This fixes an iptables link error when kernel config include
CONFIG_NETFILTER_XT_MATCH_STATISTIC=y
related to the missing -lm argument on the linker command line. Error is caused
by
the odd looking linker argument ${$*_LIBADD} which get expanded to an empty
string.
Signed-off-by: Alin Nastac
From: Alin Nastac
Reproduction scenario:
- use 3 interfaces with 3 different zones - lan, wan and guest
- configure firewall to allow forwarding from lan to wan
- add DROP rule to prevent forwarding from lan to guest
- although packets are forwarded from lan to wan, "DROP(dest
nerated by zone_guest_dest_DROP chain
Signed-off-by: Alin Nastac
---
zones.c | 74 ++---
1 file changed, 62 insertions(+), 12 deletions(-)
diff --git a/zones.c b/zones.c
index e00d527..1f55aa6 100644
--- a/zones.c
+++ b/zones.c
@@ -
When -1 is written in /proc/sys/net/ipv4/neigh//locktime,
kernel disables ARP trashing protection. A value of 0 does not completely
disable this protection, a second ARP update being discarded if it
is processed during the same jiffie as the first update.
Signed-off-by: Alin Nastac
---
device.h
When -1 is written in /proc/sys/net/ipv4/neigh//locktime,
kernel disables ARP trashing protection. A value of 0 does not completely
disable this protection, a second ARP update being discarded if it
is processed during the same jiffie as the first update.
Signed-off-by: Alin Nastac
---
system
run "ifup wan"
4) although the same DHCP lease was obtained, sysntpd would be stopped
Because sysntpd service is deleted when last instance is freed, its triggers
will also be released. Without these triggers in place, sysntpd will not be
reloaded when a new DHCP lease containing option 42 wil
Signed-off-by: Alin Nastac
---
service/service.c | 5 -
service/service.h | 1 +
2 files changed, 5 insertions(+), 1 deletion(-)
diff --git a/service/service.c b/service/service.c
index 0584ee0..9675ba2 100644
--- a/service/service.c
+++ b/service/service.c
@@ -140,6 +140,8
SIGKILL is sent if instance process is still running after
seconds after SIGTERM has been sent. To prevent
another daemon process being launched before old process dies,
the instance is kept until SIGCHLD confirms that service has
been stopped.
Signed-off-by: Alin Nastac
---
service/instance.c
the NA packet.
Signed-off-by: Alin Nastac
---
device.c | 10 ++
device.h | 3 +++
system-linux.c | 20
3 files changed, 33 insertions(+)
diff --git a/device.c b/device.c
index 43881e5..306496c 100644
--- a/device.c
+++ b/device.c
@@ -59,6 +59,7 @@ static
There are 2 issues fixed by this patch:
- UDP checksum is computed incorrectly, the used pseudo IP header
contains transport protocol 6 iso 17
- on big endian arches the UDP/TCP checksum is incorrectly
computed when payload length is odd
Signed-off-by: Alin Nastac
---
.../patches
This patch was copied from
http://www.spinics.net/lists/netfilter/msg56704.html .
Signed-off-by: Alin Nastac
---
.../patches/100-udp_checksum_computation.patch | 95 ++
1 file changed, 95 insertions(+)
create mode 100644
package/libs/libnetfilter-queue/patches/100
This patch was copied from
http://www.spinics.net/lists/netfilter/msg56704.html .
---
.../patches/100-udp_checksum_computation.patch | 95 ++
1 file changed, 95 insertions(+)
create mode 100644
package/libs/libnetfilter-queue/patches/100-udp_checksum_computation.patch
di
The UCI parameter neighgcstaletime allows to control how much time will
STALE entries be kept in the neighbour table for both IPv4 and IPv6.
Signed-off-by: Alin Nastac
---
device.c | 14 ++
device.h | 4
system-linux.c | 38 ++
3
There is already a CONFIGURE_VAR set in here that seem
to have the same purpose, but it doesn't do the trick
in my cause (autoconf 2.69).
---
libs/libnet-1.2.x/Makefile | 1 +
1 file changed, 1 insertion(+)
diff --git a/libs/libnet-1.2.x/Makefile b/libs/libnet-1.2.x/Makefile
index a791163..062c7b
Storage of such zones is provided by a nf_ct_ext struct, hence conntrack
memory foot print will not be increased if zones are not used.
---
package/kernel/linux/modules/netfilter.mk | 1 +
1 file changed, 1 insertion(+)
diff --git a/package/kernel/linux/modules/netfilter.mk
b/package/kernel/linu
15 matches
Mail list logo
