| <!-- |
| Copyright 2012 The Android Open Source Project |
| |
| Licensed under the Apache License, Version 2.0 (the "License"); |
| you may not use this file except in compliance with the License. |
| You may obtain a copy of the License at |
| |
| http://www.apache.org/licenses/LICENSE-2.0 |
| |
| Unless required by applicable law or agreed to in writing, software |
| distributed under the License is distributed on an "AS IS" BASIS, |
| WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| See the License for the specific language governing permissions and |
| limitations under the License. |
| --> |
| |
| This is a summary of the main changes in the kernel that diverge from mainline. |
| |
| * added net/netfilter/xt_qtaguid* |
| * imported then modified net/netfilter/xt_quota2.c from xtables-addons project |
| * fixes in net/netfilter/ip6_tables.c |
| * modified ip*t_REJECT.c |
| * modified net/netfilter/xt_socket.c |
| |
| A few comments on the kernel configuration: |
| |
| * xt_qtaguid masquerades as xt_owner and relies on xt_socket and itself relies on the connection tracker. |
| * The connection tracker can't handle large SIP packets, it must be disabled. |
| * The modified xt_quota2 uses the NFLOG support to notify userspace. |