* [xtables-addons] xt_ipp2p: fix compatibility with pre-5.1 kernels
@ 2021-09-13 19:46 Jeremy Sowden
[not found] ` <2By.aVMy.1uKNcS{}pM6.1XG5DC@seznam.cz>
2021-09-14 13:32 ` Jan Engelhardt
0 siblings, 2 replies; 3+ messages in thread
From: Jeremy Sowden @ 2021-09-13 19:46 UTC (permalink / raw)
To: Jan Engelhardt; +Cc: Netfilter Devel, kaskada
`ip_transport_len` and `ipv6_transport_len` were introduced in 5.1.
They are both single-statement static inline functions, so add fall-back
implementations for compatibility with older kernels.
Signed-off-by: Jeremy Sowden <jeremy@azazel.net>
---
extensions/xt_ipp2p.c | 14 ++++++++++++++
1 file changed, 14 insertions(+)
diff --git a/extensions/xt_ipp2p.c b/extensions/xt_ipp2p.c
index 74f7d18fc04b..696318551649 100644
--- a/extensions/xt_ipp2p.c
+++ b/extensions/xt_ipp2p.c
@@ -19,6 +19,20 @@ MODULE_AUTHOR("Eicke Friedrich/Klaus Degner <ipp2p@ipp2p.org>");
MODULE_DESCRIPTION("An extension to iptables to identify P2P traffic.");
MODULE_LICENSE("GPL");
+#if LINUX_VERSION_CODE < KERNEL_VERSION(5, 1, 0)
+static inline unsigned int
+ip_transport_len(const struct sk_buff *skb)
+{
+ return ntohs(ip_hdr(skb)->tot_len) - skb_network_header_len(skb);
+}
+static inline unsigned int
+ipv6_transport_len(const struct sk_buff *skb)
+{
+ return ntohs(ipv6_hdr(skb)->payload_len) + sizeof(struct ipv6hdr) -
+ skb_network_header_len(skb);
+}
+#endif
+
union ipp2p_addr {
__be32 ip;
struct in6_addr in6;
--
2.33.0
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [xtables-addons] xt_ipp2p: fix compatibility with pre-5.1 kernels
[not found] ` <2By.aVMy.1uKNcS{}pM6.1XG5DC@seznam.cz>
@ 2021-09-14 12:55 ` Jeremy Sowden
0 siblings, 0 replies; 3+ messages in thread
From: Jeremy Sowden @ 2021-09-14 12:55 UTC (permalink / raw)
To: kaskada; +Cc: Netfilter Devel, Jan Engelhardt
[-- Attachment #1: Type: text/plain, Size: 2926 bytes --]
On 2021-09-14, at 09:46:20 +0200, kaskada@email.cz wrote:
> On 13. 9. 2021, at 21:53:43, Jeremy Sowden wrote:
> > `ip_transport_len` and `ipv6_transport_len` were introduced in 5.1.
> > They are both single-statement static inline functions, so add
> > fall-back implementations for compatibility with older kernels.
>
> now it is possible to compile the source on Debian 10 (kernel
> 4.19.0-17-amd64), but when I run:
>
> $ ip6tables -t mangle -A PREROUTING -m ipp2p --dc -j ACCEPT
>
> I still get this error:
>
> ip6tables v1.8.4 (legacy): Couldn't load match `ipp2p':No such file or directory
> Try `ip6tables -h' or 'ip6tables --help' for more information.
>
> When I run it with strace:
>
> $ strace ip6tables -t mangle -A PREROUTING -m ipp2p --dc -j ACCEPT
> [...]
> stat("/usr/lib/x86_64-linux-gnu/xtables/libip6t_ipp2p.so", 0x7fff3562dea0) = -1 ENOENT (Adresář nebo soubor neexistuje)
>
> It says this (it seems that
> "/usr/lib/x86_64-linux-gnu/xtables/libip6t_ipp2p.so" is missing, which
> is a bit suspicious).
It tries libip6t_ipp2p.so first, which fails, ...
> stat("/usr/lib/x86_64-linux-gnu/xtables/libxt_ipp2p.so", {st_mode=S_IFREG|0755, st_size=33512, ...}) = 0
> brk(NULL) = 0x562ecafdb000
> brk(0x562ecaffc000) = 0x562ecaffc000
> openat(AT_FDCWD, "/usr/lib/x86_64-linux-gnu/xtables/libxt_ipp2p.so", O_RDONLY|O_CLOEXEC) = 3
... and then libxt_ipp2p.so, which succeeds.
> read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\20\0\0\0\0\0\0"..., 832) = 832
> fstat(3, {st_mode=S_IFREG|0755, st_size=33512, ...}) = 0
> mmap(NULL, 16680, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f902e63a000
> mmap(0x7f902e63b000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f902e63b000
> mmap(0x7f902e63c000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f902e63c000
> mmap(0x7f902e63d000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f902e63d000
> close(3) = 0
> mprotect(0x7f902e63d000, 4096, PROT_READ) = 0
> socket(AF_INET6, SOCK_RAW, IPPROTO_RAW) = 3
> fcntl(3, F_SETFD, FD_CLOEXEC) = 0
> lstat("/proc/net/ip6_tables_names", {st_mode=S_IFREG|0440, st_size=0, ...}) = 0
> statfs("/proc/net/ip6_tables_names", {f_type=PROC_SUPER_MAGIC, f_bsize=4096, f_blocks=0, f_bfree=0, f_bavail=0, f_files=0, f_ffree=0, f_fsid={val=[0, 0]}, f_namelen=255, f_frsize=4096, f_flags=ST_VALID|ST_NOSUID|ST_NODEV|ST_NOEXEC|ST_RELATIME}) = 0
> getsockopt(3, SOL_IPV6, IP6T_SO_GET_REVISION_MATCH, 0x7fff3562ddb0, [30]) = -1 ENOENT (Adresář nebo soubor neexistuje)
This is the problem. The kernel is reporting that it could not find an
ipv6 version. That's because I forgot to add an ipv6 module alias. I
will send a patch shortly.
J.
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [xtables-addons] xt_ipp2p: fix compatibility with pre-5.1 kernels
2021-09-13 19:46 [xtables-addons] xt_ipp2p: fix compatibility with pre-5.1 kernels Jeremy Sowden
[not found] ` <2By.aVMy.1uKNcS{}pM6.1XG5DC@seznam.cz>
@ 2021-09-14 13:32 ` Jan Engelhardt
1 sibling, 0 replies; 3+ messages in thread
From: Jan Engelhardt @ 2021-09-14 13:32 UTC (permalink / raw)
To: Jeremy Sowden; +Cc: Netfilter Devel, kaskada
On Monday 2021-09-13 21:46, Jeremy Sowden wrote:
>`ip_transport_len` and `ipv6_transport_len` were introduced in 5.1.
>They are both single-statement static inline functions, so add fall-back
>implementations for compatibility with older kernels.
Added.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-09-14 13:32 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-13 19:46 [xtables-addons] xt_ipp2p: fix compatibility with pre-5.1 kernels Jeremy Sowden
[not found] ` <2By.aVMy.1uKNcS{}pM6.1XG5DC@seznam.cz>
2021-09-14 12:55 ` Jeremy Sowden
2021-09-14 13:32 ` Jan Engelhardt
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.