[NETFILTER]: iptables 32bit compat layer This patch extends current iptables compatibility layer in order to get 32bit iptables to work on 64bit kernel. Current layer is insufficient due to alignment checks both in kernel and user space tools. Patch is for current net-2.6.17 with addition of move of ipt_entry_{match| target} definitions to xt_entry_{match|target}. Signed-off-by: Dmitry Mishin <dim@openvz.org> Acked-off-by: Kirill Korotaev <dev@openvz.org> Signed-off-by: Patrick McHardy <kaber@trash.net> Signed-off-by: David S. Miller <davem@davemloft.net>

commit: 2722971cbe831117686039d5c334f2c0f560be13 [log] [tgz]
author: Dmitry Mishin <dim@openvz.org> Sat Apr 01 02:25:19 2006 -0800
committer: David S. Miller <davem@davemloft.net> Sat Apr 01 02:25:19 2006 -0800
tree: b810ea96778e4f5de2a7713685c0551aa34c8f97
parent: e64a70be5175ac2c209fa742123a6ce845852e0e [diff] [blame]
diff --git a/net/compat.c b/net/compat.c
index 8fd37cd..d5d69fa 100644
--- a/net/compat.c
+++ b/net/compat.c

@@ -476,8 +476,7 @@
 	int err;
 	struct socket *sock;
 
-	/* SO_SET_REPLACE seems to be the same in all levels */
-	if (optname == IPT_SO_SET_REPLACE)
+	if (level == SOL_IPV6 && optname == IPT_SO_SET_REPLACE)
 		return do_netfilter_replace(fd, level, optname,
 					    optval, optlen);
commit	2722971cbe831117686039d5c334f2c0f560be13	[log] [tgz]
author	Dmitry Mishin <dim@openvz.org>	Sat Apr 01 02:25:19 2006 -0800
committer	David S. Miller <davem@davemloft.net>	Sat Apr 01 02:25:19 2006 -0800
tree	b810ea96778e4f5de2a7713685c0551aa34c8f97
parent	e64a70be5175ac2c209fa742123a6ce845852e0e [diff] [blame]