[Devel] [PATCH 02/14] netfilter: Add {ipt, ip6t}_osf aliases for xt_osf

Konstantin Khorenko khorenko at virtuozzo.com
Wed Jun 10 01:38:27 PDT 2015 

Already committed, so skipping this time.

commit 3a48d7fbd18778d5ff0e9c77021c2cae73dff3bd
Author: Kirill Tkhai <ktkhai at odin.com>
Date:   Thu Jun 4 18:32:06 2015 +0400

    ms/netfilter: Add {ipt,ip6t}_osf aliases for xt_osf

    Porting mainstream commit b8ddd9eac8788b0aa9a9d4e09d76dc9e1667bb2c:

        Orig author: Kirill Tkhai <ktkhai at parallels.com>

        netfilter: Add {ipt,ip6t}_osf aliases for xt_osf

        There are no these aliases, so kernel can not request appropriate
        match table:

        $ iptables -I INPUT -p tcp -m osf --genre Windows --ttl 2 -j DROP
        iptables: No chain/target/match by that name.

        setsockopt() requests ipt_osf module, which is not present. Add
        the aliases.

        Signed-off-by: Kirill Tkhai <ktkhai at parallels.com>
        Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>

    https://jira.sw.ru/browse/PSBM-33929

    Signed-off-by: Kirill Tkhai <ktkhai at odin.com>

--
Best regards,

Konstantin Khorenko,
Virtuozzo Linux Kernel Team

On 06/08/2015 05:20 PM, Kirill Tkhai wrote:
> Porting mainstream commit b8ddd9eac8788b0aa9a9d4e09d76dc9e1667bb2c:
> 
>     Orig author: Kirill Tkhai <ktkhai at parallels.com>
> 
>     netfilter: Add {ipt,ip6t}_osf aliases for xt_osf
> 
>     There are no these aliases, so kernel can not request appropriate
>     match table:
> 
>     $ iptables -I INPUT -p tcp -m osf --genre Windows --ttl 2 -j DROP
>     iptables: No chain/target/match by that name.
> 
>     setsockopt() requests ipt_osf module, which is not present. Add
>     the aliases.
> 
>     Signed-off-by: Kirill Tkhai <ktkhai at parallels.com>
>     Signed-off-by: Pablo Neira Ayuso <pablo at netfilter.org>
> 
> Signed-off-by: Kirill Tkhai <ktkhai at odin.com>
> ---
>  net/netfilter/xt_osf.c |    2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/net/netfilter/xt_osf.c b/net/netfilter/xt_osf.c
> index 647d989..3b6522b 100644
> --- a/net/netfilter/xt_osf.c
> +++ b/net/netfilter/xt_osf.c
> @@ -422,5 +422,7 @@ module_exit(xt_osf_fini);
>  
>  MODULE_LICENSE("GPL");
>  MODULE_AUTHOR("Evgeniy Polyakov <zbr at ioremap.net>");
> +MODULE_ALIAS("ipt_osf");
> +MODULE_ALIAS("ip6t_osf");
>  MODULE_DESCRIPTION("Passive OS fingerprint matching.");
>  MODULE_ALIAS_NFNL_SUBSYS(NFNL_SUBSYS_OSF);
> 
> _______________________________________________
> Devel mailing list
> Devel at openvz.org
> https://lists.openvz.org/mailman/listinfo/devel
>

More information about the Devel mailing list