[NETFILTER]: iptables 32bit compat layer
This patch extends current iptables compatibility layer in order to get
32bit iptables to work on 64bit kernel. Current layer is insufficient due
to alignment checks both in kernel and user space tools.
Patch is for current net-2.6.17 with addition of move of ipt_entry_{match|
target} definitions to xt_entry_{match|target}.
Signed-off-by: Dmitry Mishin <dim@openvz.org>
Acked-off-by: Kirill Korotaev <dev@openvz.org>
Signed-off-by: Patrick McHardy <kaber@trash.net>
Signed-off-by: David S. Miller <davem@davemloft.net>
This commit is contained in:
Dmitry Mishin
committed by
David S. Miller
David S. Miller
parent
e64a70be51
commit
2722971cbe
@@ -476,8 +476,7 @@ asmlinkage long compat_sys_setsockopt(int fd, int level, int optname,
|
||||
int err;
|
||||
struct socket *sock;
|
||||
|
||||
/* SO_SET_REPLACE seems to be the same in all levels */
|
||||
if (optname == IPT_SO_SET_REPLACE)
|
||||
if (level == SOL_IPV6 && optname == IPT_SO_SET_REPLACE)
|
||||
return do_netfilter_replace(fd, level, optname,
|
||||
optval, optlen);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user