--- ../patch-o-matic-ng/patchlets/ROUTE/linux-2.6/net/ipv4/netfilter/ipt_ROUTE.c.orig	2007-09-13 21:56:03.000000000 +0200
+++ ../patch-o-matic-ng/patchlets/ROUTE/linux-2.6/net/ipv4/netfilter/ipt_ROUTE.c	2008-03-26 12:37:44.000000000 +0100
@@ -15,16 +15,9 @@
 #include <linux/ip.h>
 #include <linux/netfilter_ipv4/ip_tables.h>
 
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
 #define CONFIG_NF_CONNTRACK_SUPPORT
-#endif
 
-#ifdef CONFIG_NF_CONNTRACK_SUPPORT
 #include <net/netfilter/nf_conntrack.h>
-#else
-#include <linux/netfilter_ipv4/ip_conntrack.h>
-#endif
-
 #include <linux/netfilter_ipv4/ipt_ROUTE.h>
 #include <linux/netdevice.h>
 #include <linux/route.h>
@@ -34,6 +27,7 @@
 #include <net/route.h>
 #include <net/icmp.h>
 #include <net/checksum.h>
+#include <net/net_namespace.h>
 
 #if 0
 #define DEBUGP printk
@@ -68,11 +62,7 @@
 {
 	int err;
 	struct rtable *rt;
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
 	struct iphdr *iph = ip_hdr(skb);
-#else
-	struct iphdr *iph = skb->nh.iph;
-#endif
 	struct flowi fl = {
 		.oif = ifindex,
 		.nl_u = {
@@ -136,7 +126,7 @@
 	unsigned seq;
 
 	/* Be paranoid, rather than too clever. */
-	if (unlikely(skb_headroom(skb) < hh_len && dev->hard_header)) {
+	if (unlikely(skb_headroom(skb) < hh_len && (dev->header_ops && dev->header_ops->create))) {
 		struct sk_buff *skb2;
 
 		skb2 = skb_realloc_headroom(skb, LL_RESERVED_SPACE(dev));
@@ -190,7 +180,7 @@
 	/* The user set the interface name to use.
 	 * Getting the current interface index.
 	 */
-	if ((dev_out = dev_get_by_name(route_info->oif))) {
+	if ((dev_out = dev_get_by_name(&init_net , route_info->oif))) {
 		ifindex = dev_out->ifindex;
 	} else {
 		/* Unknown interface name : packet dropped */
@@ -256,7 +246,7 @@
 	struct net_device *dev_in = NULL;
 
 	/* Getting the current interface index. */
-	if (!(dev_in = dev_get_by_name(route_info->iif))) {
+	if (!(dev_in = dev_get_by_name(&init_net , route_info->iif))) {
 		if (net_ratelimit()) 
 			DEBUGP("ipt_ROUTE: iif interface %s not found\n", route_info->iif);
 		return NF_DROP;
@@ -292,28 +282,16 @@
  * routing packets when we see they already have that ->nfct.
  */
 
-#ifdef CONFIG_NF_CONNTRACK_SUPPORT
 static struct nf_conn route_tee_track;
-#else
-static struct ip_conntrack route_tee_track;
-#endif
 
-static unsigned int ipt_route_target(struct sk_buff **pskb,
+static unsigned int xt_route_target(struct sk_buff *skb,
 				     const struct net_device *in,
 				     const struct net_device *out,
 				     unsigned int hooknum,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
 				     const struct xt_target *target,
-#endif
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
-				     const void *targinfo,
-				     void *userinfo)
-#else
 				     const void *targinfo)
-#endif
 {
 	const struct ipt_route_target_info *route_info = targinfo;
-	struct sk_buff *skb = *pskb;
 	unsigned int res;
 
 	if (skb->nfct == &route_tee_track.ct_general) {
@@ -331,11 +309,7 @@
 	if (hooknum == NF_IP_PRE_ROUTING ||
 	    hooknum == NF_IP_LOCAL_IN) {
 
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,22)
 		struct iphdr *iph = ip_hdr(skb);
-#else
-		struct iphdr *iph = skb->nh.iph;
-#endif
 		if (iph->ttl <= 1) {
 			struct rtable *rt;
 			struct flowi fl = {
@@ -390,7 +364,7 @@
 		 * on its way as if nothing happened. The copy should be
 		 * independantly delivered to the ROUTE --gw.
 		 */
-		skb = skb_copy(*pskb, GFP_ATOMIC);
+		skb = skb_copy(skb, GFP_ATOMIC);
 		if (!skb) {
 			if (net_ratelimit()) 
 				DEBUGP(KERN_DEBUG "ipt_ROUTE: copy failed!\n");
@@ -431,19 +405,10 @@
 }
 
 
-static int ipt_route_checkentry(const char *tablename,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,16)
+static bool xt_route_checkentry(const char *tablename,
 				const void *e,
-#else
-				const struct ipt_ip *ip,
-#endif
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
 				const struct xt_target *target,
-#endif
 				void *targinfo,
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
-				unsigned int targinfosize,
-#endif
 				unsigned int hook_mask)
 {
 	if (strcmp(tablename, "mangle") != 0) {
@@ -461,32 +426,15 @@
 		return 0;
 	}
 
-#if LINUX_VERSION_CODE < KERNEL_VERSION(2,6,19)
-	if (targinfosize != IPT_ALIGN(sizeof(struct ipt_route_target_info))) {
-		printk(KERN_WARNING "ipt_ROUTE: targinfosize %u != %Zu\n",
-		       targinfosize,
-		       IPT_ALIGN(sizeof(struct ipt_route_target_info)));
-		return 0;
-	}
-#endif
-
 	return 1;
 }
 
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
-static struct ipt_target xt_route_reg = { 
-#else
-static struct ipt_target ipt_route_reg = { 
-#endif
+static struct xt_target xt_route_reg = { 
 	.name = "ROUTE",
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
 	.family		= AF_INET,
-#endif
-	.target = ipt_route_target,
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,17)
+	.target = xt_route_target,
 	.targetsize = sizeof(struct ipt_route_target_info),
-#endif
-	.checkentry = ipt_route_checkentry,
+	.checkentry = xt_route_checkentry,
 	.me = THIS_MODULE,
 };
 
@@ -500,21 +448,13 @@
 	/* Initialize fake conntrack so that NAT will skip it */
 	route_tee_track.status |= IPS_NAT_DONE_MASK;
 
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
 	return xt_register_target(&xt_route_reg);
-#else
-	return ipt_register_target(&ipt_route_reg);
-#endif
 }
 
 
 static void __exit fini(void)
 {
-#if LINUX_VERSION_CODE >= KERNEL_VERSION(2,6,21)
 	xt_unregister_target(&xt_route_reg);
-#else
-	ipt_unregister_target(&ipt_route_reg);
-#endif
 }
 
 module_init(init);