search for: ip_conntrack_tuple

...lt;linux/tcp.h> +#include <linux/if.h> +#include <linux/netfilter_ipv4/ip_nat.h> +#include <linux/netfilter_ipv4/ip_nat_rule.h> +#include <linux/netfilter_ipv4/ip_nat_protocol.h> +#include <linux/netfilter_ipv4/ip_nat_core.h> + +static int +tcp_in_range(const struct ip_conntrack_tuple *tuple, + enum ip_nat_manip_type maniptype, + const union ip_conntrack_manip_proto *min, + const union ip_conntrack_manip_proto *max) +{ + u_int16_t port; + + if (maniptype == IP_NAT_MANIP_SRC) + port = tuple->src.u.tcp.port; + else + port = tuple->dst.u.tcp.port; + + return...

...inux/nfnetlink_conntrack.h \ | tail-n 15 }; #endif /* CONFIG_IP_NF_NAT_NEEDED */ struct cta_proto { unsigned char num_proto; /* Protocol number IPPROTO_X */ union ip_conntrack_proto proto; }; struct cta_help { struct ip_conntrack_tuple tuple; struct ip_conntrack_tuple mask; char name[31]; /* name of conntrack helper */ union ip_conntrack_help help; }; ..I'm a C newbie: "proto" and "help": How _should_ these look??? -------...

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=59 laforge@netfilter.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching

...02/02/05 14:49:26 laforge Exp * * This program is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License @@ -112,9 +112,9 @@ =20 struct ip_ct_irc *info =3D &ct->help.ct_irc_info; =20 - - memset(&mask, 0, sizeof(struct ip_conntrack_tuple)); - - mask.dst.u.tcp.port =3D 0xFFFF; - - mask.dst.protonum =3D 0xFFFF; + mask =3D ((struct ip_conntrack_tuple) + { { 0, { 0 } }, + { 0xFFFFFFFF, { 0xFFFF }, 0xFFFF }}); =20 DEBUGP("entered\n"); /* Can't track connections formed before we registered */ CREDITS =3D=3D=3D=3D=3...

...sr/src/linux-2.4.18-24.8.0/include/linux/nfnetlink_conntrack.h \ | tail-n 15 }; #endif /* CONFIG_IP_NF_NAT_NEEDED */ struct cta_proto { unsigned char num_proto; /* Protocol number IPPROTO_X */ union ip_conntrack_proto proto; }; struct cta_help { struct ip_conntrack_tuple tuple; struct ip_conntrack_tuple mask; char name[31]; /* name of conntrack helper */ union ip_conntrack_help help; }; ..I'm a C newbie: "proto" and "help": How _should_ these look??? ..failing my diagnosis above, I adde...

...ter-devel/> After some further digging and debug output in the expect_cmp, I have found that the pptp_nat patch will break in a 64 bit big-endian platform. Basically, the whole masked comparison will be wrong since this patch changed a whole bunch of fields in various structures in ip_conntrack_tuple.h from 16 bits to either 32 bits or 64 bits. Passive FTP section: Jan 31 09:37:53 sparky kernel: ip_conntrack_expect_related fffff80016c909e0 Jan 31 09:37:53 sparky kernel: tuple: tuple 0000000000417690: 6 client:0x...

...lter_ipv4/ip= _conntrack.h --- linux-2.4.20-base/include/linux/netfilter_ipv4/ip_conntrack.h Fri Nov 2= 9 00:53:15 2002 +++ linux-2.4.20-del/include/linux/netfilter_ipv4/ip_conntrack.h Fri Feb 21= 17:01:38 2003 @@ -6,6 +6,7 @@ =20 #include <linux/config.h> #include <linux/netfilter_ipv4/ip_conntrack_tuple.h> +#include <linux/bitops.h> #include <asm/atomic.h> =20 enum ip_conntrack_info @@ -41,6 +42,10 @@ /* Conntrack should never be early-expired. */ IPS_ASSURED_BIT =3D 2, IPS_ASSURED =3D (1 << IPS_ASSURED_BIT), + + /* Connection is confirmed: originating packet has left...