[PATCH] xt_AUDIT.c: remove ipv6 dependencies

netfilter-devel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] xt_AUDIT.c: remove ipv6 dependencies
@ 2011-05-21 22:37 Mr Dash Four
  2011-05-22  9:43 ` Eric Dumazet
  0 siblings, 1 reply; 5+ messages in thread
From: Mr Dash Four @ 2011-05-21 22:37 UTC (permalink / raw)
  To: netfilter-devel; +Cc: Thomas Graf, Patrick McHardy, Eric Paris, Al Viro

All,


This patch follows the one I submitted yesterday and removes the dependencies on ipv6 allowing the AUDIT target be compiled on systems where no ipv6 is implemented or running.

Signed-off-by: Mr Dash Four <mr.dash.four@googlemail.com>
---
 net/netfilter/xt_AUDIT.c |   16 ++++++++++++++--
 1 files changed, 14 insertions(+), 2 deletions(-)

diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c
index e823f18..5cea31e 100644
--- a/net/netfilter/xt_AUDIT.c
+++ b/net/netfilter/xt_AUDIT.c
@@ -23,14 +23,18 @@
 #ifdef CONFIG_NF_CONNTRACK_SECMARK
 #include <linux/security.h>
 #endif
+#ifdef CONFIG_IPV6
 #include <net/ipv6.h>
+#endif
 #include <net/ip.h>
 
 MODULE_LICENSE("GPL");
 MODULE_AUTHOR("Thomas Graf <tgraf@redhat.com>");
 MODULE_DESCRIPTION("Xtables: creates audit records for dropped/accepted packets");
 MODULE_ALIAS("ipt_AUDIT");
+#ifdef CONFIG_IPV6
 MODULE_ALIAS("ip6t_AUDIT");
+#endif
 MODULE_ALIAS("ebt_AUDIT");
 MODULE_ALIAS("arpt_AUDIT");
 
@@ -55,8 +59,10 @@ static void audit_proto(struct audit_buffer *ab, struct sk_buff *skb,
 		}
 		break;
 
-	case IPPROTO_ICMP:
-	case IPPROTO_ICMPV6: {
+#ifdef CONFIG_IPV6
+	case IPPROTO_ICMPV6:
+#endif
+	case IPPROTO_ICMP: {
 		const u8 *iptr;
 		u8 _ih[2];
 
@@ -96,6 +102,7 @@ static void audit_ip4(struct audit_buffer *ab, struct sk_buff *skb)
 	audit_proto(ab, skb, ih->protocol, ih->ihl * 4);
 }
 
+#ifdef CONFIG_IPV6
 static void audit_ip6(struct audit_buffer *ab, struct sk_buff *skb)
 {
 	struct ipv6hdr _ip6h;
@@ -120,6 +127,7 @@ static void audit_ip6(struct audit_buffer *ab, struct sk_buff *skb)
 		audit_proto(ab, skb, nexthdr, offset);
 }
 
+#endif
 static unsigned int
 audit_tg(struct sk_buff *skb, const struct xt_action_param *par)
 {
@@ -160,10 +168,12 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par)
 			case __constant_htons(ETH_P_IP):
 				audit_ip4(ab, skb);
 				break;
+#ifdef CONFIG_IPV6
 
 			case __constant_htons(ETH_P_IPV6):
 				audit_ip6(ab, skb);
 				break;
+#endif
 			}
 		}
 	}
@@ -172,10 +182,12 @@ audit_tg(struct sk_buff *skb, const struct xt_action_param *par)
 	case NFPROTO_IPV4:
 		audit_ip4(ab, skb);
 		break;
+#ifdef CONFIG_IPV6
 
 	case NFPROTO_IPV6:
 		audit_ip6(ab, skb);
 		break;
+#endif
 	}
 
 	audit_log_end(ab);
-- 
1.7.3.4



^ permalink raw reply related	[flat|nested] 5+ messages in thread

* Re: [PATCH] xt_AUDIT.c: remove ipv6 dependencies
  2011-05-21 22:37 [PATCH] xt_AUDIT.c: remove ipv6 dependencies Mr Dash Four
@ 2011-05-22  9:43 ` Eric Dumazet
  2011-05-22 10:01   ` Thomas Graf
  0 siblings, 1 reply; 5+ messages in thread
From: Eric Dumazet @ 2011-05-22  9:43 UTC (permalink / raw)
  To: Mr Dash Four
  Cc: netfilter-devel, Thomas Graf, Patrick McHardy, Eric Paris,
	Al Viro

Le samedi 21 mai 2011 à 23:37 +0100, Mr Dash Four a écrit :
> All,
> 
> 
> This patch follows the one I submitted yesterday and removes the
> dependencies on ipv6 allowing the AUDIT target be compiled on systems
> where no ipv6 is implemented or running.
> 
> Signed-off-by: Mr Dash Four <mr.dash.four@googlemail.com>
> ---
>  net/netfilter/xt_AUDIT.c |   16 ++++++++++++++--
>  1 files changed, 14 insertions(+), 2 deletions(-)
> 
> diff --git a/net/netfilter/xt_AUDIT.c b/net/netfilter/xt_AUDIT.c
> index e823f18..5cea31e 100644
> --- a/net/netfilter/xt_AUDIT.c
> +++ b/net/netfilter/xt_AUDIT.c
> @@ -23,14 +23,18 @@
>  #ifdef CONFIG_NF_CONNTRACK_SECMARK
>  #include <linux/security.h>
>  #endif
> +#ifdef CONFIG_IPV6
>  #include <net/ipv6.h>
> +#endif

Well, what happens if I want ipv6 as a module, and ipv6 support in
xt_AUDIT ?

Its not clear why you beliebe this patch is needed.

I have a kernel without IPV6, and xt_AUDIT compiles fine here, it even
loads properly.



--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] xt_AUDIT.c: remove ipv6 dependencies
  2011-05-22  9:43 ` Eric Dumazet
@ 2011-05-22 10:01   ` Thomas Graf
  2011-05-22 11:44     ` Mr Dash Four
  0 siblings, 1 reply; 5+ messages in thread
From: Thomas Graf @ 2011-05-22 10:01 UTC (permalink / raw)
  To: Eric Dumazet
  Cc: Mr Dash Four, netfilter-devel, Patrick McHardy, Eric Paris,
	Al Viro

On Sun, 2011-05-22 at 11:43 +0200, Eric Dumazet wrote: 
> Its not clear why you beliebe this patch is needed.
> 
> I have a kernel without IPV6, and xt_AUDIT compiles fine here, it even
> loads properly.

The patch is not required. The protocol definitions and header parsing
functions are available even if IPv6 is not selected.



^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] xt_AUDIT.c: remove ipv6 dependencies
  2011-05-22 10:01   ` Thomas Graf
@ 2011-05-22 11:44     ` Mr Dash Four
  2011-05-22 11:58       ` Thomas Graf
  0 siblings, 1 reply; 5+ messages in thread
From: Mr Dash Four @ 2011-05-22 11:44 UTC (permalink / raw)
  To: tgraf; +Cc: Eric Dumazet, netfilter-devel, Patrick McHardy, Eric Paris,
	Al Viro


>> Its not clear why you beliebe this patch is needed.
>>
>> I have a kernel without IPV6, and xt_AUDIT compiles fine here, it even
>> loads properly.
>>     
>
> The patch is not required. The protocol definitions and header parsing
> functions are available even if IPv6 is not selected.
>   
I had errors when I tried to compile it in (I do not have ipv6 at all), 
hence I introduced the latest patch - with that patch everything 
compiles and runs without problems.

^ permalink raw reply	[flat|nested] 5+ messages in thread

* Re: [PATCH] xt_AUDIT.c: remove ipv6 dependencies
  2011-05-22 11:44     ` Mr Dash Four
@ 2011-05-22 11:58       ` Thomas Graf
  0 siblings, 0 replies; 5+ messages in thread
From: Thomas Graf @ 2011-05-22 11:58 UTC (permalink / raw)
  To: Mr Dash Four
  Cc: Eric Dumazet, netfilter-devel, Patrick McHardy, Eric Paris,
	Al Viro

On Sun, 2011-05-22 at 12:44 +0100, Mr Dash Four wrote: 
> >> Its not clear why you beliebe this patch is needed.
> >>
> >> I have a kernel without IPV6, and xt_AUDIT compiles fine here, it even
> >> loads properly.
> >>     
> >
> > The patch is not required. The protocol definitions and header parsing
> > functions are available even if IPv6 is not selected.
> >   
> I had errors when I tried to compile it in (I do not have ipv6 at all), 
> hence I introduced the latest patch - with that patch everything 
> compiles and runs without problems.

Could you provide the config combination which results in the compile
errors?


^ permalink raw reply	[flat|nested] 5+ messages in thread

end of thread, other threads:[~2011-05-22 11:58 UTC | newest]

Thread overview: 5+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-21 22:37 [PATCH] xt_AUDIT.c: remove ipv6 dependencies Mr Dash Four
2011-05-22  9:43 ` Eric Dumazet
2011-05-22 10:01   ` Thomas Graf
2011-05-22 11:44     ` Mr Dash Four
2011-05-22 11:58       ` Thomas Graf

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).