From 643fedb79e6c4c141337225ecbfde987dc27d66c7b79ff0ac73fef7a7a5db3d5 Mon Sep 17 00:00:00 2001 From: Jan Engelhardt Date: Thu, 16 Dec 2010 19:19:42 +0000 Subject: [PATCH] Accepting request 56228 from home:dirkmueller:branches:security:netfilter good OBS-URL: https://build.opensuse.org/request/show/56228 OBS-URL: https://build.opensuse.org/package/show/security:netfilter/iproute2?expand=0&rev=13 --- iproute2-2.6.29-1-fragtimeout.diff | 83 ------------------------------ iproute2.changes | 7 +++ iproute2.spec | 3 -- 3 files changed, 7 insertions(+), 86 deletions(-) delete mode 100644 iproute2-2.6.29-1-fragtimeout.diff diff --git a/iproute2-2.6.29-1-fragtimeout.diff b/iproute2-2.6.29-1-fragtimeout.diff deleted file mode 100644 index ba2689d..0000000 --- a/iproute2-2.6.29-1-fragtimeout.diff +++ /dev/null @@ -1,83 +0,0 @@ ---- doc/ip-cref.tex -+++ doc/ip-cref.tex 2008/05/13 08:23:52 -@@ -1315,7 +1315,11 @@ - If it is not given, Linux uses the value selected with \verb|sysctl| - variable \verb|net/ipv4/tcp_reordering|. - -+\item \verb|fragtimeout NUMBER| - -+--- \threeonly How many seconds to wait before expiring IP fragments -+ from the destination of this route. If not specified Linux uses -+ the \verb|sysctl| variable \verb|net/ipv4/ip_frag_timeout|. - - \item \verb|nexthop NEXTHOP| - ---- ip/iproute.c -+++ ip/iproute.c 2008/05/13 08:28:32 -@@ -37,6 +37,14 @@ - #define RTAX_RTTVAR RTAX_HOPS - #endif - -+#ifndef RTAX_FRAG_TIMEOUT -+#define RTAX_FRAG_TIMEOUT (RTAX_FEATURES+1) -+#endif -+ -+#if RTAX_MAX < RTAX_FRAG_TIMEOUT -+#undef RTAX_MAX -+#define RTAX_MAX RTAX_FRAG_TIMEOUT -+#endif - - static const char *mx_names[RTAX_MAX+1] = { - [RTAX_MTU] = "mtu", -@@ -51,6 +59,7 @@ - [RTAX_INITCWND] = "initcwnd", - [RTAX_FEATURES] = "features", - [RTAX_RTO_MIN] = "rto_min", -+ [RTAX_FRAG_TIMEOUT]="fragtimeout" - }; - static void usage(void) __attribute__((noreturn)); - -@@ -70,9 +79,9 @@ - fprintf(stderr, "INFO_SPEC := NH OPTIONS FLAGS [ nexthop NH ]...\n"); - fprintf(stderr, "NH := [ via ADDRESS ] [ dev STRING ] [ weight NUMBER ] NHFLAGS\n"); - fprintf(stderr, "OPTIONS := FLAGS [ mtu NUMBER ] [ advmss NUMBER ]\n"); -- fprintf(stderr, " [ rtt TIME ] [ rttvar TIME ]\n"); -+ fprintf(stderr, " [ rtt TIME ] [ rttvar TIME ] [ fragtimeout seconds ]\n"); - fprintf(stderr, " [ window NUMBER] [ cwnd NUMBER ] [ initcwnd NUMBER ]\n"); -- fprintf(stderr, " [ ssthresh NUMBER ] [ realms REALM ] [ src ADDRESS ]\n"); -+ fprintf(stderr, " [ ssthresh NUMBER ] [ reordering NUMBER ] [ realms REALM ]\n"); - fprintf(stderr, " [ rto_min TIME ]\n"); - fprintf(stderr, "TYPE := [ unicast | local | broadcast | multicast | throw |\n"); - fprintf(stderr, " unreachable | prohibit | blackhole | nat ]\n"); -@@ -780,6 +789,14 @@ - invarg("\"reordering\" value is invalid\n", *argv); - rta_addattr32(mxrta, sizeof(mxbuf), RTAX_REORDERING, reord); - #endif -+#ifdef RTAX_FRAG_TIMEOUT -+ } else if (strcmp(*argv, "fragtimeout") == 0) { -+ unsigned timeout; -+ NEXT_ARG(); -+ if (get_unsigned(&timeout, *argv, 0)) -+ invarg("\"timeout\" value is invalid\n", *argv); -+ rta_addattr32(mxrta, sizeof(mxbuf), RTAX_FRAG_TIMEOUT, timeout); -+#endif - } else if (strcmp(*argv, "rtt") == 0) { - unsigned rtt; - NEXT_ARG(); ---- man/man8/ip.8 -+++ man/man8/ip.8 2008/05/13 08:25:08 -@@ -1487,6 +1487,14 @@ - .BR "net/ipv4/tcp_reordering" . - - .TP -+.BI fragtimeout " NUMBER " "(SuSE extension currently)" -+Fragment timeout in seconds for IP fragments arriving from this distination. -+If it is not given, Linux uses the value selected with -+.B sysctl -+variable -+.BR "net/ipv4/ipfrag_timeout" . -+ -+.TP - .BI nexthop " NEXTHOP" - the nexthop of a multipath route. - .I NEXTHOP diff --git a/iproute2.changes b/iproute2.changes index 626f023..e017f09 100644 --- a/iproute2.changes +++ b/iproute2.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Dec 3 10:29:55 CET 2010 - ms@suse.de + +- removed the fragtimeout patch because it breaks the rto_min + setup. The fragtimeout patch also requires a kernel side + modification which we don't ship since SLES9 (bnc #656667) + ------------------------------------------------------------------- Mon Nov 15 22:12:32 UTC 2010 - jengelh@medozas.de diff --git a/iproute2.spec b/iproute2.spec index 9592eb2..1e1753c 100644 --- a/iproute2.spec +++ b/iproute2.spec @@ -33,7 +33,6 @@ Source0: %name-%rversion.tar.bz2 Patch0: %name-2.6.29-1-libdir-1.diff Patch1: %name-2.6.29-1-HZ.diff Patch2: %name-2.6.29-1-pdfdoc.diff -Patch4: %name-2.6.29-1-fragtimeout.diff Patch5: %name-2.6.29-1-flushcheckuid.diff Patch7: %name-2.6.29-1-warnings.diff Patch8: %name-2.6.29-1-skbedit-memset.diff @@ -79,8 +78,6 @@ as well as examples and other outdated files. %patch0 %patch1 %patch2 -# RTAX_FRAG_TIMEOUT not in kernel at all? -#%patch4 %patch5 %patch7 %patch8