_UPTIME=y
+
+#
+# Shells
+#
+CONFIG_FEATURE_SH_IS_ASH=y
+# CONFIG_FEATURE_SH_IS_HUSH is not set
+# CONFIG_FEATURE_SH_IS_LASH is not set
+# CONFIG_FEATURE_SH_IS_MSH is not set
+# CONFIG_FEATURE_SH_IS_NONE is not set
+CONFIG_ASH=y
+
+#
+# Ash Shell Options
+#
+CONFIG_ASH_JOB_CONTROL=y
+# CONFIG_ASH_READ_NCHARS is not set
+# CONFIG_ASH_READ_TIMEOUT is not set
+CONFIG_ASH_ALIAS=y
+CONFIG_ASH_MATH_SUPPORT=y
+CONFIG_ASH_MATH_SUPPORT_64=y
+# CONFIG_ASH_GETOPTS is not set
+# CONFIG_ASH_CMDCMD is not set
+# CONFIG_ASH_BUILTIN_ECHO is not set
+# CONFIG_ASH_MAIL is not set
+CONFIG_ASH_OPTIMIZE_FOR_SIZE=y
+# CONFIG_ASH_RANDOM_SUPPORT is not set
+# CONFIG_ASH_EXPAND_PRMT is not set
+# CONFIG_HUSH is not set
+# CONFIG_LASH is not set
+# CONFIG_MSH is not set
+
+#
+# Bourne Shell Options
+#
+CONFIG_FEATURE_SH_EXTRA_QUIET=y
+# CONFIG_FEATURE_SH_STANDALONE_SHELL is not set
+CONFIG_FEATURE_COMMAND_EDITING=y
+# CONFIG_FEATURE_COMMAND_EDITING_VI is not set
+CONFIG_FEATURE_COMMAND_HISTORY=100
+CONFIG_FEATURE_COMMAND_SAVEHISTORY=y
+CONFIG_FEATURE_COMMAND_TAB_COMPLETION=y
+CONFIG_FEATURE_COMMAND_USERNAME_COMPLETION=y
+CONFIG_FEATURE_SH_FANCY_PROMPT=y
+
+#
+# System Logging Utilities
+#
+CONFIG_SYSLOGD=y
+CONFIG_FEATURE_ROTATE_LOGFILE=y
+CONFIG_FEATURE_REMOTE_LOG=y
+CONFIG_FEATURE_IPC_SYSLOG=y
+CONFIG_FEATURE_IPC_SYSLOG_BUFFER_SIZE=16
+CONFIG_LOGREAD=y
+# CONFIG_FEATURE_LOGREAD_REDUCED_LOCKING is not set
+CONFIG_KLOGD=y
+CONFIG_LOGGER=y
+
+#
+# Linux System Utilities
+#
+CONFIG_DMESG=y
+# CONFIG_FBSET is not set
+# CONFIG_FEATURE_FBSET_FANCY is not set
+# CONFIG_FEATURE_FBSET_READMODE is not set
+# CONFIG_FDFLUSH is not set
+CONFIG_FDFORMAT=y
+CONFIG_FDISK=y
+FDISK_SUPPORT_LARGE_DISKS=y
+CONFIG_FEATURE_FDISK_WRITABLE=y
+# CONFIG_FEATURE_AIX_LABEL is not set
+# CONFIG_FEATURE_SGI_LABEL is not set
+# CONFIG_FEATURE_SUN_LABEL is not set
+# CONFIG_FEATURE_OSF_LABEL is not set
+# CONFIG_FEATURE_FDISK_ADVANCED is not set
+# CONFIG_FREERAMDISK is not set
+# CONFIG_FSCK_MINIX is not set
+# CONFIG_MKFS_MINIX is not set
+# CONFIG_FEATURE_MINIX2 is not set
+CONFIG_GETOPT=y
+CONFIG_HEXDUMP=y
+CONFIG_HWCLOCK=y
+CONFIG_FEATURE_HWCLOCK_LONGOPTIONS=y
+CONFIG_FEATURE_HWCLOCK_ADJTIME_FHS=y
+# CONFIG_IPCRM is not set
+# CONFIG_IPCS is not set
+CONFIG_LOSETUP=y
+# CONFIG_MDEV is not set
+# CONFIG_FEATURE_MDEV_CONF is not set
+CONFIG_MKSWAP=y
+CONFIG_MORE=y
+CONFIG_FEATURE_USE_TERMIOS=y
+CONFIG_PIVOT_ROOT=y
+# CONFIG_SWITCH_ROOT is not set
+CONFIG_RDATE=y
+# CONFIG_READPROFILE is not set
+CONFIG_SWAPONOFF=y
+CONFIG_MOUNT=y
+CONFIG_FEATURE_MOUNT_NFS=y
+CONFIG_UMOUNT=y
+
+#
+# Common options for mount/umount
+#
+CONFIG_FEATURE_MOUNT_LOOP=y
+# CONFIG_FEATURE_MTAB_SUPPORT is not set
+
+#
+# Debugging Options
+#
+# CONFIG_DEBUG is not set
+# CONFIG_NO_DEBUG_LIB is not set
+# CONFIG_DMALLOC is not set
+# CONFIG_EFENCE is not set
Added: trunk/target/device/geni386/kernel-patches/linux-multi-routes-2.6.20.patch
===================================================================
--- trunk/target/device/geni386/kernel-patches/linux-multi-routes-2.6.20.patch (rev 0)
+++ trunk/target/device/geni386/kernel-patches/linux-multi-routes-2.6.20.patch 2007-04-27 20:28:05 UTC (rev 50)
@@ -0,0 +1,2604 @@
+diff -urN linux-2.6.20.orig/Documentation/filesystems/proc.txt linux-2.6.20/Documentation/filesystems/proc.txt
+--- linux-2.6.20.orig/Documentation/filesystems/proc.txt 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/Documentation/filesystems/proc.txt 2007-02-14 11:11:28.000000000 -0500
+@@ -1682,6 +1682,15 @@
+
+ Log packets with source addresses with no known route to kernel log.
+
++loop
++----
++
++By default (loop=0) the traffic between local IP addresses
++is routed via interface "lo". Setting this flag for two
++interfaces allows traffic between their IP addresses to
++be looped externally. This is useful for setups where the
++interfaces are attached to same broadcast medium.
++
+ mc_forwarding
+ -------------
+
+@@ -1705,6 +1714,28 @@
+ (external addresses can still be spoofed), without the need for additional
+ firewall rules.
+
++forward_shared
++--------------
++
++Integer value determines if a source validation should allow forwarding of
++packets with local source address. 1 means yes, 0 means no. By default the
++flag is disabled and such packets are not forwarded.
++
++If you enable this flag on internal network, the router will forward packets
++from internal hosts with shared IP addresses no matter how the rp_filter is
++set. This flag is activated only if it is enabled both in specific device
++section and in "all" section.
++
++rp_filter_mask
++--------------
++
++Integer value representing bitmask of the mediums for which the reverse path
++protection is disabled. If the source validation results in reverse path to
++interface with medium_id value in the 1..31 range the access is allowed if the
++corresponding bit is set in the bitmask. The bitmask value is considered only
++when rp_filter is enabled. By default the bitmask is empty preserving the
++original rp_filter semantic.
++
+ secure_redirects
+ ----------------
+
+@@ -1722,6 +1753,16 @@
+
+ Determines whether to send ICMP redirects to other hosts.
+
++hidden
++------
++
++Hide addresses attached to this device from other devices. Such addresses
++will never be selected by source address autoselection mechanism, host does
++not answer broadcast ARP requests for them, does not announce them as source
++address of ARP requests, but they are still reachable via IP. This flag is
++activated only if it is enabled both in specific device section and in "all"
++section.
++
+ Routing settings
+ ----------------
+
+diff -urN linux-2.6.20.orig/Documentation/networking/ip-sysctl.txt linux-2.6.20/Documentation/networking/ip-sysctl.txt
+--- linux-2.6.20.orig/Documentation/networking/ip-sysctl.txt 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/Documentation/networking/ip-sysctl.txt 2007-02-14 11:11:28.000000000 -0500
+@@ -541,6 +541,24 @@
+ forwarding - BOOLEAN
+ Enable IP forwarding on this interface.
+
++forward_shared - BOOLEAN
++ Integer value determines if a source validation should allow
++ forwarding of packets with local source address. 1 means yes,
++ 0 means no. By default the flag is disabled and such packets
++ are not forwarded.
++
++ If you enable this flag on internal network, the router will forward
++ packets from internal hosts with shared IP addresses no matter how
++ the rp_filter is set. This flag is activated only if it is
++ enabled both in specific device section and in "all" section.
++
++loop - BOOLEAN
++ By default (loop=0) the traffic between local IP addresses
++ is routed via interface "lo". Setting this flag for two
++ interfaces allows traffic between their IP addresses to
++ be looped externally. This is useful for setups where the
++ interfaces are attached to same broadcast medium.
++
+ mc_forwarding - BOOLEAN
+ Do multicast routing. The kernel needs to be compiled with CONFIG_MROUTE
+ and a multicast routing daemon is required.
+@@ -704,6 +722,24 @@
+
+
+
++hidden - BOOLEAN
++ Hide addresses attached to this device from other devices.
++ Such addresses will never be selected by source address autoselection
++ mechanism, host does not answer broadcast ARP requests for them,
++ does not announce them as source address of ARP requests, but they
++ are still reachable via IP. This flag is activated only if it is
++ enabled both in specific device section and in "all" section.
++
++rp_filter_mask - INTEGER
++
++ Integer value representing bitmask of the mediums for which the
++ reverse path protection is disabled. If the source validation
++ results in reverse path to interface with medium_id value in
++ the 1..31 range the access is allowed if the corresponding bit
++ is set in the bitmask. The bitmask value is considered only when
++ rp_filter is enabled. By default the bitmask is empty preserving
++ the original rp_filter semantic.
++
+ tag - INTEGER
+ Allows you to write a number, which can be used as required.
+ Default value is 0.
+diff -urN linux-2.6.20.orig/include/linux/inetdevice.h linux-2.6.20/include/linux/inetdevice.h
+--- linux-2.6.20.orig/include/linux/inetdevice.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/linux/inetdevice.h 2007-02-14 11:11:28.000000000 -0500
+@@ -31,6 +31,10 @@
+ int no_policy;
+ int force_igmp_version;
+ int promote_secondaries;
++ int hidden;
++ int rp_filter_mask;
++ int forward_shared;
++ int loop;
+ void *sysctl;
+ };
+
+@@ -68,11 +72,13 @@
+
+ #define IN_DEV_LOG_MARTIANS(in_dev) (ipv4_devconf.log_martians || (in_dev)->cnf.log_martians)
+ #define IN_DEV_PROXY_ARP(in_dev) (ipv4_devconf.proxy_arp || (in_dev)->cnf.proxy_arp)
++#define IN_DEV_HIDDEN(in_dev) ((in_dev)->cnf.hidden && ipv4_devconf.hidden)
+ #define IN_DEV_SHARED_MEDIA(in_dev) (ipv4_devconf.shared_media || (in_dev)->cnf.shared_media)
+ #define IN_DEV_TX_REDIRECTS(in_dev) (ipv4_devconf.send_redirects || (in_dev)->cnf.send_redirects)
+ #define IN_DEV_SEC_REDIRECTS(in_dev) (ipv4_devconf.secure_redirects || (in_dev)->cnf.secure_redirects)
+ #define IN_DEV_IDTAG(in_dev) ((in_dev)->cnf.tag)
+ #define IN_DEV_MEDIUM_ID(in_dev) ((in_dev)->cnf.medium_id)
++#define IN_DEV_RPFILTER_MASK(in_dev) ((in_dev)->cnf.rp_filter_mask)
+ #define IN_DEV_PROMOTE_SECONDARIES(in_dev) (ipv4_devconf.promote_secondaries || (in_dev)->cnf.promote_secondaries)
+
+ #define IN_DEV_RX_REDIRECTS(in_dev) \
+@@ -82,6 +88,8 @@
+ (ipv4_devconf.accept_redirects || (in_dev)->cnf.accept_redirects)))
+
+ #define IN_DEV_ARPFILTER(in_dev) (ipv4_devconf.arp_filter || (in_dev)->cnf.arp_filter)
++#define IN_DEV_LOOP(in_dev) ((in_dev)->cnf.loop)
++#define IN_DEV_FORWARD_SHARED(in_dev) ((in_dev)->cnf.forward_shared && ipv4_devconf.forward_shared)
+ #define IN_DEV_ARP_ANNOUNCE(in_dev) (max(ipv4_devconf.arp_announce, (in_dev)->cnf.arp_announce))
+ #define IN_DEV_ARP_IGNORE(in_dev) (max(ipv4_devconf.arp_ignore, (in_dev)->cnf.arp_ignore))
+
+diff -urN linux-2.6.20.orig/include/linux/netfilter_ipv4/ip_nat.h linux-2.6.20/include/linux/netfilter_ipv4/ip_nat.h
+--- linux-2.6.20.orig/include/linux/netfilter_ipv4/ip_nat.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/linux/netfilter_ipv4/ip_nat.h 2007-02-14 11:11:28.000000000 -0500
+@@ -63,6 +63,13 @@
+
+ struct ip_conntrack;
+
++/* Call input routing for SNAT-ed traffic */
++extern unsigned int ip_nat_route_input(unsigned int hooknum,
++ struct sk_buff **pskb,
++ const struct net_device *in,
++ const struct net_device *out,
++ int (*okfn)(struct sk_buff *));
++
+ /* Set up the info structure to map into this range. */
+ extern unsigned int ip_nat_setup_info(struct ip_conntrack *conntrack,
+ const struct ip_nat_range *range,
+diff -urN linux-2.6.20.orig/include/linux/rtnetlink.h linux-2.6.20/include/linux/rtnetlink.h
+--- linux-2.6.20.orig/include/linux/rtnetlink.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/linux/rtnetlink.h 2007-02-14 11:11:28.000000000 -0500
+@@ -97,6 +97,13 @@
+ RTM_SETNEIGHTBL,
+ #define RTM_SETNEIGHTBL RTM_SETNEIGHTBL
+
++ RTM_NEWARPRULE = 68,
++#define RTM_NEWARPRULE RTM_NEWARPRULE
++ RTM_DELARPRULE,
++#define RTM_DELARPRULE RTM_DELARPRULE
++ RTM_GETARPRULE,
++#define RTM_GETARPRULE RTM_GETARPRULE
++
+ __RTM_MAX,
+ #define RTM_MAX (((__RTM_MAX + 3) & ~3) - 1)
+ };
+@@ -293,6 +300,8 @@
+ #define RTNH_F_DEAD 1 /* Nexthop is dead (used by multipath) */
+ #define RTNH_F_PERVASIVE 2 /* Do recursive gateway lookup */
+ #define RTNH_F_ONLINK 4 /* Gateway is forced on link */
++#define RTNH_F_SUSPECT 8 /* We don't know the real state */
++#define RTNH_F_BADSTATE (RTNH_F_DEAD | RTNH_F_SUSPECT)
+
+ /* Macros to handle hexthops */
+
+@@ -477,6 +486,54 @@
+ #define TCA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct tcmsg))))
+ #define TCA_PAYLOAD(n) NLMSG_PAYLOAD(n,sizeof(struct tcmsg))
+
++/******************************************************************************
++ * Definitions used in ARP tables administration
++ ****/
++
++#define ARPA_TABLE_INPUT 0
++#define ARPA_TABLE_OUTPUT 1
++#define ARPA_TABLE_FORWARD 2
++#define ARPA_TABLE_ALL -1
++
++#define ARPM_F_PREFSRC 0x0001
++#define ARPM_F_WILDIIF 0x0002
++#define ARPM_F_WILDOIF 0x0004
++#define ARPM_F_BROADCAST 0x0008
++#define ARPM_F_UNICAST 0x0010
++
++struct arpmsg
++{
++ unsigned char arpm_family;
++ unsigned char arpm_table;
++ unsigned char arpm_action;
++ unsigned char arpm_from_len;
++ unsigned char arpm_to_len;
++ unsigned char arpm__pad1;
++ unsigned short arpm__pad2;
++ unsigned arpm_pref;
++ unsigned arpm_flags;
++};
++
++enum
++{
++ ARPA_UNSPEC,
++ ARPA_FROM, /* FROM IP prefix */
++ ARPA_TO, /* TO IP prefix */
++ ARPA_LLFROM, /* FROM LL prefix */
++ ARPA_LLTO, /* TO LL prefix */
++ ARPA_LLSRC, /* New SRC lladdr */
++ ARPA_LLDST, /* New DST lladdr */
++ ARPA_IIF, /* In interface prefix */
++ ARPA_OIF, /* Out interface prefix */
++ ARPA_SRC, /* New IP SRC */
++ ARPA_DST, /* New IP DST, not used */
++ ARPA_PACKETS, /* Packets */
++};
++
++#define ARPA_MAX ARPA_PACKETS
++
++#define ARPA_RTA(r) ((struct rtattr*)(((char*)(r)) + NLMSG_ALIGN(sizeof(struct arpmsg))))
++
+ #ifndef __KERNEL__
+ /* RTnetlink multicast groups - backwards compatibility for userspace */
+ #define RTMGRP_LINK 1
+@@ -497,6 +554,8 @@
+ #define RTMGRP_DECnet_IFADDR 0x1000
+ #define RTMGRP_DECnet_ROUTE 0x4000
+
++#define RTMGRP_ARP 0x00010000
++
+ #define RTMGRP_IPV6_PREFIX 0x20000
+ #endif
+
+@@ -540,6 +599,8 @@
+ #define RTNLGRP_IPV6_PREFIX RTNLGRP_IPV6_PREFIX
+ RTNLGRP_IPV6_RULE,
+ #define RTNLGRP_IPV6_RULE RTNLGRP_IPV6_RULE
++ RTNLGRP_ARP,
++#define RTNLGRP_ARP RTNLGRP_ARP
+ __RTNLGRP_MAX
+ };
+ #define RTNLGRP_MAX (__RTNLGRP_MAX - 1)
+diff -urN linux-2.6.20.orig/include/linux/sysctl.h linux-2.6.20/include/linux/sysctl.h
+--- linux-2.6.20.orig/include/linux/sysctl.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/linux/sysctl.h 2007-02-14 11:11:28.000000000 -0500
+@@ -483,6 +483,10 @@
+ NET_IPV4_CONF_ARP_IGNORE=19,
+ NET_IPV4_CONF_PROMOTE_SECONDARIES=20,
+ NET_IPV4_CONF_ARP_ACCEPT=21,
++ NET_IPV4_CONF_HIDDEN=22,
++ NET_IPV4_CONF_FORWARD_SHARED=23,
++ NET_IPV4_CONF_RP_FILTER_MASK=24,
++ NET_IPV4_CONF_LOOP=25,
+ __NET_IPV4_CONF_MAX
+ };
+
+diff -urN linux-2.6.20.orig/include/net/flow.h linux-2.6.20/include/net/flow.h
+--- linux-2.6.20.orig/include/net/flow.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/net/flow.h 2007-02-14 11:11:28.000000000 -0500
+@@ -19,6 +19,8 @@
+ struct {
+ __be32 daddr;
+ __be32 saddr;
++ __be32 lsrc;
++ __be32 gw;
+ __u8 tos;
+ __u8 scope;
+ } ip4_u;
+@@ -43,6 +45,8 @@
+ #define fl6_flowlabel nl_u.ip6_u.flowlabel
+ #define fl4_dst nl_u.ip4_u.daddr
+ #define fl4_src nl_u.ip4_u.saddr
++#define fl4_lsrc nl_u.ip4_u.lsrc
++#define fl4_gw nl_u.ip4_u.gw
+ #define fl4_tos nl_u.ip4_u.tos
+ #define fl4_scope nl_u.ip4_u.scope
+
+diff -urN linux-2.6.20.orig/include/net/ip_fib.h linux-2.6.20/include/net/ip_fib.h
+--- linux-2.6.20.orig/include/net/ip_fib.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/net/ip_fib.h 2007-02-14 11:11:28.000000000 -0500
+@@ -196,7 +196,8 @@
+
+ static inline void fib_select_default(const struct flowi *flp, struct fib_result *res)
+ {
+- if (FIB_RES_GW(*res) && FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK)
++ if ((FIB_RES_GW(*res) && FIB_RES_NH(*res).nh_scope == RT_SCOPE_LINK) ||
++ FIB_RES_NH(*res).nh_scope == RT_SCOPE_HOST)
+ ip_fib_main_table->tb_select_default(ip_fib_main_table, flp, res);
+ }
+
+@@ -209,6 +210,7 @@
+ extern struct fib_table *fib_new_table(u32 id);
+ extern struct fib_table *fib_get_table(u32 id);
+ extern void fib_select_default(const struct flowi *flp, struct fib_result *res);
++extern int fib_result_table(struct fib_result *res);
+
+ #endif /* CONFIG_IP_MULTIPLE_TABLES */
+
+@@ -220,7 +222,7 @@
+ extern int inet_rtm_getroute(struct sk_buff *skb, struct nlmsghdr* nlh, void *arg);
+ extern int inet_dump_fib(struct sk_buff *skb, struct netlink_callback *cb);
+ extern int fib_validate_source(__be32 src, __be32 dst, u8 tos, int oif,
+- struct net_device *dev, __be32 *spec_dst, u32 *itag);
++ struct net_device *dev, __be32 *spec_dst, u32 *itag, int our);
+ extern void fib_select_multipath(const struct flowi *flp, struct fib_result *res);
+
+ struct rtentry;
+@@ -284,4 +286,6 @@
+ extern void fib_proc_exit(void);
+ #endif
+
++extern rwlock_t fib_nhflags_lock;
++
+ #endif /* _NET_FIB_H */
+diff -urN linux-2.6.20.orig/include/net/netfilter/nf_nat.h linux-2.6.20/include/net/netfilter/nf_nat.h
+--- linux-2.6.20.orig/include/net/netfilter/nf_nat.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/net/netfilter/nf_nat.h 2007-02-14 11:11:28.000000000 -0500
+@@ -60,6 +60,13 @@
+
+ struct nf_conn;
+
++/* Call input routing for SNAT-ed traffic */
++extern unsigned int ip_nat_route_input(unsigned int hooknum,
++ struct sk_buff **pskb,
++ const struct net_device *in,
++ const struct net_device *out,
++ int (*okfn)(struct sk_buff *));
++
+ /* Set up the info structure to map into this range. */
+ extern unsigned int nf_nat_setup_info(struct nf_conn *ct,
+ const struct nf_nat_range *range,
+diff -urN linux-2.6.20.orig/include/net/route.h linux-2.6.20/include/net/route.h
+--- linux-2.6.20.orig/include/net/route.h 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/include/net/route.h 2007-02-14 11:11:28.000000000 -0500
+@@ -117,6 +117,7 @@
+ extern int ip_route_output_key(struct rtable **, struct flowi *flp);
+ extern int ip_route_output_flow(struct rtable **rp, struct flowi *flp, struct sock *sk, int flags);
+ extern int ip_route_input(struct sk_buff*, __be32 dst, __be32 src, u8 tos, struct net_device *devin);
++extern int ip_route_input_lookup(struct sk_buff*, __be32 dst, __be32 src, u8 tos, struct net_device *devin, __be32 lsrc);
+ extern unsigned short ip_rt_frag_needed(struct iphdr *iph, unsigned short new_mtu);
+ extern void ip_rt_send_redirect(struct sk_buff *skb);
+
+diff -urN linux-2.6.20.orig/net/core/rtnetlink.c linux-2.6.20/net/core/rtnetlink.c
+--- linux-2.6.20.orig/net/core/rtnetlink.c 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/net/core/rtnetlink.c 2007-02-14 11:11:28.000000000 -0500
+@@ -110,6 +110,7 @@
+ [RTM_FAM(RTM_NEWACTION)] = NLMSG_LENGTH(sizeof(struct tcamsg)),
+ [RTM_FAM(RTM_GETMULTICAST)] = NLMSG_LENGTH(sizeof(struct rtgenmsg)),
+ [RTM_FAM(RTM_GETANYCAST)] = NLMSG_LENGTH(sizeof(struct rtgenmsg)),
++ [RTM_FAM(RTM_GETARPRULE)] = NLMSG_LENGTH(sizeof(struct arpmsg)),
+ };
+
+ static const int rta_max[RTM_NR_FAMILIES] =
+@@ -122,6 +123,7 @@
+ [RTM_FAM(RTM_NEWTCLASS)] = TCA_MAX,
+ [RTM_FAM(RTM_NEWTFILTER)] = TCA_MAX,
+ [RTM_FAM(RTM_NEWACTION)] = TCAA_MAX,
++ [RTM_FAM(RTM_GETARPRULE)] = ARPA_MAX,
+ };
+
+ void __rta_fill(struct sk_buff *skb, int attrtype, int attrlen, const void *data)
+diff -urN linux-2.6.20.orig/net/ipv4/arp.c linux-2.6.20/net/ipv4/arp.c
+--- linux-2.6.20.orig/net/ipv4/arp.c 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/net/ipv4/arp.c 2007-02-14 11:11:28.000000000 -0500
+@@ -72,6 +72,9 @@
+ * bonding can change the skb before
+ * sending (e.g. insert 8021q tag).
+ * Harald Welte : convert to make use of jenkins hash
++ * Julian Anastasov: "hidden" flag: hide the
++ * interface and don't reply for it
++ * Julian Anastasov: ARP filtering via netlink
+ */
+
+ #include <linux/module.h>
+@@ -96,6 +99,7 @@
+ #include <linux/proc_fs.h>
+ #include <linux/seq_file.h>
+ #include <linux/stat.h>
++#include <net/netlink.h>
+ #include <linux/init.h>
+ #include <linux/net.h>
+ #include <linux/rcupdate.h>
+@@ -203,6 +207,47 @@
+ .gc_thresh3 = 1024,
+ };
+
++struct arpf_node {
++ struct arpf_node * at_next;
++ u32 at_pref;
++ u32 at_from;
++ u32 at_from_mask;
++ u32 at_to;
++ u32 at_to_mask;
++ u32 at_src;
++ atomic_t at_packets;
++ atomic_t at_refcnt;
++ unsigned at_flags;
++ unsigned char at_from_len;
++ unsigned char at_to_len;
++ unsigned char at_action;
++ char at_dead;
++ unsigned char at_llfrom_len;
++ unsigned char at_llto_len;
++ unsigned char at_llsrc_len;
++ unsigned char at_lldst_len;
++ unsigned char at_iif_len;
++ unsigned char at_oif_len;
++ unsigned short at__pad1;
++ unsigned char at_llfrom[MAX_ADDR_LEN];
++ unsigned char at_llto[MAX_ADDR_LEN];
++ unsigned char at_llsrc[MAX_ADDR_LEN];
++ unsigned char at_lldst[MAX_ADDR_LEN];
++ char at_iif[IFNAMSIZ];
++ char at_oif[IFNAMSIZ];
++};
++
++static struct arpf_node *arp_tabs[3];
++
++static struct kmem_cache *arpf_cachep;
++
++static rwlock_t arpf_lock = RW_LOCK_UNLOCKED;
++
++static void
++arpf_send(int table, struct sk_buff *skb, u32 sip, u32 tip,
++ unsigned char *from_hw, unsigned char *to_hw,
++ struct net_device *idev, struct net_device *odev);
++
+ int arp_mc_map(__be32 addr, u8 *haddr, struct net_device *dev, int dir)
+ {
+ switch (dev->type) {
+@@ -336,21 +381,35 @@
+ __be32 target = *(__be32*)neigh->primary_key;
+ int probes = atomic_read(&neigh->probes);
+ struct in_device *in_dev = in_dev_get(dev);
++ struct in_device *in_dev2 = NULL;
++ struct net_device *dev2 = NULL;
++ int mode;
++ unsigned char tha[MAX_ADDR_LEN];
+
+ if (!in_dev)
+ return;
+
+- switch (IN_DEV_ARP_ANNOUNCE(in_dev)) {
++ mode = IN_DEV_ARP_ANNOUNCE(in_dev);
++ if (mode != 2 && skb && (dev2 = ip_dev_find(skb->nh.iph->saddr)) != NULL &&
++ (saddr = skb->nh.iph->saddr, in_dev2 = in_dev_get(dev2)) != NULL &&
++ IN_DEV_HIDDEN(in_dev2)) {
++ saddr = 0;
++ goto get;
++ }
++
++ switch (mode) {
+ default:
+ case 0: /* By default announce any local IP */
++ if (saddr)
++ break;
+ if (skb && inet_addr_type(skb->nh.iph->saddr) == RTN_LOCAL)
+ saddr = skb->nh.iph->saddr;
+ break;
+ case 1: /* Restrict announcements of saddr in same subnet */
+ if (!skb)
+ break;
+- saddr = skb->nh.iph->saddr;
+- if (inet_addr_type(saddr) == RTN_LOCAL) {
++ if (saddr || (saddr = skb->nh.iph->saddr,
++ inet_addr_type(saddr) == RTN_LOCAL)) {
+ /* saddr should be known to target */
+ if (inet_addr_onlink(in_dev, target, saddr))
+ break;
+@@ -361,6 +420,12 @@
+ break;
+ }
+
++get:
++ if (dev2) {
++ if (in_dev2)
++ in_dev_put(in_dev2);
++ dev_put(dev2);
++ }
+ if (in_dev)
+ in_dev_put(in_dev);
+ if (!saddr)
+@@ -369,8 +434,10 @@
+ if ((probes -= neigh->parms->ucast_probes) < 0) {
+ if (!(neigh->nud_state&NUD_VALID))
+ printk(KERN_DEBUG "trying to ucast probe in NUD_INVALID\n");
+- dst_ha = neigh->ha;
++ dst_ha = tha;
+ read_lock_bh(&neigh->lock);
++ memcpy(dst_ha, neigh->ha, dev->addr_len);
++ read_unlock_bh(&neigh->lock);
+ } else if ((probes -= neigh->parms->app_probes) < 0) {
+ #ifdef CONFIG_ARPD
+ neigh_app_ns(neigh);
+@@ -378,10 +445,7 @@
+ return;
+ }
+
+- arp_send(ARPOP_REQUEST, ETH_P_ARP, target, dev, saddr,
+- dst_ha, dev->dev_addr, NULL);
+- if (dst_ha)
+- read_unlock_bh(&neigh->lock);
++ arpf_send(ARPA_TABLE_OUTPUT,skb,saddr,target,NULL,dst_ha,NULL,dev);
+ }
+
+ static int arp_ignore(struct in_device *in_dev, struct net_device *dev,
+@@ -438,6 +502,26 @@
+ return flag;
+ }
+
++static int arp_hidden(u32 tip, struct net_device *dev)
++{
++ struct net_device *dev2 = NULL;
++ struct in_device *in_dev2 = NULL;
++ int ret = 0;
++
++ if (!ipv4_devconf.hidden)
++ return 0;
++
++ if ((dev2 = ip_dev_find(tip)) && dev2 != dev &&
++ (in_dev2 = in_dev_get(dev2)) && IN_DEV_HIDDEN(in_dev2))
++ ret = 1;
++ if (dev2) {
++ if (in_dev2)
++ in_dev_put(in_dev2);
++ dev_put(dev2);
++ }
++ return ret;
++}
++
+ /* OBSOLETE FUNCTIONS */
+
+ /*
+@@ -826,8 +910,9 @@
+ if (sip == 0) {
+ if (arp->ar_op == htons(ARPOP_REQUEST) &&
+ inet_addr_type(tip) == RTN_LOCAL &&
++ !arp_hidden(tip, dev) &&
+ !arp_ignore(in_dev,dev,sip,tip))
+- arp_send(ARPOP_REPLY,ETH_P_ARP,tip,dev,tip,sha,dev->dev_addr,dev->dev_addr);
++ arpf_send(ARPA_TABLE_INPUT,skb,sip,tip,sha,tha,dev,NULL);
+ goto out;
+ }
+
+@@ -846,8 +931,11 @@
+ dont_send |= arp_ignore(in_dev,dev,sip,tip);
+ if (!dont_send && IN_DEV_ARPFILTER(in_dev))
+ dont_send |= arp_filter(sip,tip,dev);
++ if (!dont_send && skb->pkt_type != PACKET_HOST)
++ dont_send |= arp_hidden(tip,dev);
+ if (!dont_send)
+- arp_send(ARPOP_REPLY,ETH_P_ARP,sip,dev,tip,sha,dev->dev_addr,sha);
++ arpf_send(ARPA_TABLE_INPUT,skb,
++ sip,tip,sha,tha,dev,NULL);
+
+ neigh_release(n);
+ }
+@@ -863,7 +951,9 @@
+ if (NEIGH_CB(skb)->flags & LOCALLY_ENQUEUED ||
+ skb->pkt_type == PACKET_HOST ||
+ in_dev->arp_parms->proxy_delay == 0) {
+- arp_send(ARPOP_REPLY,ETH_P_ARP,sip,dev,tip,sha,dev->dev_addr,sha);
++ arpf_send(ARPA_TABLE_FORWARD,skb,
++ sip,tip,sha,tha,dev,
++ rt->u.dst.dev);
+ } else {
+ pneigh_enqueue(&arp_tbl, in_dev->arp_parms, skb);
+ in_dev_put(in_dev);
+@@ -1227,6 +1317,559 @@
+ }
+
+
++static void arpf_destroy(struct arpf_node *afp)
++{
++ if (!afp->at_dead) {
++ printk(KERN_ERR "Destroying alive arp table node %p from %08lx\n", afp,
++ *(((unsigned long*)&afp)-1));
++ return;
++ }
++ kmem_cache_free(arpf_cachep, afp);
++}
++
++static inline void arpf_put(struct arpf_node *afp)
++{
++ if (atomic_dec_and_test(&afp->at_refcnt))
++ arpf_destroy(afp);
++}
++
++static inline struct arpf_node *
++arpf_lookup(int table, struct sk_buff *skb, u32 sip, u32 tip,
++ unsigned char *from_hw, unsigned char *to_hw,
++ struct net_device *idev, struct net_device *odev)
++{
++ int sz_iif = idev? strlen(idev->name) : 0;
++ int sz_oif = odev? strlen(odev->name) : 0;
++ int alen;
++ struct arpf_node *afp;
++
++ if (ARPA_TABLE_OUTPUT != table) {
++ alen = idev->addr_len;
++ } else {
++ if (!from_hw) from_hw = odev->dev_addr;
++ if (!to_hw) to_hw = odev->broadcast;
++ alen = odev->addr_len;
++ }
++
++ read_lock(&arpf_lock);
++ for (afp = arp_tabs[table]; afp; afp = afp->at_next) {
++ if ((tip ^ afp->at_to) & afp->at_to_mask)
++ continue;
++ if ((sip ^ afp->at_from) & afp->at_from_mask)
++ continue;
++ if (afp->at_llfrom_len &&
++ (afp->at_llfrom_len > alen ||
++ memcmp(from_hw, afp->at_llfrom, afp->at_llfrom_len)))
++ continue;
++ if (afp->at_llto_len &&
++ (afp->at_llto_len > alen ||
++ memcmp(to_hw, afp->at_llto, afp->at_llto_len)))
++ continue;
++ if (afp->at_iif_len &&
++ (afp->at_iif_len > sz_iif ||
++ memcmp(afp->at_iif, idev->name, afp->at_iif_len) ||
++ (sz_iif != afp->at_iif_len &&
++ !(afp->at_flags & ARPM_F_WILDIIF))))
++ continue;
++ if (afp->at_oif_len &&
++ (afp->at_oif_len > sz_oif ||
++ memcmp(afp->at_oif, odev->name, afp->at_oif_len) ||
++ (sz_oif != afp->at_oif_len &&
++ !(afp->at_flags & ARPM_F_WILDOIF))))
++ continue;
++ if (afp->at_flags & ARPM_F_BROADCAST &&
++ skb->pkt_type == PACKET_HOST)
++ continue;
++ if (afp->at_flags & ARPM_F_UNICAST &&
++ skb->pkt_type != PACKET_HOST)
++ continue;
++ if (afp->at_llsrc_len && afp->at_llsrc_len != alen)
++ continue;
++ if (afp->at_lldst_len && afp->at_lldst_len != alen)
++ continue;
++ atomic_inc(&afp->at_packets);
++ break;
++ }
++ read_unlock(&arpf_lock);
++ return afp;
++}
++
++static void
++arpf_send(int table, struct sk_buff *skb, u32 sip, u32 tip,
++ unsigned char *from_hw, unsigned char *to_hw,
++ struct net_device *idev, struct net_device *odev)
++{
++ struct arpf_node *afp = NULL;
++
++ if (!arp_tabs[table] ||
++ !(afp = arpf_lookup(table, skb, sip, tip,
++ from_hw, to_hw, idev, odev))) {
++ switch (table) {
++ case ARPA_TABLE_INPUT:
++ if (!sip) {
++ arp_send(ARPOP_REPLY, ETH_P_ARP, tip, idev, tip,
++ from_hw, idev->dev_addr,
++ idev->dev_addr);
++ break;
++ }
++ /* continue */
++ case ARPA_TABLE_FORWARD:
++ arp_send(ARPOP_REPLY, ETH_P_ARP, sip, idev, tip,
++ from_hw, idev->dev_addr, from_hw);
++ break;
++ case ARPA_TABLE_OUTPUT:
++ arp_send(ARPOP_REQUEST, ETH_P_ARP, tip, odev, sip,
++ to_hw, odev->dev_addr, NULL);
++ break;
++ }
++ return;
++ }
++
++ /* deny? */
++ if (!afp->at_action) goto out;
++
++ switch (table) {
++ case ARPA_TABLE_INPUT:
++ if (!sip) {
++ arp_send(ARPOP_REPLY, ETH_P_ARP, tip, idev, tip,
++ from_hw,
++ afp->at_llsrc_len?afp->at_llsrc:idev->dev_addr,
++ afp->at_llsrc_len?afp->at_llsrc:idev->dev_addr);
++ break;
++ }
++ /* continue */
++ case ARPA_TABLE_FORWARD:
++ arp_send(ARPOP_REPLY, ETH_P_ARP, sip, idev, tip,
++ afp->at_lldst_len?afp->at_lldst:from_hw,
++ afp->at_llsrc_len?afp->at_llsrc:idev->dev_addr,
++ afp->at_lldst_len?afp->at_lldst:from_hw);
++ break;
++ case ARPA_TABLE_OUTPUT:
++ if (afp->at_flags & ARPM_F_PREFSRC && afp->at_src == 0) {
++ struct rtable *rt;
++ struct flowi fl = { .nl_u = { .ip4_u = { .daddr = tip}},
++ .oif = odev->ifindex };
++
++ if (ip_route_output_key(&rt, &fl) < 0)
++ break;
++ sip = rt->rt_src;
++ ip_rt_put(rt);
++ if (!sip)
++ break;
++ }
++ arp_send(ARPOP_REQUEST, ETH_P_ARP, tip, odev, afp->at_src?:sip,
++ afp->at_lldst_len?afp->at_lldst:to_hw,
++ afp->at_llsrc_len?afp->at_llsrc:odev->dev_addr,
++ NULL);
++ break;
++ }
++
++out:
++ arpf_put(afp);
++}
++
++static int
++arpf_fill_node(struct sk_buff *skb, u32 pid, u32 seq, unsigned flags,
++ int event, int table, struct arpf_node *afp)
++{
++ struct arpmsg *am;
++ struct nlmsghdr *nlh;
++ u32 packets = atomic_read(&afp->at_packets);
++
++ nlh = nlmsg_put(skb, pid, seq, event, sizeof(*am), 0);
++ if (nlh == NULL)
++ return -ENOBUFS;
++ nlh->nlmsg_flags = flags;
++ am = nlmsg_data(nlh);
++ am->arpm_family = AF_UNSPEC;
++ am->arpm_table = table;
++ am->arpm_action = afp->at_action;
++ am->arpm_from_len = afp->at_from_len;
++ am->arpm_to_len = afp->at_to_len;
++ am->arpm_pref = afp->at_pref;
++ am->arpm_flags = afp->at_flags;
++ if (afp->at_from_len)
++ NLA_PUT(skb, ARPA_FROM, 4, &afp->at_from);
++ if (afp->at_to_len)
++ NLA_PUT(skb, ARPA_TO, 4, &afp->at_to);
++ if (afp->at_src || afp->at_flags & ARPM_F_PREFSRC)
++ NLA_PUT(skb, ARPA_SRC, 4, &afp->at_src);
++ if (afp->at_iif[0])
++ NLA_PUT(skb, ARPA_IIF, sizeof(afp->at_iif), afp->at_iif);
++ if (afp->at_oif[0])
++ NLA_PUT(skb, ARPA_OIF, sizeof(afp->at_oif), afp->at_oif);
++ if (afp->at_llfrom_len)
++ NLA_PUT(skb, ARPA_LLFROM, afp->at_llfrom_len, afp->at_llfrom);
++ if (afp->at_llto_len)
++ NLA_PUT(skb, ARPA_LLTO, afp->at_llto_len, afp->at_llto);
++ if (afp->at_llsrc_len)
++ NLA_PUT(skb, ARPA_LLSRC, afp->at_llsrc_len, afp->at_llsrc);
++ if (afp->at_lldst_len)
++ NLA_PUT(skb, ARPA_LLDST, afp->at_lldst_len, afp->at_lldst);
++ NLA_PUT(skb, ARPA_PACKETS, 4, &packets);
++ return nlmsg_end(skb, nlh);
++
++nla_put_failure:
++ return nlmsg_cancel(skb, nlh);
++}
++
++static void
++arpmsg_notify(struct sk_buff *oskb, struct nlmsghdr *nlh, int table,
++ struct arpf_node *afp, int event)
++{
++ struct sk_buff *skb;
++ u32 pid = oskb ? NETLINK_CB(oskb).pid : 0;
++ int payload = sizeof(struct arpmsg) + 256;
++ int err = -ENOBUFS;
++
++ skb = nlmsg_new(nlmsg_total_size(payload), GFP_KERNEL);
++ if (!skb)
++ goto errout;
++
++ err = arpf_fill_node(skb, pid, nlh->nlmsg_seq, 0, event, table, afp);
++ if (err < 0) {
++ kfree_skb(skb);
++ goto errout;
++ }
++
++ err = rtnl_notify(skb, pid, RTNLGRP_ARP, nlh, GFP_KERNEL);
++errout:
++ if (err < 0)
++ rtnl_set_sk_err(RTNLGRP_ARP, err);
++}
++
++static inline int
++arpf_str_size(int a, struct rtattr **rta, int maxlen)
++{
++ int size = 0;
++
++ if (rta[a-1] && (size = RTA_PAYLOAD(rta[a-1]))) {
++ if (size > maxlen)
++ size = maxlen;
++ }
++ return size;
++}
++
++static inline int
++arpf_get_str(int a, struct rtattr **rta, unsigned char *p,
++ int maxlen, unsigned char *l)
++{
++ int size = arpf_str_size(a, rta, maxlen);
++
++ if (size) {
++ memcpy(p, RTA_DATA(rta[a-1]), size);
++ *l = size;
++ }
++ return size;
++}
++
++#define ARPF_MATCH_U32(ind, field) ( \
++ (!rta[ind-1] && r->at_ ## field == 0) || \
++ (rta[ind-1] && \
++ *(u32*) RTA_DATA(rta[ind-1]) == r->at_ ## field))
++
++#define ARPF_MATCH_STR(ind, field) ( \
++ (!rta[ind-1] && r->at_ ## field ## _len == 0) || \
++ (rta[ind-1] && r->at_ ## field ## _len && \
++ r->at_ ## field ## _len < RTA_PAYLOAD(rta[ind-1]) && \
++ strcmp(RTA_DATA(rta[ind-1]), r->at_ ## field) == 0))
++
++#define ARPF_MATCH_DATA(ind, field) ( \
++ (!rta[ind-1] && r->at_ ## field ## _len == 0) || \
++ (rta[ind-1] && r->at_ ## field ## _len && \
++ r->at_ ## field ## _len == RTA_PAYLOAD(rta[ind-1]) && \
++ memcmp(RTA_DATA(rta[ind-1]), &r->at_ ## field, \
++ r->at_ ## field ## _len) == 0))
++
++/* RTM_NEWARPRULE/RTM_DELARPRULE/RTM_GETARPRULE */
++
++int arpf_rule_ctl(struct sk_buff *skb, struct nlmsghdr* n, void *arg)
++{
++ struct rtattr **rta = arg;
++ struct arpmsg *am = NLMSG_DATA(n);
++ struct arpf_node *r, **rp, **prevp = 0, **delp = 0, *newp = 0;
++ unsigned pref = 1;
++ int size, ret = -EINVAL;
++
++ if (am->arpm_table >= sizeof(arp_tabs)/sizeof(arp_tabs[0]))
++ goto out;
++ if (!((~am->arpm_flags) & (ARPM_F_BROADCAST|ARPM_F_UNICAST)))
++ goto out;
++ if (am->arpm_action > 1)
++ goto out;
++ if (am->arpm_to_len > 32 || am->arpm_from_len > 32)
++ goto out;
++ if (am->arpm_flags & ARPM_F_WILDIIF &&
++ (!rta[ARPA_IIF-1] || !RTA_PAYLOAD(rta[ARPA_IIF-1]) ||
++ !*(char*)RTA_DATA(rta[ARPA_IIF-1])))
++ am->arpm_flags &= ~ARPM_F_WILDIIF;
++ if (am->arpm_flags & ARPM_F_WILDOIF &&
++ (!rta[ARPA_OIF-1] || !RTA_PAYLOAD(rta[ARPA_OIF-1]) ||
++ !*(char*)RTA_DATA(rta[ARPA_OIF-1])))
++ am->arpm_flags &= ~ARPM_F_WILDOIF;
++ switch (am->arpm_table) {
++ case ARPA_TABLE_INPUT:
++ if (rta[ARPA_SRC-1] || rta[ARPA_OIF-1])
++ goto out;
++ break;
++ case ARPA_TABLE_OUTPUT:
++ if (rta[ARPA_IIF-1])
++ goto out;
++ if (am->arpm_flags & (ARPM_F_BROADCAST|ARPM_F_UNICAST))
++ goto out;
++ break;
++ case ARPA_TABLE_FORWARD:
++ if (rta[ARPA_SRC-1])
++ goto out;
++ break;
++ }
++ if (rta[ARPA_SRC-1] && !*(u32*) RTA_DATA(rta[ARPA_SRC-1]))
++ am->arpm_flags |= ARPM_F_PREFSRC;
++ else
++ am->arpm_flags &= ~ARPM_F_PREFSRC;
++
++ for (rp = &arp_tabs[am->arpm_table]; (r=*rp) != NULL; rp=&r->at_next) {
++ if (pref < r->at_pref)
++ prevp = rp;
++ if (am->arpm_pref == r->at_pref ||
++ (!am->arpm_pref &&
++ am->arpm_to_len == r->at_to_len &&
++ am->arpm_from_len == r->at_from_len &&
++ !((am->arpm_flags ^ r->at_flags) &
++ (ARPM_F_BROADCAST | ARPM_F_UNICAST |
++ ARPM_F_WILDIIF | ARPM_F_WILDOIF)) &&
++ ARPF_MATCH_U32(ARPA_TO, to) &&
++ ARPF_MATCH_U32(ARPA_FROM, from) &&
++ ARPF_MATCH_DATA(ARPA_LLFROM, llfrom) &&
++ ARPF_MATCH_DATA(ARPA_LLTO, llto) &&
++ ARPF_MATCH_STR(ARPA_IIF, iif) &&
++ ARPF_MATCH_STR(ARPA_OIF, oif) &&
++ (n->nlmsg_type != RTM_DELARPRULE ||
++ /* DEL matches more keys */
++ (am->arpm_flags == r->at_flags &&
++ am->arpm_action == r->at_action &&
++ ARPF_MATCH_U32(ARPA_SRC, src) &&
++ ARPF_MATCH_DATA(ARPA_LLSRC, llsrc) &&
++ ARPF_MATCH_DATA(ARPA_LLDST, lldst)
++ )
++ )
++ )
++ )
++ break;
++ if (am->arpm_pref && r->at_pref > am->arpm_pref) {
++ r = NULL;
++ break;
++ }
++ pref = r->at_pref+1;
++ }
++
++ /*
++ * r=NULL: *rp != NULL (stopped before next pref), pref: not valid
++ * *rp == NULL (not found), pref: ready to use
++ * r!=NULL: found, pref: not valid
++ *
++ * prevp=NULL: no free slot
++ * prevp!=NULL: free slot for rule
++ */
++
++ if (n->nlmsg_type == RTM_DELARPRULE) {
++ if (!r)
++ return -ESRCH;
++ delp = rp;
++ goto dequeue;
++ }
++
++ if (r) {
++ /* Existing rule */
++ ret = -EEXIST;
++ if (n->nlmsg_flags&NLM_F_EXCL)
++ goto out;
++
++ if (n->nlmsg_flags&NLM_F_REPLACE) {
++ pref = r->at_pref;
++ prevp = delp = rp;
++ goto replace;
++ }
++ }
++
++ if (n->nlmsg_flags&NLM_F_APPEND) {
++ if (r) {
++ pref = r->at_pref+1;
++ for (rp=&r->at_next; (r=*rp) != NULL; rp=&r->at_next) {
++ if (pref != r->at_pref)
++ break;
++ pref ++;
++ }
++ ret = -EBUSY;
++ if (!pref)
++ goto out;
++ } else if (am->arpm_pref)
++ pref = am->arpm_pref;
++ prevp = rp;
++ }
++
++ if (!(n->nlmsg_flags&NLM_F_CREATE)) {
++ ret = -ENOENT;
++ if (n->nlmsg_flags&NLM_F_EXCL || r)
++ ret = 0;
++ goto out;
++ }
++
++ if (!(n->nlmsg_flags&NLM_F_APPEND)) {
++ if (!prevp) {
++ ret = -EBUSY;
++ if (r || *rp ||
++ (!am->arpm_pref && arp_tabs[am->arpm_table]))
++ goto out;
++ prevp = rp;
++ pref = am->arpm_pref? : 99;
++ } else {
++ if (r || !am->arpm_pref) {
++ pref = (*prevp)->at_pref - 1;
++ if (am->arpm_pref && am->arpm_pref < pref)
++ pref = am->arpm_pref;
++ } else {
++ prevp = rp;
++ pref = am->arpm_pref;
++ }
++ }
++ }
++
++replace:
++
++ ret = -ENOMEM;
++ r = kmem_cache_alloc(arpf_cachep, GFP_KERNEL);
++ if (!r)
++ return ret;
++ memset(r, 0, sizeof(*r));
++
++ arpf_get_str(ARPA_LLFROM, rta, r->at_llfrom, MAX_ADDR_LEN,
++ &r->at_llfrom_len);
++ arpf_get_str(ARPA_LLTO, rta, r->at_llto, MAX_ADDR_LEN,
++ &r->at_llto_len);
++ arpf_get_str(ARPA_LLSRC, rta, r->at_llsrc, MAX_ADDR_LEN,
++ &r->at_llsrc_len);
++ arpf_get_str(ARPA_LLDST, rta, r->at_lldst, MAX_ADDR_LEN,
++ &r->at_lldst_len);
++
++ if (delp)
++ r->at_next = (*delp)->at_next;
++ else if (*prevp)
++ r->at_next = *prevp;
++
++ r->at_pref = pref;
++ r->at_from_len = am->arpm_from_len;
++ r->at_from_mask = inet_make_mask(r->at_from_len);
++ if (rta[ARPA_FROM-1])
++ r->at_from = *(u32*) RTA_DATA(rta[ARPA_FROM-1]);
++ r->at_from &= r->at_from_mask;
++ r->at_to_len = am->arpm_to_len;
++ r->at_to_mask = inet_make_mask(r->at_to_len);
++ if (rta[ARPA_TO-1])
++ r->at_to = *(u32*) RTA_DATA(rta[ARPA_TO-1]);
++ r->at_to &= r->at_to_mask;
++ if (rta[ARPA_SRC-1])
++ r->at_src = *(u32*) RTA_DATA(rta[ARPA_SRC-1]);
++ if (rta[ARPA_PACKETS-1]) {
++ u32 packets = *(u32*) RTA_DATA(rta[ARPA_PACKETS-1]);
++ atomic_set(&r->at_packets, packets);
++ }
++ atomic_set(&r->at_refcnt, 1);
++ r->at_flags = am->arpm_flags;
++ r->at_action = am->arpm_action;
++
++ if (rta[ARPA_IIF-1] && (size = RTA_PAYLOAD(rta[ARPA_IIF-1]))) {
++ if (size >= sizeof(r->at_iif))
++ size = sizeof(r->at_iif)-1;
++ memcpy(r->at_iif, RTA_DATA(rta[ARPA_IIF-1]), size);
++ r->at_iif_len = strlen(r->at_iif);
++ }
++ if (rta[ARPA_OIF-1] && (size = RTA_PAYLOAD(rta[ARPA_OIF-1]))) {
++ if (size >= sizeof(r->at_oif))
++ size = sizeof(r->at_oif)-1;
++ memcpy(r->at_oif, RTA_DATA(rta[ARPA_OIF-1]), size);
++ r->at_oif_len = strlen(r->at_oif);
++ }
++
++ newp = r;
++
++dequeue:
++
++ if (delp) {
++ r = *delp;
++ write_lock_bh(&arpf_lock);
++ if (newp) {
++ if (!rta[ARPA_PACKETS-1])
++ atomic_set(&newp->at_packets,
++ atomic_read(&r->at_packets));
++ *delp = newp;
++ } else {
++ *delp = r->at_next;
++ }
++ r->at_dead = 1;
++ write_unlock_bh(&arpf_lock);
++ arpmsg_notify(skb, n, am->arpm_table, r, RTM_DELARPRULE);
++ arpf_put(r);
++ prevp = 0;
++ }
++
++ if (newp) {
++ if (prevp) {
++ write_lock_bh(&arpf_lock);
++ *prevp = newp;
++ write_unlock_bh(&arpf_lock);
++ }
++ arpmsg_notify(skb, n, am->arpm_table, newp, RTM_NEWARPRULE);
++ }
++
++ ret = 0;
++
++out:
++ return ret;
++}
++
++int arpf_dump_table(int t, struct sk_buff *skb, struct netlink_callback *cb)
++{
++ int idx, ret = -1;
++ struct arpf_node *afp;
++ int s_idx = cb->args[1];
++
++ for (idx=0, afp = arp_tabs[t]; afp; afp = afp->at_next, idx++) {
++ if (idx < s_idx)
++ continue;
++ if (arpf_fill_node(skb, NETLINK_CB(cb->skb).pid,
++ cb->nlh->nlmsg_seq, NLM_F_MULTI, RTM_NEWARPRULE, t, afp) < 0)
++ goto out;
++ }
++
++ ret = skb->len;
++
++out:
++ cb->args[1] = idx;
++
++ return ret;
++}
++
++int arpf_dump_rules(struct sk_buff *skb, struct netlink_callback *cb)
++{
++ int idx;
++ int s_idx = cb->args[0];
++
++ read_lock_bh(&arpf_lock);
++ for (idx = 0; idx < sizeof(arp_tabs)/sizeof(arp_tabs[0]); idx++) {
++ if (idx < s_idx)
++ continue;
++ if (idx > s_idx)
++ memset(&cb->args[1], 0, sizeof(cb->args)-1*sizeof(cb->args[0]));
++ if (arpf_dump_table(idx, skb, cb) < 0)
++ break;
++ }
++ read_unlock_bh(&arpf_lock);
++ cb->args[0] = idx;
++
++ return skb->len;
++}
++
+ /*
+ * Called once on startup.
+ */
+@@ -1240,6 +1883,20 @@
+
+ void __init arp_init(void)
+ {
++ struct rtnetlink_link *link_p = rtnetlink_links[PF_UNSPEC];
++
++ arpf_cachep = kmem_cache_create("ip_arpf_cache",
++ sizeof(struct arpf_node), 0,
++ SLAB_HWCACHE_ALIGN, NULL, NULL);
++ if (!arpf_cachep)
++ panic("IP: failed to allocate ip_arpf_cache\n");
++
++ if (link_p) {
++ link_p[RTM_NEWARPRULE-RTM_BASE].doit = arpf_rule_ctl;
++ link_p[RTM_DELARPRULE-RTM_BASE].doit = arpf_rule_ctl;
++ link_p[RTM_GETARPRULE-RTM_BASE].dumpit = arpf_dump_rules;
++ }
++
+ neigh_table_init(&arp_tbl);
+
+ dev_add_pack(&arp_packet_type);
+diff -urN linux-2.6.20.orig/net/ipv4/devinet.c linux-2.6.20/net/ipv4/devinet.c
+--- linux-2.6.20.orig/net/ipv4/devinet.c 2007-02-04 13:44:54.000000000 -0500
++++ linux-2.6.20/net/ipv4/devinet.c 2007-02-14 11:11:28.000000000 -0500
+@@ -915,7 +915,8 @@
+ continue;
+
+ for_primary_ifa(in_dev) {
+- if (ifa->ifa_scope != RT_SCOPE_LINK &&
++ if (!IN_DEV_HIDDEN(in_dev) &&
++ ifa->ifa_scope != RT_SCOPE_LINK &&
+ ifa->ifa_scope <= scope) {
+ addr = ifa->ifa_local;
+ goto out_unlock_both;
+@@ -1434,6 +1435,14 @@
+ .proc_handler = &proc_dointvec,
+ },
+ {
++ .ctl_name = NET_IPV4_CONF_RP_FILTER_MASK,
++ .procname = "rp_filter_mask",
++ .data = &ipv4_devconf.rp_filter_mask,
++ .maxlen = sizeof(int),
++ .mode = 0644,
++ .proc_handler = &proc_dointvec,
++ },
++ {
+ .ctl_name = NET_IPV4_CONF_BOOTP_RELAY,
+ .procname = "bootp_relay",
+ .data = &ipv4_devconf.bootp_relay,
+@@ -1458,6 +1467,14 @@
+ .proc_handler = &proc_dointvec,
+ },
+ {
++ .ctl_name = NET_IPV4_CONF_HIDDEN,
++ .procname = "hidden",
++ .data = &ipv4_devconf.hidden,
++ .maxlen = sizeof(int),
++ .mode = 0644,
++ .proc_handler = &proc_dointvec,
++ },
++ {
+ .ctl_name = NET_IPV4_CONF_ARPFILTER,
+ .procname = "arp_filter",
+ .data = &ipv4_devconf.arp_filter,
+@@ -149...
[truncated message content] |
