Merge "ebtables: Android makefiles to build ebtables on Android"
diff --git a/Android.mk b/Android.mk
new file mode 100644
index 0000000..02b9bee
--- /dev/null
+++ b/Android.mk
@@ -0,0 +1,6 @@
+#Avoid building ebtables for emulator
+ifeq ($(call is-vendor-board-platform,QCOM),true)
+ include $(call all-subdir-makefiles)
+else
+ $(info "ebtables is disabled on this build")
+endif
diff --git a/kernel/linux/include/linux/netfilter_bridge.h b/kernel/linux/include/linux/netfilter_bridge.h
index 3c271c6..4c2a5aa 100644
--- a/kernel/linux/include/linux/netfilter_bridge.h
+++ b/kernel/linux/include/linux/netfilter_bridge.h
@@ -6,6 +6,7 @@
#include <linux/config.h>
#include <linux/netfilter.h>
+#include <limits.h>
/* Bridge Hooks */
/* After promisc drops, checksum checks. */
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h b/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h
index 537ec6b..91ae858 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_arp.h
@@ -8,8 +8,9 @@
#define EBT_ARP_DST_IP 0x10
#define EBT_ARP_SRC_MAC 0x20
#define EBT_ARP_DST_MAC 0x40
+#define EBT_ARP_GRAT 0x80
#define EBT_ARP_MASK (EBT_ARP_OPCODE | EBT_ARP_HTYPE | EBT_ARP_PTYPE | \
- EBT_ARP_SRC_IP | EBT_ARP_DST_IP | EBT_ARP_SRC_MAC | EBT_ARP_DST_MAC)
+ EBT_ARP_SRC_IP | EBT_ARP_DST_IP | EBT_ARP_SRC_MAC | EBT_ARP_DST_MAC | EBT_ARP_GRAT)
#define EBT_ARP_MATCH "arp"
struct ebt_arp_info
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_ip6.h b/kernel/linux/include/linux/netfilter_bridge/ebt_ip6.h
new file mode 100644
index 0000000..42b8896
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_ip6.h
@@ -0,0 +1,50 @@
+/*
+ * ebt_ip6
+ *
+ * Authors:
+ * Kuo-Lang Tseng <kuo-lang.tseng@intel.com>
+ * Manohar Castelino <manohar.r.castelino@intel.com>
+ *
+ * Jan 11, 2008
+ *
+ */
+
+#ifndef __LINUX_BRIDGE_EBT_IP6_H
+#define __LINUX_BRIDGE_EBT_IP6_H
+
+#include <linux/types.h>
+
+#define EBT_IP6_SOURCE 0x01
+#define EBT_IP6_DEST 0x02
+#define EBT_IP6_TCLASS 0x04
+#define EBT_IP6_PROTO 0x08
+#define EBT_IP6_SPORT 0x10
+#define EBT_IP6_DPORT 0x20
+#define EBT_IP6_ICMP6 0x40
+
+#define EBT_IP6_MASK (EBT_IP6_SOURCE | EBT_IP6_DEST | EBT_IP6_TCLASS |\
+ EBT_IP6_PROTO | EBT_IP6_SPORT | EBT_IP6_DPORT | \
+ EBT_IP6_ICMP6)
+#define EBT_IP6_MATCH "ip6"
+
+/* the same values are used for the invflags */
+struct ebt_ip6_info {
+ struct in6_addr saddr;
+ struct in6_addr daddr;
+ struct in6_addr smsk;
+ struct in6_addr dmsk;
+ __u8 tclass;
+ __u8 protocol;
+ __u8 bitmask;
+ __u8 invflags;
+ union {
+ __u16 sport[2];
+ __u8 icmpv6_type[2];
+ };
+ union {
+ __u16 dport[2];
+ __u8 icmpv6_code[2];
+ };
+};
+
+#endif
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_log.h b/kernel/linux/include/linux/netfilter_bridge/ebt_log.h
index d3e7377..0dee3f3 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_log.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_log.h
@@ -3,7 +3,9 @@
#define EBT_LOG_IP 0x01 // if the frame is made by ip, log the ip information
#define EBT_LOG_ARP 0x02
-#define EBT_LOG_MASK (EBT_LOG_IP | EBT_LOG_ARP)
+#define EBT_LOG_NFLOG 0x04
+#define EBT_LOG_IP6 0x0
+#define EBT_LOG_MASK (EBT_LOG_IP | EBT_LOG_ARP | EBT_LOG_IP6)
#define EBT_LOG_PREFIX_SIZE 30
#define EBT_LOG_WATCHER "log"
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
index 301524f..c057abf 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_m.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_MARK_M_H
#define __LINUX_BRIDGE_EBT_MARK_M_H
+#include <linux/types.h>
+
#define EBT_MARK_AND 0x01
#define EBT_MARK_OR 0x02
#define EBT_MARK_MASK (EBT_MARK_AND | EBT_MARK_OR)
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
index f84d2ad..8cb5764 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_mark_t.h
@@ -1,6 +1,18 @@
#ifndef __LINUX_BRIDGE_EBT_MARK_T_H
#define __LINUX_BRIDGE_EBT_MARK_T_H
+/* The target member is reused for adding new actions, the
+ * value of the real target is -1 to -NUM_STANDARD_TARGETS.
+ * For backward compatibility, the 4 lsb (2 would be enough,
+ * but let's play it safe) are kept to designate this target.
+ * The remaining bits designate the action. By making the set
+ * action 0xfffffff0, the result will look ok for older
+ * versions. [September 2006] */
+#define MARK_SET_VALUE (0xfffffff0)
+#define MARK_OR_VALUE (0xffffffe0)
+#define MARK_AND_VALUE (0xffffffd0)
+#define MARK_XOR_VALUE (0xffffffc0)
+
struct ebt_mark_t_info
{
unsigned long mark;
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h b/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h
index eac1871..879377f 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_nat.h
@@ -1,6 +1,8 @@
#ifndef __LINUX_BRIDGE_EBT_NAT_H
#define __LINUX_BRIDGE_EBT_NAT_H
+#define NAT_ARP_BIT (0x00000010)
+
struct ebt_nat_info
{
unsigned char mac[ETH_ALEN];
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_nflog.h b/kernel/linux/include/linux/netfilter_bridge/ebt_nflog.h
new file mode 100644
index 0000000..df829fc
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_nflog.h
@@ -0,0 +1,23 @@
+#ifndef __LINUX_BRIDGE_EBT_NFLOG_H
+#define __LINUX_BRIDGE_EBT_NFLOG_H
+
+#include <linux/types.h>
+
+#define EBT_NFLOG_MASK 0x0
+
+#define EBT_NFLOG_PREFIX_SIZE 64
+#define EBT_NFLOG_WATCHER "nflog"
+
+#define EBT_NFLOG_DEFAULT_GROUP 0x1
+#define EBT_NFLOG_DEFAULT_THRESHOLD 1
+
+struct ebt_nflog_info {
+ __u32 len;
+ __u16 group;
+ __u16 threshold;
+ __u16 flags;
+ __u16 pad;
+ char prefix[EBT_NFLOG_PREFIX_SIZE];
+};
+
+#endif /* __LINUX_BRIDGE_EBT_NFLOG_H */
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebt_ulog.h b/kernel/linux/include/linux/netfilter_bridge/ebt_ulog.h
new file mode 100644
index 0000000..89a6bec
--- /dev/null
+++ b/kernel/linux/include/linux/netfilter_bridge/ebt_ulog.h
@@ -0,0 +1,38 @@
+#ifndef _EBT_ULOG_H
+#define _EBT_ULOG_H
+
+#include <linux/types.h>
+
+#define EBT_ULOG_DEFAULT_NLGROUP 0
+#define EBT_ULOG_DEFAULT_QTHRESHOLD 1
+#define EBT_ULOG_MAXNLGROUPS 32 /* hardcoded netlink max */
+#define EBT_ULOG_PREFIX_LEN 32
+#define EBT_ULOG_MAX_QLEN 50
+#define EBT_ULOG_WATCHER "ulog"
+#define EBT_ULOG_VERSION 1
+
+struct ebt_ulog_info {
+ __u32 nlgroup;
+ unsigned int cprange;
+ unsigned int qthreshold;
+ char prefix[EBT_ULOG_PREFIX_LEN];
+};
+
+typedef struct ebt_ulog_packet_msg {
+ int version;
+ char indev[IFNAMSIZ];
+ char outdev[IFNAMSIZ];
+ char physindev[IFNAMSIZ];
+ char physoutdev[IFNAMSIZ];
+ char prefix[EBT_ULOG_PREFIX_LEN];
+ struct timeval stamp;
+ unsigned long mark;
+ unsigned int hook;
+ size_t data_len;
+ /* The complete packet, including Ethernet header and perhaps
+ * the VLAN header is appended */
+ unsigned char data[0] __attribute__
+ ((aligned (__alignof__(struct ebt_ulog_info))));
+} ebt_ulog_packet_msg_t;
+
+#endif /* _EBT_ULOG_H */
diff --git a/kernel/linux/include/linux/netfilter_bridge/ebtables.h b/kernel/linux/include/linux/netfilter_bridge/ebtables.h
index 81543a8..e4a5690 100644
--- a/kernel/linux/include/linux/netfilter_bridge/ebtables.h
+++ b/kernel/linux/include/linux/netfilter_bridge/ebtables.h
@@ -26,6 +26,10 @@
#define EBT_CONTINUE -3
#define EBT_RETURN -4
#define NUM_STANDARD_TARGETS 4
+/* ebtables target modules store the verdict inside an int. We can
+ * reclaim a part of this int for backwards compatible extensions.
+ * The 4 lsb are more than enough to store the verdict. */
+#define EBT_VERDICT_BITS 0x0000000F
struct ebt_counter
{
diff --git a/userspace/Android.mk b/userspace/Android.mk
new file mode 100644
index 0000000..5053e7d
--- /dev/null
+++ b/userspace/Android.mk
@@ -0,0 +1 @@
+include $(call all-subdir-makefiles)
diff --git a/userspace/ebtables2/Android.mk b/userspace/ebtables2/Android.mk
new file mode 100644
index 0000000..59b07b3
--- /dev/null
+++ b/userspace/ebtables2/Android.mk
@@ -0,0 +1,141 @@
+# BUILD libebtc.so
+
+LOCAL_PATH:= $(call my-dir)
+
+include $(CLEAR_VARS)
+
+LOCAL_SRC_FILES := getethertype.c
+LOCAL_SRC_FILES += communication.c
+LOCAL_SRC_FILES += libebtc.c
+LOCAL_SRC_FILES += useful_functions.c
+LOCAL_SRC_FILES += ebtables.c
+
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+LOCAL_C_INCLUDES += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
+LOCAL_ADDITIONAL_DEPENDENCIES := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
+
+LOCAL_CFLAGS += -DPROGNAME=\"ebtables\" \
+ -DPROGVERSION=\"2.0.10\" \
+ -DPROGDATE=\"December\ 2011\" \
+ -D__THROW=
+
+LOCAL_CFLAGS += -O2 -g -Wno-ignored-qualifiers
+LOCAL_CFLAGS += -Wno-sign-compare \
+ -Wno-missing-field-initializers \
+ -Wno-pointer-arith
+
+LOCAL_MODULE := libebtc
+
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_SHARED_LIBRARY)
+
+# sources and intermediate files are separated
+
+c_includes := $(LOCAL_PATH)/include
+c_includes += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
+local_additional_dependencies := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
+
+cflags := -O2 -g \
+ -DPROGNAME=\"ebtables\" \
+ -DPROGVERSION=\"2.0.10\" \
+ -DPROGDATE=\"December\ 2011\" \
+ -Wno-sign-compare -Wno-missing-field-initializers \
+ -Wno-ignored-qualifiers
+
+extensions_src_files := \
+ extensions/ebt_802_3.c \
+ extensions/ebt_among.c \
+ extensions/ebt_arp.c \
+ extensions/ebt_arpreply.c \
+ extensions/ebt_ip.c \
+ extensions/ebt_ip6.c \
+ extensions/ebt_limit.c \
+ extensions/ebt_log.c \
+ extensions/ebt_mark.c \
+ extensions/ebt_mark_m.c \
+ extensions/ebt_nat.c \
+ extensions/ebt_nflog.c \
+ extensions/ebt_pkttype.c \
+ extensions/ebt_redirect.c \
+ extensions/ebt_standard.c \
+ extensions/ebt_stp.c \
+ extensions/ebt_ulog.c \
+ extensions/ebt_vlan.c \
+ extensions/ebtable_broute.c \
+ extensions/ebtable_filter.c \
+ extensions/ebtable_nat.c
+
+ld_flags := -nostartfiles
+shared_libs := libebtc
+module_tags := eng
+
+$(foreach file,$(extensions_src_files), \
+ $(eval include $(CLEAR_VARS)) \
+ $(eval LOCAL_C_INCLUDES := $(c_includes)) \
+ $(eval LOCAL_ADDITIONAL_DEPENDENCIES := $(local_additional_dependencies)) \
+ $(eval LOCAL_SRC_FILES := $(file)) \
+ $(eval tmp_file := $(notdir $(file:%.c=%))) \
+ $(eval tmp_file := $(addprefix lib, $(tmp_file))) \
+ $(eval LOCAL_MODULE := $(tmp_file)) \
+ $(eval LOCAL_MODULE_TAGS := $(module_tags)) \
+ $(eval LOCAL_LDFLAGS := $(ld_flags)) \
+ $(eval LOCAL_CFLAGS := $(cflags)) \
+ $(eval LOCAL_SHARED_LIBRARIES := $(shared_libs)) \
+ $(eval include $(BUILD_SHARED_LIBRARY)) \
+)
+
+
+###############################
+include $(CLEAR_VARS)
+
+LOCAL_C_INCLUDES := $(LOCAL_PATH)/include
+LOCAL_C_INCLUDES += $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr/include
+LOCAL_ADDITIONAL_DEPENDENCIES := $(TARGET_OUT_INTERMEDIATES)/KERNEL_OBJ/usr
+
+LOCAL_CFLAGS += -DPROGNAME=\"ebtables\" \
+ -DPROGVERSION=\"2.0.10\" \
+ -DPROGDATE=\"December\ 2011\"
+
+LOCAL_SRC_FILES := ebtables-standalone.c
+
+LOCAL_SHARED_LIBRARIES += \
+ libebtc \
+ libebt_802_3 \
+ libebt_among \
+ libebt_arp \
+ libebt_arpreply \
+ libebt_ip \
+ libebt_ip6 \
+ libebt_limit \
+ libebt_log \
+ libebt_mark \
+ libebt_mark_m \
+ libebt_nat \
+ libebt_nflog \
+ libebt_pkttype \
+ libebt_redirect \
+ libebt_standard \
+ libebt_stp \
+ libebt_ulog \
+ libebt_vlan \
+ libebtable_broute \
+ libebtable_filter \
+ libebtable_nat
+
+LOCAL_MODULE := ebtables
+
+LOCAL_MODULE_TAGS := optional
+
+include $(BUILD_EXECUTABLE)
+
+
+#######dss_test_104##########
+include $(CLEAR_VARS)
+LOCAL_MODULE:= ethertypes
+LOCAL_MODULE_CLASS := EXECUTABLES
+LOCAL_SRC_FILES := ethertypes
+LOCAL_MODULE_TAGS := optional
+LOCAL_MODULE_PATH := $(TARGET_OUT_ETC)
+include $(BUILD_PREBUILT)
+
diff --git a/userspace/ebtables2/include/ebtables_u.h b/userspace/ebtables2/include/ebtables_u.h
index ab615c1..07dae8e 100644
--- a/userspace/ebtables2/include/ebtables_u.h
+++ b/userspace/ebtables2/include/ebtables_u.h
@@ -24,7 +24,14 @@
#ifndef EBTABLES_U_H
#define EBTABLES_U_H
#include <netinet/in.h>
+
+#ifdef __ANDROID_API__
+#pragma message "Found __ANDRIOD_API__, #undef __unused"
+#undef __unused
+#include <ebtables.h>
+#else
#include <linux/netfilter_bridge/ebtables.h>
+#endif
#include <linux/netfilter/x_tables.h>
#ifndef IPPROTO_SCTP
diff --git a/userspace/ebtables2/include/ethernetdb.h b/userspace/ebtables2/include/ethernetdb.h
index 46d8bfd..22b6f7f 100644
--- a/userspace/ebtables2/include/ethernetdb.h
+++ b/userspace/ebtables2/include/ethernetdb.h
@@ -30,6 +30,8 @@
#define _PATH_ETHERTYPES "/etc/ethertypes"
#endif /* _PATH_ETHERTYPES */
+#define __THROW
+
struct ethertypeent {
char *e_name; /* Official ethernet type name. */
char **e_aliases; /* Alias list. */