reinit the tree, so we can have metadata

4 files changed, 271 insertions, 0 deletions

diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch
new file mode 100644
index 000000000000..f6b3a005ba21
--- /dev/null
+++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.0-configure.patch
@@ -0,0 +1,10 @@
+--- a/configure
++++ b/configure
+@@ -421,7 +421,6 @@
+ iptables_find_version	#IPTVER
+ iptables_try_pkgconfig	#try to configure from pkg-config
+ iptables_find_src	#IPTSRC
+-iptables_src_version	#check that IPTSRC match to IPTVER
+ iptables_inc		#IPTINC
+ iptables_modules	#IPTLIB
+ 
diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch
new file mode 100644
index 000000000000..7e8f62840a91
--- /dev/null
+++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.10.patch
@@ -0,0 +1,137 @@
+commit 5d71c94c400d91633f6d3c3be9e785bb23d4ca1a
+Author: ABC <abc@telekom.ru>
+Date:   Sun Mar 5 11:27:39 2017 +0300
+
+    Compilation compatibility with kernel 4.10.
+    
+    Fixes #70.
+    Resolves incompatibilities introduced by
+     2456e855354415bfaeb7badaa14e11b3e02c8466 and
+     613dbd95723aee7abd16860745691b6c7bda20dc for kernel 4.10.
+
+diff --git a/compat.h b/compat.h
+index 3f27977..47176ef 100644
+--- a/compat.h
++++ b/compat.h
+@@ -600,4 +600,29 @@ out:
+ # define __GNUC_PREREQ(maj, min) 0
+ #endif
+ 
++/* ktime is not union anymore, since 2456e855354415bfaeb7badaa14e11b3e02c8466 */
++#if LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0)
++# define first_tv64	first.tv64
++# define last_tv64	last.tv64
++#else
++# define first_tv64	first
++# define last_tv64	last
++#endif
++
++/* Offset changes made in 613dbd95723aee7abd16860745691b6c7bda20dc */
++#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,28) && LINUX_VERSION_CODE < KERNEL_VERSION(4,10,0)
++static inline u_int8_t xt_family(const struct xt_action_param *par)
++{
++	return par->family;
++}
++static inline const struct net_device *xt_in(const struct xt_action_param *par)
++{
++	return par->in;
++}
++static inline const struct net_device *xt_out(const struct xt_action_param *par)
++{
++	return par->out;
++}
++#endif
++
+ #endif /* COMPAT_NETFLOW_H */
+diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
+index 781b284..0d1ac55 100644
+--- a/ipt_NETFLOW.c
++++ b/ipt_NETFLOW.c
+@@ -3863,10 +3863,10 @@ static void netflow_export_stats(void)
+ 		t.pkts_selected	+= st->pkts_selected;
+ 		t.pkts_observed	+= st->pkts_observed;
+ #endif
+-		t.drop.first.tv64 = min_not_zero(t.drop.first.tv64, st->drop.first.tv64);
+-		t.drop.last.tv64  = max(t.drop.last.tv64, st->drop.last.tv64);
+-		t.lost.first.tv64 = min_not_zero(t.lost.first.tv64, st->lost.first.tv64);
+-		t.lost.last.tv64  = max(t.lost.last.tv64, st->lost.last.tv64);
++		t.drop.first_tv64 = min_not_zero(t.drop.first_tv64, st->drop.first_tv64);
++		t.drop.last_tv64  = max(t.drop.last_tv64, st->drop.last_tv64);
++		t.lost.first_tv64 = min_not_zero(t.lost.first_tv64, st->lost.first_tv64);
++		t.lost.last_tv64  = max(t.lost.last_tv64, st->lost.last_tv64);
+ 	}
+ 
+ 	export_stat_st(OTPL_MPSTAT, &t);
+@@ -4781,8 +4781,8 @@ static unsigned int netflow_target(
+ 			   const void *targinfo
+ # endif
+ #else /* since 2.6.28 */
+-# define if_in  par->in
+-# define if_out par->out
++# define if_in  xt_in(par)
++# define if_out xt_out(par)
+ # if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,35)
+ 			   const struct xt_target_param *par
+ # else
+@@ -4809,7 +4809,7 @@ static unsigned int netflow_target(
+ #ifdef ENABLE_DIRECTION
+ 	const int hooknum = par->hooknum;
+ #endif
+-	const int family = par->family;
++	const int family = xt_family(par);
+ #endif
+ 	struct ipt_netflow_tuple tuple;
+ 	struct ipt_netflow *nf;
+diff --git a/ipt_NETFLOW.h b/ipt_NETFLOW.h
+index eb00e94..3ee44a8 100644
+--- a/ipt_NETFLOW.h
++++ b/ipt_NETFLOW.h
+@@ -414,7 +414,7 @@ struct netflow_aggr_p {
+ #define NETFLOW_STAT_TS(count)							 \
+ 	do {									 \
+ 		ktime_t kts = ktime_get_real();					 \
+-		if (!(__get_cpu_var(ipt_netflow_stat)).count.first.tv64)	 \
++		if (!(__get_cpu_var(ipt_netflow_stat)).count.first_tv64)	 \
+ 			__get_cpu_var(ipt_netflow_stat).count.first = kts;	 \
+ 		__get_cpu_var(ipt_netflow_stat).count.last = kts;		 \
+ 	} while (0);
+commit 5dec6355f151a5c9fa4393c43388b22d9c720fae
+Author: ABC <abc@telekom.ru>
+Date:   Tue Mar 14 21:55:29 2017 +0300
+
+    More compatibility with kernel 4.10.
+    
+    Thanks to cREoz @ gitnub. Resolves #70 once more.
+
+diff --git a/compat.h b/compat.h
+index 47176ef..867e7f2 100644
+--- a/compat.h
++++ b/compat.h
+@@ -623,6 +623,10 @@ static inline const struct net_device *xt_out(const struct xt_action_param *par)
+ {
+ 	return par->out;
+ }
++static inline unsigned int xt_hooknum(const struct xt_action_param *par)
++{
++	return par->hooknum;
++}
+ #endif
+ 
+ #endif /* COMPAT_NETFLOW_H */
+diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
+index 0d1ac55..6d3122e 100644
+--- a/ipt_NETFLOW.c
++++ b/ipt_NETFLOW.c
+@@ -4806,9 +4806,9 @@ static unsigned int netflow_target(
+ #if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,28)
+ 	const int family = target->family;
+ #else
+-#ifdef ENABLE_DIRECTION
+-	const int hooknum = par->hooknum;
+-#endif
++# ifdef ENABLE_DIRECTION
++	const int hooknum = xt_hooknum(par);
++# endif
+ 	const int family = xt_family(par);
+ #endif
+ 	struct ipt_netflow_tuple tuple;
diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch
new file mode 100644
index 000000000000..10e8b552afb4
--- /dev/null
+++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.13.patch
@@ -0,0 +1,63 @@
+commit 53a556cb4a705f4eae2bcb49552b6427b231378a
+Author: ABC <abc@telekom.ru>
+Date:   Mon Aug 14 22:55:25 2017 +0300
+
+    Compatibility with kernel 4.13.
+    
+    Offset patch torvalds/linux@14afee4b6092fde451ee17604e5f5c89da33e71e
+
+diff --git a/compat.h b/compat.h
+index 061eb57..275ff58 100644
+--- a/compat.h
++++ b/compat.h
+@@ -636,4 +636,10 @@ static inline unsigned int xt_hooknum(const struct xt_action_param *par)
+ # define SK_CAN_REUSE   1
+ #endif
+ 
++#if LINUX_VERSION_CODE < KERNEL_VERSION(4,13,0)
++# define compat_refcount_read atomic_read
++#else
++# define compat_refcount_read refcount_read
++#endif
++
+ #endif /* COMPAT_NETFLOW_H */
+diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
+index 494ea74..9365325 100644
+--- a/ipt_NETFLOW.c
++++ b/ipt_NETFLOW.c
+@@ -622,7 +622,7 @@ static int snmp_seq_show(struct seq_file *seq, void *v)
+ 
+ 			seq_printf(seq, " %u %u %u\n",
+ 			    sk->sk_sndbuf,
+-			    atomic_read(&sk->sk_wmem_alloc),
++			    compat_refcount_read(&sk->sk_wmem_alloc),
+ 			    wmem_peak);
+ 		} else
+ 			seq_printf(seq, " 0 0 %u\n", wmem_peak);
+@@ -864,7 +864,7 @@ static int nf_seq_show(struct seq_file *seq, void *v)
+ 			seq_printf(seq, ", sndbuf %u, filled %u, peak %u;"
+ 			    " err: sndbuf reached %u, connect %u, cberr %u, other %u\n",
+ 			    sk->sk_sndbuf,
+-			    atomic_read(&sk->sk_wmem_alloc),
++			    compat_refcount_read(&sk->sk_wmem_alloc),
+ 			    atomic_read(&usock->wmem_peak),
+ 			    usock->err_full,
+ 			    usock->err_connect,
+@@ -2031,7 +2031,7 @@ static void netflow_sendmsg(void *buffer, const int len)
+ 			printk(KERN_INFO "netflow_sendmsg: sendmsg(%d, %d) [%u %u]\n",
+ 			       snum,
+ 			       len,
+-			       atomic_read(&usock->sock->sk->sk_wmem_alloc),
++			       compat_refcount_read(&usock->sock->sk->sk_wmem_alloc),
+ 			       usock->sock->sk->sk_sndbuf);
+ 		ret = kernel_sendmsg(usock->sock, &msg, &iov, 1, (size_t)len);
+ 		if (ret < 0) {
+@@ -2054,7 +2054,7 @@ static void netflow_sendmsg(void *buffer, const int len)
+ 			printk(KERN_ERR "ipt_NETFLOW: sendmsg[%d] error %d: data loss %llu pkt, %llu bytes%s\n",
+ 			       snum, ret, pdu_packets, pdu_traf, suggestion);
+ 		} else {
+-			unsigned int wmem = atomic_read(&usock->sock->sk->sk_wmem_alloc);
++			unsigned int wmem = compat_refcount_read(&usock->sock->sk->sk_wmem_alloc);
+ 			if (wmem > atomic_read(&usock->wmem_peak))
+ 				atomic_set(&usock->wmem_peak, wmem);
+ 			NETFLOW_STAT_INC(exported_pkt);
diff --git a/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch
new file mode 100644
index 000000000000..bd9bedd3d998
--- /dev/null
+++ b/net-firewall/ipt_netflow/files/ipt_netflow-2.2-linux-4.6.patch
@@ -0,0 +1,61 @@
+commit c16ffc6cb679b3377a0d4a30a6bbcf5e2f3d0214
+Author: ABC <abc@telekom.ru>
+Date:   Sun May 22 22:07:14 2016 +0300
+
+    Support ETHTOOL_xLINKSETTINGS API (new in linux 4.6).
+    
+    Thus, making support for 4.6 kernels.
+    Reference to linux commit:
+      https://github.com/torvalds/linux/commit/3f1ac7a700d
+    
+    Fixes #56, thanks karel-un.
+
+diff --git a/ipt_NETFLOW.c b/ipt_NETFLOW.c
+index 067fd50..d27eea2 100644
+--- a/ipt_NETFLOW.c
++++ b/ipt_NETFLOW.c
+@@ -3904,7 +3904,13 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d
+ {
+ 	struct ethtool_drvinfo info = { 0 };
+ 	const struct ethtool_ops *ops = dev->ethtool_ops;
++#ifndef ETHTOOL_GLINKSETTINGS
+ 	struct ethtool_cmd ecmd;
++#define _KSETTINGS(x, y) (x)
++#else
++	struct ethtool_link_ksettings ekmd;
++#define _KSETTINGS(x, y) (y)
++#endif
+ 	int len = size;
+ 	int n;
+ 
+@@ -3933,11 +3939,11 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d
+ 	/* only get_settings for running devices to not trigger link negotiation */
+ 	if (dev->flags & IFF_UP &&
+ 	    dev->flags & IFF_RUNNING &&
+-	    !__ethtool_get_settings(dev, &ecmd)) {
++	    !_KSETTINGS(__ethtool_get_settings(dev, &ecmd), __ethtool_get_link_ksettings(dev, &ekmd))) {
+ 		char *s, *p;
+ 
+ 		/* append basic parameters: speed and port */
+-		switch (ethtool_cmd_speed(&ecmd)) {
++		switch (_KSETTINGS(ethtool_cmd_speed(&ecmd), ekmd.base.speed)) {
+ 		case SPEED_10000: s = "10Gb"; break;
+ 		case SPEED_2500:  s = "2.5Gb"; break;
+ 		case SPEED_1000:  s = "1Gb"; break;
+@@ -3945,7 +3951,7 @@ static int ethtool_drvinfo(unsigned char *ptr, size_t size, struct net_device *d
+ 		case SPEED_10:    s = "10Mb"; break;
+ 		default:          s = "";
+ 		}
+-		switch (ecmd.port) {
++		switch (_KSETTINGS(ecmd.port, ekmd.base.port)) {
+ 		case PORT_TP:     p = "tp"; break;
+ 		case PORT_AUI:    p = "aui"; break;
+ 		case PORT_MII:    p = "mii"; break;
+@@ -3964,6 +3970,7 @@ ret:
+ 		ops->complete(dev);
+ 	return size - len;
+ }
++#undef _KSETTINGS
+ 
+ static const unsigned short netdev_type[] =
+ {ARPHRD_NETROM, ARPHRD_ETHER, ARPHRD_AX25,