summaryrefslogtreecommitdiff
path: root/package/iptables
diff options
context:
space:
mode:
Diffstat (limited to 'package/iptables')
-rw-r--r--package/iptables/Makefile4
-rw-r--r--package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c24
-rw-r--r--package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h26
-rw-r--r--package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h10
-rw-r--r--package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h10
-rw-r--r--package/iptables/patches/patch-include_linux_netfilter_xt_osf_h10
6 files changed, 82 insertions, 2 deletions
diff --git a/package/iptables/Makefile b/package/iptables/Makefile
index 105a5d801..8557c0e64 100644
--- a/package/iptables/Makefile
+++ b/package/iptables/Makefile
@@ -4,9 +4,9 @@
include ${TOPDIR}/rules.mk
PKG_NAME:= iptables
-PKG_VERSION:= 1.4.16.3
+PKG_VERSION:= 1.4.20
PKG_RELEASE:= 1
-PKG_MD5SUM:= 6dd40c12fb8f4c4312a0f8434369fbcd
+PKG_MD5SUM:= 387b92d3efcf4f07fe31c3bf0f1d18f5
PKG_DESCR:= The netfilter firewalling software
PKG_SECTION:= firewall
PKG_DEPENDS:= kmod-ip-nf-iptables kmod-nf-conntrack
diff --git a/package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c b/package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c
new file mode 100644
index 000000000..c9e728b85
--- /dev/null
+++ b/package/iptables/patches/patch-extensions_libxt_TCPOPTSTRIP_c
@@ -0,0 +1,24 @@
+--- iptables-1.4.20.orig/extensions/libxt_TCPOPTSTRIP.c 2013-08-06 17:48:43.000000000 +0200
++++ iptables-1.4.20/extensions/libxt_TCPOPTSTRIP.c 2013-08-15 17:02:18.802154795 +0200
+@@ -12,6 +12,21 @@
+ #ifndef TCPOPT_MD5SIG
+ # define TCPOPT_MD5SIG 19
+ #endif
++#ifndef TCPOPT_MAXSEG
++# define TCPOPT_MAXSEG 2
++#endif
++#ifndef TCPOPT_WINDOW
++# define TCPOPT_WINDOW 3
++#endif
++#ifndef TCPOPT_SACK_PERMITTED
++# define TCPOPT_SACK_PERMITTED 4
++#endif
++#ifndef TCPOPT_SACK
++# define TCPOPT_SACK 5
++#endif
++#ifndef TCPOPT_TIMESTAMP
++# define TCPOPT_TIMESTAMP 8
++#endif
+
+ enum {
+ O_STRIP_OPTION = 0,
diff --git a/package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h b/package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h
new file mode 100644
index 000000000..4bf224f13
--- /dev/null
+++ b/package/iptables/patches/patch-include_libiptc_ipt_kernel_headers_h
@@ -0,0 +1,26 @@
+--- iptables-1.4.20.orig/include/libiptc/ipt_kernel_headers.h 2013-08-06 17:48:43.000000000 +0200
++++ iptables-1.4.20/include/libiptc/ipt_kernel_headers.h 2013-08-15 16:58:51.960755143 +0200
+@@ -5,7 +5,6 @@
+
+ #include <limits.h>
+
+-#if defined(__GLIBC__) && __GLIBC__ == 2
+ #include <netinet/ip.h>
+ #include <netinet/in.h>
+ #include <netinet/ip_icmp.h>
+@@ -13,15 +12,4 @@
+ #include <netinet/udp.h>
+ #include <net/if.h>
+ #include <sys/types.h>
+-#else /* libc5 */
+-#include <sys/socket.h>
+-#include <linux/ip.h>
+-#include <linux/in.h>
+-#include <linux/if.h>
+-#include <linux/icmp.h>
+-#include <linux/tcp.h>
+-#include <linux/udp.h>
+-#include <linux/types.h>
+-#include <linux/in6.h>
+-#endif
+ #endif
diff --git a/package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h b/package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h
new file mode 100644
index 000000000..d5eacdc58
--- /dev/null
+++ b/package/iptables/patches/patch-include_linux_netfilter_ipv4_ip_tables_h
@@ -0,0 +1,10 @@
+--- iptables-1.4.20.orig/include/linux/netfilter_ipv4/ip_tables.h 2013-08-06 17:48:43.000000000 +0200
++++ iptables-1.4.20/include/linux/netfilter_ipv4/ip_tables.h 2013-08-15 17:07:14.082442619 +0200
+@@ -16,6 +16,7 @@
+ #define _IPTABLES_H
+
+ #include <linux/types.h>
++#include <sys/types.h>
+
+ #include <linux/netfilter_ipv4.h>
+
diff --git a/package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h b/package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h
new file mode 100644
index 000000000..9a69545eb
--- /dev/null
+++ b/package/iptables/patches/patch-include_linux_netfilter_ipv6_ip6_tables_h
@@ -0,0 +1,10 @@
+--- iptables-1.4.20.orig/include/linux/netfilter_ipv6/ip6_tables.h 2013-08-06 17:48:43.000000000 +0200
++++ iptables-1.4.20/include/linux/netfilter_ipv6/ip6_tables.h 2013-08-15 17:07:35.250176505 +0200
+@@ -16,6 +16,7 @@
+ #define _IP6_TABLES_H
+
+ #include <linux/types.h>
++#include <sys/types.h>
+
+ #include <linux/netfilter_ipv6.h>
+
diff --git a/package/iptables/patches/patch-include_linux_netfilter_xt_osf_h b/package/iptables/patches/patch-include_linux_netfilter_xt_osf_h
new file mode 100644
index 000000000..5c3422876
--- /dev/null
+++ b/package/iptables/patches/patch-include_linux_netfilter_xt_osf_h
@@ -0,0 +1,10 @@
+--- iptables-1.4.20.orig/include/linux/netfilter/xt_osf.h 2013-08-06 17:48:43.000000000 +0200
++++ iptables-1.4.20/include/linux/netfilter/xt_osf.h 2013-08-15 17:04:26.116554236 +0200
+@@ -21,6 +21,7 @@
+ #define _XT_OSF_H
+
+ #include <linux/types.h>
++#include <linux/tcp.h>
+
+ #define MAXGENRELEN 32
+