commit libnetfilter_queue for openSUSE:Factory

2 Nov 2010

Hello community,

here is the log from the commit of package libnetfilter_queue for openSUSE:Factory
checked in at Tue Nov 2 16:16:25 CET 2010.



--------

--- libnetfilter_queue/libnetfilter_queue.changes	2010-02-23 23:23:00.000000000 +0100
+++ /mounts/work_src_done/STABLE/libnetfilter_queue/libnetfilter_queue.changes	2010-11-02 14:00:06.000000000 +0100
@@ -1,0 +2,7 @@
+Sun Jul 11 16:44:46 UTC 2010 - jengelh@medozas.de
+
+- Update to new upstream release 1.0.0
+* Deprecate nfq_set_verdict_mark in favor of nfq_set_verdict2
+* Add nfq_snprintf_xml to output packet as XML
+
+-------------------------------------------------------------------

calling whatdependson for head-i586


Old:
----
  libnetfilter_queue-0.0.17.tar.bz2

New:
----
  libnetfilter_queue-1.0.0.tar.bz2

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ libnetfilter_queue.spec ++++++
--- /var/tmp/diff_new_pack.NaUaxi/_old	2010-11-02 16:16:09.000000000 +0100
+++ /var/tmp/diff_new_pack.NaUaxi/_new	2010-11-02 16:16:09.000000000 +0100
@@ -1,5 +1,5 @@
 #
-# spec file for package libnetfilter_queue (Version 0.0.17)
+# spec file for package libnetfilter_queue (Version 1.0.0)
 #
 # Copyright (c) 2010 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
@@ -20,12 +20,12 @@
 %define soname 1
 
 Name:           libnetfilter_queue
-Version:        0.0.17
+Version:        1.0.0
 Release:        1
 License:        GNU GPL v2
 Group:          Productivity/Networking/Security
 Url:            http://netfilter.org/projects/libnetfilter_queue/
-Source:         http://netfilter.org/projects/libnetfilter_queue/files/%{name}-%{version}.tar.bz2
+Source:         http://netfilter.org/projects/libnetfilter_queue/files/%name-%version.tar.bz...
 Source2:        baselibs.conf
 BuildRoot:      %{_tmppath}/%{name}-%{version}-build
 BuildRequires:  libnfnetlink-devel linux-kernel-headers >= 2.6.14 pkg-config
@@ -38,27 +38,27 @@
 
 libnetfilter_queue has been previously known as libnfnetlink_queue.
 
-%define debug_package_requires %{name}%{soname} = %{version}-%{release}
+%define debug_package_requires %name%soname = %version-%release
 
-%package -n %{name}%{soname}
+%package -n %name%soname
 
 Group:          System/Libraries
 Summary:        Userspace library for packets that have been queued by the kernel packet filter
 
-%description -n %{name}%{soname}
+%description -n %name%soname
 libnetfilter_queue is a userspace library providing an API to packets
 that have been queued by the kernel packet filter. It is is part of a
 system that deprecates the old ip_queue / libipq mechanism.
 
 libnetfilter_queue has been previously known as libnfnetlink_queue.
 
-%package -n %{name}-devel
-
+%package devel
+License:        GNU GPL v2
 Group:          Development/Libraries/C and C++
-Requires:       %{name}%{soname} = %{version} libnfnetlink-devel
+Requires:       %name%soname = %version, libnfnetlink-devel
 Summary:        Userspace library for packets that have been queued by the kernel packet filter
 
-%description -n %{name}-devel
+%description devel
 libnetfilter_queue is a userspace library providing an API to packets
 that have been queued by the kernel packet filter. It is is part of a
 system that deprecates the old ip_queue / libipq mechanism.
@@ -74,25 +74,20 @@
 
 %install
 %makeinstall
-find %{buildroot} -name "*.la" -delete
-
-%post -n %{name}%{soname} -p /sbin/ldconfig
+find "%buildroot" -name "*.la" -delete
 
-%postun -n %{name}%{soname} -p /sbin/ldconfig
+%post -n %name%soname -p /sbin/ldconfig
 
-%clean
-test "%{buildroot}" != "/" && %__rm -rf %{buildroot}
+%postun -n %name%soname -p /sbin/ldconfig
 
-%files -n %{name}%{soname}
+%files -n %name%soname
 %defattr(-,root,root)
-%{_libdir}/libnetfilter_queue.so.%{soname}*
-%{_libdir}/libnetfilter_queue_libipq.so.%{soname}*
+%_libdir/libnetfilter_queue.so.%{soname}*
 
 %files -n %{name}-devel
 %defattr(-,root,root)
-%{_includedir}/libnetfilter_queue
-%{_libdir}/libnetfilter_queue.so
-%{_libdir}/libnetfilter_queue_libipq.so
-%{_libdir}/pkgconfig/libnetfilter_queue.pc
+%_includedir/libnetfilter_queue
+%_libdir/libnetfilter_queue.so
+%_libdir/pkgconfig/libnetfilter_queue.pc
 
 %changelog

++++++ libnetfilter_queue-0.0.17.tar.bz2 -> libnetfilter_queue-1.0.0.tar.bz2 ++++++
++++ 59284 lines of diff (skipped)
++++    retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/Makefile.am new/libnetfilter_queue-1.0.0/Makefile.am
--- old/libnetfilter_queue-0.0.17/Makefile.am	2008-05-16 17:29:58.000000000 +0200
+++ new/libnetfilter_queue-1.0.0/Makefile.am	2010-07-11 17:30:25.000000000 +0200
@@ -1,5 +1,29 @@
+# This is _NOT_ the library release version, it's an API version.
+# Extracted from Chapter 6 "Library interface versions" of the libtool docs.
+#
+# <snippet>
+# Here are a set of rules to help you update your library version information:
+#
+# 1. Start with version information of `0:0:0' for each libtool library.
+# 2. Update the version information only immediately before a public release
+# of your software. More frequent updates are unnecessary, and only guarantee
+# that the current interface number gets larger faster.
+# 3. If the library source code has changed at all since the last update,
+# then increment revision (`c:r:a' becomes `c:r+1:a').
+# 4. If any interfaces have been added, removed, or changed since the last
+# update, increment current, and set revision to 0.
+# 5. If any interfaces have been added since the last public release, then
+# increment age.
+# 6. If any interfaces have been removed since the last public release, then
+# set age to 0.
+# </snippet>
+#
+LIBVERSION=1:0:1
+
 AUTOMAKE_OPTIONS = foreign dist-bzip2 1.6
 
+ACLOCAL_AMFLAGS = -I m4
+
 EXTRA_DIST = $(man_MANS) 
 
 SUBDIRS = include src utils
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/configure.in new/libnetfilter_queue-1.0.0/configure.in
--- old/libnetfilter_queue-0.0.17/configure.in	2009-03-06 17:01:38.000000000 +0100
+++ new/libnetfilter_queue-1.0.0/configure.in	2010-07-11 17:30:25.000000000 +0200
@@ -2,8 +2,9 @@
 
 AC_INIT
 AC_CANONICAL_SYSTEM
+AC_CONFIG_MACRO_DIR([m4])
 
-AM_INIT_AUTOMAKE(libnetfilter_queue, 0.0.17)
+AM_INIT_AUTOMAKE(libnetfilter_queue, 1.0.0)
 
 AC_PROG_CC
 AC_EXEEXT
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/doxygen.cfg.in new/libnetfilter_queue-1.0.0/doxygen.cfg.in
--- old/libnetfilter_queue-0.0.17/doxygen.cfg.in	2009-01-06 13:16:45.000000000 +0100
+++ new/libnetfilter_queue-1.0.0/doxygen.cfg.in	2009-12-27 16:01:34.000000000 +0100
@@ -16,7 +16,6 @@
 JAVADOC_AUTOBRIEF      = NO
 QT_AUTOBRIEF           = NO
 MULTILINE_CPP_IS_BRIEF = NO
-DETAILS_AT_TOP         = NO
 INHERIT_DOCS           = YES
 SEPARATE_MEMBER_PAGES  = NO
 TAB_SIZE               = 8
@@ -95,7 +94,7 @@
 GENERATE_HTML          = YES
 HTML_OUTPUT            = html
 HTML_FILE_EXTENSION    = .html
-HTML_HEADER            = "header.html"
+HTML_HEADER            = 
 HTML_STYLESHEET        = 
 HTML_ALIGN_MEMBERS     = YES
 GENERATE_HTMLHELP      = NO
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/include/libnetfilter_queue/Makefile.am new/libnetfilter_queue-1.0.0/include/libnetfilter_queue/Makefile.am
--- old/libnetfilter_queue-0.0.17/include/libnetfilter_queue/Makefile.am	2008-05-16 17:29:58.000000000 +0200
+++ new/libnetfilter_queue-1.0.0/include/libnetfilter_queue/Makefile.am	2010-07-11 17:30:10.000000000 +0200
@@ -1,3 +1,3 @@
 
-pkginclude_HEADERS = libnetfilter_queue.h libipq.h linux_nfnetlink_queue.h
+pkginclude_HEADERS = libnetfilter_queue.h linux_nfnetlink_queue.h
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/include/libnetfilter_queue/libipq.h new/libnetfilter_queue-1.0.0/include/libnetfilter_queue/libipq.h
--- old/libnetfilter_queue-0.0.17/include/libnetfilter_queue/libipq.h	2008-06-27 12:11:02.000000000 +0200
+++ new/libnetfilter_queue-1.0.0/include/libnetfilter_queue/libipq.h	1970-01-01 01:00:00.000000000 +0100
@@ -1,96 +0,0 @@
-/*
- * libipq.h
- *
- * IPQ library for userspace.
- *
- * Author: James Morris <jmorris@intercode.com.au>
- *
- * Copyright (c) 2000-2001 Netfilter Core Team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- */
-#ifndef _LIBIPQ_H
-#define _LIBIPQ_H
-
-#include <errno.h>
-#include <unistd.h>
-#include <fcntl.h>
-#include <sys/types.h>
-#include <sys/socket.h>
-#include <sys/uio.h>
-#include <asm/types.h>
-#include <linux/netlink.h>
-
-#ifdef KERNEL_64_USERSPACE_32
-#include "ip_queue_64.h"
-typedef u_int64_t ipq_id_t;
-#else
-#include <linux/netfilter_ipv4/ip_queue.h>
-typedef unsigned long ipq_id_t;
-#endif
-
-#ifdef DEBUG_LIBIPQ
-#include <stdio.h>
-#define LDEBUG(x...) fprintf(stderr, ## x)
-#else
-#define LDEBUG(x...)
-#endif	/* DEBUG_LIBIPQ */
-
-/* FIXME: glibc sucks */
-#ifndef MSG_TRUNC
-#define MSG_TRUNC 0x20
-#endif
-
-#ifdef __cplusplus
-extern "C" {
-#endif
-
-struct ipq_handle
-{
-	struct nfq_handle *nfqnlh;
-	struct nfq_q_handle *qh;
-	u_int8_t family;
-	u_int8_t blocking;
-};
-
-struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol);
-
-int ipq_destroy_handle(struct ipq_handle *h);
-
-ssize_t ipq_read(const struct ipq_handle *h,
-                unsigned char *buf, size_t len, int timeout);
-
-int ipq_set_mode(const struct ipq_handle *h, u_int8_t mode, size_t len);
-
-ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf);
-
-int ipq_message_type(const unsigned char *buf);
-
-int ipq_get_msgerr(const unsigned char *buf);
-
-int ipq_set_verdict(const struct ipq_handle *h,
-                    ipq_id_t id,
-                    unsigned int verdict,
-                    size_t data_len,
-                    unsigned char *buf);
-
-int ipq_ctl(const struct ipq_handle *h, int request, ...);
-
-char *ipq_errstr(void);
-void ipq_perror(const char *s);
-
-#ifdef __cplusplus
-} /* extern "C" */
-#endif
-
-#endif	/* _LIBIPQ_H */
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/include/libnetfilter_queue/libnetfilter_queue.h new/libnetfilter_queue-1.0.0/include/libnetfilter_queue/libnetfilter_queue.h
--- old/libnetfilter_queue-0.0.17/include/libnetfilter_queue/libnetfilter_queue.h	2009-01-06 13:13:05.000000000 +0100
+++ new/libnetfilter_queue-1.0.0/include/libnetfilter_queue/libnetfilter_queue.h	2010-06-13 21:29:19.000000000 +0200
@@ -60,14 +60,22 @@
 			     u_int32_t id,
 			     u_int32_t verdict,
 			     u_int32_t data_len,
-			     unsigned char *buf);
+			     const unsigned char *buf);
 
-extern int nfq_set_verdict_mark(struct nfq_q_handle *qh, 
-				  u_int32_t id,
-			   	  u_int32_t verdict, 
-				  u_int32_t mark,
-			   	  u_int32_t datalen,
-				  unsigned char *buf);
+extern int nfq_set_verdict2(struct nfq_q_handle *qh,
+			    u_int32_t id,
+			    u_int32_t verdict, 
+			    u_int32_t mark,
+			    u_int32_t datalen,
+			    const unsigned char *buf);
+
+extern __attribute__((deprecated))
+int nfq_set_verdict_mark(struct nfq_q_handle *qh, 
+			 u_int32_t id,
+			 u_int32_t verdict, 
+			 u_int32_t mark,
+			 u_int32_t datalen,
+			 const unsigned char *buf);
 
 /* message parsing function */
 
@@ -96,7 +104,19 @@
 extern struct nfqnl_msg_packet_hw *nfq_get_packet_hw(struct nfq_data *nfad);
 
 /* return -1 if problem, length otherwise */
-extern int nfq_get_payload(struct nfq_data *nfad, char **data);
+extern int nfq_get_payload(struct nfq_data *nfad, unsigned char **data);
+
+enum {
+	NFQ_XML_HW	= (1 << 0),
+	NFQ_XML_MARK	= (1 << 1),
+	NFQ_XML_DEV	= (1 << 2),
+	NFQ_XML_PHYSDEV	= (1 << 3),
+	NFQ_XML_PAYLOAD	= (1 << 4),
+	NFQ_XML_TIME	= (1 << 5),
+	NFQ_XML_ALL	= ~0U,
+};
+
+extern int nfq_snprintf_xml(char *buf, size_t len, struct nfq_data *tb, int flags);
 
 #ifdef __cplusplus
 } /* extern "C" */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/missing new/libnetfilter_queue-1.0.0/missing
--- old/libnetfilter_queue-0.0.17/missing	2008-02-10 03:55:24.000000000 +0100
+++ new/libnetfilter_queue-1.0.0/missing	2010-01-18 07:28:57.000000000 +0100
@@ -1,10 +1,10 @@
 #! /bin/sh
 # Common stub for a few missing GNU programs while installing.
 
-scriptversion=2006-05-10.23
+scriptversion=2009-04-28.21; # UTC
 
-# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006
-#   Free Software Foundation, Inc.
+# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006,
+# 2008, 2009 Free Software Foundation, Inc.
 # Originally by Fran,cois Pinard <pinard@iro.umontreal.ca>, 1996.
 
 # This program is free software; you can redistribute it and/or modify
@@ -18,9 +18,7 @@
 # GNU General Public License for more details.
 
 # You should have received a copy of the GNU General Public License
-# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-# 02110-1301, USA.
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
 
 # As a special exception to the GNU General Public License, if you
 # distribute this file as part of a program that contains a
@@ -89,6 +87,9 @@
   tar          try tar, gnutar, gtar, then tar without non-portable flags
   yacc         create \`y.tab.[ch]', if possible, from existing .[ch]
 
+Version suffixes to PROGRAM as well as the prefixes \`gnu-', \`gnu', and
+\`g' are ignored when checking the name.
+
 Send bug reports to <bug-automake@gnu.org>."
     exit $?
     ;;
@@ -106,15 +107,22 @@
 
 esac
 
+# normalize program name to check for.
+program=`echo "$1" | sed '
+  s/^gnu-//; t
+  s/^gnu//; t
+  s/^g//; t'`
+
 # Now exit if we have it, but it failed.  Also exit now if we
 # don't have it and --version was passed (most likely to detect
-# the program).
+# the program).  This is about non-GNU programs, so use $1 not
+# $program.
 case $1 in
-  lex|yacc)
+  lex*|yacc*)
     # Not GNU programs, they don't have --version.
     ;;
 
-  tar)
+  tar*)
     if test -n "$run"; then
        echo 1>&2 "ERROR: \`tar' requires --run"
        exit 1
@@ -138,7 +146,7 @@
 
 # If it does not exist, or fails to run (possibly an outdated version),
 # try to emulate it.
-case $1 in
+case $program in
   aclocal*)
     echo 1>&2 "\
 WARNING: \`$1' is $msg.  You should only need it if
@@ -148,7 +156,7 @@
     touch aclocal.m4
     ;;
 
-  autoconf)
+  autoconf*)
     echo 1>&2 "\
 WARNING: \`$1' is $msg.  You should only need it if
          you modified \`${configure_ac}'.  You might want to install the
@@ -157,7 +165,7 @@
     touch configure
     ;;
 
-  autoheader)
+  autoheader*)
     echo 1>&2 "\
 WARNING: \`$1' is $msg.  You should only need it if
          you modified \`acconfig.h' or \`${configure_ac}'.  You might want
@@ -187,7 +195,7 @@
 	   while read f; do touch "$f"; done
     ;;
 
-  autom4te)
+  autom4te*)
     echo 1>&2 "\
 WARNING: \`$1' is needed, but is $msg.
          You might have modified some files without having the
@@ -210,7 +218,7 @@
     fi
     ;;
 
-  bison|yacc)
+  bison*|yacc*)
     echo 1>&2 "\
 WARNING: \`$1' $msg.  You should only need it if
          you modified a \`.y' file.  You may need the \`Bison' package
@@ -240,7 +248,7 @@
     fi
     ;;
 
-  lex|flex)
+  lex*|flex*)
     echo 1>&2 "\
 WARNING: \`$1' is $msg.  You should only need it if
          you modified a \`.l' file.  You may need the \`Flex' package
@@ -263,7 +271,7 @@
     fi
     ;;
 
-  help2man)
+  help2man*)
     echo 1>&2 "\
 WARNING: \`$1' is $msg.  You should only need it if
 	 you modified a dependency of a manual page.  You may need the
@@ -277,11 +285,11 @@
     else
 	test -z "$file" || exec >$file
 	echo ".ab help2man is required to generate this page"
-	exit 1
+	exit $?
     fi
     ;;
 
-  makeinfo)
+  makeinfo*)
     echo 1>&2 "\
 WARNING: \`$1' is $msg.  You should only need it if
          you modified a \`.texi' or \`.texinfo' file, or any other file
@@ -310,7 +318,7 @@
     touch $file
     ;;
 
-  tar)
+  tar*)
     shift
 
     # We have already tried tar in the generic part.
@@ -363,5 +371,6 @@
 # eval: (add-hook 'write-file-hooks 'time-stamp)
 # time-stamp-start: "scriptversion="
 # time-stamp-format: "%:y-%02m-%02d.%02H"
-# time-stamp-end: "$"
+# time-stamp-time-zone: "UTC"
+# time-stamp-end: "; # UTC"
 # End:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/src/Makefile.am new/libnetfilter_queue-1.0.0/src/Makefile.am
--- old/libnetfilter_queue-0.0.17/src/Makefile.am	2008-05-16 17:29:58.000000000 +0200
+++ new/libnetfilter_queue-1.0.0/src/Makefile.am	2009-12-27 16:01:16.000000000 +0100
@@ -6,14 +6,8 @@
 AM_CFLAGS = -fPIC -Wall
 LIBS = @LIBNFQUEUE_LIBS@
 
-lib_LTLIBRARIES = libnetfilter_queue.la libnetfilter_queue_libipq.la
+lib_LTLIBRARIES = libnetfilter_queue.la
 
 libnetfilter_queue_la_LDFLAGS = -Wc,-nostartfiles -lnfnetlink \
 				-version-info $(LIBVERSION)
 libnetfilter_queue_la_SOURCES = libnetfilter_queue.c 
-
-libnetfilter_queue_libipq_la_LDFLAGS = -Wc,-nostartfiles \
-				-version-info 1:0:0
-libnetfilter_queue_libipq_la_LIBADD = ./libnetfilter_queue.la
-libnetfilter_queue_libipq_la_SOURCES = libipq_compat.c
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/src/libipq_compat.c new/libnetfilter_queue-1.0.0/src/libipq_compat.c
--- old/libnetfilter_queue-0.0.17/src/libipq_compat.c	2008-05-16 17:29:58.000000000 +0200
+++ new/libnetfilter_queue-1.0.0/src/libipq_compat.c	1970-01-01 01:00:00.000000000 +0100
@@ -1,247 +0,0 @@
-/*
- * libipq - backwards compatibility library for libnetfilter_queue
- *
- * (C) 2005 by Harald Welte <laforge@netfilter.org>
- *
- * Based on original libipq.c, 
- * Author: James Morris <jmorris@intercode.com.au>
- * 07-11-2001 Modified by Fernando Anton to add support for IPv6.
- * Copyright (c) 2000-2001 Netfilter Core Team
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- * GNU General Public License for more details.
- *
- */
-
-#include <stdlib.h>
-#include <stdio.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/time.h>
-#include <sys/types.h>
-
-#include <libnetfilter_queue/libnetfilter_queue.h>
-#include <libnetfilter_queue/libipq.h>
-
-/****************************************************************************
- *
- * Private interface
- *
- ****************************************************************************/
-
-enum {
-	IPQ_ERR_NONE = 0,
-	IPQ_ERR_IMPL,
-	IPQ_ERR_HANDLE,
-	IPQ_ERR_SOCKET,
-	IPQ_ERR_BIND,
-	IPQ_ERR_BUFFER,
-	IPQ_ERR_RECV,
-	IPQ_ERR_NLEOF,
-	IPQ_ERR_ADDRLEN,
-	IPQ_ERR_STRUNC,
-	IPQ_ERR_RTRUNC,
-	IPQ_ERR_NLRECV,
-	IPQ_ERR_SEND,
-	IPQ_ERR_SUPP,
-	IPQ_ERR_RECVBUF,
-	IPQ_ERR_TIMEOUT,
-        IPQ_ERR_PROTOCOL
-};
-#define IPQ_MAXERR IPQ_ERR_PROTOCOL
-
-struct ipq_errmap_t {
-	int errcode;
-	char *message;
-} ipq_errmap[] = {
-	{ IPQ_ERR_NONE, "Unknown error" },
-	{ IPQ_ERR_IMPL, "Implementation error" },
-	{ IPQ_ERR_HANDLE, "Unable to create netlink handle" },
-	{ IPQ_ERR_SOCKET, "Unable to create netlink socket" },
-	{ IPQ_ERR_BIND, "Unable to bind netlink socket" },
-	{ IPQ_ERR_BUFFER, "Unable to allocate buffer" },
-	{ IPQ_ERR_RECV, "Failed to receive netlink message" },
-	{ IPQ_ERR_NLEOF, "Received EOF on netlink socket" },
-	{ IPQ_ERR_ADDRLEN, "Invalid peer address length" },
-	{ IPQ_ERR_STRUNC, "Sent message truncated" },
-	{ IPQ_ERR_RTRUNC, "Received message truncated" },
-	{ IPQ_ERR_NLRECV, "Received error from netlink" },
-	{ IPQ_ERR_SEND, "Failed to send netlink message" },
-	{ IPQ_ERR_SUPP, "Operation not supported" },
-	{ IPQ_ERR_RECVBUF, "Receive buffer size invalid" },
-	{ IPQ_ERR_TIMEOUT, "Timeout"},
-	{ IPQ_ERR_PROTOCOL, "Invalid protocol specified" }
-};
-
-static int ipq_errno = IPQ_ERR_NONE;
-
-static char *ipq_strerror(int errcode)
-{
-	if (errcode < 0 || errcode > IPQ_MAXERR)
-		errcode = IPQ_ERR_IMPL;
-	return ipq_errmap[errcode].message;
-}
-
-/****************************************************************************
- *
- * Public interface
- *
- ****************************************************************************/
-
-/*
- * Create and initialise an ipq handle.
- */
-struct ipq_handle *ipq_create_handle(u_int32_t flags, u_int32_t protocol)
-{
-	int status;
-	struct ipq_handle *h;
-
-	h = (struct ipq_handle *)malloc(sizeof(struct ipq_handle));
-	if (h == NULL) {
-		ipq_errno = IPQ_ERR_HANDLE;
-		return NULL;
-	}
-	
-	memset(h, 0, sizeof(struct ipq_handle));
-
-	h->nfqnlh = nfq_open();
-	if (!h->nfqnlh) {
-		ipq_errno = IPQ_ERR_SOCKET;
-		goto err_free;
-	}
-	
-        if (protocol == PF_INET)
-		status = nfq_bind_pf(h->nfqnlh, PF_INET);
-        else if (protocol == PF_INET6)
-		status = nfq_bind_pf(h->nfqnlh, PF_INET6);
-        else {
-		ipq_errno = IPQ_ERR_PROTOCOL;
-		goto err_close;
-        }
-	h->family = protocol;
-	if (status < 0) {
-		ipq_errno = IPQ_ERR_BIND;
-		goto err_close;
-	}
-
-	h->qh = nfq_create_queue(h->nfqnlh, 0, NULL, NULL);
-	if (!h->qh) {
-		ipq_errno = IPQ_ERR_BIND;
-		goto err_close;
-	}
-
-	return h;
-
-err_close:
-	nfq_close(h->nfqnlh);
-err_free:
-	free(h);
-	return NULL;
-}
-
-/*
- * No error condition is checked here at this stage, but it may happen
- * if/when reliable messaging is implemented.
- */
-int ipq_destroy_handle(struct ipq_handle *h)
-{
-	if (h) {
-		nfq_close(h->nfqnlh);
-		free(h);
-	}
-	return 0;
-}
-
-int ipq_set_mode(const struct ipq_handle *h,
-                 u_int8_t mode, size_t range)
-{
-	return nfq_set_mode(h->qh, mode, range);
-}
-
-/*
- * timeout is in microseconds (1 second is 1000000 (1 million) microseconds)
- *
- */
-ssize_t ipq_read(const struct ipq_handle *h,
-                 unsigned char *buf, size_t len, int timeout)
-{
-	struct nfattr *tb[NFQA_MAX];
-	struct nlmsghdr *nlh = (struct nlmsghdr *)buf;
-	struct nfgenmsg *msg = NULL;
-	struct nfattr *nfa;
-
-	//return ipq_netlink_recvfrom(h, buf, len, timeout);
-	
-	/* This really sucks.  We have to copy the whole packet
-	 * in order to build a data structure that is compatible to
-	 * the old ipq interface... */
-
-	nfa = nfnl_parse_hdr(nfq_nfnlh(h->nfqnlh), nlh, &msg);
-	if (!msg || !nfa)
-		return 0;
-
-	if (msg->nfgen_family != h->family)
-		return 0;
-	
-	nfnl_parse_attr(tb, NFQA_MAX, nfa, 0xffff);
-
-
-	return 0;
-}
-
-int ipq_message_type(const unsigned char *buf)
-{
-	return ((struct nlmsghdr*)buf)->nlmsg_type;
-}
-
-int ipq_get_msgerr(const unsigned char *buf)
-{
-	struct nlmsghdr *h = (struct nlmsghdr *)buf;
-	struct nlmsgerr *err = (struct nlmsgerr*)NLMSG_DATA(h);
-	return -err->error;
-}
-
-ipq_packet_msg_t *ipq_get_packet(const unsigned char *buf)
-{
-	return NLMSG_DATA((struct nlmsghdr *)(buf));
-}
-
-int ipq_set_verdict(const struct ipq_handle *h,
-                    ipq_id_t id,
-                    unsigned int verdict,
-                    size_t data_len,
-                    unsigned char *buf)
-{
-	return nfq_set_verdict(h->qh, id, verdict, data_len, buf);
-}
-
-/* Not implemented yet */
-int ipq_ctl(const struct ipq_handle *h, int request, ...)
-{
-	return 1;
-}
-
-char *ipq_errstr(void)
-{
-	return ipq_strerror(ipq_errno);
-}
-
-void ipq_perror(const char *s)
-{
-	if (s)
-		fputs(s, stderr);
-	else
-		fputs("ERROR", stderr);
-	if (ipq_errno)
-		fprintf(stderr, ": %s", ipq_errstr());
-	if (errno)
-		fprintf(stderr, ": %s", strerror(errno));
-	fputc('\n', stderr);
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/src/libnetfilter_queue.c new/libnetfilter_queue-1.0.0/src/libnetfilter_queue.c
--- old/libnetfilter_queue-0.0.17/src/libnetfilter_queue.c	2009-02-17 20:55:23.000000000 +0100
+++ new/libnetfilter_queue-1.0.0/src/libnetfilter_queue.c	2010-07-11 15:07:54.000000000 +0200
@@ -55,6 +55,10 @@
  * The current development version of libnetfilter_queue can be accessed
  * at https://git.netfilter.org/cgi-bin/gitweb.cgi?p=libnetfilter_queue.git;a=summ....
  *
+ * \section Privileges
+ * You need the CAP_NET_ADMIN capability in order to allow your application
+ * to receive from and to send packets to kernel-space.
+ *
  * \section Using libnetfilter_queue
  * 
  * To write your own program using libnetfilter_queue, you should start by reading
@@ -207,13 +211,22 @@
  * \verbatim
 	fd = nfq_fd(h);
 
-	while ((rv = recv(fd, buf, sizeof(buf), 0)) && rv >= 0) {
+	while ((rv = recv(fd, buf, sizeof(buf), 0)) >= 0) {
 		printf("pkt received\n");
 		nfq_handle_packet(h, buf, rv);
 	}
 \endverbatim
  * When the decision on a packet has been choosed, the verdict has to be given
- * by calling nfq_set_verdict() or nfq_set_verdict_mark().
+ * by calling nfq_set_verdict() or nfq_set_verdict2(). The verdict
+ * determines the destiny of the packet as follows:
+ *
+ *   - NF_DROP discarded the packet
+ *   - NF_ACCEPT the packet passes, continue iterations
+ *   - NF_STOLEN gone away
+ *   - NF_QUEUE inject the packet into a different queue
+ *     (the target queue number is in the high 16 bits of the verdict)
+ *   - NF_REPEAT iterate the same cycle once more
+ *   - NF_STOP accept, but don't continue iterations
  *
  * Data and information about the packet can be fetch by using message parsing
  * functions (See \link Parsing \endlink).
@@ -537,6 +550,8 @@
  * - NFQNL_COPY_NONE - do not copy any data
  * - NFQNL_COPY_META - copy only packet metadata
  * - NFQNL_COPY_PACKET - copy entire packet
+ *
+ * \return -1 on error; >=0 otherwise.
  */
 int nfq_set_mode(struct nfq_q_handle *qh,
 		u_int8_t mode, u_int32_t range)
@@ -567,6 +582,8 @@
  * Sets the size of the queue in kernel. This fixes the maximum number
  * of packets the kernel will store before internally before dropping
  * upcoming packets.
+ *
+ * \return -1 on error; >=0 otherwise.
  */
 int nfq_set_queue_maxlen(struct nfq_q_handle *qh,
 				u_int32_t queuelen)
@@ -593,7 +610,7 @@
 
 static int __set_verdict(struct nfq_q_handle *qh, u_int32_t id,
 		u_int32_t verdict, u_int32_t mark, int set_mark,
-		u_int32_t data_len, unsigned char *data)
+		u_int32_t data_len, const unsigned char *data)
 {
 	struct nfqnl_msg_verdict_hdr vh;
 	union {
@@ -629,8 +646,9 @@
 	nvecs = 1;
 
 	if (data_len) {
+		/* The typecast here is to cast away data's const-ness: */
 		nfnl_build_nfa_iovec(&iov[1], &data_attr, NFQA_PAYLOAD,
-				data_len, data);
+				data_len, (unsigned char *) data);
 		nvecs += 2;
 		/* Add the length of the appended data to the message
 		 * header.  The size of the attribute is given in the
@@ -665,17 +683,19 @@
  *
  * Notifies netfilter of the userspace verdict for the given packet.  Every
  * queued packet _must_ have a verdict specified by userspace, either by
- * calling this function, or by calling the nfq_set_verdict_mark() function.
+ * calling this function, or by calling the nfq_set_verdict2() function.
+ *
+ * \return -1 on error; >= 0 otherwise.
  */
 int nfq_set_verdict(struct nfq_q_handle *qh, u_int32_t id,
 		u_int32_t verdict, u_int32_t data_len, 
-		unsigned char *buf)
+		const unsigned char *buf)
 {
 	return __set_verdict(qh, id, verdict, 0, 0, data_len, buf);
 }	
 
 /**
- * nfq_set_verdict_mark - like nfq_set_verdict, but you can set the mark.
+ * nfq_set_verdict2 - like nfq_set_verdict, but you can set the mark.
  * \param qh Netfilter queue handle obtained by call to nfq_create_queue().
  * \param id	ID assigned to packet by netfilter.
  * \param verdict verdict to return to netfilter (NF_ACCEPT, NF_DROP)
@@ -683,9 +703,30 @@
  * \param data_len number of bytes of data pointed to by #buf
  * \param buf the buffer that contains the packet data
  */
+int nfq_set_verdict2(struct nfq_q_handle *qh, u_int32_t id,
+		     u_int32_t verdict, u_int32_t mark,
+		     u_int32_t data_len, const unsigned char *buf)
+{
+	return __set_verdict(qh, id, verdict, htonl(mark), 1, data_len, buf);
+}
+
+/**
+ * nfq_set_verdict_mark - like nfq_set_verdict, but you can set the mark.
+ * \param qh Netfilter queue handle obtained by call to nfq_create_queue().
+ * \param id	ID assigned to packet by netfilter.
+ * \param verdict verdict to return to netfilter (NF_ACCEPT, NF_DROP)
+ * \param mark the mark to put on the packet, in network byte order.
+ * \param data_len number of bytes of data pointed to by #buf
+ * \param buf the buffer that contains the packet data
+ *
+ * \return -1 on error; >= 0 otherwise.
+ *
+ * This function is deprecated since it is broken, its use is highly
+ * discouraged. Please, use nfq_set_verdict2 instead.
+ */
 int nfq_set_verdict_mark(struct nfq_q_handle *qh, u_int32_t id,
 		u_int32_t verdict, u_int32_t mark,
-		u_int32_t data_len, unsigned char *buf)
+		u_int32_t data_len, const unsigned char *buf)
 {
 	return __set_verdict(qh, id, verdict, mark, 1, data_len, buf);
 }
@@ -825,11 +866,10 @@
  * was received through
  * \param nlif_handle pointer to a nlif interface resolving handle
  * \param nfad Netlink packet data handle passed to callback function
- * \param name pointer that will be set to the interface name string 
+ * \param name pointer to the buffer to receive the interface name;
+ *  not more than \c IFNAMSIZ bytes will be copied to it.
  * \return -1 in case of error, >0 if it succeed. 
  *
- * The #name variable will point to the name of the input interface.
- *
  * To use a nlif_handle, You need first to call nlif_open() and to open
  * an handler. Don't forget to store the result as it will be used 
  * during all your program life:
@@ -871,10 +911,8 @@
  * packet was received through
  * \param nlif_handle pointer to a nlif interface resolving handle
  * \param nfad Netlink packet data handle passed to callback function
- * \param name pointer that will be set to the interface name string 
- *
- * The #name variable will point to the name of the input physical
- * interface.
+ * \param name pointer to the buffer to receive the interface name;
+ *  not more than \c IFNAMSIZ bytes will be copied to it.
  *
  * See nfq_get_indev_name() documentation for nlif_handle usage.
  *
@@ -892,9 +930,8 @@
  * packet will be sent to
  * \param nlif_handle pointer to a nlif interface resolving handle
  * \param nfad Netlink packet data handle passed to callback function
- * \param name pointer that will be set to the interface name string 
- *
- * The #name variable will point to the name of the output interface.
+ * \param name pointer to the buffer to receive the interface name;
+ *  not more than \c IFNAMSIZ bytes will be copied to it.
  *
  * See nfq_get_indev_name() documentation for nlif_handle usage.
  *
@@ -912,9 +949,8 @@
  * packet will be sent to
  * \param nlif_handle pointer to a nlif interface resolving handle
  * \param nfad Netlink packet data handle passed to callback function
- * \param name pointer that will be set to the interface name string 
- * The #name variable will point to the name of the physical
- * output interface.
+ * \param name pointer to the buffer to receive the interface name;
+ *  not more than \c IFNAMSIZ bytes will be copied to it.
  *
  * See nfq_get_indev_name() documentation for nlif_handle usage.
  *
@@ -967,7 +1003,7 @@
  *
  * \return -1 on error, otherwise > 0.
  */
-int nfq_get_payload(struct nfq_data *nfad, char **data)
+int nfq_get_payload(struct nfq_data *nfad, unsigned char **data)
 {
 	*data = nfnl_get_pointer_to_data(nfad->data, NFQA_PAYLOAD, char);
 	if (*data)
@@ -976,6 +1012,160 @@
 	return -1;
 }
 
+#define SNPRINTF_FAILURE(ret, rem, offset, len)			\
+do {								\
+	if (ret < 0)						\
+		return ret;					\
+	len += ret;						\
+	if (ret > rem)						\
+		ret = rem;					\
+	offset += ret;						\
+	rem -= ret;						\
+} while (0)
+
+int nfq_snprintf_xml(char *buf, size_t rem, struct nfq_data *tb, int flags)
+{
+	struct nfqnl_msg_packet_hdr *ph;
+	struct nfqnl_msg_packet_hw *hwph;
+	u_int32_t mark, ifi;
+	int size, offset = 0, len = 0, ret;
+	unsigned char *data;
+
+	size = snprintf(buf + offset, rem, "<pkt>");
+	SNPRINTF_FAILURE(size, rem, offset, len);
+
+	if (flags & NFQ_XML_TIME) {
+		time_t t;
+		struct tm tm;
+
+		t = time(NULL);
+		if (localtime_r(&t, &tm) == NULL)
+			return -1;
+
+		size = snprintf(buf + offset, rem, "<when>");
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset, rem,
+				"<hour>%d</hour>", tm.tm_hour);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset,
+				rem, "<min>%02d</min>", tm.tm_min);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset,
+				rem, "<sec>%02d</sec>", tm.tm_sec);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset, rem, "<wday>%d</wday>",
+				tm.tm_wday + 1);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset, rem, "<day>%d</day>", tm.tm_mday);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset, rem, "<month>%d</month>",
+				tm.tm_mon + 1);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset, rem, "<year>%d</year>",
+				1900 + tm.tm_year);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		size = snprintf(buf + offset, rem, "</when>");
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	ph = nfq_get_msg_packet_hdr(tb);
+	if (ph) {
+		size = snprintf(buf + offset, rem,
+				"<hook>%u</hook><id>%u</id>",
+				ph->hook, ntohl(ph->packet_id));
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		hwph = nfq_get_packet_hw(tb);
+		if (hwph && (flags & NFQ_XML_HW)) {
+			int i, hlen = ntohs(hwph->hw_addrlen);
+
+			size = snprintf(buf + offset, rem, "<hw><proto>%04x"
+							   "</proto>",
+					ntohs(ph->hw_protocol));
+			SNPRINTF_FAILURE(size, rem, offset, len);
+
+			size = snprintf(buf + offset, rem, "<src>");
+			SNPRINTF_FAILURE(size, rem, offset, len);
+
+			for (i=0; i<hlen; i++) {
+				size = snprintf(buf + offset, rem, "%02x",
+						hwph->hw_addr[i]);
+				SNPRINTF_FAILURE(size, rem, offset, len);
+			}
+
+			size = snprintf(buf + offset, rem, "</src></hw>");
+			SNPRINTF_FAILURE(size, rem, offset, len);
+		} else if (flags & NFQ_XML_HW) {
+			size = snprintf(buf + offset, rem, "<hw><proto>%04x"
+						    "</proto></hw>",
+				 ntohs(ph->hw_protocol));
+			SNPRINTF_FAILURE(size, rem, offset, len);
+		}
+	}
+
+	mark = nfq_get_nfmark(tb);
+	if (mark && (flags & NFQ_XML_MARK)) {
+		size = snprintf(buf + offset, rem, "<mark>%u</mark>", mark);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	ifi = nfq_get_indev(tb);
+	if (ifi && (flags & NFQ_XML_DEV)) {
+		size = snprintf(buf + offset, rem, "<indev>%u</indev>", ifi);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	ifi = nfq_get_outdev(tb);
+	if (ifi && (flags & NFQ_XML_DEV)) {
+		size = snprintf(buf + offset, rem, "<outdev>%u</outdev>", ifi);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	ifi = nfq_get_physindev(tb);
+	if (ifi && (flags & NFQ_XML_PHYSDEV)) {
+		size = snprintf(buf + offset, rem,
+				"<physindev>%u</physindev>", ifi);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	ifi = nfq_get_physoutdev(tb);
+	if (ifi && (flags & NFQ_XML_PHYSDEV)) {
+		size = snprintf(buf + offset, rem,
+				"<physoutdev>%u</physoutdev>", ifi);
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	ret = nfq_get_payload(tb, &data);
+	if (ret >= 0 && (flags & NFQ_XML_PAYLOAD)) {
+		int i;
+
+		size = snprintf(buf + offset, rem, "<payload>");
+		SNPRINTF_FAILURE(size, rem, offset, len);
+
+		for (i=0; i<ret; i++) {
+			size = snprintf(buf + offset, rem, "%02x",
+					data[i] & 0xff);
+			SNPRINTF_FAILURE(size, rem, offset, len);
+		}
+
+		size = snprintf(buf + offset, rem, "</payload>");
+		SNPRINTF_FAILURE(size, rem, offset, len);
+	}
+
+	size = snprintf(buf + offset, rem, "</pkt>");
+	SNPRINTF_FAILURE(size, rem, offset, len);
+
+	return len;
+}
+
 /**
  * @}
  */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4 --exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh old/libnetfilter_queue-0.0.17/utils/nfqnl_test.c new/libnetfilter_queue-1.0.0/utils/nfqnl_test.c
--- old/libnetfilter_queue-0.0.17/utils/nfqnl_test.c	2009-02-17 20:27:28.000000000 +0100
+++ new/libnetfilter_queue-1.0.0/utils/nfqnl_test.c	2010-07-11 15:13:51.000000000 +0200
@@ -16,7 +16,7 @@
 	struct nfqnl_msg_packet_hw *hwph;
 	u_int32_t mark,ifi; 
 	int ret;
-	char *data;
+	unsigned char *data;
 
 	ph = nfq_get_msg_packet_hdr(tb);
 	if (ph) {


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++



Remember to have fun...

-- 
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org

    

root＠hilbert.suse.de

tags

participants (1)