From 95ad79bc6d15c64b2770fe8b7092a64d5c2a293c Mon Sep 17 00:00:00 2001 From: Syrone Wong Date: Tue, 10 Jan 2023 11:04:25 +0800 Subject: [PATCH 1/3] nf_nat_fullcone.c: fix missing prandom_u32() with Linux >= 6.1.0 prandom_u32() previously was only calling get_random_u32() so it's been dropped with Linux 6.1.0. So let's directly call get_random_u32() if Linux version >= 6.1.0. Signed-off-by: Syrone Wong --- src/nf_nat_fullcone.c | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/src/nf_nat_fullcone.c b/src/nf_nat_fullcone.c index 0757ef9..0b13cbe 100644 --- a/src/nf_nat_fullcone.c +++ b/src/nf_nat_fullcone.c @@ -854,7 +854,11 @@ static uint16_t find_appropriate_port6(struct net *net, const u16 zone, /* for now we do the same thing for both --random and --random-fully */ /* select a random starting point */ +#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0) + start = (uint16_t) (get_random_u32() % (u32) range_size); +#else start = (uint16_t) (prandom_u32() % (u32) range_size); +#endif } else { if ((original_port >= min && original_port <= min + range_size - 1) @@ -927,7 +931,11 @@ static uint16_t find_appropriate_port(struct net *net, const u16 zone, /* for now we do the same thing for both --random and --random-fully */ /* select a random starting point */ +#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 1, 0) + start = (uint16_t) (get_random_u32() % (u32) range_size); +#else start = (uint16_t) (prandom_u32() % (u32) range_size); +#endif } else { if ((original_port >= min && original_port <= min + range_size - 1) From 5a21ca29b7da429174951d1801a9681a25982d10 Mon Sep 17 00:00:00 2001 From: Syrone Wong Date: Sun, 26 Feb 2023 21:55:30 +0800 Subject: [PATCH 2/3] nft_ext_fullcone.c: fix nft_expr_ops::dump callback parameters https://github.com/torvalds/linux/commit/7d34aa3e03b6a56306296bd98b26c6a1710cd57b --- src/nft_ext_fullcone.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/nft_ext_fullcone.c b/src/nft_ext_fullcone.c index c28947a..96d1feb 100644 --- a/src/nft_ext_fullcone.c +++ b/src/nft_ext_fullcone.c @@ -179,7 +179,11 @@ static int nft_fullcone_init(const struct nft_ctx *ctx, const struct nft_expr *e return err; } +#if LINUX_VERSION_CODE >= KERNEL_VERSION(6, 2, 0) +static int nft_fullcone_dump(struct sk_buff *skb, const struct nft_expr *expr, bool reset) +#else static int nft_fullcone_dump(struct sk_buff *skb, const struct nft_expr *expr) +#endif { const struct nft_fullcone *priv = nft_expr_priv(expr); From 47adf5d36efed16522a19936102b04ed85fa8cb9 Mon Sep 17 00:00:00 2001 From: "Shen, Zhonghua Daniel" Date: Sat, 15 Apr 2023 11:11:52 +0800 Subject: [PATCH 3/3] Add Makefile for debian linux (#10) * Add Makefile for debian linux * Update Makefile remove the "\" brought from my shell script * add uninstall for the modules --------- Co-authored-by: root --- debian/Makefile | 28 ++++++++++++++++++++++++++++ 1 file changed, 28 insertions(+) create mode 100644 debian/Makefile diff --git a/debian/Makefile b/debian/Makefile new file mode 100644 index 0000000..3f06cde --- /dev/null +++ b/debian/Makefile @@ -0,0 +1,28 @@ +# +# apt update -y +# apt upgrade -y +# apt install --reinstall linux-headers-$(uname -r) -y +# apt install build-essential autoconf autogen libtool pkg-config libgmp3-dev bison flex libreadline-dev git libedit-dev libmnl-dev make dkms -y +# apt autoremove -y +# + +obj-m += nft_fullcone.o + +nft_fullcone-y := ../src/nft_ext_fullcone.o ../src/nf_nat_fullcone.o + +KVERSION = $(shell uname -r) + +all: + make -C /lib/modules/$(KVERSION)/build M=$(PWD) modules + +install: + make -C /lib/modules/$(KVERSION)/build M=$(PWD) modules_install + depmod -A + modprobe nft_fullcone + +uninstall: + rmmod nft_fullcone || echo "Please remove all nft rules with fullcone and run [rmmod nft_fullcone] manually" + rm -f /lib/modules/$(KVERSION)/extra/nft_fullcone.ko && depmod -A + +clean: + make -C /lib/modules/$(KVERSION)/build M=$(PWD) clean